Welcome to GNUnet’s documentation!

• About GNUnet
  • Project governance
  • Philosophy
    • Design Principles
    • Privacy and Anonymity
    • Practicality
  • Key Concepts
    • Authentication
    • Accounting to Encourage Resource Sharing
    • Confidentiality
    • Anonymity
      • How file-sharing achieves Anonymity
      • How messaging provided Anonymity
    • Deniability
    • Peer Identities
    • Zones in the GNU Name System (GNS Zones)
    • Egos
• Installation
  • Dependencies
  • Getting the Source Code
  • Create user and groups for the system services
  • Preparing and Compiling the Source Code
    • NSS plugin (optional)
    • Installing the GNS Certificate Authority (Optional)
  • Minimal configuration
• User Manual
  • Starting and stopping
  • The GNU Name System
    • Start Zones
      • Remote
      • Local
      • Zone Top-Level-Domains
    • Local zone maintenance
      • Orphaning
      • Records
      • Revocation
      • Backup
      • Large Zones
    • Application integration
      • Integration with Browsers (DNS2GNS service)
      • Integration with Browsers (SOCKS proxy)
      • NSS plugin
    • Zone dissemination
      • The .pin zone
      • Be Social
      • Creating a business card
      • The GNUnet default Start Zones
    • Resource Records
      • VPN
    • DNS Migration
      • Zoneimport
      • Zonefile
      • Ascension
  • re:claimID
    • Managing Attributes
    • Managing Credentials
    • Sharing Attributes with Third Parties
    • Revoking Authorizations of Third Parties
    • OpenID Connect
    • Providing Third Party Attestation
  • File-sharing
    • Searching
    • Downloading
    • Publishing
    • Indexing vs Inserting
    • Concepts
      • Files
      • Keywords
      • Directories
      • Egos and File-Sharing
      • Namespaces
      • Advertisements
      • Anonymity level
      • Content Priority
      • Replication
    • Namespace Management
      • Creating Egos
      • Deleting Egos
    • File-Sharing URIs
      • Encoding of hash values in URIs
      • Content Hash Key (chk)
      • Location identifiers (loc)
      • Keyword queries (ksk)
      • Namespace content (sks)
  • Virtual Public Network
    • Setting up an Exit node
    • Fedora and the Firewall
    • Setting up VPN node for protocol translation and tunneling
  • Messenger
    • Current state
    • Entering a room
    • Opening a room
    • Messaging in a room
    • Private messaging
  • Advanced Configuration
    • Config file format
    • The Single-User Setup
    • The Multi-User Setup
    • Access Control for GNUnet
      • Recommendation - Disable access to services via TCP
      • Recommendation - Run most services as system user "gnunet"
      • Recommendation - Control access to services using group "gnunet"
      • Recommendation - Limit access to certain SUID binaries by group "gnunet"
      • Recommendation - Limit access to critical gnunet-helper-dns to group "gnunetdns"
      • Differences between "make install" and these recommendations
    • Configuring the Friend-to-Friend (F2F) mode
    • Configuring the hostlist to bootstrap
    • Disable default bootstrap (private network)
    • Manually connecting peers
    • Configuration of the HOSTLIST proxy settings
    • Configuring your peer to provide a hostlist
    • Configuring the datastore
    • Configuring the MySQL database
    • Reasons for using MySQL
    • Reasons for not using MySQL
    • Setup Instructions
    • Testing
    • Performance Tuning
    • Setup for running Testcases
    • Configuring the Postgres database
    • Reasons to use Postgres
    • Reasons not to use Postgres
    • Manual setup instructions
    • Testing the setup manually
    • Configuring the datacache
    • Configuring the file-sharing service
    • Configuring logging
    • Configuring the transport service and plugins
    • Configuring the WLAN transport plugin
      • Requirements for the WLAN plugin
      • Configuration
      • Before starting GNUnet
      • Limitations and known bugs
    • Configuring HTTP(S) reverse proxy functionality using Apache or nginx
      • Reverse Proxy - Configure your Apache2 HTTP webserver
      • Reverse Proxy - Configure your Apache2 HTTPS webserver
      • Reverse Proxy - Configure your nginx HTTPS webserver
      • Reverse Proxy - Configure your nginx HTTP webserver
      • Reverse Proxy - Configure your GNUnet peer
    • Blacklisting peers
    • Configuration of the HTTP and HTTPS transport plugins
    • Configuring the GNUnet VPN
      • IPv4 address for interface
      • IPv6 address for interface
      • Configuring the GNUnet VPN DNS
      • Configuring the GNUnet VPN Exit Service
      • IP Address of external DNS resolver
      • IPv4 address for Exit interface
      • IPv6 address for Exit interface
    • Bandwidth Configuration
    • Configuring NAT
    • Peer configuration for distributors (e.g. Operating Systems)
• Developer Handbook
  • Contributing
    • Licenses of contributions
    • Copyright Assignment
    • Contributing to the Reference Manual
    • Contributing testcases
  • Style and Workflow
    • Naming conventions
      • Header files
      • Binaries
      • Logging
      • Symbols
      • Tests
      • src subdirectories
    • Coding style
    • Continuous integration
    • Commit messages and developer branches
  • Repository Structure
    • src Overview
  • libgnunetutil
  • System Architecture
    • Internal dependencies
    • Subsystem stability
    • Basic Services
      • STATISTICS — Runtime statistics publication
        • Statistics retrieval
        • Setting statistics and updating them
        • Watches
          • The STATISTICS Client-Service Protocol
        • Statistics retrieval
        • Setting and updating statistics
        • Watching for updates
      • ATS — Automatic transport selection
      • TRANSPORT — Overlay transport management
        • Address validation protocol
        • NAT library
        • Distance-Vector plugin
        • SMTP plugin
        • Why use SMTP for a peer-to-peer transport?
