~dr|z3d
@RN
@RN_
@StormyCloud
@T3s|4_
@eyedeekay
@orignal
@postman
@zzz
%Liorar
+FreefallHeavens
+Xeha
+bak83_
+cumlord
+hk
+profetikla
+uop23ip
Arch
DeltaOreo
FreeRider
Irc2PGuest19353
Irc2PGuest22478
Irc2PGuest48042
Irc2PGuest64530
Meow
Nausicaa
Onn4l7h
Onn4|7h
Over1
acetone_
anon4
anu3
boonst
juoQuua9
mareki2pb
not_bob_afk
plap
poriori_
shiver_1
simprelay
solidx66
thetia
tr
u5657
weko_
orignal
zzz, you have to make these changes on I2CP client side?
zzz
yeah I made fixes on both sides, belt-and-suspenders
Irc2PGuest11348
been reading here over the past couple days and excited to think that possibly the oldes bugs holding back i2p might be getting found out right bout now.
Irc2PGuest11348
just wanna sey big kudos to all involved
zzz
maybe. it is easier to find bugs when things are otherwise running well and there's no big attacks in progress
dr|z3d
speaking of attacks, you seeing those no-version routers all over, zzz?
zzz
no
dr|z3d
interesting. eyedeekay says he's also seeing them en mass.
dr|z3d
I noticed them a couple of days ago, still seeing them at ~4 new routers/min.
Irc2PGuest11348
yeah, calm times r good, measured optimism on my end that more reliable times ahead anyway. WOAH 4 per minute!
Irc2PGuest11348
thats would be like 50k
orignal
what fix should be on router side?
orignal
becuase I see no room to fix it in my I2CP code
zzz
on router side I'm bypassing the newer-check for local leaseset storage
orignal
what do you need local leaseset storage for?
orignal
something I missed in my I2CP implemnetation
zzz
we store local leasesets in our local netdb
orignal
what for?
orignal
if it non-solicted
zzz
so we can send it to floodfills
orignal
it's not netdb
orignal
it's your local LS you publish to floodfiils
zzz
that's the way we do it. blame jrandom
orignal
sec
orignal
do you store local LS in netdb if you are a floodfill?
orignal
and do you reply with it if being requested?
zzz
yes. but remember we have subdbs now. local LS does not go in main db
orignal
so, I need to wait for a new reslease to have it fixed for snark
zzz
yeah just waiting for the MR to get approved then I'll merge it
orignal
another question
orignal
what if you publish more than 2 times per second
orignal
and eery time you add a second
orignal
do you have a cap for it?
zzz
there's no cap on generating leasesets, but we have a cap on publishing, once every 3 seconds I think
orignal
then what happen if you have too many leaset updates
orignal
say 10 per second
zzz
then the last one will have a publish date 10 sec in the future
orignal
and it keep gorwin
orignal
than a mintute in future, etc.
orignal
btw, my threshold is 2 minutes when I receive LS
orignal
if publihed time is more than 2 minutes in future I drop
Irc2PGuest11348
The curious case of b32.i2p vs i2p... hey all, i'm meditating on whether i2p should alert to changes in the b32 in the address book. It seems b32s change rarely, i wonder if...
Irc2PGuest11348
the system should log b32 changes with a date
Irc2PGuest11348
a little alert error might appear when accessing the site to inform that it changed...
Irc2PGuest11348
Maybe on dashboard, a single sentence "Since X (earliest date), N b32 i2p addresses have changed. Click to be informed of changes."
Irc2PGuest11348
I'm trying to establish (or determine for myself) some basic i2p best practices. maybe theres a way to sign a b32 change to make such a manual process redundant/easy to approve?
Irc2PGuest11348
ie. sign the change with the old key?
Irc2PGuest11348
when i say "little alert error" maybe i can did through 4XX or 5XX error codes and find something that related to "unverified (on-first-use) encryption key"
Irc2PGuest11348
maybe someone thought about this in the 90s ????
dr|z3d
check your addressbook logs, throstle.
dr|z3d
~/.i2p/addressbook/log.txt
dr|z3d
once a hostname is mapped to an address, any attempt to change it will cause an error in the logs.
darius
sounds like a good starting point, have multiple things going rn, bb soon
dr|z3d
that gradle 9 related error is back in your buildbot, eyedeekay. git.idk.i2p/i2p-hackers/i2p.i2p/-/pipelines/1937/failures
eyedeekay
log says that bintray is 502, that's weird, will take a look
Snowflakes
exprz6eyuops3puimbz47uch37ce7sldswq2ogmbdt2aucw5hv3a.b32.i2p:80
dr|z3d
tell us what your site's about, Snowflakes
dr|z3d
ah, another chan.
