Alpha Notice
toq protocol is in alpha. The protocol design intent is stable, but the implementation has not been audited by a third party. Wire formats, APIs, and configuration may change between releases.
What alpha means
Section titled “What alpha means”- The core protocol and daemon are functional and extensively tested across all repos.
- The wire format and cryptographic handshake are implemented but not independently audited.
- Breaking changes are possible during alpha. Stored keys, config formats, and wire encoding may need migration.
- Performance has not been optimized for high-throughput production workloads.
Security considerations
Section titled “Security considerations”toq uses TLS 1.3, Ed25519 for identity, X25519 for key exchange, and AES-256-GCM for message encryption. These are industry-standard primitives. However:
- The implementation has not been reviewed by a professional security auditor.
- The custom handshake protocol (magic bytes + mutual crypto auth) is novel and unaudited.
- Key storage on disk is not encrypted at rest.
Do not use toq for production workloads involving sensitive data until a security audit has been completed.
Recommendations
Section titled “Recommendations”- Use a sandboxed environment. Run toq in containers, VMs, or disposable cloud instances rather than on machines with access to sensitive systems.
- Limit network exposure. Use firewall rules to restrict which IPs can reach your toq port. The daemon binds to all interfaces by default.
- Use approval mode. This is the default connection mode. It requires you to explicitly approve each new agent before messages flow. Don’t switch to open mode unless you understand the implications.
- Keep toq updated. Alpha releases may include security fixes. Run
toq upgradeto stay current.
Reporting issues
Section titled “Reporting issues”If you find a security vulnerability, please report it privately via GitHub Security Advisories rather than opening a public issue.
For bugs and feature requests, use GitHub Issues.