What is the purpose of Beechat over Internet? #
Beechat is great at its core goal: providing secure communications over radio. However, naturally, this will create disconnected mesh networks or “islands” in different regions.
To communicate to a user in a different “mesh island”, we have developed a Gateway system. A Gateway is a Beenode that is connected to the Internet, running Lokinet with a static Loki address. Lokinet is an onion routing network that hides your IP address. We use Lokinet, to replace the need for IP addresses, which apart from being less secure, also frequently change (after a router is shut down for example).
Connecting to a Gateway #
Gateway Beenodes broadcast every 60 seconds their Lokinet address (L) and a nonce (N). New Beenodes find the Gateways and sign the L + N broadcast, then send it back to the Gateway along with the Beenode’s Dilithium public key, this is the returnMessage. The nonce acts as an authenticator, since it is a number used only once, the Gateway will not accept the same returnMessage twice. This prevents the attacker Beenodes from repeating an original Beenode’s returnMessage. In addition, a Gateway will only accept returnMessages with a nonce that is less than 10 minutes old. A Gateway, thereby, only needs to store 6 nonces at every one time.
Publishing on Kademlia DHT #
After the Gateway has received a signed(L+N), and Dilithium public key, the Gateway verifies the signed(L+N). If the result is the Gateway’s correct Lokinet address, as well as a nonce it used less than 10 minutes ago, the Gateway hashes the Dilithium public key to receive the Beenode’s Beechat address (BA).
The BA is used as the <key> on the Kademlia DHT (Distributed Hash Table). The Kademlia DHT organises information in two columns, <key> and <value>. The Gateway publishes the BA as the <key> (column 1), and Dilithium public key, and signed(L+N) in <value> (column 2) with a SET post.
|Beechat address #1||Dilithium public key #1; signed(Lokinet address + nonce) #1|
|Beechat address #2||Dilithium public key #2; signed(Lokinet address + nonce) #2|
|Beechat address #x …||Dilithium public key #x; signed(Lokinet address + nonce) #x|
Since Gateways broadcast their Lokinet address and nonce every 60 seconds, the result of your BA as key, will return the most updated Gateway information (especially important if you are on the move).
End-to-end communication between radio-only Beenodes through Gateways #
If R1 residing in Europe wants to communicate with R4 in America, R1 will use intermediary relays, in this case R2, to first reach Gateway G1. It will ask G1 for R4‘s information by sending G1, R4‘s Beechat Address. G1 will respond with the <value> it receives when polling the DHT with BA as <key>. G1 will return the information to R1.
Now R1 has R4‘s Gateway Loki address and Dilithium public key. This information can be used to send messages to R4. This will allow Beenodes to communicate without Internet, by reaching the closest Gateway that thanks to the Loki address, knows how to reach the closest Gateway to R4, in this case, G2.