ZeroNet FAQ

Do I need to have a port opened?

This is optional, you can browse and use ZeroNet sites without an open port. If you want to create a new site it’s highly recommended to have an open port.

At startup ZeroNet tries to open a port for you on your router using UPnP, if this fails you have to do it manually:

If it still doesn’t work then try to find a ‘port forwarding’ section. This is different in every router. Here is a tutorial on YouTube. The port to forward is 15441.


Is ZeroNet anonymous?

It’s no more anonymous than BitTorrent, but privacy (the possibility to find out who is the owner of the comment/site) will increase as the network and the sites gains more peers.

ZeroNet is made to work with anonymity networks: you can easily hide your IP using the Tor network.


How to use ZeroNet in Tor browser?

In Tor mode it’s recommended to use ZeroNet in Tor Browser:

  • Start the Tor Browser
  • Go to address about:preferences#advanced
  • Click Settings...
  • Enter 127.0.0.1 to field No proxy for

How to use ZeroNet with Tor?

If you want to hide your IP install the latest version of ZeroNet then click Tor > Enable Tor for every connection on ZeroHello.

On Windows Tor is bundled with ZeroNet for other OS follow Tor install instructions, edit your torrc configuration file by removing # from line # ControlPort 9051 then restart your Tor service and ZeroNet.

Tip: You can verify your IP address using ZeroNet’s Stats page.

Tip: If you get connection errors make sure you have the latest version of Tor installed. (0.2.7.5+ required)


How to make ZeroNet work with Tor under Linux?

Upgrade to latest version of Tor (we need 0.2.7.5+), follow these instructions eg. for Debian:

  • echo 'deb http://deb.torproject.org/torproject.org jessie main'>> /etc/apt/sources.list.d/tor.list
  • gpg --keyserver keys.gnupg.net --recv 886DDD89
  • gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add -
  • apt-get update
  • apt-get install tor

Edit config to enable control protocol:

  • mcedit /etc/tor/torrc
  • Remove the # character from lines ControlPort 9051 and CookieAuthentication 1 (line ~57)
  • /etc/init.d/tor restart
  • Add permission yourself to read the auth cookie by usermod -a -G debian-tor [yourlinuxuser]
    (if you are not on Debian check the file’s user group by ls -al /var/run/tor/control.authcookie)
  • Logout/Login with your user to apply group changes

Tip: You can verify if your Tor running correctly using echo 'PROTOCOLINFO' | nc 127.0.0.1 9051

Tip: It’s also possible to use without modifying torrc (or using older version of Tor clients) by running it zeronet.py --tor disable --proxy 127.0.0.1:9050 --disable_udp, but then you will loose ability to talk with other .onion addresses.


Can I use the same username on multiple machine?

Yes, you have to copy the data/users.json file.


How can I register a .bit domain?

You can register .bit domains using Namecoin. Manage your domains using the client’s GUI or by the command line interface.

After the registration is done you have to edit your domain’s record by adding a zeronet section to it, eg.:

{
...
    "zeronet": {
        "": "1EU1tbG9oC1A8jz2ouVwGZyQ5asrNsE4Vr",
        "blog": "1BLogC9LN4oPDcruNz3qo1ysa133E9AGg8",
        "talk": "1TaLk3zM7ZRskJvrh3ZNCDVGXvkJusPKQ"
    },
...
}

“” means the top domain, any other that is a sub-domain.

Tip: You can buy Namecoin for Bitcoin or other cryptocurrencies using shapeshift.io.

Tip: Other possibilities to register .bit domains: domaincoin.net, peername.com, dotbit.me

Tip: You can verify your domain on namecha.in, for example: zeroid.bit

Tip: You should use only lower-cased letters, numbers and – in your domains.

Tip: To make ZeroHello to link your domain instead of your site’s address, add a domain key to your content.json. (Example)


Can I use the generated site address/private key to accept Bitcoin payments?

Yes, it’s a standard Bitcoin address. The private key is WIF formatted, so you can import it in most clients.

Tip: It’s not recommended to keep a high amount of money on your site’s address, because you have to enter your private key every time you modify your site.


What happens when someone hosts malicious content?

The ZeroNet sites are sandboxed, they have the same privileges as any other website you visit over the Internet. You are in full control of what you are hosting. If you find suspicious content you can stop hosting the site at any time.


Is it possible to install ZeroNet to a remote machine?

Yes, you have to enable the UiPassword plugin by renaming the plugins/disabled-UiPassword directory to plugins/UiPassword, then start ZeroNet on the remote machine using
zeronet.py --ui_ip "*" --ui_password anypassword. This will bind the ZeroNet UI webserver to all interfaces, but to keep it secure you can only access it by entering the given password.

Tip: You can also restrict the interface based on ip address by using --ui_restrict ip1 ip2.

Tip: You can specify the password in config file by creating a zeronet.conf file and add [global], ui_password = anypassword lines to it.


Is there anyway to track the bandwidth ZeroNet is using?

The sent/received bytes are displayed at ZeroNet’s sidebar.
(open it by dragging the topright 0 button to left)

Tip: Per connection statistics page: http://127.0.0.1:43110/Stats


What happens if two people use the same keys to modify a site?

Every content.json file is timestamped, the clients always accepts the newest one.


Does ZeroNet uses Bitcoin’s blockchain?

No, ZeroNet only using the cryptography of Bitcoin for site addresses and content signing/verification. The users identification is also based on Bitcoin’s BIP32 format.

Namecoin’s blockchain is being used for domain registrations.


Does ZeroNet only support HTML, CSS websites?

ZeroNet is built for dynamic, real-time updated websites, but you can serve any kind of files using it. (VCS repositories, your own thin-client, database, etc.)


How can I create a new ZeroNet site?

Follow those instructions.


How does it work?

  • When you want to open a new site it asks visitors IP addresses from BitTorrent network
  • First downloads a file named content.json, which holds all other filenames, hashes and the site owner’s cryptographic signature
  • Verifies the downloaded content.json file using the site’s address and the site owner’s signature from the file
  • Downloads other file (html, css, js…) and verifies them using the SHA512 hash for content.json file
  • Each visited site becomes also served by you.
  • If the site owner (who has the private key for the site address) modifies the site, then he/she signs the new content.json and publishes it to the peers. After the peers have verified the content.json integrity (using the signature), they download the modified files and publish the new content to other peers.

More info: Description of ZeroNet sample sites, Slides about how does ZeroNet work

2 thoughts on “ZeroNet FAQ”

  1. Do you mind if I quote a few of your articles as long as I provide credit and sources back to your webpage?

    My blog is in the very same area of interest as yours and my visitors
    would genuinely benefit from some of the information you present here.
    Please let me know if this ok with you. Many thanks!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.