fix(privacy): route Tari clearnet peer dials through Tor SOCKS — genuinely behind Tor (#271)#285
Merged
Merged
Conversation
…pass_for_outbound_tcp=false) minotari's tor transport defaults proxy_bypass_for_outbound_tcp=true, so SocksTransport::dial() direct-dials any peer that advertises a bare /ip4|/ip6 .../tcp address (the seed list ships clearnet variants) — bypassing Tor and leaking the home IP, observed live as sustained connections to public IPs despite type="tor". Setting it false routes every non-onion dial through the SOCKS proxy, so Tari reaches those peers via Tor exit nodes: fully functional AND never touching clearnet directly. Keep proxy_bypass_addresses empty (no per-address exemptions; we run no local Tari wallet). Verified against tari v5.3.0 source (transport.rs:160-212, socks.rs:119-128) and the tari-launchpad docker_rig config. Residual (tracked separately): Tari Pulse does a checkpoint DNS lookup with no upstream off-switch; the node tolerates it being blocked. Merge-mining is unaffected (base node ↔ MM proxy over local gRPC). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…xy_bypass_for_outbound_tcp=false) Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #271. The substantive Wave 2 item — makes Tari functional and private over Tor, the only app that was previously blocked-but-dead under the #270 firewall.
Root cause (confirmed against tari v5.3.0 source + tari-launchpad)
minotari's tor transport defaults
proxy_bypass_for_outbound_tcp = true. With it true,SocksTransport::dial()(comms/core/src/transports/socks.rs:119-128) direct-dials any peer that advertises a bare/ip4|/ip6 .../tcpaddress, bypassing Tor — and the seed list ships clearnet variants. That's the leak #271 observed (sustained direct connections to public IPs despitetype = "tor"). tari-launchpad's owndocker_rig/config.tomlcarries this exact knob.Fix (
build/tari/config.toml.template, one setting)Now clearnet peers are reached via Tor exit nodes, so Tari keeps full connectivity while never touching clearnet directly. Merge-mining is unaffected (base node ↔ MM proxy is local gRPC).
Live validation (gouda, firewall on)
Tari now routes 100% of outbound through Tor and is back to actively connecting to peers (handshakes are slow/flaky over Tor — the latency cost #256 will quantify). Combined with the existing dead-resolver DNS sinkhole (#162), Tari has no clearnet TCP and no clearnet DNS — genuinely, completely behind Tor.
Tests:
tests/stack/run.shasserts the config (full suite green). Note: applies onpithead upgrade(re-renders service configs);pithead applyonly re-renders on.envchanges.Follow-ups (not blocking)
tari-project/tari: the privacy-hostileproxy_bypass_for_outbound_tcp=truedefault undertype="tor", and Tari Pulse having no disable flag (we already sinkhole its DNS).🤖 Generated with Claude Code