Guide: How to run a local BC hidden service?!?
Setup: Advanced (TL;DR install Tor, configure hidden service, reconfigure BC, etc.)
Time: ~45 minutes
Privacy: High (hides you completely behind other Tor nodes, you operate your own node)
It's recommended to do the previous tutorial first: 2 How to run BC with Tor nodes connected only - this will speed things up. This tutorial is quite similar but with some extra steps.
Now that Onion V3 functionality is in the stable release version of Tor, but BitcoinConfidential don't work with V3 so please use V2 Onion
Step by step:
Step1: Get the latest version of the Tor Browser Bundle from the tor project website: https://www.torproject.org/projects/torbrowser.html.en
Make sure you get the latest version, chose any language you like but I recommend en-US. Some operating systems like linux may have the tor browser in their repositories, check them out, this simplifies upgrades. But make sure they always offer the latest version.
Step2: Install the browser bundle, start it and hit connect. You will see a window popping up which shows the status of the Tor connection and it will open the browser as soon as it is connected.
Step3: Navigate to http://expressobutiolem.onion/blog/best-onion-sites-on-dark-web/ with the Tor browser. If you see the website, your Tor was set up correctly!
Step4: Shut down the Tor browser. We need it later, but have to configure the hidden service first.
Step5: Generating a Vanity .onion Address
sudo apt install build-essential libssl-dev git clone https://github.com/ReclaimYourPrivacy/eschalot.git cd eschalot make ./eschalot -vp bc -t 6 > bc.txt
In less than a minute the program found a hash matching the "bc" search prefix and generated a public/private keypair for it.
view content of output file with
cat bc.txt ---------------------------------------------------------------- bc4cvkj6j7tp44to.onion -----BEGIN RSA PRIVATE KEY----- MIICXAIBAAKBgQC5oUuk4oUBXvZqniCJZykvL0ogUg9wGetcD1dSSYiKP+iPS15o umxpZy5dO5Jrfp8wYFp4tVsWLsQkOADnxtLyrKo+Nb/T1zivPmAX7b3KCpSsKF/3 fEFVM85u1RDmGTuDs7m4S3fBfaPgsWVp9inkJvJnF/Tkc/oky2AQktJB+wIEAQAF awKBgEKbghgXlqgIec0a9IwoNSChhfH3PSMlzdfuPXPeItsYnveDgRewZ/1+zUxQ jZ1ndjbwSMsxoDWIZTGWjY4TPMtmNgaZ5CZRpiYn9WUo0yctQarCwvMzhSEiVFmX optqnCUqAQNv3ZxkVhHKFlAY3J2wK7yFzi1a6jGFcCv9yOtLAkEA5k0Kib64LQ6a 79MF9NMkw3b3mJJM4QmDQWpLdOhDHrrSKq5saHSTwqxa46XoGyAXQ/45EjDIqIl4 5pTpQ22jfwJBAM5YJo0nr+nUWOi+DgBvIJUexsBe60x9D6qFzLmPD/vXctvuYpIz dj1GN1MGKuZZr0ncjqfTJgowlu2A2SIoL4UCQBLlYNNtIOedfN4V8wNAV0i4dC4B 6186K6KfFSf/wE9jM+/gnW9eUw/npN4JtBWaNNcdSGv1JAm+T1etVOXTKYkCQC8x 14VuVC0axDWwmM1StM+fu4InAD0c3/PgjIp3p7fX/leKws37wCLTaib9oV/6uFJ2 /KpY/q5JRhVldEZwL+cCQAmsREadr8KDQu0gnpRzby+64+5sEuX4toKQwYPmrlk0 rvY0L13vqmgkWHoDL0r6F1PXA23XKoSVrrTYywZHoHQ= -----END RSA PRIVATE KEY-----
Step6: Create a directory for your hidden service, this will store the keys and hostname for your onion address later. For example:
$mkdir -p /home/yourusername/onion/bitcoinc
Make sure you create it with normal user permissions (here: yourusername), meaning the same user as the one who will run the Tor browser bundle.
