https://github.com/wofwca/snowflake-rendezvous-email-chatbot

Email chatbot for Snowflake rendezvous
https://github.com/wofwca/snowflake-rendezvous-email-chatbot

censorship-circumvention deltachat deltachat-bot snowflake webrtc

Last synced: about 1 month ago
JSON representation

Email chatbot for Snowflake rendezvous

• Host: GitHub
• URL: https://github.com/wofwca/snowflake-rendezvous-email-chatbot
• Owner: WofWca
• License: apache-2.0
• Created: 2024-06-13T09:59:56.000Z (8 months ago)
• Default Branch: master
• Last Pushed: 2024-07-22T13:01:11.000Z (7 months ago)
• Last Synced: 2025-01-11T07:55:25.094Z (about 1 month ago)
• Topics: censorship-circumvention, deltachat, deltachat-bot, snowflake, webrtc
• Language: HTML
• Homepage:
• Size: 19.5 KB
• Stars: 0
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# snowflake-rendezvous-email-chatbot

Email chatbot for [Snowflake](https://snowflake.torproject.org/) rendezvous.

This is just a proof-of-concept project and it is not currently useful.  

Snowflake client does not currently implement

automatic email rendezvous,

nor does it implement a generic way to print the offer to the user

and receive the answer from them (see

[this comment](https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/25594#note_2823395)

and

[this commit](https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/commit/622005c79ed2e9f444d75dba90b3ee52fdc82a37)

).

Basically it is a [WebRTC signaling](https://webrtcforthecurious.com/docs/02-signaling/)

server.

A client sends its WebRTC offer by email to request a proxy,

to which this bot will respond with a proxy's WebRTC answer

that it gets from

[the original Snowflake broker](https://snowflake-broker.torproject.net/).

Currently Snowflake uses

[other rendezvous methods](https://www.bamsoftware.com/papers/snowflake/#rendezvous)

in production.

This bot implements an alternative rendezvous method as described in

[the Snowflake paper](https://www.bamsoftware.com/papers/snowflake/#n-16).

For historical reference, rendezvous through email is nothing new.

[It was employed by Flash proxy](https://www.bamsoftware.com/papers/snowflake/#n-16),

which is another (now deprecated) censorship circumvention network

similar to Snowflake, which Snowflake was inspired by.

The Flash proxy's email rendezvous code is much more fleshed-out

than this project (e.g. emails are always encrypted there),

so, for future development it's worth examining their code.

## How to use

### Docker

1. Build the image

    ```bash

    docker build -t snowflake-rendezvous-email-chatbot .

    ```

2. Start the container

    ```bash

    docker run \

        --name=snowflake-rendezvous-email-chatbot-instance-1 \

        --restart=unless-stopped \

        snowflake-rendezvous-email-chatbot

    ```

    `--restart=unless-stopped` ensures that the container restarts

    e.g. on server reboot. You can omit it.

3. Open another terminal and register an email address on the bot.

    This will store the credentials inside the container.

    Make sure to put a space before the command so that it's not saved in bash history:

    ```bash

     docker exec snowflake-rendezvous-email-chatbot-instance-1 \

        sh -c "python ./chatbot.py init [email protected] PASSWORD"

    ```

    You can make the bot work on several email addresses

    by executing this command once for each address.

4. Let the bot start

    ```bash

    docker exec snowflake-rendezvous-email-chatbot-instance-1 sh -c 'rm wait-for-init.txt'

    ```

### Raw

1. Install dependencies

    ```bash

    pip install -r requirements.txt

    ```

2. Register an email address on the bot:

    ```bash

    ./chatbot.py init [email protected] PASSWORD

    ```

3.

