11111111111111111111
Although might be interesting, it’s website says it uses coinjoin
, which in my opinion has some risks, which are documented here:
For now, unsupported.
But perhaps someone will figure it out.
You could probably redirect local traffic going to wasabi’s Tor port to the gateway using iptables.
Maybe something like
iptables -A PREROUTING -i lo -p tcp -m tcp --dport $wasabi's_port -j REDIRECT --to-ports $gateway_port
I’ve never tried this though and it’ll probably break.
That’ll likely still make Tor over Tor happen as it’ll probably make its own Tor client open up a new Tor SocksPort. I’ve never used wasabi though so I may be wrong.
iptables is problematic for that.
We have anon-ws-disable-stacked-tor for that. User documentation:
westtimer via Whonix Forum:
Could I ask you a couple questions to see if im on the right track.
What is roughly required, see this thread:
Identifying and prevention of starts of its integrated Tor binary wasn’t
easy to figure out (
Bisq: The P2P Exchange Network )
checklist:
- minor importance for now, a better port number as per:
Stream Isolation - local redirection of Tor port to Whonix-Gateway
- Is Tor ControlPort access required? If yes, onion-grater profile required.
- Does it have a mechanism to start Tor (that actually still works in
Whonix, unlikely) or does it come with its own built-in Tor? Compareps aux
before and after starting the application. find/grep the source
code, ask upstream developers.
Not rocket science but usually no one is up for it.
In case of bisq I only started working on it 7 months later due to a
professional support request.
So seeing as Wasabi Wallet detects and uses tor on
127.0.0.1:9050
10.152.152.10:9050
10.152.152.10:9111
because whonix supplies tor to them socks, what would be the best in terms of isolation. Im assuming the last one due to nothing tor wise would be running on that port whereas the first two the hole default system would be piped to them and port 9111 was opened for electrum according to the isolation port table on the support page of whonix.
I am interested in this also. How is it going with wasabi? can you confirm that it does not spin up its own tor and connects to tor through whonix? have you seen any other usability problems?
do you know how to tell if wasabi is using whonix’s tor or creating its own tor instance?
You could try running sudo ps aux
and looking for a Tor instance.
by checking the log files for tor log file and main log file.
Im 99.9 sure, I have ran many tests.
Works seemlessly.
Hello.
There have been multiple posts regarding Wasabi Wallet 2 (WW2 for short) working on Whonix:
So I assume that people want to run WW2 on Whonix but as far as I know it cannot work correctly at the moment and there are reasons for that.
WW2 supports running over Tor (bundled in WW) or over clearnet. However, one cannot simply run WW2 on Whonix and set up WW2 to send its API requests over clearnet because the requests are supposed to be isolated which is not what would happen. By isolation I mean that especially registering of input coins is done by WW2 in a way that each coin is registered by a new Tor circuit. This would not work correctly over clearnet.
So what remains is to set WW2 to run over Tor. This does not work either because Tor is bundled in WW2 and as such it would lead to Tor-over-Tor situation.
So say the goal is to is to run WW2 with Tor enabled. Recently, there have been some changes:
- It is possible to specify
--TorSocksPort
and--TorControlPort
thanks to Tor: Configurable ports by kiminuo · Pull Request #11997 · zkSNACKs/WalletWasabi · GitHub. - It is possible to specify
--TorFolder
where a non-bundled Tor to run over is located. See Tor: Add support for bridges by kiminuo · Pull Request #12749 · zkSNACKs/WalletWasabi · GitHub.
Now the question still is how to make WW2 and Whonix work together. It would be very helpful to know answers to the following questions:
Is it possible to point WW2 to a Tor SOCKS5 port and a Tor Control port exposed by Whonix? I mean is it possible? If it is, is it how people should do it? If not, what would be a correct approach to make WW2 & Whonix together given that WW2 needs to control Tor circuits the app uses?
Thank you!