I see no emails, and I don't have a phone number so I can't type any messages on your Discord. For the first bounty, it seems like a library is needed similar to WinHTTP, Drogon, cpp-httplib, etc. Am I understanding it correctly? I could probably make a compliant library in C++ given a few months' time.
For now it seems like a free-for-all, but a great option would be C++, as many agreed that it can be easily converted to other languages like rust.
Then I will try my best! However, TLS mimicry is going to be one pain in the butt... this seems extremely promising, but it would take a senior dev team a year to make. Expecting people to make something like this is quite an overestimate of peoples free-time. I feel like way simpler PoC's need to be created first.
Yes, for the first bounty, a compliant client library implementing the HTX transport layer with origin-mirrored TLS fingerprints is indeed the foundational step. Something akin to WinHTTP or cpp-httplib in C++ would be a great start, since the spec relies heavily on precise TLS mimicry and fine-grained protocol behaviors. Given the complexity, C++ makes sense as a performant and portable base that could be adapted to other languages later.
Regarding the scale of effort, I completely agree that the full implementation, with all its cryptographic subtleties, adaptive calibration, cover traffic, and protocol nuances, is a large projectโlikely beyond what a small volunteer or single dev could tackle alone in a short timeframe. Thatโs why the spec encourages building incrementally, with smaller proof-of-concept components first to validate core mechanisms.
TLS mimicry is one of the hardest challenges hereโit requires a deep understanding of TLS fingerprinting and continuous adaptation to real-world origins. Building robust pre-flight calibration and exact protocol emulation is non-trivial and needs careful attention.
Your idea of starting with simpler PoCs is exactly the right approach. The ecosystem benefits from iterative progress, where early efforts can prove key pieces (like basic HTX session establishment or Noise handshakes) before layering on the full complexity.
If youโre interested, helping scope or prototype any of these foundational components would be incredibly valuable. Even minimal working examples help the community understand challenges and shape realistic timelines.
@slammingprogramming Dear sir, your generous sharing of this AI chatbot's profound wisdom on this matter is truly valuable, insightful, and most importantly, commendable. The world could use more of such enlightened contributions!
Noktyx, JoseAyeras, StellarSt0rm, Smellon69, Kornelf4 and 2 moreStellarSt0rm, Kornelf4 and duncansykesslammingprogramming
@SimonDevScr if that's your thoughts on my comment, that's your own thoughts to own. However I can say with certainty you come off as rude and certainly haven't added to this discussion with your comment. I won't continue to engage with you on this basis.
Well if you make a library in C, it's pretty easy to create wrappers for Python and other languages. I think C should be prioritized for now, but other languages are welcome.
Activity
ChedRed commentedon Aug 9, 2025
For now it seems like a free-for-all, but a great option would be C++, as many agreed that it can be easily converted to other languages like rust.
Smellon69 commentedon Aug 10, 2025
Then I will try my best! However, TLS mimicry is going to be one pain in the butt... this seems extremely promising, but it would take a senior dev team a year to make. Expecting people to make something like this is quite an overestimate of peoples free-time. I feel like way simpler PoC's need to be created first.
slammingprogramming commentedon Aug 11, 2025
Yes, for the first bounty, a compliant client library implementing the HTX transport layer with origin-mirrored TLS fingerprints is indeed the foundational step. Something akin to WinHTTP or cpp-httplib in C++ would be a great start, since the spec relies heavily on precise TLS mimicry and fine-grained protocol behaviors. Given the complexity, C++ makes sense as a performant and portable base that could be adapted to other languages later.
Regarding the scale of effort, I completely agree that the full implementation, with all its cryptographic subtleties, adaptive calibration, cover traffic, and protocol nuances, is a large projectโlikely beyond what a small volunteer or single dev could tackle alone in a short timeframe. Thatโs why the spec encourages building incrementally, with smaller proof-of-concept components first to validate core mechanisms.
TLS mimicry is one of the hardest challenges hereโit requires a deep understanding of TLS fingerprinting and continuous adaptation to real-world origins. Building robust pre-flight calibration and exact protocol emulation is non-trivial and needs careful attention.
Your idea of starting with simpler PoCs is exactly the right approach. The ecosystem benefits from iterative progress, where early efforts can prove key pieces (like basic HTX session establishment or Noise handshakes) before layering on the full complexity.
If youโre interested, helping scope or prototype any of these foundational components would be incredibly valuable. Even minimal working examples help the community understand challenges and shape realistic timelines.
SimonDevScr commentedon Aug 11, 2025
@slammingprogramming Dear sir, your generous sharing of this AI chatbot's profound wisdom on this matter is truly valuable, insightful, and most importantly, commendable. The world could use more of such enlightened contributions!
slammingprogramming commentedon Aug 11, 2025
@SimonDevScr if that's your thoughts on my comment, that's your own thoughts to own. However I can say with certainty you come off as rude and certainly haven't added to this discussion with your comment. I won't continue to engage with you on this basis.
duncansykes commentedon Aug 12, 2025
M dashes are my favourite AI indicator
TotallyNotK0 commentedon Aug 13, 2025
Well if you make a library in C, it's pretty easy to create wrappers for Python and other languages. I think C should be prioritized for now, but other languages are welcome.