Return-Path: Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id 405E9C07AC for ; Sun, 17 Nov 2019 20:37:51 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 291D2849FA for ; Sun, 17 Nov 2019 20:37:51 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ACty54cZj4gu for ; Sun, 17 Nov 2019 20:37:49 +0000 (UTC) X-Greylist: delayed 00:18:04 by SQLgrey-1.7.6 Received: from APC01-PU1-obe.outbound.protection.outlook.com (mail-oln040092254089.outbound.protection.outlook.com [40.92.254.89]) by fraxinus.osuosl.org (Postfix) with ESMTPS id 92E6B84974 for ; Sun, 17 Nov 2019 20:37:48 +0000 (UTC) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AbALlYrWkAlDnmkOZnyAOfpWCofXp5hSPNrdUdq9NnZIky1oyU52fLWSEVMXjGKQf3SJMupWB6kgXkKPo6daS04YSw7MnTFotuVwP8n0N4RHmhFiLuBEmLT51p8ElO0nxTr8XoayxZC7vqpjBTLK5QYQXWFtMAS3pb/GAjbm+HvyEqy3ihfLxMKdXtT1IcDTEoxKAcICz/+LhvPmaApdazQXzXr9Lwkf72B3Niy1zisk3DSMtQyrkOFr6OnUybHS289W6bOE2ocCDVP7SGa7p+jhFxcsx5x7Jn0KYIPV0qRjtcQM9/tDbYALC26IueCmd1OvVZEgtyOW+V7E5DR40g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=XJQLPNXNG4hcHgwae3ki5I0NuxG1yJh7UjWE52grizc=; b=UpqD/h4Vq1n1NMoHQm0ubJXqniuqC9HTGZa7XreFI8F0A7OiGdk0lxUfQiGkislVNYAmIBUYaUEpmZ52X4LpLAerKQ2YYiE7Amb7oON71LjDpIKxa2ldiXTcsmp3IWY+Op94BvUur/cFNbFVMblxa9tXU0mM7Q7SYrMGl4BhBlK3goLuQzZz+ZceqmhdJ+/RIYHgfQ7ak016t8q7vCkB1sU1bnOCD72B4RvbIcf6P8DeXKOAhsUNpUMx/ei7Xja70dNp8jTAUYAOLGQjh45bqqgfaXc+aRLiizHton3Uq4EOKHjxoQg5A/R7Kh/QDOZE5/tQF4rXlADRIP/W2jcJsQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none Received: from SG2APC01FT049.eop-APC01.prod.protection.outlook.com (10.152.250.58) by SG2APC01HT123.eop-APC01.prod.protection.outlook.com (10.152.251.163) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2451.23; Sun, 17 Nov 2019 20:04:04 +0000 Received: from PS2P216MB0179.KORP216.PROD.OUTLOOK.COM (10.152.250.58) by SG2APC01FT049.mail.protection.outlook.com (10.152.251.207) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2451.23 via Frontend Transport; Sun, 17 Nov 2019 20:04:04 +0000 Received: from PS2P216MB0179.KORP216.PROD.OUTLOOK.COM ([fe80::8894:14d9:68de:ed5d]) by PS2P216MB0179.KORP216.PROD.OUTLOOK.COM ([fe80::8894:14d9:68de:ed5d%9]) with mapi id 15.20.2451.029; Sun, 17 Nov 2019 20:04:04 +0000 From: LORD HIS EXCELLENCY JAMES HRMH To: "Mr. Lee Chiffre" , Bitcoin Protocol Discussion , s7r Thread-Topic: [bitcoin-dev] v3 onion services Thread-Index: AQHVnQShIfQtUSgPdEiVtoo6UmAXYaePfy8AgABGz9A= Date: Sun, 17 Nov 2019 20:04:04 +0000 Message-ID: References: <8fd4e30c4c1c24442686dd51727e75cc.squirrel@giyzk7o6dcunb2ry.onion>, In-Reply-To: Accept-Language: en-AU, en-US Content-Language: en-AU X-MS-Has-Attach: X-MS-TNEF-Correlator: x-incomingtopheadermarker: OriginalChecksum:6813E1BBFB3B89D197C60CAFA3362A4030A1EB0F98FBDC28F49FF7989556D49A; UpperCasedChecksum:FCDCDEA7FDB9A16C4547974E74DEE902675BEC425320E2612198C77C027A73FD; SizeAsReceived:7041; Count:45 x-ms-exchange-messagesentrepresentingtype: 1 x-tmn: [UQUt25b8zdPzIrLIMDR/XJ44WAc62kr5] x-ms-publictraffictype: Email x-incomingheadercount: 45 x-eopattributedmessage: 0 x-ms-office365-filtering-correlation-id: 2fae3383-b2a0-4a85-42f3-08d76b994bf6 x-ms-traffictypediagnostic: SG2APC01HT123: x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 460KWJJOYLK3Jmf8hdwr/RFdWS1/QS1eLLs0ptuJp5XP5Br5eDb3/18UQO8CycwC2QNS0CtpWZpAQk/x+kH2M1AMzeXR3fFxYhKKiY7G6p0545EXR/dAwROGMWosYRB4NqaERtipjXYKafgoWzGjqcObvodACH8G/li0sN0EfVmOXf0E7arYD9Z6J7g/99eF x-ms-exchange-transport-forked: True Content-Type: multipart/alternative; boundary="_000_PS2P216MB01798627A61D2214FB3ED0D79D720PS2P216MB0179KORP_" MIME-Version: 1.0 X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-CrossTenant-Network-Message-Id: 2fae3383-b2a0-4a85-42f3-08d76b994bf6 X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Nov 2019 20:04:04.3873 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Internet X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-Transport-CrossTenantHeadersStamped: SG2APC01HT123 X-Mailman-Approved-At: Sun, 17 Nov 2019 20:41:22 +0000 Subject: Re: [bitcoin-dev] v3 onion services X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Nov 2019 20:37:51 -0000 --_000_PS2P216MB01798627A61D2214FB3ED0D79D720PS2P216MB0179KORP_ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable For those perhaps not so well versed in the operation of Bitcoin (and