Meet Tazy - our 'Zcash on Tor' Testnet node!

‘Zcash on Tor’ now has a dedicated public TESTNET3 node (also another full Tor Relay!) :crazy_face:

addnode=45.77.2.127:18233
or
addnode=tazy4us2qli2sd7e.onion:18233

Tazy runs in non-anonymous hidden_service mode (connecting clients still preserve anonymity).

https://atlas.torproject.org/#details/8D610CFD4FD193034381199106C8EA3E10433A64

More soon …

6 Likes

Oh, I almost forgot … Tazy CPU mines 24/7 with a single CPU core (at 65%) with a Local solution rate of around <0.75 Sol/s. He occasionally finds a few TAZ blocks, so if anyone requires some testnet coins then please send me a PM and I’ll ask Tazy to send some to you, when he’s not to busy, of course. Unfortunately Tazy can’t send coins to z-addresses because he only has 1 GB of RAM.

Hint: You can also try the TESTNET faucet - Tazy sometimes sends TAZ to the faucet as well. https://faucet.testnet.z.cash

Before mining Tazy starts up the Zcash (testnet)… after having first installed cpulimit and screen.

$ sudo apt-get install cpulimit screen

$ screen -S top

$ top

Tazy finds the running Zcash Process ID and then does …

crtl + A + D

$ cpulimit -p **PID** -l 65 /dev/zero &

Inserts the correct PID above ^^

Hits enter … and starts mining …

$ cd Zcash

$ ./src/zcash-cli setgenerate true

Now Tazy can mine in the cloud all-day-long and seemingly nobody complains because he uses less than 75% cpu (well most of the time anyhow). :crazy_face:

3 Likes

I may have brought this up before but, now that Tails has become a 64bit linux distribution, could you comment on what might be involved to get zcashd to use the Persistent volume on Tails to store its data?

Running zcashd in TAILS is certainly do-able via a persistent volume / storage.

As of right now, the 64-bit version of Whonix-Qubes is the best option for running zcashd.

Making contact with the main Whonix developer is on my to-do list. They are also seeking donation funding for Whonix and have yet to add Zcash as a donation option. Separate to ‘Zcash on Tor’ I’d like to suggest that they perhaps make their own funding application to the Zcash Foundation.

A Whonix 64-bit distro with Zcash built in! Yes please! IMHO, having that type of OS available would fully render Bitcoin a Digital Cash (first mover / now settlement layer), with Zcash becoming the Digital Cash of choice. True Digital Cash does not exist without individual user Privacy, as a basic human right!

Oh, Tazy agrees too ! :crazy_face:

2 Likes

Network solution rate | 3 Sol/s
Local solution rate | 0.6664 Sol/s

You are mining with the tromp solver on 1 threads.

Since starting this node 21-ish days, … ago:

  • You have validated 13337 transactions!
  • You have completed 612267 Equihash solver runs.
  • You have mined 1285 blocks!
    Orphaned: 3 blocks, Immature: 190.00 TAZ, Mature: 12640.00 TAZ

Tazy (ZcashTestnet) Tor Relay has also served almost 1TB of Tor network traffic (each way)!

Well done Tazy! :crazy_face:

2 Likes

Oh dear! Tazy is all of a tizzy!

Whilst completing important research for the ‘Zcash on Tor’ project - Tazy also achieved Tor network Guard status and has used up all of his bandwidth allowance for this month! Whoops!

Unfortunately, Tazy (ZcashTestnet) Tor Relay therefore will remain offline until 1st of October. Don’t worry folks - he hasn’t incurred any additional billing charges, thankfully …

Silly Tazy! :crazy_face:

P.S. In the interim period Tazy is going to ask one of his friends who lives on another server to see if they might be able to help with the testnet.

1 Like

Whilst Tazy remains temporarily AWOL (offline), his friend and comrade! (a.k.a. Tazy 2) is now online.

addnode=tazyru26vkpjvmmq.onion:18233

Tazy 2 only accepts incoming and outgoing connections over Tor. zcash.conf example;

testnet=1
listen=1
onlynet=tor
externalip=tazyru26vkpjvmmq.onion
bind=127.0.0.1
server=1
port=18233
rpcport=18232
rpcallowip=127.0.0.1
rpcuser=xxxxxxxxxx
rpcpassword=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=
proxy=127.0.0.1:9050
maxconnections=128
addnode=testnet.z.cash
addnode=zctestseie6wxgio.onion
equihashsolver=tromp

Also see : https://github.com/zcash/zcash/blob/master/doc/tor.md

:crazy_face: :crazy_face:

2 Likes

‘ZcashTestnet’ back online! - https://atlas.torproject.org/#details/8D610CFD4FD193034381199106C8EA3E10433A64

