📅 Original date posted:2013-07-30
📝 Original message:Hi everyone,
We at Hive had plans to make our wallet proxy through Tor by default. When it became apparent that this was not presently possible because bitcoinj lacks SOCKS support, it opened a minor discussion suggesting that this is perhaps not advisable practice for SPV wallets in the first place. To quote Mike Hearn:
> I think you have to be careful with Tor and Bitcoin. It isn't a no-brainer move. Virtually all people today don't have hacked internet connections. However when you connect outbound from Tor you have to pretty much assume your traffic is being packet logged and sometimes automatically MITMd by exit nodes, which in turn means you can be transparently connected to a sybil network. If you connect to a hidden service the issue is less problematic because you're authenticating the connection and can pick peers you have reason to believe are independent.
>
> Whilst it's unlikely an attacker would actually try to auto-sybil SPV connections made out of a Tor exit node, if they did, they could make the person connecting out believe in fake pending/unconfirmed transactions. For instance if you're meeting with someone to do a currency trade and you happen to run an exit node that has a lot of bandwidth and an exit policy that allows only Bitcoin, there's a chance the other persons Tor client will pick your exit. You can then swap the cash, give them a fake transaction and when it doesn't confirm, apologise and say you can't wait and have to go. Walk out with the cash and it'll take a while for the victim to realize that the transaction never did actually get broadcast at all, it was just an illusion.
>
> (this scenario worries me for mobile clients but instead of tor, the issue is an attacker controlled open wifi hotspot).
>
> I think to support Tor really well [in bitcoinj], we'd need not only to make SOCKS work, but also add a way to use hidden peers and then try and come up with an anti-sybil heuristic. Unfortunately it's unclear what such a heuristic would look like. Bitcoin-Qt uses different /16s as a rule of thumb when on the clearnet, but no such technique is usable on Tor because by definition you aren't supposed to know anything about the hidden peers.
While the scenario outlined seems unlikely, it's best to be prepared... What do you all think? How can this be done properly?
As we said to Mike, if Thailand has actually made Bitcoin illegal, then packet filtering may not be far off for certain regions, and it would nice to be proactive and prepared. At the moment, Thailand already has cruder, URL-based filtering... But vendors like Cisco are no doubt constantly selling them on the virtues of more advanced censorship technologies.
Gregory Maxwell is the person who wrote the hidden service support for bitcoind, right? It might be interesting to get his comments here.
/b
grabhive.com (http://grabhive.com) | twitter.com/grabhive (http://twitter.com/grabhive) | gpg: A1D5047E
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20130730/81c23264/attachment.html>