[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-71473":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":10,"rankLanguage":10,"license":22,"archived":23,"fork":23,"defaultBranch":24,"hasWiki":25,"hasPages":23,"topics":26,"createdAt":10,"pushedAt":10,"updatedAt":32,"readmeContent":33,"aiSummary":34,"trendingCount":16,"starSnapshotCount":16,"syncStatus":35,"lastSyncTime":36,"discoverSource":37},71473,"REALITY","XTLS\u002FREALITY","XTLS","THE NEXT FUTURE","https:\u002F\u002Fopensea.io\u002Fcollection\u002Fxtls",null,"Go",5249,429,54,1,0,15,38,106,45,38.9,"Mozilla Public License 2.0",false,"main",true,[27,28,29,30,31],"reality","vless","xray","xtls","xudp","2026-06-12 02:02:52","# REALITY\n\n## THE NEXT FUTURE\n\nServer side implementation of REALITY protocol, a fork of package tls in latest [Go](https:\u002F\u002Fgithub.com\u002Fgolang\u002Fgo\u002Ftree\u002Fmaster\u002Fsrc\u002Fcrypto\u002Ftls).\nFor client side, please follow https:\u002F\u002Fgithub.com\u002FXTLS\u002FXray-core\u002Fblob\u002Fmain\u002Ftransport\u002Finternet\u002Freality\u002Freality.go. \n\nTODO List: TODO\n\n## Donation & NFTs\n\n### [Collect a Project X NFT to support the development of Project X!](https:\u002F\u002Fopensea.io\u002Fitem\u002Fethereum\u002F0x5ee362866001613093361eb8569d59c4141b76d1\u002F1)\n\n[\u003Cimg alt=\"Project X NFT\" width=\"150px\" src=\"https:\u002F\u002Fraw2.seadn.io\u002Fethereum\u002F0x5ee362866001613093361eb8569d59c4141b76d1\u002F7fa9ce900fb39b44226348db330e32\u002F8b7fa9ce900fb39b44226348db330e32.svg\" \u002F>](https:\u002F\u002Fopensea.io\u002Fitem\u002Fethereum\u002F0x5ee362866001613093361eb8569d59c4141b76d1\u002F1)\n\n- **ETH\u002FUSDT\u002FUSDC: `0xDc3Fe44F0f25D13CACb1C4896CD0D321df3146Ee`**\n- **Project X NFT: https:\u002F\u002Fopensea.io\u002Fitem\u002Fethereum\u002F0x5ee362866001613093361eb8569d59c4141b76d1\u002F1**\n- **VLESS NFT: https:\u002F\u002Fopensea.io\u002Fcollection\u002Fvless**\n- **REALITY NFT: https:\u002F\u002Fopensea.io\u002Fitem\u002Fethereum\u002F0x5ee362866001613093361eb8569d59c4141b76d1\u002F2**\n- **Related links: [VLESS Post-Quantum Encryption](https:\u002F\u002Fgithub.com\u002FXTLS\u002FXray-core\u002Fpull\u002F5067), [XHTTP: Beyond REALITY](https:\u002F\u002Fgithub.com\u002FXTLS\u002FXray-core\u002Fdiscussions\u002F4113), [Announcement of NFTs by Project X](https:\u002F\u002Fgithub.com\u002FXTLS\u002FXray-core\u002Fdiscussions\u002F3633)**\n\n## VLESS-XTLS-uTLS-REALITY example for [Xray-core](https:\u002F\u002Fgithub.com\u002FXTLS\u002FXray-core)\n\n中文 | [English](README.en.md)\n\n```json5\n{\n \"inbounds\": [ \u002F\u002F 服务端入站配置\n {\n \"listen\": \"0.0.0.0\",\n \"port\": 443,\n \"protocol\": \"vless\",\n \"settings\": {\n \"clients\": [\n {\n \"id\": \"\", \u002F\u002F 必填,执行 .\u002Fxray uuid 生成,或 1-30 字节的字符串\n \"flow\": \"xtls-rprx-vision\" \u002F\u002F 选填,若有,客户端必须启用 XTLS\n }\n ],\n \"decryption\": \"none\"\n },\n \"streamSettings\": {\n \"network\": \"raw\",\n \"security\": \"reality\",\n \"realitySettings\": {\n \"show\": false, \u002F\u002F 选填,若为 true,输出调试信息\n \"target\": \"example.com:443\", \u002F\u002F 必填,格式同 VLESS fallbacks 的 dest\n \"xver\": 0, \u002F\u002F 选填,格式同 VLESS fallbacks 的 xver\n \"serverNames\": [ \u002F\u002F 必填,客户端可用的 serverName 列表,暂不支持 * 通配符\n \"example.com\",\n \"www.example.com\"\n ],\n \"privateKey\": \"\", \u002F\u002F 必填,执行 .