Bisq - The P2P Exchange Network

Second observation:

When I run a second Bisq instance and I try to take the offer that I make in the first Whonix workstation (the one where the Whonix gateway is on debut), I do not see any messages at all in the debug console.

But if someone (me) is connecting to Tor address in the Bisq instance, inside the Whonix Workstation, running on the Whonix Gateway, then… shouldn’t I see some evidence that it is trying to connect?

The second Bisq instance says that

Warning
You cannot take that offer because the maker is offline.

This is the error that everyone is getting recently using Bisq on Whonix. I have the debug window open (explained above), so what more can I do to help debug this?

Yes.

No.

It was tested a long time ago. See this forum thread. I didn’t re-read all posts. But if you want to pick this up, please read the full forum thread.

Folder /usr/local/etc/onion-grater-merger.d/ is persistent even in an App Qube because it’s in /usr/local. See Qubes-Whonix ™ Overview chapter Qubes Persistence in Whonix wiki.

No. The script is idempotent.

No. That would be Microsoft Windows style “re-install Windows”. Hopefully on Linux such crude fixes aren’t required.

Best to look at the short source code of /usr/bin/onion-grater-add and/or run the script in verbose mode (xtrace).

sudo bash -x /usr/bin/onion-grater-add 40_bisq

It creates a symlink to /usr/local/etc/onion-grater-merger.d/.

/usr/local/etc/onion-grater-merger.d/

Also onion-grater journal log will show which profiles are load.

The actual file created by onion-grater-merger which will be consumed eventually by onion-grater is

/etc/onion-grater.d/30_autogenerated.yml

No. The kernel will eventually but that’s very low level and very most likely not something to worry about.

That’s Qubes-Whonix-Gateway internal IP. Reachable from Whonix-Workstation.

This most likely won’t be the issue. onion-grater is generally functional. Whonix-Workstation 127.0.0.1 is redirected to Whonix-Gateway. (anon-ws-disable-stacked-tor)

onion-grater, a Tor Control Port Filter Proxy - filtering dangerous Tor Control Port commands - Design Documentation - Whonix chapter Connect to onion-grater from Whonix-Workstation ™ in Whonix wiki

Tor ControlPort

That’s most likely different. That’s the Onion Service port.

No. And it doesn’t need to because the one is Tor ControlPort the other is the Onion Service port.

Try something simpler first. Some other application that uses the Tor control protocol. Something that isn’t complex or broken.

Inside Whonix-Workstation:

tor-ctrl signal NEWNYM

That Tor control protocol command should then be visible on Whonix-Gateway with onion-grater in debug mode.

You would probably need to learn a few components beforehand.

  • Setting up a “normal” Onion Service as per Onion Services - Whonix
  • Interacting with the Tor control protocol generally.
  • Opening a Tor Onion Service using add_onion using Tor control protocol. (Maybe enough if understanding this in theory.)
  • Interacting with the Tor from Whonix-Gateway.
  • Interacting with the Tor from Whonix-Workstation.
  • onion-grater debug mode, log watching for functional things.

On which IP / port is Bisq listening inside Whonix-Workstation?

Does Bisq still use the Tor control protocol to create its Onion Service?

Does Bisq require an Onion Service nowadays?

1 Like

No, with whonix-gw as network qube the inbound connection do not get through. As inbound connections are required for Bisq to run properly, I had to completely abandon Whonix.

I’d love to see Bisq work on Whonix, but the instructions on the Whonix Wiki simply don’t work.

Yeah those instructions suck in every way. That’s why we’re debugging this. And it used to work last year, so something changed and so maybe it can be fixed.

Any progress?

1 Like

No. And none should be expected, unless contributed.

1 Like

bisq signing key recently changed. I couldn’t find any explanation for the change.

An anonymous wiki edit was suggested to update the signing key.
Bisq: Difference between revisions - Whonix

Related issue:

(Contains links to various pull requests related to Tor integration.)


Bisq 2 bug report:

1 Like
1 Like

Might be fixed at least for Bisq version 1.x.

The Bisq wiki page has been recently updated. (changes: Bisq: Difference between revisions - Whonix)

See the wiki page here:

  • Version 1.9.14: has been reported to be functional.
  • Version 1.9.15: might be broken but I only got 1 report for that. Still worth trying.
  • Version 2.x: Not worth bothering with until/if above tickets are updated, unless you are a developer.

Please test.

1 Like

Seems to be broken: [StartTor] ERRORbisq.network.p2p.network.RunningTor: Couldn't connect to Tor. net.freehaven.tor.control.TorControlError: Error reply: Command filtered

Error message may indicate an Onion Grater problem. Would require further testing to see what command is being sent.

Did some further digging.

This is the command being sent to Tor control port GETINFO status/bootstrap-phase

Then reply received: 510 Command filtered

That command happens after a bit of other back and forth control commands.

1 Like
1 Like

Seems to have done the trick. I attempted something like this but did not add the response pattern and it hung because of that by the looks of it.

1 Like

The fixed onion-grater profile is now available in all Whonix repositories.

Merged.

The onion-grater profile with Bisq2 support is now available in all Whonix repositories.

The Bisq wiki page has been updated just now. Bisq2 support should now be functional.

This was resolved.

Fingerprint on wiki:

scurl-download https://github.com/bisq-network/bisq2/releases/download/v2.1.2/387C8307.asc
gpg --keyid-format long --import --import-options show-only --with-fingerprint 387C8307.asc
Key fingerprint = B493 3191 06CC 3D1F 252E 19CB F806 F422 E222 AA02

Fingerprint I’m getting:

[workstation user ~]% scurl-download https://github.com/bisq-network/bisq2/releases/download/v2.1.2/387C8307.asc
[workstation user ~]% gpg --keyid-format long --import --import-options show-only --with-fingerprint 387C8307.asc
pub   rsa4096/02AA2BAE387C8307 2022-10-20 [SC] [expires: 2026-10-20]
      Key fingerprint = B8A5 D214 ADFA A387 A14C  8BCF 02AA 2BAE 387C 8307
uid                            HenrikJannsen <boilingfrog@gmx.com>
sub   rsa4096/5236BD2C92DF26FB 2022-10-20 [E] [expires: 2026-10-20]

Turns out wiki has fingerprint for E222AA02 instead of 387C8307:

[workstation user ~]% scurl-download https://github.com/bisq-network/bisq2/releases/download/v2.1.2/E222AA02.asc
[workstation user ~]% gpg --keyid-format long --import --import-options show-only --with-fingerprint E222AA02.asc
pub   rsa4096/F806F422E222AA02 2022-09-28 [SC] [expires: 2026-10-03]
      Key fingerprint = B493 3191 06CC 3D1F 252E  19CB F806 F422 E222 AA02
uid                            Alejandro García <alejandro.garcia@disroot.org>
sub   rsa4096/E7F08D07C72561D0 2022-09-28 [E] [expires: 2026-10-03]

Which is a problem because .deb was signed with 387C8307

gpg: assuming signed data in 'Bisq-2.1.2.deb'
gpg: Signature made Sat 19 Oct 2024 05:17:55 AM UTC
gpg:                using RSA key B8A5D214ADFAA387A14C8BCF02AA2BAE387C8307
1 Like