Selective tor usage #4564

issue kazcw openend this issue on July 20, 2014
  1. kazcw commented at 8:17 pm on July 20, 2014: contributor
    Tor can obscure the relationship between a wallet and an IP address, but has high overhead. For a full node, none of the network-intensive activity leaks privacy; it seems like the ideal application of tor in many situations would be to perform all non-wallet network functions normally via direct connections, but use a tor connection for privacy-leaking operations like pushing wallet transactions.
  2. laanwj commented at 8:37 pm on July 20, 2014: member

    Another reason why the wallet should be a separate application.

    For now (if your goal is to reduce overhead) I’d suggest to run one of the other wallets over TOR. For example, bitcoinj supports TOR natively. Not sure about Electrum.

    Do mind that SPV clients inherently leak some information about your addresses through the bloom filters that they submit. But behind TOR that may matter less. At most the adversary can correlate which addresses belong together, not whom they belong to.

  3. Diapolo commented at 1:31 pm on July 21, 2014: none
    Not sure this is an (Github) “issue” really. But what about relaying TXs for example, one will know your IP, if your node does this without Tor, no?
  4. laanwj commented at 1:48 pm on July 21, 2014: member

    @Diapolo Not if you push your own transactions to other nodes through TOR or submit them some other way.

    I understand @kazcw’s point but the answer is simply ‘Don’t use the full node wallet’. There is no reason why you couldn’t run a full node on the open net, and use another SPV wallet that is not pointed at your own full node, but connects to peers over TOR.

    There is your separation, and much more water-tight than trying to handle it in the same process with some hacky exceptions and rules (remember kids, opsec is very hard to get right).

    So I’m closing this.

  5. laanwj closed this on Jul 21, 2014
  6. laanwj reopened this on Nov 27, 2014
  7. laanwj added the label Wallet on Nov 27, 2014
  8. laanwj commented at 11:31 am on November 27, 2014: member
    Reopening this. Submitting transactions through a different mechanism than the normal P2P networking can make sense for privacy. I’m still of the opinion that this needs to be thought through very well before implementation to avoid making dangerous assumptions (ie, exposing oneself to fingerprinting attacks for example, if you connect to both Tor and directly these will reveal you).
  9. laanwj commented at 11:52 am on April 15, 2015: member
    As of #5951, this use case can be addressed using walletbroadcast=0 then taking care of the transaction broadcast manually or through an external script.
  10. laanwj closed this on May 18, 2015
  11. laanwj added the label Privacy on Aug 18, 2015
  12. MarcoFalke locked this on Sep 8, 2021


kazcw laanwj Diapolo

Labels
Wallet Privacy

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-07-01 10:13 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me