    * Then you can run all registered email addresses:

        ```bash

        ./chatbot.py serve

        ```

    * Or you can only run one:

        ```bash

        ./chatbot.py. --account [email protected] serve

        ```

## Test

[Click to test](mailto:[email protected]?body=1.0%0A%7B%22offer%22%3A%22%7B%5C%22sdp%5C%22%3A%5C%22v%3D0%5C%5Cr%5C%5Cno%3D-%20123456789%20987654321%20IN%20IP4%200.0.0.0%5C%5Cr%5C%5Cns%3D-%5C%5Cr%5C%5Cnt%3D0%200%5C%5Cr%5C%5Cna%3Dfingerprint%3Asha-256%2012%3A34%5C%5Cr%5C%5Cna%3Dextmap-allow-mixed%5C%5Cr%5C%5Cna%3Dgroup%3ABUNDLE%200%5C%5Cr%5C%5Cnm%3Dapplication%209%20UDP%2FDTLS%2FSCTP%20webrtc-datachannel%5C%5Cr%5C%5Cnc%3DIN%20IP4%200.0.0.0%5C%5Cr%5C%5Cna%3Dsetup%3Aactpass%5C%5Cr%5C%5Cna%3Dmid%3A0%5C%5Cr%5C%5Cna%3Dsendrecv%5C%5Cr%5C%5Cna%3Dsctp-port%3A5000%5C%5Cr%5C%5Cna%3Dice-ufrag%3ACoVEaiFXRGVzshXG%5C%5Cr%5C%5Cna%3Dice-pwd%3AaOrOZXraTfFKzyeBxIXYYKjSgRVPGhUx%5C%5Cr%5C%5Cna%3Dcandidate%3A1000%201%20udp%202000%208.8.8.8%203000%20typ%20host%5C%5Cr%5C%5Cna%3Dend-of-candidates%5C%5Cr%5C%5Cn%5C%22%2C%5C%22type%5C%22%3A%5C%22offer%5C%22%7D%22%2C%22nat%22%3A%22unrestricted%22%2C%22fingerprint%22%3A%222B280B23E1107BB62ABFC40DDCC8824814F80A72%22%7D)

The email provider might mess up the formatting of the email. In that case, try [a base64-encoded one](mailto:[email protected]?body=MS4wCnsib2ZmZXIiOiJ7XCJzZHBcIjpcInY9MFxcclxcbm89LSAxMjM0NTY3ODkgOTg3NjU0MzIxIElOIElQNCAwLjAuMC4wXFxyXFxucz0tXFxyXFxudD0wIDBcXHJcXG5hPWZpbmdlcnByaW50OnNoYS0yNTYgMTI6MzRcXHJcXG5hPWV4dG1hcC1hbGxvdy1taXhlZFxcclxcbmE9Z3JvdXA6QlVORExFIDBcXHJcXG5tPWFwcGxpY2F0aW9uIDkgVURQL0RUTFMvU0NUUCB3ZWJydGMtZGF0YWNoYW5uZWxcXHJcXG5jPUlOIElQNCAwLjAuMC4wXFxyXFxuYT1zZXR1cDphY3RwYXNzXFxyXFxuYT1taWQ6MFxcclxcbmE9c2VuZHJlY3ZcXHJcXG5hPXNjdHAtcG9ydDo1MDAwXFxyXFxuYT1pY2UtdWZyYWc6Q29WRWFpRlhSR1Z6c2hYR1xcclxcbmE9aWNlLXB3ZDphT3JPWlhyYVRmRkt6eWVCeElYWVlLalNnUlZQR2hVeFxcclxcbmE9Y2FuZGlkYXRlOjEwMDAgMSB1ZHAgMjAwMCA4LjguOC44IDMwMDAgdHlwIGhvc3RcXHJcXG5hPWVuZC1vZi1jYW5kaWRhdGVzXFxyXFxuXCIsXCJ0eXBlXCI6XCJvZmZlclwifSIsIm5hdCI6InVucmVzdHJpY3RlZCIsImZpbmdlcnByaW50IjoiMkIyODBCMjNFMTEwN0JCNjJBQkZDNDBERENDODgyNDgxNEY4MEE3MiJ9).

You might have to try a few times to get an actual answer.

