Author

Topic: "Bitcoin over Tor isn't a good idea" (Read 435 times)

legendary
Activity: 1932
Merit: 1273
October 05, 2022, 05:31:33 AM
#21
Weird, because whenever I have Tor Browser opened, it does have an uploading and downloading bandwidth.

I believe it is just a regular internet traffic graph over Tor.

That's with just one window, at the main "most private browsing experience" page. I presume these bytes transferred are like heartbeats?

It could be reachability test or circuit build process. If you slide next to Connections page in nyx you will see that there are already Tor circuits and the one that is still being built("Building..."). The "heartbeats" you talk could be the process of building it or checking the circuit timeout[1].

[1] https://tor.stackexchange.com/a/4636

legendary
Activity: 1512
Merit: 7340
Farewell, Leo
October 04, 2022, 09:58:20 AM
#20
Regular Tor users won't automatically act as a relay. That scenario is one of the alternative possible designs (https://support.torproject.org/alternate-designs/#make-every-user-a-relay), but as of now, it does not.
Weird, because whenever I have Tor Browser opened, it does have an uploading and downloading bandwidth. Indeed, from nyx I can see that it has relaying disabled:


That's with just one window, at the main "most private browsing experience" page. I presume these bytes transferred are like heartbeats?
legendary
Activity: 1932
Merit: 1273
October 03, 2022, 07:36:30 PM
#19
Whenever you use Tor to browse the internet privately, you're a node that relays traffic. That's why the more Tor users the better.

Regular Tor users won't automatically act as a relay. That scenario is one of the alternative possible designs (https://support.torproject.org/alternate-designs/#make-every-user-a-relay), but as of now, it does not.

~I meant exit node.

Less exit node on the Tor network is very likely caused due to how the operator could get legal risk and exposure.
newbie
Activity: 23
Merit: 5
October 03, 2022, 08:21:56 AM
#18
What always bothered me about Tor is that there is not real incentive to be a node.
There's the same incentive as with running a Bitcoin node: privacy. Whenever you use Tor to browse the internet privately, you're a node that relays traffic. That's why the more Tor users the better. You can use Nyx to see to whom you send information, by whom do you receive it, and other general bandwidth info.

What you must have meant is an incentive to run an exit node. Not only doesn't there be an incentive, but there's actually a disincentive, because IP addresses from exit nodes are not welcomed in some sites. That's why there are very few: https://tor.stackexchange.com/questions/646/why-are-there-only-1000-exit-relays/

You are a correct: I meant exit node.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
October 01, 2022, 04:06:51 AM
#17
The same goes for the dark/deep web. They want all the illegal activities to happen there so they can catch them all in one swoop.
The only way to be caught in such site is if it isn't run by criminals but by actual agents as a honeypot, or if you're demanded to hand over personal information that might end up to the agents. Getting caught by de-anonymizing onion routing is the government's last course as it most of the times requires coordination with other nations. This attack is known as "correlation attack". It becomes even more difficult to de-anonymize if it's a hidden service.

but I would never ever purchase drugs via TOR.
You shouldn't, not because you might get caught, but because 99% of these sites are scam.
legendary
Activity: 3276
Merit: 2442
October 01, 2022, 03:55:46 AM
#16
As such, nodes are often run by intelligence agencies. Sad

It's why I don't really trust Tor...

The same goes for the dark/deep web. They want all the illegal activities to happen there so they can catch them all in one swoop. Just don't say or do anything online which you wouldn't do in your real life and you will be fine. As far as I am concerned TOR or any other stuff are only good for accessing information/websites which are blocked in your country. Some countries block porn websites too and it comes in handy in those situations too but I would never ever purchase drugs via TOR. I'd rather buy a ticket and visit the Netherlands instead.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
October 01, 2022, 03:41:28 AM
#15
What always bothered me about Tor is that there is not real incentive to be a node.
There's the same incentive as with running a Bitcoin node: privacy. Whenever you use Tor to browse the internet privately, you're a node that relays traffic. That's why the more Tor users the better. You can use Nyx to see to whom you send information, by whom do you receive it, and other general bandwidth info.

What you must have meant is an incentive to run an exit node. Not only doesn't there be an incentive, but there's actually a disincentive, because IP addresses from exit nodes are not welcomed in some sites. That's why there are very few: https://tor.stackexchange.com/questions/646/why-are-there-only-1000-exit-relays/
newbie
Activity: 23
Merit: 5
September 30, 2022, 05:25:14 PM
#14
What always bothered me about Tor is that there is not real incentive to be a node.

Yet, at the same, being a node requires many resources. Among them, you better have an ISP that's going to be lenient over all the crazy stuff that's going to go through your node!

