#tor #arti

tor-hsservice

Arti's implementation of an onion service provider

5 releases (breaking)

0.7.0 Feb 5, 2024
0.6.0 Jan 9, 2024
0.5.0 Dec 4, 2023
0.4.0 Oct 31, 2023
0.3.0 Oct 2, 2023

#1233 in Cryptography

Download history 58/week @ 2023-10-31 39/week @ 2023-11-07 28/week @ 2023-11-14 39/week @ 2023-11-21 73/week @ 2023-11-28 34/week @ 2023-12-05 31/week @ 2023-12-12 26/week @ 2023-12-19 34/week @ 2023-12-26 14/week @ 2024-01-02 206/week @ 2024-01-09 148/week @ 2024-01-16 95/week @ 2024-01-23 96/week @ 2024-01-30 168/week @ 2024-02-06 104/week @ 2024-02-13

494 downloads per month
Used in 7 crates (4 directly)

MIT/Apache

4MB
71K SLoC

tor-hsservice

Provide an onion service on the Tor network.

Overview

This crate is part of Arti, a project to implement Tor in Rust.

It provides a service-side implementation of the onion service protocol, which enables Tor clients to provide a responder-anonymous service on the network. Other parties can connect to an onion service without learning where it is hosted.

This crate provides a low-level implementation of the onion service protocol that may not be suitable for typical users. Most users will instead want to use the arti binary to run an onion service proxy, or use the TorClient::launch_onion_service API in the arti-client crate.

Limitations

This crate is a work in progress.

As of February 2024, there are some features missing that are necessary for running a secure, private onion service. Notably these include:

  • Resistance to denial of service attacks
    • Support for proof-of-work checking and validation
    • Detection and response to out-of-memory conditions
  • Vanguard relays for resistance to path discovery
  • Descriptor encryption keys, so that only certain clients to connect to the service.
  • Removal of old keys and state information. (Currently, the on-disk state will grow slowly but without bound, with sensitive information retained indefinitely.)

Reference

You can learn more about the protocols here as part of the onion services Specification.

LICENSE: MIT OR Apache-2.0

Dependencies

~26–38MB
~587K SLoC