Problem Description:
The inability to track circuit IDs and activate Proof of Work (PoW) defenses in Tor services limits traffic analysis, optimization, and protection against abuse.
Desired Solution:
Implement two settings in the onion/onionha manifest:
"HiddenServiceExportCircuitID haproxy" for enabling circuit ID transmission via HAProxy's Proxy Protocol.
"HiddenServicePoWDefensesEnabled 1" to allow activation of PoW defenses for additional security.
Additional Context:
These features will enhance both the analytical capabilities and security of high-traffic Tor services, contributing to the overall effectiveness and safety of the network.
aschmeckmann
commented
7 months ago
Problem Description:
The inability to track circuit IDs and activate Proof of Work (PoW) defenses in Tor services limits traffic analysis, optimization, and protection against abuse.
Desired Solution:
Implement two settings in the onion/onionha manifest:
Additional Context:
These features will enhance both the analytical capabilities and security of high-traffic Tor services, contributing to the overall effectiveness and safety of the network.
Entry of news on the Tor blog: https://blog.torproject.org/introducing-proof-of-work-defense-for-onion-services/
Support of the new PoW Tor feature: https://gitlab.torproject.org/tpo/onion-services/onion-support/-/wikis/Documentation/PoW-FAQ
PoW parameter on the torrc file: https://gitlab.torproject.org/tpo/core/tor/-/blob/main/doc/man/tor.1.txt#L3108
Export Circuit parameter on the torrc file: https://gitlab.torproject.org/tpo/core/tor/-/blob/main/doc/man/tor.1.txt#L3509
Example of hidden service configuration: https://gitlab.torproject.org/tpo/onion-services/onion-support/-/wikis/Documentation/PoW-FAQ#example-configuration