Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/monokrome/slick

Easy to use secure file sending & chatting using TOR
https://github.com/monokrome/slick

Last synced: 18 days ago
JSON representation

Easy to use secure file sending & chatting using TOR

Host: GitHub
URL: https://github.com/monokrome/slick
Owner: monokrome
Created: 2018-12-28T18:38:38.000Z (almost 6 years ago)
Default Branch: master
Last Pushed: 2022-12-26T20:51:46.000Z (almost 2 years ago)
Last Synced: 2024-10-17T10:17:07.726Z (29 days ago)
Language: Python
Homepage:
Size: 30.3 KB
Stars: 1
Watchers: 3
Forks: 0
Open Issues: 7
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

        # Slick

**Easy to use secure file sending**

Slick makes it easy to send files or chat between two people. It is end-to-end encrypted, and uses HTTPS as its transport.

## Installation

Using python 3.7, run:

`pip install slick-app`

## Usage

To start slick, run `slick`. Running `/help` you'll get:

```

/list           -- show active friends and nearby people

/add  [subject] -- add a person

/talk [subject] -- talk to someone

/end            -- stop talking to someone

/quit           -- quit the program

/send           -- send a file

/get            -- get a file

/info

```

### Adding a friend

To add a friend, use the `/add` command. They will need to approve the request on their side by adding you back.

### Interacting with a friend

To interact with a specific friend, use `/talk [name]`

### Chatting

Once you're interacting with a friend, anything you type without a leading slash will be interpretted as chatting.

### Sending a file

To send a file, use `/send`

### Receiving a file

To receive a file, use `/get #`

## Design

At a high level, Slick allows encrypted communication between two parties. It accomplishes this by running two servers which are then made available over tor, the **certificate server** and the **talk server**. It distributes information on how to communicate via **multicast DNS**.

Slick advertizes for the following over **multicast DNS**:

1. A NaCL public key (https://nacl.cr.yp.to/box.html)

2. A SHA-256 digest of your HTTPS certificate

3. The onion address of the **certificate server**

The **certificate server** uses HTTP, and expects data encoded with the public key advertized over multicast DNS. Data sent to this server is used to request access to your **talk server**. The following data is sent:

1. The certificate of the user requesting access

2. The name of the user requesting access

3. The NaCL public key of the user requesting access

Once both parties mutually accept the certificates, then communication is performed over the **talk server**. The talk server is made available as an onion service. The address for this onion service is encoded in the certificate. HTTPS with mutual TLS is used to identity and authenticate users.