kangasbros
|
|
February 01, 2012, 09:46:56 AM |
|
There have been some ideas, where you could "incentivize" tor relays and exit nodes with bitcoin payments. This would be awesome idea. However, not that easy to implement. Maybe we will see something similar to it though someday.
|
|
|
|
muyuu
Donator
Legendary
Offline
Activity: 980
Merit: 1000
|
|
February 01, 2012, 10:04:56 AM |
|
Can't see this working as it would weaken anonymity.
The best ways to improve Tor are: -running a relay -promoting its use
There are experimental P2P systems where traffic is exchanged as a currency. Bittorrent also has a loose currency basis (ratios). Improvements in this area would be something to do with Tor only and unrelated to bitcoin. You don't want to integrate them and most importantly you don't want to establish traceable links between both accounts.
|
GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D) forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
|
|
|
EhVedadoOAnonimato
|
|
February 01, 2012, 10:31:22 AM Last edit: February 01, 2012, 10:57:36 AM by EhVedadoOAnonimato |
|
There are experimental P2P systems where traffic is exchanged as a currency. Bittorrent also has a loose currency basis (ratios). Improvements in this area would be something to do with Tor only and unrelated to bitcoin. You don't want to integrate them and most importantly you don't want to establish traceable links between both accounts.
The advantage of integrating it with bitcoin is the fact that bitcoin is a generic currency, that may be traded for anything else. With a "bandwidth currency", all you can is trade bandwidth for bandwidth. With a generic currency, people who want to consume bandwidth can pay with other means, while those who have the means to provide more bandwidth can earn something else from it. Basically, it is the advantage of money over barter. Unless, of course, your 'bandwidth currency' can also be traded as money, but then you're just creating a new digital currency - why not use the best one we already have available? Some discussions on this topic have already happened on these boards. I'm trying to find them, if I do, I'll come back and edit this post with a link. The greatest technical challenge is to make really tiny payments. You can't embed multiple bitcoin transactions inside each tor packet. EDIT: Here's the topic; https://bitcointalk.org/index.php?topic=53551.0;all
|
|
|
|
Revalin
|
|
February 01, 2012, 10:49:03 AM |
|
Can't see this working as it would weaken anonymity. .... Improvements in this area would be something to do with Tor only and unrelated to bitcoin. You don't want to integrate them ... You're making some big assumptions and stating them as fact. I'm pretty sure that a simple, workable scheme to pay for transit with mining hashes can be made without compromising anonymity. I'm skeptical that paying with BTC directly would work, but I'm not done with the paper linked above yet. They're doing a pretty good formal analysis of the idea from what I've read so far.
|
War is God's way of teaching Americans geography. --Ambrose Bierce Bitcoin is the Devil's way of teaching geeks economics. --Revalin 165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g
|
|
|
muyuu
Donator
Legendary
Offline
Activity: 980
Merit: 1000
|
|
February 01, 2012, 11:02:35 AM Last edit: February 01, 2012, 02:21:23 PM by muyuu |
|
Can't see this working as it would weaken anonymity. .... Improvements in this area would be something to do with Tor only and unrelated to bitcoin. You don't want to integrate them ... You're making some big assumptions and stating them as fact. I'm pretty sure that a simple, workable scheme to pay for transit with mining hashes can be made without compromising anonymity. I'm skeptical that paying with BTC directly would work, but I'm not done with the paper linked above yet. They're doing a pretty good formal analysis of the idea from what I've read so far. Sure, if you take the "integration" part away and provide an anonymity layer then something viable is possible. It then would also by possible via cash or any other form of exchange... My point is that any kind of "Tor reward scheme" would be mainly a Tor thing, and any relation with BTC wouldn't be natural. Sure, you can pay in BTC as you can pay in BTC for many other things. The assumptions I made there were just taking the original proposal in this post in its most direct implementation. I was actually going to reply to your first post but then you posted almost exactly what I was going to reply. BTW I'm going to start a relay at home today. Had it in the past, didn't care too much about it lately... but now I'm realising again it's very important and this post just reminded me. EDIT: typo
|
GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D) forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
|
|
|
slush
Legendary
Offline
Activity: 1386
Merit: 1097
|
|
February 01, 2012, 02:14:13 PM Last edit: February 01, 2012, 02:32:40 PM by slush |
|
Mining directly for Tor relay won't work very well, for many reasons. Firstly, you cannot communicate with relay directly, because it leaks your real identity (IP), so you need to build circuit to the hidden service linked with the relay and you need to do this for every relay you want to use in the future. It's not easy and definitely not elegant.
