Distribute required-on-Tails SOCKS5 proxy everywhere a TCP request is made

Author: nabijaczleweli

electrum-pool/src/lib.rs

@@ -1,9 +1,10 @@
 use backoff::{Error as BackoffError, ExponentialBackoff};
-use bdk_electrum::electrum_client::{Client, ConfigBuilder, ElectrumApi, Error};
+use bdk_electrum::electrum_client::{Client, ConfigBuilder, ElectrumApi, Error, Socks5Config};
 use bdk_electrum::BdkElectrumClient;
 use bitcoin::Transaction;
 use futures::future::join_all;
 use once_cell::sync::OnceCell;
+use std::borrow::Cow;
 use std::sync::atomic::{AtomicUsize, Ordering};
 use std::sync::{Arc, RwLock};
 use std::time::Duration;
@@ -546,13 +547,16 @@ pub struct ElectrumBalancerConfig {
     pub request_timeout: u8,
     /// Minimum number of retry attempts across all nodes
     pub min_retries: usize,
+    /// Address of SOCKS5 proxy in `127.0.0.1:9050` format
+    pub socks5: Option<Cow<'static, str>>,
 }
 
 impl Default for ElectrumBalancerConfig {
     fn default() -> Self {
         Self {
             request_timeout: 15,
             min_retries: 15,
+            socks5: None,
         }
     }
 }
@@ -573,6 +577,7 @@ impl ElectrumClientFactory<BdkElectrumClient<Client>> for BdkElectrumClientFacto
     ) -> Result<Arc<BdkElectrumClient<Client>>, Error> {
         let client_config = ConfigBuilder::new()
             .timeout(Some(config.request_timeout))
+            .socks5(config.socks5.as_ref().map(Socks5Config::new))
             .retry(0)
             .build();
 
@@ -947,6 +952,7 @@ mod tests {
         let config = ElectrumBalancerConfig {
             request_timeout: 5,
             min_retries: 0,
+            socks5: None,
         };
 
         let balancer = ElectrumBalancer::new_with_config_and_factory(urls, config, factory.clone())
@@ -1020,6 +1026,7 @@ mod tests {
         let config = ElectrumBalancerConfig {
             request_timeout: 5,
             min_retries: 1,
+            socks5: None,
         };
 
         let balancer = ElectrumBalancer::new_with_config_and_factory(urls, config, factory.clone())
@@ -1162,6 +1169,7 @@ mod tests {
         let config = ElectrumBalancerConfig {
             request_timeout: 15,
             min_retries: 7,
+            socks5: None,
         };
 
         let factory = Arc::new(MockElectrumClientFactory::new());

monero-rpc/Cargo.toml

@@ -12,10 +12,11 @@ jsonrpc_client = { version = "0.7", features = ["reqwest"] }
 monero = { workspace = true }
 monero-epee-bin-serde = "1"
 rand = { workspace = true }
-reqwest = { workspace = true }
+reqwest = { workspace = true, features = ["socks"] }
 rust_decimal = { workspace = true }
 serde = { workspace = true }
 serde_json = { workspace = true }
+swap-tor = { path = "../swap-tor" }
 tracing = { workspace = true }
 
 [dev-dependencies]

monero-rpc/src/monerod.rs

@@ -30,10 +30,12 @@ impl Client {
     }
 
     fn new(host: String, port: u16) -> Result<Self> {
+        let mut client = reqwest::Client::builder().connection_verbose(true);
+        if let Some(proxy) = swap_tor::TOR_ENVIRONMENT.and_then(|ste| ste.reqwest_proxy()) {
+            client = client.proxy(reqwest::Proxy::all(proxy)?);
+        }
         Ok(Self {
-            inner: reqwest::ClientBuilder::new()
-                .connection_verbose(true)
-                .build()?,
+            inner: client.build()?,
             base_url: format!("http://{}:{}/json_rpc", host, port)
                 .parse()
                 .context("url is well formed")?,