Bitco= in Core) with Tor, connectivity through the outgoing connection to other no= des is all accomplished via the socks5 proxy which enables all current goss= ip and the distribution of the nodes own transactions to other nodes. This = is a full connectivity feature. For listening, Bitcoin Core instructs Tor to create an ephemeral hidden ser= vice which, depending on the various factors, may be currently v2 only or v= 3 (future implementation). This is not necessary for the functionality of n= ode connectivity in any way and is only used to allow for hidden listening = so that other nodes connecting out on the onion can connect privately witho= ut hopping on the public internet at all and without exposing the nodes pub= lic IP or ports as listening (no port forwarding required and no listing on= nodes list with public IP). It is currently possible for many nodes to exi= st as onion only nodes. For the time being, although I did wonder myself, the use of v3 ephemeral s= ervice is not a requirement of operation on Bitcoin and hardly adds anythin= g to security especially if we enable transient onion listening (a feature = proposal is currently waiting for consideration/approval on bitcoin-core-de= v and GitHub), however, eventually it will be essential to make use of the = v3 ephemeral service as the v2 service support will, as I understand, event= ually be dropped from the Tor network. I do not know if there are any curre= nt distinct plans. My opinion is, v3 support is a nice idea but hardly urgent yet. Good luck i= f it ends up with an ack as I suspect some of the changes required will be = complex and this may be perhaps the best reason to begin on it while there = is interest. Regards, LORD HIS EXCELLENCY JAMES HRMH ________________________________ From: bitcoin-dev on behalf= of s7r via bitcoin-dev Sent: Monday, 18 November 2019 2:35 AM To: Mr. Lee Chiffre ; Bitcoin Protocol Discussion = Subject: Re: [bitcoin-dev] v3 onion services Mr. Lee Chiffre via bitcoin-dev wrote: > Right now bitcoin client core supports use of tor hidden service. It > supports v2 hidden service. I am in progress of creating a new bitcoin > node which will use v3 hidden service instead of v2. I am looking at > bitcoin core and btcd to use. Do any of these or current node software > support the v3 onion addresses for the node address? What about I2P > addresses? If not what will it take to get it to support the longer > addresses that is used by i2p and tor v3? > > Hello, Yes, that is correct. Currently at present moment only v2 onion services are supported. Bitcoin Core is limited at 128 bit 'addresses' in the p2p protocol, so it requires a rework of the p2p protocol. v3 onion services are whole ed25519 public keys, base32 encoded with .onion at the end. Same reason applies to I2P 'address types' as well. However, I am not an expert in I2P and don't actually know how many bitcoin full nodes might exist in I2P. See: https://github.com/bitcoin/bitcoin/issues/9214 https://github.com/bitcoin/bitcoin/issues/2091 For the default `ADD_ONION` feature, the onion service key was downgraded to explicitly RSA1024 (legacy, v2 onion services) to ensure the feature still works out of the box: https://github.com/bitcoin/bitcoin/pull/9234 If you want a Tor only full node, you are best to use v2 onion services for now. Why do you need the bitcoin node to explicitly have a v3 onion address? You can have a service that is accessible to the general public as a v3 onion service, and in the back uses a bitcoin full node that uses v2 onion service to talk to other nodes. The v2 onion service bitcoin network is extended fairly. You can use in the same torrc (Tor configuration file), implicitly same Tor process/daemon simultaneously v2 and v3 onion services by setting HiddenServiceVersion parameter after every HiddenServiceDir parameter. --_000_PS2P216MB01798627A61D2214FB3ED0D79D720PS2P216MB0179KORP_ Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
For those perhaps not so well versed in the operation of Bitcoin (and Bitco= in Core) with Tor, connectivity through the outgoing connection to other no= des is all accomplished via the socks5 proxy which enables all current goss= ip and the distribution of the nodes own transactions to other nodes. This is a full connectivity feature.