However the idea of "mining for bandwidth" _is_ pretty good. I agree that using Bitcoins directly for paying for bandwidth isn't anonymous enough for common users, although it still may work good enough for some users (not everybody care about 100% anonymity, many of Tor users simply need to avoid IP limitations etc).
My basic proposal is following (it can be extended in many ways, but I want to describe main idea): 1. Anonymous mining pool with slightly different interface; pool will return unique redeemable code for every submitted share instead of accounting 0.000001 BTC on some user's account. Miner can change identity (use different Tor circuit to pool hidden service) every few minutes, so pool have no link between issued redeemable codes.
2. Relay publish some contract about premium bandwidth to Tor relay directory (public list of Tor relays).
3. Tor client has its automatic circuit manager, which can be turned off easily. Instead of buildin defaults, custom circuit manager should pick information about premium bandwidth nodes from tor directory and build circuit using preferred relays. Tor client should pick few redeemable codes for every relay in future circuit and encrypt them using relay's public key (already exists in tor relay directory) and ask entry node to route those encrypted codes to relay during building the circuit.
4. Every relay during building the circuit will receive redeemable codes and redeem them against the issuer (link to issuer's API should be as a part of the data). If redeeming is succesfull, relay should use premium bandwidth for given circuit.
In this way, using premium circuits might be really anonymous, because there's no identity leak. Also extending the protocol should be pretty straighforward; only distributing of encrypted redeemable codes must be implemented into the currect Tor protocol.
Principle of redeemable codes can be pretty flexible, too. When some people don't care about anonymity so much, they can "trade" bitcoins for redeemable code with some issuer hidden service. In this way, user is as anonymous as much used coins are laundered. There's also identity leak because issuer knows which redeemable codes are linked together (because they were traded for some bitcoins in one operation). Of course this can be obfuscated somehow (one guy can buy X codes from some issuer and then sell them anonymously for drugs or guns on SL, so drug dealer can use premium bandwidth on Tor and his identity isn't linked to any coins used for buying redeemable codes).
There are still some problems: * Tor relay can accept redeemable codes, but don't provide promised service quality. * Although Tor relay need constant amount of coins per MB (relaying is not affected by Bitcoin difficulty), rising Bitcoin difficulty can make this concept useless for common people without strong mining rigs. * Using specific relays may be pretty insecure. Until premium bandwidth will be provided by the majority of the network, attacker can provide significant count of premium relays, so there will be pretty big chance that both entry and exit node will be under the control of the attacker. However this can be solved (for example) by paying for premium bandwidth only on exit node, because exit node is usually the bottleneck.
|
|
|
|
slush
Legendary
Offline
Activity: 1386
Merit: 1097
|
|
February 01, 2012, 02:20:31 PM |
|
My point is that any kind of "Tor reward scheme" would be mainly a Tor thing, and any relation with BTC would't be natural.
I agree with you, using bitcoins directly isn't sounding idea, because bitcoins have serious problems with anonymity. However bitcoin mining is pretty elegant way how to obtain some valuable item anonymously. So bitcoin(mining) + intermediate layer for distributing the value in the tor network (redeemable codes in my proposal) + Tor should work pretty good.
|
|
|
|
hashman
Legendary
Offline
Activity: 1264
Merit: 1008
|
|
February 01, 2012, 02:49:27 PM |
|
Not sure if it is exactly in line with OP idea but I saw in this forum another suggestion for monetizing TOR relay nodes.
In addition to the problem of not enough relays there is the problem that relays announced publicly can be found by those that would wish to block them, which is regluarly done and effects users e.g. behind the great firewall.
By charging a small amount for the relay info such attempts to block access to sites from TOR exit nodes or to block people connecting to relays would become more expensive.
|
|
|
|
slush
Legendary
Offline
Activity: 1386
Merit: 1097
|
|
February 01, 2012, 03:03:58 PM |
|
In addition to the problem of not enough relays there is the problem that relays announced publicly can be found by those that would wish to block them, which is regluarly done and effects users e.g. behind the great firewall.
There are Tor bridges, private relays who're not published on tor router list. They're acting as entry nodes and it works for users behind Great Firewall pretty well. Btw it is possible to ask them directly for "premium bandwidth contract" even without extending the Tor protocol. By charging a small amount for the relay info such attempts to block access to sites from TOR exit nodes or to block people connecting to relays would become more expensive.
