Recently I investigated a bit Bitcoin nodes configs and I found a few mistakes/inconsistencies, same in Core and Knots. Some of them with possibly severe consequences.
- The most critical one: the settings option switch “Make All Outgoing Connections to Clearnet Peers Over Tor” does not work as it’s supposed to. That means, even when this switch is ON, all the connections to clearnet nodes are unfortunately not being routed through Tor, but instead everything still go normal, direct, clearnet, easy to track and investigate, way. In the result your IP address is and always has been revealed to transacting nodes, also all the transactions you might have been thinking you’ve sent anonymously, they were not. Well yeah, it might have profound consequences, but better if you’re aware of it now.
The reason for this seems quite simple. The subscript of this settings switch claims it uses and generates proxy option to the bitcoin config, but it’s not. It generates onion option which also exists, but has different meaning. The onion option is used to reach tor peers via hidden services, but what we need in order to proxy all clearnet-bound traffic via tor is definitely the proxy option here. - “Prune”. The field in settings is now set in GB, even though the original option in bitcoin config is still in MB. The app does the trivial magic of converting GB to MB before putting it to the config, but even though we’re obviously dealing with gigabytes of the blockchain now it is not an improvement at all. We’ve simply lost the possibility of using the special value of prune=1 as well as the maximal pruning setting by using prune=550 (MB of course). The closest would be to use 1 GB in the “Prune“ field, which is maybe not a huge deal (but still circa double the minimal pruned size) but we’re definitely losing the chance to use the special value 1 (allow manual pruning via RPC) which sometimes may be important. I’d suggest reverting back to using simply MB in the “Prune“ field, same as original bitcoin config uses, not trying to “improve” Bitcoin developer’s work.
- The app is not using ASMap at all - no map file, no option in the config. Quite valuable option though to wisely choose peers and/or mitigate some attacks. Would be good if the app distribution contains a recent ASMap, for e.g. from here: GitHub - asmap/asmap-data: Repository holding recently created ASMaps encoded for use in Bitcoin Core along with a proper option in the config.