pull down to refresh
Yup, understood wrt Tor / sybil.
My goal is to leak no IP info, so I'm starting w/ Tor-only. @ek was giving me a lot of help wrt using Core w/ a VPN, but I haven't yet come back to that one. In a pinch I know I can use the VPN and not care about port forwarding, but I've got a rock in my shoe about solving it the 'right' way.
reply
You might as well run with
-proxy=127.0.0.1:9050 (assuming this is where your Tor SOCKS5 proxy is listening) and omit the -onlynet=onion option. Then Bitcoin Core will be able to connect to IPv4, IPv6 and Tor peers, all via the Tor network, so the IPv4/6 peers pose no threat to revealing your IP address. This actually uses the entire Tor network as one big VPN with multiple exit points (the Tor exit nodes), also used by many others with the added benefit of being able to connect to .onion addresses without exiting the "VPN" ;)reply
Oh great, that sounds like it gets me everything I want. Have made the change and re-started. Thanks :)
reply
-onlynet=onion- this way the node is more likely to fall victim of a sybil attack - because it is cheap to create.onionaddresses somebody may create a lot of them and the victim's node to make all 10 outbound connection to the attacker. To avoid sybil just one connection to a honest node suffices. Now, unless there is a very specific reason for-onlynet=onionyou may configure Bitcoin Core to connect also to clearnet peers via the Tor network. This will protect your nodes' whereabouts and will use the Tor exit nodes to connect to clearnet nodes. To sybil that one would need to control Tor exit nodes as well, or a lot of clearnet nodes.