The future of online communications.
C C++ Shell M4 CMake Makefile Other
Clone or download
#1091 Compare This branch is 701 commits ahead of irungentoo:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
.circleci Avoid side-effectful assignments in conditionals. Jul 8, 2018
.travis Use `--config` to tell bazel about the environment. Aug 14, 2018
auto_tests Limit the size of a save file in file_saving_test. Aug 16, 2018
build Avoid implementations in .h files or #including .c files. Jul 21, 2018
cmake Link -lsocket and -lnsl for socket functions on Solaris. Jul 19, 2018
docs Fix typos in docs Sep 20, 2017
m4 Build system now automatically enables epoll support in TCP server Jul 18, 2014
other Fix a few warnings from clang. Aug 12, 2018
super_donators Avoid clashes with "build" directories on case-insensitive file systems. Jan 28, 2018
testing Fix possible resource leaks in test Aug 15, 2018
third_party Look for dependencies in third_party/ Feb 11, 2018
toxav Limit the size of a save file in file_saving_test. Aug 16, 2018
toxcore Release 0.2.6 Aug 16, 2018
toxencryptsave Make tox.c unambiguously parseable. Jul 5, 2018
.editorconfig Add .editorconfig Dec 25, 2017
.gitignore Run Clang global static analysis on Travis. Jul 22, 2018
.travis.yml Limit the size of a save file in file_saving_test. Aug 16, 2018
BUILD.bazel Add a bazel test that ensures all our projects are GPL-3.0. Feb 20, 2018 Release 0.2.6 Aug 16, 2018
CMakeLists.txt Release 0.2.6 Aug 16, 2018
DONATORS If we receive a packet from a node we are searching for, ping it. Dec 8, 2015 Look for dependencies in third_party/ Feb 11, 2018 Use the markdown GPLv3 license in the c-toxcore repo. Feb 8, 2018 fix broken and unmaintained autotools build Apr 17, 2018 Use the correct repository name in the coverage badge. Jul 15, 2018
appveyor.yml Move system header includes from network.h to network.c May 20, 2018 Fix file modes Oct 14, 2015 Release 0.2.6 Aug 16, 2018 Build system fixes. Dec 18, 2014 Remove deprecated ToxDNS Dec 29, 2017
so.version Release 0.2.6 Aug 16, 2018 Use the markdown GPLv3 license in the c-toxcore repo. Feb 8, 2018

Project Tox

Current build status: Build Status Current Coverage: Coverage Status

Website | Wiki | Blog | FAQ | Binaries/Downloads | Clients | Compiling | Toxcore's Projects

IRC Channels: Users: #tox@freenode, Developers: #toktok@freenode

What is Tox

Tox is a peer to peer (serverless) instant messenger aimed at making security and privacy easy to obtain for regular users. It uses NaCl for its encryption and authentication.


Danger: Experimental

This is an experimental cryptographic network library. It has not been formally audited by an independent third party that specializes in cryptography or cryptanalysis. Use this library at your own risk.

The underlying crypto library NaCl provides reliable encryption, but the security model has not yet been fully specified. See issue 210 for a discussion on developing a threat model. See other issues for known weaknesses (e.g. issue 426 describes what can happen if your secret key is stolen).

Toxcore Development Roadmap

The roadmap and changelog are generated from GitHub issues. You may view them on the website, where they are updated at least once every 24 hours:

Installing toxcore

Detailed installation instructions can be found in

In a nutshell, if you have libsodium installed, run:

mkdir _build && cd _build
cmake ..
sudo make install

If you have libvpx and opus installed, the above will also build the A/V library for multimedia chats.

Using toxcore

The simplest "hello world" example could be an echo bot. Here we will walk through the implementation of a simple bot.

Creating the tox instance

All toxcore API functions work with error parameters. They are enums with one OK value and several error codes that describe the different situations in which the function might fail.

TOX_ERR_NEW err_new;
Tox *tox = tox_new(NULL, &err_new);
if (err_new != TOX_ERR_NEW_OK) {
  fprintf(stderr, "tox_new failed with error code %d\n", err_new);

Here, we simply exit the program, but in a real client you will probably want to do some error handling and proper error reporting to the user. The NULL argument given to the first parameter of tox_new is the Tox_Options. It contains various write-once network settings and allows you to load a previously serialised instance. See toxcore/tox.h for details.

Setting up callbacks

Toxcore works with callbacks that you can register to listen for certain events. Examples of such events are "friend request received" or "friend sent a message". Search the API for tox_callback_* to find all of them.

Here, we will set up callbacks for receiving friend requests and receiving messages. We will always accept any friend request (because we're a bot), and when we receive a message, we send it back to the sender.

tox_callback_friend_request(tox, handle_friend_request);
tox_callback_friend_message(tox, handle_friend_message);

These two function calls set up the callbacks. Now we also need to implement these "handle" functions.

Handle friend requests

static void handle_friend_request(
  Tox *tox, const uint8_t *public_key, const uint8_t *message, size_t length,
  void *user_data) {
  // Accept the friend request:
  TOX_ERR_FRIEND_ADD err_friend_add;
  tox_friend_add_norequest(tox, public_key, &err_friend_add);
  if (err_friend_add != TOX_ERR_FRIEND_ADD_OK) {
    fprintf(stderr, "unable to add friend: %d\n", err_friend_add);

The tox_friend_add_norequest function adds the friend without sending them a friend request. Since we already got a friend request, this is the right thing to do. If you wanted to send a friend request yourself, you would use tox_friend_add, which has an extra parameter for the message.

Handle messages

Now, when the friend sends us a message, we want to respond to them by sending them the same message back. This will be our "echo".

static void handle_friend_message(
  Tox *tox, uint32_t friend_number, TOX_MESSAGE_TYPE type,
  const uint8_t *message, size_t length,
  void *user_data) {
  tox_friend_send_message(tox, friend_number, type, message, length,
  if (err_send != TOX_ERR_FRIEND_SEND_MESSAGE_OK) {
    fprintf(stderr, "unable to send message back to friend %d: %d\n",
      friend_number, err_send);

That's it for the setup. Now we want to actually run the bot.

Main event loop

Toxcore works with a main event loop function tox_iterate that you need to call at a certain frequency dictated by tox_iteration_interval. This is a polling function that receives new network messages and processes them.

while (true) {
  usleep(1000 * tox_iteration_interval(tox));
  tox_iterate(tox, NULL);

That's it! Now you have a working echo bot. The only problem is that since Tox works with public keys, and you can't really guess your bot's public key, you can't add it as a friend in your client. For this, we need to call another API function: tox_self_get_address(tox, address). This will fill the 38 byte friend address into the address buffer. You can then display that binary string as hex and input it into your client. Writing a bin2hex function is left as exercise for the reader.

We glossed over a lot of details, such as the user data which we passed to tox_iterate (passing NULL), bootstrapping into an actual network (this bot will work in the LAN, but not on an internet server) and the fact that we now have no clean way of stopping the bot (while (true)). If you want to write a real bot, you will probably want to read up on all the API functions. Consult the API documentation in toxcore/tox.h for more information.

Other resources