Bitcoin Institute

TOR and I2P

3 messages madhatter, Satoshi Nakamoto January 16, 2010 — February 4, 2010
madhatter January 16, 2010 Source · Permalink

Hello,

I have had another idea.

It would be very cool to be able to have TOR and I2P seeds. For example: I could run BT within TOR-land on a .onion address. A client could connect their BT to TOR and have it seed from a .onion address and use it as a connected peer. (Likewise for I2P: someone could run a .i2p service that is — well — BC).

I might setup a couple of nodes in this fashion and post the tunnels on this forum. I already run a lot of I2P and TOR nodes so adding BC to the mix is quite trivial.

I support the idea of making BC compatible with TOR and I2P to increase the privacy of the system. I mean: why re-invent the wheel? There are thousands of mix network nodes just sitting there that can be used to enhance BC.

Cheers!

Satoshi Nakamoto January 20, 2010 Source · Permalink

I’ve been thinking about that for a while.  I want to add the backend support for .onion addresses and connecting to them, then go from there.

There aren’t many .onion addresses in use for anything because the user has to go through a number of steps to create one.  Configure TOR to generate a .onion address, restart TOR, configure it with the generated address.  Perhaps this is intentional to keep TOR so it can’t be integrated into file sharing programs in any sufficiently automated way.

Satoshi Nakamoto February 4, 2010 Source · Permalink

When using proxy port 9050, it will only make one attempt to connect to IRC, then give up, since it knows it will probably always fail because IRC servers ban all the TOR exit nodes.  If you’re using another port, it would assume it might be a regular old normal proxy and would keep retrying IRC at longer and longer intervals.  You should not use Polipo or Privoxy as those are http filters and caches that would corrupt Bitcoin’s messages if they make any changes.  Bitcoin might be trying to overcome it by reconnecting.  You should use port 9050.

As riX says, the “is giving Tor only an IP address. Apps that do DNS…” warnings are nothing to worry about.  Bitcoin doesn’t use DNS at all in proxy mode.

Since Bitcoin can’t get through to IRC through Tor, it doesn’t know which nodes are currently online, so it has to try all the recently seen nodes.  It tries to conserve connection attempts as much as possible, but also people want it to connect quickly when they start it up and reconnect quickly if disconnected.  It uses an algorithm where it tries an IP less and less frequently the longer ago it was successful connected.  For example, for a node it saw 24 hours ago, it would wait 5 hours between connection attempts.  Once it has at least 2 connections, it won’t try anything over a week old, and 5 connections it won’t try anything over 24 hours old.