Open 1cho1ce opened 10 months ago
I don't believe plumbing Tor/proxy support to each and every program that uses TCP is a good way forward. I would recommend setting up a system-wide transparent proxy instead (TransPort
in Tor config), which makes Tor work similarly to VPNs.
Right now if hydroxide has multiple accounts then connection to all of them will go through the same Tor circuit and it'll cause identity correlation. Using HTTPS_PROXY or torsocks won't help here and stream isolation should be implemented inside hydroxide so all new connections will use a fresh circuit, rather than possibly re-using an existing circuit. This could be implemented using this package when hydroxide is started with
-tor 127.0.0.1:9050
option: https://pkg.go.dev/github.com/lightningnetwork/lnd/tor