A BitTorrent Private Tracker Client "Accounting Error Message" Protocol Alert

A BitTorrent Private Tracker Client
"Accounting Error Message" Protocol Alert

Abstract
Private BitTorrent tracker websites have to obsess over what clients they choose to connect with.

One of the primary reasons those that run private BitTorrent protocol tracker websites must obsess over what clients they choose to support is this : so many BT protocol clients don't correctly provide proper upload or download information to the tracker.

Without proper accounting data from the client application proper upload and download ratios can be provided to their (paying) users.

A protocol fix to this unpleasant situation is long overdue.

Scope
This protocol modification is not designed to be used with public trackers -- nor should it ever be used with public trackers, as public trackers are open to anyone to use and only engage in limited accounting of the activity of each Torrent. Public trackers most importantly do not store any user specific upload or download accounting data.

Public vs Private FAQ
Public torrent hosting sites such as The Pirate Bay allow users to search and download from their collection of torrent files. Users can typically also upload torrent files for content they wish to distribute. Often, these sites also run BitTorrent trackers for their hosted torrent files, but these two functions are not mutually dependent : a torrent file could be hosted on one site and tracked by another, unrelated site.

Private host/tracker sites such as Demonoid, TheBox.bz, etc ... operate like public ones except that they restrict access to registered users and keep track of the amount of data each user uploads and downloads, in an attempt to reduce leeching.

Both private and public trackers provide a way to browse the files (in list form) contained on the site. This list can often be sorted with respect to several criteria, being relevance (seeders-leechers ratio) one of the most popular and useful (due to the way the protocol behaves, the download bandwidth achievable is very sensitive to this value).

The leech problem

A BitTorrent user may often choose to leave the swarm as soon as they have a complete copy of the file they are downloading, freeing up their outbound bandwidth for other uses. If enough users follow this pattern, torrent swarms gradually die out, meaning a lower possibility of obtaining older torrents (see content unavailability above). Some BitTorrent websites have attempted to address this by recording each user's download and upload ratio for all or just the user to see, as well as the provision of access to newer torrent files to people with better ratios. Users who have low upload ratios may see slower download speeds until they upload more.

This abstraction prevents (statistical) leeching, since after a while they become unable to download at even a fraction of the theoretical bandwidth of their connection. Some trackers exempt dial-up users from this policy, because their uploading capabilities are limited. The BitTorrent protocol also attempts to minimize the damages of leeches by using only a portion of their bandwidth for one-directional trades and using the majority for two-directional trades that tend to help the swarm as a whole.

The cheater problem

There are "cheating" clients like BitThief which claim to be able to download without uploading. Such exploitation negatively affects the cooperative nature of the BitTorrent protocol, although it might prove useful for people in countries where uploading copyrighted material is illegal, but downloading is not.

Some countries, such as South Africa, have relatively high bandwidth prices, on average costing around 10 USD a gigabyte.

The undersea cables which link South Africa (and many developed nations) to the internet can carry only a low amount of bandwidth compared to what is required. This issue has been addressed in South Africa's case with the new SEACOM undersea cable which promises to bring cheaper bandwidth to Africa.

In bandwidth constrained countries, torrent users tend to minimize sharing.

Examples of forbidden clients on private trackers

Some Commonly Banned Clients (not authoritative)

