BitChan

Version: 1.1.1

BitChan is a decentralized anonymous imageboard inspired by BitBoard and built on top of Bitmessage with Tor, I2P, and GnuPG.

An anonymous donor has paid for a BitChan instance to be set up on a VPS in Kiosk Mode. Try it out at:

• Tor: http://bitchanr4b64govofzjthtu6qc4ytrbuwbgynapkjileajpycioikxad.onion (only accessible with Tor Browser).
• I2P: http://bitchan.i2p, b32 Address http://waycuw2c27ruakfblkf5tcegwmt3ot445dlfoypil6bzmm4yxg7a.b32.i2p (only accessible with I2P).

BitChan solves a number of security and free speech problems that have plagued most imageboards. Centralized imageboards can be taken offline or hijacked and can leak user data. BitChan reduces the likelihood of this by being decentralized, requiring all connections to go through Tor, and not requiring JavaScript.

When installed locally on your computer, BitChan acts as an extension to Bitmessage, a decentralized, blockchain-based messaging program. Bitmessage relies on public key encryption similar to PGP and decentralized message delivery, which due to the fact that every message is distributed to every client, also provides plausible deniability (i.e. no one knows who the message was intended to go to). Bitmessage handles the sending and receiving of messages and BitChan acts as a sophisticated message processor, which includes a web front end. All communication happens over the Tor onion routing network for anonymity and every BitChan message is encrypted using GPG, an open source version of PGP (Pretty Good Privacy). Instead of connecting to a stranger's server and volunteering potentially identifying information, BitChan anonymously adds your message to the Bitmessage block. Everyone on the Bitmessage network downloads and shares your encrypted messages and only those with the correct credentials can decrypt them.

Users of centralized forums often have to deal with overzealous moderators and sometimes even pressure from State powers that tend to suffocate the forum's culture. BitChan's moderation is multifaceted, but to be brief, the option exists to create entirely unmoderatable boards. Due to its decentralized design, BitChan cannot be moderated by its developers or the government. Indeed, there is no way to disconnect BitChan from the internet, and as long as people are still running Bitmessage, BitChan lives completely untouchable by any authority. With that said, boards can be created with a variety of rules which allow board owners or admins to moderate them if so desired. Unmoderated boards can be locally moderated by the user. Additionally, users can set their install to act as a Kiosk and enable a Tor Hidden Onion service to allow anonymous users to utilize their install through an .onion address, however when accessing BitChan in this way, you will be constrained by the settings that user sets for their BitChan install. In order to utilize the full features of BitChan, including reliability and a censor-free environment, you will need to install it locally on your computer.

BitChan offers boards for a forum-like experience with image and file sharing, lists to organize and share other boards and lists, along with a host of additional features to enhance posts and provide board and list management with the use of owner, admin, and user permissions. Boards and lists can be public or private, with or without owners or admins, allowing a full range from completely unmoderatable to strictly allowing only select addresses to post or modify list contents.

Quick Links: Manual, Changelog, Screenshots

Screenshots

See Screenshots

Features

• Security - All essential functionality without JavaScript - All internet traffic (Bitmessage/uploads/downloads) routed through tor - All messages PGP-encrypted with user-selectable ciphers, key lengths, and passphrases
• Board Features - Threaded posting with text enhancements - Attach any file up to 4 files per post - Full-width expansion of Images and videos in posts - Overboard, Catalog, Recent, and Search pages - Files attached to post via Bitmessage (most secure, <= ~250 KB) or external upload site - Support for post text replacements: dice (#3D20), cards (#C5), flip (#flip), 8ball (#8ball), tarot card (#t5), Crowley tarot (#ct5), random book quote (#stich) - Support for post text styles: @@bold@@, ~~italic~~, __underline__, ++strikethrough++, ==big==, **spoiler**, ^s shadow ^s, [meme]meme[/meme], [autism]autism[/autism], [flash]flash[/flash], [aa]ascii art[/aa], and more - Rules to allow board/list Owners to enable certain board/list-specific features - Address Book to set labels for addresses that will appear on posts - Post popup previews for reply links - Live updating of new posts in a thread without page refresh - Sticky/pin/anchor functions for threads - Post with any Bitmessage address that you know the secret key of
• Board and List Ownership and Administration - Boards and Lists can have Owners, Admins, White- and Black-listed Users - Owners can set a long description, banner and spoiler images, word replacements, and custom CSS - Board Owners/Admins can delete threads and posts (affects all users of a board) - Board Owners/Admins can ban users from posting (affects all users of a board) - Users can block address from posting to one or all boards (only local effects)
• Kiosk mode - Allows you to publicly host you BitChan instance in a secure manner - One-click hosting of an .onion hidden service to access your BitChan instance from tor - Options to keep your kiosk completely private for only your use or allow the public to view or post - Permissions and login system to secure and control access to your BitChan Instance
• Misc - Public access where anyone can post on a board or add to a list - Private access where only select addresses can post or modify a list - Mod log to track moderation and other changes - Export and import your database (all settings and data) - Mailbox system for messaging Bitmessage addresses

