[1] https://gitlab.torproject.org/tpo/core/arti/-/blob/850a3c3b6...
Like the recent S wallet people the minute your software is used for anything illegal you risk extradition.
Helps to read the entire context. This means that it likely hasn't had a security audit yet, and may de-anonymize you due to a bug. It doesn't mean it's abandonware.
It is a real project and it works well. I've been building some stuff on top of it in my free time and it's generally stable. There are a few footguns in their API (namely the DataStream not flushing writes automatically) but they're actively working on everything.
There are still some rough edges and missing security features, so we don't (yet) recommend Arti onion services for production use, or for any purpose that requires privacy.
https://blog.torproject.org/arti_1_2_0_released/Especially to see some concrete code examples, as I find those easier to learn from than the current state of the docs. Especially with regard to footguns mentioned!
I’ve had a few ideas, mostly porting older projects I built in Python using the Stem library. I feel like Arti is going to be much cleaner for embedding in applications than having to also bundle the correct Tor binary… manage running it as a subprocess… etc
It is one of five sentences on the page - not some hidden message. Not sure what your point is? The flagged comment stated that it is "not real project". `Not finished` and `not real` are two different things.
> The flagged comment stated that it is "not real project". `Not finished` and `not real` are two different things.
My comment said none of those things.
These days, public goods funding of free and open software is one of the most active areas in crypto scene. They activate individual donors and organizations/DAOs to donate towards impactful non-profit projects. Quadratic funding platforms like Gitcoin are used to funnel millions of dollars to FOSS.
That said... is it really “really real” if it’s still experimental 3 years later?
This is hacker news. We hack. Even though it’s still a work in progress, we can experiment and try new things. API changes are not expected, the code you write now should work in the future when it comes out of the experimental phase.
Another thing is that some features have been partially implemented but not configurable (basically dead code for now) such as ephemeral hidden services. I spent a good few days forking and implementing that myself and am in contact with the devs to see how it could be implemented/merged in a cleaner way. Some of my code: https://gitlab.torproject.org/acheong08/arti/-/compare/main....
I wanted a socks5 proxy over a hidden service to securely expose my machine in a firewall without owning any servers in between or having to mess with port forwarding.
Now working on a new pluggable transport to tunnel tor connections over syncthing relays.
Mostly just for fun, nothing actually too useful yet