Using Nym's mixnet to anonymously connect to other peers in
network as Nym offers network-level privacy.
An outbound connection with peers can be done anonymously using Nym, we will be proxying our packets through
SOCKS5 Client to mixnet to
Network Requester to other peers and back.
The following instructions should work on any Linux system.
Network Requester makes the requests on your behalf, it is
recommended to run your own on a server, however for the sake of
example and simplicity everything is run locally.
We'll start by initializng the
% ./nym-network-requester init --id nettestnode
This will print some information in the terminal, what we want is the client address, for example it could be something like this:
The address of this client is: 8hUvtEyZK8umsdxxPS2BizQhEDmbNeXEPBZLgscE57Zh.5P2bWn6WybVL8QgoPEUHf6h2zXktmwrWaqaucEBZy7Vb@5vC8spDvw5VDQ8Zvd9fVvBhbUDv9jABR4cXzd4Kh5vz
Then we'll use that address as provider for
% ./nym-socks5-client init --use-reply-surbs true --id sockstest --provider 8hUvtEyZK8umsdxxPS2BizQhEDmbNeXEPBZLgscE57Zh.5P2bWn6WybVL8QgoPEUHf6h2zXktmwrWaqaucEBZy7Vb@5vC8spDvw5VDQ8Zvd9fVvBhbUDv9jABR4cXzd4Kh5vz
We also set
--use-reply-surbs flag to true, this will enable
anonymous sender tag for communication with the service provider,
but it will make the actual communication slower.
Now we can run
Network Requester and then
% ./nym-network-requester run --id nettestnode
Then in another terminal run:
% ./nym-socks5-client run --id sockstest
Adding a new domain/address to
nym-network-requesteris running you must restart it to pick up the new list.
Both of these binaries have to be running when setting up a node.
Currently connecting to other nodes might not be as dynamic as you'd think, there are two things we can do here:
Network Requester as open proxy:
you only need to run it like:
% ./nym-network-requester run --id nettestnode --open-proxy
This makes the whitelist not needed anymore, meaning you don't need to
worry about adding peers to
allowed.list anymore, but don't share
the address of the
Network Requester while running as open proxy
2. whitelisted addresses approach, here's how it works:
- Add known peers' domains/addresses to
- Edit Darkfi node's config file (provided in the next section) so you can connect to peers manually, or through seed.
Note that for peer discovery you'll have to whitelist some known peers and the seed itself.
ircd, run it once to spawn the config file. Then
edit it to contain the following:
# manually ## P2P net settings [net] outbound_connections=0 peers = ["nym://some.whitelisted.domain:25552", "nym://someother.whitelisted.domain:25556"] outbound_transports = ["nym"] # automatically ## P2P net settings [net] outbound_connections=8 seeds = ["nym://some.whitelisted.seed:25551", "tcp://someother.whitelisted.seed:25551"] outbound_transports = ["nym"]
The most important part that could easily be forgotten is:
outbound_transports = ["nym"]
Now when you start
ircd, you will be able to discover or connect
directly to peers and your traffic will be routed through the mixnet.
These instructions are also applicable to other nodes in the DarkFi