Install

BitChan is distributed with a stable version of Bitmessage and runs among several docker containers orchestrated by docker's compose plugin. This allows cross-platform compatibility and isolation of your install from your operating system. For a consistent install environment, installing BitChan within a virtual machine running Xubuntu 22.04 is described below, however you can install BitChan in many operating system of your choice that support the install of docker and docker compose.

Alternatively, BitChan can be installed natively in a Debian-based operating system (without Docker).

See INSTALL for detailed install instructions.

Install BitChan with Docker

To install BitChan, first install Docker Engine, then change to the BitChan/docker directory and execute:

docker compose up --build -d

If you get a timeout error while downloading any of the docker image files, just run the command again until it successfully finishes all downloads.

Install Configuration

docker-compose.yml in the docker directory can be configured to suit your particular system. Make sure to run "make daemon" for the changes to take effect.

• The cpuset option for each container can be modified based on the number of CPU cores available. To allocate more than one to a container, separate them with commas (e.g. cpuset: '0,1,2'). It is wise to allocate one or more cores only to the bitmessage container. Similarly, it's wise to allocate one or more cores only to tor, nginx, and bitchan_flask. This is done to prevent bottlenecks when bitmessage is doing proof of work, since it is segregated to only using specific CPUs, while other containers can still process on other CPUs.
• The nginx container can have the ports section uncommented and changed to modify the port used to access the web interface, if you want this port exposed publicly. When commented out, the web interface can only be accessed from the computer BitChan is installed on. To change to port 9000, merely change to "9000:8000". It is recommended to keep this commented unless you know what you're doing.

Post-install

BitChan will automatically start at boot (if enabled) and runs on port 8000 by default, which can be accessed by visiting http://localhost:8000 or http://172.28.1.1:8000 in a web browser.

For added security, it's recommended to either A) use tor browser or B) configure another browser to connect through tor.

• A: Tor Browser: Install tor browser (sudo apt install torbrowser-launcher). Launch tor browser and enter about:config in the address bar. Search for network.proxy.no_proxies_on and enter 172.28.1.1,172.28.1.6 (if installed with docker) or 127.0.0.1 (if installed without docker) to exclude the BitChan and I2P Webconsole IP addresses from the proxy. Access BitChan at http://172.28.1.1:8000 and the I2P Webconsole at http://172.28.1.6:7070 (use 127.0.0.1 if installed without docker).
• B: Configure your browser to use the Tor SOCKS5 proxy with the host 172.28.1.2 and port 9050 (the IP and port for tor running in the tor docker container). Open BitChan at http://localhost:8000.

Verify your browser is using tor by visiting https://check.torproject.org.

Install BitChan without Docker

See INSTALL for how to install BitChan without Docker.

Upgrade BitChan

Upgrading BitChan can be performed with the following commands. Any database schema changes will be automatically performed. If a new version is incompatible with your previous version and the database cannot be upgraded, you will need to delete both docker volumes before running make daemon. Note: Deleting both volumes will delete all data. To determine if you need to delete any volumes to run any newer version, refer to CHANGELOG.md.

cd BitChan
git pull
cd docker
sudo make daemon

Docker and Control Options

Backup and Restore BitChan

You can save the state of Bitmessage and BitChan and restore it on another machine. This will preserve everything exactly as it was, including boards, lists, threads, messages, attachments, address book, identities, etc. With BitChan running, execute the following commands.