Tor .onion nodes seen by Tazy (TESTNET) ;

addnode=zctestseie6wxgio.onion
addnode=p2teq2bknzuykcij.onion:18233
addnode=iqoimolyf7yzw6bm.onion:18233

:crazy_face:

1 Like

Tazy (TESTNET) is currently running:

Zcash v1.0.12
Tor v0.3.2.2-alpha

:sunglasses: :crazy_face:

1 Like

Tazy (TESTNET node) is now HS v3 (prop224) enabled !

addnode=q5qwc5rdtfle24zrwchki22d2equa7zverjnb7rt7zhdg3a5i7d3lyd.onion:18234

N.B. You can only connect to this hidden_service if your using Tor 0.3.2.1-alpha or above.

EDIT: addnode remains live, although is most certainly not reachable at present (see below).

:crazy_face: :joy:

1 Like

Additionally, I expect this node will not behave correctly at the P2P layer. v2 onions were “inserted” into Bitcoin by reusing some address space within IPv6. v3 onions are far too large to do this, and I have not checked what the P2P layer will do when seeing them, but I expect it will involve truncation. My open ticket for I2P integration will also enable proper v3 HS support.

EDIT: I have looked at the source code, and what happens is that a lookup of a v3 .onion will be ignored by the regular onion-handling code (as it is too long), and will instead be passed to the DNS lookup code (treated as a hostname). I haven’t been able to figure out exactly what happens after that (as it partly depends on what gets returned to the lookup code by Tor, assuming that is set properly), but suffice to say that if it does work currently, that is only because the -addnode entries are being passed directly to Tor’s SOCKS proxy port. Discovery via the P2P network is definitely non-working, and internal detection of these addresses as Tor addresses is definitely non-working.

2 Likes

@str4d thanks for clarification. Something was most certainly amiss during initial testing.

Good to have a testnet to start the ball rolling with Zcash on Tor v3 HS support / compatibility.

https://trac.torproject.org/projects/tor/wiki/doc/NextGenOnions

:crazy_face:

1 Like

Tazy (TESTNET) is currently running:

Zcash v1.0.14rc1
Tor v0.3.2.8-rc

Arm controller upgraded to nyx. The node is now IPv6 compatible / enabled.

addnode=2001:19f0:ac01:bcf:5400:00ff:fe7f:4c46

:crazy_face:

1 Like

Herewith, Tazy’s (TESTNET) torrc :

SOCKSPort 0
SOCKSPolicy reject *
Log notice file /var/log/tor/notices.log
ControlPort 9051
HiddenServiceDir /var/lib/tor/zcashtestnet/ (example!)
HiddenServicePort 18233 127.0.0.1:18233
HiddenServiceStatistics 0
HiddenServiceSingleHopMode 1
HiddenServiceNonAnonymousMode 1
HiddenServiceDir /var/lib/tor/zcashtestnetv3/ (example!)
HiddenServiceVersion 3
HiddenServicePort 18234 127.0.0.1:18233
ORPort 20
ORPort [2001:19f0:ac01:bcf:5400:00ff:fe7f:4c46]:20
Address 45.77.2.127
NickName ZcashTestnet
ContactInfo forum.zcashcommunity.com - xyZcash - Zcash TESTNET addnode=tazy4us2qli2sd7e.onion - addnode=tazyru26vkpjvmmq.onion - TAZ : faucet.testnet.z.cash
DirPort 21
BandwidthRate 512 KB
BandwidthBurst 1024 KB
MaxAdvertisedBandwidth 512 KB
RelayBandwidthRate 512 KB
RelayBandwidthBurst 1024 KB
LongLivedPorts 20,21,22,706,1863,5050,5190,5222,5223,6523,6667,6697,8300,18233,18234
ExitPolicy reject *:*
DisableDebuggerAttachment 0
NumCPUs 1
AvoidDiskWrites 1
RunAsDaemon 0

Remember that Tazy only accepts incoming connections via Tor (although incoming and outgoing connections via mainnet (clearnet) as DualStack.

:crazy_face:

