Arti 1.2: Official Tor Implementation in Rust Released

The Tor network developers have announced the release of Arti 1.2.0, a Tor client project written in Rust. The 1.x branch is marked as suitable for everyday users and provides the same level of privacy, usability, and stability as the main C-based implementation. The code is distributed under the Apache 2.0 and MIT licenses.

Unlike the C implementation, which was originally designed as a SOCKS proxy and later adapted for other needs, Arti is being developed from the start as a modular, embeddable library that can be used by various applications. Additionally, the new project benefits from all the previous experience gained in Tor development, helping to avoid known architectural issues and making the project more modular and efficient.

The main reason for rewriting Tor in Rust is to achieve a higher level of code security by using a language that ensures safe memory management. According to the Tor developers, using Rust without “unsafe” blocks can prevent at least half of all typical vulnerabilities in the project. Rust also enables faster development compared to C, thanks to its expressiveness and strict guarantees, which reduce the need for double-checking and writing extra code.

Key Features of Arti 1.2

• Stable Onion Service Support: With Arti, users can now not only connect to existing onion services but also create their own onion services.
• Ongoing Development: Work has begun, but is not yet complete, on additional features to enhance privacy and protect onion services. These include RTT Congestion Control, DDoS protection tools, bandwidth regulation, client authorization, and the “Vanguard” mechanism to prevent Guard node identification. Until these features are fully implemented, using Arti to create onion services is not recommended for production deployments.
• Security Fixes: The new version fixes a vulnerability in the relay message handling code, which allowed the sending of empty DATA messages that could be used to insert undetectable traffic indicators. This issue is considered low risk, as DATA packets are only accepted for already open streams.

Future Plans

Feature parity with the C client is planned for the 2.0 branch, which will also offer bindings for using Arti in code written in various programming languages. Once the Rust code reaches a level where it can fully replace the C version, the developers intend to make Arti the main Tor implementation and discontinue support for the C version. Support for the C implementation will be phased out gradually, allowing for a smooth migration.