Zashi 2.1: Enhanced Privacy with Tor (Beta)

X Article Covers (1500 x 600 px) (15)1500×600 231 KB

Zashi just expanded its Tor network integration, and it’s yet another quiet game-changer for the privacy-conscious Zcash users. Previously, Tor support in Zashi was limited to fetching ZEC-USD exchange rates, which shielded user IP addresses from exchange servers and prevented metadata leakage. With this update, the wallet’s built-in Tor client can now be used to:

• Submit ZEC transactions
• Fetch transaction data
• Connect to third-party APIs (e.g. NEAR and Maya coming soon)
• Fetch ZEC-USD exchange rates

Zcash is already the industry leader in private transactions. Zashi’s expanded Tor capabilities place it one more step ahead of the pack. By routing wallet activity through Tor, Zashi adds network-level privacy on top of Zcash’s best-in-class cryptographic protections.

What is Tor?

Tor is a volunteer-operated privacy network that encrypts and routes your internet traffic through multiple relays, making it much harder to trace your online activity back to you.

Zashi’s Tor integration is built on Arti, a Rust-based Tor implementation designed to make Tor faster, more reliable, and easier to integrate into applications like Zashi. Developed by the Tor Project with funding from Zcash Community Grants, Arti has been a long-standing strategic priority for the Zcash community.

Why This Matters

Wallets use Zcash lightwallet servers to fetch data from the chain and to submit transactions to the network. Without Tor, such requests can be linked to your IP address, potentially revealing patterns of wallet usage. Routing these queries through Tor breaks that link, reducing metadata leakage and strengthening privacy for shielded ZEC usage. We also intend to use Tor where possible for future integrations.

Watch ECC’s Jack Grigg, one of the original developers of the Zcash protocol, explain the significance of the Tor feature.

Notes

• Beta Feature: Tor protection is a beta feature and may affect wallet performance, which is why we’ll be monitoring all user feedback very closely.
• Controls: This feature can be managed in Zashi’s Advanced Settings. If performance issues are detected, Zashi will prompt you to disable Tor.
• Regional Restrictions: Tor is blocked in some countries. Make sure its use is permitted in your region. If it is, we strongly recommend enabling it for the extra layer of protection for your private payments.

Protecting your wallet activity is not just about individual transactions; it’s about personal autonomy, privacy rights, financial sovereignty, and much broader societal implications. While the term “privacy” is being watered down and co-opted by corporations built on harvesting user data, our goal is different: true privacy. For us, it’s not a buzzword or a marketing gimmick; it’s a principle that drives every decision, down to the smallest technical detail. The latest Zashi update embodies that principle.

Shields up.

This is awesome, I remember back when we debated funding Arti with Zcash Grants one of the concerns was about “Why is it needed?” and “What advantages would Rust provide that the old Tor client could not?”.

This is a perfect showcase use case for Arti and a long time verification that the efforts to remake the client in Rust will continue to help all kinds of apps connect to the internet privately in the future.

Congrats to @joshs and the Zashi team for making this a reality!

Does Zashi use lightwalletd for these Tor connections or does it connect to other servers?
If it is the latter, what onion address does it use?

Other way around: Zashi uses Tor for (some) connections to regular public lightwalletd servers, through Tor exit nodes. Specifically, we’re using zcash_client_backend::tor::Client::connect_to_lightwalletd, which returns a Rust gRPC client that can use all of the lightwalletd APIs. This client also can connect to lightwalletd servers with onion addresses (by enabling the relevant feature flag on the arti-client crate).

Note however that the mobile SDKs (and thus Zashi) don’t currently support accessing all of the lightwalletd APIs over Tor, because the streaming APIs are not easily exposed over FFI / JNI. This is also why you can’t use a lightwalletd server at an onion address with Zashi (because you cannot access onion addresses without Tor). We have plans to refactor the network logic in the mobile SDKs to do these calls on the Rust side of the FFI / JNI, which would make it possible for all lightwalletd connections to be done over Tor, but it would likely still not fetch CompactBlocks over Tor by default, as that’s a broadcast channel and leaks much less information than the direct transaction fetches / submits, compared to the performance penalty (though obviously if a lightwalletd onion address were configured, it would necessarily make all connections over Tor as there would be no other option).

