Table of Contents
Original SPEECH TITLE: Privacy and anonymity: Securing the digital economy’s most valuable assets
SPEAKER: Micah Anderson
CONFERENCE: BTC Prague 2023
My name is Micah Anderson. I’m the director of engineering of the Tor project. A quick question here: how many people here know what Tor is already? Okay, quite a few of you. How many of you use Tor on a regular basis? A little bit less. [How many of you use Bitcoin over Tor network?]
What is Tor?
Tor, for those of you who don’t know, is a privacy, security, anonymity, censorship-resistant system that mitigates surveillance.
Why do we need Tor?
There’s a number of reasons. If you get to the root, down to the root of the problem, the internet was broken by design. Many people have been working to fix this problem tirelessly for decades. We’ve had people working on adding encryption, and now we understand and expect encryption everywhere. We know the browsers will warn you if you don’t have encryption. But that took decades to fix. People had to advocate, develop fixes, and deploy them at scale. But encryption’s not enough. It protects the contents of your communications, but even when you are encrypting things, someone watching that connection is able to still learn who you’re talking to, when, and how often. That’s called meta-data leakage.
Encryption is not enough
It didn’t fix the internet. We still have underlying problems that need to be addressed. That is what we are aiming to achieve with the Tor project, addressing meta-data leaks, issues of surveillance, issues of privacy, just like Bitcoin goals around fixing fundamental problems with fiat currency towards fixing fundamental problems on the internet.
How do we do this? You all know how VPNs work. You pay a monthly fee, you connect to their gateway, you have an encrypted connection that’s undoubtedly better than what you had before. But you must trust the VPN provider not to sniff your traffic, sell your data, or even decrypt without you knowing. That gateway that you connect to is a single central surveillance point. They can see traffic going in and out, they can see who you’re talking to, when you’re talking to them. That’s meta-data leakage. They have your credit card on file even, so they can link it to you. In this model, this is privacy by promise or privacy by trust. They have all the data and they promise not to do anything bad with it. But you have no way of knowing that they’re going to follow through on that promise or not.
The Tor project
Rather than a central model, Tor builds on a decentralized network design. In the Bitcoin space, you already know the importance of decentralization. In this context, when you route traffic over Tor, you are basically forwarding your traffic through a non-deterministic set of hops that are distributed throughout the world, and then it exits to the internet. In this way, no single party can learn the sender or destination of the communications. There’s no central place for surveillance. It’s decentralized trust rather than centralized trust. It’s privacy by design. The architecture of the system is such that it keeps you safe instead of a centralized organization that you place your hopes for privacy into.
Tor is a non-profit free software project with thousands of volunteer-run relays around the world, with close to 8 million users using it on a daily basis for a variety of reasons. Anonymity doesn’t work when you’re alone. Increasingly, people in censored countries depend on Tor to access the internet. And also, increasingly, marginalized folks around the world use Tor to get the privacy features that many of us get from a VPN because they can’t afford the privacy premium. This speaks to Tor’s mission of providing an open infrastructure without a fee for entry.
Tor is composed of a number of different elements. There is a browser that has a modified Firefox with privacy features, anti-fingerprinting features. There’s also onion services that provide end-to-end encryption and authenticity. You may have seen .onion addresses with some gibberish at the front. This one up here is the Facebook onion address.
Tor onion services are the key to Bitcoin privacy.
Tor also is a comprehensive ecosystem that keeps your online activity private and anonymous.
Bitcoin and Tor
Bitcoin over Tor benefits
Let’s talk a little bit about the benefits of Bitcoin and Tor.
Transactions, as you all know, as Bitcoin people, are broadcast to nodes, and without Tor, these nodes learn your IP address. If you route these transactions over Tor, these nodes can’t learn your IP address. Simple as that. It’s essential, actually, that these Tor connections are done over onions, as these provide the end-to-end anonymity. Tor helps clients also traverse restrictive NAT and, in this way, Tor has helped the Bitcoin community grow over the years by providing what we call transport layer anonymity for transaction privacy.
