Make publising of onion addresses configurable (#1936)

When using Tor, your onion address is by default added to your list of public addresses and advertised through the gossip layer to allow peers to find your node and connect to it. We now allow opting out of that mechanism by setting `tor.publish-onion-address = false` in your `eclair.conf`. This will ensure your onion address is not advertised, and peers will not be able to connect to you unless you've connected to them first.
2024-11-19 09:54:02 +01:00 · 2021-09-08 06:11:17 -07:00 · 2021-09-08 06:11:17 -07:00 · 88f0dfd225
commit 88f0dfd225
parent 632d40c270
6 changed files with 19 additions and 2 deletions
--- a/docs/Tor.md
+++ b/docs/Tor.md
@ -120,6 +120,14 @@ For increased privacy do not advertise your IP address in the `server.public-ips
 eclair.server.binding-ip = "127.0.0.1"
 ```

+By default, the onion address generated by the hidden service will be added to the list of the node's public addresses.
+If you want to keep it private use this config parameter:
+```
+eclair.tor.publish-onion-address = false
+```
+
+You can always see your node's onion address using `getinfo` CLI command.
+
 ### Configure SOCKS5 proxy

 By default, all incoming connections will be established via Tor network, but all outgoing will be created via the 
--- a/eclair-core/src/main/resources/reference.conf
+++ b/eclair-core/src/main/resources/reference.conf
@ -271,6 +271,7 @@ eclair {
    port = 9051
    private-key-file = "tor.dat"
    targets = [] // a list of address:port, for advanced use (e.g. to send traffic to front servers). See the tor man page for syntax details.
+    publish-onion-address = true
  }

  db {
--- a/eclair-core/src/main/scala/fr/acinq/eclair/Eclair.scala
+++ b/eclair-core/src/main/scala/fr/acinq/eclair/Eclair.scala
@ -52,7 +52,7 @@ import scala.concurrent.duration._
 import scala.concurrent.{ExecutionContext, Future, Promise}
 import scala.reflect.ClassTag

-case class GetInfoResponse(version: String, nodeId: PublicKey, alias: String, color: String, features: Features, chainHash: ByteVector32, network: String, blockHeight: Int, publicAddresses: Seq[NodeAddress], instanceId: String)
+case class GetInfoResponse(version: String, nodeId: PublicKey, alias: String, color: String, features: Features, chainHash: ByteVector32, network: String, blockHeight: Int, publicAddresses: Seq[NodeAddress], onionAddress: Option[NodeAddress], instanceId: String)

 case class AuditResponse(sent: Seq[PaymentSent], received: Seq[PaymentReceived], relayed: Seq[PaymentRelayed])

@ -441,6 +441,7 @@ class EclairImpl(appKit: Kit) extends Eclair with Logging {
      network = NodeParams.chainFromHash(appKit.nodeParams.chainHash),
      blockHeight = appKit.nodeParams.currentBlockHeight.toInt,
      publicAddresses = appKit.nodeParams.publicAddresses,
+      onionAddress = appKit.nodeParams.torAddress_opt,
      instanceId = appKit.nodeParams.instanceId.toString)
  )

--- a/eclair-core/src/main/scala/fr/acinq/eclair/NodeParams.scala
+++ b/eclair-core/src/main/scala/fr/acinq/eclair/NodeParams.scala
@ -52,6 +52,7 @@ case class NodeParams(nodeKeyManager: NodeKeyManager,
                      alias: String,
                      color: Color,
                      publicAddresses: List[NodeAddress],
+                      torAddress_opt: Option[NodeAddress],
                      features: Features,
                      private val overrideFeatures: Map[PublicKey, Features],
                      syncWhitelist: Set[PublicKey],
@ -285,10 +286,12 @@ object NodeParams extends Logging {
      None
    }

+    val publicTorAddress_opt = if (config.getBoolean("tor.publish-onion-address")) torAddress_opt else None
+
    val addresses = config.getStringList("server.public-ips")
      .asScala
      .toList
-      .map(ip => NodeAddress.fromParts(ip, config.getInt("server.port")).get) ++ torAddress_opt
+      .map(ip => NodeAddress.fromParts(ip, config.getInt("server.port")).get) ++ publicTorAddress_opt

    val feeTargets = FeeTargets(
      fundingBlockTarget = config.getInt("on-chain-fees.target-blocks.funding"),
@ -335,6 +338,7 @@ object NodeParams extends Logging {
      alias = nodeAlias,
      color = Color(color(0), color(1), color(2)),
      publicAddresses = addresses,
+      torAddress_opt = torAddress_opt,
      features = coreAndPluginFeatures,
      pluginParams = pluginParams,
      overrideFeatures = overrideFeatures,
--- a/eclair-core/src/test/scala/fr/acinq/eclair/TestConstants.scala
+++ b/eclair-core/src/test/scala/fr/acinq/eclair/TestConstants.scala
@ -91,6 +91,7 @@ object TestConstants {
      alias = "alice",
      color = Color(1, 2, 3),
      publicAddresses = NodeAddress.fromParts("localhost", 9731).get :: Nil,
+      torAddress_opt = None,
      features = Features(
        Map[Feature, FeatureSupport](
          OptionDataLossProtect -> Optional,
@ -213,6 +214,7 @@ object TestConstants {
      alias = "bob",
      color = Color(4, 5, 6),
      publicAddresses = NodeAddress.fromParts("localhost", 9732).get :: Nil,
+      torAddress_opt = None,
      features = Features(
        OptionDataLossProtect -> Optional,
        ChannelRangeQueries -> Optional,
--- a/eclair-node/src/test/scala/fr/acinq/eclair/api/ApiServiceSpec.scala
+++ b/eclair-node/src/test/scala/fr/acinq/eclair/api/ApiServiceSpec.scala
@ -229,6 +229,7 @@ class ApiServiceSpec extends AnyFunSuite with ScalatestRouteTest with IdiomaticM
      network = "regtest",
      blockHeight = 9999,
      publicAddresses = NodeAddress.fromParts("localhost", 9731).get :: Nil,
+      onionAddress = None,
      instanceId = "01234567-0123-4567-89ab-0123456789ab"
    ))