everybody if you are out there you don't want to be out there you want to be in here because we're going to be talking about one of the most anticipated things of Monero just recently launched alpha some people say kovry some people say kovry some people who speak Esperanto actually say kovry you know like it kind of should be said so we've got an animal here he's the man he's the plan he's the everything if he died we're

screwed so let's give it up for him he's going to be presenting to us kovry an introduction. Thank you. Alright everyone inside here we go. I hope you like improv you know Miles Davis Coltrane girl fashion improv okay so kovry what is kovry before I even wanted to

get into that I wanted to tackle the problem that we're trying to solve any physicists in the room any physicists oh alright cool at least one okay so is anyone familiar with anonymity okay got a couple hands there for an enemy and familiar enough with

Monero to know that it's a privacy project okay okay so let's see I don't want to tell you what kovry is until we establish the problem but I'm also kind of trapped in my head after working on this all these years that I'm trying to also you know meet you halfway from the

beginning well so we need to understand that basically everything is public and I mean everything I mean existence as you know it okay so I'll just start off four things I want to talk about let's see privacy and anonymity never existed it cannot exist and may never

exist within the realm of quantum realistic and in quantum mechanics I know it's kind of heavy and whatnot but it's important because it defines what we're doing secondly I'd like to talk about identity because it all relates it's all relative and then third I'd like to talk

about what we are doing like what we are really trying to do I'm talking Monero to you walking down the street to here we are now and fourthly I'd like to present a solution to all of that and then actually get you know forward to this you know this actual stuff you can use right now you know before you leave so I'd like to open with a question so what is this?

anyone you can just speak out and it's not a finger it's not a fingerprint necessarily I mean what is this like right there anyone this isn't like a Plato's cave kind of a

it's not like philosophical it's like it's like flat-out what is that this is clearly definable it's essentially what we're basing our whole existence around at least when we're engineering things okay so I'll call this it's a point in space-time now how did you how do you know that this is a point in space-time sentience is not a requisite you don't need

to have consciousness to prove this how do you know that this point is right here because you can see it okay but seeing isn't the same as measuring we know observing is not the same as measuring so how do you know I mean how do you really know that this is a point in

space-time it's really simple it's because you are in space-time right now you are varied points in space-time you can measure this you know via whatever century inputs so who the hell cares what does this have to do with anonymity well the point is I'm trying to prove to you that there is no such thing as privacy and anonymity it's just it cannot

happen and I it we just proved it right now okay so you're in space-time you're okay so what do you mean by that I don't know what are you nut job okay so let's try to cover right let's try to you know cover this point in space-time I mean can you prove that this point in space-time still exists yes you can indirectly or directly you will

given enough time and energy you can prove that something is here you can speculate you know that there might be a black hole there but it's highly doubtful and essentially you can you can measure eventually you will measure with absolute certainty that something

isn't here and all its qualities all its wonderful matter and what have you so you say okay well does just like 20,000 layers of that you know hands upon hand upon hand well I mean with absolute certainty you know it's in space-time because without it nothing would exist there and well we'll go down that rabbit hole but literally you can't measure

it given enough tools and time you will be able to measure why am I wrapping this around what is this well that's the whole essence of layered routing as you see in I2P and Covry it is the constant of just wrapping things up with math and and hoping someone

doesn't you know figure it out essentially okay so I mean how about simple terms okay here's something you can take and talk to your parents or you know whoever loved ones so you want privacy you go to the bathroom what do you do thank you you close the door right because you want because you want privacy but I hate to break it to you

are now public to everything within that room see it's all relative you close that door okay sure sir the door you know everyone outside the door may not be able to know you're there right now but give enough time and energy they can measure you heat dissipation the entropy thermodynamics I mean it is not some mystery you will be found given enough

time and energy so you close the door okay you got some privacy but then you go to use you know the facilities and you take off some layers of clothing right because that was you were private still right well now you're public to the air your skin is public to the

air and it is there is no such thing as privacy I know that's a bold statement and trust me I've lost a lot of sleep and I've really tried to prove myself wrong here I want people to just get involved in discussion prove this wrong physicists everyone just if you can solve any of like the inside of field equations without space-time I mean

minkowski to care if you can just anything any if you can prove any of this please come to me or get involved so privacy doesn't exist anonymity so how do you define anonymity you know and I'm sorry I should have asked you how do you define privacy first of all I kind of jumped the gun and assumed a lot of things does anyone have any other

definitions of privacy that I didn't cover no okay now anonymity does anyone have definitions what is being anonymous I mean textbook it's to not have a name but that's kind of silly because you just gave us a name it's because you can acknowledge I won't say

communicate I'll say because you can acknowledge this point in space-time you've essentially assigned it an identity so I'm sorry you can't not have a name so long as you are measurable and observable you have an identity so the concept of anonymity is just

it's not possible within the mechanics that we are engineering these systems right now to the best of our ability okay why does that matter well again that's the foundation of Alice and Bob how do you know Bob how do you know Alice how do you how can you prove

Alice and Bob so we'll talk about that too so does anyone know who Alice and Bob is are okay I mean no yes no okay so you know Alice wants to talk to Bob so I and as we just discussed so here are these two points so what they want privacy right well we know

privacy is not possible because they will be publicly talking to each other essentially but there are events in between these two points they're called events and well what you do I mean you go to communicate right do you see how privacy and anonymity are not possible you are relying on the very events in between these two points of space-time

in order to get your message across but ironically these events between these two points are the very thing that destroys your privacy and anonymity yeah it's a real mind-twister so what do we do we attempt to emulate anonymity and privacy for example

with Tor and Covry I2P you essentially send your message through various hops using all kinds of encryption I'll talk about and then eventually gets there Bob doesn't necessarily know where you are and so vice versa but of course given enough time and energy that all that information is readily available because you exist within these

models of mechanics yeah so privacy and anonymity okay so identity that actually I ask you how do you define identity did I ask that already no how does anyone define identity and not necessarily mathematical identity where you know A equals B which is

in itself contentious because at the quantum level it might not actually equal that's a whole other thing but so no thoughts on identity huh being able to uniquely

distinguish something from something else okay yeah but how do you do that I mean essentially the bottom line is it's all relative here we are back to the space-time where it's literally everything is relative it's driving me nuts because if we can't solve this problem then we're never going to have privacy okay so identity is relative

but more importantly language did you have a question or comment yeah how would you

define that context though but if it is measurable then the relative perspective is

that no matter how one system defines it it still is is relative so long as it can

be measured I don't know if that makes sense but how do you prove that but but is that

truly identity and I would say yes because I'd like I just said identity is relative but I think what's more important is to understand how we use identity and that it identity is also language and language itself is also relative so for example when

Alice wants to talk to Bob they want to set up a Diffie-Hellman exchange right generate a key pair they're essentially creating a language for each other in a way that supposedly only these two points will be able to communicate I don't know how huge that is but I think it's

pretty big because it essentially defines all these all these excuses for why we're doing this it comes down to a lot of these simple basics language for example so I guess I mean why does

this matter right every day we're we're trying to have these transactions we're trying to be anonymous but why can anyone tell me why that's not like a textbook you've heard this a thousand times why anyone know why why why why are we trying to do this so this

is what I believe this is based on my preliminary you know studies of this but I truly believe and I think this is the direction we're going we're essentially trying to bridge two points of space time into a single point of space time while retaining the qualities of those two separate

points of space time which I don't know if that's possible right now of course I would like to propose something soon in a few minutes but think about it every time you go walk down the street every time you go to eat every time you go to hug someone every time you open your eyes every time you try to send a transaction you're trying to connect with one other point and one

other point only specifically Monero specifically you know you want to have a transaction with someone and only that person and unfortunately you rely on everyone else to try to do that that's the hack right now that's like the physics hack we're dealing with but essentially

that's what our ultimate goal is I believe um yes Howard that's fairly sure doesn't cut it

