Go to file
cryptogospod 13cca6716d
Update IRC info
2021-09-18 00:02:57 +02:00
.circleci style: Run restyled on Travis and Circle CI scripts. 2020-05-08 01:31:24 +01:00
.github chore: Delete release-drafter config in favour of global one. 2020-05-05 01:07:59 +01:00
.travis style: Run restyled on Travis and Circle CI scripts. 2020-05-08 01:31:24 +01:00
auto_tests Fix tests involving reading/writing files failing on Windows 2020-11-21 13:02:31 +01:00
build Avoid implementations in .h files or #including .c files. 2018-07-21 20:44:26 +00:00
cmake Add support for the conan C/C++ package manager 2020-05-29 15:36:26 +02:00
docs Implement conferences saving 2018-11-29 21:52:23 +01:00
m4 Build system now automatically enables epoll support in TCP server 2014-07-17 20:44:49 -04:00
other Update deps used in Windows build scripts 2021-02-25 13:59:18 +03:00
super_donators Use rules_cc instead of native cc_library rules. 2020-03-12 12:20:54 +00:00
testing Add a check that we don't have any unused functions. 2020-05-02 22:00:09 +01:00
third_party Look for dependencies in third_party/ 2018-02-11 13:45:52 +01:00
toxav Use heap memory instead of stack for large variables 2020-11-20 19:15:58 -05:00
toxcore simplify do_tcp(...) 2021-04-12 19:01:10 +02:00
toxencryptsave Fix typo: `NAC_LIBS` -> `NACL_LIBS`. 2020-05-04 19:54:58 +01:00
.cirrus.yml Get Appveyor and Cirrus CI to pass again 2021-09-17 23:43:09 +02:00
.editorconfig Add .editorconfig 2017-12-25 10:55:04 -06:00
.gitignore Add VScode folder to .gitignore 2019-11-17 13:59:12 +01:00
.hadolint.yaml Add autotools build to localbuild docker images. 2020-05-05 23:41:16 +01:00
.restyled.yaml Exclude imported libsodium sources from restyled. 2020-05-05 01:36:16 +01:00
.travis.yml chore: Don't build pushes to branches, only to tags. 2020-05-05 23:10:12 +01:00
BUILD.bazel Use rules_cc instead of native cc_library rules. 2020-03-12 12:20:54 +00:00
CHANGELOG.md Release 0.2.12 2020-05-01 12:58:27 +02:00
CMakeLists.txt Add support for the conan C/C++ package manager 2020-05-29 15:36:26 +02:00
DONATORS If we receive a packet from a node we are searching for, ping it. 2015-12-08 15:43:03 -05:00
INSTALL.md Remove references to Tox's package repository 2021-03-02 04:25:53 -05:00
LICENSE Enable .travis.yml check and use non-markdown license. 2018-08-18 22:29:31 +00:00
Makefile.am fix broken and unmaintained autotools build 2018-04-18 00:13:15 +02:00
README.md Update IRC info 2021-09-18 00:02:57 +02:00
appveyor.yml Get Appveyor and Cirrus CI to pass again 2021-09-17 23:43:09 +02:00
autogen.sh Some configuration/build fixes, so building basicaly everything else than the library can be disabled 2013-10-07 02:01:16 +02:00
codecov.yml Allow test coverage to fluctuate 2% up and down, but not below 80%. 2020-04-26 16:05:12 +00:00
conanfile.py Enable c-toxcore conan packaging 2021-04-11 15:56:02 +02:00
configure.ac Release 0.2.12 2020-05-01 12:58:27 +02:00
libtoxav.pc.in Build system fixes. 2014-12-18 10:04:31 -05:00
libtoxcore.pc.in Remove deprecated ToxDNS 2017-12-29 00:32:18 +00:00
so.version Release 0.2.12 2020-05-01 12:58:27 +02:00
tox.spec.in Use the markdown GPLv3 license in the c-toxcore repo. 2018-02-08 16:08:09 +00:00


Project Tox

Current build status: Build Status Current Coverage: Coverage Status

Website | Wiki | Blog | FAQ | Binaries/Downloads | Clients | Compiling | Toxcore's Projects

IRC Channels: Users: #tox@libera.chat, Developers: #toktok@libera.chat

What is Tox

Tox is a peer to peer (serverless) instant messenger aimed at making security and privacy easy to obtain for regular users. It uses NaCl for its encryption and authentication.


