[Bitcoin-development] Tor hidden service support

grarpamp grarpamp at gmail.com
Wed Jun 27 19:51:08 UTC 2012


Forward past automoderation...


> Reading https://github.com/bitcoin/bitcoin/blob/master/doc/Tor.txt

> Is bitcoin software going to incorporate tor binaries within the
> application standard application and automatically create a Tor Hidden
> Service on behalf of end-user?
>
> Are there any direction regarding this kind of integration?

The document (Tor.txt) assumes the bitcoin user has taken care of
that. So no bi-direction needed (I am not TorProject).

> Regarding the addressing, why not use directly the .onion address?
> They represent in parallel:
> - Routing information (providing a path to the destination)
> - Proof of identity (owning the private RSA key)
> Which is the reason to map it to an IPv6 address?

Seems it's used only within bitcoin code to distinguish which proxy
or native IPvN path to send bitcoin traffic to (or receive from).
It might be simpler than managing onions, i2p's and whatever else
throughout the code and the private bitcoin p2p mesh.

Though I don't suspect it will conflict [1] with anyone's use of
OnionCat, GarliCat, or Phantom... it would just feel odd configuring
bitcoin to use Tor or I2P proxy ports (or Phantom native) when you
could conceivably just dump the IPv6 traffic to the OS stack for
handling once you have the *Cat shims and Phantom set up. They do
have a point about about ocat as a shim for their purposes. And
Phantom is a special case in that it's all native IPv6 interface,
no proxy or shim needed or provided.

I will quote an additional note from bitcoin-devel...

"Note that while the hidden service support in bitcoin uses a
compatible IPv6 mapping with onioncat, it is _not_ onioncat, does not
use onioncat, does not need onioncat, and wouldn't benefit from
onioncat. The onioncat style advertisement is used because our
protocol already relays IPv6 addresses. The connections are regular
tor hidden service connections, not the more-risky and low performance
ip in tcp onioncat stuff."

FYI. There have been a dozen or so onion:8333 nodes and maybe some
on I2P long before this work. But I think could only be used as
-connect or -addnode seeds with some extra host setup. Never tried
it since -proxy was sufficient. Seems this is a simpler and full
solution.

[1] Well bitcoin wouldn't know to offload traffic to any of those
blocks, or a specific host on them, if you had them set up locally
via *Cat or Phantom... for bitcoin use. It would probably end up
half useful similar to the above FYI. But that would just affect
bitcoin, not whatever else you were running on them.




More information about the bitcoin-dev mailing list