ABC (Randomly reports bad stats to the tracker.)
Acquisition (Not a proper torrent client.)
Ares (Beta client. Support and bug fixing appears to be weak at best.)
BinTorrent (Users have been caught cheating with this client.)
BitComet (All versions of BitComet report bad stats to the tracker and many leak to DHT.)
BitLord (Based on old buggy BitComet code.)
BitRocket (Does not conform to the torrent specification for client identification.)
Bits on Wheels (Support no longer provided and bugs are no longer being fixed.)
BitSpirit (Randomly sends DHT packets to its own public tracker.)
BitThief (Downloads from BitTorrent without contributing any resources itself)
BitTorrentPlus
Bittorrent++ (Does not uniquely identify itself.)
BitTorrent / Mainline (Does not honor the protocol requirements of private trackers.)
BitTyrant
BTG (Client has not been evaluated for approval.)
BT Next Evolution (This client has not been tested for suitability for use with private trackers.)
btpd-0.7 (Possible stats errors. Has resulted in multiple accounts being disabled.)
BTQueue (Has not been validated.)
burst! (No longer maintained.)
CTorrent and clones (Improper reporting / client is no longer supported.)
Deadman Walking (Does not identify itself properly to the tracker.)
Download Direct (Download Direct is a download manager, not a torrent client.)
ed2k plugin (Not a proper torrent client.)
eDonkey2000 (Not a proper Torrent client.)
eXeem (Not a proper Torrent client.)
Fast Torrent (Has the capability to mis-identify itself.)
FoxTorrent / Red Swoosh Client (Buggy client; still too early in its development.)
Free Download Manager (Not a torrent client.)
FrostWire (Variant of LimeWire, unsuitable for private torrent site use.)
G3 (Consistently reports bad stats to the tracker)
Gnome BitTorrent (A BitTorrent client for Linux/Unix)
LimeWire (Leaks swarm info.)
Miro (Does not uniquely identify itself (as of version 1.1.))
MLdonkey (Not a proper torrent client.)
Monsoon
Nova Torrent (May not report correctly to the tracker when canceling/finishing a torrent session.)
0P3R4H
Opera (Not a proper torrent client)
Python-urllib/2.0 (Accounts disabled for stats errors or cheating)
Python-urllib/2.0a1 (Accounts disabled for stats errors or cheating)
Python-urllib/2.1 (Accounts disabled for stats errors or cheating)
qBittorrent (Does not identify its version correctly.)
QTorrent (Does not identify itself correctly.)
Retriever (Not a proper Torrent client.)
Rufus (Stats errors)
Shareaza (Not a proper Torrent client.)
Torrent Station (Does not uniquely identify itself.)
TorrentStorm (Development and bug fixes ceased in 2005)
Torrent Swapper
Transmission 1.81 using this will get you automatically disabled by the tracker
Tribler (Based on ABC; the design of this client is unsuitable for private trackers.)
Turbo Torrent (Associated with stats errors. Known to contain spyware.)
XBT (Does not identify itself on the swarm / can be configured to pretend to be another client.)
Xtorrent (Client for Mac OS X / Numerous bugs make it bad for private tracker use.)
Ziptorrent (Does not identify itself correctly.)

The fix
The protocol fix for this annoying private tracker problem should ideally take up as little bandwidth as possible and be agnostic to (IP4 or IP6) as well as agnostic to (TCP or UDP).

This fix should apply to the granular level of individual torrents at a host. It is my understanding that BitTorrent clients make global announcements to their tracker hosts as per their global upload or download ratios, so there there must be some support for local torrent vs local client misbehavior.

The message protocol fix should be a one way and one way only message. However, obliging the client to respond to the tracker with a lower complexity reply message must also be considered. Reply messages should not be part of the protocol, but a reply message has been created here if clients or trackers want to implement it.

Data structures the tracker should maintain

Structure Name	Recommended Data Type	Use

User_max_up_speed_kb	Unsigned Int, kilobytes	Track user upload speed
User_max_down_speed_kb	Unsigned Int, kilobytes	Track user download speed

User_24h_max_up_kb	Unsigned Int, kilobytes	Track 24h MB Traffic Uploads (volitile)
User_24h_max_down_kb	Unsigned Int, kilobytes	Track 24h MB Traffic Downloads (volitile)

User_maximum_24h_traffic	Unsigned Int, kilobytes	Maximum possible observed traffic

User_24h_traffic_STDEV_up	Unsigned Byte, Standard Deviation Units	Should be within 0.10 to 0.05 strictly based on upload speeds. "0.XX"
User_24h_traffic_STDEV_down	Unsigned Byte, Standard Deviation Units	Should be within 0.10 to 0.05 strictly based on upload speeds. "0.XX"

User_update_interval	Already existant	Hourly updates a good idea
User_last_updated	Signed Long, Unix Time	64 bit POSTIX Time, NOT BCD time!

