vinnie/localgreenchain
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
localgreenchain/TOR_SETUP.md
Claude ccea9535d4
Add Tor integration and privacy features for anonymous plant sharing 
Implements comprehensive privacy and anonymity features including Tor
hidden service support, location obfuscation, and anonymous registration.

Privacy Features:
- Anonymous plant registration with zero personal information
- Location privacy levels: exact, fuzzy, city, country, hidden
- Pseudonymous identities and wallet addresses
- Privacy settings component with real-time Tor status
- Encrypted anonymous contact generation

Tor Integration:
- SOCKS proxy support for Tor connections
- Hidden service (.onion) configuration
- Tor connection detection and status API
- Docker Compose setup for easy Tor deployment
- Automatic privacy warnings when not using Tor

Location Obfuscation:
- Fuzzy location: ±1-5km random offset
- City level: ~10km grid
- Country level: ~100km grid
- Hidden: complete location privacy
- Haversine-based distance calculations preserved

Anonymous Registration:
- /plants/register-anonymous endpoint
- Privacy-first UI with Tor status banner
- Anonymous IDs and wallet addresses
- Optional pseudonym support
- Encryption key support for enhanced security

Infrastructure:
- Tor service integration (lib/services/tor.ts)
- Privacy utilities (lib/privacy/anonymity.ts)
- PrivacySettings React component
- Tor status API endpoint
- Docker and docker-compose configurations
- Example Tor configuration (torrc.example)

Documentation:
- Comprehensive TOR_SETUP.md guide
- Installation instructions for Linux/macOS/Windows
- Privacy best practices
- Troubleshooting guide
- Security considerations
- Updated README with Tor features

Dependencies:
- Added socks-proxy-agent for Tor proxy support

This enables:
- Privacy-conscious growers to share anonymously
- Protection of exact home locations
- Censorship-resistant plant sharing
- Community building without identity disclosure
- Compliance with privacy regulations

All privacy features are optional and configurable.
Users can choose their desired privacy level.
2025-11-16 12:32:59 +00:00

10 KiB
Raw Blame History

🧅 Tor Integration Guide for LocalGreenChain

This guide explains how to set up LocalGreenChain with Tor for maximum privacy and anonymity when sharing plant lineages.

Why Use Tor with LocalGreenChain?

Privacy Benefits

  • Anonymous Plant Registration: Register plants without revealing your identity
  • Location Privacy: Share general area without exposing exact home address
  • IP Protection: Hide your IP address from other users and the network
  • Censorship Resistance: Access the network even in restrictive environments
  • Secure Sharing: Share plant clones with trusted community members anonymously

Use Cases

  • Privacy-Conscious Growers: Don't want to advertise exact plant locations
  • Sensitive Species: Medicinal plants, rare species, or regulated botanicals
  • Community Building: Connect with local growers without revealing identity
  • Research: Anonymous data collection for botanical research
  • Security: Protect against unwanted visitors or theft

Table of Contents

  1. Quick Start
  2. Installation Methods
  3. Configuration
  4. Running as Hidden Service
  5. Using Tor Browser
  6. Privacy Best Practices
  7. Troubleshooting

Quick Start

Option 1: Docker Compose (Recommended)

The easiest way to run LocalGreenChain with Tor:

# Copy environment variables
cp .env.example .env

# Edit .env and enable Tor
nano .env
# Set: TOR_ENABLED=true

# Start with Docker Compose
docker-compose -f docker-compose.tor.yml up -d

# Check if Tor is running
docker logs localgreenchain-tor

# Get your onion address
docker exec localgreenchain-tor cat /var/lib/tor/hidden_service/hostname

Your LocalGreenChain instance is now accessible via:

Option 2: Manual Installation

  1. Install Tor
  2. Configure Tor for LocalGreenChain
  3. Start LocalGreenChain with Tor enabled

Installation Methods

Linux (Debian/Ubuntu)

