Reticulum, a secure and anonymous mesh networking stack

Posted by brogu 22 hours ago

Reticulum, a secure and anonymous mesh networking stack(github.com)

310 points | 81 commentspage 2

throw7 5 hours ago|

Doesn't look like a free software license. No purposeful harm to humans and no AI usage direct or indirect.

ronsor 2 hours ago|

I dislike these "non-free" licenses because the actors they purport to stop aren't going to care (why would a terrorist cell care about licenses? if AI training is fair use, then why would AI companies care about licenses?). All it does is create obstacles for legitimate people.

gaudystead 21 hours ago||

I just happened to recently learn about Reticulum from another part of the internet and find it fascinating. Am I correct in thinking that it can basically run on anything that can run arbitrary code and the ability to talk to another device? (seems like it'd even work over serial if one had the determination to make it work)

RiverCrochet 20 hours ago||

- If it runs Python and pip/pipx, and you can pull in the required packages via pip/pipx, it'll run Reticulum.

- On 32-bit x86 platforms it has to build the PyCA/cryptography module, but works fine after it does that.

- Reticulum supports a number physical interfaces, serial is one of them. It of course has the "RNode" intefaces for LoRa radios. For Ethernet, there is "AutoInterface" which uses IPv6 autoconfiguration for peer discovery and IPv6 UDP for transport but doesn't rely on DNS, DHCP, or anything else. If your PC, phone, or other involved devices on the same network have IPv6 enabled and no filtering is happening on layer 2 then it's dead simple - any device there will see announces from others and be able to transact with you not doing much more than spinning up MeshChat.

- Other interface types are TCP client, TCP server, IPv4 UDP, I2P, and a pipe interface. The pipe interface is interesting as it's basically stdin/stdout to an executable of your choice, so you can use that to make Reticulum available over really anything you could dream up, such as an SSH tunnel.

hoss1474489 21 hours ago|||

The only fully-functional stack currently available requires Python >= 3.8, which is the main limitation to where it will run. But there’s still a lot you can do with that!

khimaros 19 hours ago||

there is a pretty compatible rust implementation as well which claims to target microcontrollers https://github.com/BeechatNetworkSystemsLtd/Reticulum-rs

snickerer 13 hours ago||

Did you use it? I've never seen it used outside of Beechat's own devices.

phil37412 10 hours ago||

so you mean it would work from Iran?

egberts1 4 hours ago||

What all three need is a multiple-spanning tree for its master node and supporting slave nodes, much like eBGP.

roxolotl 17 hours ago||

How does this differ from meshtastic? Is meshtastic just more chat based and this is more generic?

snickerer 13 hours ago||

Reticulum is a full network stack with full user anonymity. You can integrate it in every app that needs P2P network connections and that can live with a slow connection. Reticulum is an alternative to TCP/IP and UDP/IP, using a mesh.

Meshtastic and Meshcore are mesh messengers, focusing on mesh text messages.

405nm 17 hours ago||

meshtastic is chat and lora only. its protocol is super inefficient and unreliable, and only can handle a maximum of 7 hops across the mesh.

rfmoz 4 hours ago||

Give a try to Meshcore, their design has proven to be reliable in realworld use.

andybak 9 hours ago||

So not this Reticulum networking stack: https://github.com/Hubs-Foundation/reticulum

NewJazz 20 hours ago||

The Software shall not be used, directly or indirectly, in the creation of an artificial intelligence, machine learning or language model training dataset, including but not limited to any use that contributes to the training or development of such a model or algorithm.

snickerer 13 hours ago||

Mark's Reticulum implementation has a strong ideolgical background. Not just the oppositon to AI. If anybody is interested in what drives the developer, here's the manifesto: https://github.com/markqvist/Reticulum/blob/master/Zen%20of%...

dotty- 18 hours ago||

I saw this too and immediately thought: well, they published this on GitHub which surely has a clause that grants it a license to use the code for training Copilot for Microsoft at a minimum, sooo should've published on another Git platform.

promiseofbeans 18 hours ago|||

> This repository is a public mirror. All development is happening elsewhere.

