Goblin Build 133 - Tor transport (replaces the Nym mixnet)
The wallet's private transport moves from the Nym mixnet to embedded Tor (arti, copied from GRIM's engine): it dials the relay's pinned .onion, so the relay never learns your IP, while the relay + NIP-59 gift-wrap hide the rest - content, sender, and (via a relay-side randomized release) timing. The Grin node stays on the clear internet as before. Why leave the mixnet: the Nym free-tier bandwidth this depended on is being removed upstream (the grant expires at UTC midnight; the paid path requires holding NYM tokens), so a payments wallet can't stand on it. Tor is unmetered, embedded in-process on mobile, faster where users wait, and lighter on the battery. Preserved intact: the confirm-before-sent guard, relay-gated readiness, and the lazy warm-on-activity node polling. src/nym/ is feature-gated off (arti and nym-sdk can't share one binary); full removal is a follow-up.
This commit is contained in:
+38
-11
@@ -31,6 +31,17 @@ lto = true
|
||||
codegen-units = 1
|
||||
panic = "abort"
|
||||
|
||||
[features]
|
||||
## Default build uses the Tor transport only. The `nym` feature gates the dormant
|
||||
## mixnet path (src/nym/). Cargo resolves OPTIONAL deps into the graph too, so
|
||||
## nym-sdk cannot merely be `optional` — it links a different libsqlite3-sys than
|
||||
## arti (a native-lib `links` conflict Cargo rejects at resolution). The nym
|
||||
## path-deps are therefore commented out below; the module code is retained on
|
||||
## disk but building `--features nym` requires restoring them (and drops arti —
|
||||
## the two transports cannot coexist in one binary, which is why Tor replaced Nym).
|
||||
default = []
|
||||
nym = []
|
||||
|
||||
[dependencies]
|
||||
log = "0.4.27"
|
||||
|
||||
@@ -124,18 +135,34 @@ rustls = { version = "0.23", features = ["ring"] }
|
||||
tokio-rustls = { version = "0.26", default-features = false, features = ["ring"] }
|
||||
webpki-roots = "1"
|
||||
|
||||
## Nym mixnet, linked IN-PROCESS (no sidecar subprocess, no bundled binary).
|
||||
## Tor — embedded arti (the DIALING half only: connect OUT to the relay's .onion,
|
||||
## and to clearnet HTTP hosts through a Tor exit). Copied from our sister wallet
|
||||
## GRIM's proven, shipping engine. Two choices inherited VERBATIM from GRIM: arti
|
||||
## 0.43 across the family, and the native-tls Tor runtime (TokioNativeTlsRuntime),
|
||||
## NOT rustls — this deliberately sidesteps the rustls/ring crypto-provider
|
||||
## conflict fought during the Nym era (our relay/HTTP rustls still uses ring, see
|
||||
## lib.rs; arti's own TLS is native-tls and never touches the rustls provider).
|
||||
## `static` vendors openssl (self-contained Android/cross builds, as GRIM ships);
|
||||
## `onion-service-client` enables dialing .onion. We drop GRIM's `pt-client`
|
||||
## (bridges) and `onion-service-service` (hosting) — Goblin only dials.
|
||||
arti-client = { version = "0.43.0", features = ["static", "onion-service-client"] }
|
||||
tor-rtcompat = { version = "0.43.0", features = ["static"] }
|
||||
|
||||
## Nym mixnet — DORMANT since the Tor transport swap. The mixnet path (src/nym/)
|
||||
## is retained on disk but its deps are COMMENTED OUT, because arti's `tor-dirmgr`
|
||||
## needs libsqlite3-sys 0.34 (rusqlite 0.36) while nym-sdk's credential-storage
|
||||
## needs libsqlite3-sys 0.30 (sqlx) and BOTH link the native `sqlite3` library —
|
||||
## Cargo forbids two packages linking the same native lib, and it rejects this at
|
||||
## RESOLUTION even for optional/unused deps. The two transports therefore cannot
|
||||
## coexist in one binary (exactly why Tor replaced Nym). To build the old path,
|
||||
## restore these three deps and build `--features nym` (which then drops arti).
|
||||
## Full deletion is a later phase; for now the code stays on disk for reference.
|
||||
## Path deps into the local nym checkout, PINNED at rev
|
||||
## f6ed17d949cc19fee0fb51db3cb65771fd510d5b: it carries the load-bearing local
|
||||
## commit "http-api-client: preconfigured webpki roots on Android". Do not
|
||||
## float the checkout past that rev without re-verifying the Android build.
|
||||
nym-sdk = { path = "../nym/sdk/rust/nym-sdk" }
|
||||
## smolmix: TCP/UDP tunnel over the mixnet with an AUTO-SELECTED IPR exit —
|
||||
## the single-network-requester SPOF is structurally gone (plan G14).
|
||||
smolmix = { path = "../nym/smolmix/core" }
|
||||
## mix-dns wire codec. Already in the dependency graph via nym-http-api-client
|
||||
## (Cargo.lock), so we reuse it instead of vendoring a DNS encode/parse.
|
||||
hickory-proto = { version = "0.26", default-features = false, features = ["std"] }
|
||||
## f6ed17d949cc19fee0fb51db3cb65771fd510d5b ("http-api-client: preconfigured
|
||||
## webpki roots on Android").
|
||||
# nym-sdk = { path = "../nym/sdk/rust/nym-sdk" }
|
||||
# smolmix = { path = "../nym/smolmix/core" }
|
||||
# hickory-proto = { version = "0.26", default-features = false, features = ["std"] }
|
||||
|
||||
## NIP-98 payload hashing
|
||||
sha2 = "0.10.8"
|
||||
|
||||
Reference in New Issue
Block a user