Question about Tor and full node

[cellard]

Im not sure if im connecting my full node through Tor properly. From what I understood, with the current Bitcoin Core version you can simply open Tor Browser first, then open Bitcoin Core and your node should be running through Tor anonymously now, but the strange thing is, when I click on "Help -> debug window" and I click on the different nodes on the "peers" tab, it shows that im connecting via my regular IP... so im confused. I understand that im connecting to these nodes with my real IP, but I should be connecting to them through Tor. What's happening?

[1714124922]

1714124922

[1714124922]

1714124922

[HeroC]

Your node connects via Tor *and* your regular IP by default IIRC. To run it only through tor, try using the commandline `-proxy` argument

[cellard]

Your node connects via Tor *and* your regular IP by default IIRC. To run it only through tor, try using the commandline `-proxy` argument

Well according to what I did read, after version 0.12 or something like that, Bitcoin Core would automatically configure itself to route all connections throught Tor if you had opened Tor Browser before opening Bitcoin Core... but according to the wiki it tells you to do that:

https://en.bitcoin.it/wiki/Tor#GUI

Im confused now. I will try to find where I did read that you didn't need to do that anymore.

[aleksej996]

Your node connects via Tor *and* your regular IP by default IIRC. To run it only through tor, try using the commandline `-proxy` argument

Well according to what I did read, after version 0.12 or something like that, Bitcoin Core would automatically configure itself to route all connections throught Tor if you had opened Tor Browser before opening Bitcoin Core... but according to the wiki it tells you to do that:

https://en.bitcoin.it/wiki/Tor#GUI

Im confused now. I will try to find where I did read that you didn't need to do that anymore.

Maybe what they meant is that if you go to Settings->Options->Network and check "Connect to through SOCKS5 proxy" it will have Tor configured as a proxy by default. So just go in that settings and check that and restart the program and you should be fine.

[cellard]

Your node connects via Tor *and* your regular IP by default IIRC. To run it only through tor, try using the commandline `-proxy` argument

Well according to what I did read, after version 0.12 or something like that, Bitcoin Core would automatically configure itself to route all connections throught Tor if you had opened Tor Browser before opening Bitcoin Core... but according to the wiki it tells you to do that:

https://en.bitcoin.it/wiki/Tor#GUI

Im confused now. I will try to find where I did read that you didn't need to do that anymore.

Maybe what they meant is that if you go to Settings->Options->Network and check "Connect to through SOCKS5 proxy" it will have Tor configured as a proxy by default. So just go in that settings and check that and restart the program and you should be fine.

This seems to be the case. I was confused and just assumed taht if the Tor Browser was oppened then Bitcoin Core autoamtically sets it up for you.

By the way I was reading on using Tor with Core and I saw this:

Note: It is not recommended that you use the Tor network for transferring wallets (unless well encrypted) as there are various attacks against this that can result in you losing your wallet, such as man in the middle exit nodes. In this example we are simply using the Tor network to route Bitcoin client traffic over the Tor network in order to perform simple tasks such as transactions and downloading the block chain, as this can help reduce your susceptibility to de-anonymization attacks.

So im not sure anymore if this is a good idea at all... maybe it's better to use a regular VPN than Tor if you want an increased degree of privacy?

[aleksej996]

This seems to be the case. I was confused and just assumed taht if the Tor Browser was oppened then Bitcoin Core autoamtically sets it up for you.

By the way I was reading on using Tor with Core and I saw this:

Note: It is not recommended that you use the Tor network for transferring wallets (unless well encrypted) as there are various attacks against this that can result in you losing your wallet, such as man in the middle exit nodes. In this example we are simply using the Tor network to route Bitcoin client traffic over the Tor network in order to perform simple tasks such as transactions and downloading the block chain, as this can help reduce your susceptibility to de-anonymization attacks.

So im not sure anymore if this is a good idea at all... maybe it's better to use a regular VPN than Tor if you want an increased degree of privacy?

I see people very often confused about exit nodes, that is the part where most people don't understand the best about Tor. VPN are worse for privacy in every way unless you are running a VPN yourself, which kind of defeats the purpose of anonymity in the first place.

Running a Bitcoin node through Tor is absolutely just as safe (even more so) then running it through a VPN or just directly connected through the Internet. Bitcoin is distributed so there is no real harm of MITM attacks, safety is in the protocol already.

Tor exit nodes know about your data just as much as your ISP, there is no difference, except they don't know where it is coming from. Most websites use HTTPS and the contents of the data is hidden between the client and the server, otherwise everyone on your wifi network or your ISP would know your data. All wifi networks are insecure currently as WPA2 has been broken, so if you use a wifi there is no reason not to use Tor exit nodes, as your connection should be end to end encrypted anyway.

I am unsure if Bitcoin Core uses encryption for connections between nodes, but I can tell you that all the data that they are transferring (blocks, transactions,...) is already public knowledge and accessible to anyone and any other Bitcoin full node. So there is absolutely no risk in using Tor in any situation.

Transferring wallet data, which nodes don't do of course as everyone would have everyone's private keys, is just as safe over Tor as over a regular connection or VPN, as your data will be available for your ISP, anyone on your LAN network (and WLAN) network, VPN service and every router between you and the destination to which you are sending your wallet.

[TechPriest]

I see people very often confused about exit nodes, that is the part where most people don't understand the best about Tor. VPN are worse for privacy in every way unless you are running a VPN yourself, which kind of defeats the purpose of anonymity in the first place.

I think it's fair only if you're using VPN from companies. Open source VPN such as OpenVPN not worse than Tor.
But i'm not a big specialist in web safety, so i'm waiting for your response

[aleksej996]

I see people very often confused about exit nodes, that is the part where most people don't understand the best about Tor. VPN are worse for privacy in every way unless you are running a VPN yourself, which kind of defeats the purpose of anonymity in the first place.

I think it's fair only if you're using VPN from companies. Open source VPN such as OpenVPN not worse than Tor.
But i'm not a big specialist in web safety, so i'm waiting for your response

For privacy purposes it definitely is, for security purposes it is equivalent at best. Tor stand for "The onion router" witch means that your communications are encrypted for every Tor relay along the way in layers, like in an onion. This way no one can know the full path of your connection. There are entry guards that know your IP, but have no idea who you are talking to, there are middle relays who know nothing except to pass along some encrypted data from one relay to the other and then there is an exit node who knows who you are talking to, but not who you are.

In a VPN when you exit a network, there is a node that will connect you with your destination. But it will know who you are and who you are talking to. That means that at least one person knows what you are doing on the Internet. In Tor you don't have that, no one knows the whole story.

As for the security, in theory everything should be equally safe when you are encrypting your communications (using HTTPS for example).
And when you are not, then someone always know your data. Everyone in physical proximity if you are using a local network with a wifi, your LAN, your ISP if you are connecting directly, the exit node in Tor and whoever routes packets for your VPN for the outside of the network. In short, in Tor and in VPN whoever controls the IP the site you are connecting to shows you have is the one that can read your unencrypted network.