Tor May Use Bitcoin to Enable User-Friendly Onion Addresses

The Tor Project recently suggested that Blockstack may provide a solution to problems associated with onion addresses.

Tor is an anonymizing network that allows users to mask their IP addresses on the Internet. The network steers a user's internet activity through a series of Tor nodes rather than directly between two identifiable endpoints. In addition to anonymizing activity on unencrypted part of the Internet, know as the clearnet, users can also access special hidden websites, known as hidden services.

Hidden services are accessed through an onion address, concealing a server's IP address and network location. The basic issue with onion addresses is that they’re hard for humans to remember. The Tor Project’s onion service is accessed through http://expyuzz4wqqyqhjn.onion/ instead of the usual https://www.torproject.org.

Onion addresses are not human readable because they do not rely on the Domain Name System (DNS) used on the clearnet. “Onion services have such absurd names because of all the cryptography that's used to protect them,” the Tor Project post explains.

Blockstack Co-Founder Ryan Shea adds that the most obvious friction point for users is the “scariness and unwieldiness” of addresses for Tor hidden services. “With normal websites you can go to a domain name like ‘facebook.com.’ With hidden service websites on Tor, you have to go to a confusing-looking address like ‘3g2upl4pq6kufc4m.onion’. How do you find this address in the first place? How do you know you’re connecting to the right site once it has loaded?”

- Ryan Shea, Blockstack Co-Founder

Various research groups have experimented and designed secure name systems, including GNU Name System (GNS), Namecoin, and Blockstack. The Tor Project states explains that each of these systems has its own strengths and weaknesses, as well as different user models and total user experience. “We are not sure which one works best for the onion space,” the Project states. “Ideally we'd like to try them all and let the community and the sands of time decide for us.”

The Blockstack system was originally built on top of Namecoin, but the project eventually moved to the Bitcoin blockchain. According to Blockstack co-founder Muneeb Ali, there are a large number of spam-related name registrations on Namecoin, the projects’ mining is too centralized, and Bitcoin has a much larger development community.

In Shea’s view, Blockstack would be the best solution. “Blockstack is by far the most advanced and reliable decentralized domain name system out there,” the Co-Founder said. “It allows users to create their own namespaces and set their own pricing and expiration rules. It support multi-signature ownership of names and allows name owners to delegate data signing permissions to other keys.”

The first application Blockstack worked on was a decentralized namespace system called Onename, before expanding to a wider platform of decentralized applications. The collaboration was featured in TechCrunch in the summer of 2014 as a way to make Bitcoin addresses more user friendly.

- Ryan Shea, Blockstack Co-Founder

Tor plays a key role in Blockstack’s vision for a redecentralized Internet. Shea explained that the current architecture of web applications means “there’s a lot of connections and a lot of metadata that can leak, which means that IP masking is extremely important”.

IP masking is the process of obscuring one’s true IP address, which is a unique identifier tied to a user’s connection to the Internet. Tor, i2p, and Virtual Private Networks (VPN) are common methods used for masking one’s IP address.

“With Blockstack’s new wave of applications, we’re helping users move away from servers completely,” Shea said. “These applications are completely client-side, decentralized, server-less, and independent of third parties. Users are able to load up the application from either the author or a hosting peer once. Then the software lives locally and the user can use it without making connections to remote servers. The application uses a data API controlled by the user. This heavily reduces the number of outbound connections and reduces the need for IP masking.”