Can traffic be filtered so that only Bitcoin or lightning traffic can exit?

[justingoldberg]

On the Tor mailing lists, every now and then there is person running an exit node, and they are asking for a response to the authorities because of a hacking incident that went through their node. Does indranet have any kind of protection against this?

Are hidden services (IE not on the clearnet at all) possible on Indranet?

Also, can traffic be filtered so that only Bitcoin or lightning traffic can exit?

[l0k18]

Yes, hidden services are possible, and only use a rendezvous architecture for establishing connections, after this handshake the two ends manage their connection by sending each other layered routing headers and obfuscated ciphers used to encrypt messages to be attached to them.

By default, no services will be enabled, but it is recommended to provide client-side anonymous services (public visible services) since both Lightning and Bitcoin are prerequisites, it makes sense for all relays to provide these two services.

Note that "exit" in indra is an entirely customisable setup. It only forwards to localhost port numbers, and the relay operator then will configure firewall redirections or run the service alongside the relay.

If one wanted to run a web proxy, like a Tor exit, one would set up a Socks5 proxy listening on the service port, and clients would connect, and treat the indra relay like it was their own socks proxy. Authentication is not required because access to the service requires prepayment, and this proof of payment functions in place of authentication. Of course the session balances can be very small, just as long as the client tops up the session or makes new ones by paying for them and sending out the session keys.

Equally, if one wanted to provide exit service to some other blockchain, or peer to peer network, again, simply the relay runs this service, or redirects to one it has the right to access, and the user's traffic is funneled through it using a tunnel adapter.

See here for more current and detailed information on the format and protocol.

Also, while we will make the effort to keep the state of this repository current, https://git.indra-labs.org/dev/ind is going to be the main location for now, later we have another domain ready to go as we get closer to release.