For listening, Bitcoin Core instructs Tor to create an ephemeral hidden ser= vice which, depending on the various factors, may be currently v2 only or v= 3 (future implementation). This is not necessary for the functionality of n= ode connectivity in any way and is only used to allow for hidden listening so that other nodes connecting = out on the onion can connect privately without hopping on the public intern= et at all and without exposing the nodes public IP or ports as listening (n= o port forwarding required and no listing on nodes list with public IP). It is currently possible for many n= odes to exist as onion only nodes.

For the time being, although I did wonder myself, the use of v3 ephemeral s= ervice is not a requirement of operation on Bitcoin and hardly adds anythin= g to security especially if we enable transient onion listening (a feature = proposal is currently waiting for consideration/approval on bitcoin-core-dev and GitHub), however, eventuall= y it will be essential to make use of the v3 ephemeral service as the v2 se= rvice support will, as I understand, eventually be dropped from the Tor net= work. I do not know if there are any current distinct plans.

My opinion is, v3 support is a nice idea but hardly urgent yet. Good luck i= f it ends up with an ack as I suspect some of the changes required will be = complex and this may be perhaps the best reason to begin on it while there = is interest.

Regards,
LORD HIS EXCELLENCY JAMES HRMH


From: bitcoin-dev <bitco= in-dev-bounces@lists.linuxfoundation.org> on behalf of s7r via bitcoin-d= ev <bitcoin-dev@lists.linuxfoundation.org>
Sent: Monday, 18 November 2019 2:35 AM
To: Mr. Lee Chiffre <lee.chiffre@secmail.pro>; Bitcoin Protoco= l Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] v3 onion services
 
Mr. Lee Chiffre via bitcoin-dev wrote:
> Right now bitcoin client core supports use of tor hidden service. It > supports v2 hidden service. I am in progress of creating a new bitcoin=
> node which will use v3 hidden service instead of v2. I am looking at > bitcoin core and btcd to use. Do any of these or current node software=
> support the v3 onion addresses for the node address? What about I2P > addresses? If not what will it take to get it to support the longer > addresses that is used by i2p and tor v3?
>
>

Hello,

Yes, that is correct. Currently at present moment only v2 onion services are supported. Bitcoin Core is limited at 128 bit 'addresses' in the p2p protocol, so it requires a rework of the p2p protocol. v3 onion services are whole ed25519 public keys, base32 encoded with .onion at the end.

Same reason applies to I2P 'address types' as well. However, I am not an expert in I2P and don't actually know how many bitcoin full nodes might
exist in I2P.

See:
https://github.c= om/bitcoin/bitcoin/issues/9214

https://github.c= om/bitcoin/bitcoin/issues/2091


For the default `ADD_ONION` feature, the onion service key was
downgraded to explicitly RSA1024 (legacy, v2 onion services) to ensure
the feature still works out of the box:

https://github.com= /bitcoin/bitcoin/pull/9234

If you want a Tor only full node, you are best to use v2 onion services
for now. Why do you need the bitcoin node to explicitly have a v3 onion
address? You can have a service that is accessible to the general public as a v3 onion service, and in the back uses a bitcoin full node that
uses v2 onion service to talk to other nodes. The v2 onion service
bitcoin network is extended fairly.

You can use in the same torrc (Tor configuration file), implicitly same
Tor process/daemon simultaneously v2 and v3 onion services by setting
HiddenServiceVersion parameter after every HiddenServiceDir parameter.

--_000_PS2P216MB01798627A61D2214FB3ED0D79D720PS2P216MB0179KORP_--