Tor node attrition; or, The Trouble with Peerage \ stacker news ~bitcoin

pull down to refresh

Tor node attrition; or, The Trouble with Peerage

3047 sats \ 12 comments \ @elvismercury 3 Jan bitcoin_beginners

A little while ago I was wrestling with getting my node to get a decent pool of Tor connections -- it would basically get like 13 and then just sit there; whereas, when I ran the thing on clearnet, it would get whatever the max I set was, 50 or whatever. So people helped me and I wrote a script that jumped randomly through candidate Tor nodes that @emmanuelrosa had found and tried to add them. With this method I could get as many as I wanted.

So I did another very basic experiment: add nodes till I get sixty, and then turn off my monitoring script, and see what happened. Well, what happened every time was steady attrition -- once I stop the script that actively cultivates new Tor connections to keep the number of peers at a set point, they just drain away. I started at 60, and five or so days later, I'm at ... 35.

I'm just screwing around here, but is this normal? Is the Tor btc network this flaky and terrible for other people? I note that my MyNode node (running on a raspberry pi) which is also Tor-only has a total of 21 peers, after running for months, and when I checked five days ago, it was at 13, so at least that one has gained peers.

Basically, I'm curious if this scenario seems weird to anyone who actually knows what they're doing; or if anyone can offer insights into Tor peering. Like I said earlier, I can solve this through external means, but I'd like to understand better the trouble w/ peerage because I am curious and obsessive.

view all related items

428 sats \ 5 replies \ @anon 4 Jan

Bitcoin Core tries to maintain 10 outbound connections. Since you mention "Tor-only", I guess you are running with -onlynet=onion, right? If so, then all 10 of the outbound connections will be made to Tor peers. Here is a an example command to see your connections:

bitcoin-cli getpeerinfo | jq 'map({inbound: .inbound, addr: .addr, network: .network})'
# or
bitcoin-cli -netinfo 1

If your node is listening (accepting inbound connections), then you will likely get more than 10 total, but it depends on how well your .onion address is propagated into other peers' databases and the overall demand for Tor peers.

Here is a command to check what .onion addresses are in a node's address database:

bitcoin-cli getnodeaddresses 0 | jq -r 'map(select(.network == "onion")) | .[].address'

For my node that returns about 14k addresses. You can check this on your friends' or other nodes' databases and see if the address of your node is present there.

Are you using bitcoin-cli addnode ...onion:8333 add or bitcoin-cli addnode ...onion:8333 onetry? I guess what you are observing is that you are adding manually outbound peers and then over time some of those connections are dropped which is normal and are not reestablished.

0 sats \ 4 replies \ @elvismercury OP 4 Jan

Yup, running onlynet=onion and onetry vs add - I don't want to waste time trying to reconnect a million times given the attrition I'm seeing.

f your node is listening (accepting inbound connections), then you will likely get more than 10 total, but it depends on how well your .onion address is propagated into other peers' databases and the overall demand for Tor peers.

This is the heart of it, I guess - the drastic difference between how this works in practice w/ Tor nodes vs clearnet ones. It surprises me given that I suspect the Tor nodes are running on out-of-the-box nodes like MyNode, etc., that are long-lived, so the high rate of attrition is surprising.

But like I said, my surprise could just be because I'm an idiot. So far it sounds like my experience is not perplexing to people who are also doing this, so the evidence for my idiocy is increasing.

108 sats \ 3 replies \ @anon 5 Jan

difference between how this works in practice w/ Tor nodes vs clearnet ones.

The only difference should be that there are more clearnet nodes and thus more demand for nodes that accept clearnet connections.

For example, my node has 112 inbound connections (has accepted 112 connections from others) from which 11 are from Tor nodes.

bitcoin-cli getpeerinfo | jq 'map(select(.inbound)) | length'
bitcoin-cli getpeerinfo | jq 'map(select(.inbound and .network == "onion")) | length'

A note about running with -onlynet=onion - this way the node is more likely to fall victim of a sybil attack - because it is cheap to create .onion addresses somebody may create a lot of them and the victim's node to make all 10 outbound connection to the attacker. To avoid sybil just one connection to a honest node suffices. Now, unless there is a very specific reason for -onlynet=onion you may configure Bitcoin Core to connect also to clearnet peers via the Tor network. This will protect your nodes' whereabouts and will use the Tor exit nodes to connect to clearnet nodes. To sybil that one would need to control Tor exit nodes as well, or a lot of clearnet nodes.

11 sats \ 2 replies \ @elvismercury OP 5 Jan

Yup, understood wrt Tor / sybil.

My goal is to leak no IP info, so I'm starting w/ Tor-only. @ek was giving me a lot of help wrt using Core w/ a VPN, but I haven't yet come back to that one. In a pinch I know I can use the VPN and not care about port forwarding, but I've got a rock in my shoe about solving it the 'right' way.

108 sats \ 1 reply \ @anon 5 Jan

You might as well run with -proxy=127.0.0.1:9050 (assuming this is where your Tor SOCKS5 proxy is listening) and omit the -onlynet=onion option. Then Bitcoin Core will be able to connect to IPv4, IPv6 and Tor peers, all via the Tor network, so the IPv4/6 peers pose no threat to revealing your IP address. This actually uses the entire Tor network as one big VPN with multiple exit points (the Tor exit nodes), also used by many others with the added benefit of being able to connect to .onion addresses without exiting the "VPN" ;)

0 sats \ 0 replies \ @elvismercury OP 5 Jan

Oh great, that sounds like it gets me everything I want. Have made the change and re-started. Thanks :)

54 sats \ 3 replies \ @SimpleStacker 4 Jan

Fascinating. I also run a node over Tor and I have about 20ish peers. I didn't change conf settings from the default, so I guess that's less than the max?

I don't have any idea as to why this is though, that is beyond my level of technical knowledge.

30 sats \ 1 reply \ @elvismercury OP 4 Jan

Good data point -- are you running a pre-packaged node (Umbrel, MyNode, etc?)

27 sats \ 0 replies \ @SimpleStacker 4 Jan

No, I set it up on my own from a fresh Linux install on a Raspberry Pi. I followed the instructions on https://raspibolt.org

0 sats \ 0 replies \ @anon 5 Jan

Fascinating. I also run a node over Tor and I have about 20ish peers. I didn't change conf settings from the default, so I guess that's less than the max?

If you are accepting inbound connections only on the Tor network (that is, your node can only be reached using your .onion address), then probably it is the same:

how well your .onion address is propagated into other peers' databases and the overall demand for Tor peers

You have about 10 inbound connections from Tor nodes. My node has 11 and has been running for a loong time without changing its .onion address, so it should be well propagated.

27 sats \ 1 reply \ @shadowybadger 4 Jan

Leaving this tab open - it warrants further investigation IMO.

27 sats \ 0 replies \ @nym 4 Jan

Yea it is a good question and odd behavior.