The above links use a dummy offer that can still work to get an answer.

If you want to make a real offer and actually connect to a Snowflake proxy,

go [here](https://wofwca.github.io/snowflake-rendezvous-email-chatbot/test-connection-page).

Another instance is available at ,

but it can only send encrypted emails.

You can use it with [Delta Chat messenger](https://delta.chat/).

## How it works

If below you see a block of text instead of a diagram, go [here](https://mermaid.ink/img/pako:eNq9VU1v2zAM_SusLt2wOAN2NIqg6Ae2nhag2WXIRbHpWI0terLcxCj630dJduPECXpZl5NEUe-9kE_0i0goRRGLGv80qBO8U3JtZLnUwL9KGqsSVUlt4VHTNivkBiEpFGo7zvhVowFZjzKh4YOQ7lOi2ezLKCmGeYGyRlijRiMtXq3MTPYIlGU9hEyseuZzjxVCI0Jm8Mcx3I7u7yW41WUNWEpVAK-f3YV7v8sMlV72dSt1irupaZweS5Dk0q7IXuNOllWB04RKd5KQtlJppdcnJJ8gCgpuA9h_kDDsU8_KreqXStdWcvdD8ilZB4I_XuONoc2xm1Y-5mA-1X0wCsGpJVMZesLETjXaz4f_w0sPiDF8v1_A1458RWkbw9VQymysZW5o1zopNZU40FO5eEjv5Hoinx7DDzTITT-0sBOfkYGWGuAq-dIe2XoeUEM0UDNs9Kb_52YCD5dF1xewuao7CgeeB9ayDepA6nrb13cvMto38gEyanTqFclwaTIAsjkqcwJrUNrofRufcQNXYGyegUXO0x47M3r3Mf8zCWcec9QNnI-i9DNtPDQPk8-Ow6h35fzbHJhL80NRpC9gkXc-hq1iT_HN_ti13gt1RnXrBfuW39aWzOYiEKV47NqjaBjRYiJKNFyXlL8zLy5pKRiwxKWIeZliJpvCLsVSv3KqbCw9tjoRsTUNToShZp2LOJNFzbumShm4-0i9RfmZ_ibq969_ASHZZsk?type=png).

```mermaid

sequenceDiagram

    participant Snowflake client

    participant User as Snowflake client user

    User ->>+ Snowflake client: Please generate
a client offer

    activate User

    Snowflake client ->> User: Client offer

    User ->>+ User's email server: Email from [email protected]
to [email protected]
containing client offer

    User's email server ->>+ Chatbot email server: Email from [email protected]
to [email protected]
containing client offer

    participant Chatbot as Chatbot instance

    Chatbot email server ->>+ Chatbot: Email from [email protected]
to [email protected]
containing client offer

    participant Broker as Snowflake broker
(snowflake-broker.torproject.net)

    Chatbot ->>+ Broker: GET /client body: 

    participant Proxy as some Snowflake proxy

    Broker ->>+ Proxy: Here's a client offer
for you to serve

    activate Proxy

    Proxy ->>- Broker: Ok, I'll serve this client
here's my proxy answer

    Broker ->>- Chatbot: I found you a proxy,
here's their proxy answer

    Chatbot ->>- Chatbot email server: Email from [email protected]
to [email protected]
containing proxy answer

    Chatbot email server ->>- User's email server: Email from [email protected]
to [email protected]
containing proxy answer

    User's email server ->>- User: Email from [email protected]
to [email protected]
containing proxy answer

    User ->> Snowflake client: proxy answer

    Snowflake client ->- Proxy: P2P connection! The proxy will now connect the user to the Tor network!

    deactivate Proxy

    deactivate User

```

## Why

(in my understanding)

Email remains on of the most censorship-resistant channels,

due to low censorship circumvention utility for users

(compared to, let's say, VPNs),

and therefore low interests of censors in blocking it.

Also it's high-collateral as it is used by nearly everyone.