Merge pull request #8959
26fa796
docs: update ANONYMITY_NETWORKS (DonW16)
This commit is contained in:
commit
8123d945f8
|
@ -11,7 +11,7 @@ relying on IPv4 for the remainder of messages to make surrounding node attacks
|
||||||
## Behavior
|
## Behavior
|
||||||
|
|
||||||
If _any_ anonymity network is enabled, transactions being broadcast that lack
|
If _any_ anonymity network is enabled, transactions being broadcast that lack
|
||||||
a valid "context" (i.e. the transaction did not come from a p2p connection),
|
a valid "context" (i.e. the transaction did not come from a P2P connection),
|
||||||
will only be sent to peers on anonymity networks. If an anonymity network is
|
will only be sent to peers on anonymity networks. If an anonymity network is
|
||||||
enabled but no peers over an anonymity network are available, an error is
|
enabled but no peers over an anonymity network are available, an error is
|
||||||
logged and the transaction is kept for future broadcasting over an anonymity
|
logged and the transaction is kept for future broadcasting over an anonymity
|
||||||
|
@ -28,7 +28,7 @@ the hidden service for P2P connections.
|
||||||
## P2P Commands
|
## P2P Commands
|
||||||
|
|
||||||
Only handshakes, peer timed syncs and transaction broadcast messages are
|
Only handshakes, peer timed syncs and transaction broadcast messages are
|
||||||
supported over anonymity networks. If one `--add-exclusive-node` p2p address
|
supported over anonymity networks. If one `--add-exclusive-node` P2P address
|
||||||
is specified, then no syncing will take place and only transaction broadcasting
|
is specified, then no syncing will take place and only transaction broadcasting
|
||||||
can occur. It is therefore recommended that `--add-exclusive-node` be combined
|
can occur. It is therefore recommended that `--add-exclusive-node` be combined
|
||||||
with additional exclusive IPv4 address(es).
|
with additional exclusive IPv4 address(es).
|
||||||
|
@ -47,16 +47,16 @@ separate process. On most systems the configuration will look like:
|
||||||
--tx-proxy i2p,127.0.0.1:9000
|
--tx-proxy i2p,127.0.0.1:9000
|
||||||
```
|
```
|
||||||
|
|
||||||
which tells `monerod` that ".onion" p2p addresses can be forwarded to a socks
|
which tells `monerod` that ".onion" P2P addresses can be forwarded to a socks
|
||||||
proxy at IP 127.0.0.1 port 9050 with a max of 10 outgoing connections and
|
proxy at IP 127.0.0.1 port 9050 with a max of 10 outgoing connections and
|
||||||
".b32.i2p" p2p addresses can be forwarded to a socks proxy at IP 127.0.0.1 port
|
".b32.i2p" P2P addresses can be forwarded to a socks proxy at IP 127.0.0.1 port
|
||||||
9000 with the default max outgoing connections.
|
9000 with the default max outgoing connections.
|
||||||
|
|
||||||
If desired, peers can be manually specified:
|
If desired, peers can be manually specified:
|
||||||
|
|
||||||
```
|
```
|
||||||
--add-exclusive-node rveahdfho7wo4b2m.onion:28083
|
--add-exclusive-node 5tymba6faziy36md5ffy42vatbjzlye4vyr3gyz6lcvdfximnvwpmwqd.onion:28083
|
||||||
--add-peer rveahdfho7wo4b2m.onion:28083
|
--add-peer 5tymba6faziy36md5ffy42vatbjzlye4vyr3gyz6lcvdfximnvwpmwqd.onion:28083
|
||||||
```
|
```
|
||||||
|
|
||||||
Either option can be listed multiple times, and can specify any mix of Tor,
|
Either option can be listed multiple times, and can specify any mix of Tor,
|
||||||
|
@ -70,12 +70,12 @@ Receiving anonymity connections is done through the option
|
||||||
type, and max connections:
|
type, and max connections:
|
||||||
|
|
||||||
```
|
```
|
||||||
--anonymous-inbound rveahdfho7wo4b2m.onion:28083,127.0.0.1:28083,25
|
--anonymous-inbound 5tymba6faziy36md5ffy42vatbjzlye4vyr3gyz6lcvdfximnvwpmwqd.onion:28083,127.0.0.1:28083,25
|
||||||
--anonymous-inbound cmeua5767mz2q5jsaelk2rxhf67agrwuetaso5dzbenyzwlbkg2q.b32.i2p:5000,127.0.0.1:30000
|
--anonymous-inbound cmeua5767mz2q5jsaelk2rxhf67agrwuetaso5dzbenyzwlbkg2q.b32.i2p:5000,127.0.0.1:30000
|
||||||
```
|
```
|
||||||
|
|
||||||
which tells `monerod` that a max of 25 inbound Tor connections are being
|
which tells `monerod` that a max of 25 inbound Tor connections are being
|
||||||
received at address "rveahdfho7wo4b2m.onion:28083" and forwarded to `monerod`
|
received at address "5tymba6faziy36md5ffy42vatbjzlye4vyr3gyz6lcvdfximnvwpmwqd.onion:28083" and forwarded to `monerod`
|
||||||
localhost port 28083, and a default max I2P connections are being received at
|
localhost port 28083, and a default max I2P connections are being received at
|
||||||
address "cmeua5767mz2q5jsaelk2rxhf67agrwuetaso5dzbenyzwlbkg2q.b32.i2p:5000" and
|
address "cmeua5767mz2q5jsaelk2rxhf67agrwuetaso5dzbenyzwlbkg2q.b32.i2p:5000" and
|
||||||
forwarded to `monerod` localhost port 30000.