User_record_expires	Unsigned Byte, hours	Delete record if user inactive more than ~7 days

Notes

Most private trackers already implement : User_max_up_speed, User_max_down_speed.
Some but not all trackers implement : User_24h_max_up_kilobytes, User_24h_max_down_kilobytes. However, this can be a volatile statistical number. Ultimate end user bandwidth is unknowable -- without using (separate or different) computing and network mechanisms.
User_24h_traffic_STDEV_up, User_24h_traffic_STDEV_down are needed to help reject end user client transmitted traffic statistics.
Using small standard deviation units are a good (broad) mechanism to do reject bad BitTorrent clients. Percents could be used instead, but ideally both. However, trackers that report wrong stats generally send massively wrong numbers.
Users that start using high speed internet connections should not be punished by private trackers, so tolerance of instant changes in upload and download speed must be present in the trackers accounting system back end.
Trackers must tolerate stats that may be 1.5% higher than the expected raw bytes up or down due to traffic overhead -- and users must be given a choice as to if their client counts traffic overhead it its upload and download stats.
User_last_updated and User_record_expires are needed to keep the trackers accounting up to date. There has to be transparency on both the user end and the tracker end.
User_update_interval, the record should be updated hourly with some similar tracker updating time constant
User_record_expires, users go away and change machines -- so this record must be designed not to be permanent.

Tracker Response

Currently the tracker responds to the client with "text/plain" document consisting of a bencoded dictionary with the following important keys (all non-applicable keys will be ignored, only the applicable ones for the protocol described here) :

Failure Reason : If present, then no other keys may be present. The value is a human-readable error message as to why the request failed (string). The "Private Tracker Client Accounting Error Message" could be embedded here with minimal impact on the protocol. The syntax and usage of this field is unclear to me but as the string is assumed to be long enough for the accounting alert message than it will probably best be put here.
Warning Message : (new, optional) Similar to "Failure Reason" but the response still gets processed normally. The warning message is shown just like an error. The syntax and usage of this field is unclear to me but as the string is assumed to be long enough for the accounting alert message than it will probably could be put here, with some decoding taking place for the user with the client program as this is an automated message. Personally, I would prefer dumping any "human readable" error messages in the protocol and instead have them be replaced by URLs.

Tracker 'scrape' Convention (an alternate delivery method)

By convention most trackers support another form of request, which queries the state of a given torrent (or all torrents) that the tracker is managing. This is referred to as the "scrape page" because it automates the otherwise tedious process of "screen scraping" the tracker's stats page.

The scrape URL is also a HTTP GET method, similar to the one described above. However the base URL is different. To derive the scrape URL use the following steps: Begin with the announce URL. Find the last '/' in it. If the text immediately following that '/' isn't 'announce' it will be taken as a sign that that tracker doesn't support the scrape convention. If it does, substitute 'scrape' for 'announce' to find the scrape page.

Unofficial extensions to scrape that could be used for this protocol

Below are the response keys are being unofficially used. Since they are unofficial, they are all optional.

Failure Reason: Human-readable error message as to why the request failed (string). Clients known to handle this key: Azureus. The Failure Reason could contain the protocol data for the Private Tracker Client "Accounting Error Message" if there is enough room for it.
Flags: a dictionary containing miscellaneous flags. The value of the flags key is another nested dictionary. There is at least the possibility of setting aside a bit for altering the client that an accounting error message will be sent in the next 5 minutes.

Suggested data structures, Private Tracker Accounting Error Message

Data structure	Typical output	Bytes	Total
version : unsigned byte;	00x for version 01, always Binary not ASCII	1	1
message-number : unsigned int; (32 bits)	Message number should always go up in sequence by some fixed rule (+3 for one private tracker vs +11 for another). The message number must restart at zero after each tracker reboot, after that it is up to the tracker to determine its own sequence for this accounting message.	4	5
force-reply : char[1];	"Y" forces immediate reply (6s), "R" forces prognostic reply (67s), "N" forces no reply	1	6
file-or-client : char[1];	"L" ('local' file statistical error) or "G" ('global' client statistical error)	1	7
mode-accounting-failure : char[1];	"U" (upload) or "D" (download); or "S" (global client statistics)	1	8
affected-object-hash : unsigned byte[12];	The {first (for uploads) or last (for downloads)} 12 bytes of the SHA-1 hash of the affected shared object. Always Binary not ASCII. Must be XORed over "101010101..." (uploads) or "11001100..." (downloads). Sending the 'cleartext' of the file SHA-1 hash would decrease the privacy to the protocol. ALSO For global client failures this should be filled with binary zeros.	12	20
message-crc16-CCITT : short unsigned int;	Mandatory. Two bytes. Applies to the whole message. This field is necessary for the client program to make a reply. CRC-16-CCITT : $x 16 + x 12 + x 5 + 1$	2	22

The accounting error messages must be compact and meaningful as well as secure -- and all at the same time.

