Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
torcontrol: Launch a private Tor instance when not already running #15421
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.
Reviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.
This should be opt-in and not enabled by default, right?
It is bad usability (and perhaps even a breach of trust) to take actions on behalf of the end-user that the end-user cannot reasonably expect.
With that said: if done in a 100% opt-in fashion this change seems fine conceptually.
@luke-jr #15382 in its current incarnation uses
@practicalswift I agree we shouldn't be launching arbitrary binaries named "tor" without the user opting into that. I'm not sure how this PR changes existing behavior. For modern versions of Tor we automatically create a hidden service if the user is running Tor: "if Tor is running (and proper authentication has been configured), Bitcoin Core automatically creates a hidden service to listen on", but that's quite different from starting Tor.
We already make outbound TCP connections by default. Note that this does not operate Tor as an exit node, nor does it even use it for outbound connections - it is exclusively for an inbound hidden service only.
The end goal, is to display the hidden service address in a QR code for easy pairing with mobile wallets.
Not practical. We're going to need it either way from the sound of it.
That's still detectable for network observers afaik. Let's just add a
It also seems unsafe to call a random executable in the users path called