Author

Topic: Tradeoffs between using Whonix vs Configuring Bitcoin Core to use Tor? (Read 173 times)

legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
I guess I have two primary concerns for the bare metal approach:

1. My IP might leak somehow, despite Tor being configured correctly (maybe a bug in Bitcoin Core causes this, or maybe my bitcoin.conf file gets ignored somehow and I don't realize it for a while (this was an issue I ran into when I specified a non-default data directory, but it hasn't been a problem using the default)).
--snip--
1. I can see that happening. But at very least, passive listener/spy cannot be fully sure whether you're the one who create the transaction or propagate someone else transaction.
--snip--
I'm sorry, I'm not quite following your first point about the passive listener/spy not being fully sure of who created the transaction. Would you please expand on that a bit?

Thanks.

Initially you worried about IP leak due to possible bug on Bitcoin Core. When full node connect to other nodes, it can send and receive transactions from/to other nodes. By passive listener/spy, i refer to one of these,
1. Other full node connected to your node.
2. Other device who use same WiFi/LAN connection.
3. Your ISP.
4. Your VPN provider, assuming you use VPN.

So those party could know your full node (along with your real IP address) broadcast certain transaction. But they cannot be fully sure since the transaction itself doesn't contain any information about which node that initially create or broadcast it.
newbie
Activity: 15
Merit: 35
1. My IP might leak somehow, despite Tor being configured correctly
It's not like that with Tor, worse thing that could happen is that you won't be able to connect to the internet over Tor for some reason, but there is nobody to spy on your real IP address since you are the one running the node.
Your Whonix setup would be much more important when you are making transactions, when you are sending and receiving bitcoin.
Some bitcoin wallets have integrated Tor switch, that is a good idea, but there was a issue when real IP adderss was leaked with Trezor Suite software.



On the bare metal setup, for making transactions, I was intending to use Sparrow wallet from Tails OS on another dedicated machine separate from the computer dedicated to running ElectrumX and Bitcoin Core, physically connected via an ethernet cable (so Sparrow can communicate with ElectrumX using TCP). Tails OS also routes all the OS traffic through Tor, but I'm not sure if that's relevant for the purposes of broadcasting the transaction.

With this setup, does the transaction get broadcast from the computer running Sparrow wallet, or does it get broadcast from the computer running ElectrumX and Bitcoin Core? This is a hole in my understanding.
legendary
Activity: 2212
Merit: 7064
1. My IP might leak somehow, despite Tor being configured correctly
It's not like that with Tor, worse thing that could happen is that you won't be able to connect to the internet over Tor for some reason, but there is nobody to spy on your real IP address since you are the one running the node.
Your Whonix setup would be much more important when you are making transactions, when you are sending and receiving bitcoin.
Some bitcoin wallets have integrated Tor switch, that is a good idea, but there was a issue when real IP adderss was leaked with Trezor Suite software.

newbie
Activity: 15
Merit: 35
I guess I have two primary concerns for the bare metal approach:

1. My IP might leak somehow, despite Tor being configured correctly (maybe a bug in Bitcoin Core causes this, or maybe my bitcoin.conf file gets ignored somehow and I don't realize it for a while (this was an issue I ran into when I specified a non-default data directory, but it hasn't been a problem using the default)).
2. If running a Bitcoin node makes the computer a target for attackers, at least it would be confined to a VM using Whonix (obviously it isn't on bare metal). Not sure if this is really an issue though considering there are no open ports on the router. I could be overthinking this one.

1. I can see that happening. But at very least, passive listener/spy cannot be fully sure whether you're the one who create the transaction or propagate someone else transaction.
2. If you reveal your real IP address by running full node, the attacker theoretically could attack both your device (whether it's bare metal or VM) and router.

But if you're willing to trust certain VPN provider, you can use Tor over VPN where the OS on bare metal force all connection use VPN, while Bitcoin Core also use Tor.

I'm sorry, I'm not quite following your first point about the passive listener/spy not being fully sure of who created the transaction. Would you please expand on that a bit?

