You are here

libbrandt GSoC kickoff


I was accepted for a Google Summer of Code project and will be developing an auctioning library. During the community bonding period I have so far read four papers relevant to the topic, choosen a few algorithms with slightly different properties which I want to implement and reconstructed one of them within the pari/gp CLI (see attachment). I also started with a first draft of the library interface which will be published in a git repository shortly.

I also made some decisions with my mentor, Christian Grothoff regarding implementation details and project goals:

  • The library will be called libbrandt in honor of Felix Brandt who developed the algorithms that will be used.
  • We want to support first price and (M+1)st price auctions.
  • The outcome of the auction can either be private (only revealed to the seller and winners) or public, choosen by the seller at auction creation time.
  • Selling multiple instances of the same item to the same agent will not be supported as the buyer can just place an arbitrary amount of bids by creating sibling agents.
  • Tie breaking is planned to favor the agent who registered first for an auction giving a motivation to potential buyers to sign up early.
  • Currency and actual price mapping is left to the library user.
Read more Tuesday, May 17, 2016 - 22:07 Markus Teich

32c3 YBTI videos now online

Bernd Paysan recorded the YBTI sessions of 32c3 with talks on Taler, SecuShare, Axolotl, net2o, I2P and GNUnet's Byzantine Set Consensus. You can now watch the videos here.

Read more Tuesday, April 5, 2016 - 22:47 Christian Grothoff

OpenSSH-7.1p2 fixes client vulnerability which can leak your private keys

The new openssh-7.1p2 release fixes a vulnerability in openssh clients from versions 5.4 to 7.1 which lets a malicious server to read private keys from the clients memory. For more information and mitigation see,

Be safe out there!

Read more Friday, January 15, 2016 - 17:04 Sree Harsha Totakura

GNUnet e.V. Assembly 2015

The annual GNUnet e.V. assembly is upon us. We'll meet on December 29th at 20:30 in Hall F at 32c3 in Hamburg. Below is the agenda.

  • Financial report (Florian Dold)
  • Election of the Vorstand
  • Discussion of the proposal from the p≡p Foundation

The p≡p foundation would like us to enter into an agreement. Their initial draft proposal (nothing final) is below (in DE and EN). Matthias and Christian can give some background on their motivations at the meeting. The goal of the discussion will be to get some feedback from the members and a mandate for the Vorstand in terms of the direction for how to proceed.

German Edition

GnuNet e.V. und p≡p foundation beschliessen eine

  1. Sowohl GnuNet e.V. als auch p≡p foundation wollen zukünftig die
    Software GnuNet weiter entwickeln. Dazu beschliessen die beiden
    Parteien, dass hiermit p≡p foundation ebenfalls Eigentum an der
    Software GnuNet haben wird. GnuNet e.V. gibt dabei sein Eigentum
    nicht auf, sondern zukünftig werden beide Entitäten jeweils im
    urheberrechtlichen Sinne volles Eigentum an jeweils einer Kopie der
    Software GnuNet halten. Dazu überträgt GnuNet e.V. das Eigentum an
    einer Kopie der Software GnuNet an p≡p foundation.
  2. p≡p foundation garantiert, dass sie die Software GnuNet und alle
    Ableitungen und Weiterentwicklungen davon unter der Gnu General
    Public License 3.0 veröffentlichen wird.
  3. GnuNet e.V. und p≡p foundation vereinbaren jetzt bereits, dass das
    Eigentum an allen Weiterentwicklungen der Software GnuNet wiederum in
    Kopie an die jeweilige andere Partei übertragen wird. Dabei gilt
    diese Übertragung jeweils als vollzogen, sobald eine der beiden
    Parteien eine Weiterentwicklung der Software veröffentlicht.
  4. GnuNet e.V. und p≡p foundation planen, die beiden Kopien konsistent
    zu halten (kein sogenannter “Fork”). Dazu vereinbaren die beiden
    Parteien eine Zusammenarbeit in der Softwareentwicklung, sowie
    Zusammenarbeit in Forschungsfragen zum Themenbereich sichere und
    private verteilte Systeme. Näheres regeln Einzelvereinbarungen zu
    diesen Themen.

English edition

GnuNet e.V. and p≡p foundation are agreeing on a development

  1. Both GnuNet e.V. and p≡p foundation are aiming to develop the
    software program GnuNet together. Therefore, the two parties agree on
    p≡p foundation gaining ownership on the software program GnuNet, too.
    GnuNet e.V. does not give up its ownership, though. Instead, in the
    future both entities will have a mirrored ownership on a copy of the
    software program GnuNet, respectively. Hence GnuNet e.V. is
    transferring full ownership of a copy of the software program GnuNet
    to p≡p foundation.
  2. p≡p foundation is assuring to publish the software program GnuNet and
    all deductions and further development of it unter Gnu General Public
    License 3.0.
  3. GnuNet e.V. and p≡p foundation have agreed already, that the legal
    property of all future deductions of the software program GnuNet will
    be transferred to the other party, respectively. Such transfer will
    be completed by publishing a derivation.
  4. GnuNet e.V. and p≡p foundation are aiming to keep the two copies
    consistent (no “fork”). Therefore, the two parties are agreeing on
    further common development as well as further cooperation in research
    on privacy and security with distributed systems. Details on these
    further working together will be elaborated in individual
    arrangement, respectively.
Read more Wednesday, December 23, 2015 - 10:56 Christian Grothoff

YBTI @ 32c3

The "YBTI/We Fix the Net" assembly" is to be the perfect place at 32c3 for all hackers to do something about replacing today's broken Internet with secure alternatives. We hope to have some talks and panels like in previous years. Details will be posted here closer to the congress, for now, please contact us at if you are interested to present your work or organize something practical. Topics include:

  • solutions against the deep state
  • mass surveilance and doing something against it
  • ethical computer security research

Even if we in the end cannot assign you a slot, please feel free to join us for a chat, for a coding session, or general exchange of ideas.


We are posing the schedule in the 32c3 wiki at Basically, we'll be most of December 29th in Hall F. If you are interested in participating, please contact us, we have room in the schedule for more!

Read more Sunday, December 6, 2015 - 09:12 Christian Grothoff

Video: Reproducible Software Deployment with GNU Guix

Ludovic Courtès presented his vision for future secure operating system distributions using GNU Guix today, including a surprising number of GNUnet references.


“It used to work perfectly, then I upgraded something, and somehow...”. Sounds like a déjà vu? Sometimes feel like software deployment is unpredictable? You think reproducible research demands reproducible software deployment? Ever wondered if you can trust your compiler or the integrity of those binary packages you have downloaded?

This talk introduces GNU Guix, a package manager that implements the functional package management paradigm pioneered by Nix to address these issues. Guix supports transactional upgrades and rollbacks, as well as support for multiple software profiles. In this talk, I will introduce functional package management and demonstrate Guix on practical use cases. I will discuss the implications on (bit-)reproducible packages and environments, and how this can lead to verifiable binaries. Lastly, we will see how this extends to whole-system deployments with GuixSD, the Guix System Distribution.

About the Speaker

Ludovic is a research engineer in the Development and experimentation department at Inria Bordeaux Sud-Ouest. Aside from his duties at Inria, he is co-maintainer of GNU Guile, an implementation of the Scheme functional programming language, and the maintainer of GNU Guix.


Creative Commons License
"Reproducible Software Deployment with GNU Guix" by Ludovic Courtès, produced by Inria is licensed under a Creative Commons Attribution-NoDerivs 3.0 Unported License.

The talk was organized by Equipe Décentralisé and recorded by Alain Crenn at Inria Rennes. Thanks to everyone who helped!

Read more Monday, November 9, 2015 - 18:01 Christian Grothoff

IETF getting cold feet about P2P Names?

With broad support from the P2P community, we have been trying for a while to follow RFC 6761 to register special use domain names for ".bit", ".exit", ".gnu", ".i2p", ".onion" and ".zkey" to reduce the likelihood of ICANN accidentally creating a conflicting gTLD assignment.

There are a number of attendees at IETF that appreciate that DNS is not the only name resolution protocol on the Internet, and that the IETF/ICANN might thus want to have a process to accommodate alternatives. However, there are also a number of DNS-centric people with a totally lack of alacrity in the dnsop WG to continue to stall the process by repeating arguments that were exchanged dozens of times in hundreds of e-mails, for example on the dnsop mailinglist.

The result of two years of discussions and a dozen revisions of the draft(s) at IETF 93: The IAB Chair Andrew Sullivan, who works for the DNS Service provider, says the IETF should not support special use domain names threatening the DNS business model, as it might otherwise become the target of lawsuits of organizations trying to protect their business model. He clarified saying that ".i2p" and ".onion" might be OK, because they are limited in scope (similar to ".local") and thus do not compete with DNS. Finally, he said that were it not for the political/legal issues, he would support IETF documenting the (other) special-use domain names. So if (some of) the drafts do not turn into RFCs, you now know why: some at the IETF have cold feet.

Admittedly, RFC 6761 might not be perfect -- it describes what an RFC reserving special use domain names should contain, but not what standard the IETF should apply to approving it. Furthermore, the approval process itself is, well, underspecified. That said, with the process taking typically several years already, the real problem is that many things (like Microsoft's will just continue to be deployed without documentation.

The future process for the other P2P names will demonstrate to which extent the IETF is able to abide by its mission and serve its users at large, even when this might fly in the face of some corporate interests. The fact that the IAB chair says that he does not think the IETF currently has the stomach to approve an informational draft highlights how toxic the process currently is.

After the session, one of the WG chairs told me that they would "now" --- after this discussion and after splitting the one original draft into five --- begin the "technical review". So the drafts will remain in purgatory for now. I was also told that I should bring this up with ICANN instead...

A report about the meeting in German can be found at Heise. A summary of the discussion by dnsop is posted in the IETF data tracker.

Read more Monday, July 20, 2015 - 16:26 Christian Grothoff

6th Dev Mumble - April 27th, 9pm CEST @

Hi devs,

On the 27th we get to officially announce the results from the GSoC application process to the students, so we should probably use this opportunity to also have a first discussion with those that have been selected. So, let's have the 6th develper Mumble on Monday, April 27th, 9pm CEST, as usual using the Mumble server on Agenda items include:

  • GSoC announcements and planning
  • GNUnet 0.10.2 release: To CADET or not to CADET?

I hope all GSoC applicants, mentors and Bart can make it, naturally everybody is welcome to join.

Read more Thursday, April 23, 2015 - 17:22 Christian Grothoff


Subscribe to Front page feed