Open-Access Usenet Server
news.tcpreset.net operates as a truly open-access system with no registration requirements or posting restrictions. We champion unrestricted communication while maintaining platform integrity through sophisticated automated defenses.
Our infrastructure employs Cleanfeed and SpamAssassin to neutralize spam and malicious content, ensuring a secure environment for legitimate discourse without compromising accessibility.
Privacy-Preserving Pseudonymous Infrastructure
We defend unrestricted expression, metadata privacy, and resistance to censorship through infrastructure designed to decouple network identity from content authorship. The transport path hides the source, while the author can still prove continuity over time.
N2Usenet is now the primary posting interface for TCPReset. Use https://n2usenet.virebent.art for the standalone HTTPS gateway.
Browser -> https://n2usenet.virebent.art -> Nym -> mail2news@mail2news.tcpreset.net -> news.tcpreset.net NNTP
N2Usenet keeps the same pseudonymous model: browser-side Ed25519 key generation, deterministic identicon rendering, Face: header support, Ed25519 body signatures, and Hashcash proof of work.
Legacy Onion Reply Path
The old m2usenet interface is no longer a standalone public gateway. It exists only inside Onion Newsreader under /compose/, for reply workflows from the onion web newsreader:
http://qgaswy4ebtrhaargqvoboutky7xoyyx5rq5nhydixemkniresdze5dyd.onion:8043/compose/
That legacy path preserves the original Tor chain:
- Onion site - Onion Newsreader and compose UI.
- Onion SMTP - hidden service SMTP relay.
- Onion M2N - hidden service Mail2News gateway.
- Onion NNTP - hidden service NNTP target.
The split is now explicit: N2Usenet is the standalone Nym path, while legacy M2Usenet survives only as the onion reply component inside Onion Newsreader.
Pseudonymity with Provable Authorship
You post under a pseudonym, not under accountability-free anonymity. An identity is built entirely client-side from three values you choose:
- Username - any handle you like.
- E-mail - any address (
any@any); it is a free-form label, never verified and never resolved. - Ed25519 public key - generated in your browser, the cryptographic anchor of the pseudonym.
These three fields form your identity string username | email | ed25519-pubkey. Network-layer separation is provided by Nym on the standalone N2Usenet path, and by Tor on the legacy onion reply path. The persistent keypair lets you sign successive posts under the same pseudonym, so readers can verify that a series of messages comes from one and the same author. Same key, same pseudonym, same visual fingerprint, authorship is asserted without exposing a real-world identity.
Visual Identity: the Face header
The identity string is rendered into a deterministic identicon via Ch1ffr3punk's VFACE algorithm. The resulting PNG is attached to every post as a base64 Face: header (RFC 4021), so newsreaders that support it display a stable visual badge beside the author. The same keypair always yields the same identicon, a one-glance proof of continuity that a forged duplicate cannot reproduce.
Each post therefore carries a coherent authorship bundle, anonymity preserved but authorship claimed:
From:- pseudonym and chosen e-mail label.Face:- base64 identicon derived from the identity string (Ch1ffr3punk VFACE).X-Ed25519-Pub:- the public key of the pseudonym.X-Ed25519-Sig:- Ed25519 signature over the message body.
Keypair Generation & Signing
- Generation: a fresh Ed25519 keypair is created locally in the browser (NaCl / CSPRNG). The secret key never leaves your machine; if you choose, it can be exported as a portable JSON identity file and loaded later to keep posting under the same pseudonym.
- Signing: the full message body is signed with your private key, producing a 64-byte signature carried in
X-Ed25519-Sig:next to the public key. - Verification: anyone can validate the signature against the published public key and the body, so only authentic, untampered messages are accepted as authored by that pseudonym.
Hashcash Proof-of-Work Anti-Abuse
Identity generation is free, so it cannot by itself stop spam. To impose a real per-message cost we keep Hashcash computational puzzles:
- Challenge: the client assembles a header (timestamp, destination, 64-bit nonce) canonicalised with the message content.
- Hash grinding: the nonce is incremented, computing SHA-1 hashes until 24 leading zero bits are found (~16M operations, 5-15 seconds).
- Economic asymmetry: negligible for a legitimate author; prohibitive in bulk (1000 messages ≈ 5 CPU-hours).
- Validation: the server verifies the SHA-1 instantly, checks timestamp freshness (±2h), and keeps replay protection in memory only.
Together, Hashcash (cost-to-post) and the Ed25519 / Face identity (pseudonymous authorship) form a dual-layer model: anonymous at the transport layer, accountable at the authorship layer, with no registration.
Access the Posting Interface
For the current standalone gateway, open:
https://n2usenet.virebent.art
For legacy onion replies inside Onion Newsreader, use:
http://qgaswy4ebtrhaargqvoboutky7xoyyx5rq5nhydixemkniresdze5dyd.onion:8043/compose/