Apparently CJDNS network does not work with Tor on mainnet. #24450

issue lsilva01 openend this issue on February 28, 2022
  1. lsilva01 commented at 6:28 am on February 28, 2022: contributor

    Apparently CJDNS network does not work with Tor on mainnet.

    Expected behavior

    Both networks should work.

    Actual behavior

    When monitoring connections via ./src/bitcoin-cli -netinfo 4, this does not show any CJDNS peers if Tor is enabled. If the Tor proxy is commented out in the configuration file, the CJDNS peers will be connected.

    To reproduce

    Install Tor, I2P and CJDNS services on Fedora / Debian.

    Add the following items to bitcoin.conf file:

     0[main]
     1proxy=127.0.0.1:9050
     2cjdnsreachable=1
     3i2pacceptincoming=1
     4i2psam=127.0.0.1:7656
     5addnode=fcc7:be49:ccd1:dc91:3125:f0da:457d:8ce
     6addnode=fc32:17ea:e415:c3bf:9808:149d:b5a2:c9aa
     7addnode=sedndhv5vpcgdmykyi5st4yqhdxl3hpdtglta4do435wupahhx6q.b32.i2p:0
     8addnode=zsxwyo6qcn3chqzwxnseusqgsnuw3maqnztkiypyfxtya4snkoka.b32.i2p:0
     9addnode=wwbw7nqr3ahkqv62cuqfwgtneekvvpnuc4i4f6yo7tpoqjswvcwa.b32.i2p:0
    10addnode=opnyfyeiibe5qo5a3wbxzbb4xdiagc32bbce46owmertdknta5mi7uyd.onion:8333
    11addnode=rp7k2go3s5lyj3fnj6zn62ktarlrsft2ohlsxkyd7v3e3idqyptvread.onion:8333
    12addnode=xqt25cobm5zqucac3634zfght72he6u3eagfyej5ellbhcdgos7t2had.onion:8333
    

    Run Bicoin Core. With the configuration above, there can be IPv4, onion and I2P peers, but not CJDNS. Stop Bitcoin Core, comment out proxy=127.0.0.1:9050 and restart it. There can be IPv4, CJDNS and I2P

    System information Bitcoin Core was compiled from master (last commit ee8c9971256). Ran on Fedora Linux 35. Same behavior observed on Debian 11.

  2. lsilva01 added the label Bug on Feb 28, 2022
  3. laanwj commented at 1:09 pm on February 28, 2022: member

    I think this is at least partially expected behavior. The thing is, if you’re proxying IPv6 over Tor, CJDNS will not work. -proxy is the catch-all (which is by far the safest behavior for what people generally want with Tor).

    Generally if you want to run a multi-network node, set a proxy per network, e.g. -onion=<ip:port>. This will cause non-CJDNS IPv4 and IPv6 to go over clearnet, though, so might not be the configuration you want.

  4. jonatack commented at 11:36 am on March 22, 2022: contributor

    Apparently CJDNS network does not work with Tor on mainnet.

    this does not show any CJDNS peers if Tor is enabled

    A few ways one can run CJDNS (and I2P and IPv4/6) with Tor (provided they do what a user wants):

    • with a proxy per network as suggested by @laanwj
    • with -onion=127.0.0.1:9050 -externalip=<your onion address> -discover -listen
    • without setting a proxy
    • with -proxy and -discover (and optionally -listen), not sure this is a useful config though
  5. vasild commented at 12:39 pm on March 22, 2022: contributor

    Yeah, I would say the above is misconfiguration which can be fixed by replacing -proxy= with -onion=. Some thoughts:

    -proxy= is catch-all setting. There may be a proxy running on one’s router that also handles CJDNS. So, it would be undesirable to change the behavior to ignore -proxy= within Bitcoin Core when connecting to CJDNS addresses.

    -proxy= is ignored for I2P addresses, so it is catch-all except I2P.

    Looks like we don’t support right now a setup where IPv4 and IPv6 are routed via Tor and CJDNS connections are made without a proxy.

    Maybe we should consider something like -proxy=1.2.3.4:5678=ipv4 for a more fine-grained control?

  6. felipelalli commented at 1:45 am on June 30, 2022: none
    I think this should be better documented in https://github.com/bitcoin/bitcoin/blob/master/doc/cjdns.md .
  7. pinheadmz commented at 9:19 pm on November 8, 2023: member

    I could work on this. I think it would be cool to support all networks with full privacy (meaning ipv4 and ipv6 routed over Tor). Onion goes over the SOCKS5 and I2P has its own proxy server (SAM), CJDNS is just a little trickier.

    Maybe we should consider something like -proxy=1.2.3.4:5678=ipv4 for a more fine-grained control?

    I think it’s either something like this, or another option like -cjdnsproxy (default true if -proxy is set)

  8. willcl-ark assigned pinheadmz on Apr 10, 2024
  9. jonatack commented at 4:57 pm on May 15, 2024: contributor

    I could work on this.

    Hi @pinheadmz, was a pull opened for this/any update? (thanks!)

  10. pinheadmz commented at 5:17 pm on May 15, 2024: member
    No PR yet but I am looking into which solution is best. Any thoughts ?
  11. vasild commented at 1:49 pm on May 24, 2024: contributor

    Taking a step back from -proxy=1.2.3.4:5678=ipv4 vs -cjdnsproxy=: if very few people use CJDNS for Bitcoin, is it worth spending effort on CJDNS at all? On my node there are 3 CJDNS addresses in addrman:

    0$ bitcoin-cli getpeerinfo |jq 'map(select(.network == "cjdns")) |length'
    13
    
  12. jonatack commented at 2:51 pm on May 24, 2024: contributor

    Network redundancy is valuable. We’ve seen attacks on Tor and I2P – the latter very recently. If both Tor and I2P are taken down the same time, CJDNS use may increase quickly.

    I think CJDNS mainly needs more awareness, an easy tutorial, and integration by node-in-box packages (see https://x.com/jonatack/status/1794016131272814708 that I just posted, suggesting bounties for that). These actions made a large difference in I2P use by bitcoin nodes.

    Edit: there are now open issues in Raspiblitz and Umbrel:


github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-12-19 12:12 UTC

This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me