Use existing Tor?

[AmkG]

I am running spark-wallet on a Raspberry Pi 4, on Raspbian. Thus, the CPU is 64-bit but the OS is 32-bit. It's working and I can access it over the LAN.

When I enable --onion, however, it downloads granax, which downloads a Tor Browser Bundle, and then it fails to start its own Tor. Looking at the Tor Browser Bundle that granax downloads, it contains binaries for 32-bit INTEL devices, not ARM on the RaspPi4.

I already have a Tor service installed, both my bitcoind and my lightningd are using the local Tor service. Is there no way to just use the local Tor instance and not use whatever granax thinks is correct? In my case granax is guessing wrong.

For now, I created a hidden service manually in my /etc/tor/torrc. I can access it over Tor Browser on my laptop and my phone, but not on the Spark Wallet on my phone, even though I already configured it to pass through Orbot.

[shesek]

The reason this isn't working with granax is that the Tor Project doesn't yet publish pre-built binaries for ARM, see #12631. ARM binaries do exists in third party distributions repos, but granax only downloads the official ones from Tor.

You definitely should be able to start Spark without --onion and configure it in /etc/tor/torrc like any other hidden service. If you've done and able to access the service from desktop but not from mobile, then its most likely something faulty on the phone side. I've been experiencing some issues with Orbot myself, so it wouldn't suprise me...

[AmkG]

Strange thing is, I configured Orbot to also VPN the Chrome on my mobile, and my Chrome can access it via Orbot but Spark still can't.

My config is:

ln-path=/mnt/hdd/lightning/bitcoin
host=localhost
port=9737
no-rates
no-tls
login=AmkG:MyTotallySecureAndUnknownPasswordForReals

Do the no-tls and login options affect use of the "native" Spark app? host=localhost?

[AmkG]

In case it's relevant, it's saying "Error: Unauthorized". How does Spark handle HTTP-level authorization?

[AmkG]

Looks like the login option does indeed prevent the use of "native" Spark.

Is there a way to authenticate with my own login username/password when using HTTP-over-Tor that does not negatively affect the "native" Spark?

[shesek]

Yes. Start spark with your --login <user:pwd> and with --print-key. This will print an access token (which is a hash of your user/pwd) that can be used with the native app.

You can also use --pairing-qr, which will print a QR with the URL+token to the console, which you could then scan from the native app.

(Just out of curiosity, is there a particular reason that you're manually specifying a username/password? I find it easier let it generate random credentials, write it to the cookie file and give me back the pairing url, with i.e. spark-wallet --cookie ~/spark-cookie --pairing-url.)

[AmkG]

Just out of curiosity, is there a particular reason that you're manually specifying a username/password? I find it easier let it generate random credentials, write it to the cookie file and give me back the pairing url

Precisely because the Orbot+Spark was not being reliable. I'd restarted the machine a few times without saving the username/password that Spark made (I didn't know it would only print it on the first startup), and I didn't associate the term "cookie file" with "contains user:password", so I put a username+password I knew so that I could check it out with Tor Browser.

Looks like Orbot is not reliable; now Chrome isn't seeing my server again, sigh.