Sync over TOR, hide IP via VPS

[imrane]

Brought this up to @eduadiez on Twitter and he mentioned this might be on the backlog but thought I would post this request for posterity so that it can be looked at later.

Problem: Privacy is an issue even when connecting to your own full node. There is the potential for privacy to be undermined by identifying the IP address of the transaction originator.

Solution: Connect and sync Ethereum, Bitcoin / Lightning node over TOR. This could be a more generalized solution for all packages that are installed.

Here are two articles: Running full Bitcoin node over Tor on Ubuntu How To Sync an Ethereum Node via Tor

[alexpeterson91]

I'd like to know how many orders of magnitude slower syncing would be over tor than over your local IP. Also I don't think ETH2 or just ETH post merge will be possible to be run over tor. Bandwidth requirements are too much. Validating would become unstable, inclusion distances rise, effectiveness drops and attestations and proposals can be missed etc.

[3alpha]

As stated above, I don't think it is feasible to run DAppNode over TOR network and not an avenue DAppNode should go into. That doesn't mean it can't be done by users themselves since proper Debian is run under the hood.

[imrane]

This is the threat I'm referring to and if it's clear where validator traffic is coming from then it's possible to clamp down. https://twitter.com/davidvorick/status/1508452208660123650?s=21&t=f0PVvWDj4cnz738_hvyCcA

[alexpeterson91]

it's not feasible as the ecosystem is built currently, and there are some people who use VPNs proxies or tor or i2p etc to try to circumvent this. only those with a LOT of resources can get enough bandwidth to keep the networks running via these methods. The very very vast majority likely more than 90% of users expose their IPs when validating or using any of the crypto networks. So it's certainly not a priority for us, its an industry issue, not ours. And it's inherent in the internet as we currently know it, hes just making points about how regulators can clamp down technologically in the case where bitcoin eth etc are like banned, or made to follow the most onerous of regulations which many feared, in the US that doesnt seem to be the case given the recent info from the WH and Treasury. Also the SEC is losing their landmark case with Ripple. This isnt a concern that we as DAppNode can deal with, its something the whole industry needs to think about, so with that im gonna close this. We do appreciate the concern but again we cant do anything from our position.