
Giving Every Tor Hidden Service an IPv6 Address - MeltedLux
https://blog.benjojo.co.uk/post/tor-onions-to-v6-with-iptables-proxy
======
kodablah
> A Tor onion address is a 8 byte base32 encoded string (80 bits).

Not for v3 onion services. They base32 encode the entire ed25519 pub key and a
few bytes of metadata (35 bytes total). Won't quite fit into IPv6 space :-)

------
jstanley
Really neat, nice work!

Worth pointing out explicitly that this inserts Ben Jojo as a MITM on every
connection, but it's still a really cool project.

~~~
tialaramex
If your protocol is secured with TLS or SSH (and you don't have the SSH first
use concern) this MITM can't of course meddle with the connection, only sever
it if they wish.

However, because the service contacted is spelled out in the IPv6 address this
does lose you most metadata privacy you'd get from Tor

------
Olipro
Is ip6tables really necessary for this; wouldn't AnyIP work?

namely:

ip rou add local 2001:db8::/48 dev lo

~~~
benjojo12
That would require you to bind on star, and doesnt solve the bind on all ports
problem

