bauerj
commented
6 years ago Isn't it sufficient to try to connect to a .onion-Host to find out whether the proxy is a Tor-proxy?
Open gits7r opened 6 years ago
bauerj
commented
6 years ago Isn't it sufficient to try to connect to a .onion-Host to find out whether the proxy is a Tor-proxy?
gits7r
commented
6 years ago Not really, it becomes over complicated:
what .onion will we use to make this assumption? What if that .onion is down at that particular moment and we think it's not Tor proxy where in fact it is? We have to maintain some kind of testing .onion, and keep it up all the time and still the service can be up and a client not able to connect due to various other Tor network problems.
we need a way to differentiate Tor socks5 proxy from any socks5 proxy just by reading the text of the config file (given we have separate checkbox for Tor proxy). Trying to connect to an .onion happens at runtime in the application, a normal socks5 and Tor socks5 proxy will still look the same in the config file, so why keep a separate checkbox?
It is really important that we prefer .onion servers as much as possible when Electrum is run under Tor from both security point of view and footprint on the Electrum servers.
SomberNight
commented
6 years ago We already have a seemingly reliable way of telling if a proxy is a Tor proxy, that's how the detection in the network dialog works. See is_tor_port from the original commit https://github.com/spesmilo/electrum/commit/9183263304e4bb3d717ee5f5ed9635327e442fb6.
I guess we could persist info regarding this in the config file, as using the referenced function might take ~seconds. Though we could implement an async version of it, that gets called in the network thread :)
However, what is the suggestion to do with this information? You're saying the client should prefer connecting to .onion servers. What do you mean by "prefer"? Currently the servers are pretty much selected at uniform random.
If there were a lot of onion servers, I guess the client could strictly prefer them (i.e. aim to connect to only those). Not sure there are that many though.
Or maybe it could roll whether to get a random server from onion-only (with probability p), or from all the servers (onion included) (with 1-p). This would skew the chances towards onion.
gits7r
commented
6 years ago I confirm the way to detect Tor in the commit you referenced is correct. Because it does not care only about ports 9050 and 9150, it also cares about socks address = 127.0.0.1 which eliminates my concern that it could confuse any socks5 proxy running on those 2 ports with a Tor socks5 proxy. If it was any proxy it would had some other address than 127.0.0.1. It's so much more cleaner and easier than trying to connect to a .onion address in order to tell if it's Tor. But there is still the need to state the difference in the config file, because there are setups where the Tor socks5 proxy is running on an intranet address, on a router for example, in order to anonymize the traffic on the entire LAN externally. For such cases, Electrum should know that "proxy":"tor-socks5:ip:port::", means it should prefer .onion servers. The Tor detector is perfectly fine for detecting Tor running on the same host where Electrum runs.
WRT onion server priority, I think it's better to prefer .onion when we run via Tor, but of course not remain disconnected if there are no .onion servers in our pool or we can not connect to any. Assigning higher probability to .onion when running via Tor in the way you suggest is perfect. We should apply the same logic for both server used to query for balance + servers used for headers verification. If we don't have enough .onion servers fail back to regular clearnet servers, entirely or partially in order to fulfill needs to run in normal state.
SomberNight
commented
6 years ago from IRC:
the current proxy-string approach "socks5:127.0.0.1:9050::" shouldn't stay. it already has problems (ipv6...); I would rather not put more data (tor boolean) in it. maybe we should make it a dict (and we can config-upgrade existing configs)
Note: there could be (e.g.) a "tor" key in this new dict structure, which could be 3-way (None/0/1), and would store whether the proxy is capable of resolving .onion domains (and if None, we should run test to figure it out).
In the network dialog we have 2 options:
Somehow we can tell Electrum explicitly that it's a Tor socks5 proxy so it will prefer .onion servers. This is optimal when running Electrum with Tor because connecting to clearnet Electrum servers could end up in congesting many Electrum users behind high-consensus weight Tor exit relays, looking to the Electrum server as one abusive IP address.
I don't know how can we differentiate a normal socks5 proxy from a Tor socks5 proxy just by looking at the config:
If only use proxy is set to localhost:9050, this is the config (Use Tor Proxy is NOT checked) we have this: "proxy": "socks5:localhost:9050::",
If we check "Use Tor proxy", we have this: "proxy": "socks5:127.0.0.1:9050::",
The auto-detection of Tor is great but there is no visible difference just by reading the config line. My suggestion is to add some kind of flag on the socks5 proxy if it's Tor, so Electrum will treat like it and prefer .onion servers. Just guessing it's Tor if socks5 port = 9050 or = 9150 is not sufficient because: a) Tor socksport can be run on any port; b) A normal socks5 proxy (non Tor) can be run on port 9050 or 9150
I suggest something like: "proxy":"tor-socks5:::",