        • How does it work?
        • How do I configure my peer?
        • How do I test if it works?
        • How fast is it?
        • Bluetooth plugin
        • What do I need to use the Bluetooth plugin transport?
        • How does it work2?
        • What possible errors should I be aware of?
        • How do I configure my peer2?
        • How can I test it?
        • The implementation of the Bluetooth transport plugin
          • Linux functionality
          • THE INITIALIZATION
          • THE LOOP
          • Details about the broadcast implementation
          • Pending features
        • WLAN plugin
      • TRANSPORT-NG — Next-generation transport management
        • Design goals of TNG
        • HELLO-NG
        • Priorities and preferences
        • Communicators
      • HOSTLIST — HELLO bootstrapping and gossip
        • HELLOs
        • Overview for the HOSTLIST subsystem
          • Features
          • HOSTLIST - Limitations
        • Interacting with the HOSTLIST daemon
        • Hostlist security address validation
          • The HTTP Server
          • Advertising the URL
        • The HOSTLIST client
          • Bootstrapping
        • Usage
      • PEERINFO — Persistent HELLO storage
        • PEERINFO - Features
        • PEERINFO - Limitations
        • DeveloperPeer Information
        • Startup
        • Managing Information
        • Obtaining Information
        • The PEERINFO Client-Service Protocol
          • Connecting to the PEERINFO Service
          • Adding Information to the PEERINFO Service
          • Obtaining Information from the PEERINFO Service
      • PEERSTORE — Extensible local persistent data storage
        • Functionality
        • Architecture
      • CORE — GNUnet link layer
        • When is a peer "connected"?
        • The CORE Client-Service Protocol
          • Setup2
          • Notifications
          • Sending
        • The CORE Peer-to-Peer Protocol
          • Creating the EphemeralKeyMessage
          • Establishing a connection
          • Encryption and Decryption
          • Type maps
      • NSE — Network size estimation
        • Motivation
          • Example
          • Algorithm
          • Target value
          • Timing
          • Controlled Flooding
          • Calculating the estimate
          • Results
          • Examples
        • The NSE Client-Service Protocol
        • The NSE Peer-to-Peer Protocol
      • DHT — Distributed Hash Table
        • Block library and plugins
          • What is a Block?
          • The API of libgnunetblock
          • Queries
          • Sample Code
          • Conclusion2
          • GET
          • PUT
          • MONITOR
          • DHT Routing Options
        • The DHT Client-Service Protocol
          • PUTting data into the DHT
          • GETting data from the DHT
          • Monitoring the DHT
        • The DHT Peer-to-Peer Protocol
          • Routing GETs or PUTs
          • PUTting data into the DHT
          • GETting data from the DHT
      • REGEX — Service discovery using regular expressions
        • How to run the regex profiler
      • CADET — Confidential Ad-hoc Decentralized End-to-end Transport
      • RPS — Random peer sampling
        • Brahms
    • Peer-to-Peer Set Operations
      • SET — Peer to peer set operations (Deprecated)
        • Local Sets
        • Set Modifications
        • Set Operations
        • Result Elements
          • Sets
          • Listeners
          • Operations
          • Supplying a Set
          • The Result Callback
        • The SET Client-Service Protocol
          • Creating Sets
          • Listeners
          • Initiating Operations
          • Modifying Sets
          • Results and Operation Status
          • Iterating Sets
        • The SET Intersection Peer-to-Peer Protocol
          • The Bloom filter exchange
          • Salt
        • The SET Union Peer-to-Peer Protocol
      • SETI — Peer to peer set intersections
        • Intersection Sets
        • Set Intersection Modifications
        • Set Intersection Operations
        • Intersection Result Elements
          • Intersection Set API
          • Intersection Listeners
          • Intersection Operations
          • Supplying a Set for Intersection
          • The Intersection Result Callback
        • The SETI Client-Service Protocol
          • Creating Intersection Sets
          • Listeners for Intersection
          • Initiating Intersection Operations
          • Modifying Intersection Sets
          • Intersection Results and Operation Status
        • The SETI Intersection Peer-to-Peer Protocol
          • The Bloom filter exchange in SETI
          • Intersection Salt
      • SETU — Peer to peer set unions
        • Union Sets
        • Set Union Modifications
        • Set Union Operations
        • Union Result Elements
          • Union Set API
          • Union Listeners
          • Union Operations
          • Supplying a Set for Union
          • The Union Result Callback
        • The SETU Client-Service Protocol
          • Creating Union Sets
          • Listeners for Union
          • Initiating Union Operations
          • Modifying Union Sets
          • Union Results and Operation Status
            • The SETU Union Peer-to-Peer Protocol
