Bitcoin Forum
October 20, 2017, 08:57:08 AM *
News: Latest stable version of Bitcoin Core: 0.15.0.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Android wallet and TOR  (Read 2191 times)
yabu
Newbie
*
Offline Offline

Activity: 19


View Profile
November 02, 2013, 07:27:23 AM
 #1

I'm wondering whether the Android bitcoin wallet works with TOR?

Because this page https://code.google.com/p/bitcoinj/wiki/Limitations gives the impression that it wouldn't work. But then again Orbot https://www.torproject.org/docs/android.html.en gives the impression that it can take the network traffic from the bitcoin wallet and route it over TOR.

I'm confused.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1508489828
Hero Member
*
Offline Offline

Posts: 1508489828

View Profile Personal Message (Offline)

Ignore
1508489828
Reply with quote  #2

1508489828
Report to moderator
1508489828
Hero Member
*
Offline Offline

Posts: 1508489828

View Profile Personal Message (Offline)

Ignore
1508489828
Reply with quote  #2

1508489828
Report to moderator
1508489828
Hero Member
*
Offline Offline

Posts: 1508489828

View Profile Personal Message (Offline)

Ignore
1508489828
Reply with quote  #2

1508489828
Report to moderator
Andreas Schildbach
Moderator
Hero Member
*
Offline Offline

Activity: 563



View Profile WWW
November 02, 2013, 03:53:09 PM
 #2

I think it doesn't work because bitcoinj/netty doesn't support setting a proxy.

Bitcoin Wallet for Android: Your own Bitcoins, in your own pocket!
https://play.google.com/store/apps/details?id=de.schildbach.wallet
Mike Hearn
Legendary
*
Offline Offline

Activity: 1526


View Profile
November 02, 2013, 04:23:32 PM
 #3

Matt has been working on a rewrite of the network layer that would let us route traffic over Tor. It's not obvious that it's a good idea though. Using Tor essentially puts a MITM on every connection you make, unless you're connecting to hidden services. Supporting discovery of hidden services would take a bit more work.
yabu
Newbie
*
Offline Offline

Activity: 19


View Profile
November 03, 2013, 06:05:09 AM
 #4

Is there a way to know for sure whether the android wallet bypasses Orbot or not?

I did a test transaction and looked it up at http://blockchain.info and the IP address listed under 'Relayed by IP' was not my own. But then again it doesn't have to be even if the android wallet connects directly.
lukey
Member
**
Offline Offline

Activity: 75


View Profile
November 17, 2013, 08:36:21 PM
 #5

I don't know if this can answer this question, but i recently sent a small amount of bitcoins to a market place. I'm still waiting on the transaction. It still hasn't transmitted and completely froze my wallet on my phone you can say. Every time I try to send a payment, it says that my current balance on my wallet is still waiting for confirmation. I don't understand lol.

~ I did use Tor
Andreas Schildbach
Moderator
Hero Member
*
Offline Offline

Activity: 563



View Profile WWW
November 18, 2013, 10:15:45 AM
 #6

@lukey I pm'ed you.

Bitcoin Wallet for Android: Your own Bitcoins, in your own pocket!
https://play.google.com/store/apps/details?id=de.schildbach.wallet
yabu
Newbie
*
Offline Offline

Activity: 19


View Profile
November 23, 2013, 04:03:43 PM
 #7

Just to follow up on this. I tested this network log application
https://f-droid.org/repository/browse/?fdid=com.googlecode.networklog

And with the information it provides it looks very much like Orbot manages to route the Android Wallet over Tor.

Btw. is the Android wallet more at risk from an rogue exit node than the satoshi client?
Mike Hearn
Legendary
*
Offline Offline

Activity: 1526


View Profile
November 24, 2013, 01:42:58 PM
 #8

Yes, the risk is higher.

The new network stack is ready for testing. Andreas could produce a test/beta version that routes traffic over Tor now. But if Orbot is already doing it for all applications, then it doesn't seem useful.
yabu
Newbie
*
Offline Offline

Activity: 19


View Profile
November 24, 2013, 06:16:18 PM
 #9

Exactly what kind of an attack could a rogue exit node orchestrate?

And why is the android wallet more vulnerable than the satoshi client?
Mike Hearn
Legendary
*
Offline Offline

Activity: 1526


View Profile
November 24, 2013, 07:02:30 PM
 #10

It could feed you transactions that are fake and will never confirm. If you're not waiting for confirmations, then you could be fooled by this. The Satoshi client has all the data needed to validate even unconfirmed transactions, so the tx can't actually be fake (although with a MITM you cannot know if the tx was really propagated and thus, whether it could be double spent).

Basically, Tor is bad news unless you're OK with waiting for confirmations (preferably, several), and that's true regardless of which client you use. Even if you THINK you're OK with waiting, the MITM could filter out block announcements so you just think the network is being really unlucky and not finding a block, so you give up waiting and decide to risk it.
yabu
Newbie
*
Offline Offline

Activity: 19


View Profile
November 24, 2013, 09:23:30 PM
 #11

Ok, thanks for the info
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!