As such, nodes are often run by intelligence agencies. Sad

It's why I don't really trust Tor...
legendary
Activity: 3556
Merit: 9709
#1 VIP Crypto Casino
September 30, 2022, 11:19:24 AM
#13
Storing any significant amount of bitcoin on any device, using any browser is stupid. I don’t care what privacy you supposedly think you have. Don’t use a VPN either. My stash is in deep, fucking cold storage, you’d have to torture me to get my seeds/passphrases.

Seriously, you are never safe browsing if you store bitcoin on the device you browse with.

Stay smart & HODL.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
September 30, 2022, 08:36:55 AM
#12
Is the attack similar to Sybil attack, wherein the attacker handles multiple IP addresses and effectively "surrounds" a Bitcoin node? Doesn't this require computational power as well?

At present though, sure. TOR doesn’t have enough participants to make it decentralized enough to secure something like the Bitcoin network.
Tor is the largest anonymity-preserving network at the moment.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
September 30, 2022, 06:54:01 AM
#11
That paper wasn't particularly correct when it was written--  essentially it's saying that a bad guy could dos attack all hidden service bitcoin peers AND make all clearnet peers ban all the tor peers.  And thus cause the tor using user to drop the protection of tor.  Okay, that used to be a concern but (1) the latter attack would have been highly visible and never happened and (2) "here is this benefit that DOS attacks might make you turn off" isn't a reason to not use the beneficial thing to begin with!

But worse, its completely inapplicable now -- and for many years -- because the banning mechanism they're discussing was removed.

But hey, every time I see someone promoting it I get extra information on which users are slightly more likely to be state actors trying to undermine the privacy of Bitcoin users.  So at least it has that benefit.

Kinda sucks though that bitcoiners don't even know that it's totally inapplicable and these same FUD threads keep getting repeated year after year and people that probably heard the correction don't remember.

Someone should probably put together a website with a list of links to papers like the OP posted, a one or 2 line summary of what it says, and then a link to an article / post / document as to why it is wrong.

So, when someone comes and does post about it again, all someone else has to do is say no, that's wrong here is why and here is the link.

Just saves time, and discussion and so on.

-Dave
staff
Activity: 4284
Merit: 8808
September 30, 2022, 03:41:27 AM
#10
That paper wasn't particularly correct when it was written--  essentially it's saying that a bad guy could dos attack all hidden service bitcoin peers AND make all clearnet peers ban all the tor peers.  And thus cause the tor using user to drop the protection of tor.  Okay, that used to be a concern but (1) the latter attack would have been highly visible and never happened and (2) "here is this benefit that DOS attacks might make you turn off" isn't a reason to not use the beneficial thing to begin with!

But worse, its completely inapplicable now -- and for many years -- because the banning mechanism they're discussing was removed.

But hey, every time I see someone promoting it I get extra information on which users are slightly more likely to be state actors trying to undermine the privacy of Bitcoin users.  So at least it has that benefit.

Kinda sucks though that bitcoiners don't even know that it's totally inapplicable and these same FUD threads keep getting repeated year after year and people that probably heard the correction don't remember.
legendary
Activity: 3472
Merit: 10611
September 30, 2022, 12:46:55 AM
#9
Still reading, but I found this...
Quote
The proof of work consists of finding a cryptographic hash value for a block of transactions which starts with a certain number of leading zero bits (32 when Bitcoin was first proposed, 67 zero bits at present).
That misconception will never die.
Can you explain for the noobs?
In short people are confusing a "smaller than or equal to comparison" with "counting number of zeros".

In bitcoin's PoW, after the hash is computed it is compared with the 256 bit target as an integer and if the integer representation of the hash was smaller than or equal to the target then it is a valid hash, otherwise it is rejected.

If we count zeros we could accept a wrong hash or reject a valid one.
For example assuming we only have 4 bits (instead of 256) and hash is 0101 (5), it is smaller than 0110 (6) and bigger than 0100 (4) but all three values start with the same number of zeros (1 zero in 4 bit representation). If the target were 0100 and you accept 0101 because it has the same number of starting zeros that is invalid hash and the block is rejected.
legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
September 30, 2022, 12:37:30 AM
#8
It is well known that some 3L3tter agencies are running several Tor exit nodes ...so it is a great vulnerability to run a node over Tor, but it is still more secure than running it over a public network.  Roll Eyes

We should take some precautions to protect our "nodes" .... but nothing is 100% secure in a world where attacks are coming from highly trained and skilled people that knows almost all exploits in the system. ( A lot of those attacks are government sanctioned)  Roll Eyes
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
September 30, 2022, 12:30:11 AM
#7
So are you saying I just allow my node to connect on both clearnet and Tor, or create two separate nodes and some method of comparing the respective states, as suggested in the paper?

