Magenc is a prototype for one component of Spritely’s vision for a secure, decentralized social web. Specifically, it demonstrates the concepts behind a distributed, encrypted, content-addressed data store. While Magenc is immutable, its sister project Crystal adds mutability. This repository started as a Guile port of the original, but has grown somewhat.
To learn more about Magenc and how it works, check out the original write-up. Some differences between that version and this one are discussed below.
Note that neither the original implementation nor this Guile port have been audited for cryptographic security. Though we believe it should be secure within its intended use domain, we do not recommend it for security-critical applications.
The easiest way to build Magenc is to use Guix, either to build the package
directly with guix build -f guix.scm or to enter a development environment
such as by guix shell -Df guix.scm. Guix can also install the package with
guix install -f guix.scm [-p /path/to/guix/profile].
Without Guix, there are a few runtime dependencies:
You’ll also need a few build dependencies:
The manual build process is quite simple:
make # and optionally make check make install
If you install Magenc, there should be a magenc executable on your PATH;
otherwise, it will be in the root of the build repository.
Magenc has three commands: magenc serve, magenc put, and magenc get.
This command allows you to run a server to store data. Its first, optional
argument is the URL of the server it should create; this is used to get the
appropriate port and address for the Guile web server. If this is not provided,
it defaults to http://localhost:8118.
After the optional URL argument, magenc serve accepts two options: -t or
--type, whose argument is the name of one of the backends (either memory or
bloblin, defaulting to memory); and -p or --path which should be a path
for the bloblin backend. The memory backend does not support a path argument.
All together, using standard manpage syntax, that looks like: magenc serve
[SERVER-URL] [-t|--type=BACKEND-TYPE] [-p|--path=BACKEND-PATH].
magenc serve prints the URL where it is listening then enters a waiting state.
This command sends a file to a Magenc server. Its first argument must be the
name of the file to send, and its optional second argument is the URL of the
Magenc server. If no URL is provided, it defaults to http://localhost:8118.
After these arguments, magenc put accepts one option: -c or --convergent,
which ensures the same file will produce the same magnet URL each time it is
sent to a Magenc server.
All together, that looks like magenc put FILENAME [SERVER-URL]
[-c|--convergent].
magenc put prints the magnet URL where the uploaded file can be found.
Remember that this is a capability and therefore should be kept secret; anyone
with this magnet URL can download the file.
This command retrieves a file from a Magenc server. Its first argument must be
the magnet URL identifying the file, and its optional second argument is the URL
of the Magenc server. If no URL is provided, it defaults to
https://localhost:8118.
After these arguments, magenc get accepts one option: -o or --output,
whose argument is the name of the file to which data is written. If this option
is not provided, magenc get writes the data to standard output.
All together, that looks like magenc get MAGNET-URL [SERVER-URL]
[-o|--output=FILENAME].
magenc get either prints the retrieved data or, if given an output filename,
prints nothing.
Both magenc get and magenc put support another argument, -v or
--verbose. This simply reports the exact topic for each chunk processed.
Finally, the standard --help and --version options are also supported.
Unlike the original version of Magenc, the Guile version of Magenc does not use AES-CTR for its encryption; instead, it uses AES-GCM. This is primarily to allow a potential future web port using Hoot, but it also means encrypted data is authenticated.
Instead of supporting a persistent sqlite backend, this version uses bloblin.
The commandline interface is somewhat different, using a single command,
magenc, with subcommands, rather than providing multiple commands.
Magenc is licensed under Apache v2.