I mean like like I've said it's all measurable I mean it's not truly private but again that's all

relative because when they're face to face to each other they're still away from each other there's always going to be those points of space time within the points I'm not ignoring

the infinity and what I'm proposing is that's the solution to this problem because you're essentially describing the very same problem is there's space time and I this is huge there's two points to space time and face to face whether that I mean it's always this coming together

you know it's always this gravity it's really annoying but we we are we ultimately are seeking to if I'm correct the assumption was we're essentially trying to just avoid all of that space time so we can have that true connection while retaining our qualities and I'm not talking

this is something we're just going to whip up some code and do I'm talking this is a long-term endeavor essentially describing what our purpose is you know we're obsessed with bringing these two points together it's in everything every it's in your your it's this constant the essence of movement if you will so that is what I see as being the problem the ultimate problem

and that's why I you know I believe here is like this beginnings the very beginnings of what could be the beginning of a new branch of physics privacy you know if no one's talked about it I would like to talk about it more I'd like to initiate that idea privacy mechanics you know

essentially if possible to solve the field equations without space time that would be great if not let's let's see what else we can do it's very open-ended but I like to just get that ball rolling you know tell your friends get more people involved in the conversation okay so any questions

about that now the physicists here might have a few comments too please it's correct and or anything saying if you'd like yeah exactly exactly and if you look at any like equation

ever proposed I mean if you take out space time then I mean you take out the concept of you even being able to interpret this equation for theoretically right yeah I haven't heard anyone

really talk about this I mean chaos theory aside and other things I mean I'm not like involved enough to be like hey oh yeah we've talked about this over lunch so I don't know we need more people involved in this I've never really heard about essentially okay sorry I missed something with the idea of privacy mechanics we're essentially trying to do two things bridge or not even bridge sorry excuse me we're trying to bring two points of space time into

one point while retaining the other points if that even makes any sense because if you try to do that and you know they form something else that defeats the purpose so we're trying to do that um we're also trying to exist while not existing folks that is true privacy if you can exist

while not existing but somehow somehow uh I mean this is blowing my mind right I don't have the math with me right now but I think those are at least two founding questions for something of a

privacy mechanics did you have a question that's all right well I see my proposal I mean I

don't have a solution not necessarily I only proposed those two questions how they're

achieved I think would just I don't I don't know right now I'd like more people to get involved. What did you say attract? Can you give them the mic? Do you have a mic? I can't hear

to rely upon an approximation considering our interpretation of physics mathematics is a model that is an approximation of physics and is necessarily so. And so proven

otherwise and I mean that's why we need more quantum physicists for example I mean to get small enough where you start to see I mean it was proven otherwise that that is what girdles work was any system more complicated than a certain you know more than simple arithmetic has paradoxes is a law system. Sure paradoxes but I mean is that a limiting factor

is it a defining factor for a potential new branch of physics? It's a defining factor for a branch of mathematics which is a model of physics. Okay. So it's unreasonable to expect since your work is probably going to rely on mathematics that it's also not going to be a perfect model of physics. Sure sure okay I'm not saying it's perfect I'm just saying uh

let's get the discussion going I mean health about 30 years ago there were iPads on Star Trek and now we have them you know for example so let's let's get it going let's talk more let's try hey if you can if we can solve this without having to divulge into other you know areas sure I'd love that please. Okay so that that and that okay so I'll briefly talk about

okay so I said why we're doing that but here's my little flair I think it's ultimately true love okay sounds corny but I think this attempt to constantly try to connect with people and connect

with these various points of space time is essentially the essence of love. That's something to ponder too. I could elaborate that if you like I don't know if it's the crowd who wants to hear that but I would define it that way. Okay so we have that that that and the proposal great okay wow half hour. So how does that relate to covery so so no one's really familiar

with onion routing or garlic routing anyone? Okay um geez I like my interaction I don't have

we have a garlic here but we don't have a matryoshka doll right there's no doll Diego okay okay so how about does everyone know what a matryoshka doll is one okay how about I do a quick little image search so we're all on the same page

we're supposed to have a little thing I can demonstrate but you know didn't happen there we go all right so here we go so back in the mid 90s the navy started researching essentially created the on the onion router version zero

long story short a couple versions later version two here we are with the tor project Roger and Nick are hitting that up with a whole team of people and what they essentially said is well we want point a to be anonymous to point b so they they said oh well it's it's uh well

can't use that so it's like an onion you know an onion has layers well more accurately is actually this matryoshka doll which they probably like thought of and said oh no you can't say the r word that's that's a big no no um but essentially this is the most I believe the most accurate way to describe that so let's see see how they you know get the little one

goes into this one it goes so you can actually twist those off and you put one into the other into the other into the other and you essentially you have your message for that point b you put it in you wrap it up you send it through various hops using public key encryption and they

send it on down send it on down without being able to read the original message it gets to point b and then point b just does it in reverse sends it on back so essentially it's encrypted all the way through the points aren't able to discern what you're sending unless

they have enough time and energy yes of course they can prove it as we discussed now that's called like circuits that's circuit routing that's uh really straightforward three hops and you're there but with covary and I need an assistant here would the physicist like to come up and assist

uh just standing here and you hold your arms out okay yay okay sorry um okay so I'll hold my hands out here and could you stand over there and do the same

like this okay okay so so I'll be Alice and you be Bob or vice versa whatever you want and so uh covary has inbound and outbound tunnels so essentially I'll extend out and this will represent my out and then you extend in actually no you extend out this way here we go

perfect and then her inbound these are her inbound tunnels her arms extended in arms extended out outbound my arms extended in and covary uses unidirectional tunnels so we don't I mean we complete a circuit but technically they're unidirectional tunnels where I send one message throughout various hops all encrypted goes to her inbound tunnel also several hops

encrypted then she responds through this your outbound tunnels and comes through my inbound tunnels um that's in summary you need directional tunnels so thank you very straightforward stuff

another crypto used uh for both os for tunnels uh elgamal and aes 256 cbc and session tags and technical things for that so okay we had this those tunnels I guess I

shouldn't have sent you back but essentially so let's say you want to send the message right well within that message you send it through the various hops and what's great about covering i2p is that it's a message-based fault tolerant decentralized system so you can send in fragments if needed and they are reassembled at the various points

all encrypted can be decrypted and sent off to the remaining hops so it's it's a very it's that it's fault tolerant but essentially those are called garlic cloves as we see here various message i2np message types go into a clove and you know

come there so I mean it's it's essentially we're essentially layering upon layering upon layering and we're and we're asking and here's the fault here's the problem I mean this is what breaks every overlay network well at least tor and itp and cobra is you're asking pretty please pretty pretty pretty please this first hop please don't tell the second hop my ip address

don't give them any metadata pretty please so you can imagine the whole model is broken because of trust because you can't really trust anything so hate to break it to you as much as you know everyone loves tor these these things are just unresolved still and that's what really

got me going on this whole space time you know circus so any questions on the matryoshka any questions okay so we got that that and that and I have a question for you what do you want to know if exactly do you have any like specific questions about kovary or about

anonymity no questions yes uh michael how about michael yes did you have a question i'm most interested to know how an application developer would that that's making an application

independent of any transporter would implement for kovary maybe different types of of protection how they would use that how they would use it sure well once we get the api done by the end of this year hopefully earlier you would just

hook into that as a c++ library and we'll try to keep it real simple you know bsd style sockets for example you know read write all that and you would just say i want to send to this address and it the kovary address the base 32 encoded and that's another thing okay destinations the

whole concept of destinations all right so you just one tangent after another i can go on okay so you would essentially just hook into the library but you would need to know the address you want to send to correct um do you know what address you would want to send to off the top of your head network a kind of an agnostic application you know how you can

use tor proxy to use tor with anything with firefox or and firefox does not know what's

using the tor network if you use tor proxy is that something that you're thinking of essentially all tor is doing is it has it's a sox proxy so we have a sox proxy if you want to use it but because kovary and i2p it's a network within the internet i mean you're not going to

be able to connect to google or facebook unless they are hosting a i2p address destination you could use a sox proxy if you wanted something rough and generic if you want more fine tuning then you would use the api which it's not out yet but um yeah and that's another thing with

destinations um well before i go into that work with more hands okay is there anything specific to monero or blockchains that kovary's solving or is this totally generic solution like like another's like another tor or another i2p like or is there something blockchainy about it oh