monero-rpc/src/wallet.rs

@@ -58,10 +58,12 @@ impl Client {
 
     /// Constructs a monero-wallet-rpc client with `url` endpoint.
     pub fn new(url: reqwest::Url) -> Result<Self> {
+        let mut client = reqwest::Client::builder().connection_verbose(true);
+        if let Some(proxy) = swap_tor::TOR_ENVIRONMENT.and_then(|ste| ste.reqwest_proxy()) {
+            client = client.proxy(reqwest::Proxy::all(proxy)?);
+        }
         Ok(Self {
-            inner: reqwest::ClientBuilder::new()
-                .connection_verbose(true)
-                .build()?,
+            inner: client.build()?,
             base_url: url,
         })
     }

monero-sys/src/lib.rs

@@ -233,10 +233,19 @@ impl WalletHandle {
     pub async fn open_or_create(
         path: String,
         daemon: Daemon,
+        proxy_address: &str,
         network: monero::Network,
         background_sync: bool,
     ) -> anyhow::Result<Self> {
-        Self::open_or_create_with_password(path, None, daemon, network, background_sync).await
+        Self::open_or_create_with_password(
+            path,
+            None,
+            daemon,
+            proxy_address,
+            network,
+            background_sync,
+        )
+        .await
     }
 
     /// Common implementation used by all `open_*` helpers.
@@ -307,10 +316,12 @@ impl WalletHandle {
         path: String,
         password: impl Into<Option<String>>,
         daemon: Daemon,
+        proxy_address: impl Into<String>,
         network: monero::Network,
         background_sync: bool,
     ) -> anyhow::Result<Self> {
         let password = password.into();
+        let proxy_address = proxy_address.into();
 
         Self::open_with(path.clone(), daemon.clone(), move |manager| {
             manager.open_or_create_wallet(
@@ -319,6 +330,7 @@ impl WalletHandle {
                 network,
                 background_sync,
                 daemon.clone(),
+                &proxy_address,
             )
         })
         .await
@@ -334,10 +346,20 @@ impl WalletHandle {
         restore_height: u64,
         background_sync: bool,
         daemon: Daemon,
+        proxy_address: impl Into<String>,
     ) -> anyhow::Result<Self> {
+        let proxy_address = proxy_address.into();
+
         Self::open_with(path.clone(), daemon.clone(), move |manager| {
             if manager.wallet_exists(&path) {
-                manager.open_or_create_wallet(&path, None, network, background_sync, daemon.clone())
+                manager.open_or_create_wallet(
+                    &path,
+                    None,
+                    network,
+                    background_sync,
+                    daemon.clone(),
+                    &proxy_address,
+                )
             } else {
                 manager.recover_wallet(
                     &path,
@@ -347,6 +369,7 @@ impl WalletHandle {
                     restore_height,
                     background_sync,
                     daemon.clone(),
+                    &proxy_address,
                 )
             }
         })
@@ -367,7 +390,10 @@ impl WalletHandle {
         restore_height: u64,
         background_sync: bool,
         daemon: Daemon,
+        proxy_address: impl Into<String>,
     ) -> anyhow::Result<Self> {
+        let proxy_address = proxy_address.into();
+
         Self::open_with(path.clone(), daemon.clone(), move |manager| {
             manager.open_or_create_wallet_from_keys(
                 &path,
@@ -379,6 +405,7 @@ impl WalletHandle {
                 restore_height,
                 background_sync,
                 daemon.clone(),
+                &proxy_address,
             )
         })
         .await
@@ -1112,6 +1139,7 @@ impl WalletManager {
         network: monero::Network,
         background_sync: bool,
         daemon: Daemon,
+        proxy_address: &str,
     ) -> anyhow::Result<FfiWallet> {
         tracing::debug!(%path, "Opening or creating wallet");
 
