Bitcoin Core opened port on Tor?

[crypto_curious]

Hi All,

0. Current situation: non-pruned full Bitcoin Core node with open 8333 port, 700GB monthly upload

1. What I want to achieve: same but with Tor proxy (SOCKS5 proxy on 9050 port), I don't know which port to open? I don't want to expose my system, only open one single port for Bitcoin Core to use with Tor. How should I configure tor config file so it only exposes Bitcoin Core? Which port to open? I am using JoinMarket on this Tor as well, this doesn't need any incoming connections I think, as it runs on IRC chat.

2. What I want to achieve ultimately: same as above, but with onlynet=onion option. Right now, If I set that, I have only 1 outgoing connection and that's it. I want port open so I can announce Core's "hidden service" via Tor, so I can have incoming connections to it.

Any help appreciated! Thanks.

Bitcoin Core's bitcoin.conf:

Code:

testnet=0
server=1
rpcuser=x
rpcpassword=x
txindex=1
zmqpubrawblock=tcp://127.0.0.1:29000
zmqpubrawtx=tcp://127.0.0.1:29000
addresstype=p2sh-segwit
deprecatedrpc=signrawtransaction
dbcache=1024

# 300 KB/s = 25313 MB per day
maxuploadtarget=25313

#JoinMarket options
walletnotify=curl -sI --connect-timeout 1 http://localhost:62602/walletnotify?%s
alertnotify=curl -sI --connect-timeout 1 http://localhost:62602/alertnotify?%s
disablewallet=0

# Tor
proxy=127.0.0.1:9050
listen=1
bind=127.0.0.1
#onlynet=onion

System is Linux AMD64, Bitcoin Core is v0.19.0.1, Tor service is 0.3.5.8-1, all settings default (installed via system's repository), running on 9050 port.

[1715089011]

1715089011

[BitMaxz]

I don't have much knowledge of configuring the tor hidden service but I found some useful video and guide to configure your tor.

Check these two links below.

- https://youtu.be/57GW5Q2jdvw
- https://github.com/bitcoin/bitcoin/blob/master/doc/tor.md

[crypto_curious]

Thanks, just upgraded to 0.4.2.6-1.
Will now read the manuals you guys linked and proceed with opening Tor ports.

[crypto_curious]

I configured everything following the manual. I've got this in Core's debug.log:

Code:

2020-02-22T13:04:56Z tor: Reading cached private key from /home/xxx/onion_private_key
2020-02-22T13:04:56Z tor: Successfully connected!
2020-02-22T13:04:56Z tor: Connected to Tor version 0.4.2.6
2020-02-22T13:04:56Z tor: Supported authentication method: COOKIE
2020-02-22T13:04:56Z tor: Supported authentication method: HASHEDPASSWORD
2020-02-22T13:04:56Z tor: Supported authentication method: SAFECOOKIE
2020-02-22T13:04:56Z Leaving InitialBlockDownload (latching to false)
2020-02-22T13:04:56Z tor: Using HASHEDPASSWORD authentication
2020-02-22T13:04:56Z tor: Authentication successful
2020-02-22T13:04:56Z txindex is enabled at height 618506
2020-02-22T13:04:56Z txindex thread exit
2020-02-22T13:04:57Z tor: ADD_ONION successful
2020-02-22T13:04:57Z tor: Got service ID xxx, advertising service xxx.onion:8333
2020-02-22T13:04:57Z tor: Cached service private key to /home/xxx/onion_private_key
2020-02-22T13:04:57Z AddLocal(xxx.onion:8333,4)

Tor's log says:

Code:

Tor[18016]: New control connection opened from 127.0.0.1.

All Bitcoin Core's activity goes through Tor SOCKS5 proxy, which is excellent.

Tor detects Bitcoin Core connection to control port. Bitcoin Core automatically establishes onion hidden service. My hidden service is available via xxx.onion:8333 (I replaced original name with xxx).
I still don't have Incoming connections in the Core. Got only 10 outgoing connnections. I have port 8333 opened in my router previously (which enables Incoming connections in normal, non-Tor mode).

Can I (or someone), using another Bitcoin Core node (with Tor), try to connect to my Bitcoin Core hidden service by using -addnode=xxx.onion.8333? So I can verify it works?

[crypto_curious]

Can I (or someone), using another Bitcoin Core node (with Tor), try to connect to my Bitcoin Core hidden service by using -addnode=xxx.onion.8333? So I can verify it works?

You can use service such as https://bitnodes.io/ to check whether your full node is reachable

Yes, I've used it in the past to verify that my normal node works. It did, port was opened and I had many incoming connections.

Now, Bitnodes page says:

xxx.onion:8333 is unreachable.

Does Bitnodes page understand .onion pages at all? I have 10 outbound connections in Core but 0 incoming connections.

[crypto_curious]

Thank you. Looks like status has catched up and I am online! Accessible from outside.
Bitnodes says:

Code:

    xxx.onion:8333
    UP
    Connected since 2 hours ago
    735 ms
    Average latency
    /Satoshi:0.19.0.1/
    User agent
    70015
    Protocol version
    NODE_NETWORK, NODE_WITNESS, NODE_NETWORK_LIMITED (1033)
    Services
    618609 (99.99%)
    Height
    Tor network
    Network
    TOR
    ASN

That's fantastic! Thanks for help!

I have one incoming peer from bitnodes.io, visible in Bitcoin Core. No other incoming connections. I guess that's because Tor nodes are not that popular like normal nodes. Hopefully overtime I will have more connections established. Now I can contribute to Bitcoin network in most secure way.  

EDIT: I think I will also consider running normal plain-internet node with open port, so I can seed to other people. Right now I am not uploading much, because I don't have incoming connections from other Tor nodes. I wonder how to do that under one Linux user, can I run two separate Bitcoin Core instances?

[crypto_curious]

Thank you.

Now I have 3 incoming connections, all from other .onion enabled Bitcoin Core nodes. There isn't as many nodes operating in Tor as in clearnet, but all is good I will leave it as it is.