On Fri, Dec 11, 2020 at 12:31 PM Zaphoid Zaphoid@protonmail.com wrote:

Greetings Tor-Dev,

I've watched Nick's presentation on State of the Onion and have read the "Tor in 2021" blog post searching for more details on A Rust Tor Implementation (ARTI). I think Rust is a fascinating language and looking to further my knowledge of it and Tor's internals as they are developed.

Hi, Zaphoid, and thanks for the email!

The official repository is at https://gitlab.torproject.org/tpo/core/arti/ ; most of the info on it is there.

I understand that some Rust implementation is available in the source repository. What I am looking for is a road-map or planned outcome. Could anyone advise if the intent is to completely re-write the Tor client in Rust? Or, is the project's goal to rewrite specific components?

[tl;dr: All these plans are tentative and subject to change. I would _like_ to eventually replace all of our C with Rust, but that is going to take a long time, and will depend on resources. For now, we're going to continue supporting the C code, and we plan to do so at least until the Rust code is ready to replace it. There is no timeline.]

Okay, so first: this is still an experimental project, so I can't make promises. I don't know how it's going to go, and I'm still learning Rust myself.

Also, Tor's plans are always, and forever, at least a little flexible and amorphous. Our only _permanent_ plan is that we will defy all obstacles to use whatever resources we have to bring stronger privacy to the world. Other plans are always subsidiary to that, and dependent on our resources. [Please donate to our end-of-year fundraising campaign if you can, everybody.]

With those disclaimers aside: I do _want_ to eventually replace the C version of Tor as a client, for most users, with a Rust implementation. Eventually, if that works out, I'd like relays and authorities to be written in Rust too.

The motivation here is not just for the additional safety and performance that Rust can bring us. For me, the most important reason to move towards Rust is maintainability. Rust gives us tools that make it much easier to write a maintainable, well-structured, well-tested set of programs, and to develop those programs in the future. I'm confident that a Rust implementation of Tor would still be comprehensible and maintainable by a different set of programmers in 20 years; I don't have the same confidence about a C implementation.

Of course, that won't be easy. (I know. I've been working on the C version since 2002, so it would be a bit shocking if the Rust version replaced it right away.) We have to choose where to spend our time, and we can't walk away from the C while it's still our best implementation. We'll be supporting the C version of Tor for the future, I think -- probably for quite a few years. It's possible that at some point the two implementations will converge, but that might be tricky: the C implementation's structure is not really conducive to having parts of it replaced.

So where are we now, and what's the roadmap?

Right now, if you know how to download and compile Rust programs, you can build Arti. It can run as a SOCKS proxy and use the Tor network. I wouldn't recommend it for serious use yet: it doesn't support onion services, guards, bridges, and a lot of other security features that Tor provides, and it's still pretty early in development. As they say, "When it breaks, you get to keep both pieces."

Over the coming months, I want to work to close the gap between Arti and C Tor. There's an approximate list of the stuff we'll need to do in order to get there in the TODO file in the Arti repository. (No guarantees that I haven't forgotten anything) How fast we can make progress on this work is dependent on how much of our time we can spend on it, and how many people can help us out. So if anybody here is interested in Rust, why not have a look at the codebase, and see what you think?

(Also, there's no need to name any of my software in all-caps. It's just "arti" for now, or "Arti" if you really like to capitalize proper nouns.)

best wishes,