Thanks.
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
I guess I have two primary concerns for the bare metal approach:

1. My IP might leak somehow, despite Tor being configured correctly (maybe a bug in Bitcoin Core causes this, or maybe my bitcoin.conf file gets ignored somehow and I don't realize it for a while (this was an issue I ran into when I specified a non-default data directory, but it hasn't been a problem using the default)).
2. If running a Bitcoin node makes the computer a target for attackers, at least it would be confined to a VM using Whonix (obviously it isn't on bare metal). Not sure if this is really an issue though considering there are no open ports on the router. I could be overthinking this one.

1. I can see that happening. But at very least, passive listener/spy cannot be fully sure whether you're the one who create the transaction or propagate someone else transaction.
2. If you reveal your real IP address by running full node, the attacker theoretically could attack both your device (whether it's bare metal or VM) and router.

But if you're willing to trust certain VPN provider, you can use Tor over VPN where the OS on bare metal force all connection use VPN, while Bitcoin Core also use Tor.
newbie
Activity: 15
Merit: 35
I would like to keep my transactions private, and I've tried using a Whonix Virtual Machine to do this since it routes all the OS traffic through Tor.

Since you posted this thread on "Beginners & Help", have you pay attention to more basic stuff such as not re-using same address, coin/UTXO control or using CoinJoin?

Is using Whonix to run a Bitcoin node overkill?

Depending on your goal or who do you want to protect your privacy/security from, it may be overkill.

Yes, I'm familiar with utilizing different addresses, UTXO control, and coinjoins. I'm not so much a Bitcoin beginner as much as I am a beginner to running my own node. Hence my concern with ensuring I've set it up properly, as well as attackers possibly targeting the computer. I just want to make sure I'm not throwing away the privacy benefits or creating a security hole by screwing up the configuration somehow.
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
I would like to keep my transactions private, and I've tried using a Whonix Virtual Machine to do this since it routes all the OS traffic through Tor.

Since you posted this thread on "Beginners & Help", have you pay attention to more basic stuff such as not re-using same address, coin/UTXO control or using CoinJoin?

Is using Whonix to run a Bitcoin node overkill?

Depending on your goal or who do you want to protect your privacy/security from, it may be overkill.
newbie
Activity: 15
Merit: 35
For both situations, the entire machine is dedicated purely to running the node and is not used for any other purposes whatsoever. It is running Electrumx as well so I don't have the wallet file sitting there unencrypted.

I guess I have two primary concerns for the bare metal approach:

1. My IP might leak somehow, despite Tor being configured correctly (maybe a bug in Bitcoin Core causes this, or maybe my bitcoin.conf file gets ignored somehow and I don't realize it for a while (this was an issue I ran into when I specified a non-default data directory, but it hasn't been a problem using the default)).
2. If running a Bitcoin node makes the computer a target for attackers, at least it would be confined to a VM using Whonix (obviously it isn't on bare metal). Not sure if this is really an issue though considering there are no open ports on the router. I could be overthinking this one.
legendary
Activity: 2212
Merit: 7064
Is using Whonix to run a Bitcoin node overkill? Or are there some significant advantages you can think of that make Whonix worth using over running on bare metal?
Are you using Whonix OS only for running Bitcoin node or for other privacy related task on your computer?
If you are using same computer for other wallets and privacy tasks than it could be justified, but I usually recommend having separate computer device that is dedicated only for running node.

Nice to see that Whonix has a whole page for Bitcoin:
https://www.whonix.org/wiki/Bitcoin
newbie
Activity: 15
Merit: 35
I would like to keep my transactions private, and I've tried using a Whonix Virtual Machine to do this since it routes all the OS traffic through Tor. I don't really know if it's really necessary, though, given it's straightforward to install Tor on Linux and force Bitcoin Core to connect through Tor by ensuring the bitcoin.conf file contains:

Code:
onion=127.0.0.1:[tor port]
listen=0
onlynet=onion
dns=0
dnsseed=0

I am primarily focused on keeping my transactions private and my goal is to minimize the personal security risks of running a Bitcoin node.

I've found the latter configuration (not using Whonix) to be easier to set up/maintain, more reliable, and consume less power. However, I don't feel as confident that everything is happening privately as I do when running the node from within Whonix.

Is using Whonix to run a Bitcoin node overkill? Or are there some significant advantages you can think of that make Whonix worth using over running on bare metal?
Jump to: