search

bitcoin / bitcoin

Bitcoin Core integration/staging tree
https://bitcoincore.org/en/download
MIT License
78.91k stars 36.26k forks source link

[FEATURE REQUEST] Enable new Tor PoW feature for automatic creation of Bitcoin Core onion hidden service #28499

Closed twofaktor closed 3 months ago

twofaktor commented 1 year ago

Please describe the feature you'd like to see added.

Add the HiddenServicePoWDefensesEnabled 1 parameter to the automatic onion hidden service creation to enable the new Tor PoW defense for onion services designed to prioritize verified network traffic as a deterrent against denial of service (DoS) attacks with the release of Tor v0.4.8.

Here is a screenshot of an example configuration manually typed in the torrc file, with PoW enabled for different hidden services running on a node following the MiniBolt guide:

photo_2023-09-18_16-47-56

Is your feature related to a problem, if so please describe it.

This is not a problem, nothing here

Describe the solution you'd like

This is not a problem, nothing here

Describe any alternatives you've considered

This is not a problem, nothing here

Please leave any additional context

Entry of news on the Tor blog: https://blog.torproject.org/introducing-proof-of-work-defense-for-onion-services/

Support of the new PoW Tor feature: https://gitlab.torproject.org/tpo/onion-services/onion-support/-/wikis/Documentation/PoW-FAQ

Example of hidden service configuration: https://gitlab.torproject.org/tpo/onion-services/onion-support/-/wikis/Documentation/PoW-FAQ#example-configuration

PoW parameter on the torrc file: https://gitlab.torproject.org/tpo/core/tor/-/blob/main/doc/man/tor.1.txt#L3108

Captura333

Sjors commented 1 year ago

It's perhaps a bit early to enable this by default when the Tor project doesn't enable it by default yet. But I haven't studied this feature much. It would be interesting to know if Bitcoin nodes running as a hidden service are often DoS attacked.

recursive-rat4 commented 1 year ago

I looked at the Tor control spec (https://gitlab.torproject.org/tpo/core/torspec/-/blob/main/control-spec.txt) and didn't find how to enable/disable it, but only how to get notified when its status changes (HS_POW in 4.1.1. Circuit status changed).

jonatack commented 1 year ago

According to https://gitlab.torproject.org/tpo/onion-services/onion-support/-/wikis/Documentation/PoW-FAQ#when-and-how-should-a-user-enable-pow, PoW is enabled for users of tor 0.4.8.1 and up IIUC. The latest stable release seems to be 0.4.8.6.

When and how should a user enable PoW?

As of 16th August 2023, this feature is available and enabled for users as long as they're:

1. Using the most up-to-date Tor software on their applications (tor 0.4.8.1-alpha or later).

2. Their applications uses a GPL-licensed Tor binary, such as Tor Browser 13.0a1.
twofaktor commented 1 year ago

According to https://gitlab.torproject.org/tpo/onion-services/onion-support/-/wikis/Documentation/PoW-FAQ#when-and-how-should-a-user-enable-pow, PoW is enabled for users of tor 0.4.8.1 and up IIUC. The latest stable release seems to be 0.4.8.6.

When and how should a user enable PoW?

As of 16th August 2023, this feature is available and enabled for users as long as they're:

1. Using the most up-to-date Tor software on their applications (tor 0.4.8.1-alpha or later).

2. Their applications uses a GPL-licensed Tor binary, such as Tor Browser 13.0a1.

Do you mean that is already enabled by default? I think not: https://gitlab.torproject.org/tpo/core/tor/-/blob/main/doc/man/tor.1.txt#L3117

or what does not apply to the Bitcoin onion service because it doesn't use http protocol?

recursive-rat4 commented 1 year ago

I grepped through the Tor source code. For ADD_ONION the command, HS_CONFIG_V3_POW_DEFENSES_DEFAULT 0 a hardcoded value is used, i.e. it's unconditionally disabled.

willcl-ark commented 3 months ago

@twofaktor thanks for the feature request, it does seem like it would be a nice-to-have.

However we are here 9 months later and nothing has changed upstream, at least insomuch as it's still not possible to configure HiddenServicePoWDefensesEnabled via the control port, as @recursive-rat4 correctly identified. It also does not appear that there are any current plans to add such functionality.

There seems little point to me in keeping this issue open indefinitely in this repo, for something that's not possible to implement, and with no timeline (or even plans) as to when it may become an option. Therefore I think the best course of action is to close this issue out here, and keep an eye on Tor's release notes for when/if this becomes viable.

Because I agree this may be a valuable feature, I sketched out a documentation commit here we could consider in the meantime, however it's unclear to me:

i) how many tor config options we want to document on our side (the fewer the better IMO) ii) whether bitcoin nodes are being/have been attacked in such a way that this option would mitigate (and we would therefore want to actively recommend running with this option).

@twofaktor if you'd like me to open a PR with this doc update, then let me know and I'd be happy to do that.

twofaktor commented 2 months ago

@twofaktor if you'd like me to open a PR with this doc update, then let me know and I'd be happy to do that.

Hi, thanks for your dedication, IMO, if it is possible to add this secure protection feature in any of the variety of configuration cases (manually, without using the port control method), I think it should be added to the docs. If at some point the possibility of using it also using the port control arrives, add it when the time comes