Zfnd.org blocks Tor

nullius · July 15, 2022, 11:44pm

I understand that these types of issues may take a reasonable time to resolve.

I have been monitoring the status of this issue—checking at least once or twice per day. After it was suggested that my OP may be administratively edited over my head, I have been editing OP with the dates and times when I checked to see if the issue had been resolved. I encourage the public to click the little pen icon at the top, and view the edit history. Javascript is required, but a forum account is not; please go ahead and look!

Five business days after I reported it, zfnd.org is still blocking Tor. I request an update.

It has been a long time since I ran any significant website; but when I did, I always maintained things in a way that I could easily switch hosts. That is a matter of independence and censorship-resistance. I think it is prudent, like backing up data. I suggest that if the Zcash Foundation is stuck in a position that it can’t easily tell its Tor-hating host to take a hike, some policies and procedures should be improved.

The Tor community used to maintain a list of Tor-friendly hosts on the old Tor Trac. (Not sure about now.) Tor-friendly hosts deserve our business; Tor-hating hosts do not! I think that if you reach out to the Tor community, people on the Tor side would be happy to help the Zcash Foundation find Tor-friendly hosting suitable to ZF’s technical requirements and its budget—ideally, payable with ZEC!

If this seems embarrassing to the Zcash Foundation, @anon35140610, I ask that you please consider how this feels to me as a Tor user and a Zcasher.

I have tried to get my friends into Zcash. Like likes like. My Bitcoiner friends tend to be Tor users—not people who maybe tried Tor once or twice, but people who use Tor on a daily basis.

I have gotten a sort of a “LOLWUT” reaction from my own friends, when I had to explain to them that, um, the privacy coin with hands-down absolutely the best on-chain privacy utterly lacks support for onions.

github.com/zcash/zcash

Rebooting overlay support: Merge v3 onions (critical), I2P SAM, and CJDNS from upstream Bitcoin.

opened 08:04AM - 15 Jul 22 UTC

nullianity

use case

Today, on the first anniversary of [the **15 July 2021** official end of life fo…r onion v2](https://blog.torproject.org/v2-deprecation-timeline/), I respectfully request that Zcash change some development decisions to prioritize v3 onions—and other overlay networks. The deadline for *fully fielded* v3 onion support passed one year ago. [Tor nuked onion v2 from orbit almost nine months ago.](https://gitlab.torproject.org/tpo/core/tor/-/issues/40476) v2 onion is insecure, EOLed, unsupported—and now, as of a few weeks ago, totally nonfunctional on the Tor network. Accordingly, it is fair to say that **Zcash does not support onions.** Upstream Bitcoin Core has first-class support out of the box for the following privacy and/or censorship-resistance networks—all of which could be borrowed, without wasting Zcash dev cycles on reinventing the wheel: * **Tor onion v3:** Issue bitcoin/bitcoin#18884, main PR bitcoin/bitcoin#19954, merged 2020-09-14, released in Bitcoin Core v0.21.0 on 2021-01-14. Other PRs relate to v3 onion support; the whole Bitcoin infrastructure was upgraded to onion v3 well in advance of the Tor Project’s 2021-07-15 deprecation deadline for v2 onions. As @daira noted (https://github.com/zcash/zcash/issues/5277#issuecomment-903833687), Bitcoin totally removed its v2 onion support shortly after that deadline had passed. * **I2P SAM:** bitcoin/bitcoin#20685, merged 2021-03-02, released in Bitcoin Core v22.0 on 2021-09-13. * **CJDNS:** bitcoin/bitcoin#23077, merged 2021-11-08, released in Bitcoin Core v23.0 on 2022-04-25. (This list is copied from [my forum post of almost two weeks ago](https://forum.zcashcommunity.com/t/cherry-picking-tor-onion-v3-and-other-overlay-networks-from-bitcoin/42421). If I can spare the time and effort to work out a Github task list of commits, alone or working with others here, I will edit this issue.) ---- ## Please reboot the approach here: I am aware that the Zcash developers have some nitpicks over how Bitcoin did this. Although my concerns are different, I myself think that it was slightly suboptimal. I wish that I had ~~bikeshedded~~ spoken up during the [BIP 155](https://github.com/bitcoin/bips/blob/master/bip-0155.mediawiki) standardization process. Well, it is what it is—*and it works!* The code is written, tested, fielded. It has been used in mission-critical settings every day for the past year and a half. Please don’t let the perfect be the enemy of the good. Here, and generally, I urge trying to keep a closer alignment with upstream. Zcash has a small dev team at a single company, with spectacular world-class expertise in a narrow specialty: Zero-knowledge proof privacy. Bitcoin Core is a massive effort with a large number of highly competent contributors, funded generously by decentralized, voluntary private grants from numerous parties around the world. The fruits of all that funding and labour are *all* MIT-licensed, freely available for Zcash to enjoy in the open-source spirit of give-and-take. Zcash has already richly benefitted from this: If Zcash had tried to write its own node from scratch, I estimate that in *the best case*, Zcash would have shipped its first mainnet at least two years later than it did—at a cost of many millions of dollars in additional development effort, never mind opportunity costs. (Best case. Many such projects stall out and fail as vapourware.) Since then, Zcash has obtained many of its best non-blockchain-privacy improvements from upstream. Bitcoin Core has a huge codebase under continual improvement, just waiting to be copied. Please, take advantage. Staying fully aligned with BIP 155 and Bitcoin Core’s implementations of support for Tor onion v3, IP2 SAM, and CJDNS gives Zcash what it needs ~~now~~ ~~yesterday~~ a year ago, *and* it lets Zcash continue to borrow from Bitcoin for **the future maintenance burden.** Doing things differently would saddle Zcash with **technical debt** of the worst kind: The kind that Zcash developers need to maintain in perpetuity, all by themselves. Staying closely aligned with upstream means that future features and improvements can be cherry-picked with minimal effort. As a developer interested in writing third-party code that interacts with both Bitcoin and Zcash (including on the P2P network level for added network-layer privacy), I note that a close alignment on BIP standards facilitates ecosystem growth—mainly to Zcash’s benefit. To Bitcoin, the market-dominant ecosystem with vast network effects, the ecosystem benefit here is negligible. Speaking as a Zcasher since Sprout and a long-term ZEC holder, I think that the foregoing is more important to Zcash than any theoretical inelegance in BIP 155. Speaking as a Tor user who ran `zcashd` with `onlynet=onion` for over five years, I identify this as a major pain point for Tor users. Speaking as a Bitcoiner-Zcasher, I am frustrated by how many excellent `bitcoind` features are missing from `zcashd`. This will be only the first of my efforts to point out the most important, real-world practical features where Zcash needs to catch up by copying more of Bitcoin’s reviewed, tested, freely available MIT-licensed code.

