GNUnet 0.16.0 released

We are pleased to announce the release of GNUnet 0.16.0.
GNUnet is an alternative network stack for building secure, decentralized and privacy-preserving distributed applications. Our goal is to replace the old insecure Internet protocol stack. Starting from an application for secure publication of files, it has grown to include all kinds of basic protocol components and applications towards the creation of a GNU internet.

This is a new major release. It breaks protocol compatibility with the 0.15.x versions. Please be aware that Git master is thus henceforth (and has been for a while) INCOMPATIBLE with the 0.15.x GNUnet network, and interactions between old and new peers will result in issues. 0.15.x peers will be able to communicate with Git master or 0.16.x peers, but some services - in particular GNS - will not be compatible.
In terms of usability, users should be aware that there are still a number of known open issues in particular with respect to ease of use, but also some critical privacy issues especially for mobile users. Also, the nascent network is tiny and thus unlikely to provide good anonymity or extensive amounts of interesting information. As a result, the 0.16.0 release is still only suitable for early adopters with some reasonable pain tolerance.

Download links

The GPG key used to sign is: 3D11063C10F98D14BD24D1470B0998EF86F59B6A

Note that due to mirror synchronization, not all links might be functional early after the release. For direct access try

Noteworthy changes in 0.16.0 (since 0.15.3)

  • GNS:
    • New record flag: CRITICAL. For records that must be processed otherwise resolution must fail. #7169
    • Deletion of records and reduction of expiration times is now properly handled with respect to monotonically increasing expiratin times. #7170
    • VPN tunnel establishment is moved out of the GNS resolver to be handled by applications (such as the DNS2GNS service). #7171
    • Introduces new record type REDIRECT which replaces the previous (ab)use of CNAME records. #7172
    • The specification has been updated to reflect the changes. LSD0001
  • DHT:
    • Routes can now be signed. #4164
    • Changed distance metric to a more traditional XOR. #7136
    • The specification has been updated to reflect the changes. LSD0004
  • RECLAIM: Added some preliminary support for Decentralized Identifier (DID) and Verifiable Credentials (VCs).
  • UTIL: Add Clause-Schnorr blind signatures. For use in Taler.
  • BUILD: Building from git now requires recutils. The bootstrap will generate up-to-date header files from GANA.

A detailed list of changes can be found in the ChangeLog and the bug tracker.

Known Issues

  • There are known major design issues in the TRANSPORT, ATS and CORE subsystems which will need to be addressed in the future to achieve acceptable usability, performance and security.
  • There are known moderate implementation limitations in CADET that negatively impact performance.
  • There are known moderate design issues in FS that also impact usability and performance.
  • There are minor implementation limitations in SET that create unnecessary attack surface for availability.
  • The RPS subsystem remains experimental.
  • Some high-level tests in the test-suite fail non-deterministically due to the low-level TRANSPORT issues.

In addition to this list, you may also want to consult our bug tracker at which lists about 190 more specific issues.


This release was the work of many people. The following people contributed code and were thus easily identified: Christian Grothoff, Tristan Schwieren, Alessio Vanni, Florian Dold, Thien-Thi Nguyen, t3sserakt, Lucien Heuzeveldt, Gian Demarmels, madmurphy, TheJackiMonster and Martin Schanzenbach.