there's no there's not nothing blockchain um no nothing blockchainy about it um but what's important to know is that uh this this concept well there's tor you know there's tor well you know it's like saying well there's bitcoin so why do you need any other coin

it's we we need more decentralization we need more anonymity networks we need more developers otherwise it's centralized so but no there's nothing extremely specific about monero other than them being a great project spearheading privacy left and right trustless privacy is crucial to creating this so aside from that no there's no like tie-in with the blockchain or anything

like that um so i hope you understand i understand how onion routing works but what is the like specific use case that kovary is meant for that would be better than tor or

you said it was based on i2p right yes the open specifications by i2p so are you essentially saying why not use tor um i'm asking sorry yeah basically like because i'm you're saying you want multiple networks for different use cases right like the network is stronger if you have

more nodes operating in it and sure well okay i'm sorry i don't understand can someone could you rephrase it okay sean's she can i can will do that um okay i mean geez it's it's all online okay um i'm thinking really technical i'm sorry i'm not like thinking

how do i say this um okay so tor's it's first of all they don't support udp so you have whole transport just just out of the equation um secondly it's a uh leech based network essentially everyone using it leeches off these relays that are heavily funded and and can support

a lot of bandwidth so you have to ask well where does that money come from secondly their whole directory authority model in the specs it says itself semi trustless but as we know there's no such thing as semi it's either you trust or you don't trust and if you if you're a

fan of trusted setup then you know then you'll understand the the dangers involved with that it's essentially the same thing in anonymity land with i2p you have a network database it is truly decentralized database that no one owns it is passed around through various routers that

are randomly selected based on a flood fill capability for example but no one owns these so there's no trust it's up to you you can decide a which database you want to use for example you have that fine-tuned control and it won't break the network it won't you don't have to go out of your way to do it it's by default essentially it's fault tolerant too so if one

tunnel goes down you have another uh whole set to pull from so your message will get to where it's going and it will remain anonymous on both ends for example tor you always have that exit node i mean assuming we're not talking about hidden services which is very similar you always have exit node which the website will always see as a point and of course from there can be deduced

where you are given enough time and energy so did i answer sorry if i didn't that helps and cover is just based on itp based on this yeah the specs um yes essentially it is the same network when you're using kovari right now you are using the i2p network you are blended

in with every other router on that network so all right thanks yeah so um you your introduction was basically saying that um i mean the way i understood it you cannot solve you cannot achieve real anonymity right yes and um so your solution is basically fall

into the same realm because you have to work with uh what we have right absolutely yeah it's a hack and and what i'm saying is there's no piece of software on the planet that i know of or that is relatively known that is capable of achieving true privacy or anonymity and fortunately

tor does never admits to that none of these projects admit to actually providing 100 anonymity but no one's really talks about the underlying problem see and the reason i'm bringing it up is because if we don't talk about this we're just going to hand this off to our you know descendants and they'll be stuck with the same crap and they'll be going in circles

and circles and circles until we have seven quintillion bit primes and you know 500 trillion ring signatures and etc etc trying to defeat this problem that cannot be defeated unless we can solve the removal of space time while somehow existing i know it's like far-fetched out there and whatnot but that's just what i wanted to say you know as i hold it now yeah

i just want to clarify that because it was a yeah generic statement and i want to understand where you were going so but um talking about coverage so how how how is it i mean i understand trust less and but at some point you can still like you said with enough time and effort

trace back that you know the message or whatever you send sure i mean and trust is relative but uh as is with with any of these systems you really have to have a lot of time and energy and right now i mean that the that requires money you know fiat or what have you um so it's all

relative but theoretically this is what i'm talking about theoretically this is possible realistically i mean i i would put my trust in in this project than more than any other project only because it's such an honest group of people who are not trying to screw each other or the world and we're really trying to you know apply hacks we admit their hacks we're hacking

our way constantly developing finding the best solutions at the time and that's i think the best we can do at this point in my opinion yeah thank you you're welcome oh just one more question answer this earlier uh oh you may have answered this earlier but why is this important

for you to solve i'm sorry important to you to solve this to solve this problem why is it important yeah oh cool because we wouldn't have privacy or anonymity if we don't solve it but more importantly i mean personally i believe it's because we wouldn't achieve

what we've been trying to achieve since day one which is this this coming together this wanting to to come together and actually come together and it's i'm i'll go i i'm going if i go too much off into that but i'm sorry do you think you're getting closer to solving that problem i think that we're the fact that we're i'm talking about this and we're discussing

it is a closer a step closer theoretically i mean i can't predict the future you know sorry yes um so cobree i understand is in a different um language why do we need cobree in addition to itp do they have different applications or is cobree gonna be better or

okay so um i have to bite my tongue a lot when i got this is a tricky question right because i have massive respect for the java it2p project simply put we just we want to do things differently in a more efficient manner with i like the approach of less is more versus more is more

does that answer your question because otherwise i'll i i can go into technical details i mean uh well they have different uh essentially it is the same use case like you want to use the internet anonymously and privately you just use it but they have uh several apis they have uh

if you've seen that web console zzz i know where's the camera zzz i mean come on man years and years and years we've been complaining about this web console man please do something about it so the web console right it's the only interface to this java itp and

it's it's a nightmare for newcomers so ultimately what i want to do is totally just get rid of all of of this stuff like everything all this technical stuff i want to speak about i don't want to have to just like i don't want it's an engineering thing you don't want to talk about how do we build this building while we're in it you know this is how it's built now we're

in it i just want simple docs a simple application you hook it in poof it's done you don't think about it if you want to know more you read the specs and so on and so forth and that is the complete opposite model of the other project essentially the same technology though so would

a good summary of it be a reimplantation of i2p in c++ fixing a lot of the stuff that is too complicated you don't like but it's completely interop with the network right like it's going to be plug-in and if i want to run an i2p node i can run cobree instead seamless yes to do that

gotcha although we we may go in a different uh technical direction uh that would could possibly uh you know essentially hard fork the network uh because of various dramas and things that have come up uh lack of review uh and you know intentional lack of review and just pushing

out of specs and then expecting you know us to just follow along and i'm personally just tired of following along but that's a whole another we can talk more after the talk about that yes so from what you're saying it kind of sounds like cobree is application agnostic and can be implemented into any other cryptocurrencies and not just manero which means that it's a semi-ultruristic project he nailed it yes wow that's cool manero is cool anyway thank you diego

yeah isn't there like a saying don't don't send an engineer to talk about something and something you know if you want a straight answer or something you know i don't know that's something like that so okay um god well uh she's there's so much to talk about

wow it's uh we're here till five right 351. um all right so how about this i'll just show you and then if questions come along you know and i can describe some of the the details the finer points um so i'm running the router right now i've disabled the console log so you're not

really seeing anything so uh i'm assuming people are familiar with tor browser okay so essentially all it does is it changes the i mean it does a lot of things but one of them is with firefox their version of firefox it hooks into their socks proxy the tor socks proxy

so what i did is just went ahead and clicked this and went to the you know edit preferences all right where is this this is icecat here we go settings and essentially make the

http proxy the you know the covary instance port 4446 i set it to ssl even though we don't support ssl right now but you don't need to because everything is end-to-end encrypted anyway so that's a huge thing nothing to worry about there for the most part i uh set up the ftp thing because that's another little trick sometimes your browser will do bad things it's

a but anyway if you're not using the socks proxy so here we go click that and now we're going to check dot covary dot i2p and i bet you an xmr that's going to say 503

i'm not going to lose an xmr damn it i might come on i'm out okay great well it works so i'm out but it's a win for everyone

okay so success welcome to the i2p network your local client destination so that's something no one's asked yet so we have ip addresses right you want to connect to google or whatever you have you have an ip address they have an ip address you resolve with dns well there is no dns resolution within the i2p network names are canonical

they're they're locally defined how i define check dot covary dot i2p it can be completely different how you do it it's it's extremely decentralized in that aspect so unfortunately like many problems with all these networks we have side channels that we use

for example address book subscription servers but again it's up to you to decide if you want to use someone's subscription we ship a default subscription so you know that check dot covary dot i2p will go to a very specific destination and here we go base64 encoded sha 256 hash of the destination now

