Problem
When TorConfig is set, only peer connections to .onion addresses are routed through the SOCKS proxy. All HTTP calls made by ldk-node (RGS gossip sync, pathfinding scoring, and LNURL-auth) go direct over clearnet.
This means even a node connecting exclusively to .onion peers still leaks its IP to rapidsync.lightningdevkit.org on every gossip sync cycle.
Proposal
Route HTTP calls through the configured SOCKS5 proxy when TorConfig is set. Three call sites in ldk-node use bitreq for HTTP:
gossip.rs: RGS snapshot fetchscoring.rs: external pathfinding scoreslnurl_auth.rs: LNURL-auth challenge/response
bitreq's proxy feature currently supports HTTP CONNECT but not SOCKS5. SOCKS5 support (~180 lines, RFC 1928) would need to be added to bitreq, either upstream or via fork.
This could be unconditional (always proxy HTTP when TorConfig is set) or gated behind an opt-in flag. Happy to hear what the maintainers prefer.
Context
I'm building a mobile Lightning node (Android) with embedded Tor (Arti). I have a working implementation of this: SOCKS5 in a bitreq fork + proxy plumbing in ldk-node. Tested on a live node with an open channel. Happy to submit a PR if this direction makes sense.
Problem
When
TorConfigis set, only peer connections to.onionaddresses are routed through the SOCKS proxy. All HTTP calls made by ldk-node (RGS gossip sync, pathfinding scoring, and LNURL-auth) go direct over clearnet.This means even a node connecting exclusively to .onion peers still leaks its IP to
rapidsync.lightningdevkit.orgon every gossip sync cycle.Proposal
Route HTTP calls through the configured SOCKS5 proxy when
TorConfigis set. Three call sites in ldk-node use bitreq for HTTP:gossip.rs: RGS snapshot fetchscoring.rs: external pathfinding scoreslnurl_auth.rs: LNURL-auth challenge/responsebitreq's
proxyfeature currently supports HTTP CONNECT but not SOCKS5. SOCKS5 support (~180 lines, RFC 1928) would need to be added to bitreq, either upstream or via fork.This could be unconditional (always proxy HTTP when TorConfig is set) or gated behind an opt-in flag. Happy to hear what the maintainers prefer.
Context
I'm building a mobile Lightning node (Android) with embedded Tor (Arti). I have a working implementation of this: SOCKS5 in a bitreq fork + proxy plumbing in ldk-node. Tested on a live node with an open channel. Happy to submit a PR if this direction makes sense.