rust-libp2p icon indicating copy to clipboard operation
rust-libp2p copied to clipboard

Published 20 hours ago verified publisher icon libp2p

Add an onion transport

Open tomaka opened this issue 6 years ago • 7 comments

tomaka avatar Nov 29 '18 14:11 tomaka

Hello @tomaka @gnunicorn ! I'm resolving this issue.

shivankgarg98 avatar Jan 14 '20 10:01 shivankgarg98

Is it revolved?

I think it could be implemented quite easily with the tor_stream crate. However this seems rather inelegant, because it relies on a running Tor Proxy in the background. I would wait for a mature version of Arti. This would be more cross platform and probably more performant. However doing this now would be quite a hassle, because Arti will probably change it‘s API a lot.

umgefahren avatar Oct 07 '21 06:10 umgefahren

We have experimented with libp2p and Tor a lot and landed on the following:

  1. It is quite easy to do a dial-only transport: https://github.com/comit-network/xmr-btc-swap/blob/master/swap/src/network/tor_transport.rs
  2. In our experience, Tor users want to manage their Tor daemon and onion addresses themselves. Thus, if I had to integrate a libp2p application with Tor again, I would give them tools to easily setup a hidden services and build a libp2p transport that reads the Tor configuration file and automatically listens on the respective TCP port to receive data.

thomaseizinger avatar Oct 07 '21 07:10 thomaseizinger

Perhaps relevant https://blog.torproject.org/arti_100_released the Tor project released Arti v1, their new Rust based Tor implementation.

olanod avatar Sep 05 '22 15:09 olanod

Perhaps relevant blog.torproject.org/arti_100_released the Tor project released Arti v1, their new Rust based Tor implementation.

That is big news indeed. Reading through the blogpost under the "What's coming next?" section, it says that onion services will come with arti version 1.2.0. Listening will require the creation of an onion service so we will have to wait for that to build a full fledged transport.

It should be possible to build one that can only dial a Tor address though and simply fail unconditionally for listening. PRs welcome :)

thomaseizinger avatar Sep 09 '22 06:09 thomaseizinger

I started working on this, however I have issues dealing with Multiaddress correctly. As far as I can tell Multiaddress comes with some support for Onion out of the box, but it's somewhat opaque what this means in terms of Arti's TorAddress.

For now I just extract a SocketAddr (using TCP for the port), since Onion services are not supported anyway.

umgefahren avatar Sep 12 '22 06:09 umgefahren

I started working on this, however I have issues dealing with Multiaddress correctly. As far as I can tell Multiaddress comes with some support for Onion out of the box, but it's somewhat opaque what this means in terms of Arti's TorAddress.

For now I just extract a SocketAddr (using TCP for the port), since Onion services are not supported anyway.

Thank you for picking this up!

Feel free to open a draft PR at any stage if you want to discuss concrete issues :)

thomaseizinger avatar Sep 12 '22 12:09 thomaseizinger

We now have https://github.com/umgefahren/libp2p-tor.

thomaseizinger avatar Mar 29 '23 11:03 thomaseizinger

Hi,

I'm filing a RustSec advisory [0] signalling that https://crates.io/crates/libp2p-tokio-socks5 is unmaintained. Its been suggested that we link to alternatives. Shall I link to https://crates.io/crates/libp2p-community-tor?

@thomaseizinger was there any technical reason that you remember why you didn't mention libp2p-tokio-socks5 in this thread but instead referenced the xmr-btc-swap code (although the code looks pretty similar at a glance)?

Thanks

[0] https://github.com/rustsec/advisory-db/pull/1932

tcharding avatar Apr 07 '24 22:04 tcharding

@thomaseizinger was there any technical reason that you remember why you didn't mention libp2p-tokio-socks5 in this thread but instead referenced the xmr-btc-swap code (although the code looks pretty similar at a glance)?

I was never a fan of how listen_on is implemented there because it is somewhat of a leaky abstraction. The dial-only version I linked to is significantly simpler to understand.

thomaseizinger avatar Apr 08 '24 12:04 thomaseizinger

Hi,

I'm filing a RustSec advisory [0] signalling that crates.io/crates/libp2p-tokio-socks5 is unmaintained. Its been suggested that we link to alternatives. Shall I link to crates.io/crates/libp2p-community-tor?

@thomaseizinger was there any technical reason that you remember why you didn't mention libp2p-tokio-socks5 in this thread but instead referenced the xmr-btc-swap code (although the code looks pretty similar at a glance)?

Thanks

[0] rustsec/advisory-db#1932

Hi, author of libp2p-community-tor here.

I want to point out, that I haven't maintained libp2p-community-tor as well, although I could. Additionally I want to point out that it's not a direct replacement, since it ships with the Tor "inside" and Arti is still not considered to be a full replacement for C-Tor.

If there is real interest here, I could continue maintainer ship here, but it would certainly help to get in touch with the stake holders here. @tcharding

umgefahren avatar Apr 08 '24 16:04 umgefahren

I've not got any thing to do with libp2p anymore and have no opinions on the matter. I'm happy to link to whatever in the advisory, I just didn't want to lead anyone in the wrong direction. How about we link to crates.io/crates/libp2p-community-tor and also to https://github.com/comit-network/xmr-btc-swap/blob/master/swap/src/network/tor_transport.rs and perhaps to this thread too?

tcharding avatar Apr 08 '24 20:04 tcharding