Hi guys, anyone tried creating an open node that operates only over tor? I'm following the monerodocs tutorial and only serving via tor hidden service; but after reading all the monerod documentation, reddit posts, etc, I'm not sure if the real clearnet IP of the node can be leaked. Using ufw I denied all incoming connections and allowed outgoing (the hidden service works with virtual ports so no need to open incoming ports) I

think the leak may come in relation to outgoing connections. I couldn't find any safe way to make the debian installation use tor system-wide

* incoming ports according to the ppst) I

* incoming ports according to the tutorial) I

I have.

--proxy=ip:port

(--proxy=127.0.0.1:9050 if tor on is on default ports)

Syncs over exit nodes.

> <@ofrnxmr:monero.social> --proxy=ip:port

> (--proxy=127.0.0.1:9050 if tor on is on default ports)

> Syncs over exit nodes.

You mean --tx-proxy?

Nope

tx-proxy and anonymous-inbound are for receiving / relaying transactions to onions and (I believe) handshakes and peers lists.

Without --proxy, blockchain sync is still clearnet

--proxy sends all traffic over tor exit nodes and doesnt require tx-proxy or anonymous-inbound

I should have used monerod --help :)

> <@ofrnxmr:monero.social> tx-proxy and anonymous-inbound are for receiving / relaying transactions to onions and (I believe) handshakes and peers lists.... (full message at libera.ems.host/_matrix/media/r0/do…5cc0207121d42106163c6c1e6d4352ac37e)

> <@ofrnxmr:monero.social> tx-proxy and anonymous-inbound are for receiving / relaying transactions to onions and (I believe) handshakes and peers lists.... (full message at libera.ems.host/_matrix/media/r0/do…efdf59d6b2012f017b7df1761a0eb659a70)

* documentation then. So it seems in that way, the clear node IP should not be leaked right?

* documentation then. So it seems that using those 3 options would avoid leaking the real node IP right?

nantuk[m]: Im not sure if --proxy is in there? Could be 😝

<ofrnxmr[m]> "Im not sure if --proxy is in..." <- It is! It is just missing in monerodocs site

Its missing from official documentation as well

I think I found it in --help because i wasnt able to find it on GitHub

> <@ofrnxmr:monero.social> Its missing from official documentation as well

>

> I think I found it in --help because i wasnt able to find it on GitHub

do you get 'in peers' using the proxy flag?

Yes but status only shows ipv4

Node also spams errors about "no incoming connections". But you can ignore.

 

print_cn shows incoming tor connections

obviously exit relays have their issues, but this is a nice option anyways

<ofrnxmr[m]> "Imagepipe_104.jpg" <- are these in peers available because you have hidden service as well?

Those peers are from --proxy, no hidden service needed.

Some of these onions are manually added, some are from --anonymous-inbound

ofrnxmr[m]: i think you need to set up a hidden service for `--anonymous-inbound` to work. from what i see, the only in connections you have are via this method

This is testnet syncing, I have no inbound connections right now but should once I catch up

Using only --proxy (no tx proxy or anon inbound)

<moneroguides[m]> "i think you need to set up a..." <- 🤔...

you may be right

😅. It does look like all of the no name tor connections = the onion peers...

In which case 🙊 I guess it only does incoming handshakes and then makes outgoing connections

ok, just tested on my own node. i have inc for my node with --proxy flag :)

i suppose peers aren't choosing your node via clearnet for some reason. at least you're seeding over tor :)

About as much up as down 👍

Not sure if because im running master, but seems to be far lower than usual.

Used to be >2GB /day in each direction iirc

do you ever sync wallets over LAN?

Yea, my RPC port is on my lan 192.168.x.x:18089

ah ok, nvm, confirm external bind wasn't the issue XD

forgot what i had changed -_-

i wonder if your rpc port is also available via the exit relay 🤔

It is

Im connecting over my router so if router port is also open then RPC is available over clearnet

i'm confused, why have you got a port forwarded on your router if you're using the proxy flag?

I don't

<moneroguides[m]> "i wonder if your rpc port is..." <- Sorry, early / late morning 😂

Its not available over exit relay. Somehow I read clearnet.

Time for me to 🤐.

i'ts all goood, thanks for your replies

I made a little tester tool in case anyone wants to make sure a node is browser compatible :) sunny-malabi-a3b5ff.netlify.app/#/node-checker ... works with onion nodes in tor as well, just make sure to prefix with http://

spirobel: reeemuru

I havent been able to get hotshop to load using my onion

It passes the test though ^

I have a bug that is preventing nodes from updating cleanly at the moment. What I'm doing in the meantime is specifying a new node, updating the config, saving the custom shop link and then opening that in a new tab.

2Fwww.getmonero.org%2Fpress-kit%2Fsymbols%2Fmonero-symbol-480.png

so if you open this link in Tor, it's using your onion node and works correctly

shop link is here for now ☝️

was able to successfully process a payment using your node as well :)