Nick, thank you so much for writing this up!
Just to note it here, I encouraged Tor to apply because I think strong built-in solutions to network layer privacy are necessary for making the privacy properties of Zcash crystal clear to the average user.
If we can say that the chain is encrypted and the network layer is as secure as Tor, that’s a huge win, because Tor is fairly well known as a product among people who are privacy conscious.
And conversely, until we have a solution like Tor, it will be really hard to communicate Zcash’s privacy properties to a typical user. Surveillance companies like Chainalysis will be able to track Zcash users by sitting on the network layer—especially for government clients working with exchanges. There will be a rash of “Zcash transactions de-anonymized!” articles in the tech press, or specific stories about specific users being tracked at the network layer. That will confuse prospective Zcash users and hurt the Zcash brand.
Mixnets are an exciting solution to this problem that could theoretically be even more secure than Tor— especially against governments like the US and China—but according to Zcash Foundation research the fact that Tor works today, is well-tested, and already offers a huge anonymity set of millions of users makes it the best near-term solution. (And as Nick points out, Tor is useful as a censorship circumvention tool as well, and could eventually make Zcash work out-of-the-box in countries that outright block Zcash—or all cryptocurrencies—at the ISP level.)
My questions are:
0. In funding this, how do we make sure this work lands in widely used Zcash tooling as soon as it’s ready?
Tor is awesome, and Tor as an easy-to-integrate Rust library is awesome, but ZOMG’s mandate is to fund work directly related to Zcash, so we want to see a clear path here to getting this work integrated in the Zcash tools that people use everyday. Are there commitments from these teams to use your work on Arti as long as certain deliverables are met? Or are there people we can fund, either in your team or outside contractors (ZOMG’s mandate doesn’t let us fund ECC or ZF) who can do the last mile work necessary to bring this to Zcash? And are the teams working on these tools eager to include Tor by default if Arti makes that easy?
I think in order of impact, these tools are the Zecwallet SDK (used by the leading wallet app Zecwallet), the ECC light wallet SDK (used by Nighthawk and Unstoppable), zcashd, and Zebra.
1. What is the smallest piece of work that can land in some widely-used Zcash tooling?
It sounds like the basics of connecting to the Tor network will be ready before things like onion services, which are necessary to receive connections within the Tor network. What’s the piece of this that would deliver the most value to users that we can deliver the fastest? Given that right now most Zcash users enjoy little or no network layer privacy, does that lower the bar at all in a way that could simplify this first deliverable? That is, is there something you can deliver that might not offer all of the protections of an existing Tor client but that can run by default and offer more protection than, say, connecting to a Zcash lightwallet server directly over HTTPS?
2. What are the alternative approaches?
If you were a us, would you fund work integrating existing Tor into various apps and SDKs? It does seem like including built-in Tor support in zcashd, zebra, and the two lightwallet SDKs is not going to happen right now with the existing Tor client, since it complicates the build process. So this work on Arti seems valuable to Zcash either way. But I’m wondering what the cost/benefit is to funding apps like Zecwallet and Nighthawk to integrate existing Tor right now vs. investing in Arti and integrating it into the basic tools.
3. Would this work get a security audit?
It might make sense to budget for this, both for audits of the work on Arti and the integration of Arti in whatever Zcash tools we target.
4. How does this relate to work on Walking Onions?
My understanding is that Zcash Foundation funded Tor’s work on Walking Onions to figure out how to make connecting to the Tor network much faster, especially on mobile, and that Tor completed the grant and figured it out, but that implementation was left for a future grant. Is that right? Should ZOMG fund implementation of Walking Onions now? Do you plan to implement it in the existing Tor client? Or are you postponing building big new features like this because Arti makes new feature work easier?
5. Will Arti become a part of Tor browser? Will Tor’s censorship circumvention transports support Arti?
It would be bad if we did this integration and work on Arti languishes, or if a lot of the transports people use to connect to the network in censorship-heavy regions don’t support it. At what point will Arti replace the existing Tor client in Tor browser? At what point will the most important censorship circumvention pieces of Tor be as easy to integrate in Zcash tooling as Arti?
I’m also really interested in what @earthrise, @ckomlo, @gmale, @bradmiller, and @alchemydc think about these questions!!