9f3380ca90
gp-server/src/tor.rs — the GRIM onion-service pattern on the same arti 0.43
stack (grim/src/tor/tor.rs: start_service ~:507 -> spawn/run, run_service_proxy
~:766 -> the hsrproxy setup, add_service_key ~:819 -> add_service_key):
- The till wallet's index-0 slatepack address key IS the onion identity
(HsIdKeypair via the standard SHA-512 seed expansion), so grin1 address ==
onion address. gp-wallet exposes slatepack_secret_seed() +
slatepack_address_pubkey(); unit tests prove seed -> address-pubkey and
onion(seed) == onion(grin1-decoded pubkey) equivalence both ways.
- One stable service, launched at boot when GP_GRIN1_RAIL=on and a wallet is
loaded; proxies onion:80 -> 127.0.0.1:GP_GRIN1_FOREIGN_PORT (the Foreign API
v2). Arti state/cache/keystore under <GP_DATA_DIR>/tor/, 0700 (fs-mistrust).
Startup logs the onion identity before bootstrap and again once running.
- Scope cuts vs GRIM, deliberate: no bridges/pt-client (server), no restart
supervisor (systemd owns the process lifecycle).
tests/tor_roundtrip.rs (#[ignore], network): REAL Tor round trip — real foreign
handler on loopback, onion service with a throwaway key, SEPARATE arti client
dials the .onion over the live Tor network and POSTs check_version. VERIFIED
PASSING locally in 44.5s: reply
{"id":1,"jsonrpc":"2.0","result":{"foreign_api_version":2,"supported_slate_versions":["V4"]}}