A few months ago we commented here on the blog about theThe intentions of the developers of the Tor project on Rust, since in recent years many important open source projects have turned to this programming language and over time it has begun to gain a lot of relevance.
And now, as we mentioned about the developers of the anonymous Tor network, these they made known via a blog post the launch of the first beta version 0.1.0 of the Arti project which develops a Tor client written in Rust.
About Arti
For those who are unaware of this project, I can tell you that unlike the C implementation, which was originally designed as a SOCKS proxy and later adapted for other needs, Arti was initially developed as a modular plugin library that can be used by multiple applications.
Also, when developing a new project, all past Tor development experience is taken into account, which will avoid known architecture issues and make the project more modular and efficient. The code is distributed under the Apache 2.0 and MIT licenses.
The reasons for rewriting Tor in Rust are the desire to achieve a higher level of security of the code by using a memory-safe language. According to Tor developers, at least half of all vulnerabilities tracked by the project will be removed in the Rust implementation if the code does not use "insecure" blocks.
Rust will also allow you to achieve a faster development speed than C, due to the language's expressiveness and strong guarantees that allow you to avoid wasting time on double-checking and writing unnecessary code.
Main novelties of Arti 0.1.0
From the changes in version 0.1.0, there is basic stabilization of high-level APIs and preparing the library for experimental integration with other projects.
Of the changes, it is mentioned adding an API to instantiate TorClient, including the ability to compile and bootstrap in the background on first use. Also, a new high-level API for error handling has been added.
Today, we have reached our 0.1.0 milestone: this means that we now consider Arti's high-level APIs to be "mostly stable" and ready for experimental integration into other projects. (We don't promise any API breaks, but we don't break our high-level APIs without good reason.) The 1.0.0 milestone, scheduled for September, will represent an even stronger API commitment.
Before the release of version 1.0.0, the developers intend to provide Arti full support for working as a Tor client which provides access to the Internet (the implementation of support for onion services has been postponed for the future).
It is planned to include it to achieve parity with the main implementation in the C language. in areas such as network performance, CPU load and reliability, as well as to ensure support for all security-related features.
It is worth mentioning again that the project is in experimental development status, lags behind the functionality of the main C-language Tor client, and is not yet ready to completely replace it.
A 1.0 release is planned for September with API, CLI, and configuration stabilization, which will be suitable for initial use by regular users.
In the further future, when the Rust code reaches a level capable of completely replacing the C version, the developers intend to make Arti the main implementation of Tor and stop maintaining the C implementation.
We rely on users and volunteers to find problems with our software and suggest directions for improvement. Although Arti isn't ready for production use yet, you can try it out as a SOCKS proxy (if you're willing to compile from source) and as an embeddable library (if you don't mind a bit of API instability).
Finally if you are interested in knowing more about it about this new release, you can check the details In the following link.