Create the `private_key` file inside this directory with the content
-----BEGIN RSA PRIVATE KEY----- MIICXAIBAAKBgQC5oUuk4oUBXvZqniCJZykvL0ogUg9wGetcD1dSSYiKP+iPS15o umxpZy5dO5Jrfp8wYFp4tVsWLsQkOADnxtLyrKo+Nb/T1zivPmAX7b3KCpSsKF/3 fEFVM85u1RDmGTuDs7m4S3fBfaPgsWVp9inkJvJnF/Tkc/oky2AQktJB+wIEAQAF awKBgEKbghgXlqgIec0a9IwoNSChhfH3PSMlzdfuPXPeItsYnveDgRewZ/1+zUxQ jZ1ndjbwSMsxoDWIZTGWjY4TPMtmNgaZ5CZRpiYn9WUo0yctQarCwvMzhSEiVFmX optqnCUqAQNv3ZxkVhHKFlAY3J2wK7yFzi1a6jGFcCv9yOtLAkEA5k0Kib64LQ6a 79MF9NMkw3b3mJJM4QmDQWpLdOhDHrrSKq5saHSTwqxa46XoGyAXQ/45EjDIqIl4 5pTpQ22jfwJBAM5YJo0nr+nUWOi+DgBvIJUexsBe60x9D6qFzLmPD/vXctvuYpIz dj1GN1MGKuZZr0ncjqfTJgowlu2A2SIoL4UCQBLlYNNtIOedfN4V8wNAV0i4dC4B 6186K6KfFSf/wE9jM+/gnW9eUw/npN4JtBWaNNcdSGv1JAm+T1etVOXTKYkCQC8x 14VuVC0axDWwmM1StM+fu4InAD0c3/PgjIp3p7fX/leKws37wCLTaib9oV/6uFJ2 /KpY/q5JRhVldEZwL+cCQAmsREadr8KDQu0gnpRzby+64+5sEuX4toKQwYPmrlk0 rvY0L13vqmgkWHoDL0r6F1PXA23XKoSVrrTYywZHoHQ= -----END RSA PRIVATE KEY-----
Now you have to configure the torrc file of the Tor browser. Search it. (On MacOS it locate here ~/Library/Application Support/TorBrowser-Data/torrc )
Mine is located at:
~/Library/Application Support/TorBrowser-Data/torrc
(on Mac OS below step are how to locate torrc file )
- Open Finder
- Press Command, Shift, G
- Enter this command: ~/Library/Application Support/TorBrowser-Data/Tor
Add this to the end of config file (torrc)
HiddenServiceDir /home/yourusername/onion/bitcoinc HiddenServiceVersion 2 HiddenServicePort 9789 127.0.0.1:9789
This will map your hidden service port :9789 to your local BC instance at port :9789.
Step7: Start the Tor browser again. This will generate an onion address in the background. If the browser starts correctly and Tor is connected, verify the generate address:
$ cat /home/yourusername/onion/bitcoinc/hostname bc4cvkj6j7tp44to.onion
Note that address, you will tell BC later that this is your "external ip".
The Tor browser includes a SOCKS proxy listening on port :9150 which allows you to dip into the deep web. Now we are going to set up BC.
Tell BC to use the Tor proxy by adding this line to your config file onion=127.0.0.1:9150.
Tell BC to only use Tor nodes to connect to by adding onlynet=onion to the config file.
Find some onion addnodes. The first one could be ibt4q3cri3hs47f2.onion . Pass the nodes as command line argument -addnode=ibt4q3cri3hs47f2.onion or add it to the config file. Use a search engine to find more nodes. Here is a location to share BC onion nodes: Go to BC Discord Server #anonymity channel
Tell BC it's external address which was created in step 7 with externalip=bc4cvkj6j7tp44to.onion in the config file.
Last but not least, re-enable the listen=1 flag. You'll need to enable listening for incoming connections, or else your hidden service wont be any service at all.
A sample BC config file for a BC local hidden service looks like that:
# Bitcoin Confidential wallet config file onlynet=onion #tell BC to only use tor nodes (no ipv4/6) server=1 # yes we run a hidden server now maxconnections=128 # allow some traffic incoming onion=127.0.0.1:9150 # tell BC to use tor browser proxy discover=0 # disable discovering of your local ip address listen=1 # enable incoming connections to your address externalip=bc4cvkj6j7tp44to.onion # broadcast your hidden service onion address addnode=ibt4q3cri3hs47f2.onion # required addnodes to find some connections #addnode=ibt4q3cri3hs47f2.onion # more addnodes #addnode=ibt4q3cri3hs47f2.onion # the more the better