the identity here says keys so it's algomol public pub key and then a dsa pub key plus a certificate of metadata that essentially forms your identity and we don't have enough time to go in the details maybe i can do that next time or i'll just talk less about useless crap in the

beginning for my next talk but so here's the base64 encoded of that and here's here's what's something you'll see a lot it's essentially the b32 address you know you go to blah blah blah that b32.i2p and it's funny how tor finally finally are coming out with their v3 onions

and they're using these you know base32 encodings and that they have now longer addresses something i2p has been doing for a lot longer it's the i2p is essentially hidden services by default i mean that is the network is the hidden service that's the only way you communicate and here is the basic c4 encoding of the full destination this is something you'll see

when creating your address book for if you will your subscription very technical stuff but this is how that works so you know that you are using the network when you hook that up so any questions on that on this page yes by default if you have an address

okay um sorry by default what by default um it's you have this address and can people reach

you through this address so yeah so here's yes here's the cool thing all this data you're saying here this is identifying your identity through the socks proxy what's really cool is you can have many many many identities theoretically but this is the

one that check.covery.i2p is communicating with and if there's no name resolution to this um but it i mean does that make sense yeah there could be if but did you register

um yeah but that's more for like a server tunnel this is a client tunnel um that's something i should probably talk about client server tunnels but did someone have another question okay so we hooked that up through the socks proxy now what monero is going to do is bypass

the socks proxy altogether because it's clunky it's slow it's not effective the error messages returned are pretty useless i mean theoretically they could have been using it for a while now but they never wanted to implement a socks proxy for various reasons despite complaints so

let's go into the config file all right where is it okay so here's the client client tunnel list essentially oh there's that i forgot to remove that so these are default settings right here's a good old IRC2P now the i2p project started around the same time as

tor but it started as the uh as the invisible IRC project i mean it was a essentially an IRC network it grew into what we see now um but this network is still around it's what you use

to use IRC over i2p and we have these uh default client tunnels and see how the destination it has you know irc dot echelon dot i2p etc well you need an address book to resolve that to for example you know all this goodies goodies stuff here but it's already set up so you can

you can use it um i don't have a client set up but let's go ahead and do a quick check here let's just send some random data i'm connecting through the client tunnel

something that monaro will create on the fly possibly per transaction you can create a new client tunnel it'll be completely transparent and you won't even know it i mean that's why i don't want to talk too much about it because you just won't know it'll just happen and here we are so we are connecting to IRC dot echelon dot i2p via this client tunnel and you can do

the same look we got smtp set up if you use postman's mail service for example now let's go to the server tunnel this is if you're going to go ahead and host a website or for example um a narrow a narrow node for example so you would uh well i mean again this

would be automated so you don't really need to know all this but you just go ahead and uncheck here i'll show you uh these are three yeah i got it's it's it's funny no um so let's see

long story short there are three irc2p servers that are chosen at random and these are servers that have been around and this is after a person's name it's like his handle for i don't know how long he's been around uh not that i know of i certainly hope not though i do have

um no but if he's still if he's watching this uh you know his server's still broken you know i told him like what a year and a half ago that it's leaking i you know public it's leaking his public ip address and he's like i intend to do that so i mean it's i say it's one of many

reasons why i i want to we want we want to move forward um so i have this set up here oh hello defcon all right so there we go so uh look here's a ssh server uh server tunnel so essentially you

need to tell the network hey here's my local destination here's why i i want to be you know people to connect to and here's the port and here are the uh the private public key pair right there and it comes through this server tunnel um let's see if i can do this i have it

set up i believe all right so uh damn it do i already have that in my history i guess not

okay so where is ah oopsie i'm not using teamlux there so the question is well okay you created a server tunnel what's your how do you tell someone where your server is like how do you tell them the address well you go into you know client keys and here we go

we have a the base32 encoded address and we have the base64 essentially you want the base32 so let's see we got that and there you go that is the address you say hey friend connect to this address and as we saw here oh where'd it go as we saw here

you could replace the destination with an actual base32 address or a resolvable address

but since i'm currently proxy chaining through uh kovari i'm just gonna let it do it automatically so let's see

let's see what happens connection refused oh that's not what hey at least it got refused that's good uh yeah so let's try again well i might i might have changed the uh authorized keys

but essentially you would be able to use the proxy chains for example you could proxy change anything uh to a i2p address and it would work any questions on that so far okay am i talking enough about monero like how it relates to monero

does it does it make sense yet how it works with monero well because like with monero you know you connect to a node and you send a transaction while your ip address is known to node and you have to hope that node doesn't know so perfect use case by default you will never have to worry about that so long as you can connect to the internet and that you're not

being censored at the packet level because then we would require more obfuscation with that so i'm hope i answered questions oh yes versus what the performance is of this in terms of latency and other factors compared to tor and previous itp implementations okay

well let's take a look here we are yeah so let me get out of them here where we go sorry there we go so look at that that is this that is a pretty small memory footprint

at the bottom that's 26 megabytes rss i mean you can tell almost no disk i mean there's disk usage because we're writing the and reading the network database but it's right now it's trivial this is a very small bandwidth router right now i just this

simple right now this instance is is not very high bandwidth but the stats are all right there i mean this is like 1.51 CPU like if you're looking at the java router no this is massive it's just it's ridiculous i don't know it is what it is but we don't like it so it's it's

pretty small pretty small footprint and what's great is we can uh you can eventually once i finish my band caps branch you can tweak how much bandwidth you want to use and of course reflect on you know the amount of crypto used etc etc um damn it i'm sorry

are you seeking to get this integrated with anything like um tails uh that's a good question i mean it's that's up to them essentially it's agnostic it can be used with any thing that can hook into a c++ library we'll get our marketing team on it okay oh yes um

maybe i i just don't really know a lot about it but how does peer discovery work on uh is it like relays nodes or is it basically is it the same as itp 2p or did you change how itp does it

unfortunately we're doing the same thing okay which again we're we're left with the threat model of side channel i mean it's absolutely absurd that to get a view of the network you to connect to a received server that it's in itself has been scraping a various view of the network so you're relying on that view for it so okay let's say you mix it up and you pick

from three or four servers whatever you're still relying on side channels and you're still relying on a you know a trusted source i i'm open to ideas i i think you know people have been beating their heads over this for a long time um but i mean literally tor's got you know

i can probably count equal issues that are just unavoidable that are problems but yeah any other questions okay no crypto questions all right well oh yes oh can you wave from the mic please thank you i came a little bit late so please tell me

to you know oh you missed the whole kit and caboodle yeah just a little bit but um i heard about uh a little bit about some things that can be done to make covry uh more appropriate for more widespread usage like to speed it up do you have any

thoughts on anything people should be focusing on to do that for widespread adoption yeah um just to make it like more efficient more reasonable to use user-friendly to use no no or just technically the actual um performance of the network and performance of traffic on the network uh jeez uh i'm not sure how to answer that exactly in terms of engineering or

uh well the problem with like resolving let's say you want restricted routes for example so you know that every hop at least within your control is a high bandwidth you're just going

to get it all through you know you got latency is not an issue you're still stuck with bob who's got his tunnel pool and you know you can't you know it's just going to go in like that and i mean that's like the design of the network um we could there are other possible

networks you know in development hornet for example it's something to look up yeah i mean if you

created oh okay okay okay well i mean it goes with anything if you're creating tons of key pairs and you're just generating generating generating the more the more hops you try to connect to the more tunnels you try to create too i mean it's going to create more overhead uh we use crypto plus plus great library uh no loader is a great guy um he's

adamant about keeping things optimized and efficient i mean the crypto is what it is i'm not sure how to answer i don't know if i understand the question but well the itp is consists of many protocols uh it's a common misconception i mean

do you have the transport layer you have the message layer within the transports i mean you have all this various encryption encryption you know diffie helman algomol aes uh it just goes on and on um shaw 236 it's just a lot to do because you know these little garlic

gloves are you know encrypted the tunnels are encrypted um the transports the sessions are encrypted it's a lot of crypto and i mean how to solve that i don't know i mean we're talking about non-energy somehow somehow using non-energy for our anonymity maybe they'll come with our

privacy mechanics model i mentioned at the beginning non-energy okay i mean i'm not talking dark matter but non-energy where'd the physicists go she's not here oh she left all right um okay any other questions yes uh so with the physicist you explained that uh each direction what was using a completely different uh channel and i was curious if that provides any advantage in terms

of privacy what was the reasoning that's a good question because it's still being debated does it provide more privacy does it provide less privacy there's not enough research but the available proves that it's fine

