vincenzopalazzo
/
arti
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Stream the following services https://gitlab.torproject.org/tpo/core/arti.git
1,141 Commits 3 Branches 23 Tags 19 MiB
Rust 97.8%
Shell 0.8%
RenderScript 0.8%
Python 0.5%
Go to file
HackerNCoder 0f9001c811
Fix typos 		2021-06-17 17:19:33 +00:00
.gitlab/issue_templates Adds issue creation templates for bugs, features, proposals and documentation. 2020-12-17 13:57:06 -03:00
arti Fix typos 2021-06-17 17:19:33 +00:00
caret Add noop_method_call warning. 2021-05-27 14:32:29 -04:00
doc Revise repository-level documentation 2021-06-17 12:18:28 -04:00
maint Note a couple of more desired warnings. 2021-06-17 08:28:55 -04:00
tor-bytes Add noop_method_call warning. 2021-05-27 14:32:29 -04:00
tor-cell Remove some (but not all) needless dependencies. 2021-06-17 09:09:43 -04:00
tor-cert Add noop_method_call warning. 2021-05-27 14:32:29 -04:00
tor-chanmgr Remove some (but not all) needless dependencies. 2021-06-17 09:09:43 -04:00
tor-checkable Add noop_method_call warning. 2021-05-27 14:32:29 -04:00
tor-circmgr Remove some (but not all) needless dependencies. 2021-06-17 09:09:43 -04:00
tor-client Remove some (but not all) needless dependencies. 2021-06-17 09:09:43 -04:00
tor-config Add noop_method_call warning. 2021-05-27 14:32:29 -04:00
tor-consdiff Add noop_method_call warning. 2021-05-27 14:32:29 -04:00
tor-dirclient Remove some (but not all) needless dependencies. 2021-06-17 09:09:43 -04:00
tor-dirmgr Remove some (but not all) needless dependencies. 2021-06-17 09:09:43 -04:00
tor-linkspec linkspec: Define owned variants of ChanTarget and CircTarget. 2021-06-13 13:03:30 -04:00
tor-llcrypto Add noop_method_call warning. 2021-05-27 14:32:29 -04:00
tor-netdir Remove some (but not all) needless dependencies. 2021-06-17 09:09:43 -04:00
tor-netdoc Fix new(?) rustdoc warnings 2021-06-16 15:34:09 -04:00
tor-proto Try to fix a nightly rustdoc warning 2021-06-17 12:31:55 -04:00
tor-protover Add noop_method_call warning. 2021-05-27 14:32:29 -04:00
tor-retry Add noop_method_call warning. 2021-05-27 14:32:29 -04:00
tor-rtcompat Remove some (but not all) needless dependencies. 2021-06-17 09:09:43 -04:00
tor-rtmock Add noop_method_call warning. 2021-05-27 14:32:29 -04:00
tor-socksproto Add noop_method_call warning. 2021-05-27 14:32:29 -04:00
tor-units Add noop_method_call warning. 2021-05-27 14:32:29 -04:00
.gitignore Add a script with the command I've been using for coverage 2021-05-26 10:46:17 -04:00
.gitlab-ci.yml Try some tweaks to .gitlab-ci.yml 2021-05-25 16:18:00 -04:00
CODE_OF_CONDUCT CoC: Stop saying that Arti is not official. 2021-06-17 07:50:38 -04:00
CONTRIBUTING.md Fix typos 2021-06-17 17:19:33 +00:00
Cargo.toml Use macros and types to improve handling of Netdir parameters. 2021-05-25 09:16:59 -04:00
README.md Revise repository-level documentation 2021-06-17 12:18:28 -04:00
WANT_FROM_OTHER_CRATES Update documentation 2020-09-21 13:43:58 -04:00

README.md

Arti: reimplementing Tor in Rust

Arti is a project to produce an embeddable, production-quality implementation of the Tor anonymity protocols in the Rust programming language.

Arti is not ready for production use; see below for more information.

Links:

Why rewrite Tor in Rust?

Rust is more secure than C. Despite our efforts, it's all too simple to mess up when using a language that does not enforce memory safety. We estimate that at least half of our tracked security vulnerabilities would have been impossible in Rust, and many of the others would have been very unlikely.

Rust enables faster development than C. Because of Rust's expressiveness and strong guarantees, we've found that we can be far more efficient and confident writing code in Rust. We hope that in the long run this will improve the pace of our software development.

Arti is more flexible than our C tor implementation. Unlike our C tor, which was designed as SOCKS proxy originally, and whose integration features were later "bolted on", Arti is designed from the ground up to work as a modular, embeddable library that other applications can use.

Arti is cleaner than our C tor implementation. Although we've tried to develop C tor well, we've learned a lot since we started it back in 2002. There are lots of places in the current C codebase where complicated "spaghetti" relationships betwen different pieces of code make our software needlessly hard to understand and improve.

Current status

Arti is a work-in-progress. It can connect to the Tor network, bootstrap a view of the Tor directory, and make anonymized connections over the network.

Arti is currently missing some features that are required for good privacy, and is therefore vulnerable to a lot of attacks that do not yet affect the Tor network. Therefore, you should probably not use Arti in production if you want any kind of privacy at all.

There are absolutely no guarantees about API stability yet: if you write code that uses Arti, you should expect that

Trying it out today

Arti can act as a SOCKS proxy that uses the Tor network. (Not a very secure or anonymous one!) It knows how to download directory information and how to load it from cache, but it doesn't try to download more than one directory per run.

To try it out, run the demo program in arti as follows. It will open a SOCKS proxy on port 9150.

% cargo run --release

Again, do not use this program yet if you need anonymity, privacy, security, or stability.

Helping out

Have a look at our contributer guidelines.

Roadmap

Thanks to a generous grant from Zcash Open Major Grants (ZOMG), we're able to devote some significant time to Arti in the years 2021-2022. Here is our rough set of plans for what we hope to deliver when.

The goal times below are complete imagination, based on broad assumptions about developer availability. Please don't take them too seriously until we can get our project manager to sign off on them.

  • Arti 0.0.1: Minimal Secure Client (Goal: end of October 2021??)

    • Target audience: developers
    • Guard support
    • Stream Isolation
    • High test coverage
    • Draft APIs for basic usage
    • Code cleanups
    • and more...

  • Arti 0.1.0: Okay for experimental embedding (Goal: Mid March, 2022??)

    • Target audience: beta testers
    • Performance: preemptive circuit construction
    • Performance: circuit build timeout inference
    • API support for embedding
    • API support for status reporting
    • Correct timeout behavior
    • and more...

  • Arti 1.0.0: Initial stable release (Goal: Mid September, 2022??)

    • Target audience: initial users
    • Security audit
    • Stable API
    • Stable CLI
    • Stable configuration format
    • Automatic detection and response of more kinds of network problems
    • More performance work
    • and more...

  • Arti 1.1.0: Anti-censorship features (Goal: End of october, 2022?)

    • Target audience: censored users
    • Bridges
    • Pluggable transports
    • and more...?

  • Arti 1.2.0: Onion service support (not funded, timeframe TBD)

  • Arti 2.0.0: Feature parity with C tor as a client (not funded, timeframe TBD)

  • Arti ?.?.?: Relay support

How can I help out?

See CONTRIBUTING.md for a few ideas for how to get started.

Licence

This code is licensed under either of

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

(The above notice, or something like it, seems to be pretty standard in Rust projects, so I'm using it here too. This instance of it is copied from the RustCrypto project's README.md file.)