@@ -1126,6 +1154,7 @@ impl WalletManager {
                     network,
                     background_sync,
                     daemon,
+                    proxy_address,
                     Box::new(TraceListener::new(path.to_string())),
                 )
                 .context(format!("Failed to open wallet `{}`", &path));
@@ -1158,7 +1187,7 @@ impl WalletManager {
         }
 
         let raw_wallet = RawWallet::new(wallet_pointer);
-        let wallet = FfiWallet::new(raw_wallet, background_sync, daemon)
+        let wallet = FfiWallet::new(raw_wallet, background_sync, daemon, proxy_address)
             .context(format!("Failed to initialize wallet `{}`", &path))?;
 
         Ok(wallet)
@@ -1177,6 +1206,7 @@ impl WalletManager {
         restore_height: u64,
         background_sync: bool,
         daemon: Daemon,
+        proxy_address: &str,
     ) -> Result<FfiWallet> {
         tracing::debug!(%path, "Creating wallet from keys");
 
@@ -1190,6 +1220,7 @@ impl WalletManager {
                     network,
                     background_sync,
                     daemon.clone(),
+                    proxy_address,
                     Box::new(TraceListener::new(path.to_string())),
                 )
                 .context(format!("Failed to open wallet `{}`", &path));
@@ -1242,7 +1273,7 @@ impl WalletManager {
 
         let raw_wallet = RawWallet::new(wallet_pointer);
         tracing::debug!(path=%path, "Created wallet from keys, initializing");
-        let wallet = FfiWallet::new(raw_wallet, background_sync, daemon)
+        let wallet = FfiWallet::new(raw_wallet, background_sync, daemon, proxy_address)
             .context(format!("Failed to initialize wallet `{}` from keys", &path))?;
 
         Ok(wallet)
@@ -1259,6 +1290,7 @@ impl WalletManager {
         restore_height: u64,
         background_sync: bool,
         daemon: Daemon,
+        proxy_address: &str,
     ) -> anyhow::Result<FfiWallet> {
         tracing::debug!(%path, "Recovering wallet from seed");
 
@@ -1283,7 +1315,7 @@ impl WalletManager {
             .context("Failed to recover wallet from seed: FFI call failed with exception")?;
 
         let raw_wallet = RawWallet::new(wallet_pointer);
-        let wallet = FfiWallet::new(raw_wallet, background_sync, daemon)
+        let wallet = FfiWallet::new(raw_wallet, background_sync, daemon, proxy_address)
             .context(format!("Failed to initialize wallet `{}` from seed", &path))?;
 
         Ok(wallet)
@@ -1313,6 +1345,7 @@ impl WalletManager {
         network_type: monero::Network,
         background_sync: bool,
         daemon: Daemon,
+        proxy_address: &str,
         listener: Box<dyn WalletEventListener>,
     ) -> anyhow::Result<FfiWallet> {
         tracing::debug!(%path, "Opening wallet");
@@ -1340,7 +1373,7 @@ impl WalletManager {
 
         let raw_wallet = RawWallet::new(wallet_pointer);
 
-        let wallet = FfiWallet::new(raw_wallet, background_sync, daemon)
+        let wallet = FfiWallet::new(raw_wallet, background_sync, daemon, proxy_address)
             .context("Failed to initialize re-opened wallet")?;
 
         wallet.add_listener(listener);
@@ -1472,7 +1505,12 @@ impl FfiWallet {
     const MAIN_ACCOUNT_INDEX: u32 = 0;
 
     /// Create and initialize new wallet from a raw C++ wallet pointer.
-    fn new(inner: RawWallet, background_sync: bool, daemon: Daemon) -> anyhow::Result<Self> {
+    fn new(
+        inner: RawWallet,
+        background_sync: bool,
+        daemon: Daemon,
+        proxy_address: &str,
+    ) -> anyhow::Result<Self> {
         if inner.inner.is_null() {
             anyhow::bail!("Failed to create wallet: got null pointer");
         }
@@ -1492,7 +1530,7 @@ impl FfiWallet {
             backoff(None, None),
             || {
                 wallet
-                    .init(&daemon)
+                    .init(&daemon, proxy_address)
                     .context("Failed to initialize wallet")
                     .map_err(backoff::Error::transient)
             },
@@ -1571,15 +1609,15 @@ impl FfiWallet {
     }
 