I don't know, I really could argue for and against both, and I could yap and yap and yap and talk and talk and talk, but... Well, Sean is prepared for some things too, and I'm sure there will be questions for him too. It's an ongoing thing. Essentially, you know, we need more people, more developers, more input. You don't have to be a C++

developer. You don't have to be a lot of things. Just ask questions, get involved, and we'll do the best to see if there's something you can help out with. Yeah, Diego doesn't do anything. He's doing great. He's doing a lot by doing nothing. You do a lot, Diego. Okay. So yeah,

any other questions? Yes? Here, let me pull up the one slide I have. So I missed most of the beginning. I'm a PhD particle physicist, so we can talk after. Yes, yes, thank you. Great. I was a bit bewildered by what I heard. So looking ahead, I don't know,

maybe it's premature to ask something like this, but since each Monero node operator gets to choose for themselves whether their personal Monero client connects to the, you

know, legacy internet or through Covry, would two clients connecting in two different ways, would two Monero nodes talk to each other directly? Or could you have a situation if, say, half the Monero nodes were running Covry and half were running on the legacy internet that you might have like a great firewall sort of condition? That's a great

question, and that's something Monero Moo and FluffyPony and others would have to actually answer because I have my opinions, but it's what they decide. So I don't know if I have an answer for you. It's available, it will be available to use, and I mean it's like

my work's here but I can only do so much. Sorry, ask them. That made sense. Did you do any, I mean probably, but have you looked at the Dev P2P, so I like Ethereum

or I've been doing a lot of Ethereum stuff, and Ethereum has its own kind of replacement for solving this type of problem called Dev P2P. Dev? What? I'm sorry. Dev P2P, D-E-V-P-P-2-P, it's just part of the Ethereum foundation's like big pool of open source stuff. Is it like Dandelion?

I'm not familiar with Dandelion. Bitcoin's non-solution, sorry. Oh yeah, I mean if you haven't looked at it then that's fine. I was just wondering if there was any, like if you had any particular like challenges to that which is why Covry is a need to create another solution to or, but it's fine, like I get it. Well I mean at this point it's, everyone's got their own, well I can do it better,

I can do it better, and no one's actually solving the problem. I mean that was why essentially that's why I wanted to open up with my opening statement. Everyone's got their approach, they think they got it, and it's just, there's one, you can laugh at it here, laugh at it there, not laugh at it there, and we just keep doing it until

we learn how to do it right. Is this funded by the CIA? This project? Absolutely not. I'm completely funded. I mean you can do whatever research you want on me, FOIA, whatever, stalk me, follow me around, I don't, I mean it'd be creepy, but if you, no, I'm not, that's what's great about this project is

entirely funded by Monero. The foreign funding system, for example, that's what I've been funded through, so I'm very glad to take that funding. No CIA, no alphabet agency, no government funding, not even the military, nothing, no research, nothing, it's all Monero.

But Monero, how would you know who's sending it? Yeah, so the question is, you should be stalking, uh, yeah, given, well, if you were here at the beginning, enough time and energy, that would all be certain, so no other

questions. Dang, I want to talk so much more, but I tend to ramble. So here we go, contact info, if you have any questions. And I guess that concludes my portion, I would like to hand it off to Sean, he has some things prepared, he'll provide actual useful applications, you know, for Covry. So thank you. Do you need the laptop? It's not on

here though. It's fine, do you need the laptop? No. Okay. My name is Sean

Coughlin, I go by the hacker alias Sean Coughlin, so nice to meet you. I am a

software engineer, I work in industrial systems, and I focus most of my attention on security features, and also I work on a number of other projects, I'm a continuing graduate student, and work on applications of

encryption for the use of effective engineering and the focus on the satisfaction of client dignity in business operations. I'm here to talk about Covry's techniques and applications. Um, as an engineer, I decided to look into some of the latest IoT security protocols earlier, um, just about

six months ago, and I came across I2P's implementation of Covry, then I saw it was attached to Monero, and so I decided to get involved in the Monero project, but I'm here because I really like Covry, I think it's fantastic, and this can really be the future of IoT devices. I'm going to give a brief overview about the application history of I2P and Covry.

These are all based on the original work which is called Freenet, which came out around 2000. It took some of the popular peer-to-peer networks that were run at, like, um, some of the file sharing stuff that was going on in the 90s, they were based on that and abstractly created a new communications layer, kind of replacing it for TCP,

and that started around 2000. Of course, in the 90s, DARPA was working on something similar that became the Onion Router tour, and that was alpha'd in about 2002. Soon after that, a bunch of the developers on Freenet decided to make a sort of fork of Freenet, and they called it the Invisible Internet Project, and that uses

their network layer from the PTP protocols, and they added an extension to onion routing that they jokingly called garlic, because they were looking for some other common vegetable that they could call it, and so somebody came up with garlic. The differences that exist right now between onion routing and garlic is that onion routes, they, in general, this is a lie, but, you know,

humor me, for one packet, it adds the layers of encryption for each hop in the known route, meaning that every single item is there, it has to plot out the route from the source to the destination, adds the encryption to each item, and it's simply reduced like a Marish Covid doll until it eventually gets the end. The nice thing about that is the entire network is bidirectional.

The receiver of a packet can then simply wrap it up and go right back where it was sent from. So it's as though it's basically TCP, just with a little extra stuff on top. Garlic breaks that model, and says, instead of actually taking one particularly known route, we're going to take any packet of message you have, split it apart, shard it into smaller pieces, then mix and combination a bunch of things,

and then get those separate sub-routes into different locations before you finally hit the destination. The problem with that is there's no way to go back to your original route. I2P is a simple unidirectional route, and so in order to get back to the original sender, you have to create a brand new channel all the way back. So it's a little bit more complicated, and adds extra, a little bit of extra

slowness and things like that, but it really takes all of the indirection that Tor adds, and simply adds a entirely new dimension and makes it so much harder to analyze everything. Even if you have full network understanding, it's still really, really hard to reproduce the actual original messages. So yeah, it's just so much better communications. It doesn't have any of the problems

that Onion has, which I'll go over in a moment. Now, there's actually two separate implementations of the I2P. There's this original protocol that was called I2PD that existed, and that's all I have to say about that, but there's also a, there's also a Java implementation

that's the main one that's out right now. The Java I2P implementation has the severe problem of using Java. It makes it easy to port to new systems, but correspondingly requires a very large amount of resources. The memory requirements are about 128 megabytes by default, but they can be reduced slightly. I'll go over

some specs in those. It's not really ideal for embedded systems, especially for very small microcontrollers, though some Meteor Raspberry Pi boards can actually have a full function, and that's kind of the standard that we use in IoT to figure out if it's possible. Kovri is C++ entirely, and therefore surpasses the Java implementation in all possible

performance metrics. And it uses a boost library for compatibility. I'll go on that a little bit later. This, along with other features, makes Kovri much more suited for embedded systems and for other situations where performance is important. If, for example, in the future, if you're running a full node in, say, Monero, you're going to have resource constraints. So if you have a choice between a

Java I2P implementation and a C++ high performance process, you definitely want to take the high performance one. A bit about legality. Especially for business cases, this is very important. In the United States, no one has been arrested or sued for operating either a Tor Relay or an

I2P router. However, at the same time, importantly, illegal usage has been tracked and responded to on both networks, meaning it's not complete anarchy. There are ways of preventing people from causing damage and chaos in the network. Now, specifically, there's a problem with Tor exit relays. People have been interfered with, harassed, sued,

although not arrested. They've had their resources taken from them and declared contraband, even when the people were acting legally and in good faith. This has caused a lot of problems right now. And so there's actually a nice little caveat here. Kovri does not implement an exit relay right now. So because of that, there's actually less problems with

