hellozeronet / zeroid Goto Github PK
View Code? Open in Web Editor NEWZeroNet authentication provider
Home Page: http://127.0.0.1:43110/zeroid.bit
License: GNU General Public License v2.0
ZeroNet authentication provider
Home Page: http://127.0.0.1:43110/zeroid.bit
License: GNU General Public License v2.0
Currently, ZeroNet uses a quasi-centralized system called "certificate authorities" for user registration. In brief:
This has its obvious issues (limited spam resistance, excessive trust in provider, no portability). It is also not technologically necessary.
There is a very similar system, known as Web of Trust, used in GPG and other places. In brief:
This is very similar to the old system, except that:
In the worst possible case, this is equivalent to the old system, but under realistic assumptions, it is strictly superior. For users who are concerned about censorship, it is possible to set trust thresholds in such a way as to mimic the old system ("as long as one person has at least something positive to say about them, I want to see their messages")
While setting up an account, the username field understandably tries to convert your uppercase characters to lowercase.
Unfortunately, instead of converting it (backspacing and typing the character + 32) it ends up transforming the uppercase character and typing another lowercase one, making some very confusing usernames.
Hello,
I am having an issue with creating an ID for ZeroMail. My port 15441 is forwarded properly and I tried it in --tor always
mode as well as without that (although I prefer with it). More specifically, when I open ZeroMail and select a username it points me to ZeroID where I attempt to create a username like so: https://imgur.com/sbn1gqN I get the error that you can see at the top.
I tried going on the IRC to resolve the issue, but the only suggestion that people had was that I should double check that my ports are forwarded, which they are.
Please advise.
After a HDD crash and reinstalling ZeroNet, I no longer have the ZeroID files. As such, I can no longer access ZeroMail, etc.
Is there a recovery process....?
Wrong code: https://github.com/HelloZeroNet/ZeroID/blob/master/publisher-http/solution.php#L23
According your rule "only 0-9 and a-z are allowed in a user name", but you still allow upper case letter.
I assume my problem is related to ZeroID and not ZeroMail.
I'd like to create a second email address on ZeroMail. How do I it?
Either on ZeroMail and/or on ZeroID there should be a "switch auth" button.
I guess ZeroMail itself should also provide multiple email addresses for a single ID.
Hello!
Want to ask you about maximum ZeroID length. It seem that now it is 16 symbols.
Can it be increased ?
Thank you!
add translation for brazilian portuguese (pt-br)
Perdi el acesso a la llave privada de mi cuenta ZeroID, Si pasado un tiempo pudiera recuperarla seria maravilloso y la red se volveria mas rapida sin tantas cuentas huerfanas.
I lost access to the private key of my ZeroID account, if after a while I could recover it it would be wonderful and the network would become faster without so many orphan accounts.
I tried register user in ZeroId. I click "Get auth cert", then write username and click "Send request" it fails with notification:
Error while during request: [Exception... "" nsresult: "0x805e0006 ()" location: "JS frame :: http://127.0.0.1:43110/zeroid.bit/js/all.js :: .send :: line 9" data: no]
undefined
ZeroNet rev 3179
ZeroId.bit
Ubuntu 17.10
Downloaded using wget ZeroBundle, etc.
Wrapper message:
Error while during request: Forbidden
Please try again later.
Missing files: dbschema.json (not showing in zite folder, either.)
Port is open
Clicking update does nothing. Reloading and Rebuilding dbschema does nothing.
1 hour now, and still not updating.
Can following js library be used in an decentralized way or used on zeroid.bit clearnet server that checks newly registered identities to reduce SPAM comming from single device?
If someday my privacy key is stolen, try best to reduce data damage via this feature.
Icons:
There is a problem of SPAM in 8chan zite and in the near future SPAM will become a major issue with the grow of the 0net network.
So my suggestion is the implementation of a payment system (primarily time payment, cryptomining ) for update its free IDs (the actual IDs).
In a first phase a time payment that use a js script that mine Monero cryprocorrency:
https://github.com/cazala/coin-hive
can be used to attach to the ID from ZeroID a label with the money mined with the coin-hive js code executed in the PC of the user when he requests to update his ID to a payed level.
Coin Hive js code is a mining code for Monero cryptocorrency. It can be used to do works and earn money that goes to ZeroID owner in a cryptographic manner.
Zite like 8chan or other zite can used the ID and its label with the works done for oblige the users to not spam the forum, otherwise the user will be banned. Bot can not create a lot of IDs without doing a lot of work and a lot of electric energy trashed.
I suggest a standard work with low end desktop computer of about 60 seconds and a custom works that is measured in money (Monero) or mining work.
In the second phase ZeroID user can upgrade their IDs directly with Monero.
The Cryptomoney earned by ZeroID go to the project but the mining money will be very low, i suppose.
The zite like 8chan will have a good antiSPAM system for free. Every zite can set the level of mining works (the label attach to the ID) that a ID must have to use their zite/forum. Monero is anonymous.
I see some hardlnks into clearnet in the sources.
It's very bad when such an important task as user identification is provided by some outside authority and not by ZeroMet itself.
Is there already work being done to make ZeroID independent of centralized server?
And I think the fact that ZeroID goes outside should be properly disclosed on the page. (Especially if it's by design)
Error: Error while during request: Forbidden
Referer error.
There is include("ratelimit.php")
but no ratelimit.php
file in this repository. Can I get it somewhere for tests?
