Using hidden services to replace exit nodes

Tor’s exit nodes are public, including their hidden nodes are made public by Metrics. Many countries can easily block Tor access by setting up IP blacklists. I’ve seen many users in the forums experiencing the above troubles.

I suggest that hidden services should be used instead of partial exit nodes to enhance Tor accessibility. The presence of bridges means that Tor has decided to make some of its nodes semi-public, so for exit nodes, this semi-public approach should be used as well, i.e., using hidden services instead of some of the exit nodes. And the release of these hidden service bridges can be modeled after the release of OBFS4, Snowflake, and others.

I strongly believe that using hidden services instead of exit nodes does not require the developer to modify the Tor source code, but rather just a simple configuration. I hope developers will take my suggestion seriously.

1 Like

I think it is almost impossible to hide exit nodes.
Attacker can just launch Tor Browser, point it to his website and collect IP addresses.


Georgetown GUSecLab implemented the concept of Exit bridges (with and without onion services):

Tor exit blocking, in which websites disallow clients arriving from Tor, is a growing and potentially existential threat to the anonymity network. We introduce two architectures that provide ephemeral exit bridges for Tor which are difficult to enumerate and block. Our techniques employ a micropayment system that compensates exit bridge operators for their services, and a privacy-preserving reputation scheme that prevents freeloading. We show that our exit bridge architectures effectively thwart server-side blocking of Tor with little performance overhead.

Website: Bypassing Tor Exit Blocking

Video presentation:

Code: GitHub - GUSecLab/tor-exit-relays


Tor forum link:


Similar forum post


This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.