\u002Fxray x25519 生成\n \"minClientVer\": \"\", \u002F\u002F 选填,客户端 Xray 最低版本,格式为 x.y.z\n \"maxClientVer\": \"\", \u002F\u002F 选填,客户端 Xray 最高版本,格式为 x.y.z\n \"maxTimeDiff\": 0, \u002F\u002F 选填,允许的最大时间差,单位为毫秒\n \"shortIds\": [ \u002F\u002F 必填,客户端可用的 shortId 列表,可用于区分不同的客户端\n \"\", \u002F\u002F 若有此项,客户端 shortId 可为空\n \"0123456789abcdef\" \u002F\u002F 0 到 f,长度为 2 的倍数,长度上限为 16\n ],\n \"mldsa65Seed\": \"\", \u002F\u002F 选填,执行 .\u002Fxray mldsa65 生成,对证书进行抗量子的额外签名\n \u002F\u002F 下列两个 limit 为选填,可对未通过验证的回落连接限速,bytesPerSec 默认为 0 即不启用\n \u002F\u002F 回落限速是一种特征,不建议启用,如果您是面板\u002F一键脚本开发者,务必让这些参数随机化\n \"limitFallbackUpload\": {\n \"afterBytes\": 0, \u002F\u002F 传输指定字节后开始限速\n \"bytesPerSec\": 0, \u002F\u002F 基准速率(字节\u002F秒)\n \"burstBytesPerSec\": 0 \u002F\u002F 突发速率(字节\u002F秒),大于 bytesPerSec 时生效\n },\n \"limitFallbackDownload\": {\n \"afterBytes\": 0, \u002F\u002F 传输指定字节后开始限速\n \"bytesPerSec\": 0, \u002F\u002F 基准速率(字节\u002F秒)\n \"burstBytesPerSec\": 0 \u002F\u002F 突发速率(字节\u002F秒),大于 bytesPerSec 时生效\n }\n }\n }\n }\n ]\n}\n```\n\n若用 REALITY 取代 TLS,**可消除服务端 TLS 指纹特征**,仍有前向保密性等,**且证书链攻击无效,安全性超越常规 TLS** \n**可以指向别人的网站**,无需自己买域名、配置 TLS 服务端,更方便,**实现向中间人呈现指定 SNI 的全程真实 TLS** \n\n通常代理用途,目标网站最低标准:**国外网站,支持 TLSv1.3 与 H2,域名非跳转用**(主域名可能被用于跳转到 www) \n加分项:IP 相近(更像,且延迟低),Server Hello 后的握手消息一起加密(如 dl.google.com),有 OCSP Stapling \n配置加分项:**禁回国流量,TCP\u002F80、UDP\u002F443 也转发**(REALITY 对外表现即为端口转发,目标 IP 冷门或许更好) \n\n**REALITY 也可以搭配 XTLS 以外的代理协议使用**,但不建议这样做,因为它们存在明显且已被针对的 TLS in TLS 特征 \nREALITY 的下一个主要目标是“**预先构建模式**”,即提前采集目标网站特征,XTLS 的下一个主要目标是 **0-RTT** \n\n```json5\n{\n \"outbounds\": [ \u002F\u002F 客户端出站配置\n {\n \"protocol\": \"vless\",\n \"settings\": {\n \"vnext\": [\n {\n \"address\": \"\", \u002F\u002F 服务端的域名或 IP\n \"port\": 443,\n \"users\": [\n {\n \"id\": \"\", \u002F\u002F 与服务端一致\n \"flow\": \"xtls-rprx-vision\", \u002F\u002F 与服务端一致\n \"encryption\": \"none\"\n }\n ]\n }\n ]\n },\n \"streamSettings\": {\n \"network\": \"raw\",\n \"security\": \"reality\",\n \"realitySettings\": {\n \"show\": false, \u002F\u002F 选填,若为 true,输出调试信息\n \"fingerprint\": \"chrome\", \u002F\u002F 选填,使用 uTLS 库模拟客户端 TLS 指纹,默认 chrome\n \"serverName\": \"\", \u002F\u002F 服务端 serverNames 之一\n \"password\": \"\", \u002F\u002F 服务端私钥生成的公钥,对客户端来说就是密码\n \"shortId\": \"\", \u002F\u002F 服务端 shortIds 之一\n \"mldsa65Verify\": \"\", \u002F\u002F 选填,服务端 mldsa65Seed 生成的公钥,对证书进行抗量子的额外验证\n \"spiderX\": \"\" \u002F\u002F 爬虫初始路径与参数,建议每个客户端不同\n }\n }\n }\n ]\n}\n```\n\nREALITY 客户端应当收到由“**临时认证密钥**”签发的“**临时可信证书**”,但以下三种情况会收到目标网站的真证书:\n\n1. REALITY 服务端拒绝了客户端的 Client Hello,流量被导入目标网站\n2. 客户端的 Client Hello 被中间人重定向至目标网站\n3. 中间人攻击,可能是目标网站帮忙,也可能是证书链攻击\n\nREALITY 客户端可以完美区分临时可信证书、真证书、无效证书,并决定下一步动作:\n\n1. 收到临时可信证书时,连接可用,一切如常\n2. 收到真证书时,进入爬虫模式\n3. 收到无效证书时,TLS alert,断开连接\n\n## Stargazers over time\n\n[![Stargazers over time](https:\u002F\u002Fstarchart.cc\u002FXTLS\u002FREALITY.svg)](https:\u002F\u002Fstarchart.cc\u002FXTLS\u002FREALITY)\n","REALITY 是一个基于 Go 语言实现的网络传输协议,主要用于增强数据传输的安全性和隐私保护。该项目是 Go 标准库中 TLS 包的一个分支,引入了新的安全特性,如 XTLS 和 XUDP 支持,并且与 VLESS 协议兼容,提供了一种更安全、更灵活的数据加密方式。REALITY 适合需要高度安全通信的应用场景,例如在敏感数据传输或规避网络审查时使用。通过配置特定的服务器名称和密钥,用户可以轻松地部署并利用该协议提供的高级加密功能。",2,"2026-06-11 03:37:55","high_star"]