Onionbalance Security Analysis

Description

Write a quick threat model / security analysis for Onionbalance, stating what it brings (or does not bring) in terms of security.

One good aspect to highlight is that it can offer a practical solution to reduce the attack surface in the long-term .onion identity key, since only the frontend/publish nodes need to have access to it. So Onionbalance is not just about load balancing, but also separation of concerns/isolation. And until offline keys is supported, that's the best and easier approach to reduce the attack surface on these keys.

The Vanguards' security analysis may be a good source of inspiration for such document, in terms of structure and content.

Tasks

• Write the security analysis. This is done at !25 (merged), thanks to Pascal Tippe.
• Review and publish the analysis (!25 (merged)).
• Add a reference in the Security Overview page.
• Check if any reported issue has/needs a ticket, open issues accordingly and reference them in the security analysis document.
• Report back to Pascal Tippe. Done.

added Docshackathon Documentation Icebox Onion Services labels

assigned to @rhatto

changed title from Security Analysis to Onionbalance Security Analysis

mentioned in issue onion-support#30 (moved)

removed Icebox label

unassigned @rhatto

changed milestone to %Onionbalance 0.2.4

added Roadmap::Future label

mentioned in issue ecosystem#19

assigned to @rhatto

added Doing label

changed due date to February 26, 2025

Time estimation

• Complexity: small (1 day)
• Uncertainty: low (x1.1)
• Reference (adapted)

added time estimate of 9h

removed Roadmap::Future label

mentioned in merge request !25 (merged)

added Roadmap::Future label and removed Doing label

added Project 145 label