Tor also helps people in censored countries access the Bitcoin network. Our anti-censorship layers make it safer to use Bitcoin when living in a repressive regime. But I’ll note that you should still be careful because even though Tor is being used, you should not be lulled into a false sense of security. Anonymity is not that easy.
Bitcoin adoption of Tor
Major pieces of the Bitcoin network rely on Tor in surprisingly pervasive ways. The latest data from the node monitoring resource, Bitnodes, you can see here the Tor-enabled Bitcoin nodes make up, I don’t know if you can read that, but a significant portion of the Bitcoin network, about 61.8% in this particular slide. Someone pointed out to me that this is not entirely accurate data, so keep that in mind. The lightning network has about 72% of its nodes that are also using Tor onions, as well as the traditional clearnet.
Bitcoin Core Tor integration
How did we get here? Bitcoin Core integrated Tor almost a decade ago. I think it was in the 0.12 release of Bitcoin Core, and it’s automatic. When Tor is detected on the system, it will automatically create an ephemeral onion service to route your communications over Tor. This way, your actual Bitcoin transactions happen over Tor before reaching the nodes, so you’re obscuring the IP address.
Implementations of Tor
It’s not just Core. We’ve got a number of implementations. The Samurai wallet, maybe people will know these already, but it’s the first mobile Bitcoin wallet that fully integrated Tor. They also have the Samurai Whirlpool, which is their blinded Coinjoin implementation that requires Tor. Wasabi has their Coinjoin Tor integrations with multiple Tor identities to avoid linking each peer through a fresh Tor stream, defeat queries over Tor, and so on. Max Hillebrand from Wasabi is here. He’s going to be giving a talk on Saturday. I encourage you to go see that to learn more about that. And our good friends at Satoshi Labs, at the Trezor, the Trezor Suite, has the single-click onion button on it that will automatically route things over Tor, towards anonymized global network, obscuring your connections. They also do the Coinjoins like Wasabi does. Different identities. There’s a number of other projects that integrate Tor, but I don’t have time to go over them all but I highlight these because they’re not only built on top of Tor but they also contribute to Tor through the Onion Service Resource Coalition.
Onion Service Resource Coalition
Tor is a non-profit, as I mentioned, and Tor onion services are essentially a public good that is used by a large part of the Bitcoin community. We need support to make sure this technology is strong and healthy part of the stack. I want to invite everyone here to join the Onion Service Resource Coalition. There’s a number of other projects that I’ve put here who have demonstrated already their commitment to Bitcoin and privacy, so please consider joining us.
Where do we go from here? Tor is at an inflection point. It’s evolving in exciting ways by making things easier to integrate, more broadly supported, faster, and better overall. We have a robust set of technology developments that are enhancing our tactics going forwards, such as rewriting our core entirely in the Rust programming language. We implemented Proof of Work for onion services to defend against distributed denial service attacks, and we’re adding mechanisms for scaling the network.
Just like in the Bitcoin community, Tor is substantially changing the ecosystem by growing the project to be more resilient in the face of industry-wide challenges while maintaining sustainability and opening things up for more and more projects to innovate with us. As a non-profit, we depend on your support to achieve these goals and to continue to provide the critical low-level privacy and anonymity features that Bitcoin deserves.
We would love it for the Bitcoin community to join us in our fight to fix the internet. Thank you very much for your time. Come find me if you want to discuss things further.
Disclaimer: Transcripts provided on bitlyrics.co represents solely the opinion of the speaker and is not by any means financial/legal advice or an opinion of the website. The content has been transcribed with maximum accuracy. Repetitions and fill words have been amended in order to enhance the reading experience. The full text may not be confirmed by the speaker. Please, refer back to the above-provided source of content for more certainty. If you are a speaker and wish to confirm/amend your speech please contact us.