1 Like

Herewith, Tazy’s (TESTNET) iptables firewall :

sudo iptables -A INPUT -s 10.0.0.0/8 -j DROP && 
sudo iptables -A INPUT -s 169.254.0.0/16 -j DROP && 
sudo iptables -A INPUT -s 172.16.0.0/12 -j DROP && 
sudo iptables -A INPUT -s 192.168.0.0/16 -j DROP && 
sudo iptables -A INPUT -i lo -j ACCEPT && 
sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT && 
sudo iptables -A INPUT -m conntrack --ctstate INVALID -j DROP && 
sudo iptables -A INPUT -p tcp --dport 1 -j REJECT && 
sudo iptables -A INPUT -p udp --dport 1 -j REJECT && 
sudo iptables -A INPUT -p udp --dport 19 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 20 -j ACCEPT && 
sudo iptables -A INPUT -p udp --dport 20 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 21 -j ACCEPT && 
sudo iptables -A INPUT -p udp --dport 21 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT && 
sudo iptables -A INPUT -p tcp --dport 23 -j REJECT && 
sudo iptables -A INPUT -p udp --dport 23 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 25 -j REJECT && 
sudo iptables -A INPUT -p udp --dport 25 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 53 -j ACCEPT && 
sudo iptables -A INPUT -p udp --dport 53 -j ACCEPT && 
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT && 
sudo iptables -A INPUT -p udp --dport 80 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 111 -j REJECT && 
sudo iptables -A INPUT -p udp --dport 111 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 135:139 -j REJECT && 
sudo iptables -A INPUT -p udp --dport 135:139 -j REJECT && 
sudo iptables -A INPUT -p udp --dport 443 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 445 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 512 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 513 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 514 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 515 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 1080 -j REJECT && 
sudo iptables -A INPUT -p udp --dport 1080 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 1433 -j REJECT && 
sudo iptables -A INPUT -p udp --dport 1433 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 3306 -j REJECT && 
sudo iptables -A INPUT -p udp --dport 3306 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 3389 -j REJECT && 
sudo iptables -A INPUT -p udp --dport 3389 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 5060 -j REJECT && 
sudo iptables -A INPUT -p udp --dport 5060 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 5900 -j REJECT && 
sudo iptables -A INPUT -p udp --dport 5900 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 6000:6063 -j REJECT && 
sudo iptables -A INPUT -p udp --dport 6000:6063 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 8000 -j REJECT && 
sudo iptables -A INPUT -p udp --dport 8000 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 8080 -j REJECT && 
sudo iptables -A INPUT -p udp --dport 8080 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 8090 -j REJECT && 
sudo iptables -A INPUT -p udp --dport 8090 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 8118 -j REJECT && 
sudo iptables -A INPUT -p udp --dport 8118 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 8123 -j REJECT && 
sudo iptables -A INPUT -p udp --dport 8123 -j REJECT && 
sudo iptables -A INPUT -p tcp --dport 9051 -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT && 
sudo iptables -A INPUT -p tcp --dport 18232 -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT && 
sudo iptables -A INPUT -p tcp --dport 18233 -j ACCEPT && 
sudo iptables -A INPUT -p tcp --dport 18234 -j ACCEPT && 
sudo iptables -A INPUT -p udp --dport 53413 -j REJECT && 
sudo iptables -A INPUT -p icmp -m icmp --icmp-type host-unreachable -j ACCEPT && 
sudo iptables -A INPUT -p icmp -m icmp --icmp-type port-unreachable -j ACCEPT && 
sudo iptables -A INPUT -p icmp -m icmp --icmp-type fragmentation-needed -j ACCEPT && 
sudo iptables -A INPUT -p icmp -m icmp --icmp-type source-quench -j ACCEPT && 
sudo iptables -A INPUT -p icmp --icmp-type echo-request -m limit --limit 2/s -j ACCEPT && 
sudo iptables -A INPUT -p icmp --icmp-type echo-request -j DROP && 
sudo iptables -A INPUT -p tcp --syn -j DROP && 
sudo iptables -A OUTPUT -o lo -j ACCEPT && 
sudo iptables -A OUTPUT -m conntrack --ctstate NEW,ESTABLISHED,RELATED -j ACCEPT && 
sudo iptables -A OUTPUT -m conntrack --ctstate INVALID -j DROP

and Fail2ban - See :

:crazy_face:

1 Like

Tazy lives!

Following Zooko’s talk “cryptocurrencies, smart contracts, etc.: revolutionary tech?” at 34c3 - Tazy got chatting with some cool catz from the internetz, who kindly gifted a GEN:0 Crypto Kitty 457131 a.k.a. Tazy !

Thanks!

:joy_cat: :crazy_face:

2 Likes

Tazy (TESTNET) has successfully upgraded to:

Zcash v1.0.15-rc1 + Overwinter
Tor v0.3.2.2-alpha

:crazy_face:

2 Likes

Tazy (TESTNET) has successfully upgraded to:

Zcash v1.0.15
Tor 0.3.3.3-alpha

Work is now under-way to bolster and expand the testnet. We have a new ‘unoffical’ domain for our zcash on tor servers project (testnet) nodes, which can be used as clearnet addnodes in your zcash.conf …

addnode=node0us.zcashtestnet.org:18233
addnode=node0gb.zcashtestnet.org:18233

addnode=testnet.z.cash

More info. soon …

:crazy_face:

2 Likes