search

Fonta1n3 / FullyNoded

Self sovereign, secure, powerful, easy to use wallet that utilizes your own node as a backend. Powered by PSBT's and descriptors. Acts as an offline signer using your node as a watch-only wallet. C-Lightning compatible for instant, unfairly cheap payments.
https://fullynoded.app
Other
199 stars 31 forks source link

Failing bitcoin node connection with Tor v3 address #119

Closed elvece closed 3 years ago

elvece commented 3 years ago

Bug Trying to connect a Tor v3 bitcoin node address and RPC credentials to FullyNoded on iOS. Scanning a QR code generated with the format: btcstandup://<username>:<password>@xxx.onion:8332/, I get the error denoted in the screenshot below. Suggested steps followed, but error is consistently reproducible.

Debugging revealed a status code response of 401, a Content-Length: 0 header, and Error Domain=NSCocoaErrorDomain Code=3840 "No value." UserInfo={NSDebugDescription=No value.}. The receiving node does not seem to get the Authorization header (possibly why the 401).

Can verify the node is accessible by curl --socks5-hostname localhost:9050 -XPOST -d'{"jsonrpc":"1.0","id":"curltest","method":"getblockchaininfo","params":[]}' http://<username>:<password>@xxx.onion:8332/, which returns the expected response.

To Reproduce Steps to reproduce the behavior:

  1. Go to setttings to add a new bitcoin node
  2. Click (+)
  3. Click the QR code scanner button
  4. Scan quick connect url (or enter credentials manually, the same result happens)
  5. Save node
  6. See error thrown

Expected behavior A user should be able to add a bitcoin node with a Tor v3 address.

Screenshots

Screen Shot 2020-11-04 at 1 37 15 PM

Device

Fonta1n3 commented 3 years ago

Hmmm V3 works.

Have you tried rebooting Tor on your node?

Are you using V3 authentication?

Are you absolutely sure the credentials are being added correctly?

elvece commented 3 years ago

Yes - have rebooted Tor, not using V3 auth. The creds are in the quick connect url string in the format btcstandup://<username>:<password>@xxx.onion:8332/ - this is what is encoded in the QR code being scanned. Verified the node URL and credentials are correct - can curl the node with those RPC creds and obtain the expected response.

It's unclear to me how authentication is happening with the bitcoin node - I am under the impression it expects an Authorization header, but do not see it in the request headers, or how its relayed using the http://\(vc.rpcusername):\(vc.rpcpassword)@\(vc.onionAddress) format.

Fonta1n3 commented 3 years ago

The auth is basic http auth. With the added ability to utilize tor v3 authentication: https://matt.traudt.xyz/p/FgbdRTFr.html

Fonta1n3 commented 3 years ago

https://github.com/Fonta1n3/FullyNoded/commit/accbfe4e8e6eb9917c37fca37f751f3d948d991d fixes this, which was caused by the btcrpc 3rd party wrapper around bitcoin core refusing to respond to www-authenticate http header. Next update will switch to Authenticate http header to ensure compatibility.