# Install Tor
sudo apt update
sudo apt install tor

# Configure Tor for LocalGreenChain
sudo cp tor/torrc.example /etc/tor/torrc

# Edit configuration
sudo nano /etc/tor/torrc

# Create hidden service directory
sudo mkdir -p /var/lib/tor/localgreenchain
sudo chown -R debian-tor:debian-tor /var/lib/tor/localgreenchain
sudo chmod 700 /var/lib/tor/localgreenchain

# Start Tor
sudo systemctl start tor
sudo systemctl enable tor

# Check status
sudo systemctl status tor

# Get your onion address (wait ~1 minute for generation)
sudo cat /var/lib/tor/localgreenchain/hostname

macOS

# Install Tor via Homebrew
brew install tor

# Copy configuration
cp tor/torrc.example /usr/local/etc/tor/torrc

# Edit configuration
nano /usr/local/etc/tor/torrc

# Create hidden service directory
mkdir -p ~/Library/Application\ Support/tor/localgreenchain
chmod 700 ~/Library/Application\ Support/tor/localgreenchain

# Update torrc with your path
# HiddenServiceDir ~/Library/Application Support/tor/localgreenchain

# Start Tor
brew services start tor

# Get your onion address
cat ~/Library/Application\ Support/tor/localgreenchain/hostname

Windows (WSL)

# Install WSL if not already installed
# Then follow Linux instructions above

# Or use Tor Expert Bundle
# Download from: https://www.torproject.org/download/tor/

Configuration

Environment Variables

Edit .env file:

# Enable Tor
TOR_ENABLED=true

# Tor SOCKS proxy (default)
TOR_SOCKS_HOST=127.0.0.1
TOR_SOCKS_PORT=9050

# Tor control port
TOR_CONTROL_PORT=9051

# Hidden service directory
TOR_HIDDEN_SERVICE_DIR=/var/lib/tor/localgreenchain

# Privacy defaults
DEFAULT_PRIVACY_MODE=standard
ALLOW_ANONYMOUS_REGISTRATION=true
LOCATION_OBFUSCATION_DEFAULT=fuzzy

Tor Configuration (torrc)

Minimal configuration in /etc/tor/torrc:

# SOCKS proxy
SocksPort 9050

# Hidden Service for LocalGreenChain
HiddenServiceDir /var/lib/tor/localgreenchain/
HiddenServicePort 80 127.0.0.1:3001

# Optional: Multiple ports
# HiddenServicePort 443 127.0.0.1:3001

# Logging
Log notice file /var/log/tor/notices.log

# Privacy settings
IsolateDestAddr 1
IsolateDestPort 1

Running as Hidden Service

Start LocalGreenChain

# Install dependencies
bun install

# Start in production mode
bun run build
bun run start

# Or development mode
bun run dev

Verify Hidden Service

# Check if Tor created keys
ls -la /var/lib/tor/localgreenchain/

# Should see:
# - hostname (your .onion address)
# - hs_ed25519_public_key
# - hs_ed25519_secret_key

# Get your onion address
cat /var/lib/tor/localgreenchain/hostname

Share Your Onion Address

Your .onion address looks like:

abc123def456ghi789.onion

Share this with trusted community members to allow anonymous access!

Using Tor Browser

As a User (Accessing LocalGreenChain via Tor)

  1. Download Tor Browser

  2. Connect to Tor Network

    • Launch Tor Browser
    • Click "Connect" to establish Tor connection

  3. Access LocalGreenChain

    • Option A: Via onion address (recommended) 
      http://[your-onion-address].onion
    • Option B: Via clearnet (still anonymous) 
      http://your-domain.com

  4. Register Plants Anonymously

    • Go to "Anonymous Registration" page
    • Your connection will be detected as coming from Tor
    • All privacy features automatically enabled

Privacy Indicators

LocalGreenChain will show you:

  • 🧅 "Tor Active" badge when connected via Tor
  • Privacy recommendations based on connection type
  • Tor circuit information (country, not your IP)

Privacy Best Practices

For Maximum Anonymity

  1. Always Use Tor Browser

    • Don't access via regular browser
    • Tor Browser includes additional privacy protections

  2. Enable Anonymous Mode

    • Use /plants/register-anonymous page
    • Generate random IDs and pseudonyms
    • Don't reuse usernames from other sites

