https://spec.torproject.org/proposals/354-relaxed-restrictions.html
This is a proposal to simplify the usage of Family, Subnet, and custom
path restrictions in Arti, so that clients don't reveal information
about their Guards or Bridges by way of which relays they use, or don't
use, in circuits.
The meat of the proposal is that Arti's circuit path construction will
satisfy the following rules:
1. Choose the Exit, HSDir, IP, or RP without considering restrictions
2. Choose Guard, Bridge, and Vanguards hops without considering
restrictions
3. Choose any remaining middle nodes such that subnet, relay family, and
user family restrictions apply with respect to the next hop (Exit,
HSDir, IP, or RP)
4. Reject any resulting circuits with A-A and A-B-A sub-paths
5. If building a conflux leg: Reject any circuits that share relays with
the other conflux leg(s) in the current conflux set.
This simplifies path construction logic and avoids many pitfalls and
information leaks caused by restriction use. These pitfalls and
information leaks are documented in the proposal.
The spec ticket in gitlab will remain open for comment until April 2, 2025:
https://gitlab.torproject.org/tpo/core/torspec/-/issues/307
Comment here is also acceptable.
--
Mike Perry
_______________________________________________
tor-dev mailing list -- tor-dev@lists.torproject.org
To unsubscribe send an email to tor-dev-le...@lists.torproject.org
