[tor-dev] Special-use-TLD support

Jeremy Rand biolizard89 at gmail.com
Tue Sep 29 00:59:32 UTC 2015

Hash: SHA256

On 09/28/2015 01:34 PM, Jeff Burdges wrote:
> On Sun, 2015-09-27 at 22:31 +0000, Jeremy Rand wrote:
>> Hi Jeff,
>> Thanks for working on this; Namecoin is definitely interested in 
>> this effort.  I have one comment.  SPV-based Namecoin clients 
>> will, under some circumstances, generate network traffic to
>> other Namecoin P2P nodes containing names being looked up.  To
>> avoid linkability, stream isolation should be used so that
>> different Namecoin lookups go over different Tor circuits if the
>> lookups correspond to TCP streams that go over different Tor
>> circuits. (Also, the choice of Namecoin nodes to peer with should
>> be different for each identity.)  Therefore, it seems to me that 
>> there should be a mechanism for Tor to provide stream isolation 
>> information to the naming systems that it calls, along with "new 
>> identity" commands.
>> The above issue doesn't affect full Namecoin clients, or SPV 
>> Namecoin clients that download the full unspent domain name set. 
>> I don't know enough about the GNU Name System to know how this 
>> issue affects it, if at all.
>> Thoughts on this?
> Yes.  I distrust running p2p applications not specifically
> designed for Tor over Tor.  The GNU Name System will therefore run
> the DHT process on volunteer Tor exist nodes, much like how DNS
> queries are handled by exit nodes.
> Imho, Namecoin should similarly develop a Tor Namecoin shim client 
> that contacts special SPV Namecoin clients running on volunteer 
> exit nodes. I'm working on a second torspec proposal that adds an 
> AnycastExit option to simplify this.
> In the long term, there are obviously concerns about bad exit 
> nodes, especially if there are only like two exits supporting 
> Namecoing or GNS, but currently so few people use GNS or Namecoin 
> that we can probably ignore this.

Hi Jeff,

Do I infer correctly that the main intention of this is to decrease
the possibility of attack by a Sybil attack on the Namecoin network,
by making the Namecoin peer selection process have similar properties
to Tor relay selection (which is relatively Sybil-resistant)?  (And I
guess this would also eliminate issues where a Tor client connects to
a Namecoin peer who also happens to be his/her guard node.)  If so, I
think I cautiously agree that this may be a good idea.  (I haven't
carefully considered the prospect, so there may be problems introduced
that I haven't thought about -- but from first glance it sounds like
an improvement over what Namecoin does now, at least in this respect.)

The issue I do see is that SPV validation doesn't work well unless you
ask multiple peers to make sure that you're getting the chain with the
most PoW.  So I gather that this would require connecting to Namecoin
peers running on multiple exit nodes.  I don't think that's
problematic, but it would have to be taken into account.

- -Jeremy
Version: GnuPG v2


More information about the tor-dev mailing list