Rules For Valid Secret


Recommended Posts

I am interested in generating my own secrets, however it is not clear (at least to me) that what are the set of rules for a valid secret which would be accepted by the software. Some discussions (links below) give some insight but still there are confusions about valid set of character, length etc. For an example, I have never seen a secret generated by the software which has + or / or a lower case character (but base64 can have these characters).


Are the set of rules documented anywhere? Also, is full-access secret related to read-only secret in any logical way (i.e. given a valid full-access secret, can one generate corresponding read-only secret)?


Link to comment
Share on other sites

Hi btsyncid,


In general, there are 2 kinds of secrets:


Standard secret

- generated by BTSync

- consists of 33 alphanumeric symbols, where first one is a type of a secret, other 32 are actual 20-byte secret in Base32 encoding


Custom secret

- generated by user

- consists of 40 or more symbols and is a valid base-64 encoded value of 30 or more bytes.


We do not recommend using custom secrets since version 1.2, though they are still backward-supported.

Link to comment
Share on other sites

  • 4 weeks later...

I got from Roman the following detailed description about the secret rules:


Standard secret consists of 33 symbols, where 1st symbol is a prefix and 32 symbols are base32 encoded 20-byte binary secret. Secret MUST start with:


A - RW secret
B - RO secret
C - one-time secret
D - RW node, which supports connecting encrypted nodes
E - RO node, which supports connecting encrypted nodes (total secret len is 65 symbols due to double key)
F - RO-Encrypted node key, does not decrypt information.
R - RO secret (inherited from pre-beta application)


If secret is longer than 33 symbols, it is considered to be a “custom” secret. Custom secret must be 40 symbols or longer, base64 encoded.


Secret treated as invalid, if:

  • secret started from different symbol as mentioned above and shorter than 40 symbols
  • secret is shorter than 33 symbols
  • secret contains non-base32 symbols for standard secret
  • secret contains non-base64 symbols for custom secret
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.