So if I have code on a personal (but publicly exposed) git server with a license that includes the above quoted terms, and someone decides they want to be helpful and publish a public read-only mirror of my code to GitHub, then they’re allowed to accept that license on my behalf? I never did a thing and yet I’m now in a contract with Microsoft? How does this work legally?

gpm 16 hours ago|||

Not a lawyer but I'm pretty sure:

1. Microsoft does not gain the license, but will be able to argue that they aren't intentionally committing copyright infringement in the cases where that distinction matters.

2. If Microsoft does something resulting in damages because they thought they had a license, their indemnification clause kicks in and they can recoup those damages from the user who uploaded it (to the extent that that user doesn't go bankrupt anyways)

3. Likely none of this matters because your license can't prevent activities that weren't prohibited by copyright in the first place, and training doesn't appear to be a prohibited activity at least under US law.

exitb 14 hours ago|||

When code is published on GitHub, GitHub itself is not bound by the public-facing license, but rather license grants the uploader aggress to as part of the terms of service. That points to the uploader as a responsible party.

In practice though, none of that is even remotely enforceable.

avodonosov 17 hours ago|||

Not sure GitHub has such a clause. Just looked at their terms and don't see it.

gpm 16 hours ago||

See term D.4., the relevant part of which is

> You grant us and our legal successors the right to store, archive, parse, and display Your Content, and make incidental copies, as necessary to provide the Service, including improving the Service over time. This license includes the right to do things like [...] or otherwise analyze it on our servers; share it with other users

AceJohnny2 14 hours ago||

That could be boilerplate legalese for "obviously we need access to your code if we're to display and share it (as is the purpose for a public git host)"

gpm 10 hours ago||

It doesn't matter what the original purpose of the terms was it matters what they do.

zxcvasd 6 hours ago||

[dead]

samantp 19 hours ago||

Looks great. Does it need all users to install Reticulum, or app/service prividers (online shop etc) on Reticulum can make their services available for access via browsers?

405nm 18 hours ago|

all users need to be running the reticulum network stack to be able to send, receive, and route packets.

reticulum itself describes the network stack (like tcp/ip) and it has its own protocols like LXMF for messaging and LXST for streaming. applications can be built on top of these protocols.

it’s different than IP, instead of addresses, each node has an identity that’s a cryptographic key pair that you send messages to, the routing happens in the background regardless of network topology or diversity of link types.

you CAN send reticulum packets over a TCP/IP adapter and thus across the normal Internet (there are a lot of testnet and community nodes that are accessed this way), but the protocol also seamlessly bridges over any interface (lora, bluetooth, HAM radio, etc) that is attached to the node.

so like, there could be a message sent over lora to a base station that relays it to another server through the internet, then that server sends it out over a ham radio link to another computer somewhere else, etc.

all the message sender has to know is the pubkey of the node they want to talk to, and the network figures out how to establish a link.

128 hops maximum.

the prerolled binaries of the aforementioned software include the network stack and easy enough presets to find content from other nodes and people to talk to.

TheCraiggers 20 hours ago||

Anybody have any experience running this on a tdeck? I'm kinda toying with the idea of ordering a couple just to play with.

pwndByDeath 16 hours ago|

It is not yet like meshtastic in that. Rnode is more of a lora modem than a lora server. There is a micro recticlum project but not out yet.

TheCraiggers 9 hours ago||

Ahh, yes. I see that now. I appreciate the correction.

arthurmorgxn 17 hours ago|

This is cool, I’ve been playing around Offline Protocol’s DORS SDK that they put out last month and it’s been great for cross platform whereas Bitchat’s Noise setup was a little more cumbersome to get started. Need to dig more into LoRa meshes.