I2P implementations like Kovri. Just operating, I know it's perfectly legal in the United States, so go ahead. There's no way you're going to be harassed for that. Unfortunately, internationally, Tor is actually, I just found this recently, Tor is explicitly illegal in Turkey. In fact, all VPNs are. There's no information on I2P. I just

think they haven't actually implemented that law yet. This is a brand new law due to certain problems in that country. And also, China blocks all access to both I2P and Tor. They do that by take down notices to the websites that have IP addresses that they track it to. And they also have a quasi-legal

forbiddance of all forms of encryptions in certain areas. So business cases for use of either of these two protocols are going to be limited because one of the most important markets simply can't be involved in that at all. And so if a device was manufactured in China that would be to use some of these protocols, you're going to have some issues. So you're probably going to have to have some

non-Chinese based manufacturing processes develop something that's going to be using one of these two products for an IOT device. However, interestingly, both Tor and I2P are pretty much legal everywhere else in the world. So you will have options. There is

basically a brand new area, Wild West, where innovation is going to be dominant. So what are the business use cases that we now can possibly have in this innovative space? For the non-embedded implementations of I2P, like what we've seen so far, there's a couple of things we can do right off the bat. Composite services, which is a way of saying let's just take

what we already have and start using that. You can use a combination of different protocols, any desktop or mobile devices you have right now. You can just simply start using I2P, whether the Java or the C++ implementations. It's possible right now, in fact some companies do provide this service. EAP sites for file storage

and even some D2D device services, but really the EAP site for file services is something that has precedent. EAP sites are I2P's implementation for a hidden service. You simply can go to a website and browse that as long as you know the name, the base32 or the other directory name of that site. So it is possible to

provide a service where you can actually store things on the deep net. This is popular in I believe some academic locations actually have this as a service. You can save your data and access it anywhere you want to later. Also interestingly, this is integratable right into existing apps, which is something that can be valuable. Let's

say, let's say the Facebook corporation wanted to signify that it has deep commitment to the dignity of its customers and really wanted to have them have complete privacy. They said from this point forward our app will now communicate over the internet using Covry so that everything is encrypted, we won't know your IP address, we swear we won't violate any of your privacy. They're not

going to simply turn it on right now and do that. Which is nice because there are some customers who might have that business case where they like to signal to their customers that they really are tolerant so they can just use that right now. Direct EAP sites, other than for file storage. There really isn't much demand for that right

now because in most locations, especially in the United States, this white market transactions and everything that needs to be kept above board, most businesses are required to keep some form of user relevant information, either for KYC, some of the exchanges or just simply being able to collect receipts and

other things. So let's say you used some EAP site like Amazon or something like that, they'd still have to get your address. So a lot of the privacy information, it doesn't really make much sense for them if they're going to collect some important information from you to do that. However, if there were services available on EAP sites, it would signal very, you know, be very well

regarded by the privacy community and would really signal the services commitment to customer focus if they wanted to allow the customer to say we really want to make sure that you are comfortable using our services. We inherently are showing we don't want to know where your contact information is. Here you go, you can use this service. And that's also available immediately.

Interestingly, because this is so new, there's some brand new features that nobody's really thought of before, like device to device, direct communications. It's even possible in theory to have every particular device you have, one is a separate router. So you can have things like mesh networks and you can even do webs of trust where

you have known destinations sign a particular Base32 address to say, okay, I trust this particular service so you can actually communicate correctly across these locations. There's no offline mode. ITP simply doesn't support that. But I think probably overall the best

thing was kind of similar to what I was just saying, the support for ITP networks. Any customer right now has the ability to say we support Tor and we support ITP. Now, Covry doesn't have these exit nodes that Tor does. But in the context of Tor, there's simply a way that, or

if we do, if Covry does have access to exit nodes in the future, it would be very similar to the way Tor has those. Websites currently have the ability to monitor for the use of Tor and ITP. And many of them specifically decided to deny or restrict access to the

IP addresses, those exit boxes. Some major websites are even threatening to do this well after they had previously fully supported anonymous usage. But Covry has no way to prevent this. But the easiest form of support for the Covry project is for websites to announce a policy that they will not prejudice users

who choose to connect to Covry. While simple, this will signal their website owners trust and use of anonymizing technology and their commitment for fair access to all. And this is true especially for websites acting as an infrastructure, a free and open source software or in their communications. This can be an important declaration of support for users' rights.

I bring this up specifically because there was a major website where you would get things on a major hub and it was purchased by this large software corporation recently. And so there's been some threats to remove access for people using Tor exit nodes. Which is weird because that's probably the best case for people to communicate privately.

That's a big threat. And after that actually happened I decided to remove my support of that website because I simply didn't want to deal with people changing their minds when they previously made a lot of stink about saying we support everyone. So I think there is going to be a business case for that. That if you threaten to remove users a lot of people are going to revolt. On the embedded side,

instead of just simply supporting what we currently have, the embedded side is really interesting. This is fascinating to me. Hypothetically you can add new things for the device to device but that's kind of similar to the way that the current thing goes. But for me my focus is on IOT. And so I'd like to compare the services that we have with these. The IOT, the Internet of Things.

Well from a security perspective it's also known as IOS. Which is the Internet of Things. Yes, there's a lot of security problems. IOT was really fantastic in its original thought. It was a great way of connecting devices in an arbitrary, maybe even hostile

environment to connect from a known device produced by a particular designer. Have it connect to the services provided by the designer so you're actually purchasing a service, not a device. Most people who are very familiar with technology don't really like that much because it removes us as a factor. However, we're not most people here. Most people

they just want to have a service. They'd like to pay money and have something dedicated and work for them. And business cases can be well designed to satisfy that. But the people involved in designing these systems have to understand the threat that they provide by taking power away from their users. When you remove that power you remove the dignity of them to actually be satisfied. It requires you as a designer

to put a lot of faith in yourself and to understand the future and the threats that you're very modeled here providing for people will be satisfied. You're taking the privacy in your hands. It's your responsibility as a designer to make sure you actually have that power. You don't abuse it and you actually are responsible for that power.

So I'd like to go over a couple of these IOT protocols that are very popular nowadays and discuss some of the limitations of them and also introduce why embedded covery is going to be, I think, the best possible solution right now. So the first and most common protocol is known as HTTP or also RTSP and well just plain old fashioned FTP.

No not HTTPS, not FTPS. The most popular one is just HTTP. Most devices just send clear text communication right over the internet. I'm responsible for maintaining some of those and that's all I have to say about that. UPnP was actually a thought was actually putting encryption into that and allowing

dynamic port openings and just dynamic communications over the internet. They created a couple of protocols called Device Protection and Device Security Service. Unfortunately those have been shown to have severe security flaws right from the design. So for briefly that was thought to be a replacement for some of the other protocols but been pretty much completely abandoned. It's useful just for opening ports but not a whole lot else.

The most popular right now maybe even surpasses HTTP on new devices. TLS, the Transport Layer Security, which is a new version of SSL. This was designed with websites in mind. It works fantastic for human interaction systems when there's some human that makes a decision. Most users have been well trained to look

for that little logo in the upper left hand corner of their browser to let them know that the website they're going to is trustworthy, that there's some certificate authority that has said this website is who they say they are. A lot of phishing has been trying to get people to click on links they don't trust. So it's a lot of IT work to make sure people are trained. Don't do that.

That's great for websites where you have a human decision being made because ultimately if some user just doesn't understand and makes a mistake, they are the ones who pay. It's their responsibility. It's their decision. It's their initiative. When you're dealing with IoT devices the customer does not have that decision. You're making that decision for them. So if you're going to be making something, you've got to make sure you put everything, you know,

you design your protocol around something that doesn't allow user override. TLS is designed around certificate authorities. It's great because it allows designers to have their own internal certificate authority and usually they send out X.509 certificates

which are generally okay. Not the best, but they work. And there's even new extensions of TLS that make them more IoT compatible like TLS 1.3. It removes some of the work required and reduces some of the known attack vectors. And there's even things like certificate pinning that makes it very easy for IoT developers to simply go in and say, okay, here's this certificate,

trust it for your lifetime. There aren't a lot of problems with design though. Certificate pinning is vulnerable on the first use. In other words, if the device gets reset or flashed the first time somebody puts in a cert on, they have complete control over everything. And that's one of the major ways of, if you go over the IoT village, you see that pretty much the first thing anybody does on a device. And even worse, if a certificate authority is actually

compromised, every device is compromised too. It's the one control. Get password access to that, it's over. Hackers have everything. And even unfortunately, TLS assumes TCP communications. So you have to have full bidirectional access. There's no datagrams, no async, nothing. You've got to be connected online every time you use that.

