[tor-dev] Arti report 5: August 18 through September 15
Nick Mathewson
nickm at torproject.org
Wed Sep 15 23:21:40 UTC 2021
# Arti Report 5: August 4 through September 15
## Activities since our last report
I'm back, with updates from the last month! We've spent a lot of time over
the last on cleaning up technical debt issues in our code that had
accumulated as I wrote it. There are more tests and warnings enabled than
before, and we've changed some new internal APIs to make them unable to
panic. We're also using the [`derive_builder`][derive_builder] tool to throw
out a bunch of boilerplate code.
When I wrote last month, I'd just finished up the implementation for circuit
build timeout inference. As followup work to that, I worked with Mike Perry
to collect all of the missing specification issues that I'd found while
cloning that feature, and [roll them back][torspec-mr-40] into our
`path-spec.txt` document. Mike'sw found a couple of mistakes in my
implementation that I was able to resolve—fortunately, by removing code from
the Arti timeout inference code.
## Getting a head start on API design
API design will be the focus of our 0.1.0 release, but we still want to get
it "as right as we can" in the upcoming 0.0.1 version.
With that in mind, we've started enumerating the various kinds of programs
and environments that we need to support down the road, and [working on a list
of example programs][ticket-164] that we might be able to ship with Arti.
(My own experience so far is that writing example code is just about the best
way to find API deficiencies.)
## Uplifting new features from C Tor
For our work on congestion control, we're getting a new
[circuit extension handshake][prop332]. Going forward, as we add features to
C Tor, we're going to try to add them to Arti at around the same time. With
that in mind, we have the new handshake implemented (but not enabled): we
used its implementation to validate our specifications double-check
our test vectors.
## Towards guard support
Our largest remaining priority for Arti 0.0.1 is full support for
[guard nodes][guard-spec]. (In Tor, a "guard node" is a relay that a client
decides to use as the first hop for all of its circuits for a long time.
Using guard nodes improves resistance against many kinds of attacks based on
hostile relays.)
We've started laying the groundwork here: we now have support for all of the
guard-related consensus parameters, and we've reworked our relay selection
code to allow picking multiple weighted random items without replacement.
We've also added some previously unneeded lookup-by-ID features to network
directory code.
(Fun fact: the Tor implementation of mapping IDs to relays has been
historically ugly, since we don't really know a relay's ed25519 identity
until we have a microdescriptor for it. In C, this has led to a reasonably
messy pile of dangling pointer bugs…which Rust won't even let us write!
Also, we've made better design choices in Arti about our directory objects,
so we don't have do support all of the strange mutability that our C code had
to try to handle.)
We're now in the midst of coding up a guard implementation. The tricky part
here is that our guard logic affects circuit building selection (since
circuit paths must begin with a guard), but circuit construction affects
guard selection. We're experimenting with different designs to try to keep
the complexity here under control.
# Thanks to awesome volunteers!
Thanks to Jani Monoses for migrating Arti to the tracing crate and adding
journald support; to Robin Leander Schröder for cleaning up some of our
`unwrap_or()` code; to S0AndS0 for work enabling the `unwrap_used` Clippy
lint; to Daniel Eades for work cleaning up Clippy lints in our test modules,
and to Trinity Pointard for work on stream isolation and reproducible builds!
[ticket-164]: https://gitlab.torproject.org/tpo/core/arti/-/issues/164
[prop-332]: https://gitlab.torproject.org/tpo/core/torspec/-/blob/main/proposals/332-ntor-v3-with-extra-data.md
[derive_builder]: https://crates.io/crates/derive_builder
[torspec-mr-40]:
https://gitlab.torproject.org/tpo/core/torspec/-/merge_requests/40
[guard-spec]: https://gitlab.torproject.org/tpo/core/torspec/-/blob/main/guard-spec.txt
More information about the tor-dev
mailing list