Feature/megatorrent reference 2716865330907683697

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "qbittorrent"]
+	path = qbittorrent
+	url = https://github.com/robertpelloni/qbittorrent

README-monorepo.md

@@ -0,0 +1,21 @@
+# Megatorrent Monorepo
+
+This repository contains the reference implementation for the Megatorrent protocol, a decentralized, mutable successor to BitTorrent.
+
+## Structure
+
+*   `docs/`: Architecture and Protocol Specifications.
+*   `tracker/`: Node.js implementation of the Tracker and Reference Client (the root of this repo, historically).
+*   `qbittorrent/`: C++ Client Fork (Submodule).
+
+## Getting Started
+
+### Node.js Tracker & Reference Client
+Run the tracker and client tests:
+```bash
+npm install
+npm test
+```
+
+### qBittorrent Client
+See `qbittorrent/README.md` for C++ build instructions.

docs/ARCHITECTURE.md

@@ -0,0 +1,49 @@
+
+## 6. Obfuscated Storage Protocol (Phase 2)
+To achieve plausible deniability and distributed redundancy, data is not stored as "files" but as "Blobs" of high-entropy data.
+
+### Concepts
+*   **Blob**: A fixed-size (or variable) container stored by a Host. To the Host, it is just random bytes.
+*   **Chunk**: A segment of a user's file.
+*   **Encryption**: Each Chunk is encrypted with a *unique* random key (ChaCha20-Poly1305) before being placed into a Blob.
+*   **Muxing**: A Blob may contain multiple Chunks (potentially from different files) or padding.
+
+### Data Structure: The `FileEntry`
+This structure replaces the simple "magnet link" in the Megatorrent Manifest.
+
+```json
+{
+  "name": "episode1.mkv",
+  "mime": "video/x-matroska",
+  "size": 104857600,
+  "chunks": [
+    {
+      "blobId": "<SHA256 Hash of the Blob>",
+      "offset": 0,         // Byte offset in the Blob
+      "length": 1048576,   // Length of the encrypted chunk
+      "key": "<32-byte Hex Key>",
+      "nonce": "<12-byte Hex Nonce>",
+      "authTag": "<16-byte Hex Tag>"
+    },
+    ...
+  ]
+}
+```
+
+### Process
+1.  **Ingest**:
+    *   File is split into N chunks.
+    *   For each chunk:
+        *   Generate random Key & Nonce.
+        *   Encrypt Chunk -> EncryptedChunk.
+        *   (Simplification for Ref Impl) EncryptedChunk becomes a "Blob" directly (or is wrapped).
+        *   Blob ID = SHA256(Blob).
+    *   Result: A list of Blobs (to be uploaded) and a `FileEntry` (to be put in the Manifest).
+
+2.  **Access**:
+    *   Subscriber receives Manifest.
+    *   Parses `FileEntry`.
+    *   Requests Blob(ID) from the network (simulated via local dir or tracker relay).
+    *   Extracts bytes at `offset` for `length`.
+    *   Decrypts using `key` and `nonce`.
+    *   Reassembles file.

lib/manifest.js

@@ -0,0 +1,37 @@
+import stringify from 'fast-json-stable-stringify'
+import sodium from 'sodium-native'
+
+export function verify (message, signature, publicKey) {
+  const msgBuffer = Buffer.isBuffer(message) ? message : Buffer.from(message)
+  return sodium.crypto_sign_verify_detached(signature, msgBuffer, publicKey)
+}
+
+export function validateManifest (manifest) {
+  if (!manifest || typeof manifest !== 'object') throw new Error('Invalid manifest')
+  if (!manifest.publicKey || !manifest.signature) throw new Error('Missing keys')
+
+  // Validation
+  if (typeof manifest.publicKey !== 'string' || !/^[0-9a-fA-F]{64}$/.test(manifest.publicKey)) {
+    throw new Error('Invalid public key format')
+  }
+  if (typeof manifest.signature !== 'string' || !/^[0-9a-fA-F]{128}$/.test(manifest.signature)) {
+    throw new Error('Invalid signature format')
+  }
+  if (typeof manifest.sequence !== 'number') throw new Error('Invalid sequence')
+  if (typeof manifest.timestamp !== 'number') throw new Error('Invalid timestamp')
+  if (!Array.isArray(manifest.collections)) throw new Error('Invalid collections')
+
+  // Reconstruct the payload to verify (exclude signature)
+  const payload = {
+    publicKey: manifest.publicKey,
+    sequence: manifest.sequence,
+    timestamp: manifest.timestamp,
+    collections: manifest.collections
+  }
+
+  const jsonString = stringify(payload)
+  const publicKey = Buffer.from(manifest.publicKey, 'hex')
+  const signature = Buffer.from(manifest.signature, 'hex')
+
+  return verify(jsonString, signature, publicKey)
+}

lib/server/parse-websocket.js

@@ -48,6 +48,12 @@ export default function (socket, opts, params) {
         return bin2hex(binaryInfoHash)
       })
     }
+  } else if (params.action === 'publish') {
+    // Custom Action: Publish Manifest
+    if (!params.manifest) throw new Error('missing manifest')
+  } else if (params.action === 'subscribe') {
+    // Custom Action: Subscribe to Key
+    if (!params.key) throw new Error('missing key')
   } else {
     throw new Error(`invalid action in WS request: ${params.action}`)
   }

package.json

@@ -35,6 +35,7 @@
     "compact2string": "^1.4.1",
     "cross-fetch-ponyfill": "^1.0.3",
     "debug": "^4.3.4",
+    "fast-json-stable-stringify": "^2.1.0",
     "ip": "^2.0.1",
     "lru": "^3.1.0",
     "minimist": "^1.2.8",
@@ -44,6 +45,7 @@
     "run-parallel": "^1.2.0",
     "run-series": "^1.1.9",
     "socks": "^2.8.3",
+    "sodium-native": "^5.0.10",
     "string2compact": "^2.0.1",
     "uint8-util": "^2.2.5",
     "unordered-array-remove": "^1.0.2",
@@ -52,7 +54,7 @@
   "devDependencies": {
     "@mapbox/node-pre-gyp": "1.0.11",
     "@webtorrent/semantic-release-config": "1.0.10",
-    "magnet-uri": "7.0.7",
+    "magnet-uri": "^7.0.7",
     "semantic-release": "21.1.2",
     "standard": "*",
     "tape": "5.9.0",