Danger: Experimental

This is an experimental cryptographic network library. It has not been formally audited by an independent third party that specializes in cryptography or cryptanalysis. Use this library at your own risk.

The underlying crypto library NaCl provides reliable encryption, but the security model has not yet been fully specified. See issue 210 for a discussion on developing a threat model. See other issues for known weaknesses (e.g. issue 426 describes what can happen if your secret key is stolen).

Toxcore Development Roadmap

The roadmap and changelog are generated from GitHub issues. You may view them on the website, where they are updated at least once every 24 hours:

Installing toxcore

Detailed installation instructions can be found in INSTALL.md.

In a nutshell, if you have libsodium installed, run:

mkdir _build && cd _build
cmake ..
sudo make install

If you have libvpx and opus installed, the above will also build the A/V library for multimedia chats.

Using toxcore

The simplest "hello world" example could be an echo bot. Here we will walk through the implementation of a simple bot.

Creating the tox instance

All toxcore API functions work with error parameters. They are enums with one OK value and several error codes that describe the different situations in which the function might fail.

TOX_ERR_NEW err_new;
Tox *tox = tox_new(NULL, &err_new);
if (err_new != TOX_ERR_NEW_OK) {
  fprintf(stderr, "tox_new failed with error code %d\n", err_new);

Here, we simply exit the program, but in a real client you will probably want to do some error handling and proper error reporting to the user. The NULL argument given to the first parameter of tox_new is the Tox_Options. It contains various write-once network settings and allows you to load a previously serialised instance. See toxcore/tox.h for details.

Setting up callbacks

Toxcore works with callbacks that you can register to listen for certain events. Examples of such events are "friend request received" or "friend sent a message". Search the API for tox_callback_* to find all of them.

Here, we will set up callbacks for receiving friend requests and receiving messages. We will always accept any friend request (because we're a bot), and when we receive a message, we send it back to the sender.

tox_callback_friend_request(tox, handle_friend_request);
tox_callback_friend_message(tox, handle_friend_message);

These two function calls set up the callbacks. Now we also need to implement these "handle" functions.

Handle friend requests

static void handle_friend_request(
  Tox *tox, const uint8_t *public_key, const uint8_t *message, size_t length,
  void *user_data) {
  // Accept the friend request:
  TOX_ERR_FRIEND_ADD err_friend_add;
  tox_friend_add_norequest(tox, public_key, &err_friend_add);
  if (err_friend_add != TOX_ERR_FRIEND_ADD_OK) {
    fprintf(stderr, "unable to add friend: %d\n", err_friend_add);

The tox_friend_add_norequest function adds the friend without sending them a friend request. Since we already got a friend request, this is the right thing to do. If you wanted to send a friend request yourself, you would use tox_friend_add, which has an extra parameter for the message.

Handle messages

Now, when the friend sends us a message, we want to respond to them by sending them the same message back. This will be our "echo".

static void handle_friend_message(
  Tox *tox, uint32_t friend_number, TOX_MESSAGE_TYPE type,
  const uint8_t *message, size_t length,
  void *user_data) {
  tox_friend_send_message(tox, friend_number, type, message, length,
  if (err_send != TOX_ERR_FRIEND_SEND_MESSAGE_OK) {
    fprintf(stderr, "unable to send message back to friend %d: %d\n",
      friend_number, err_send);

That's it for the setup. Now we want to actually run the bot.

Main event loop

Toxcore works with a main event loop function tox_iterate that you need to call at a certain frequency dictated by tox_iteration_interval. This is a polling function that receives new network messages and processes them.

while (true) {
  usleep(1000 * tox_iteration_interval(tox));
  tox_iterate(tox, NULL);

That's it! Now you have a working echo bot. The only problem is that since Tox works with public keys, and you can't really guess your bot's public key, you can't add it as a friend in your client. For this, we need to call another API function: tox_self_get_address(tox, address). This will fill the 38 byte friend address into the address buffer. You can then display that binary string as hex and input it into your client. Writing a bin2hex function is left as exercise for the reader.

We glossed over a lot of details, such as the user data which we passed to tox_iterate (passing NULL), bootstrapping into an actual network (this bot will work in the LAN, but not on an internet server) and the fact that we now have no clean way of stopping the bot (while (true)). If you want to write a real bot, you will probably want to read up on all the API functions. Consult the API documentation in toxcore/tox.h for more information.

Other resources