Thanks for all your suggestions. Unfortunately I'm not super tech savvy and so I imagine these will be beyond my ability to integrate.

No you don't need to run two nodes.

By default, when you start Bitcoin Core, it tries to connect via IPV4, IPV6, and if you configured a Tor proxy (which you seemed to have done already), by Tor as well. There is no special configuration that you need to make to make your node attack-proof. You're only theoretically at risk if you have onlynet=tor in your config file or command line.
donator
Activity: 4760
Merit: 4323
Leading Crypto Sports Betting & Casino Platform
September 29, 2022, 11:03:54 PM
#6
I feel like the more TOR grows the less of an attack vector this is. If Bitcoin was running over TOR by default and all users running core software were also acting as TOR exit nodes, I don’t realistically see this being a major concern. At present though, sure. TOR doesn’t have enough participants to make it decentralized enough to secure something like the Bitcoin network.
newbie
Activity: 29
Merit: 46
September 29, 2022, 09:20:55 PM
#5
Still reading, but I found this...
Quote
The proof of work consists of finding a cryptographic hash value for a block of transactions which starts with a certain number of leading zero bits (32 when Bitcoin was first proposed, 67 zero bits at present).

That misconception will never die.


Can you explain for the noobs?



The paper says that running Tor and clearnet together mitigates the attack so just so that. Other short-term solutions I can think of:

- "Glitch" the address buckets - randomly drop addresses from the bucket on an hourly interval even when they are not full.
- Require all peers to submit their block height block hash of their longest tip, and ban nodes that don't have info that matches what is stored locally.
- glitch the banlist by randomly deleting some banned peers which weren't added manually.
- Reply to GETADDR messages with randomized ADDR messages that changes on each request.

Quote
Another advice for a user would be to run two Bitcoin nodes, one over Tor and one without, and compare their blockchains and unconfirmed transactions. This would prevent from creation of virtual reality for Tor-only users.

So are you saying I just allow my node to connect on both clearnet and Tor, or create two separate nodes and some method of comparing the respective states, as suggested in the paper?

Thanks for all your suggestions. Unfortunately I'm not super tech savvy and so I imagine these will be beyond my ability to integrate.

[moderator's note: consecutive posts merged]
staff
Activity: 3304
Merit: 4115
September 29, 2022, 05:35:23 PM
#4
I think we fall into the trap that Tor automatically makes everything better, when it doesn't. Basically, when ever you add another layer to your security, there's the potential problem of introducing a new layer of attack. For example, there's some real concerns about privacy when it comes to Tor. That's been well documented, and actually made it to mainstream tv shows, but we still automatically assume Tor is safe.

The real question is your threat model though. Since, running Tor also removes some of the problems of running it without Tor. It would probably take too long to go through everything that could potentially be compromised from doing one or the other. So, it's really up to the user themselves to decide what's better from a individual perspective.
legendary
Activity: 4466
Merit: 3391
September 29, 2022, 03:21:14 PM
#3
Still reading, but I found this...
Quote
The proof of work consists of finding a cryptographic hash value for a block of transactions which starts with a certain number of leading zero bits (32 when Bitcoin was first proposed, 67 zero bits at present).

That misconception will never die.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
September 29, 2022, 01:16:34 PM
#2
The paper says that running Tor and clearnet together mitigates the attack so just so that. Other short-term solutions I can think of:

- "Glitch" the address buckets - randomly drop addresses from the bucket on an hourly interval even when they are not full.
- Require all peers to submit their block height block hash of their longest tip, and ban nodes that don't have info that matches what is stored locally.
- glitch the banlist by randomly deleting some banned peers which weren't added manually.
- Reply to GETADDR messages with randomized ADDR messages that changes on each request.
newbie
Activity: 29
Merit: 46
September 29, 2022, 10:58:45 AM
#1
Hi guys,

I just stumbled across this paper (https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.1054.9020&rep=rep1&type=pdf), which talks about huge vulnerabilities encountered when running a Bitcoin node over Tor.

Quote
In this paper we show that combining Tor and Bitcoin creates a new attack vector. A low-resource attacker can gain full control of information flows between all users who chose to use Bitcoin over Tor. In particular the attacker can link together user’s transactions regardless of pseudonyms used, control which Bitcoin blocks and transactions are relayed to user and can delay or discard user’s transactions and blocks. Moreover, we show how an attacker can fingerprint users and then recognize them and learn their IP addresses when they decide to connect to the Bitcoin network directly.

What do you guys think?

I'm tossing up whether to continue using Tor or switch back to clearnet.
Jump to: