PubSubChk is a research prototype for verifiable message delivery in publish-subscribe systems. This repository contains the client-side part of the prototype: an extension of the Eclipse Paho MQTT Go client that adds cryptographic checks to MQTT while keeping the familiar publish/subscribe programming model.
In a regular MQTT deployment, clients place a lot of trust in the broker. The broker receives messages from publishers, decides which subscribers should see them, and forwards them onward. That simplicity is one of the reasons MQTT is so useful, but it also means publishers cannot easily verify that their messages reached all intended subscribers, and subscribers cannot easily prove that their stream is complete, ordered, and consistent with the system view seen by other clients.
PubSubChk explores the following question: can we keep the lightweight MQTT experience, but make delivery auditable? This experimental MQTT extension combines signed publications, compact aggregate acknowledgments, and a key transparency service to detect omissions, reordering violations, and broker-induced split views.
This codebase is a research fork of github.com/eclipse/paho.mqtt.golang. The
core Paho client is still here, including the asynchronous Go API for connecting
to MQTT brokers, publishing messages, subscribing to topics, and handling
incoming messages. On top of that baseline, we added PubSubChk-specific protocol
logic for:
- signed MQTT publications carrying publisher identity and sequencing metadata;
- subscriber-side verification of message signatures and rolling clocks;
- publisher-side multi-acknowledgment requests backed by aggregate signatures;
- membership lookups against epoch-based key transparency commitments;
- packet-level extensions used by the PubSubChk-enabled broker.
The implementation is meant to support experimentation and evaluation of the protocol described in (TODO: pending publication).
PubSubChk extends MQTT with verifiability rather than replacing MQTT. Clients still communicate through a broker, topics still drive routing, and publishers and subscribers remain decoupled.
At a high level:
- A PubSubChk-enabled publisher signs each publication together with metadata such as the topic, its public key, and a logical clock.
- A subscriber verifies the signature and checks the clock sequence for the publisher/topic stream it receives, then signs an acknowledgment.
- The broker aggregates subscriber acknowledgments into a compact multiack that acts as a constant-size proof of delivery for the publisher.
- A key transparency service maintains public, verifiable per-topic epoch commitments to active subscriber keys, helping clients detect inconsistent broker views.
The prototype uses BLS signatures via github.com/supranational/blst
and Merkle-tree based membership proofs via
github.com/txaty/go-merkletree. Clients provide a
Proof-of-Possession (PoP) during PubSubChk setup to mitigate rogue-key attacks
in the aggregate signature scheme.
PubSubChk is split across three repositories:
- Client:
Nokia-Bell-Labs/PubSubChk-Client(this repository), based on the Eclipse Paho MQTT Go client. - Broker:
Nokia-Bell-Labs/PubSubChk-Server, a PubSubChk-enabled broker based on the Mochi MQTT server in Go. - Key Manager / Transparency Service (KTS):
Nokia-Bell-Labs/PubSubChk-KeyManager, a Go service that provides the key transparency functionality used by clients and the broker.
For meaningful end-to-end experiments, run this client together with the PubSubChk broker and key transparency service.
You need Go 1.21 or newer. The repository currently keeps the original Paho module path for compatibility with the upstream client API:
import mqtt "github.com/eclipse/paho.mqtt.golang"When using this checkout from another experiment repository, point Go at your
local PubSubChk client with a replace directive:
replace github.com/eclipse/paho.mqtt.golang => ../PubSubChk-ClientThen build or test with standard Go tooling:
go test ./...Some tests and experiments expect a PubSubChk-enabled broker and key transparency service to be running. See the companion repositories for the full prototype setup. Legacy MQTT clients can still co-exist with PubSubChk-enabled clients on the same broker; they simply do not receive PubSubChk verifiability guarantees.
Existing Paho-style client setup remains familiar. PubSubChk is enabled by configuring a BLS secret key on the client options:
opts := mqtt.NewClientOptions().
AddBroker("tcp://localhost:1883").
SetClientID("pubsubchk-client")
if _, err := opts.SetSecretKey(serializedSecretKey); err != nil {
panic(err)
}
client := mqtt.NewClient(opts)
token := client.Connect()
token.Wait()Once enabled, publications carry PubSubChk metadata, subscribers validate incoming messages, and publishers can request aggregate acknowledgments through the extended client API.
client.go,options.go,message.go: Paho client API plus PubSubChk client options and request hooks.signature.go: BLS signature handling, clock checks, and key transparency membership verification helpers.packets/: MQTT packet handling, including PubSubChk-specific packet extensions for signed publishes, membership checks, and multi-acks.cmd/: sample clients and helper programs inherited from the Paho client.
This is an experimental research prototype, not a production-ready MQTT client. The packet encoding, APIs, and deployment assumptions are still shaped by the evaluation workflow. Please treat the code as a vehicle for reproducing and extending the PubSubChk experiments.
In the current evaluation, PubSubChk adds low end-to-end latency overhead over standard MQTT, while multiack verification remains constant with respect to the number of subscribers. The paper draft reports approximately 0.3 ms of added end-to-end delay in the local MQTT setup and less than 1% overhead in cross-region deployments.
For production MQTT applications without PubSubChk, use the upstream Eclipse Paho MQTT Go client or Eclipse Paho Go client.
PubSubChk builds on the excellent work of the Eclipse Paho project. The original client library provides the MQTT implementation and API foundation used by this prototype.
The PubSubChk protocol and prototype are developed as part of our research on verifiable message delivery for publish-subscribe systems. For the full design and evaluation, start with (TODO: pending publication).
This repository retains the upstream Eclipse Paho licensing terms. See
LICENSE, epl-v20, and edl-v10 for details.