Invitations are used to introduce two computers to each other.
They encode the public-key of the creator and means to establish a connection. These include the IP address for local network connections and the Tor hidden onion service v3 address. Further a one time access token is included which is verified when the recipient first contacts the creator to authenticate the yet unknown remote computer.
An invitation can be sent over an insecure channel and is encrypted with a code which should be communicated over a secure channel. This protects from bad actors which may snoop on the initial communication. Meta data even public-keys are never send in clear.
Tor and peer to peer
Except for Arch Linux cryo is bundled with latest Tor binary from the Tor browser. Later versions of cryo can be configured to select your own Tor binary similar to how it works in Onion Share, so if you already use the Tor browser updates to Tor binary won't depend on cryo, and if the Tor browser is configured with Tor bridges these apply as well.
Tor is mainly used for signalling, so that two computers can find each other without the need for a central register. Each cryo instance runs a Tor hidden onion service v3. After two computers connect to each other via Tor, they exchange further communication channels like TCP and UDP ports on which they can be connected similar to WebRTC ICE.
The cryo application then tries to connect via exchanged ports to establish a faster direct connection. In case of UDP, hole punching is utilised to traverse traffic through NATs. In some cases, like corporate networks UDP is blocked or traffic is only allowed through a proxy, in this scenario cryo uses a TURN server (which will be configurable soon). If neither UDP nor TCP direct connection can be established Tor remains as channel, which is slow but still provides value.
End to end encryption
Albeit Tor already provides encryption the whole cryo protocol doesn't depend on it. Since also plain UDP and TCP channels are used, the end to end encryption is done via libsodium. The communication protocol was build with deep packet inspection in mind but may not hold up the great firewall of China for long if they figure out the network flows.
Anonymity vs. Privacy
cryo doesn't provide anonymity — only privacy — since peer to peer connections are established for maximum transfer speed. Which basically means that two connected computers know each others public IP address. cryo is all about privacy so that the communication is encryped and safe from attackers.
Internet service providers and state actors can still see who is connected to whom. For stronger anonymity there are better suited tools like Onion Share.
Tor doesn't work everywhere
In some countries like Iran and China Tor is blocked. Currently cryo won't work here. Tor bridges may help but aren't exactly easy to configure.
However as an alternative cryo supports P2P signalling via a DHT, which will be released later on and doesn't depend on Tor. The DHT signalling was actually the very first implementation before Tor was integrated and works well as long as UDP isn't blocked. The DHT used is the main BitTorrent Kademlia table with millions of nodes to blend in. Fortunately BitTorrent works in most countries where Tor is blocked.
cryo itself is a commercial application and not open source. But the underlying protocol and encryption details will be published soon. Compared to WebRTC the protocol is rather simple and inspired by Erlang.
In contrast to SFTP and SMB it isn't tailored to Unix or Windows and supports both path specifications including UNC paths. The protocol works with unreliable connections with help of the KCP library by skywind3000. I hope that implementations in Erlang and Haskell will be created sometime.
The roots of cryo
cryo is pretty old, albeit the first public release was in 2020, its development started over a decade ago.
While working in the 3d film industry the main idea for an visual node based file manager came from using the image compositing tool Shake, which was later sadly discontinued by Apple. Many aspects in cryo, some not public yet, are highly inspired by Ted Nelson, Douglas Engelbart, Joe Armstrong and Alan Kay.
In 2012 the deCONZ application for controlling Zigbee devices in a node based GUI was derived from an early version of cryo. deCONZ is meanwhile deployed around the globe in over 110 countries.