Cyberpotato <cyberpot...@protonmail.com> writes:
> Is there any sort of limit (artificial, performance, or otherwise) to the
> number of hidden service descriptors or .onion addresses i can generate
> and/or use to access a single hidden service? The use case would be to
> generate a unique .onion address/descriptor for each user of a hidden
> service. If i were to generate and advertise/introduce, let's say 500 (or
> more) unique hidden service descriptors, would there be any issue with that?
> Is building & maintaining that many circuits practical or possible?
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Hello cyberpotato,
I suggest you *carefully* consider your threat model before creating 500
unique hidden services. The network is not gonna collapse if you do so,
but it's not something that should be done casually by lots of people
because it will definitelly stress out the network.
Please consider that onion services support *stealth client
authorization* which basically provide this functionality (different HS
for each user), and it's currently capped at 16 users max. So please be
cautious if you plan to pass that limit. Also check out this article:
https://antitree.com/2017/08/tor-onion-service-stealth-and-basic-authentication-modes/
Specifically, each hidden service puts the following burden on the
network even when idle:
- 3 long-term introduction circuits per HS
- 6 descriptors uploaded per HS (this becomes 12 for hsv3)
With so many descriptor uploads and circuits you might even end up
overloading your guard node, which might impact your reachability
security.
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
