Easier Configuration for Permanent Proxy and Tor only Connections

[Rspigler]

This is based off discussion here: #86 (comment)

Essentially, we have icons that are indicators of current node connections (Proxy, Tor), but no switch/checkbox in the GUI saying "set up and keep my connections secured this way permanently".

We have some settings exposed to the GUI, and I think we should expose more, but I also think we should offer sort of 'bundled' options. For example:

There's no onlynet=onion button. And there's only a Allow incoming connections button. IMO, there should be something that says, Set all Connections Through Tor. And sets onlynet=onion listen=0 listenonion=1. However, a user needs to set up a HS first to be able to do this, so if getnetworkinfo doesn't detect a local address, this should be unable to be selected. And there can be a 'learn more' or 'help' button, which directs to the Tor docs (which I know people are working on) (bitcoin/bitcoin#19961).

So, this would still allow any user to set up any configuration they like, but allows for users to properly configure more popular/usual configurations.

We might need to have a security discussion, on the risks of encouraging large parts of the userbase to only have Tor connections, and if that increases risks to partitioning the network.

But there are other setups as well I can think of.

If there is no HS, a user might want to set up a Proxy. Right now, setting up a proxy is a bit buggy through the GUI.

Checking "Connect through SOCKS5 proxy" doesn't uncheck "Allow incoming connections". But I know setting proxy in bitcoin.conf by default sets listen=0. So is listening not actually being disabled when set through the GUI, or is this just a GUI bug?

If a user has a HS, and wants to turn on the proxy, currently clearnet incoming connections would be made, IIUC. This is because with proxy=127.0.0.1:9050 and listen=1, outgoing connections will be made to HS's and through the proxy to all node types. Incoming connections will be to the HS and clearnet. This could be, of course, what the user wants. But only withbind=127.0.0.1 will there be no clearnet incoming connections. I could see a user trying to set up as private a node as possible, setting up a HS, and clicking 'Proxy' in the settings, not knowing what they are doing - which would actually open up clearnet connections. Should there be another 'bundled' setting option? - Maybe something like "Tor & Proxy; No Clearnet"?

All these options are definitely complicated from a user interaction POV, and hopefully there's a way to integrate it all that makes it more digestible. Maybe a 'Default Connections Settings' section with the checkboxes "Tor Only", "Proxy", etc, and then below you can see what it is doing when it is checking/filling in the more detailed individual settings (Like how checking 'default proxy' works now).

Or perhaps it can be of a future version on the Onboarding Wizard (#81 ) Bosch is working on (something like, what kind of outgoing connections would you like to have? What kind of incoming connections)?

Open to suggestions!

[Bosch-0]

Privacy by default intuitively should be the standard though for Bitcoin I think the concerns are valid enough to not make default privacy 'too easy' to activate. I do agree though with clarifying how these settings are displayed with something like 'Set all Connections Through Tor.'

Eventually it would be good to have the settings separated into some simple config settings (launch on startup, blockfilterindex etc.) and some advanced options (Connect through Tor/proxy, switch networks etc.). Those who need the additional privacy shouldn't mind taking an additional few steps (though making this an easy additional steps should also be a goal). It should also be communicated to the users the meta network wide issues of having an only Tor nodes (e.g. network partitioning) as I believe many users run nodes to strengthen the network and may not realize this caveat

However, a user needs to set up a HS first to be able to do this, so if getnetworkinfo doesn't detect a local address, this should be unable to be selected. And there can be a 'learn more' or 'help' button, which directs to the Tor docs (which I know people are working on) (bitcoin/bitcoin#19961).

+1 this suggestion.

[Rspigler]

Coming back to this. I think this is a better way to do this:

I think @luke-jr's Tri-state should be combined w/ @jonatack's inbound/outbound distinction from #86. This makes sense to me, from a design POV, when thinking of how to implement options for clearnet and proxy connections as well. I don't know what @Bosch-0 thinks.

For example, in a connections window, you could have users presented with

Connection Type	Outbound	Inbound
Clearnet	Disabled Enabled/Exclusive	Disabled/Enabled/Exclusive
Proxy	Disabled/Enabled/Exclusive	Disabled/Enabled/Exclusive
Hidden Service	Disabled/Enabled/Exclusive	Disabled/Enabled/Exclusive

The default would then be Clearnet Outbound set to Enabled. Everything else Disabled, with the ability to change greyed out. (Tor is most likely installed, if so, you can change the Proxy Outbound values like you already can in the GUI). You could have a Help button next to Inbound pointing to docs showing how to port forward, and a Help button next to Hidden Service and possibly Proxy (if no Tor installed) pointing to our Tor docs (which are being improved here: (bitcoin/bitcoin#19961)

Once inbound connections are detected, the Inbound options could be enabled, and once getnetworkinfo detects a local address, the Hidden Service options can be enabled. (Inbound HS would need /both/ Inbound & Hidden Service enabled).

This could perhaps be a part of Bosh-0's iterative onboarding wizards.

This will also affect the icons (for the better I believe), because it will allow for more flexible setups. But will there be an icon for Tor only outbound? Proxy only inbound? etc.

Edit: Embarrassing formatting attempts.

[Rspigler]

Actually, Exclusive is just redundant, confusing, and crowding, since all it would do is set the others to Disabled. Much easier to simply have a Disabled and Enabled option.

Connection Type	Outbound	Inbound
Clearnet	Disabled/Enabled	Disabled/Enabled
Proxy	Disabled/Enabled	Disabled/Enabled
Hidden Service	Disabled/Enabled	Disabled/Enabled