Arti: A pure-Rust Tor Implementation for Zcash and beyond

Community Grants
29

Thanks for the feedback, everybody!

Thanks to the information above from developers on Zcashd and Zebra, I’ve substantially revised our planned milestones. Instead of “First all the security, then all the features”, I’ve reorganized the arti plan to focus on a few target releases (release numbers may not be actual):

  • 0.0.1 – a minimal secure-enough release that might not be so usable, but has solid internals and won’t wreck your privacy. Alpha-level embedding support, suitable for internal testing by developers.
  • 0.1.0 – a release targeted for usability and embedding. Beta-level embedding support, suitable for giving to users and gathering experience.
  • 1.0.0 – a production-ready release for general use. Stable embedding support.
  • 2.0.0 – a full-featured release that can replace the C tor client for all purposes.

You can see the current milestones and their tickets on our gitlab instance. Here are some highlights (see gitlab for full details):

  • 0.0.1 (estimating 4 months)

    • Decent test coverage
    • Guard-node support
    • Stream isolation
    • Correct circuit-construction logic
    • Initial APIs for embedding safely and avoiding the most common Tor usage errors.

  • 0.1.0 (estimating 4 months)

    • Preemptive circuit construction for improved performance
    • Full API support for configuration and embedding in more circumstances, with some efforts towards API stability.
    • API support for reporting on on bootstrap status and issues

  • 1.0.0 (estimating 6 months)

    • Security audits
    • Stable API
    • Stable CLI
    • Automatic detection and response of more kinds of network problems
    • Work on network bottlenecks TBD
    • API level “dormant-mode” support for constrained-bandwidth clients.
    • Performance work for parity with C client in bootstrapping and networking

  • 2.0.0 (estimating 15 months)

    • V3 onion services (client side)
    • V3 onion services (service side)
    • Censorship evasion support (client side)
    • Improved fairness and queueing (for high-load clients and onion services)
    • Circuit and channel padding support (for traffic analysis resistence) “Optimistic data” for faster start on streams
    • Possibly, automatic dormant mode for mobile clients
    • Possibly, backward compatibility with some of the existing Tor controller protocol.
    • Support for rate-limiting and bandwidth accounting
    • Supported C FFI.

Note that the feature breakdown for these milestones is in flux, and is deliberately somewhat flexible in order to meet evolving needs from downstream developers. It’s likely that something I’ve identified as “not needed for our first production release” will actually be something that Zcash wants after all; if so we can move some of the features above around as needed.

Here are our next steps here:

  • I’m going to make sure to be in contact with teor and str4d (along with dconnolly, pili, chelseakomlo, and anybody else I’m introduced to) about those milestones and their general suitability.

  • We’re doing test-builds on mobile (especially iOS) as a proof-of-concept for deployment there.

  • Based on the above, we’ll write our grant appplication and submit it to ZOMG!

7 Likes