On 2018-09-22 06:29, Alec Muffett wrote:
...and it makes me wonder how far back up the chain of hops towards the client, that the circuit ID is visible to a malicious relay? Is it mostly-hidden several onion-skins down? I presume it's not trackable all the way from the client's guard?
Hey Alec!
The circID is scoped under a given connection between adjacent nodes.
A relay node maintains a mapping of circIDs for a circuit - mapping the forward and backward circID - for traffic it is relaying.
So for a circuit ... client <-ID_a-> guard <-ID_b-> middle <-ID_c-> exit
... each of the ID_*s are independent, and any node only knows the IDs immediately "adjacent" to it. Each connection (e.g. each client to that guard) has a independent enumeration/allocation of IDs.
Hope that helps! Dave