• Forum has been upgraded, all links, images, etc are as they were. Please see Official Announcements for more information

TOR Masternode Guide

tungfa

Well-known member
Foundation Member
Masternode Owner/Operator
TOR Masternode Guide

Darkcoin Relay:
http://darkcoinie7ghp67.onion/

Guide:
https://bitcointalk.org/index.php?topic=421615.msg5810472#msg5810472

I've not posted in this thread before, so congrats to everyone on DarkCoin.

DarkSend is coming along well and this is a great feature for this project and also for using crypto currency more safely in the future.

I was intending to start a 'Tor Enclave' project for Anoncoin, however I'm a fan of CPU coins and some 'default' features of DarkCoin actually make it more suited to network connectivity when using Tor.

So, I have set-up 2 DarkCoin nodes which are running as dual stack i.e. they have connectivity through Tor as well as through the clear (regular) internet.

Here is the darkcoin.conf settings to enable connectivity via the Tor Browser Bundle.

Note that the Tor Browser Bundle uses Socks 5 port 9150 instead of 9050.

Code:
gen=0
socks=5
proxy=127.0.0.1:9150
maxconnections=8
addnode=33rkrxcfoeduijtb.onion
addnode=hgyvmhd7p2ihasu2.onion

I think this method of connection is preferable to using; -tor=<ip:port> and -onlynet=<net> although thats up to the user.

See: https://bitcointalk.org/index.php?topic=309716.msg3324942#msg3324942

Re: Official Anoncoin Information, FAQ & Description thread. [Moderated] - What/Howto Tor.

See: https://en.bitcoin.it/wiki/Running_Bitcoin

Connectivity can be vastly improved both for the user and within the Tor network by using the following config. (torrc) with the Tor Browser Bundle.

This is a fast / censorship resistant config. which has been slightly adapted to maximize DarkCoin connectivity through Tor.

See: https://bitcointalk.org/index.php?topic=331077.0

Advanced Tor Browser Bundle config. - Anti-Spying - Anti-ECHELON - Anti-FiveEyes

An adapted version of: xeronet Torrc - v3.5f - 'fastest' version

DarkCoin Torrc - Tor Browser Bundle conf. suggested additions.
 