And most people don't have Wi-Fi connected all the time, so they're going to have to walk around with devices that are disconnected for a very long period of time. Which of course means everything is running old firmware with known vulnerabilities and everything. So, meh. That just causes more nightmares.

The new TLS reduces a layer, but it still has three round duplex real-time communication. So you have to have something that's fast, dedicated, low latency on your connection. So it's really hard to use low speed communication layers, which is just more of a mess. Especially if you're downloading new firmware, which might be pretty big. You've got to have a fast one.

The problems with internal certificate authorities, they're actually pretty complicated. What's happening nowadays is that most IoT developers are actually buying outside vendors. They sell modules as a service. They're third party services, but they have the, this is interesting, they generally do not have the

predictability and flexibility that corporate clients prefer over costly, dedicated development programmer teams. And the nice thing about a module vendor is if they violate your security, you can sue them and blame them. Hey, it wasn't us. Look at these guys. Look at those guys over there. And that's been a lot. Most of the IoT leaks and

everything are actually people just saying, well, it wasn't our fault. It was our vendor, so you've got to blame them. Which is nice from a legal perspective, but not really from a customer perspective. And even then, the entire use of the third party decreases the trust model. As there are ever more third parties and the third party is buying more third parties, everybody has access to your data along that chain. Even if they promise they don't,

there's always some override where they can't get everything. Oh, if the certificate authority expires, which some of these actually do, I've seen them, they have expirations in them, then you've got brick devices. If the certificate authority is compromised or must be reset, then you have brick devices. Some of the protocols for

IoT are actually plain text by default, like MQTT, the most popular protocol. That's all plain text. There is no security built into that, so meh. A couple of examples that are going on right now, you probably have heard about these already. Amazon Web Services, they have an IoT branch that supports TLS in their own version of MQTT.

They're the first group that allows MQTT to have an encrypted communication right off the bat. And they even have these things called IAM roles where you can go in and say, I want this device to have this communication capacity. This is great and it's convenient, but it really requires you to be embedded with Amazon the entire way, from the device manufacturer all the way

through use. So if they ever change anything, you're always trusting Amazon's service. They have this just-in-time registration where you say, I want to take my old IoT device and start using it now. But you're still going through AWS. Oh, and there's a brand, well, not brand new, but it's a relatively newcomer called Datagram TLS, which doesn't use

TCP. It's lightweight and it's fast and everything, but it has a lot of known vulnerabilities. So if anybody has a DTLS device, go bring it over to the IoT Hacking Village and watch and cry. There's also this other one that I was following a while back called HPKP.

It's known as HTTP public key pinning, meaning that you can really guarantee that the device, once a firmware device is burned in, is guaranteed to connect to only the server. The problem is it's dead. Firefox killed it, so that's done. It doesn't exist anymore. A lot of people were developing on that and they just had to switch immediately. There is

this other protocol called SASL, the Simple Authentication and Security Layer, which is a really nice way of abstracting your LDAP or your security protocols. It's the basis of LDAP. So if you ever use LDAP, you use SASL right out of the box. It's really flexible, which is nice. Unfortunately, it has extremely

heavy restrictions on the communications allowed, so it's not useful for IoT. There is an implementation called XMPP, which has been the it girl of 2018. It has a couple of protocols called provisioning and discovery, which are very similar to the way I2P works.

It also uses globally unique addresses like the base32 address in I2P. It's modular, which is very nice for small devices. It actually runs in Cortex M0s. It has a very small memory footprint. It's also considered the coolest thing out right now, except

it still requires TLS and SASL. This is the weirdest thing. It actually was designed for text messages, so there's no such thing as binary data. You have to encode everything in base64 in MIME format to do anything, so if you have any binary data like your firmware,

you're going to add 25 or 33% off the bat by default, so you're just adding more and more data on there. There really is no compression to think of. So great in theory, but just not doing everything right. Also, there's some brand new communication. We actually just heard about that before. Things like CJDNS, Tink, Crust.

There's numerous other layers that are being added on. They're beginning work in creating a new super network above TCP as a way of encrypting communications. Many of these use classical patterns such as pseudonymous identification, which are known to have severe flaws that onion and garlic routing was specifically designed to address.

But on the security versus speed scale, these tend to have pretty good implementations on the speed side. For IoT devices that really want high speed, say a smart television, that wants to connect over unknown networks, this is actually a pretty good path to take because he wants speed more

than anything. But for, say, industrial control systems that have all the security problems, they're willing to sacrifice speed in order to gain more security. In general, the IoT devices that have security problems have latency built in, so they don't really need speed. But the newer systems,

CJDNS, really, it actually has a significant increase in performance over TLS. So that's something to look into if you're interested in that. Also, most of these projects are so new, they don't actually have any performance metrics. So I can't compare how fast they are compared to

TLS SRP, which is a way of making TLS much more IoT compatible, but it's still a work in progress right now. So there's no metrics, no anything. There's a lot of talk, the people who are really big into XMPP this year are now talking about TLS SRP because it's just kind of really cool. It's, I think, the best competitor to Covry in the embedded IoT sphere

over the next couple of years. All right, now those are all the protocols that nobody is probably ever going to use ever again or hear about either after this. So let's go talk about Tor, the onion router. Performance wise, well, you know about the onion protocol, how it wraps everything up like a Marsh Covid doll, and how that differs from Covry and

ITP. Performance metrics. Tor, by default, runs on Linux at about 512 megs minimum, which is a pretty huge impact. It's pretty significant. Now, there are implementations that can be brought down to very small, through very small amounts. Like there is, for TP-Link routers in OpenWRPT,

you actually only need about 64 megs of RAM for running a full Tor router, which is impressive, but still that's a lot more than, say, smaller devices like a core M series can run. Tor has this new system that was created just recently called the Authenticated Hidden Service, or onion

authorization. There was a demo that was released about two years ago, when the original thought was that they could actually implement this. It was about home security, so you can have all of your cameras, all of your baby monitoring systems hooked up through Tor automatically, so that you couldn't have some of the problems like weirdos on the internet breaking into your baby

monitoring systems, things like that. So, it actually works fairly well. You're able to get a cookie password and log in and be able to access these devices right through Tor, as though you're communicating over the open internet. There's no way to probe for services from the outside unless you have a cookie.

And the API is called Hidden Service Authentication Client. Current implementations are based on what's called the basic mode, which is very limited. There's only 16 devices internally. There's another protocol called Stealth Mode, which is very difficult to work with and impossible to scale. Also, cookies have 128-bit security, or bit encryption,

which is nice, but a little bit less than you expect nowadays. Generally, Authenticated Hidden Services are a good idea, but they don't really have what IoT needs, especially in the memory aspect, which finally brings us down to Embedded Covary, and something I'm really excited for.

On an OpenWrt router, this has about 21.4 megabyte memory profile, which is just good enough for some very small devices. Maybe not the Cortex M-series, but definitely the A-series and anything really small, anything slightly bigger than the M-series.

Again, I'm probably lying right now, but I think this is kind of interesting. Covary ITP has a lot of flexibility in that, let's say you want a certificate authority with an X.509 certificate, you can throw that in as your destination encryption. Want a completely separate protocol? Go ahead, throw that in too. Add 255.19, use that, use whatever you want.

Anything works. It's scalable, and this is interesting. Let's say you have your destination server hooked up with one port that's receiving multiple destinations. You do a receive on a port. You can tell how many, or not only have multiple destinations dedicated to a particular port on your box. You can also have, let's say, once you do a receive, you can tell which destination it came from.

