Open HostFat opened 8 years ago
Naive question perhaps, but what is the benefit?
Apparently https://github.com/DanielKrawisz/bmd already has support for it, based on how bitcoin-core does it. It's planned but not during the 0.5.x cycle. The benefit is that you can have nodes that run as hidden service and there is no need to use exit nodes to connect to the network. It partially already works, it can connect to my special bootstrap node that runs as a hidden service, just there is no way to distribute the onion addresses in PyBitmessage yet.
I personally don't intend to bundle the Tor daemon and I don't think that ZeroNet & BitSquare do it either. I think @HostFat was just inaccurate.
Hidden service however can be supported. Currently, this fork as a client can connect to hidden services, but cannot correctly host one yet.
@5t4r3e2w1q Tor network can be useful to give users the possibility to connect to the network on places/situations where the network/isp doesn't allow to.
If you trust to run the executable of Bitmessage, why you should worry about the included tor.exe? It the same trust.
Maybe this can differ for other distributions for other OS.
@PeterSurda Both ZeroNet e BitSquare include the tor.exe executable. Maybe there is a way to give the user the possibility to start the download of it from official Tor repo directly from the Bitmessage interface.
@HostFat I checked and it looks like you're right. I would still prefer not to bundle it. Maybe, in the worst case, PyBitmessage can install Tor on your behalf if it you want to use it and it can't detect any installed. Then at least you'll have the traditional auto-update take care of the issue.
For example, Ubuntu already has Tor in the repo, so on Ubuntu, PyBitmessage could do "sudo apt-get install tor" or something like that.
Anyway, I think that it the same trust about the executable, maybe it is a different trust on "trusting the Tor network". So including the Tor executable isn't the main problem, the problem is enabling it (The Tor network) by default.
I think @HostFat has an interesting point; it is the same trust indeed. But I think @PeterSurda is looking from the security side. Bitmessage would need to update the tor.exe file whenever there is an update from The Tor Project, otherwise users would run a (possibly) insecure version.
Do correct me if I mischaracterized your point, @PeterSurda.
What you think about adding a full Tor Network support? (I mean, include the Tor daemon)
Here another project that has done it: https://github.com/HelloZeroNet/ZeroNet/commit/e9d2cdfd37c135cf741992580512f0ea763c53a5
EDIT: Just as a reference, this is another project that supports /uses the Tor network as basement: https://github.com/bitsquare/bitsquare