Code:
ClientOnly 1

EnforceDistinctSubnets 0

ExcludeSingleHopRelays 0

AllowSingleHopCircuits 1

EntryNodes spfTOR1e1,spfTOR1e2,spfTOR1e3,spfTOR3,spfTOR4e1,spfTOR4e2,spfTOR4e3,spfTOR5e1,spfTOR5e2,spfTOR5e3,wagtail,chaoscomputerclub18,chaoscomputerclub19,chaoscomputerclub20,chaoscomputerclub21,chaoscomputerclub27,chaoscomputerclub28,chaoscomputerclub29,chaoscomputerclub30,chaoscomputerclub31,chaoscomputerclub32,chaoscomputerclub33,chaoscomputerclub34,DFRI0,DFRI1,DFRI2,hamburgerphone,hitgirl,junis,kimya,luftgitarr,assk,assk2,chomsky,edwardsnowden0,edwardsnowden1,edwardsnowden2,edwardsnowden3,hessel0,hessel1,hessel2,hessel3,amartysen,lumumba,politkovskaja,politkovskaja2,psilotorlu,rainbowwarrior,abbie,yahyaoui,gpfTOR6,HCandersen,JacobRiis,KOPA,OveSprogoee,marcuse1,marcuse2,ekumen,globenet,Lifuka,ph3x,PsychoOnion1,PsychoOnion3,thoreau,dannenberg,dizum,gabelmoo,maatuska,Tonga,tor26,Faravahar,urras,CalyxInstitute00,CalyxInstitute01,CalyxInstitute02,CalyxInstitute03,CalyxInstitute06,CalyxInstitute07,CalyxInstitute08,CalyxInstitute09,loki1,loki2,orilla,chulak,aurora,onak,calmah,avernakis,kalach,remoc,invincibleAI,hviv100,hviv101,froschschenkel,IPredator,angkat,ign,bolobolo1,dorrisdeebrown,herngaard,manning1,manning2,morales,wannabe,zeller,pipit,madiba,AccessNow,AccessNowKromyon02,AccessNowKromyon03,noiseexit01a,noiseexit01b,noiseexit01c,noiseexit01d,Koumbitor,xeronet1us,xeronet2us
ExcludeNodes agitator,46.30.42.152,46.30.42.153,46.30.42.154,Unnamed,default,{ae},{af},{al},{am},{az},{ba},{bd},{bg},{bh},{bn},{by},{cn},{co},{cu},{cy},{dz},{eg},{eh},{er},{et},{ge},{gh},{gm},{hk},{id},{il},{in},{iq},{ir},{jo},{kg},{kp},{kr},{kw},{kz},{la},{lb},{lk},{ly},{ma},{md},{me},{mk},{ml},{mm},{mo},{mr},{mw},{mu},{my},{nf},{ng},{np},{om},{ph},{pk},{ps},{py},{qa},{ug},{ru},{sa},{sd},{sg},{so},{sr},{sy},{tg},{th},{tj},{tm},{tn},{tr},{tw},{uz},{vn},{ye},{yt},{zw},{ao},{bj},{bo},{bw},{bf},{bi},{cm},{cf},{er},{td},{km},{cg},{cd},{ci},{dj},{gq},{ga},{gh},{gm},{gn},{gw},{gy},{lr},{mw},{mz},{na},{ne},{rw},{so},{st},{sn},{sl},{sz},{tz},{ug},{zm},{zw},{??}
ExitNodes spfTOR1e1,77.109.141.138,spfTOR1e2,77.109.141.139,spfTOR1e3,77.109.141.140,spfTOR3,62.220.135.129,spfTOR4e1,77.109.138.42,spfTOR4e2,77.109.138.43,spfTOR4e3,77.109.138.44,spfTOR5e1,77.109.139.26,spfTOR5e2,77.109.139.27,spfTOR5e3,77.109.139.28,gpfTOR6,62.212.67.209,wagtail,77.109.139.87,chaoscomputerclub18,31.172.30.1,chaoscomputerclub19,31.172.30.2,chaoscomputerclub20,31.172.30.3,chaoscomputerclub21,31.172.30.4,chaoscomputerclub27,77.244.254.227,chaoscomputerclub28,77.244.254.228,chaoscomputerclub29,77.244.254.229,chaoscomputerclub30,77.244.254.230,chaoscomputerclub31,217.115.10.131,chaoscomputerclub32,217.115.10.132,chaoscomputerclub33,217.115.10.133,chaoscomputerclub34,217.115.10.134,DFRI0,171.25.193.20,DFRI1,171.25.193.21,DFRI2,171.25.193.131,DFRI3,171.25.193.235,assk,78.108.63.46,assk2,78.108.63.44,abbie,chomsky,77.247.181.162,edwardsnowden0,109.163.234.7,edwardsnowden1,109.163.234.8,edwardsnowden2,109.163.234.9,edwardsnowden3,109.163.234.10,hessel0,109.163.234.2,hessel1,109.163.234.3,hessel2,109.163.234.4,hessel3,109.163.234.5,politkovskaja,politkovskaja2,77.247.181.165,psilotorlu,212.117.180.65,rainbowwarrior,77.247.181.164,amartysen,lumumba,77.247.181.163,yahyaoui,77.247.181.164,thoreau,46.165.221.166,PsychoOnion1,89.187.142.96,PsychoOnion3,89.187.142.208,marcuse1,178.20.55.16,marcuse2,178.20.55.18,ekumen,95.142.161.63,loki1,46.149.20.202,loki2,46.149.28.96,orilla,94.242.252.41,chulak,37.221.161.234,aurora,37.221.161.235,onak,185.25.253.24,calmah,185.25.253.25,hviv101,194.104.126.126,IPredator,194.132.32.42,angkat,223.223.175.2,ign,185.17.93.142,CalyxInstitute00,37.218.244.211,CalyxInstitute01,37.218.244.7,CalyxInstitute02,37.218.244.212,CalyxInstitute03,37.218.244.213,CalyxInstitute06,37.218.245.206,CalyxInstitute07,82.94.251.227,CalyxInstitute08,37.218.244.216,CalyxInstitute09,37.218.244.217,bolobolo1,96.47.226.20,dorrisdeebrown,96.47.226.21,herngaard,96.44.189.102,manning1,96.44.189.100,manning2,96.44.189.101,morales,74.120.12.140,wannabe,96.47.226.22,zeller,74.120.12.135,pipit,199.254.238.44,madiba,209.222.8.196,AccessNow,70.39.66.58,noiseexit01a,173.254.216.66,noiseexit01b,173.254.216.67,noiseexit01c,173.254.216.68,noiseexit01d,173.254.216.69,Koumbitor,199.58.83.10,xeronet1us,198.100.127.34,xeronet2us,198.100.127.36

LongLivedPorts 21,22,80,443,706,1863,5050,5190,5222,5223,6523,6667,6697,8080,8300,9001,9030,9999

NumEntryGuards 8


The main additions are; ExcludeSingleHopRelays 0 , AllowSingleHopCircuits 1 and the addition of DarkCoin port 9999 as a LongLivedPort.

