Stream the following services
Go to file
Nick Mathewson 2ad87bfc0c Merge branch 'retry_rend' into 'main'
hss: Retry rendezvous circuit attempts.

Closes #1013

See merge request tpo/core/arti!1547
2023-08-24 19:41:39 +00:00
.gitlab/issue_templates Adds issue creation templates for bugs, features, proposals and documentation. 2020-12-17 13:57:06 -03:00
arti-corpora@fc8b082577 Bump to new version of arti-corpora 2023-08-02 18:01:57 -04:00
crates Merge branch 'retry_rend' into 'main' 2023-08-24 19:41:39 +00:00
doc Use "typos-cli" to fix a bunch of typos. 2023-08-22 16:23:51 -04:00
maint clippy: Suppress needless_pass_by_value in tests 2023-08-23 10:34:00 +01:00
tests keymgr: Do not expect x25519 keys to be stored as ed25519 ssh keys. 2023-08-16 10:43:28 +01:00
.appveyor.yml Use `static-sqlite` as feature flag for AppVeyor builds. 2022-08-30 21:47:30 +02:00
.ecrc Add editorconfig to force some rules (Final Newline) 2022-02-03 15:27:13 +00:00
.editorconfig Create a shadow-based integration test 2022-10-05 12:48:45 -05:00
.gitignore generate aggregated coverage reports 2022-05-05 18:35:34 +02:00
.gitlab-ci.yml CI: Remove unneeded install of git in maint-checks 2023-08-09 17:16:58 +01:00
.gitmodules use https submodule 2021-08-30 16:22:38 +02:00
.typos.toml Fix some typos in comments. 2021-10-19 10:40:32 -04:00 Use "typos-cli" to fix a bunch of typos. 2023-08-22 16:23:51 -04:00
CODE_OF_CONDUCT Fix typos and cleanup 2021-10-25 19:58:42 +03:00 Merge branch 'docs-runes' into 'main' 2023-03-31 16:52:31 +00:00
Cargo.lock hss: Retry rendezvous circuit attempts. 2023-08-24 15:10:02 -04:00
Cargo.toml Include debug symbols in "bench" profile 2023-07-27 07:20:14 -07:00
LICENSE-APACHE add licenses 2021-11-30 00:04:58 +10:00
LICENSE-MIT meta: Update license year range to 2022 2022-10-24 10:50:35 +02:00 README: Note more details about upcoming milestones 2023-08-04 10:53:55 -04:00
WANT_FROM_OTHER_CRATES WANT_FROM_OTHER_CRATES: Remove note about async-rustls 2023-07-17 10:01:18 -04:00
clippy-nightly.toml clippy: Consolidate many lints in maint/add_warning 2022-06-24 14:23:38 +01:00
clippy.toml rng ranges: Forbid use of panicky Rng::gen_range 2023-07-10 16:08:03 +01:00
tomlfmt.toml Lexically sort Cargo.toml dependencies 2022-05-28 20:05:51 +03:00

Arti: reimplementing Tor in Rust

Arti is a project to produce an embeddable, production-quality implementation of the Tor anonymity protocols in the Rust programming language.

This is the README for the Arti project as a whole. If you want find more practical information you might want to check out these links:

Why rewrite Tor in Rust?

Rust is more secure than C. Despite our efforts, it's all too simple to mess up when using a language that does not enforce memory safety. We estimate that at least half of our tracked security vulnerabilities would have been impossible in Rust, and many of the others would have been very unlikely.

Rust enables faster development than C. Because of Rust's expressiveness and strong guarantees, we've found that we can be far more efficient and confident writing code in Rust. We hope that in the long run this will improve the pace of our software development.

Arti is more flexible than our C tor implementation. Unlike our C tor, which was designed as SOCKS proxy originally, and whose integration features were later "bolted on", Arti is designed from the ground up to work as a modular, embeddable library that other applications can use.

Arti is cleaner than our C tor implementation. Although we've tried to develop C tor well, we've learned a lot since we started it back in 2002. There are lots of places in the current C codebase where complicated "spaghetti" relationships between different pieces of code make our software needlessly hard to understand and improve.

Current status

Arti can connect to the Tor network, bootstrap a view of the Tor directory, and make anonymized connections over the network. Now that Arti has reached version 1.0.0, we believe it is suitable for actual use to anonymise connections.

There are a number of areas (especially at the lower layers) where APIs (especially internal APIs) are not stable, and are likely to change them. Right now that includes the command line interface to the arti program.

And of course it's still very new so there are likely to be bugs.