Create backup and transfer to your local machine:

sudo docker exec -it bitchan_flask tar -cvf /home/bitchan/bitchan_backup-usr_bitchan.tar /usr/local/bitchan
sudo docker exec -it bitchan_flask tar -cvf /home/bitchan/bitchan_backup-usr_bitmessage.tar /usr/local/bitmessage
sudo docker exec -it bitchan_flask tar -cvf /home/2021_07_01_bitchan-backup.tar /home/bitchan
sudo docker cp bitchan_flask:/home/2021_07_01_bitchan-backup.tar ~/
sudo docker exec -it bitchan_flask rm -rf /home/bitchan/bitchan_backup-usr_bitchan.tar /home/bitchan/bitchan_backup-usr_bitmessage.tar /home/2021_07_01_bitchan-backup.tar

Transfer backup to remote machine that has BitChan installed:

sudo docker cp ~/2021_07_01_bitchan-backup.tar bitchan_flask:/
sudo docker exec -it bitchan_flask tar -xvf /2021_07_01_bitchan-backup.tar -C /
sudo docker exec -it bitchan_flask tar -xvf /home/bitchan/bitchan_backup-usr_bitchan.tar -C /
sudo docker exec -it bitchan_flask tar -xvf /home/bitchan/bitchan_backup-usr_bitmessage.tar -C /
sudo docker exec -it bitchan_flask rm -rf /2021_07_01_bitchan-backup.tar /home/bitchan/bitchan_backup-usr_bitchan.tar /home/bitchan/bitchan_backup-usr_bitmessage.tar

Restart BitChan

cd BitChan/docker
sudo docker compose down
sudo make daemon

Docker Container Networking

• nginx container (BitChan Web User Interface)
  • IP: 172.28.1.1
  • Port: 8000
  • Address: http://172.28.1.1:8000
• tor container
  • IP: 172.28.1.2
  • Proxy Port: 9050
  • Control Port: 9051
• bitmessage container
  • IP: 172.28.1.3
  • Port: 8445
• bitchan_flask container (frontend)
  • IP: 172.28.1.4
• bitchan_daemon container (backend)
  • IP: 172.28.1.5

Adding User to Docker Group

Add your user to the docker group to run docker as a non-root user.

sudo groupadd docker
sudo usermod -aG docker $USER

Log out and back in for the group addition to take effect.

Make sure you're in the BitChan/docker directory when executing the make or docker compose commands.

Build and Daemonize (runs as daemon at startup)

make daemon

Build and Bring Up (output to stdout)

make build

Stop and delete containers

make clean

Bring Down

docker compose down

Bring Up (stdout)

docker compose up

Bring Up (daemon)

docker compose up -d

Build and Bring Up (stdout)

Note: same as make build command

docker compose up --build

Build and Bring Up (daemon)

Note: same as make daemon command

docker compose up --build -d

Accessing volumes

To access the volumes as your user, first change ownership to be able to access docker volumes.

sudo chown -R $USER /var/lib/docker

Access bitchan volume

ls -la /var/lib/docker/volumes/docker_bitchan/_data/

Access bitmessage volume

ls -la /var/lib/docker/volumes/docker_bitmessage/_data/

Deleting volumes

Delete BitChan volume

Note: This will also delete the BitChan database

cd BitChan/docker
docker compose down
docker volume rm docker_bitchan

Delete Bitmessage volume

Note: This will delete the Bitmessage keys.dat and messages.dat

cd BitChan/docker
docker compose down
docker volume rm docker_bitmessage

Tor Control

To use nyx to connect to the control port of the containerized tor, run the following from a linux terminal on the system running the docker containers.

sudo apt install nyx
nyx -i 172.28.1.2:9051

Enter password torpass1234

Note: To change the default tor password, edit BitChan/docker/docker-compose.yml and change password: "torpass1234" to something else, then rebuild your containers with make daemon

Check where ports are bound

sudo netstat -tunlp && sudo lsof -nP -iTCP -sTCP:LISTEN

Connect to a remote server that's bound to localhost

When a server is bound to localhost, that server can only be connected to from the computer hosting the server (from localhost).

ssh -L local_port:local_address:remote_port [email protected]

For example, if your remote IP address is 123.4.5.6, to connect to the remote i2pd webconsole at port 7070, execute the command:

ssh -L 7777:localhost:7070 [email protected]

This will send any connection to port 7777 on your local machine over SSH to port 7070 on the remote machine.