|
forwarded to `monerod` localhost port 30000.
|
||||||
|
@ -86,32 +86,32 @@ otherwise the peer will not be notified of the peer address by the proxy.
|
||||||
|
|
||||||
An anonymity network can be configured to forward incoming connections to a
|
An anonymity network can be configured to forward incoming connections to a
|
||||||
`monerod` RPC port - which is independent from the configuration for incoming
|
`monerod` RPC port - which is independent from the configuration for incoming
|
||||||
P2P anonymity connections. The anonymity network (Tor/i2p) is
|
P2P anonymity connections. The anonymity network (Tor/I2P) is
|
||||||
[configured in the same manner](#configuration), except the localhost port
|
[configured in the same manner](#configuration), except the localhost port
|
||||||
must be the RPC port (typically 18081 for mainnet) instead of the p2p port:
|
must be the RPC port (typically 18081 for mainnet) instead of the P2P port:
|
||||||
|
|
||||||
```
|
```
|
||||||
HiddenServiceDir /var/lib/tor/data/monero
|
HiddenServiceDir /var/lib/tor/data/monero
|
||||||
HiddenServicePort 18081 127.0.0.1:18081
|
HiddenServicePort 18081 127.0.0.1:18081
|
||||||
```
|
```
|
||||||
|
|
||||||
Then the wallet will be configured to use a Tor/i2p address:
|
Then the wallet will be configured to use a Tor/I2P address:
|
||||||
```
|
```
|
||||||
--proxy 127.0.0.1:9050
|
--proxy 127.0.0.1:9050
|
||||||
--daemon-address rveahdfho7wo4b2m.onion
|
--daemon-address 5tymba6faziy36md5ffy42vatbjzlye4vyr3gyz6lcvdfximnvwpmwqd.onion
|
||||||
```
|
```
|
||||||
|
|
||||||
The proxy must match the address type - a Tor proxy will not work properly with
|
The proxy must match the address type - a Tor proxy will not work properly with
|
||||||
i2p addresses, etc.
|
I2P addresses, etc.
|
||||||
|
|
||||||
i2p and onion addresses provide the information necessary to authenticate and
|
I2P hidden service (b32.i2p) and Tor Hidden service (.onion) addresses provide the information necessary to authenticate and
|
||||||
encrypt the connection from end-to-end. If desired, SSL can also be applied to
|
encrypt the connection from end-to-end. If desired, SSL can also be applied to
|
||||||
the connection with `--daemon-address https://rveahdfho7wo4b2m.onion` which
|
the connection with `--daemon-address https://5tymba6faziy36md5ffy42vatbjzlye4vyr3gyz6lcvdfximnvwpmwqd.onion` which
|
||||||
requires a server certificate that is signed by a "root" certificate on the
|
requires a server certificate that is signed by a "root" certificate on the
|
||||||
machine running the wallet. Alternatively, `--daemon-cert-file` can be used to
|
machine running the wallet. Alternatively, `--daemon-cert-file` can be used to
|
||||||
specify a certificate to authenticate the server.
|
specify a certificate to authenticate the server.
|
||||||
|
|
||||||
Proxies can also be used to connect to "clearnet" (ipv4 addresses or ICANN
|
Proxies can also be used to connect to "clearnet" (IPv4 addresses or ICANN
|
||||||
domains), but `--daemon-cert-file` _must_ be used for authentication and
|
domains), but `--daemon-cert-file` _must_ be used for authentication and
|
||||||
encryption.
|
encryption.
|
||||||
|
|
||||||
|
@ -204,7 +204,7 @@ If a single I2P/Tor stream is used 2+ times for transmitting a transaction, the
|
||||||
operator of the hidden service can conclude that both transactions came from the
|
operator of the hidden service can conclude that both transactions came from the
|
||||||
same source. If the subsequent transactions spend a change output from the
|
same source. If the subsequent transactions spend a change output from the
|
||||||
earlier transactions, this will also reveal the "real" spend in the ring
|
earlier transactions, this will also reveal the "real" spend in the ring
|
||||||
signature. This issue was (primarily) raised by @secparam on Twitter.
|
signature. This issue was (primarily) raised by @secparam on [Twitter](https://twitter.com/secparam/status/1153411657214910469).
|
||||||
|
|
||||||
#### Mitigation
|
#### Mitigation
|
||||||
|
|
||||||
|
@ -219,7 +219,7 @@ most cases. However, the number of outgoing connections is typically a small
|
||||||
fixed number, so there is a decent probability of re-use with the same public
|
fixed number, so there is a decent probability of re-use with the same public
|
||||||
key identity.
|
key identity.
|
||||||
|
|
||||||
@secparam (twitter) recommended changing circuits (Tor) as an additional
|
@secparam ([Twitter](https://twitter.com/secparam/status/1153411968147042304)) recommended changing circuits (Tor) as an additional
|
||||||
precaution. This is likely not a good idea - forcibly requesting Tor to change
|
precaution. This is likely not a good idea - forcibly requesting Tor to change
|
||||||
circuits is observable by the ISP. Instead, `monerod` should likely disconnect
|
circuits is observable by the ISP. Instead, `monerod` should likely disconnect
|
||||||
from peers occasionally. Tor will rotate circuits every ~10 minutes, so
|
from peers occasionally. Tor will rotate circuits every ~10 minutes, so
|
||||||
|
|
Loading…
Reference in New Issue