Add Tor icon #86
Add Tor icon #86
Conversation
|
Moved from bitcoin/bitcoin#19926 as requested by @fanquake. |
src/interfaces/node.cpp
Outdated
| @@ -87,6 +87,12 @@ class NodeImpl : public Node | |||
| } | |||
| } | |||
| bool getProxy(Network net, proxyType& proxy_info) override { return GetProxy(net, proxy_info); } | |||
|
|
|||
| bool hasTorOnlyConnections() override | |||
There was a problem hiding this comment.
would it make sense to expose this bool over rpc as well?
There was a problem hiding this comment.
|
Concept ACK. If one adds a non-TOR node via |
No. UPDATE: changed in #86 (comment) |
Thanks! I think for TOR only,... it's very important that users can't end up with the icon "confirming" tor-only when the actually have non-tor connections. |
|
@fanquake @MarcoFalke Is this PR in its current state (with net part refactoring) placed in this repo correctly? |
|
Concept ACK. Not tested, code looks pretty straight forward. I would maybe rename tor_connected to tor_only_connections or something like that to reflect that all connections are via tor. |
There was a problem hiding this comment.
Concept ACK and code review ACK of the net code changes. I've left a bunch of style comments, which you can feel free to ignore, but might be good to address if you have to touch the branch again.
I'm not familiar with the qt code, but I've skimmed the changes and they seem fine.
|
Updated 01fb75e -> 6549abc (pr86.04 -> pr86.05, diff):
The icon name is used only once, and there is the only Tor icon in the repo. I'd keep the more general name for now. |
This disables listening, so could be with OR without:
|
Currently, only the |
|
ACK, looks good on windows 10. Though I did have to add the below to my .config file - it would be ideal if the user did not have to do this.
A quick note, this was the first PR I have reviewed and as non super technical designer, I did not find the process too difficult - I will be making a concerted effort with the Bitcoin Design community to get more reviewers looking at these kind of PRs. |
|
Code review ACK 6549abc (node changes only. Did not fully review qt changes) |
@Bosch-0 if you have tor configured and running, running the default configuration of Bitcoin Core should automatically start an onion service. See "3. Automatically listen on Tor" in |
Correct. But the default setup does not prevent non-onion connections. Therefore, the Tor icon will not be shown to a user. |
|
The additional configuration is if you only want onion connections. |
Correct. |
Why is this not recommended? |
Edit: don't let this hijack the PR! Concept ACK. |
I think for the very reason that it risks partitioning the network, and less educated users may think that there is a greater benefit than there really is, we shouldn't have an icon to indicate an onion only mode (this PR doesn't do that).
Outgoing connections is default, incoming connections are optional. For outgoing connections, you can set a proxy command in the conf file to put all connections behind tor, or set For incoming connections, since Tor version 0.2.7.1 and Core 0.12.0, Core can create and destroy ephemeral hidden services programmatically. |
There was a problem hiding this comment.
tACK 6549abc with notes for followup
We can decide in another PR whether to encourage Tor more, as well as make it less painful to correctly configure.
Tested on macOS 10.15.6 with the Tor proxy configured in the GUI (using port 9150 which the Tor browser offers), -onlynet=onion and -listen=0.
Note that the Tor icon won't appear until at least one peer is connected. This is the same behavior as connections_tor_only in getnetworkinfo (uses the same code).
I didn't try launching a hidden service; someone running Linux should.
In light of the 727af0f refactor, I also tested that setnetworkactive still works with bitcoin-cli and from the GUI console.
In the event this PR doesn't make it, there's some useful refactoring commits that should be salvaged.
| @@ -854,19 +852,6 @@ void RPCConsole::updateNetworkState() | |||
| ui->numberOfConnections->setText(connections); | |||
| } | |||
|
|
|||
| void RPCConsole::setNumConnections() | |||
| { | |||
| if (!clientModel) | |||
There was a problem hiding this comment.
Was this check already superfluous?
src/net.cpp
Outdated
| @@ -2598,13 +2598,16 @@ ConnCounts CConnman::ConnectionCounts() | |||
| { | |||
| int num_in{0}; | |||
| int num_out{0}; | |||
| bool tor_only{false}; | |||
There was a problem hiding this comment.
Maybe this should be an Optional, but I don't care deeply.
src/rpc/net.cpp
Outdated
| @@ -544,6 +544,7 @@ static UniValue getnetworkinfo(const JSONRPCRequest& request) | |||
| obj.pushKV("connections", conn_counts.all); | |||
| obj.pushKV("connections_in", conn_counts.in); | |||
| obj.pushKV("connections_out", conn_counts.out); | |||
| obj.pushKV("connections_tor_only", conn_counts.tor_only); | |||
There was a problem hiding this comment.
connections_tor_only should be documented in the RPCResult above
There was a problem hiding this comment.
Also, the RPC and net changes are not gui related, so should go into the main repo
There was a problem hiding this comment.
Done in bitcoin/bitcoin#20172.
src/net.cpp
Outdated
| for (const auto& pnode : vNodes) { | ||
| pnode->IsInboundConn() ? ++num_in : ++num_out; | ||
| if (!pnode->addr.IsTor()) tor_only = false; |
There was a problem hiding this comment.
I didn't test if IsTor() behaves correctly when you have an inbound connection via a hidden service.
There was a problem hiding this comment.
I didn't test if
IsTor()behaves correctly when you have an inbound connection via a hidden service.
No, it doesn't. Going to rework his code.
There was a problem hiding this comment.
If it's too tedious, I'm fine with the current change and just leaving correct handling of hidden service as a (well documented) TODO. At least this PR shows the Tor icon in a subset of acceptable circumstances.
There was a problem hiding this comment.
The solution suggested by @laanwj submitted in bitcoin/bitcoin#19991.
| updateNetworkState(); | ||
| if (conn_counts.onion_only) { | ||
| m_tor_icon->setPixmap(platformStyle->SingleColorIcon(":/icons/tor_connected").pixmap(STATUSBAR_ICONSIZE, STATUSBAR_ICONSIZE)); | ||
| m_tor_icon->setToolTip(tr("All connections are <b>via Tor</b> only")); |
There was a problem hiding this comment.
How about "All current connections are via Tor only"?
There was a problem hiding this comment.
I don't think the logic makes sense as-is.
I see two possibilities for a Tor icon:
- Tor is working and usable (reachability).
- All connections, even hypothetically, will be only via Tor (network privacy).
Right now, it's "all connections at the moment happen to be via Tor", which seems relatively useless - it doesn't guarantee network privacy, nor reachability. What good is it?
IMO the icon should probably be tri-state: "off", or either scenario listed above.
|
Agree with @luke-jr here. I'd suggest the first one, "Tor is working and usable on this node", and not focus on the onion-only aspect for the reasons described above in #86 (comment). We may also want to distinguish between outbound (onlynet=onion) and inbound onion connections. The tooltip needs to be precise and clear about what the icon states signify. |
|
I was hesitant to make an argument because I don't review code, but as my comment (#86 (comment)) indicates above, I agree with @luke-jr and @jonatack as well. I would need someone else to analyze the partitioning risks of many nodes possibly going onion only, I don't know enough to do so myself. But I prefer the 'tri-state' option to Jonatack's dual-state because it would be nice for user's to know if they (1) have configured their HS properly and/or (2) have Tor only settings achieved. |
Currently we can't "guarantee" this because we always have a listening port for clearnet. bitcoin/bitcoin#20234 would make it possible. With that PR, if Also, something to consider - once we have I2P connectivity, if "all connections, even hypothetically will be only via Tor or I2P", should we then display both Tor or I2P icons or none of them (wrt the 3rd state "network privacy")? |
|
The combination ""All connections, at the moment happen to be via Tor" && "All connections, even hypothetically, will be only via Tor" makes sense as the boolean. A tristate works for me too, if there's actually a way to verify reachability. |
What about a HS with
Probably should be both, but maybe re-word the tooltip text from "All connections will be only via Tor" to something like "Clearnet connections are disabled for all connections. Tor is enabled) so there's no error in logic when one or both is enabled. |
But yes, just |
|
We could expand the behavior of Currently: |
I don't think this is true, because when I set
I believe this was discussed here: bitcoin/bitcoin#13436 |
|
Alright, I was halfway wrong.
^ this is not true, as you have observed. However the following is true:
I guess this can be considered as a bug because it will (I guess) advertise |
That discussion was before we had a separate Tor port (binding to 127.0.0.1). |
Ah, ok. IMO, that seems like it would be the easiest for the end user and also for this PR. Not sure how changing it would interact with other current network setting configurations we have. |
|
🐙 This pull request conflicts with the target branch and needs rebase. Want to unsubscribe from rebase notifications on this pull request? Just convert this pull request to a "draft". |
|
I think @luke-jr's Tri-state should be combined w/ @jonatack's inbound/outbound distinction. Discussed more here: #110 (comment) Is @vasild's bitcoin/bitcoin#20234 still a blocker for this? How does that work with/without expanding the behavior of |
|
Edit: I feel less strongly about the concept of a Tor icon in general. Definitely supportive of switches in the GUI to help end users set up permanent configurations of connection types (#110 (comment)). But, if the user has done that, they should know what their connections are like. The icon possibility set is just too much. Tor incoming, both proxy and tor outgoing...etc. We would either need far too many icons, or the icons would only apply in rare scenarios (Would you give someone a Tor icon if they only have Tor outgoing and Incoming disabled? What about Tor outgoing and Proxy incoming? Or Tor outgoing and Tor incoming?)... This would get more complicated when I2P support is added. Maybe just have an icon for "My connections are only using privacy networks" as suggested by @kristapsk (bitcoin/bitcoin#20172 (comment)) |
There was a problem hiding this comment.
Concept ACK, Tested bd8df33 on macOS 11.1 with Qt 5.15.2
Tor Only: Tor Icon Shows
Tor and IPv4 Connection: Tor Icon Does not Show (intended)
Thoughts on the discussion had so far:
This is part of a bigger discussion, but it would be a good feature to represent the connection type in the form of an Icon, for all connection types. The Tor icon is one step towards this. While outside the scope of this PR, I would propose an Icon for each network type to show.
Specifically concerning the Tor Icon:
I think that the Tor Icon should show ONLY when ALL of our connections are Tor (Like this PR implements). Perhaps we show a (to be designed) Fusion icon when you have a combination of Tor and another network type like IPv4.
|
@hebasto What's a use case for this? |
|
Closing. Leaving it up for grabs. |
New behavior:
Designer: Bosch-0
Icon PNG file is optimized with
optimize-pngs.pyFix bitcoin/bitcoin#7734
Fix #58
Screenshots:
Based on bitcoin/bitcoin#20172 (the first five commits).