    • VPN and VPN Support
    • GNS and GNS Support
      • GNS — the GNU Name System
        • Looking up records
        • Accessing the records
        • Creating records
        • Future work
          • libgnunetgnsrecord
        • Value handling
        • Type handling
          • GNS plugins
          • The GNS Client-Service Protocol
          • Hijacking the DNS-Traffic using gnunet-service-dns
        • Network Setup Details
          • Importing DNS Zones into GNS
        • Conversions between DNS and GNS
        • DNS Zone Size
        • Performance
          • Registering names using the FCFS daemon
        • Obtaining information from the daemon
        • Submitting data to the daemon
        • Customizing the HTML output
      • NAMECACHE — DHT caching of GNS results
        • The NAMECACHE Client-Service Protocol
          • Lookup
          • Store
        • The NAMECACHE Plugin API
          • Lookup2
          • Store2
      • NAMESTORE — Storage of local GNS zones
        • Editing Zone Information
        • Transactional operations
        • Iterating Zone Information
        • Monitoring Zone Information
    • Applications
      • FS — File sharing over GNUnet
        • Namespace Advertisements
        • KSBlocks
          • File-sharing persistence directory structure
      • IDENTITY — Ego management
        • Connecting to the service
        • Operations on Egos
        • The anonymous Ego
        • Convenience API to lookup a single ego
        • Associating egos with service functions
          • The IDENTITY Client-Service Protocol
      • REVOCATION — Ego key revocation
        • Dissemination
        • Revocation Message Design Requirements
          • Querying for revoked keys
          • Preparing revocations
          • Issuing revocations
        • The REVOCATION Client-Service Protocol
        • The REVOCATION Peer-to-Peer Protocol
      • MESSENGER — Room-based end-to-end messaging
        • MERGE-message
        • INVITE-message
        • TEXT-message
        • FILE-message
        • DELETE-message
          • Member sessions
      • REST — RESTful GNUnet Web APIs
        • Namespace considerations
        • Endpoint documentation
  • REST API
    • Configuration
    • Conventions
    • Identity
      • Definition
        • Identity
        • Error Response
        • Response Code
      • Requests
        • GET Requests
        • POST Request
        • PUT Request
        • DELETE Request
        • OPTIONS Request
    • Namestore
      • Data model
      • Requests
    • GNS
      • Error Response
        • Requests
      • GET Request
      • OPTIONS Request
    • Peerinfo
      • Definition
        • Peer
        • Peerinfo Response
        • Error Response
      • Requests
        • GET Request
        • OPTIONS Request
    • Config
      • Definition
        • Configuration
        • Error Response
        • Response Code
      • Requests
        • GET Requests
        • POST Request
        • OPTIONS Request
  • C Tutorial
    • Introduction to GNUnet Architecture
    • First Steps with GNUnet
      • Configure your peer
      • Start a peer
      • Monitor a peer
      • Starting Two Peers by Hand
        • Setup a second peer
        • Start the second peer and connect the peers
        • How to connect manually
      • Starting Peers Using the Testbed Service
    • Developing Applications
      • gnunet-ext
      • Adapting the Template
      • Writing a Client Application
        • Handling command-line options
        • Writing a Client Library
          • Connecting to the Service
          • Sending messages
          • Receiving Replies from the Service
        • Writing a user interface
      • Writing a Service
        • Code Placement
        • Starting a Service
      • Interacting directly with other Peers using the CORE Service
        • New P2P connections
        • Receiving P2P Messages
        • Sending P2P Messages
        • End of P2P connections
      • Storing peer-specific data using the PEERSTORE service
        • Storing records
        • Retrieving records
        • Monitoring records
        • Disconnecting from PEERSTORE
      • Using the DHT
        • Storing data in the DHT
        • Obtaining data from the DHT
        • Implementing a block plugin
          • Validating requests and replies
          • Deriving a key from a reply
          • Initialization of the plugin
          • Shutdown of the plugin
          • Integration of the plugin with the build system
        • Monitoring the DHT
      • Debugging with gnunet-arm
    • GNU Free Documentation License
  • Doxygen
• Living Standards
• GANA
  • History
  • License
  • Design
  • Registries
    • Registry for GNUnet error codes
    • Registry for GNU Name System record types
    • Registry for GNU Name System record flags
    • Registry for DHT block types
    • Registry for Signature purposes
    • Registry for GNU Name System default Top-Level-Domains
• GUIs
  • The graphical configuration interface
    • Configuring your peer
    • Configuration of the HOSTLIST proxy settings
    • Configuration of the HTTP and HTTPS transport plugins
  • GTK File-sharing User Interface
    • Publishing
    • Searching
    • Downloading
• Frequently Asked Questions
• Bibliography