Hacker News new | comments | ask | show | jobs | submit login
The Tox project (tox.chat)
226 points by aoxomoxoa 6 months ago | hide | past | web | favorite | 62 comments

I believe this started as an off-shoot of some discussion on 4chan's /g/ board numerous years ago. I mention this because while it is a really cool project, it's definitely hobbyists working on it, and hobbyists working on security software should definitely give some pause.

Personally, I hope it succeeds in the longer term. We need good, decentralized protocols and software. Decentralization comes with its own costs, and it may never overtake the centralized web. But, protocols like Bittorrent have proven to be super powerful even with their flaws and limitations. To me, it is a no brainer that we need end-to-end encrypted chat, and it would be ideal if it could be peer-to-peer.

It's amazing the project has gotten this far. I honestly thought this post was going to be announcing the end of Tox.

The project started with a ton of momentum but never really got picked up in the mainstream. Iirc the founder and most of the core code came from one guy.

Not to mention there has been a ton of internal drama: iirc one of the devs stole a bunch of tox donation money to pay off part of his tuition. Then there was a split in the devs and one of the devs stole all the credentials for the website and they switched? Then there was the accusations that some of the devs where child molesters and where doxed.

They also his a brick wall at one point on mobile due to the protocol being very heavy on battery usage so for a while it was only realistic to use on the desktop.

I wish the project nothing but the best and hope they succeed, but I feel like they have reached a point where they have lost interest. I hope I'm wrong.

The last couple years have been spent making things right. Documenting the protocol, fixing ugliness in toktok (fork of libtox that's effectively replaced it) and such menial but important work.

Now it isn't a hacked together piece of shit anymore, but proper. As a result, it works reliably. The user experience is very good.

I am not expert on the matter, but AFAIK building peer-to-peer protocols with good mobile support seems to be pretty demanding.


Definitely made by some memesters

Sorry that was my fault, while I was making the website and asked some people with working phones to take screenshots I got bullied out of the devs channel and wasn't around to tell them not to screw it up

no problem, I'm always in the mood for shrek memes

I really think tox is a cool idea, and I've used it quite a bit, but I think it's important to temper security expectations. I can't find a link, but I remember the results of the security audit done in the project to be frankly disastrous.

You may be thinking of this thread:


I couldn't find any evidence of an audit.

There is an actively developed Rust implementation of the core library here:


Of course, any flaw in the specification (for example with respect to key exchange) will still apply if they've faithfully implemented it.

And they somehow actively push adoption in narrow circles. I often see “why xyz if you have tox” in local forums, from people who are otherwise professional in their areas, but believe in tox almost blindly. It also doesn’t implement any sort of push notifications for phones, rendered useless for battery-saving modes and vaguely competitioning xmpp-otr.

https://github.com/irungentoo/toxcore/issues/1398 - discussion on homepage claims

https://news.ycombinator.com/item?id=12657891 - past

From the TokTok site (which is linked to from Tox):

"Neither the Tox protocol nor the implementation have undergone peer review, and its exact security properties and network behaviour are not well-understood, yet. We are actively working on improving that situation. Until said peer review, Tox is not recommended for use cases that require proven, high-assurance security."


They use good primitives, but are under some kind of assumption that this makes them invincible. I remember reading a rather serious bug report that was more or less closed with a link to libsodium/nacl.

Tox might be one of the most underrated projects out there.

Launch a client (qtox suggested), add a few friends by copying their tox address (=pubkey) and start talking. It just works, is completely decentralised, and the only way to talk is end-to-end encryption with forward secrecy.

It literally solved the IM problem for most use cases.

it's not great for mobile, which is by far the main use case these days. a huge battery drain unless something major has changed since the last time i checked in on it.

Well, decentralized makes the whole push thing nontrivial.

Not that I understand IM on mobile. I'd rather use email.

The decentralization aspect is not the problem. XMPP for example is also decentralized but has quite good mobile support. The problem with tox seems to be that it is peer-to-peer. So the servers are missing which could buffer all those events for the clients.

>The decentralization aspect is not the problem. XMPP for example is also decentralized but has quite good mobile support.

XMPP is federated. Having servers make things easier.

Tox is full p2p, there's no servers.

Is that not more a difference between distributed and decentralized then, such as git is a distributed system even though it needs a central server in most use cases.

Here is my shot at defining various terms in this context:

- Centralized: Centralized networks have one central point which controls the network. That doesn't have to be a single server sometimes it is just that there is just one company controlling the network (e.g. WhatsApp).

- Decentralized: Is the opposite of 'centralized' meaning there is more than one central point. So all following types are 'decentralized'.

- Distributed: In general terms, it means that the network is (more or less evenly) distributed upon all participants. All participants have the same role and responsibility. There are various kinds of distributed networks. Git for example stores a full copy of all information in every node. Distributed Hash Tables use a different approach where every node is responsible for one explicit part of the information to store.

- Peer-to-peer (p2p): Is one form of a distributed network, which works (in general) without servers. So all the participants connect directly to each another (Tox).

- Federated: Is sometimes called a 'distributed network of centralized networks'. Two popular examples are e-mail and XMPP. All participant use their own centralized server, but that server cooperates with other servers to transfer messages across the network. Sometimes their implementations make a distinction between client-to-server and server-to-server protocols.

In general, the more centralized a network is, the easier it is to control. This can be good when it comes to spam, but also bad when it comes to censorship.

Federated is like email. There's foo.com and a bar.org email servers, users at foo.com can talk with users at bar.org just fine. XMPP works that way.

Distributed means there seriously aren't any servers. Addresses in tox are just public keys, and they're in a global namespace. The network is a distributed hash table formed by peers (the "clients"). There's no central point of failure.

