The future of online communications.
Clone or download
Pull request Compare This branch is 799 commits ahead, 1 commit behind irungentoo:master.
iphydf Add `LOGGER_ASSERT` for checking fatal error conditions.
These are not compiled out under `NDEBUG` and should be provably correct.
Latest commit aa5c782 Oct 9, 2018
Failed to load latest commit information.
.circleci Add AUTOTEST Option to CMakeLists.txt Oct 7, 2018
.travis tox-bootstrapd's Dockerfile shouldn't use master branch Oct 17, 2018
auto_tests ensure save data unchanged after save and load Oct 10, 2018
build Avoid implementations in .h files or #including .c files. Jul 21, 2018
cmake Revert "Improve cmake build for MSVC." Sep 24, 2018
docs Add mechanism for recovering from disconnections in conferences Sep 5, 2018
m4 Build system now automatically enables epoll support in TCP server Jul 18, 2014
other Use cmake to build toxcore in tox-boostrapd's Dockerfile Oct 17, 2018
super_donators Ignore "unused-result" warning in super_donators code. Sep 6, 2018
testing Use `bool` for IPv6 flag in test programs and `DHT_bootstrap`. Oct 16, 2018
third_party Look for dependencies in third_party/ Feb 11, 2018
toxav Improve Windows compatibility of toxav code. Oct 8, 2018
toxcore Add `LOGGER_ASSERT` for checking fatal error conditions. Oct 19, 2018
toxencryptsave Consistently use camel case enum names. Oct 9, 2018
.cirrus.yml Add Cirrus CI configuration. Sep 24, 2018
.editorconfig Add .editorconfig Dec 25, 2017
.gitignore Run Clang global static analysis on Travis. Jul 22, 2018
.travis.yml Add tool to find directly recursive calls in toxcore. Sep 8, 2018
BUILD.bazel Enable .travis.yml check and use non-markdown license. Aug 18, 2018 Release 0.2.8 Oct 7, 2018
CMakeLists.txt Include `CTest` in CMakeLists.txt to get valgrind support. Oct 17, 2018
DONATORS If we receive a packet from a node we are searching for, ping it. Dec 8, 2015 Add AUTOTEST Option to CMakeLists.txt Oct 7, 2018
LICENSE Enable .travis.yml check and use non-markdown license. Aug 18, 2018 fix broken and unmaintained autotools build Apr 17, 2018 Use the correct repository name in the coverage badge. Jul 15, 2018
appveyor.yml Add AUTOTEST Option to CMakeLists.txt Oct 7, 2018 Fix file modes Oct 14, 2015 Release 0.2.8 Oct 7, 2018 Build system fixes. Dec 18, 2014 Remove deprecated ToxDNS Dec 29, 2017
so.version Release 0.2.8 Oct 7, 2018 Use the markdown GPLv3 license in the c-toxcore repo. Feb 8, 2018

Project Tox

Current build status: Build Status Current Coverage: Coverage Status

Website | Wiki | Blog | FAQ | Binaries/Downloads | Clients | Compiling | Toxcore's Projects

IRC Channels: Users: #tox@freenode, Developers: #toktok@freenode

What is Tox

Tox is a peer to peer (serverless) instant messenger aimed at making security and privacy easy to obtain for regular users. It uses NaCl for its encryption and authentication.


Danger: Experimental

This is an experimental cryptographic network library. It has not been formally audited by an independent third party that specializes in cryptography or cryptanalysis. Use this library at your own risk.

The underlying crypto library NaCl provides reliable encryption, but the security model has not yet been fully specified. See issue 210 for a discussion on developing a threat model. See other issues for known weaknesses (e.g. issue 426 describes what can happen if your secret key is stolen).

Toxcore Development Roadmap

The roadmap and changelog are generated from GitHub issues. You may view them on the website, where they are updated at least once every 24 hours:

Installing toxcore

Detailed installation instructions can be found in

In a nutshell, if you have libsodium installed, run:

mkdir _build && cd _build
cmake ..
sudo make install

If you have libvpx and opus installed, the above will also build the A/V library for multimedia chats.

Using toxcore

The simplest "hello world" example could be an echo bot. Here we will walk through the implementation of a simple bot.

Creating the tox instance

All toxcore API functions work with error parameters. They are enums with one OK value and several error codes that describe the different situations in which the function might fail.

TOX_ERR_NEW err_new;
Tox *tox = tox_new(NULL, &err_new);
if (err_new != TOX_ERR_NEW_OK) {
  fprintf(stderr, "tox_new failed with error code %d\n", err_new);

Here, we simply exit the program, but in a real client you will probably want to do some error handling and proper error reporting to the user. The NULL argument given to the first parameter of tox_new is the Tox_Options. It contains various write-once network settings and allows you to load a previously serialised instance. See toxcore/tox.h for details.

Setting up callbacks

Toxcore works with callbacks that you can register to listen for certain events. Examples of such events are "friend request received" or "friend sent a message". Search the API for tox_callback_* to find all of them.

Here, we will set up callbacks for receiving friend requests and receiving messages. We will always accept any friend request (because we're a bot), and when we receive a message, we send it back to the sender.

tox_callback_friend_request(tox, handle_friend_request);
tox_callback_friend_message(tox, handle_friend_message);

These two function calls set up the callbacks. Now we also need to implement these "handle" functions.

Handle friend requests

static void handle_friend_request(
  Tox *tox, const uint8_t *public_key, const uint8_t *message, size_t length,
  void *user_data) {
  // Accept the friend request:
  TOX_ERR_FRIEND_ADD err_friend_add;
  tox_friend_add_norequest(tox, public_key, &err_friend_add);
  if (err_friend_add != TOX_ERR_FRIEND_ADD_OK) {
    fprintf(stderr, "unable to add friend: %d\n", err_friend_add);

The tox_friend_add_norequest function adds the friend without sending them a friend request. Since we already got a friend request, this is the right thing to do. If you wanted to send a friend request yourself, you would use tox_friend_add, which has an extra parameter for the message.

Handle messages

Now, when the friend sends us a message, we want to respond to them by sending them the same message back. This will be our "echo".

static void handle_friend_message(
  Tox *tox, uint32_t friend_number, TOX_MESSAGE_TYPE type,
  const uint8_t *message, size_t length,
  void *user_data) {
  tox_friend_send_message(tox, friend_number, type, message, length,
  if (err_send != TOX_ERR_FRIEND_SEND_MESSAGE_OK) {
    fprintf(stderr, "unable to send message back to friend %d: %d\n",
      friend_number, err_send);

That's it for the setup. Now we want to actually run the bot.

Main event loop

Toxcore works with a main event loop function tox_iterate that you need to call at a certain frequency dictated by tox_iteration_interval. This is a polling function that receives new network messages and processes them.

while (true) {
  usleep(1000 * tox_iteration_interval(tox));
  tox_iterate(tox, NULL);

That's it! Now you have a working echo bot. The only problem is that since Tox works with public keys, and you can't really guess your bot's public key, you can't add it as a friend in your client. For this, we need to call another API function: tox_self_get_address(tox, address). This will fill the 38 byte friend address into the address buffer. You can then display that binary string as hex and input it into your client. Writing a bin2hex function is left as exercise for the reader.

We glossed over a lot of details, such as the user data which we passed to tox_iterate (passing NULL), bootstrapping into an actual network (this bot will work in the LAN, but not on an internet server) and the fact that we now have no clean way of stopping the bot (while (true)). If you want to write a real bot, you will probably want to read up on all the API functions. Consult the API documentation in toxcore/tox.h for more information.

Other resources