That won't work, it will just block regular users from using Tor if they won't be able to "pay" for router list. Once you have some access to Tor network, you can detect all exit node IPs in one hour using simple script. That's also the reason why Tor relay list is publicly accessible, because every attempt to hide it is "security by obscurity".
|
|
|
|
BTCurious
|
|
February 01, 2012, 03:35:06 PM |
|
Is it possible to only pay the tor entrance node in bitcoin? That one already knows your IP anyway…
|
|
|
|
MacRohard
|
|
February 01, 2012, 04:18:47 PM |
|
seems like this could be sortof implemented by the tor exit nodes putting up a donation address on the webserver tehy run on the exit IP. Then people who use the service could donate to them.
|
|
|
|
slush
Legendary
Offline
Activity: 1386
Merit: 1097
|
|
February 01, 2012, 04:20:38 PM |
|
Is it possible to only pay the tor entrance node in bitcoin? That one already knows your IP anyway…
Yes, it is possible, but there's no big benefit in it, because usually the bottleneck is exit node, not entry node. Also by paying only for entry nodes, you're revealing that you're the client, which is leaking useful information for malicious nodes.
|
|
|
|
slush
Legendary
Offline
Activity: 1386
Merit: 1097
|
|
February 01, 2012, 04:23:18 PM |
|
seems like this could be sortof implemented by the tor exit nodes putting up a donation address on the webserver tehy run on the exit IP. Then people who use the service could donate to them.
Yes, donating exit nodes is in my opinion the most important, because it's much harder to run exit nodes than classic relay (you need to fight all those DMCA calls, for example). If you simply want to donate for building better Tor infrastructure, then feel free to send few coins to torservers.net, they're doing really good job for Tor. But if you want to "donate" for specific exit and then use some premium bandwidth, you still need changes in Tor protocol to auth yourself as a donator...
|
|
|
|
EhVedadoOAnonimato
|
|
February 01, 2012, 04:28:24 PM |
|
In addition to the problem of not enough relays there is the problem that relays announced publicly can be found by those that would wish to block them, which is regluarly done and effects users e.g. behind the great firewall.
There are Tor bridges, private relays who're not published on tor router list. They're acting as entry nodes and it works for users behind Great Firewall pretty well. AFAIK, the great firewall had blocked bridges. Tor is unusable inside of China. After all, to block bridges, all they've got to do is pay some people to spend the day on the Internet, creating google accounts and requesting more bridge IPs... Finally, if you want to see ideas on how to monetize Tor relays, you should really take a look on the thread started by Mike Hearn that I linked above. Here's the link again: https://bitcointalk.org/index.php?topic=53551.0;all
|
|
|
|
slush
Legendary
Offline
Activity: 1386
Merit: 1097
|
|
February 01, 2012, 04:41:10 PM |
|
AFAIK, the great firewall had blocked bridges. Tor is unusable inside of China.
Maybe, but there's simply no algorithm how to spread entry IPs between honest people and don't give it to China government :-). Paying for entry IPs isn't a solution, China still have much more money than chinese disidents. What exactly you want to apply from Mike's proposal here? I think he's solving slightly different problem.
|
|
|
|
EhVedadoOAnonimato
|
|
February 01, 2012, 05:11:26 PM |
|
He's solving the problem of how to pay independent, anonymous and untrusted routers for the job of routing your packets. Tor relays are just like routers. The same technique discussed there could be applied to the Tor network, taking the appropriate measures never to leak identity. I'm just not sure if it would really help (if people are willing to pay, if the offer of a few cents would motivate more people to set up a relay etc).
And yes, paying for access wouldn't make Tor any more resistant against the Chinese government, I know. But if such protocol is implemented and it works, it could be used by mesh networks one day, once the hardware is good enough. That could be interesting, and could help fight censorship.