After establishing the tunnel, open a web browser to http://localhost:7070.

Virtual Private Server / Kiosk Mode

Installing and running BitChan on a debian-based virtual private server (VPS) is very easy and allows BitChan to be publicly accessible. However, as with all public systems, security should be a significant concern. Therefore, a Kiosk Mode has been created that institutes a login and permission system to allow administration as well as anonymous posting, among other features. Furthermore, the hosting of hidden onion services has been built-in to allow secure and anonymous access to your BitChan instance. See the Kiosk Mode and Hidden Onion Service sections of the manual for more information.

Installing and Running

Securely log in to your VPS, changing "123.123.123.123" to the VPS IP address and "user" to your user:

torsocks ssh [email protected]

Then follow the [Install Instructions](#install-on-debian-based-operating-systems).

Before building, if you are going to have this install publicly accessible on the internet, you may want to enable kiosk mode and add an admin user. This can be done by setting the Admin password in BitChan/credentials.py and enabling Kiosk Mode on the configuration menu of the UI. This will require logging in with the password to make changes to the system. You can also change the Kiosk settings in config.py, such as to disable anonymous posting.

After building and once running, go to http://123.123.123.123:8000 to access the system and check if your password works to log in. If you want to prevent access via the IP address, you will need to first enable a tor hidden onion service, then disable HTTP access. First, enable the tor hidden onion service from the Configuration page. After a minute, verify you can connect to the onion address listed on the configuration page with tor browser. Last, disable HTTP access, by editing BitChan/docker/docker-componse.yaml and commenting out the nginx port section in order to disable exposing port 8000.

ports:
  - "8000:8000"

To:

# ports:
#   - "8000:8000"

Save, then rebuild BitChan:

cd BitChan/docker
make daemon

Once rebuilt, you should only be able to access BitChan from the hidden onion address in tor browser. If you want to use a custom onion address, you can generate a v3 onion address and provide the credentials in a zip file. This will allow you to host BitChan on both a randomly-created onion address and a custom vanity address. The random address can be kept private and used for maintenance/testing/administration and the custom address can be given out publicly for users to use the system. If you ever need to temporarily disable access to the system, you can disable the custom address and keep the random address enabled in order to maintain your own private access.

Upgrading to a New Version

These steps assume there's already an install of BitChan running on the VPS. Download latest version locally as bitchan.tar.gz, then upload securely to VPS, changing "123.123.123.123" to the VPS IP address and "user" to your user:

torsocks scp bitchan.tar.gz [email protected]:/user

Login securely to VPS, then copy relevant files to new version and rebuild. Note: Since newer versions of BitChan may have changes made to docker-compose.yml, config.py, or credentials.py, it's advisable to manually make changes to the newer version's config files, as blindly overwriting them may break functionality in the newer version. The use of the commands below assume it's safe to overwrite these files.

torsocks ssh [email protected]
mv /user/bitchan /user/bitchan-old
mkdir /user/bitchan
tar zxf /user/bitchan.tar.gz --strip-components=1 -C /user/bitchan
cp /user/bitchan-old/docker/docker-compose.yml /user/bitchan/docker/
cp /user/bitchan-old/config.py /user/bitchan/
cp /user/bitchan-old/credentials.py /user/bitchan/
cd /user/bitchan/docker
make daemon

Troubleshooting

TODO

Donate

Monero Address

49KE6mo43c6DLuszW48ZkYG8x6KcxjhscY5KzsNLTqLk8Vw2gBaTnoggxfYLJnQ95zNuDpfFESYSFZoucYq5vWAjNrqHbhX

Developer Information

BitChan GitHub Repository: github.com/813492291816/BitChan

Bitmessage Mail: address BM-2cWyqGJHrwCPLtaRvs3f67xsnj8NmPvRWZ

Bitmessage Chan: passphrase "bitchan" without quotes, verify the address is BM-2cT6NKM8PZvgkdd8JZ3Z9r9u2sb3jbkCAf

E-Mail: [email protected]

Note: This email can only receive messages. Use Bitmessage for 2-way communication.

PGP Public Key: E90B33C4C0E73AF537F2C2E9B14DF20410E5A5BC