[tbb-dev] Documenting best practices for P2P Sybil avoidance over Tor

Richard Pospesel richard at torproject.org
Mon Jan 24 17:33:26 UTC 2022 

This *seems* reasonable to me.

tor daemon devs: we should probably explicitly call out best-practices 
w/ regards to circuit isolation when connecting to onion services as 
well. I assume there's no point security/privacy-wise in using multiple 
circuits when connecting to onion services (apart from enabling multiple 
concurrent streams/channels)?


On 12/1/21 07:22, Jeremy Rand wrote:
> Hi Applications Team!
> 
> I would like to propose the following addendum to the SOCKS username 
> section of the Tor-Friendly Applications Best Practices:
> 
> "If your application needs to open a small number of connections (e.g. 
> 10 long-lived connections) to a P2P network, and you want to prevent 
> Sybil attacks, you should seriously consider using a unique SOCKS5 
> username per connection (e.g. by including a new randomly generated 
> string in the username each time a connection is opened), which will 
> minimize the chance of a malicious exit relay interfering with your view 
> of the P2P network.  For example, Bitcoin Core does this.  On the other 
> hand, if your application intends to open a very large number of 
> connections, you should probably not do this, as it will put too much 
> load on the Tor network.  For example, Bitcoin DNS seeders should not do 
> this while spidering P2P nodes."
> 
> I think this is probably uncontroversial advice within the Tor community 
> (I think the Tor devs are aware of Bitcoin Core's behavior and haven't 
> asked the Bitcoin Core team to change it), but it is not necessarily 
> obvious to application developers who may be unfamiliar with Tor, so I 
> think it's worth documenting.  Please let me know if this text is okay 
> to add (or if there's anything that can be improved); I don't want to 
> step on toes by adding this without consulting anyone.
> 
> Cheers,
> 
> _______________________________________________
> tbb-dev mailing list
> tbb-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tbb-dev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tbb-dev/attachments/20220124/d867921b/attachment.sig>

More information about the tbb-dev mailing list