Building and using Arti

Arti can act as a SOCKS proxy that uses the Tor network.

We expect to be providing official binaries soon. But, for now, you need to obtain a Rust development environment, and build it yourself.

To try it out, compile and run the arti binary using the below. It will open a SOCKS proxy on port 9150.

$ cargo run -p arti --release -- proxy

You can build a binary (but not run it) with:

$ cargo build -p arti --release

The result can be found as target/release/arti.

Safety Note: if you are using the default build options, the compiler will include filesystem path information in the binary that it generates. If your path is sensitive (for example, because it includes your username), you will want to take steps to prevent this. See doc/ for more information.

If you run into any trouble building the program, please have a look at the troubleshooting guide.

Hidden service (.onion service) client support

Arti has support for connecting to Onion Services aka Tor Hidden Services.

However, currently it is disabled by default.

This is because Arti currently lacks the "vanguards" feature that Tor uses to prevent guard discovery attacks over time. As such, you should probably stick with C Tor if you need to make a large number of onion service connections, or if you are using the Tor protocol in a way that lets an attacker control how many onion services connections that you make - for example, when using Arti's SOCKS support from a web browser such as Tor Browser.

We plan to improve the security, and will then enable .onion connections by default.

In the meantime, if you would like to try it out, you can enable it on the command line (cargo run -p arti -o address_filter.allow_onion_addrs=true proxy). or edit your config file (set allow_onion_addrs = true in the section [address_filter])

Then you can make a connection to a .onion service, via Arti. For example, to try it out from the command line:

target/release/arti -o address_filter.allow_onion_addrs=true proxy
# and in another window:
curl --socks5-hostname localhost:9150 https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ | head | cat -v

Custom compile-time options

Arti has a number of configurable Cargo features that, among other things, can affect which asynchronous runtime to use.

See in the Arti crate-level docs for details.

Using Arti as a library

The arti command line utility is built on top of the arti_client library (and its dependencies).

That library's API will allow you to make connections over the Tor network, and obtain streams/sinks usable from async Rust.

Minimum supported Rust Version

Our current Minimum Supported Rust Version (MSRV) is 1.65.

When increasing this MSRV, we won't require any Rust version released in the last six months. (That is, we'll only require Rust versions released at least six months ago.)

We will not increase MSRV on PATCH releases, though our dependencies might.

We won't increase MSRV just because we can: we'll only do so when we have a reason. (We don't guarantee that you'll agree with our reasoning; only that it will exist.)

Helping out

Have a look at our contributor guidelines.


Thanks to a generous grant from Zcash Open Major Grants (ZOMG), we're able to devote some significant time to Arti in the years 2021-2022. Here is our rough set of plans for what we hope to deliver when.

The goal times below are complete imagination, based on broad assumptions about developer availability. Please don't take them too seriously until we can get our project manager to sign off on them.

  • Arti 0.0.1: Minimal Secure Client (Goal: end of October 2021??)

    • Target audience: developers
    • Guard support
    • Stream Isolation
    • High test coverage
    • Draft APIs for basic usage
    • Code cleanups
    • and more...
  • Arti 0.1.0: Okay for experimental embedding (Goal: Mid March, 2022??)

    • Target audience: beta testers
    • Performance: preemptive circuit construction
    • Performance: circuit build timeout inference
    • API support for embedding
    • API support for status reporting
    • Correct timeout behavior
    • and more...
  • Arti 1.0.0: Initial stable release (Goal: Mid September, 2022??)

    • Target audience: initial users
    • Stable API (mostly)
    • Stable CLI
    • Stable configuration format
    • Automatic detection and response of more kinds of network problems
    • At least as secure as C Tor
    • Client performance similar to C Tor
    • More performance work
    • and more...
  • Arti 1.1.0: Anti-censorship features (Goal: End of October, 2022?)

    • Target audience: censored users
    • Bridges
    • Pluggable transports
    • and more...?
  • Arti ~1.2.0: Onion service support (Goal: End of 2023)

  • Arti ~2.0.0: Feature parity with C tor as a client (Goal: Mid 2024)

  • Arti ?.?.?: Relay support

How can I report bugs?

When you find bugs, please report them on our bugtracker. If you don't already have an account there, you can either request an account or report a bug anonymously.

How can I help out?

See for a few ideas for how to get started.


This code is licensed under either of

at your option.


Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

(The above notice, or something like it, seems to be pretty standard in Rust projects, so I'm using it here too. This instance of it is copied from the RustCrypto project's file.)