Inform the user that (and why) Tor is forced-on (GUI). Don't ask the user about listening on TCP/Onion if the environment doesn't support it (TUI questionnaire)

Author: nabijaczleweli

src-gui/src/renderer/components/pages/help/SettingsBox.tsx

@@ -66,7 +66,7 @@ import { getNetwork } from "store/config";
 import { currencySymbol } from "utils/formatUtils";
 import InfoBox from "renderer/components/pages/swap/swap/components/InfoBox";
 import { isValidMultiAddressWithPeerId } from "utils/parseUtils";
-import { getNodeStatus } from "renderer/rpc";
+import { getNodeStatus, getTorForcedExcuse } from "renderer/rpc";
 import { setStatus } from "store/features/nodesSlice";
 import MoneroAddressTextField from "renderer/components/inputs/MoneroAddressTextField";
 import BitcoinAddressTextField from "renderer/components/inputs/BitcoinAddressTextField";
@@ -704,24 +704,32 @@ function NodeTable({
   );
 }
 
+const torForced = await getTorForcedExcuse();
 export function TorSettings() {
   const dispatch = useAppDispatch();
   const torEnabled = useSettings((settings) => settings.enableTor);
   const handleChange = (event: React.ChangeEvent<HTMLInputElement>) =>
     dispatch(setTorEnabled(event.target.checked));
-  const status = (state: boolean) => (state === true ? "enabled" : "disabled");
 
   return (
     <TableRow>
       <TableCell>
         <SettingLabel
           label="Use Tor"
-          tooltip="Route network traffic through Tor to hide your IP address from the maker."
+          tooltip={
+            "Route network traffic through Tor to hide your IP address from the maker. " +
+            torForced
+          }
         />
       </TableCell>
 
       <TableCell>
-        <Switch checked={torEnabled} onChange={handleChange} color="primary" />
+        <Switch
+          disabled={torForced}
+          checked={torEnabled || torForced}
+          onChange={handleChange}
+          color="primary"
+        />
       </TableCell>
     </TableRow>
   );
@@ -740,7 +748,8 @@ function MoneroTorSettings() {
     dispatch(setEnableMoneroTor(event.target.checked));
 
   // Hide this setting if Tor is disabled entirely
-  if (!torEnabled) {
+  // Hide this setting if it's superseded by the global Tor connection
+  if (!torEnabled || torForced) {
     return null;
   }
 

src-gui/src/renderer/rpc.ts

@@ -304,6 +304,10 @@ export async function checkContextStatus(): Promise<ContextStatus> {
   return await invokeNoArgs<ContextStatus>("get_context_status");
 }
 
+export async function getTorForcedExcuse(): Promise<string> {
+  return await invokeNoArgs<string>("get_tor_forced_excuse");
+}
+
 export async function getLogsOfSwap(
   swapId: string,
   redact: boolean,

src-tauri/Cargo.toml

@@ -15,6 +15,7 @@ tauri-build = { version = "2.*", features = ["config-json5"] }
 [dependencies]
 monero-rpc-pool = { path = "../monero-rpc-pool" }
 swap = { path = "../swap", features = [ "tauri" ] }
+swap-tor = { path = "../swap-tor" }
 dfx-swiss-sdk = { workspace = true }
 
 anyhow = "1"

src-tauri/src/commands.rs

@@ -69,7 +69,8 @@ macro_rules! generate_command_handlers {
             get_restore_height,
             dfx_authenticate,
             change_monero_node,
-            get_context_status
+            get_context_status,
+            get_tor_forced_excuse,
         ]
     };
 }
@@ -197,6 +198,13 @@ pub async fn get_context_status(state: tauri::State<'_, State>) -> Result<Contex
     Ok(state.context().status().await)
 }
 
+#[tauri::command]
+pub async fn get_tor_forced_excuse(_: tauri::State<'_, State>) -> Result<String, String> {
+    Ok(swap_tor::TOR_ENVIRONMENT
+        .map(|ste| ste.excuse())
+        .unwrap_or(String::new()))
+}
+
 #[tauri::command]
 pub async fn resolve_approval_request(
     args: ResolveApprovalArgs,

swap-env/Cargo.toml

@@ -15,6 +15,7 @@ rust_decimal = { workspace = true }
 serde = { workspace = true }
 swap-fs = { path = "../swap-fs" }
 swap-serde = { path = "../swap-serde" }
+swap-tor = { path = "../swap-tor" }
 terminal_size = "0.4"
 thiserror = { workspace = true }
 time = "0.3"

swap-env/src/prompt.rs

@@ -38,6 +38,13 @@ pub fn bitcoin_confirmation_target(default_target: u16) -> Result<u16> {
 
 /// Prompt user for listen addresses
 pub fn listen_addresses(default_listen_address: &Multiaddr) -> Result<Vec<Multiaddr>> {
+    if !swap_tor::TOR_ENVIRONMENT
+        .map(|ste| ste.can_listen_tcp())
+        .unwrap_or(true)
+    {
+        return Ok(vec![]);
+    }
+
     let listen_addresses = Input::with_theme(&ColorfulTheme::default())
         .with_prompt("Enter multiaddresses (comma separated) on which asb should list for peer-to-peer communications or hit return to use default")
         .default(format!("{}", default_listen_address))
@@ -131,6 +138,13 @@ pub fn monero_daemon_url() -> Result<Option<Url>> {
 
 /// Prompt user for Tor hidden service registration
 pub fn tor_hidden_service() -> Result<bool> {
+    if !swap_tor::TOR_ENVIRONMENT
+        .map(|ste| ste.can_listen_onion())
+        .unwrap_or(true)
+    {
+        return Ok(false);
+    }
+
     print_info_box([
         "Your ASB needs to be reachable from the outside world to provide quotes to takers.",
         "Your ASB can run a hidden service for itself. It'll be reachable at an .onion address.",

swap-tor/src/lib.rs

@@ -203,4 +203,23 @@ impl SpecialTorEnvironment {
             )),
         }
     }
+
+    /// `true` if listening on an address like `/ip4/0.0.0.0/tcp/9939` is possible in this environment
+    pub fn can_listen_tcp(self) -> bool {
+        match self {
+            Self::Whonix | Self::Tails => false,
+        }
+    }
+
+    /// `true` if listening on an address like `/onion3/whatever` is possible in this environment
+    pub fn can_listen_onion(self) -> bool {
+        match self {
+            Self::Whonix | Self::Tails => false,
+        }
+    }
+
+    /// Explain to the user why Tor is always on
+    pub fn excuse(self) -> String {
+        format!("Under {self:?}, the app always uses the global Tor connection.")
+    }
 }