Many aspects have been improved in Arti 1.0 including performance and robustness
The developers of the anonymous network Tor unveiled that already the first stable version was released of the project Arty, which develops a Tor client written in Rust.
Arti version 1.0 is marked usable by general users and provides the same level of privacy, ease of use, and stability as the main C implementation.
When we defined our set of milestones, we defined Arti 1.0.0 as "production ready" - you should be able to use it in the real world, to get a similar degree of privacy, ease of use, and stability as you would. with a C Tor client. APIs should be (more or less) stable for integrators.
We believe we have achieved it. You can now use arti proxy to connect to the Tor network to anonymize your network connections.
Note that we don't recommend pointing a conventional web browser at arti(or, indeed, C Tor): web browsers leak a lot of private and identifying information. To browse the web anonymously, use Tor Browser; we have instructions for using it with Arti .
About Arti
Unlike the C implementation, which was originally designed as a SOCKS proxy and later customized to suit other needs, Arti was initially developed as a library of modular plugins that can be used by multiple applications.
Furthermore, when developing a new project all experience is taken into account development of Tor, which avoids known architecture issues, making the project more modular and efficient.
The reason for rewriting Tor in Rust was achieve a higher level of security of the code by using a memory-safe language. According to Tor developers, at least half of all vulnerabilities tracked by the project will be excluded in the Rust implementation if the code does not use "insecure" blocks.
rust too will allow you to achieve a faster development speed than with C, due to the expressiveness of the language and strong guarantees that allow you not to waste time on double checks and writing unnecessary code.
Main novelties of Arti 1.0
This version 1.0 Arti focuses mainly on the basic work in the client role, since it is mentioned that bootstrapping robustness has been improved.
As well as that added a robust mechanism for reporting boot status so that applications can detect and help diagnose problems, as well as APIs that are much more stable and better analyzed than six months ago.
It is also highlighted that performance profiled across various metrics, plus work has been done to address those that were out of line.
Other changes that stand out:
- Property Oriented Circuit Isolation.
- File permission validation to ensure data is stored securely.
- Omission of sensitive information from the records.
- Clear keys from memory after use.
- Hardening against debugger-based attacks.
- Channel padding to resist netflow-based traffic analysis
- Improved portability on iOS, Android and Windows.
En version 1.1, it is planned to implement support for pluggable transport and bridges to avoid locks. Version 1.2 is expected to support onion services and related features such as RTT congestion control and DDoS protection.
Achieving parity with client C is scheduled for the 2.0 branch, which will also provide links to use Arti in code in various programming languages.
Over the next several years, work will focus on implementing the functionality needed to run repeaters and directory servers. When the Rust code reaches a level where it can completely replace the C version, the developers intend to make Arti the main implementation of Tor and stop maintaining the C implementation.
Support for the C language version will be phased out to allow for a smooth migration.
Finally, if you are interested in being able to know more about it, you can consult the details in the following link