[spam][crazy] Adding Cert Pinning to E-X

[Undiscussed Horrific Abuse, One Victim of Many]

[trashcancel?]

libtoilet is intended to use the e-x fork of electrumx to be able
connect to a handful of different cryptocurrencies. the electrum
protocol doesn't include ssl fingerprints in peer exchange yet, which
might mean a mitm can easily offer you a fake peer network.

this is something that is not too complex to add and can reduce the
censorship/difficulty tradeoff for cryptocurrency clients and toilet
shredders both.

electrumx is at https://github.com/kyuupichan/electrumx

electrumx uses a quick small network library that i think of as a
clean hack at https://github.com/kyuupichan/aiorpcX

basically it integrates with python's standard asyncio sockets
implementation, which has support for SSL.

the fork of electrumx that retains support for more coins is at
https://github.com/spesmilo/electrumx .

---

I glanced through some electrumx code, but I'm confused as to whether
it was kyuupichan's or spesmilos. But since the codebases are likely
based on the same trees, hopefully I can reuse the glancing.

I thought I was looking at spesmilo's code, so I was focusing on
making additions to the client rather than the protocol, since I think
it might be kyuupichan who specifies the protocol, really not sure of
this, do not know. What seemed to make the first sense to me would be
to:
- add ssl fingerprints to hardcided coin peers in lib/coins.py
- add parsing of the fingerprints to Peer.from_real_name() in
lib/peer.py and generation of them to Peer.real_name()
- add code to PeerManager._verify_peer() in server/peers.py to check
ssl fingerprints, which means a little more api and source digging to
implement

It's notable that in the source, it describes the peer description
format as "as on IRC", so the idea of finding the IRC community that
distributes peer addresses, and adding fingerprinting to the tools
they use, could help here.