This is great progress!

A friendly reminder that Zec.rocks maintains these Tor Hidden Service lightwalletd endpoints, in the hopes that someone uses them eventually.

./zecping -socks localhost:9150 -import servers-tor.txt
OK (5099.42ms): height=3532007 server=gnsujqzqaepdmxjq4ixm74kapd7grp3j5selm7nsejz6ctxa3yx4q3yd.onion:443 lwd=0.1.2 zcd=/Zebra:2.3.0/ ipv=ipv4 ip=127.0.0.1
OK (5515.85ms): height=3021349 server=6fiyttjv3awhv6afdqeeerfxckdqlt6vejjsadeiqawnt7e3hxdcaxqd.onion:443 lwd=0.1.2 zcd=/Zebra:2.2.0/ ipv=ipv4 ip=127.0.0.1
OK (5644.95ms): height=3532007 server=ti64zsaj6w66um42o4nyjtstzg4zryqkph2c45x4bwfqhydxeznrfgad.onion:443 lwd=0.1.2 zcd=/Zebra:2.3.0/ ipv=ipv4 ip=127.0.0.1
OK (6200.37ms): height=3021349 server=vzzwzsmru5ybxkfqxefojbmkh5gefzeixvquyonleujiemhr3dypzoid.onion:443 lwd=0.1.2 zcd=/Zebra:2.2.0/ ipv=ipv4 ip=127.0.0.1
OK (6341.09ms): height=3021349 server=lzzfytqg24a7v6ejqh2q4ecaop6mf62gupvdimc4ryxeixtdtzxxjmad.onion:443 lwd=0.1.2 zcd=/Zebra:2.3.0/ ipv=ipv4 ip=127.0.0.1
FAIL: server=ltefw7pqlslcst5n465kxwgqmb4wxwp7djvhzqlfwhh3wx53xzuwr2ad.onion:443 ipv=ipv4 ip=127.0.0.1

It looks like one is down… will fix. Anyways, Tor support (even through exit nodes) is a great step forward. I look forward to being able to also connect to .onion lightwalletd servers, mostly so that it’s easier to self-host lightwalletd/zaino from behind NAT in a home environment. (without depending on Tailscale, etc)

@str4d Thanks for the explanation.

I added support for tor connections to zkool (including onion services) in the release Release zkool: v4.17.0 · hhanh00/zkool2 · GitHub

@emersonian This endpoint
http://gnsujqzqaepdmxjq4ixm74kapd7grp3j5selm7nsejz6ctxa3yx4q3yd.onion:443 works

That onion endpoint is not working for me. Tried in browser + ywallet.

Looks like that one stopped working.

This one is ok:

image1600×1256 143 KB

How is this different compared to just using ORBot for the Zashi app, in that case all the traffic goes through tor, right?

Also when can we expect the new version in F-Droid?

Something happened in the deployment process and it wasn’t pushed for some reason. On its way.

You are correct that using ORBot in VPN mode with Zashi means that all of its network connections would be routed over Tor and through Tor exit nodes. And currently it would also route more connections over Tor than Zashi’s Tor integration does (as I noted above, there are some connections that are hard for us to route currently but which are planned for the future).

However, integrating Tor directly into Zashi provides several important benefits:

• The user doesn’t have to run two separate apps.
• We can ensure that if the Tor connection fails, Zashi “fails-closed” (rather than automatically falling back on a direct non-private connection like would be the case if the ORBot VPN stopped).
• We can explicitly choose to not use Tor in some cases (namely, for queries that have low wallet-identifying information content, like streaming CompactBlocks or the mempool) to lessen the performance impact.
• We can use circuit isolation to separate out different queries that we want to be unlinkable. In particular, we use circuit isolation on a per-txid level so that individual enhancement requests for transactions don’t traverse the same Tor circuits (and thus likely don’t use the same Tor exit nodes).

that’s cool

Thats a great explanation. So yeah, for an average user, tor embeded in zashi is a must.

Keep up the good work