Use Tor PoW Dos protection

[HenrikJannsen]

Tor announced their Dos protection mechanism based on PoW [1] which is conceptually similar to Bisq2 P2P network DoS protection.

We should look into the details of their solution and compare it to our solution.

[1] https://blog.torproject.org/introducing-proof-of-work-defense-for-onion-services/

[aspire2dev]

Such an interesting topic...

For those interested, I suggest reading the FAQ, if not the entire thing, the detailed questions section:

• https://gitlab.torproject.org/tpo/onion-services/onion-support/-/wikis/Documentation/PoW-FAQ#detailed-questions

Interesting as well is a read on the release notes:

• https://forum.torproject.org/t/proof-of-work-pow-defense-for-onion-service-is-released/8887

But this also brought me a few questions on regards to the operations of Bisq (1 and 2), as both rely on TOR to connect the different parties.

• Wouldn't there need to be a set of specific parameters set to the seed nodes (which will allow clients to connect with each other?). Maybe this is something that can be monitored with the MetricsPort as suggested on the release notes.
• What would be good defaults for HiddenServicePoWQueueRate and HiddenServicePoWQueueBurst for the built-in tor instances?

One other interesting point, it's already available on final builds since.

ChangeLog:
Changes in version 0.4.8.4 - 2023-08-23
 Finally, this is the very first stable release of the 0.4.8.x series making
 Proof-of-Work (prop#327) and Conflux (prop#329) available to the entire
 network.

Just some initial thoughts.

[namloan]

taking this

[HenrikJannsen]

@namloan Are you still working on that?

[namloan]

Nope, free for anyone to take.

[HenrikJannsen]

We could add the tor pow parameters to torrc file to benefit from tor pow protection.