node-Tor

Applicant background

I have been involved since quite some time in privacy/security projects and did participate in many lists/groups (W3C, ecmascript, browsers bugs report, liberationtech, Tor, p2p-hackers, webp2p, etc)

I was a member of the W3C WebCrypto working group, and as such suggested many things related to the Tor protocol, I did motivate also the revival of the W3C (dead and depecrated) Streams API and helped to adapt it to what is needed today

I am also registered as security/privacy expert at the EU level and did participate as evaluator of cybersecurity H-2020 proposals

I am in contact with the Tor project people since the beginning and did report some bugs in the Tor bug tracker, I am also in contact with many people in the community including devs and academics

For more information please see https://fr.linkedin.com/in/aymeric-vitte-05855b26 and http://www.peersm.com/CVAV.pdf

Description of Problem or Opportunity

The problem today is that we must invent one network per need if we want to evade big data centralization and protect privacy/anonymity: to browse, to chat, to email, to exchange files, to do social networking or cooperative work, to do crypto currency, to protect the users from their connected objects, to handle peer identities

node-Tor allows to anonymize any protocol on any platform fix or mobile, it has the unique property to work inside browsers also, please see some of the use cases/discussions here: https://github.com/Ayms/node-Tor#examples--use-cases

Proposed Solution

The ultimate target of node-Tor would be the Convergence proposal: A universal and generic architecture to anonymize any application or protocol and turn it into an independent decentralized p2p network inside browsers and servers, with browsers acting as servers

For this grant we propose to finish and release phase 4 of node-Tor implementing the evented pipe methods allowing to pipe any protocol with node-Tor, including bitcoin/zcash, wallets, spv clients, please see https://github.com/Ayms/node-Tor#phase-4-and-phase-5

Solution Format

Open source node-Tor js code and associated documentation in github repo https://github.com/Ayms/node-Tor

Technical approach

node-Tor should not be misunderstood with the Tor project code and features, this is a complete implementation of the Tor protocol not mimicking some specifics of the Tor project which are dedicated to be used with the Tor Browser

The complete code is quite small for what it does, only 500 kB minified, with zero dependencies since everything is embedded in the code (crypto, etc)

How big of a problem would it be to not solve this problem?

Current use by bitcoin/zcash and others of the Tor network is not appropriate, even dangerous, the Tor network is small and centralized, it is intended to be used via the Tor browser with many specific features that do not apply to crypto currencies, and it is not dimensionned to absorb crypto currencies traffic neither designed to anonymize transactions and nodes, knowing also that crypto currency nodes operators are most likely not Tor network experts for the settings, please see this discussion https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2021-December/019668.html

But as showned above in the use cases, the goal is not limited to crypto currency networks, it can apply to any protocol like visioconf, covid apps, etc

Execution risks

There are no risks, while the documentation is already available it remains difficult to use node-Tor in its current state despite of the fact that it is now modular and ES6 like, phase 4 is when it becomes easy and when I am not required any longer to integrate/extend it

Unintended Consequences

As always with this kind of project, if it can be used to protect people then it can be used to do the contrary and/or by "bad" people

Evaluation plan

While releasing phase 4 we will revive the Peersm demo, which is a demo of node-Tor inside browsers where the browser is implementing the Onion Proxy function allowing to anonymously fetch web resources (not to be misunderstood with browsing) and download content from other browsers running Peersm also, see the configuration here (using browsers, node-Tor nodes and Tor network nodes) : https://github.com/Ayms/node-Tor/tree/c98db366ada656c20131d07fe071ba9737805c2c#test-configuration-and-use

Schedule and Milestones

Two months

Budget

The project is currently stuck between phase 3 and phase 4, so phase 4 is partially implemented (funded by myself), we estimate two months to finish it and set the Peersm demo, so a total of 5 months with 10K USD per month, which is comparable to EU Grants rate of 60 E/hour for 140 hours a month

Tipping

Tips Received
???  
ZEC
Accepted without fundingThis proposal has been posted publicly, but isn't being funded by the Zcash Foundation.

Campaign

Started
5 months ago
Requested Funding
$50,000
Open for Community Donations