A quick glance at the code shows that ADD_ONION (i.e. "ephemeral"
onion services) doesn't support setting an Onionbalance
frontend/master onion address (specifically
https://gitlab.torproject.org/tpo/core/tor/-/issues/32709 doesn't seem
to have a control-side analogue). Would a feature request for
"That said multiple layers of crypto cannot hurt, Facebook for example
uses this approach."
The first part is not strictly true. For the second part, FB uses an
identity-verified EV cert from a known CA to let their users confirm
their identity, not for increased encryption. Creating an onion
I am no expert here, but I'm confused by "the client connecting to the
service knows the service's private key". Why not just create an onion
service (per contact) and then use the client authentication feature
to ensure they share the same secret? Client auth is built in to
discovery and from
I posted it on /r/TOR but figured I'd post it here too:
https://github.com/cretz/bine
I built it because I have plans to use it in another project. In
general it does what Stem does. I did incorporate V3 onion service
generation in there and am happy to say it publishes much faster.
Also, I have