There is nothing against you taking toxcore and adding a push wrapper+app UI to it. Seems like you could make at least the app side of it non-free, if you'd wish to do so.

yeah, i don't disagree, i realize it's difficult to engineer around. but it's a pretty big mark against it in terms of wide adoption.

> add a few friends by copying their tox address

that's the hardest part to achieve! My friends are always on whatsapp or some other convenient chat app.

Tox has received a lot of criticism for originally implementing non-standard encryption and being difficult to use. Although claimed by developers to be easy to use for anyone, Tox suffers from overengineering. Clients have many layers of abstraction copied from Skype which makes it difficult to audit and to submit pull requests. Overall, however, clients have a very good ease of use and look aesthetically pleasing.

What are other viable peer-to-peer encrypted communication tools? Is Tox the only alive project in this space?

There is ring: https://ring.cx/ (and I have no idea of its quality/status/etc)

matrix.org is federated rather than p2p, but it's e2e implementation has some very nice features (group chat, multiple devices, forward secrecy, etc.).

Two very cool projects coming up are Briar and Cwtch. Both are P2P, E2E, and metadata-resistant over tor

Briar already has a stable release but I consider it not very viable for most communications because it doesn't yet have the ability to remotely add contacts (you need to scan the peer's QR code from their phone). But they're working on implementing that.

Cwtch isn't out yet, but it is going to implement many of the same features as Briar, with the added perks of having desktop and mobile clients with syncing between the two. It accomplishes this through an untrusted federation of Cwtch servers running over tor to store offline content (when a peer is down) and group chats.

As someone else mentioned Matrix is also a thing. It's not P2P and E2E is still in beta, but it also accomplishes different things compared to Tox et. al. like federating different chat protocols like IRC.

https://ricochet.im/ - uses Tor hidden services for extra security.

Seems not especially maintained: "The latest version is 1.1.4 (November 5, 2016)."

May still be functioning well; did not try it.

Right it still functions correctly.

There are more recent commits on master they just haven't release in a while.

I think they are waiting for the Tor team to provide an API for v3 hidden services before resuming work on the project.

there's also work being done on a golang implementation, as well as integration with tails (tor-over-tor is unideal so this requires some effort)

There are a large number of them, but most are sadly either abandonware or vaporware. The closest thing I feel we have right now is really matrix.org. User identities are federated unfortunately, but this makes things that are going to be a problem on any fully decentralized system, like mobile push notifications, simpler.

Retroshare (http://retroshare.net/)

Patchwork / Secure Scuttlebutt are worth looking at

Briar seems interesting (https://briarproject.org)

If you don't mind proprietary solutions, Firechat [1] is one of them. It allows chatting over a mesh network using WiFi or Bluetooth even with no Internet connection.

[1]: https://www.opengarden.com/firechat.html

Conversations.im is what i have found to work best.

Wanted to try it as a text only chat client before granting any media permissions, but it refuses to run that way.

The android versions are notoriously badly implemented/written.

The command line client toxic seems to work even when unable to write to the filesystem at all.

Solution: comment the part out where it got stuck, and sideload.

I would call that a work around, not a solution. For a project that cries about privacy, the fact that all the implementations are so .. anti privacy like that is pretty bad.

I've noticed that too for the Antox Android client. It's a definite red flag. The TRIfA Android client doesn't have that problem though.

I'm pretty sure the Android client is 3rd party. I suggest toxic on a bouncer, accessed via mosh for better usage. If you handle it right, you can get push via the terminal receiving the bell character and reacting accordingly.

Project’s name conflicts with https://github.com/tox-dev/tox

A lot of projects’ names conflict. That’s not an issue if they’re not in the same space, which is the case here: a CLI tests tool vs. a messaging application.

Python tox first released was in 2010. Tox project started in 2013. I hope in the future authors of open source projects would do some Googling before deciding on name. The reason is people really get confused which one.

Imagine this situation. Instead of tox, someone decided to named the tox project "Python". Tox is very famous in the Python community. This shows how unfortunate people doesn't care about naming.

Specially since is so easy to make it unique enough, like calling it toxx or toxprotocol.

I only need a couple tests to check if my python is still alive. no need for any fancy tooling

Have you ever shipped a python? It is best to isolate it and its dependencies otherwise unexpected things happen.

True, being not in the same namespace resolves the confusion. But a decent chunk of people on this forum might end up using both (assuming the chat application takes off). If it's humanly possible, avoid name collision.

I'll stop belabouring the point.

Not sure why you are being down-voted for stating something reasonable. Probably because you didn't add something "substantive". Sigh.

EDIT: I’m mistaken and should take my own advice :)

Doesn't look like the same project. One is the project used for doing testing in Python. The other is a messaging program.

Oops indeed you are right! I was mistaken on the GitHub organization names for a second.

Doesn't matter. Naming conflict is the worst thing could happen in open source/foss world.

Only so many words you can use. It’s bound to happen eventually.

Right, but at least does some Google and ack this is not tox.ini. That's what I would do in FAQ.

side note, I was involved with development of tox for quite some time, and made the website that is being linked to here

avoid tox its full of bugs

Does uTox use the core library or reimplement the protocols? Because the core is GPL and uTox is supposedly MIT, but that can't be if they used the core library.

How did they manage to do video chat? What is the underlying library or algorithm or did they somehow come up with a novel video chat system that performs? Did they use WebRTC or something?

Err, it can, but the binary will no longer be MIT. The video and voice chat is kinda like webRTC, but over the custom data channel.

Why not run say XMPP over tor?

try toxic

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact