Add Tor support for outbound connections

Author: Anyitechs

ldk-server/ldk-server-config.toml

@@ -88,3 +88,8 @@ client_trusts_lsp = false
 ## A token we may require to be sent by the clients.
 ## If set, only requests matching this token will be accepted. (uncomment and set if required)
 # require_token = ""
+
+# Tor Config
+[tor]
+# Only connections to OnionV3 peers will be made via this proxy; other connections (IPv4 peers, Electrum server) will not be routed over Tor.
+#proxy_address = ""      # Tor daemon SOCKS proxy address.

ldk-server/src/main.rs

@@ -180,6 +180,11 @@ fn main() {
 		);
 	}
 
+	if let Some(tor_config) = config_file.tor_config {
+		let tor_config = ldk_node::config::TorConfig { proxy_address: tor_config.proxy_address };
+		let _ = builder.set_tor_config(tor_config);
+	}
+
 	// LSPS2 support is highly experimental and for testing purposes only.
 	#[cfg(feature = "experimental-lsps2-support")]
 	builder.set_liquidity_provider_lsps2(

ldk-server/src/util/config.rs

@@ -60,6 +60,7 @@ pub struct Config {
 	pub log_level: LevelFilter,
 	pub log_file_path: Option<String>,
 	pub pathfinding_scores_source_url: Option<String>,
+	pub tor_config: Option<TorConfig>,
 }
 
 #[derive(Debug, Clone, PartialEq, Eq)]
@@ -83,6 +84,11 @@ pub enum ChainSource {
 	Esplora { server_url: String },
 }
 
+#[derive(Debug, PartialEq, Eq)]
+pub struct TorConfig {
+	pub proxy_address: SocketAddress,
+}
+
 /// A builder for `Config`.
 #[derive(Default)]
 struct ConfigBuilder {
@@ -105,6 +111,7 @@ struct ConfigBuilder {
 	log_level: Option<String>,
 	log_file_path: Option<String>,
 	pathfinding_scores_source_url: Option<String>,
+	tor_proxy_address: Option<String>,
 }
 
 impl ConfigBuilder {
@@ -164,6 +171,10 @@ impl ConfigBuilder {
 				hosts: tls.hosts.unwrap_or_default(),
 			});
 		}
+
+		if let Some(tor) = toml.tor {
+			self.tor_proxy_address = Some(tor.proxy_address)
+		}
 	}
 
 	fn merge_args(&mut self, args: &ArgsConfig) {
@@ -206,6 +217,10 @@ impl ConfigBuilder {
 		if let Some(pathfinding_scores_source_url) = &args.pathfinding_scores_source_url {
 			self.pathfinding_scores_source_url = Some(pathfinding_scores_source_url.clone());
 		}
+
+		if let Some(tor_proxy_address) = &args.tor_proxy_address {
+			self.tor_proxy_address = Some(tor_proxy_address.clone());
+		}
 	}
 
 	fn build(self) -> io::Result<Config> {
@@ -364,6 +379,18 @@ impl ConfigBuilder {
 
 		let pathfinding_scores_source_url = self.pathfinding_scores_source_url;
 
+		let tor_proxy_address: Option<SocketAddress> = self
+			.tor_proxy_address
+			.map(|addrs| {
+				SocketAddress::from_str(&addrs).map_err(|e| {
+					io::Error::new(
+						io::ErrorKind::InvalidInput,
+						format!("Invalid proxy address configured: {}", e),
+					)
+				})
+			})
+			.transpose()?;
+
 		Ok(Config {
 			network,
 			listening_addrs,
@@ -381,6 +408,7 @@ impl ConfigBuilder {
 			log_level,
 			log_file_path: self.log_file_path,
 			pathfinding_scores_source_url,
+			tor_config: tor_proxy_address.map(|proxy_address| TorConfig { proxy_address }),
 		})
 	}
 }
@@ -397,6 +425,7 @@ pub struct TomlConfig {
 	liquidity: Option<LiquidityConfig>,
 	log: Option<LogConfig>,
 	tls: Option<TomlTlsConfig>,
+	tor: Option<TomlTorConfig>,
 }
 
 #[derive(Deserialize, Serialize)]
@@ -456,6 +485,11 @@ struct TomlTlsConfig {
 	hosts: Option<Vec<String>>,
 }
 
+#[derive(Deserialize, Serialize)]
+struct TomlTorConfig {
+	proxy_address: String,
+}
+
 #[derive(Deserialize, Serialize)]
 struct LiquidityConfig {
 	lsps2_client: Option<LSPSClientTomlConfig>,
@@ -614,6 +648,13 @@ pub struct ArgsConfig {
 		help = "The external scores source that is merged into the local scoring system to improve routing."
 	)]
 	pathfinding_scores_source_url: Option<String>,
+
+	#[arg(
+		long,
+		env = "LDK_SERVER_TOR_PROXY_ADDRESS",
+		help = "Tor daemon SOCKS proxy address. Only connections to OnionV3 peers will be made via this proxy; other connections (IPv4 peers, Electrum server) will not be routed over Tor."
+	)]
+	tor_proxy_address: Option<String>,
 }
 
 pub fn load_config(args: &ArgsConfig) -> io::Result<Config> {
@@ -732,6 +773,9 @@ mod tests {
 				min_payment_size_msat = 10000000          # 10,000 satoshis
 				max_payment_size_msat = 25000000000       # 0.25 BTC
 				client_trusts_lsp = true
+
+				[tor]
+				proxy_address = "vww6ybal4bd7szmgncyruucpgfkqahzddi37ktce36gpflljhvevubid.onion:9735"
 				"#;
 
 	fn default_args_config() -> ArgsConfig {
@@ -747,6 +791,7 @@ mod tests {
 			storage_dir_path: Some(String::from("/tmp_cli")),
 			node_alias: Some(String::from("LDK Server CLI")),
 			pathfinding_scores_source_url: Some(String::from("https://example.com/")),
+			tor_proxy_address: None,
 		}
 	}
 
@@ -763,6 +808,7 @@ mod tests {
 			bitcoind_rpc_password: None,
 			storage_dir_path: None,
 			pathfinding_scores_source_url: None,
+			tor_proxy_address: None,
 		}
 	}
 
@@ -839,6 +885,12 @@ mod tests {
 			log_level: LevelFilter::Trace,
 			log_file_path: Some("/var/log/ldk-server.log".to_string()),
 			pathfinding_scores_source_url: None,
+			tor_config: Some(TorConfig {
+				proxy_address: SocketAddress::from_str(
+					"vww6ybal4bd7szmgncyruucpgfkqahzddi37ktce36gpflljhvevubid.onion:9735",
+				)
+				.unwrap(),
+			}),
 		};
 
 		assert_eq!(config.listening_addrs, expected.listening_addrs);
@@ -857,6 +909,7 @@ mod tests {
 		assert_eq!(config.log_level, expected.log_level);
 		assert_eq!(config.log_file_path, expected.log_file_path);
 		assert_eq!(config.pathfinding_scores_source_url, expected.pathfinding_scores_source_url);
+		assert_eq!(config.tor_config, expected.tor_config);
 
 		// Test case where only electrum is set
 
@@ -1162,6 +1215,7 @@ mod tests {
 			log_level: LevelFilter::Trace,
 			log_file_path: Some("/var/log/ldk-server.log".to_string()),
 			pathfinding_scores_source_url: Some("https://example.com/".to_string()),
+			tor_config: None,
 		};
 
 		assert_eq!(config.listening_addrs, expected.listening_addrs);
@@ -1175,6 +1229,7 @@ mod tests {
 		assert_eq!(config.rabbitmq_exchange_name, expected.rabbitmq_exchange_name);
 		assert!(config.lsps2_service_config.is_none());
 		assert_eq!(config.pathfinding_scores_source_url, expected.pathfinding_scores_source_url);
+		assert_eq!(config.tor_config, expected.tor_config);
 	}
 
 	#[test]
@@ -1273,6 +1328,12 @@ mod tests {
 			log_level: LevelFilter::Trace,
 			log_file_path: Some("/var/log/ldk-server.log".to_string()),
 			pathfinding_scores_source_url: Some("https://example.com/".to_string()),
+			tor_config: Some(TorConfig {
+				proxy_address: SocketAddress::from_str(
+					"vww6ybal4bd7szmgncyruucpgfkqahzddi37ktce36gpflljhvevubid.onion:9735",
+				)
+				.unwrap(),
+			}),
 		};
 
 		assert_eq!(config.listening_addrs, expected.listening_addrs);
@@ -1288,6 +1349,7 @@ mod tests {
 		#[cfg(feature = "experimental-lsps2-support")]
 		assert_eq!(config.lsps2_service_config.is_some(), expected.lsps2_service_config.is_some());
 		assert_eq!(config.pathfinding_scores_source_url, expected.pathfinding_scores_source_url);
+		assert_eq!(config.tor_config, expected.tor_config);
 	}
 
 	#[test]