Open nyxnor opened 2 years ago
kristapsk
commented
2 years ago We do SOCKSPort 9050 IsolateDestAddr IsolateDestPort with --with-local-tor. https://github.com/JoinMarket-Org/joinmarket-clientserver/blob/62dc983f1a027a1a4c563ac66efeacb2ffca04ba/install.sh#L429-L434
nyxnor
commented
2 years ago That is good if using the install script. I was building the daemon separate to the wallet and did not do the install.sh.
So I still think this is a valid concern, because this change wouldn't depend on the user or Joinmarket script changing the user torrc.
This doesn't work on Whonix for example, on the other side, I can configure custom socks ports, I just wanted to make IsolateSOCKSAuth the default, so everyone has the some sort of isolation, making more users blend in to the crowd instead of people not having isolation flags.
Tor has some isolation flags, I will just mention the relevant ones to Joinmarket case.
Default
Can be added
Tor ships with
SocksPort 9050, this means only IsolateSOCKSAuth is active (others are, but not relevant right now), and IsolateDestAddr is not active.Most people won't configure their socks port.
Bitcoind has the option
proxyrandomize=1which uses different socks authentications for each request. You can test it is working with `carml, by the same developer of txtorcon. Use the option to follow streams.This way, the user doesn't have to configure their torrc, as Joinmarket will automatically set a random socks authentication to be used and stream isolate the request.