# datadiode network driver

## loose thoughts
- based on ethernet or lwl
- primarily to exchange data between virtualized hosts
- implements a driver which
    1. trust on unbound channel
    2. established a secure data transfer
    3. PSK as param, maximum receive size
    4. basically unicast , optionally simplex data + simplex status code(compile time)
    5. bpf based state machine firewall + logging
    6. inotify interrupt
    7. optional: steganographically resilient for timing attacks
- implements userland interface
    1. authenticate remote communication point
    2. transfer file, not files
    3. transfer text
- use well known security concepts
    - ECC based asymmetric encryption + symmetric transfers
    - maybe hardware token based signing
- technology combining of
    - wireguard -> the light driver + encryption
    - syncthing -> UI handling of sharing files
    - warpinator -> idea of sharing files
    - snapdrop/Airdrop
    - age encryption
- benefits
    - one piece of software for one specific job
    - implementing a specific feature by design not by enforcing outer boundaries
- json based transfer format
    - version
    - type of content [0:text, 1:file]
    - size of content [int64]
    - encrypted content [2^48]