  3. Location Privacy

    • Use "Fuzzy" or "City" level location sharing
    • Never share exact coordinates
    • Consider using "Hidden" for sensitive plants

  4. Operational Security (OpSec)

    • Don't include identifiable info in plant notes
    • Use different pseudonyms for different plant types
    • Don't correlate with social media accounts
    • Clear browser data after each session

  5. Network Security

    • Only share your .onion address with trusted people
    • Use secure channels (encrypted messaging) to share addresses
    • Rotate your hidden service periodically if needed

Privacy Levels Explained

Level Location Accuracy Best For
Exact ~100m Public gardens, commercial nurseries
Fuzzy 1-5km radius Home gardens, privacy-conscious sharing
City ~10km grid Regional plant trading
Country ~100km grid National distribution tracking
Hidden No location Maximum privacy, sensitive species

Troubleshooting

Tor Won't Start

# Check Tor status
sudo systemctl status tor

# View logs
sudo tail -f /var/log/tor/notices.log

# Common issues:
# 1. Port 9050 already in use
sudo lsof -i :9050

# 2. Permission issues
sudo chown -R debian-tor:debian-tor /var/lib/tor
sudo chmod 700 /var/lib/tor/localgreenchain

Hidden Service Not Accessible

# Verify Tor is running
pgrep tor

# Check if hostname file exists
cat /var/lib/tor/localgreenchain/hostname

# Verify LocalGreenChain is running
curl http://localhost:3001

# Check Tor logs for errors
sudo tail -f /var/log/tor/notices.log

"Tor Status: Not Available"

  1. Check if Tor daemon is running
  2. Verify SOCKS port (9050) is open
  3. Check firewall settings
  4. Restart Tor service
sudo systemctl restart tor

Slow Onion Connection

This is normal! Tor routes through multiple nodes:

  • First connection: 30-60 seconds
  • Subsequent loads: 5-15 seconds
  • Plant operations: Near instant (local blockchain)

Advanced Topics

Running Multiple Hidden Services

Edit /etc/tor/torrc:

# LocalGreenChain (public)
HiddenServiceDir /var/lib/tor/localgreenchain-public/
HiddenServicePort 80 127.0.0.1:3001

# LocalGreenChain (private - invite only)
HiddenServiceDir /var/lib/tor/localgreenchain-private/
HiddenServicePort 80 127.0.0.1:3002

Client Authentication (v3 Onions)

Restrict access to authorized users only:

# In torrc
HiddenServiceDir /var/lib/tor/localgreenchain/
HiddenServicePort 80 127.0.0.1:3001
HiddenServiceAuthorizeClient stealth alice,bob

Monitoring Tor Traffic

# Real-time connection monitoring
sudo nyx

# Or arm (older tool)
sudo arm

Backup Your Hidden Service Keys

IMPORTANT: Your .onion address is tied to your keys!

# Backup keys
sudo cp -r /var/lib/tor/localgreenchain ~/tor-backup/

# Restore keys (on new server)
sudo cp -r ~/tor-backup/* /var/lib/tor/localgreenchain/
sudo chown -R debian-tor:debian-tor /var/lib/tor/localgreenchain
sudo systemctl restart tor

Security Considerations

What Tor DOES Protect

Your IP address from other users Your browsing from your ISP Your location from the network Your identity when using anonymous mode

What Tor DOESN'T Protect

Poor operational security (sharing identifying info) Malware on your computer Logging in with real accounts Data you voluntarily share

Remember

  • Tor provides anonymity, not security
  • Use HTTPS even over Tor (LocalGreenChain supports this)
  • Don't mix anonymous and identified activities
  • Keep Tor Browser up to date
  • Trust the process - Tor has protected millions of users

Getting Help

Legal Notice

Using Tor is legal in most countries. However:

  • Check local laws regarding Tor usage
  • Using Tor for illegal activities is still illegal
  • LocalGreenChain is for botanical education and legal plant sharing
  • Respect plant import/export regulations
  • Some plants may be regulated or controlled substances

Stay safe, stay private, and happy growing! 🌱🧅