Snowflakes
chan of expriment clan
Snowflakes
raq53hlu7iivsd2cjfrae6ynxp5kjnwbkvz4owjw2sepldagtg5q.b32.i2p pleroma
darius
fediverse nice, Snowflakes.... i'd run a mitra server and bloatFE (front-end) if i could, if bloat was written in rust i'd probably be running it right now
darius
mitra is a fediverse server writtn in rust that allows subscriptions with crypto
Snowflakes
Pleroma have /relay page for join instances, but I not tested yet
Snowflakes
subscriptions to posts?
Snowflakes
Users of I2P not love JavaScript
darius
if you mark a post as subscribers only then only people donatin g can see it yea, most people dont do this.
Snowflakes
got it. interesting
darius
yeah its a nice instance an less demanding on the server, it won't poll for updates from the server unless you click something, way better than mastadon
darius
Snowflakes> U"sers of I2P not love JavaScript " yeah thats why i would recommend bloatFE if it was written in rust, zero js, max social, are you federating with other i2p instances with pleroma?
Snowflakes
No yet
darius
apparently mitra is designed to federate over tor/i2p but i havent seen anyone doing it
darius
dr|z3d> "once a hostname is mapped to an address, any attempt to change it will cause an error in the logs" interesting thx, i don't have any "errors" listed per se but do have "Invalid b64" and "Additional address for" logs, I dont remember any alerts in my UX re "invalid b64" but in those cases ignoring seems reasonable. So is the only reason there are no alerts about changing b32s because, whenever they
darius
*were* changed, they were changed in a 'proper way' so to speak? is it because a sneaky attempt to change the address in an improper way has never been allowed to happen from the server(s) giving me new addresses? if a host were to try to change a b32 in a bad way how does i2p translate any possible error in the logs to something actionable for the i2p user? is this documented/shown somewhere? I'm just curios
dr|z3d
there's nothing to stop anyone changing a b32 if you use the b32 to access the site.
dr|z3d
otoh, if someone attempts to change the mapping/address of an existing hostname (that you have in your addressbook), then you'll see a proxy error.
dr|z3d
that usually happens with an addressbook helper link.. you can try for yourself to see the result.
dr|z3d
from your addressbook, copy an addresshelper link, paste into your browser addressbar, and change one character of the B64 in the link.. then you should see a proxy error warning.
darius
"proxy error" ok, thanks and they can be triggered by a sneaky link like you've mentioned, or buy a name server that tries to change a b32?
dr|z3d
if a hostname registrar attempts to change the b64 of an address already in your book, it will fail.
dr|z3d
if someone publishes an addressbookhelper link with a bogus address for an existing hostname in your addressbook, you'll be confronted with a proxy warning if you click on the link.
darius
ok so the registrars can ONLY add "Additional address for" services? yes? Now, can they "add" an a bad address or do added addresses need to be cryptographically signed by the previous b32 for a router to accept it??
dr|z3d
reg.i2p supports updating/revoking addresses that are authenticated by the owner afaik, though I don't think the addressbook will update its entry as a result.
dr|z3d
otherwise, the owner of an address can add an additional address if they're using a DSA address, which requires authentication, and that will cause the address in your addressvook to be updated with an additional associated address for the hostname.
dr|z3d
I *think* that covers the various scenarios.
darius
"if they're using a DSA address" interesting i'll need to research this and how i2p keys may or may not allow for this dsa signing(?). i think it would be good info to know especially for services that you might want to have multiple friends running for redundancy
darius
each with there own address signed by the original webmster
darius
Blinded message
dr|z3d
you don't want a DSA key.
dr|z3d
it's legacy, obsolete.
darius
ah remember now it EC-[DR?]SA?
dr|z3d
> As of release 0.9.12, the router supports additional signature algorithms that are more secure than 1024-bit DSA. The first usage was for Destinations; support for Router Identities was added in release 0.9.16. Existing Destinations cannot be migrated from old to new signatures; however, there is support for a single tunnel with multiple Destinations, and this provides a way to switch to newer signature types.
dr|z3d
Signature type is encoded in the Destination and Router Identity, so that new signature algorithms or curves may be added at any time.
orignal
why there are so many "N" routers in the network?
orignal
I see them almost in every tunnel