Tesseras-Paste

A decentralized pastebin built on tesseras-dht. Pastes are encrypted client-side, distributed across the DHT, and served over HTTP.

Features

• End-to-end encrypted pastes (XChaCha20-Poly1305)
• Decentralized storage via Kademlia DHT
• NAT traversal (hole-punching and proxy relay)
• HTTP serving with content-key URLs
• TTL-based expiry and pinning
• Public (unencrypted) paste mode
• OpenBSD pledge(2) sandboxing

Binaries

tpd — daemon that runs a DHT node, stores pastes, and serves HTTP.

usage: tpd [-p port] [-d dir] [-s sock] [-w http_port] [-g] [-n] [-b host:port]

  -p port       UDP port (0 = random)
  -d dir        data directory
  -s sock       Unix socket path
  -w port       HTTP server port
  -g            global NAT (public server)
  -n            no auto-bootstrap (skip DNS SRV)
  -b host:port  bootstrap peer (repeatable)

tp — CLI client that talks to the daemon over a Unix socket.

usage: tp [-s sock] <command> [args]

  put [-t ttl] [-p]  read stdin, store paste (-p = public, no encryption)
  get <key>          retrieve paste to stdout
  del <key>          delete paste
  pin <key>          pin (never expires)
  unpin <key>        unpin
  status             show daemon status

Quick start

# Start the daemon
tpd -p 4433 -w 9999 -d /var/tesseras-paste

# Store a paste
echo "hello" | tp put
# => Ey2rNiNukhNpqUouaSnnZwTtCgeCgMx2FrCuMr3whBxx

# Retrieve it
tp get Ey2rNiNukhNpqUouaSnnZwTtCgeCgMx2FrCuMr3whBxx

Links

• Website
• Source code (primary)
• Source hut mirror
• GitHub mirror

License

ISC — see LICENSE.