Please note that these settings are advised for DarkCoin connectivity, although potentially enforce making single hop connections via Tor when browsing, which can actually lower your anonymity when using Tor for browsing, although making Tor very fast.

These single hop settings ensure connectivity with the hidden_service nodes that are using these settings, hence referred to as a 'Tor enclave'.

See: https://www.torproject.org/docs/tor-manual.html.en


"ExcludeSingleHopRelays 0|1

This option controls whether circuits built by Tor will include relays with the AllowSingleHopExits flag set to true. If ExcludeSingleHopRelays is set to 0, these relays will be included. Note that these relays might be at higher risk of being seized or observed, so they are not normally included. Also note that relatively few clients turn off this option, so using these relays might make your client stand out. (Default: 1)"

"LongLivedPorts PORTS

A list of ports for services that tend to have long-running connections (e.g. chat and interactive shells). Circuits for streams that use these ports will contain only high-uptime nodes, to reduce the chance that a node will go down before the stream is finished. Note that the list is also honored for circuits (both client and service side) involving hidden services whose virtual port is in this list. (Default: 21, 22, 706, 1863, 5050, 5190, 5222, 5223, 6523, 6667, 6697, 8300)"

"EnforceDistinctSubnets 0|1

If 1, Tor will not put two servers whose IP addresses are "too close" on the same circuit. Currently, two addresses are "too close" if they lie in the same /16 range. (Default: 1)"

"AllowSingleHopCircuits 0|1

When this option is set, the attached Tor controller can use relays that have the AllowSingleHopExits option turned on to build one-hop Tor connections. (Default: 0)"

SERVER ONLY OPTIONS:

"AllowSingleHopExits 0|1

This option controls whether clients can use this server as a single hop proxy. If set to 1, clients can use this server as an exit even if it is the only hop in the circuit. Note that most clients will refuse to use servers that set this option, since most clients have ExcludeSingleHopRelays set. (Default: 0)"

~ Which is what makes connectivity faster as the exit nodes supports single hops on port 9999 and also treats the connection as a LongLivedPort.
cool.gif



Tor hidden services provide much better anonymity for the user of the service than for the hidden service operator.

My thinking is that this adds a very fast layer of 'mix' anonymity for DarkCoin users in addition to using (or when using) DarkSend. The Tor Enclave also reduces the issues with P2P connectivity over the Tor network regarding [scrubbed] connections etc. This is ofc less of an issues of DarkCoin than it is for Tor nodes and the Tor Network as a whole.

Unlike Anoncoin (or other crypto coins) port 9999 is actually allowed in the majority of Tor Entry and Exit servers already within the existing recommended Reduced Exit Policy as:

ExitPolicy accept *:9999 # distinct
cool.gif


See: https://blog.torproject.org/running-exit-node - Tips for Running an Exit Node with Minimal Harassment.

See: https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy - Reduced Exit Policy.


I will continue to work on and update the config. and perhaps start another thread or add it to the existing Torrc thread.

If anyone knows of additional working DarkCoin Tor hidden_service .onion addresses - please send me a PM.

Also, some static IP addresses for existing nodes and pools would be useful for increased connectivity.

Thanks to elan
 
Tried the nodes in the OP, but they do not work, tungfa - I guess this needs some more work.
And I think Masternodes are communicating via ipv4 only, so I guess this is not possible yet. But worth a try.
 
we might be overtaking ourself with this a bit,
but never to late to start and try to make this work or fix it.
I am happy we have the discussion going.
I belive (élan pointed out) we need more relays (8 in the onion) to make this work.
so let's get on it
; )
 
darkstrike420
i saw your earlier post regarding TOR integration and thought
maybe you can provide your knowledge to/for the guide above
tx
 
Back
Top