[tor-dev] Arti (was Re: ARTI)
nickm at torproject.org
Sat Dec 12 16:49:51 UTC 2020
On Fri, Dec 11, 2020 at 12:31 PM Zaphoid <Zaphoid at protonmail.com> wrote:
> Greetings Tor-Dev,
> I've watched Nick's presentation on State of the Onion and have read the "Tor in 2021" blog post searching for more details on A Rust Tor Implementation (ARTI). I think Rust is a fascinating language and looking to further my knowledge of it and Tor's internals as they are developed.
Hi, Zaphoid, and thanks for the email!
The official repository is at
https://gitlab.torproject.org/tpo/core/arti/ ; most of the info on it
> I understand that some Rust implementation is available in the source repository. What I am looking for is a road-map or planned outcome. Could anyone advise if the intent is to completely re-write the Tor client in Rust? Or, is the project's goal to rewrite specific components?
[tl;dr: All these plans are tentative and subject to change. I would
_like_ to eventually replace all of our C with Rust, but that is going
to take a long time, and will depend on resources. For now, we're
going to continue supporting the C code, and we plan to do so at least
until the Rust code is ready to replace it. There is no timeline.]
Okay, so first: this is still an experimental project, so I can't make
promises. I don't know how it's going to go, and I'm still learning
Also, Tor's plans are always, and forever, at least a little flexible
and amorphous. Our only _permanent_ plan is that we will defy all
obstacles to use whatever resources we have to bring stronger privacy
to the world. Other plans are always subsidiary to that, and dependent
on our resources. [Please donate to our end-of-year fundraising
campaign if you can, everybody.]
With those disclaimers aside: I do _want_ to eventually replace the C
version of Tor as a client, for most users, with a Rust
implementation. Eventually, if that works out, I'd like relays and
authorities to be written in Rust too.
The motivation here is not just for the additional safety and
performance that Rust can bring us. For me, the most important reason
to move towards Rust is maintainability. Rust gives us tools that
make it much easier to write a maintainable, well-structured,
well-tested set of programs, and to develop those programs in the
future. I'm confident that a Rust implementation of Tor would still
be comprehensible and maintainable by a different set of programmers
in 20 years; I don't have the same confidence about a C
Of course, that won't be easy. (I know. I've been working on the C
version since 2002, so it would be a bit shocking if the Rust version
replaced it right away.) We have to choose where to spend our time,
and we can't walk away from the C while it's still our best
implementation. We'll be supporting the C version of Tor for the
future, I think -- probably for quite a few years. It's possible that
at some point the two implementations will converge, but that might be
tricky: the C implementation's structure is not really conducive to
having parts of it replaced.
So where are we now, and what's the roadmap?
Right now, if you know how to download and compile Rust programs, you
can build Arti. It can run as a SOCKS proxy and use the Tor network.
I wouldn't recommend it for serious use yet: it doesn't support onion
services, guards, bridges, and a lot of other security features that
Tor provides, and it's still pretty early in development. As they
say, "When it breaks, you get to keep both pieces."
Over the coming months, I want to work to close the gap between Arti
and C Tor. There's an approximate list of the stuff we'll need to do
in order to get there in the TODO file in the Arti repository. (No
guarantees that I haven't forgotten anything) How fast we can make
progress on this work is dependent on how much of our time we can
spend on it, and how many people can help us out. So if anybody here
is interested in Rust, why not have a look at the codebase, and see
what you think?
(Also, there's no need to name any of my software in all-caps. It's
just "arti" for now, or "Arti" if you really like to capitalize proper
More information about the tor-dev