“Rust is more secure than C. Despite our efforts, it’s all too simple to
mess up when using a language that does not enforce memory safety. We
estimate that at least half of our tracked security vulnerabilities would
have been impossible in Rust, and many of the others would have been very
and also think of how it could replace the current Tor C implementation, in a “safe” way, eventually.
After that, Arti 2.0.0 will focus on feature parity with the C tor client implementation, and support for embedding Arti in different languages. (Preliminary embedding work is promising: we have the beginnings of a VPN tool for mobile, embedding Arti in Java.) When we’re done, we intend that Arti will be a suitable replacement for C tor as a client implementation in all (or nearly all) use contexts.
Until a Debian package being available from deb.torproject.org and feature support such as onions and TransPort will probably take a while.