search

threefoldtech / planetary_network_desktop_client

Desktop client for Planetary Network for windows, Mac OSX and Linux/Ubuntu.
https://forum.threefold.io/t/how-our-planetary-network-works/1210
Apache License 2.0
0 stars 0 forks source link

Is yggdrasil safe / properly encrypted between nodes? #2

Closed MathiasDeWeerdt closed 3 years ago

MathiasDeWeerdt commented 3 years ago

Investigation whether yggdrasil is safe

Question

Imagine we have 3 users connected with yggdrasil: a,b,c. User a want to interact with user c, but has no idea how to, so it picks b as an intermediary node.

Can user b read the traffic which is ment for user c?

Initial research

They clain this is entirely safe, as long as the encryption holds, but do mention they havent been audited by a third party. https://yggdrasil-network.github.io/faq.html

Encryption is done using: https://godoc.org/golang.org/x/crypto/nacl/box which can be found here: https://github.com/yggdrasil-network/yggdrasil-go/issues/719

zaibon commented 3 years ago

As far as I understand how ygg works. When communication between 2 nodes is required, a session is created. Within this session everything is encrypted and only the 2 member of the session can decrypt the traffic.

If you want, the ygg devs are always available on matrix at #yggdrasil:matrix.org. They are very reactive and can answer any question you might have.