search

OrchidTechnologies / orchid

Orchid: VPN, Personal Firewall
https://www.orchid.com/
GNU Affero General Public License v3.0
649 stars 103 forks source link

Uncovering malicious behavior - tracking users #109

Closed 0xshipthecode closed 2 years ago

0xshipthecode commented 2 years ago

Hey Orchid team, love the project! I've poked through the whitepaper focusing on the VPN side instead of the Nanopayments side. Apologies if this is the wrong place to ask.

Orchid uses a staking system to keep the node operators honest. The theory, as far as I understand it, is that stake gets slashed if the node operator is found to be behaving maliciously/not providing good service.

I can easily imagine bandwidth and latency metrics that cover the "good service" part and how that would affect stake. However in the current ecosystem I find no actor except Orchid motivated to discover malicious behavior.

If I ran a custom version of orchidd that logged all of the traffic (I am aware that most sites will use HTTPS but that still leaves e.g. full host name and certs in the open) and was capturing and sharing this data to a 3rd party - how would the network ever find out? Would my stake ever be in real danger?

saurik commented 2 years ago

(I am closing this as this isn't an actionable task, but I am happy to respond to the question.)

Orchid does not have a mechanism for "slashing" stakes; and FWIW, even if it did: there is absolutely impossible for anyone to determine if your traffic is being logged by an individual node (and I will note that a project that claims otherwise is lying to you). In truth, I would go so far as to claim that a node choosing to log traffic isn't even "malicious behavior" in some sense, and actually have a --evil mode for the server on my side project todo list to make sure that people appreciate its inevitability.

The real idea is that you should be deciding what your attacker model is and then attempting to decide what, if anything, you would need to do to protect yourself. If you have a specific attacker model in mind, I'm more than happy to try to explain how you might use Orchid's bandwidth market to mitigate the issue (and, if possible, how to use this Orchid client "VPN" application to achieve the goal, though the bandwidth market is, of course, a more general concept than any individual application).