So you can tell exactly which client was requesting which destination at a given time. And since you can create any arbitrary number of destinations at a time, you can just scale up to whatever you want to. How many ports are allowed in a computer? 65K. How many destinations are allowed for a port? I don't know, 65K, so you can have, what, 4 billion destinations on one

simple box? So you can support 4 billion separate devices connecting to you, or 4 billion separate services. That's pretty good scale as far as I'm concerned. Nothing else even comes close to that. Oh, interesting this too. Basically you can have your completely automated

anti-DOS attack. Let's say you have X devices and you, a thousand devices, and you have 100 destinations that you make up. Just separate numbers that you connect to for the same thing. So you have 10 devices per destination. You get a DOS attack in one of those destinations because somebody just doesn't like you and decides to do some distributed DOS and spam you with a bunch of stuff. So you can decide to just take down that one destination off your router. Gone. All those go to dev null.

All that spam just disappears entirely. All the other customers work and those 10 customers that were hard bound to that one particular destination, well they'll be offline temporarily. You can bring them back whenever. So that's an automatic anti-DOS without having to shift servers or anything. Just turn off the destination in your router, you're done. Other ideas you can go with. Let's say every version has a

separate destination. Well in the old destinations, instead of responding with anything, just say here's your upgrade. Just upgrade your firmware. Done. So no matter how old it is, it just automatically gets upgraded every time. And they get a new destination every time. Or you can even bring it as far as like one destination

per customer device. So you know exactly which device itself is coming. You don't need a serial number. You just see the request coming in and you're good. All destinations can be, well they can be hidden for the use cases. Somebody can tell whether they exist by the route actually getting through but you can't tell what they're used for. This is really cool because this allows for a lot of

new ideas that nobody's had before. Like, Covry's not just the best IoT communications protocol I've ever seen. But it's actually, it actually allows entirely new methods of communication. It's possible now to prove your device is security. You can actually prove your device is secure. You no longer have to say trust me.

In the case of say like a hardware manufacturer, we already have a lot of situations where you have secure elements built in. Let's say your secure element generates a destination keys. So therefore only a secure element has a private key. Then you can publish a base64 public key version of that and have that as your destination point. Release your secure element

source code as open source. Have that publish its own hash. You have a way of now proving no one can possibly get access to your IoT device's private key. Even the people who designed it. This allows for really cool things because it's very similar to the way hardware wallets work. How about a hardware wallet that actually sends out

its own transactions. Just sends them out. You don't need to connect to your device. Just go. Sends it out to whatever it can connect to. Eventually it connects through a router and sends. In Monero, in pretty much all blockchains, all transactions are idempotent. I mean you can just keep sending the same transaction over and over and over and get there eventually. Just wait for your customer to let you know whether or not it happened or you can have something else monitoring the blockchains to see

whether or not that particular transaction went through. But you don't need, you actually don't need any way of connecting your hardware device. It actually keeps it open. Of course it will have to, you have to get through places to update it with the current blockchains so that you know it's actually done. But maybe Cobra can get through that too. But yeah, that's a great way of actually sending device to device, hardware identified

transactions. Or just anonymous device to device communications. Like a human communication mesh. Where you can have people send messages or transactions to each other without connecting to the internet at all. Simply have each device acting as a router. Where everybody should be getting communications to each other or even just have it automatic, over the air updates. As you walk between different locations

you can have everything communicate. You'll never know where the information came from, only that it got to wherever it needed to get to. Also D2ALG meaning you can have like a cloud based system using that very same thing. Have a device that's disconnected and simply sends data up to the cloud. How about a Fitbit device? I can't update my Fitbit unless I have a device that's

communicating to the internet. Why not just have it asynchronously update everything through a Cobra router and have that eventually get updated? Then it can get sent there. So you don't need to have a constant web access for your IoT devices. It simply gets updated automatically whenever it needs to. There's a lot more

innovative ideas that can happen now. Because this is just fun. All the rules that could eventually were in place are now broken. You can do so much more that there's really a lot of things that can happen that I don't know about. This is really a joy because IoT has usually been a problem recently. It's been getting bad press. There's a lot of things you can't do to maintain security. This breaks a lot of

those rules. You can now go and do things that you always wanted to do without any security models. So yeah, this is a pleasure. Oh, and I'd like to go over building the Covery as embedded. We do have an embedded system. That's to be determined. I have a little bit of problems with that. But that should be out very soon.

So yes, I really think Covery is the best IoT protocol ever invented. And it gets back to where it always was supposed to be. Alright, thank you Sean. Did we have any questions for Sean here at the end about anything

that he's talked about? No. Oh, oh, we got one in the back. Okay, hold on. I'm gonna be on my way there. You know how much work you can do in Vegas? Okay, my legs hurt. Let's go.

Hi, thanks for your talk Sean. I was wondering if you had any experience or any luck getting it to run on any other embedded ARM devices even though the Android build is still has some kinks to work out. The numbers that I had on there was it was actually about I think it was like 30

megs in total. So that wasn't that bad. But I didn't do a full test on actually committing, getting a lot of connections to the internet. I just ran some simple tests like unit tests. But once that's available

I'd be able to publish all the information on that. Plus there's probably some other embedded links I could just remove. There's probably extra resources. So it's gonna be smaller than that once I get that running. If it gets down to like maybe 12 megs or less that's available on even like the smallest Cortex M devices. So that'd be really nice.

If there is some research into minimal implementation that would be really worth the effort because that will make pretty much any device, any IoT device available plug and play right into this.

Shrinking the binary is nice but also just the general use of memory. Less memory use is possible but better. There's certain things you could do to say optimize the memory access, keep everything to a really

low profile. Some of the IoT devices have very small memory like 4 megs still. You still have SOCs or at least it's just 4 megs in them. Those are specialty items. You usually can have a lot more than that. But less is more as an animal said. Thanks. What do you think are going to be the major roadblocks in people adopting

Covry for these sorts of applications that you're talking about on a large scale? The major roadblock against implementation right now is the lack of any history. Nobody's done this before. And especially when it comes to legality. Some people just automatically assume anything to deal

with Tor or ITP is automatically just for those hacker guys. And they do, yeah, the scary implementation or the scary suggestions. If there is a successful implementation that works in a really tough situation, something that gains attention, that could be very valuable. And so one of the things I want to do is actually implement this in a

new direction, in a new project that could bring about a lot of attention and let people know. Some of the major questions so far are always about, well, if Monero is the only system that actually uses Covry, then won't everybody be able to tell that everything that's going on in Covry is Monero only? Won't they tell that you're a person who's involved in mining or sending transactions

because you use Covry? So if there is some other application out there that uses something else, you at least begin to have what's called the plausible deniability issue, where you can say, well, I could be doing this other thing. I could be birdwatching and sending pictures of cats on the internet back and forth or something like that. So until we have a good environment where we have multiple use

cases, that attitude is still going to be there. This is basically the same thing that the internet was back in the mid 90s. Everybody thought it was for those weirdo hackers. They're the ones who send text messages back and forth. Real people always use fax machines or something. So once that attitude is broken, just simply due to precedent, then this will be more stable.

IoT devices tend to be more conservative, which is why the security model threats have been really racking everybody together. Generally the same, the HTTP model has been around for basically 20 years. That's finally broken now that you're using at least TLS. But simple clear text transactions have existed for a very long time. And it's only this constant push to say, hey, you've got to be responsible for your actions that have lifted people in the IoT world out from

using that to putting encryption in there. So there has to be precedent and really there has to be push too. This as far as I'm concerned is a business model. You can signal to people the fact that you are providing trusted computing. You are signaling to everyone that, hey, I don't know who you are and we have a contract. We're going to make sure that I don't have the information and that's part of the

business process I provide for you. It might cost you more money as a service to get what I'm offering, but I can guarantee you that you are not the product. You are the customer. I'm not going to resell your information out to third parties and target advertising to you.

All right. Thank you, Ananomal and Sean for your presentation on Covering. It's something that the whole Monero community is talking about and excited about. Alpha release just came out and hopefully will be integrated into the Monero test net before the end of the year.

Just the test net. Just the test net. Thank you so much.