By the way, I suggest that the Tor Project’s Executive Director may be interested in knowing how and when that will be resolved. The Tor Project’s v2 onion deprecation deadline (onion) was 15 July 2021—one year ago today. Tor kicked v2 onions out of their own codebase nine months ago (onion). Not only it is fair to say that Zcash does not support onions: It would be dishonest to claim that Zcash supports onions. At this point, v2 onion support is like supporting the old v0/v1 “Hidden Services”: It does not qualify as “supporting onions”.

And it also leaves me in a difficult position to explain to my friends why the best privacy coin has governance and grantmaking processes run by a foundation whose website they can’t see, because it discriminates against Tor users.

Moreover, and more importantly in the big picture, I am disturbed by this circumstantial evidence that most Zcashers don’t use Tor. If Bitcoin.org or Bitcoin Core’s website (onion) were to block Tor for even a split-second, there would be a nuclear explosion! It would not go unnoticed.

Due to demand, community interest, and Tor usage by Bitcoin developers themselves, the shipping, release-version bitcoind had v3 onion support in Bitcoin Core v0.21.0, released 2021-01-14—over half a year before the Tor Project’s 2021-07-15 deadline. Bitcoin killed v2 onion from its own codebase, right after the v2 deprecation deadline. Because Bitcoiners care about this stuff. Where is the widespread interest from Zcashers?

I wish to deal with that constructively. As an experienced privacy activist, I will be advocating for Zcashers to use Tor—to use Tor generally, to surf the Web with Tor Browser, to boycott chat networks that are notoriously hostile to Tor, and specifically to use Tor with Zcash. As a technical expert of some repute in other venues, I offer help and support to Zcashers who are interested in using Tor’s network-layer privacy together with Zcash’s blockchain privacy. And of course, I will be advocating for PGP as I have been doing since the 90s. If you don’t do PGP, you don’t do “crypto”!

I think that that would make a positive topic for Zcon3. I’d like to see if there is any reasonable way for me to contribute. Alas, I still cannot see the website.