From: LORD HIS EXCELLENCY JAMES HRMH <willtech@live•com.au>
To: "Mr. Lee Chiffre" <lee.chiffre@secmail•pro>,
Bitcoin Protocol Discussion
<bitcoin-dev@lists•linuxfoundation.org>, s7r <s7r@sky-ip•org>
Subject: Re: [bitcoin-dev] v3 onion services
Date: Sun, 17 Nov 2019 20:04:04 +0000 [thread overview]
Message-ID: <PS2P216MB01798627A61D2214FB3ED0D79D720@PS2P216MB0179.KORP216.PROD.OUTLOOK.COM> (raw)
In-Reply-To: <c1371845-ef3e-c73b-f358-a0470bb48d07@sky-ip.org>
[-- Attachment #1: Type: text/plain, Size: 4118 bytes --]
For those perhaps not so well versed in the operation of Bitcoin (and Bitcoin Core) with Tor, connectivity through the outgoing connection to other nodes is all accomplished via the socks5 proxy which enables all current gossip and the distribution of the nodes own transactions to other nodes. This is a full connectivity feature.
For listening, Bitcoin Core instructs Tor to create an ephemeral hidden service which, depending on the various factors, may be currently v2 only or v3 (future implementation). This is not necessary for the functionality of node connectivity in any way and is only used to allow for hidden listening so that other nodes connecting out on the onion can connect privately without hopping on the public internet at all and without exposing the nodes public IP or ports as listening (no port forwarding required and no listing on nodes list with public IP). It is currently possible for many nodes to exist as onion only nodes.
For the time being, although I did wonder myself, the use of v3 ephemeral service is not a requirement of operation on Bitcoin and hardly adds anything to security especially if we enable transient onion listening (a feature proposal is currently waiting for consideration/approval on bitcoin-core-dev and GitHub), however, eventually it will be essential to make use of the v3 ephemeral service as the v2 service support will, as I understand, eventually be dropped from the Tor network. I do not know if there are any current distinct plans.
My opinion is, v3 support is a nice idea but hardly urgent yet. Good luck if it ends up with an ack as I suspect some of the changes required will be complex and this may be perhaps the best reason to begin on it while there is interest.
Regards,
LORD HIS EXCELLENCY JAMES HRMH
________________________________
From: bitcoin-dev <bitcoin-dev-bounces@lists•linuxfoundation.org> on behalf of s7r via bitcoin-dev <bitcoin-dev@lists•linuxfoundation.org>
Sent: Monday, 18 November 2019 2:35 AM
To: Mr. Lee Chiffre <lee.chiffre@secmail•pro>; Bitcoin Protocol Discussion <bitcoin-dev@lists•linuxfoundation.org>
Subject: Re: [bitcoin-dev] v3 onion services
Mr. Lee Chiffre via bitcoin-dev wrote:
> Right now bitcoin client core supports use of tor hidden service. It
> supports v2 hidden service. I am in progress of creating a new bitcoin
> node which will use v3 hidden service instead of v2. I am looking at
> bitcoin core and btcd to use. Do any of these or current node software
> support the v3 onion addresses for the node address? What about I2P
> addresses? If not what will it take to get it to support the longer
> addresses that is used by i2p and tor v3?
>
>
Hello,
Yes, that is correct. Currently at present moment only v2 onion services
are supported. Bitcoin Core is limited at 128 bit 'addresses' in the p2p
protocol, so it requires a rework of the p2p protocol. v3 onion services
are whole ed25519 public keys, base32 encoded with .onion at the end.
Same reason applies to I2P 'address types' as well. However, I am not an
expert in I2P and don't actually know how many bitcoin full nodes might
exist in I2P.
See:
https://github.com/bitcoin/bitcoin/issues/9214
https://github.com/bitcoin/bitcoin/issues/2091
For the default `ADD_ONION` feature, the onion service key was
downgraded to explicitly RSA1024 (legacy, v2 onion services) to ensure
the feature still works out of the box:
https://github.com/bitcoin/bitcoin/pull/9234
If you want a Tor only full node, you are best to use v2 onion services
for now. Why do you need the bitcoin node to explicitly have a v3 onion
address? You can have a service that is accessible to the general public
as a v3 onion service, and in the back uses a bitcoin full node that
uses v2 onion service to talk to other nodes. The v2 onion service
bitcoin network is extended fairly.
You can use in the same torrc (Tor configuration file), implicitly same
Tor process/daemon simultaneously v2 and v3 onion services by setting
HiddenServiceVersion parameter after every HiddenServiceDir parameter.
[-- Attachment #2: Type: text/html, Size: 6443 bytes --]
next prev parent reply other threads:[~2019-11-17 20:37 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-17 4:33 Mr. Lee Chiffre
2019-11-17 15:35 ` s7r
2019-11-17 20:04 ` LORD HIS EXCELLENCY JAMES HRMH [this message]
2019-11-17 23:01 ` Christopher Allen
2019-11-17 23:42 ` Matt Corallo
2019-11-18 11:59 ` Aymeric Vitte
2019-11-18 12:34 ` LORD HIS EXCELLENCY JAMES HRMH
[not found] ` <46FCD14B-02CC-4986-9C60-D8EC547F33FA@carldong.me>
2019-11-18 16:44 ` Carl Dong
2019-11-18 22:19 ` Aymeric Vitte
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=PS2P216MB01798627A61D2214FB3ED0D79D720@PS2P216MB0179.KORP216.PROD.OUTLOOK.COM \
--to=willtech@live$(echo .)com.au \
--cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
--cc=lee.chiffre@secmail$(echo .)pro \
--cc=s7r@sky-ip$(echo .)org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox