syntax = "proto3"; /* This file contains message definitions for packets sent via unencrypted reflection. These packets have the directions C2R and R2C (client to relay, relay to client) These packets are assigned the ID block 0x10-0x2f. */ // Sent by the client to the relay to initialize the connection. Sends the relay the client's public key and a randomized session ID // used by the server to perform X25519 to enable encryption. message PalmC2RHandshakeStart { enum packet_info { invalid = 0; type = 0x10; } bytes client_public_key = 1; // The client's X25519 public key. This should be generated afresh for this session. int32 session_id = 2; // A random 4-byte integer, used to uniquely identify this session. bytes iv = 3; // A random 12-byte IV used for encryption } // Sent by the server to the client to finish initializing the connection. Sends the client the relay's public key, // so the client and the server can both enable encryption. message PalmR2CHandshakeFinish { enum packet_info { invalid = 0; type = 0x11; } // The relay's public key. As opposed to the client public key, relay keys are static - // it is very, very important to check the relay's identity to make sure you aren't being MITMd. // Clients should authenticate this against a previously known value. // See the main palm.proto file for how this will be given to a client. bytes relay_public_key = 1; int32 session_id = 2; // The same 4-byte integer sent by the client in PalmC2RHandshakeStart. bytes iv = 3; // A random 12-byte IV used for encryption } // After these two packets, stream encryption is enabled on the client and server