|
|
|
|
Revalin
|
|
February 02, 2012, 02:57:17 AM |
|
Mining directly for Tor relay won't work very well, for many reasons. Firstly, you cannot communicate with relay directly, because it leaks your real identity (IP), so you need to build circuit to the hidden service linked with the relay and you need to do this for every relay you want to use in the future. It's not easy and definitely not elegant. I imagine it as an incompatible fork of TOR. When you go to build the circuit, nested tunnels are created to each successive relay node. At that time you're already communicating with those nodes, so adding getwork/submit results into the protocol wouldn't be hard. 1. Anonymous mining pool with slightly different interface; pool will return unique redeemable code for every submitted share instead of accounting 0.000001 BTC on some user's account. Miner can change identity (use different Tor circuit to pool hidden service) every few minutes, so pool have no link between issued redeemable codes. This would require centralized accounting. If the codes are completely independent it would be a LOT of bookkeeping. If the codes are pooled on an account that's used for a few minutes at a time, each account could only be used with one relay node, AND only when connecting to that relay node through a specific path. That's a lot of complexity to add. It would increase setup time since you would have to mine for several minutes to connect to the first node, then several minutes for the next node and so on. If you allow premining or saving unused credits, it would also eliminate one of TOR's protections: forward secrecy. If you save the account number on your computer, someone who logged your connection from an exit node would then be able to prove it was yours after seizing your computer. For all those reasons I think it's better to mine in realtime for each node, only accumulating credits for as long as your tunnel is up. Although Tor relay need constant amount of coins per MB (relaying is not affected by Bitcoin difficulty), rising Bitcoin difficulty can make this concept useless for common people without strong mining rigs. This is a concern for any of the proposals. Looking at it in a bigger picture than difficulty: you're providing value (a certain amount of security for Bitcoin) in exchange for value (transit). Your hardware will be able to contribute less value as time goes on. Net effect: the amount of transit you can afford with a given piece of hardware decreases. However, an average PC only gets more powerful with time. Right now you could probably mine in realtime for a reasonable amount of bandwidth even on a CPU. In the future even low-end GPUs will suffice. If ASICs happen and even GPUs become irrelevant, TOR-mine users will be able to buy a low-end HashASIC for $50. For those who simply can't afford it, there's always the regular free, slow, TOR network.
|
War is God's way of teaching Americans geography. --Ambrose Bierce Bitcoin is the Devil's way of teaching geeks economics. --Revalin 165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g
|
|
|
slush
Legendary
Offline
Activity: 1386
Merit: 1097
|
|
February 02, 2012, 10:28:28 AM |
|
I imagine it as an incompatible fork of TOR. When you go to build the circuit, nested tunnels are created to each successive relay node. At that time you're already communicating with those nodes, so adding getwork/submit results into the protocol wouldn't be hard.
I can imagine that my proposal can be compatible with current Tor and it's even less complex than "every relay is mining pool". Actually the only chance in your idea is "premine" traffic in every circuit, so you'll need to wait long time (hours?) before you'll be able to actually use the circuit. Don't forget that circuits are usually short-time constructs... This would require centralized accounting. If the codes are completely independent it would be a LOT of bookkeeping. No... why? getwork() -> mining -> submit() -> redeemable code received. Miner can even choose target difficulty of getwork, so one redeemable code can be the equivalent of 100 shares, for example (with target in getwork set to 100). No bookkeeping, no accounts, no identity revealed. Every getwork can be as anonymous as in your proposal, except that you can freely premine codes independently on the circuits you'll want use in the future. If the codes are pooled on an account that's used for a few minutes at a time, each account could only be used with one relay node, AND only when connecting to that relay node through a specific path. That's a lot of complexity to add. ...because you didn't catch the idea of redeemable codes. No account is needed on the pool. Every getwork can be isolated, so you can get completely unlinked pieces of value (=redeemable codes, which are equivalent of some well-defined work on the pool). However you're right that once you'll use redeemable code on one relay, you should not use it on another. But it's ok, because one code can be 100kB of transferred data. It would increase setup time since you would have to mine for several minutes to connect to the first node, then several minutes for the next node and so on.
No; that's the basic improvement against "mine on the relay". You can mine overnight for codes and then use them all during your one-hour session when you actually need it. If you allow premining or saving unused credits, it would also eliminate one of TOR's protections: forward secrecy. If you save the account number on your computer, someone who logged your connection from an exit node would then be able to prove it was yours after seizing your computer.
No, once you redeem the code, you drop it, because it is useless; relay will redeem it's whole value. For all those reasons I think it's better to mine in realtime for each node, only accumulating credits for as long as your tunnel is up.
I hope that I explained it better now :-)
|
|
|
|
Revalin
|
|
February 02, 2012, 11:05:03 AM |
|
Actually the only chance in your idea is "premine" traffic in every circuit, so you'll need to wait long time (hours?) before you'll be able to actually use the circuit. Why? Even CPU mining will generate a result in under a minute. GPU mining would have you going in seconds. I hope that I explained it better now :-) Yes, you're describing the "completely independent codes" scenario. How will you prevent double-spending the codes without accounting?
|
War is God's way of teaching Americans geography. --Ambrose Bierce Bitcoin is the Devil's way of teaching geeks economics. --Revalin 165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g
|
|
|
chsados
|
|
February 02, 2012, 11:24:51 AM |
|
Screw Tor, incentiveize a mesh network.
|
|
|
|
|