namecoin / sockstrace

Go port of Heteronculous (ptrace-based proxy leak detector). Outreachy project.
https://www.namecoin.org/
GNU General Public License v3.0
7 stars 3 forks source link

SOCKSify with multiple SOCKS authentication keys #41

Closed JeremyRand closed 1 year ago

JeremyRand commented 1 year ago

Some applications need to open connections to a P2P network (e.g. the Bitcoin network) without being vulnerable to a Sybil attack. In particular, if all connections use the same Tor circuit, then a single malicious Tor exit relay can eclipse the view of the P2P network. Isolating by destination address (as Tor supports with a SOCKS port flag) is not a good solution, because it can result in a massive number of circuits being generated (e.g. in the case of a Bitcoin seeder bot).

The better approach is to generate a finite number of SOCKS usernames/passwords on launching the tracer (10 is a reasonable number), and every time a SOCKS5 handshake is issued by the tracer, the SOCKS authentication data is selected by randomly picking one of the 10 generated options. The result is that if all the circuits are good, then the P2P connections will be distributed evenly, but if some circuits are bad (censoring or just unreliable), the connections will migrate over to the good circuits.

This behavior should be enabled/disabled by an easyconfig flag, since typically non-P2P apps don't need this kind of behavior.

robertmin1 commented 1 year ago

Implemented using crypto/rand package