Skip to content
GitLab
Projects Groups Topics Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • Tor Tor
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributor statistics
    • Graph
    • Compare revisions
  • Issues 342
    • Issues 342
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 33
    • Merge requests 33
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Artifacts
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • The Tor Project
  • Core
  • TorTor
  • Merge requests
  • !702

prop327: Implement PoW over Introduction Circuits

  • Review changes

  • Download
  • Patches
  • Plain diff
Merged Micah Elizabeth Scott requested to merge beth/tor:ticket40634_local into main Mar 16, 2023
  • Overview 36
  • Commits 77
  • Pipelines 32
  • Changes 106

This is an initial implementation of new functionality for mitigating DoS attacks on onion services using a proof-of-work client puzzle, based on work by several folks:

  • Thanks tevador for the underlying PoW algorithm, Equi-X
  • George Kadianakis, Mike Perry, David Goulet, and tevador for the proposal 327 specification this implements
  • David Goulet, Roger Dingledine, and Mike Perry wrote most of this implementation last year

This addresses ticket #40634 (closed) and provides an initial implementation. As noted in the ticket there's room for improvement, but at this stage the feature might be considered useful and the wire protocol stabilized.

The Equi-X implementation is covered by the LGPL. As noted in #40634 (closed) there are a few integration approaches we could have taken, but the approach that seemed to make the most sense for our needs was to integrate equix directly into the src/ext tree and implement an optional GPL-licensed build mode for tor and libtor. To get the new proof-of-work system, clients and services must both be built with --enable-gpl and services must have the HiddenServicePoWDefensesEnabled torrc option at runtime.

Assignee
Assign to
Reviewers
Request review from
Time tracking
Source branch: ticket40634_local