This protocol could greatly help in the debugging of BT clients that are designed to work with private trackers.

Messages

REPLY MESSAGE ONLY : All of the remaining messages in the protocol take the form of <length prefix><message ID><payload>. The length prefix is a four byte big-endian value. The message ID is a single decimal byte. The payload is message dependent. It would be ideal for the reply protocol could be worked into this message area, but for now this work will have to be postponed pending more research.

Suggested parameters for the reply message should be {TBA}.

Suggested data structures, Private Tracker Accounting Error Message Reply

Data structure	Typical output	Bytes	Total
version : unsigned byte;	0000x for version 0001, always Binary not ASCII. Mandatory.	1	1
message-processing-status : unsigned byte;	01x = success : no syntax errors, no checksum errors; 05x = success : syntax errors, no checksum errors; 09x = failure : syntax and checksum errors ... did you send this?	1	2
reply : unsigned int;	Mandatory. Message number should always go up or down in sequence by some fixed rule unique to the private tracker to avoid protocol attacks. By only sending back the CRC of the message number, acknowledgment is possible and some possible other measures could be taken by either program or the user or both. Replies should work like this : Essentially a 32 bit checksum of the accounting error message should be computed by the client and transmitted back to the tracker. The answerback should be computed and stored by the tracker when the accounting error message is issued. Syntax :: reply = crc32K(private-tracker-error-message + md5(private-tracker-error-message)) "+" designates binary domain bit string concatenation This checksum should not include the CRC16 transmitted to the client in the original accounting error message, as the CRC16 is only there for adverse network conditions. The goal is to eliminate the CRC16 as a source of spoofing or attack. CRC-32-Koopan (aka crc32K) should be used here : $x 32 + x 30 + x 29 + x 28 + x 26 + x 20 + x 19 + x 17 + x 16 + x 15 + x 11 + x 10 + x 7 + x 6 + x 4 + x 2 + x + 1$	4	5
message-crc8-CCITT : unsigned byte;	Mandatory. One byte. Applies to the whole message. This should only be paid attention to if the user is communicating a low bit rates -- as with dialup modems. CRC-8-CCITT : $x 8 + x 2 + x + 1 If this checksum is deemed unworkable,$ CRC-16-CCITT : $x 16 + x 12 + x 5 + 1 should be used as a replacement. Asymmetry of checksums here is a protection mechanism to make spoofing more difficult. Hashsums are only being avoided to limit bandwidth.$	1	6

As long as any BT client can be emulated by another client, this accounting message will be needed.

As a matter of industrial practice, the reply back should be in UDP to aviod any "man-in-the-middle" attacks common with TCP. Sending this message twice (1 x UPD, 1 x TCP) may provide some nominal network diagnostic utility. The UDP message should be sent first, as sending the TCP version first may permit the UDP version to be filtered out at the router level.

References

General Topic

BitTorrent protocol

BitTorrent (protocol), Terminology of BitTorrent
BitTorrent protocol encryption
Super-seeding, a special mode available for low bandwidth clients.
UDP Torrent Protocol

BitTorrent Protocol standards

http://wiki.vuze.com/w/Extension_negotiation_protocol
http://wiki.vuze.com/w/Azureus_messaging_protocol
http://www.rasterbar.com/products/libtorrent/extension_protocol.html
http://wiki.theory.org/BitTorrent_Location-aware_Protocol_1.0_Specification
http://dcg.ethz.ch/projects/bitthief/ (a research client, commonly banned; it has nominally influenced the BT protocol)

Technologies used by the protocol

Created by : Max Power // Document Created : 02 February 2010 // Last modified : 15 August 2010