Signature format:
"python zeronet.py --debug cryptSign %s#bitmsg/%s %s 2>&1" % (auth_address, user_name, config.site_privatekey)
The first %s
is obviously the user's public key. After that it is the portal type. The second %s
is the user name.
Certificate format:
data["users"][user_name] = "bitmsg,%s,%s" % (auth_address, sign)
The first item is certainly the portal type. The second item is the user's public key. The third item is the signature. The signature seems to be a signed message digest, so the whole message must be reconstructed in order to verify a signature (Is it Schnorr-SHA256?)
One possible way of adding additional fields to the certificate (i.e. registration time) is to append these information to the portal type or the user name, but I don't know how ZeroNet interprets the certificate.
I.
When zeroid could save an url (1) from the user,
other services like e.g. zerotalk could use this info from zeroid
to make the username clickable with this url
the url is in most of the cases a ZN address,
where the user details more info (blog, homepage, gpg key, hobbies, ...)
so e.g. ideas like this would be possible: HelloZeroNet/ZeroTalk#13
II.
this feature would need:
adding url
editing url in future
deleting url (deleting is a sub case of editing)
(1) it must be not a complete url, but only everything that comes after http://127.0.0.1:43110/
For example:
1- User come from ZeroMe and this step is recorded
2- User creates a ID
3- User will have a button to return to ZeroMe (latest site)
Hello. I tried to register the second username today and got a "Network full, please try again later." error. I asked people at ZeroTalk and someone told me they got the same error when they tried registering after 8chan collapse. So it looks like "Network full" means that, uh, ZeroID network is full. If I guessed correctly, can we increased that limit or remove it completely? This might and will cause problems in future. If not, what is the reason and can I fix it locally somehow?
I'm using Tor Browser if that matters, by the way.
Hello.
I have:
users.json
)master_seed
from users.json
users.json
and Zeronet is started with --multiuser_local
optionJust want to have an ability to convert my single-user local identity to multiuser one.
Not sure it was best place to post this, but I can't figure out where is better one, but it looks like ZeroNet itself recognizes old single-user identity correctly (I can be wrong though).
Thank you!
Maybe add some documentation on the format ZeroID uses? I looked through code and can't find any information about new certs_*.json
in this repository.
It gets stuck on loading users data (2/2)
console log below:
Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified 2
Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). 6 utils.js:35:9
Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). 3 content_script.js:119:34
Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). 3 content_script.js:119:34
Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified 10
[Wrapper] Created! all.js:1973:26
WrapperZeroFrame
Object { reloadIframe: bind(), setSizeLimit: bind(), updateModifiedPanel: bind(), sitePublish: bind(), siteSign: bind(), onWrapperLoad: bind(), onPageLoad: bind(), onCloseWebsocket: bind(), onOpenWebsocket: bind(), handleMessage: bind()
, … }
all.js:2015:15
[ZeroWebsocket] Not connected, adding message to queue all.js:148:26
Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified 2
Content Security Policy: The page’s settings blocked the loading of a resource at data:application/font-woff2;charset=utf-… (“default-src”). 3 Readerable.jsm:136:2
Content Security Policy: The page’s settings blocked the loading of a resource at data:application/font-woff;charset=utf-8… (“default-src”). 6 Readerable.jsm:136:2
[ZeroWebsocket] Open all.js:148:26
[Wrapper] onPageLoad all.js:1973:26
Pixi.js 3.0.3 - WebGL - http://www.pixijs.com/ all.js:21:24407
Start all.js:698:15
[ZeroFrame] Websocket callback not found:
Object { cmd: "response", to: 1000000, result: "ok", id: 2 }
all.js:472:26
[Wrapper] Setting title to ZeroID - ZeroNet all.js:1973:26
[ZeroFrame] Status: Loading users data (1/2)... all.js:472:26
[ZeroFrame] Status: Loading users data (2/2)... all.js:472:26
[ZeroFrame]
Array [ "file_started", true ]
Object { cmd: "setSiteInfo", params: {…}, id: 7 }
all.js:472:26
Source map error: Error: NetworkError when attempting to fetch resource.
Resource URL: moz-extension://b9bd5f6d-f726-4acb-85ef-de8926f62432/libs/lodash.min.js
Source Map URL: lodash.min.js.map
[Loading] hideProgress all.js:767:26
[ZeroFrame]
Array [ "file_failed", "data/users.json" ]
Object { cmd: "setSiteInfo", params: {…}, id: 8 }
all.js:472:26
[ZeroFrame] Unknown command
Object { cmd: "setServerInfo", params: {…}, id: 9 }
all.js:472:26
TypeError: JSON.parse(...) is null
all.js:1095:24
reloadUsers http://127.0.0.1:43110/zeroid.bit/js/all.js?lang=en:1095
onMessage http://127.0.0.1:43110/zeroid.bit/js/all.js?lang=en:415
bind http://127.0.0.1:43110/zeroid.bit/js/all.js?lang=en:379
[Loading] hideProgress all.js:767:26
[ZeroFrame]
Array [ "peers_added", 3 ]
Object { cmd: "setSiteInfo", params: {…}, id: 11 }
torrc file can have HashedControlPassword set to protect the control port from an unauthorized access. ZeroNet needs to support the corresponding command line option and pass it to the control port.
See the control port spec: https://gitweb.torproject.org/torspec.git/tree/control-spec.txt
how to change name?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.