     /// Initialize the wallet and download initial values from the remote node.
-    /// Does not actuallyt sync the wallet, use any of the refresh methods to do that.
-    fn init(&mut self, daemon: &Daemon) -> anyhow::Result<()> {
+    /// Does not actually sync the wallet, use any of the refresh methods to do that.
+    fn init(&mut self, daemon: &Daemon, proxy_address: &str) -> anyhow::Result<()> {
         let daemon_address = format!("{}:{}", daemon.hostname, daemon.port);
         tracing::debug!(%daemon_address, ssl=%daemon.ssl, "Initializing wallet");
 
         let_cxx_string!(daemon_address = daemon_address);
         let_cxx_string!(daemon_username = "");
         let_cxx_string!(daemon_password = "");
-        let_cxx_string!(proxy_address = "");
+        let_cxx_string!(proxy_address = proxy_address);
 
         let raw_wallet = &mut self.inner;
 

src-gui/src/renderer/components/modal/updater/UpdaterDialog.tsx

@@ -13,8 +13,14 @@ import {
   Link,
 } from "@mui/material";
 import SystemUpdateIcon from "@mui/icons-material/SystemUpdate";
-import { check, Update, DownloadEvent } from "@tauri-apps/plugin-updater";
+import {
+  check,
+  CheckOptions,
+  Update,
+  DownloadEvent,
+} from "@tauri-apps/plugin-updater";
 import { useSnackbar } from "notistack";
+import { getUpdaterProxy } from "renderer/rpc";
 import { relaunch } from "@tauri-apps/plugin-process";
 
 const GITHUB_RELEASES_URL = "https://github.com/eigenwallet/core/releases";
@@ -56,15 +62,16 @@ function LinearProgressWithLabel(
   );
 }
 
+const proxy = await getUpdaterProxy();
 export default function UpdaterDialog() {
   const [availableUpdate, setAvailableUpdate] = useState<Update | null>(null);
   const [downloadProgress, setDownloadProgress] =
     useState<DownloadProgress | null>(null);
   const { enqueueSnackbar } = useSnackbar();
 
   useEffect(() => {
-    // Check for updates when component mounts
-    check()
+    // Check, CheckOptions for updates when component mounts
+    check({ proxy })
       .then((updateResponse) => {
         console.log("updateResponse", updateResponse);
         setAvailableUpdate(updateResponse);

src-gui/src/renderer/rpc.ts

@@ -308,6 +308,10 @@ export async function getTorForcedExcuse(): Promise<string> {
   return await invokeNoArgs<string>("get_tor_forced_excuse");
 }
 
+export async function getUpdaterProxy(): Promise<string | null> {
+  return await invokeNoArgs<string | null>("get_updater_proxy");
+}
+
 export async function getLogsOfSwap(
   swapId: string,
   redact: boolean,

src-tauri/src/commands.rs

@@ -71,6 +71,7 @@ macro_rules! generate_command_handlers {
             change_monero_node,
             get_context_status,
             get_tor_forced_excuse,
+            get_updater_proxy,
         ]
     };
 }
@@ -205,6 +206,11 @@ pub async fn get_tor_forced_excuse(_: tauri::State<'_, State>) -> Result<String,
         .unwrap_or(String::new()))
 }
 
+#[tauri::command]
+pub async fn get_updater_proxy(_: tauri::State<'_, State>) -> Result<Option<&'static str>, String> {
+    Ok(swap_tor::TOR_ENVIRONMENT.and_then(|ste| ste.reqwest_proxy()))
+}
+
 #[tauri::command]
 pub async fn resolve_approval_request(
     args: ResolveApprovalArgs,