stack_wallet icon indicating copy to clipboard operation
stack_wallet copied to clipboard
verified publisher icon cypherstack

Bug: Tor Connection Never Connects to Tor on TailsOS

Open ghost opened this issue 1 year ago • 1 comments

Is there an existing issue for this?

  • [X] I have searched the existing issues

Current Behavior

Tor Connection does not work on TailsOS for the AppImage native settings.

Expected Behavior

For the UI to set the Tor socks port to use 9050 and for it show green connected to Tor status on Tor only configured OS.

Reproduce Steps

I created a test wallet of two different stacks (Monero & Firo) First though I enabled the Tor settings "Connect to Tor" however it was stuck at a yellow onion saying connecting.

Blockchain status: unable to synchronize

Launching with torsocks torsocks ./sw-v2.1.9.AppImage is able to get price and shows succeeded in Onion Circuits package and shows in green blockchain status for Monero in stack wallet GUI. However Firo is unable to synchronize the blockchain when launching the AppImage with torsocks cli wrapper. Also regardless of being launched with torsocks it still locks up on yellow status for Tor Connection status (never connects).

Environment

  • Operating system and version: TailsOS 6.10
  • Device platform and version: Debian 12

Logs

(dont want create a Gist for this see bellow)

Further Information

When launched with ./sw-v2.1.9.AppImage:

flutter: Log: [Info][2024-12-23 01:34:50.783Z]: TorSyncStatusChangedEvent fired with arg newStatus = TorConnectionStatus.connecting (TorService.start call in progress)
flutter: BUILD: DraggableSwitchButtonState
flutter: didChangeAppLifecycleState: inactive
flutter: didChangeAppLifecycleState: resumed
flutter: Log: [Info][2024-12-23 01:35:20.491Z]: RefreshPercentChangedEvent fired on f4284740-c0c7-11ef-9116-2f0d7d416c07 with percent (range of 0.0-1.0)= 0.0
flutter: Log: [Info][2024-12-23 01:35:20.491Z]: WalletSyncStatusChangedEvent fired in f4284740-c0c7-11ef-9116-2f0d7d416c07 with arg newStatus = WalletSyncStatus.syncing
flutter: Log: [Info][2024-12-23 01:35:41.799Z]: HTTP.get() rethrew: SocketException: Connection failed (OS Error: Network is unreachable, errno = 101), address = api.coingecko.com, port = 443
flutter: #0      _NativeSocket.startConnect (dart:io-patch/socket_patch.dart:721)
flutter: #1      _RawSocket.startConnect (dart:io-patch/socket_patch.dart:1920)
flutter: #2      RawSocket.startConnect (dart:io-patch/socket_patch.dart:27)
flutter: #3      RawSecureSocket.startConnect (dart:io/secure_socket.dart:299)
flutter: #4      SecureSocket.startConnect (dart:io/secure_socket.dart:77)
flutter: #5      _ConnectionTarget.connect (dart:_http/http_impl.dart:2487)
flutter: #6      _HttpClient._getConnection.connect (dart:_http/http_impl.dart:2930)
flutter: #7      _HttpClient._getConnection (dart:_http/http_impl.dart:2935)
flutter: #8      _HttpClient._openUrl (dart:_http/http_impl.dart:2790)
flutter: #9      _HttpClient.getUrl (dart:_http/http_impl.dart:2632)
flutter: #10     HTTP.get (package:stackwallet/networking/http.dart:41)
flutter: #11     PriceAPI.getPricesAnd24hChange (package:stackwallet/services/price.dart:147)
flutter: <asynchronous suspension>

Proposed Fix:

Rewrite/patch the Tor Connection UI feature to detect if the operating system is Tails by reading the /etc/os-release file and then configuring a Tor connection to use 127.0.0.1 and port 9050 and state in the UI you are using Tails on 127.0.0.1:9050 or something of the likes.

import 'dart:io';

Future<void> main() async {
  // Check if the OS is Tails
  bool isTails = await isTailsOS();

  if (isTails) {
    print('Detected Tails OS. Configuring Tor connection...');
    // Use 127.0.0.1 and port 9050 for Tor connection
    String torHost = '127.0.0.1';
    int torPort = 9050;

    // Here you would set up your Tor connection using the specified host and port
    // For example, if using the http package:
    // var client = HttpClient();
    // client.findProxy = (uri) {
    //   return "PROXY $torHost:$torPort";
    // };
    
    // Continue with your application logic...
  } else {
    print('Not running on Tails OS. Using default Tor settings...');
    // Use the default Tor settings
  }
}

Future<bool> isTailsOS() async {
  try {
    // Read the /etc/os-release file
    final osRelease = await File('/etc/os-release').readAsString();
    
    // Check if the content contains "Tails"
    return osRelease.contains('Tails');
  } catch (e) {
    print('Error reading /etc/os-release: $e');
    return false;
  }
}

ghost avatar Dec 23 '24 02:12 ghost

Tails lists name in /etc/os-release NAME="Tails"

Whonix has a specific file that is named /etc/whonix_version that could be checked if exists which means they are on Whonix which could indicat they are using a transparent proxy not system tor.

ghost avatar Mar 09 '25 22:03 ghost

Tails already routes everything through Tor, yes? You should not need to turn Tor in Stack Wallet. In fact, it is not recommended for privacy because it leads to Tor over Tor which is not recommended.

https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN

rehrar avatar Oct 21 '25 15:10 rehrar

Uh @rehrar no, Tails is not Whonix where its a gateway acting as Tor router for another system. Tails has the Tor daemon and all applications that are network related are routed via tor socks port or launched with torsocks. A specific firewall is set to "prevent leaks" and anything that is not over tor doesn't work but is not essentially transparent proxy firewall.

There is no option to communicate with a separate running Tor instance either via the Tor Browser Bundle (TBB) 9150 or the Tor service which is 9050 like in Tails case and the most commonly suggested. The only way to get it to work is torsocks -i ./sw-v2.1.9.AppImage but doesn't show its connected in the app. Torsocks is will be replaced by a rust implementation oniux like Arti.

ghost avatar Oct 27 '25 04:10 ghost