What we did Started with a need Physical attack, have physical infrastructure in private place in $locatin threat model: physical ceasure, tampering of hardwarde. Very specific. started to investigate, ended up in System Transparency project we should do something diskless, it’s also cheap no disk, no ceasure, no logs; better when dealing with police fortunately (or unfortunately) didn’t test with police yes nodes are running so far only received copyright abuse but we stress tested a senario where police would come, so we’re ready We can split the problem some problems not specific of stateless relay.…

Test Network Session Several members of the community have expressed interest in the existence or construction of a test network for tor. Such a network existed in the past but has since vanished. Situation of Test Network at TPI TPI has need for a test network for testing transition to arti relay. For this purpose, there is a ticket (P141) and funding on their side to 2027. The plan is to run a ctor network and slowly transition to arti relay and find out what fails.…

Schedule: 20 min brain storming 20 min structure the outcome 20 min profit Structured notes Brain storming Categories: Meeting people in-person How to work between physical meetings Fund raising and funding Meeting people in-person Valuable outcomes: Building awareness (of Tor to the rest of the world) Integrating people into Tor TPI learning what is important to the community/the world Meeting types: community gatherings 1-hour (relay operator) meetup village spread Tor in other meetups related to Tor values (more local and accessible) speaking at confrerences like DEFDON or computer science association meetups How to work between physical meetings event calendar Fund raising and funding Scope: Funding of meetings, development projects and everything else…

Exonerator? Development, issue (geko knows) TorDNSEl for ipv6? research questions? test ex torrc … ipv6? namexxx ipv6 only nodes/relays? OG-nat exit existing methods for migration are all based on dns guard nodes XXX case: ip6 in / ipv4 out path spec – ipv4 gives “economic burden” extended family where are we wrt ipv6 deployment progress? look at metrics.tpo “r” lines and “a” lines in votes and consensus Post-session analysis shows 50% of Guards are dual-stack: https://bugs.…

Intro Is a web of trust a good idea? This idea is a meta layer on top of relays, for showing who runs this network (to counter “50% of relays is operated by CIA” FUD), but being able to show the connections between relay operators Show it as web application or in a database. Internal tool: TagTor can be used for tagging who knows the relay operator. The idea is that in the future maybe we restrict flags or weights for relays we do not have any contact with.…

Availability risks detection reaction 1 consensus every hour and clients use it for 24h (it’s only fresh for that time) consensus-health list right now and prometheus, so relay ops could raise the alarm (after 6 consecutive fails) every night at midnight UTC: shared random value is generated; falls back to a shared value consensus-health list right now and prometheus, so relay ops could reaise the alarm bugs that crash relays/dir-auths (maybe possible to get induced remotely) sybil attack (running 100000 relays) dir-auths are getting on a block list dir-auths network reachability failures prometheus; consensus-health web page Dirauths being DoS’ed client bootstrap failures; consensus-health web page Integrity risks detection reaction 5 keys get busted/compromised human; canary; mail to email list; ping signal group LEAs is giving out a subpeona Security risks detection reaction Debian RNG bug Debuggging Ideas for debugging issues:…