Arti 0.4.0 is released: Robustness and API improvements

by nickm | May 31, 2022

Arti is our ongoing project to create a working embeddable Tor client in Rust. It’s not ready to replace the main Tor implementation in C, but we believe that it’s the future.

Right now, our focus is on making Arti production-quality, by stress-testing the code, hunting for likely bugs, and adding missing features that we know from experience that users will need. We're going to try not to break backward compatibility too much, but we'll do so when we think it's a good idea.

What's new in 0.4.0?

For a complete list of changes, have a look at the CHANGELOG.

This release wraps up our changes to the configuration logic, detects several kinds of unsafe filesystem configuration, and has a refactored directory manager to help us tolerate far more kinds of bootstrap failures.

There are also a bunch of smaller features, bugfixes, and infrastructure improvements; again, see the CHANGELOG for a more complete list.

And what's next?

In the short term, we're working for feature-parity with Tor in netflow resistance and congestion control. We hope to have some progress by our next release, but we might not be finished by then.

Beyond that, between now and our 1.0.0 milestone in September, we're aiming to make Arti a production-quality Tor client for direct internet access. (Onion services aren't funded yet, but we hope to change that soon.)

To do so, we need to bring Arti up to par with the C tor implementation in terms of its CPU usage, and security features. You can follow our progress on our 1.0.0 milestone.

We still plan to continue regular releases between now and then.

Here's how to try it out

We rely on users and volunteers to find problems in our software and suggest directions for its improvement. Although Arti isn't yet ready for production use, you can test it as a SOCKS proxy (if you're willing to compile from source) and as an embeddable library (if you don't mind a little API instability).

Assuming you've installed Arti (with cargo install arti, or directly from a cloned repository), you can use it to start a simple SOCKS proxy for making connections via Tor with:

$ arti proxy -p 9150

and use it more or less as you would use the C Tor implementation!

(It doesn't support onion services yet. If compilation doesn't work, make sure you have development files for libsqlite installed on your platform.)

If you want to build a program with Arti, you probably want to start with the arti-client crate. Be sure to check out the examples too.

For more information, check out the README file. (For now, it assumes that you're comfortable building Rust programs from the command line). Our CONTRIBUTING file has more information on installing development tools, and on using Arti inside of Tor Browser. (If you want to try that, please be aware that Arti doesn't support onion services yet.)

When you find bugs, please report them on our bugtracker. You can request an account or report a bug anonymously.

And if this documentation doesn't make sense, please ask questions! The questions you ask today might help improve the documentation tomorrow.

Call for feedback

Our priority for the coming months is to make Arti a production-quality Tor client, for the purposes of direct connections to the internet. (Onion services will come later.) We know some of the steps we'll need to take to get there, but not all of them: we need to know what's missing for your use-cases.

Whether you're a user or a developer, please give Arti a try, and let us know what you think. The sooner we learn what you need, the better our chances of getting it into an early milestone.

Acknowledgments

Thanks to everybody who has contributed to this release, including Alex Xu, Dimitris Apostolou, Jim Newsome, Michael Mccune, and Trinity Pointard.

And thanks, of course, to Zcash Community Grants (formerly Zcash Open Major Grants (ZOMG)) for funding this project!

Comments

We encourage respectful, on-topic comments. Comments that violate our Code of Conduct will be deleted. Off-topic comments may be deleted at the discretion of the moderators. Please do not comment as a way to receive support or to report bugs on a post unrelated to a release. If you are looking for support, please see our FAQ, user support forum or ways to get in touch with us.