Goldstein is a social media server with multiple client programs for handing different functions. It’s modelled on IRC, but stores messages, on both the server and client. It aims to eventually replicate the basic functionality of Facebook, YouTube, Twitter, etc, but with the freedom of running one’s own server.
However, it’s main purpose is to reliably preserve messages and files. If a server goes down (or is taken down) all messages and user information still functions as normal in offline mode. This provides the user with a complete record of every message she has downloaded, across multiple servers. This is the origin of the name: from the propaganda character of Goldstein in George Orwell’s Nineteen Eighty-Four, who was demonised for trying to accurately preserve history.
Both command line and GTK 4 based programs.
Stores messages on both server and client, using the same data format.
Allows download and upload of files using their SHA2-256 secure hashes, which allows multiple servers to securely host each others’ files.
Features multiple channels, with user ranks.
Caches user information (name, real name, description, icon) locally, updating only data that has changed.
Doesn’t use TCP networking, making it both fast, and resistant to DDOS attacks.
Encrypts messages to and from client and server using either Serpent or Rijndael (aka AES) 128 bit block ciphers, with 256 bit keys.
Uses 4096 bit Diffie-Hellman-Merkle key exchange.
Allows users to exchange pre-shared secrets with servers, for extra security.
Never exchanges unencrypted data, making it ideal for use with steganography.
Uses a library for most functionality, making it modular.
Because Goldstein aims to preserve all messages that have been read, on client systems (out of reach of the server), there is no way to delete or edit messages.
Servers are assumed to be relatively harmonious communities. This means there aren’t user groups, nor blocking of users. Instead users have ranks: owner, admin, trusted, regular, normal, and guest.
Since Goldstein doesn’t use TCP, messages are limited to a single packet, which means they can only be 1024 bytes long.
User and channel names are limited to 16 characters. Real names are limited to 32 characters and user descriptions to 256.
No cut and paste of message text.
No admin of users via golds-gtk.
No support for guest users.
No simultaneous upload of the same file to different servers.
No simultaneous download of the same file from different servers.
No muting of users.
No unicode support (including emojis).
No download or upload quotas.
No direct messages.
No audio or video communication.
No playback/display of audio, video or 3D model files.
No Android client.
goldsd: The server.
golds-crypt: Command used to encrypt and decrypt files. Doesn’t connect to a server.
golds-file: Command used to download and upload files from/to a server.
golds-user: Command used to perform user commands on a server. These tasks include changing user info (real name, description, icon), changing your password, creating pre-shared secrets, adding/removing/renaming channels, and user admin.
golds-msg: Command used to send and download messages and user configs to/from a server.
golds-chat: Ncurses based command line chat program, used to send and automatically receive messages and user configs continually from a server.
golds-gtk: GTK 4 and OpenGL based GUI chat program, used to send and automatically receive messages and user configs, continually from a server. Supports multiple servers and channels simultaneously, and display of image files.
Goldstein uses two different forms of encryption: symmetric block cipher and Diffie-Hellman-Merkle (DHM) key exchange.
There are two types of block cipher used: Serpent and Rijndael (aka AES). The default is Serpent, since it only lost the Advanced Encryption Standard (AES) competition in favour of Rijndael because it was slower - thus the competition was flawed. Since Serpent uses a more conservative design it must take precedence, especially since it appears as if it has been abandoned by the cryptography community, for no good reason.
DHM key exchange is done with GNU Multiple Precision Arithmetic (GMP) library, using a 4096 bit modulus and 2048 bit secrets. This is achieved with only one packet in each direction.
See the INSTALL file for generic install instructions - this package uses the Autoconf compilation and installation system.
To get it running, a bit more work is needed. First on the server:
Create the change root directory (/var/lib/goldsd/ by default).
Create the “users” directory within the change root directory and copy the supplied “etc/owner.cfg” file there, editing it to add a password (in the passwd-text option), and possibly change the name, real-name and description options. Nb. the password will be hashed (encrypted) once the server has been run.
Copy the supplied “etc/channels.txt” file to the change root directory, editing it to add/remove channels.
Run goldsd, either like this: goldsd -chroot-dir=[change root directory] -pass=[server password] -hostname=[server hostname], or placing the options in the system config file (probably /etc/stdconfig/goldsd) and running it like this: goldsd. Nb. -chroot-dir can be omitted if it’s the default (/var/lib/goldsd). Nb. chroot with the root user will be insecure unless run without all but chroot capabilities - eg. via Systemd, Startd, etc.
Now on the client:
Create the “~/.config/goldstein/servers/” directory, and copy the supplied “etc/local” config file to it.
Edit the “~/.config/goldstein/servers/local” config file, and possibly change the name - the name of the file is the name of the server for commands.
You can now connect to the server, adding more users with golds-user, upload files with golds-file, etc. The commands must be run with the -server=local option.
The daemon and associated commands are licensed under the GNU General Public Licence (GPL).
The major version of the GPL used is only 2, in rejection of version 3’s social engineering. Forks of Startd may use GPL version 2, version 3, or later versions.
Found a bug? Please send the details to bugs@cinfinity.info. Mention the program being used, package (with version and/or release number) it came from, command line and config file options, and ideally the backtrace provided by gdb (with the bt command). Please don’t send core files (unless requested).
Any ideas for improvements can be sent to marks@cinfinity.info.
If you want to make a contribution, you can send patches to patches@cinfinity.info. I can’t guarantee I’ll accept them though, since Startd is designed to be minimalist, so for anything substantial, you should probably ask first. Patches should be in unified diff format, created with diff -u <original file> <modified file>. Nb. I don’t use git or any other source code version control system, since I believe that every package should have a single author, and that large projects should ideally be broken down into a number of independent libraries.
My name is Mark Skinner. I’m an Australian, self taught computer programmer, with a degree in engineering (specifically, computer control systems).
I write all my source code using the Geany text editor, and compile and test it via the command line. My main Hyprland Linux desktop consists of the text editor, a web browser and a terminal.
Last modified: 2025-12-10 03:20:13 UTC.