Skip to content
Create a gist now

Instantly share code, notes, and snippets.

Can NAT traversal be Tor's killer feature?

Can NAT traversal be Tor's killer feature?

tl;dr: how about a virtual global flat LAN that maps static IPs to onion addresses?

We all know the story. Random feature gets unintentionally picked up as the main reason for buying/using a certain product, despite the creator's intention being different or more general. (PC: spreadsheets; Internet: porn; smartphones: messaging.)

It's already happening

Exhibit 1: Ricochet IM ( uses onion addresses (each client runs a hidden service) as a sort of static anonymous IP address and, because it's static, it's the user's identity too, in a p2p/serverless chat app. It's dead simple, works like a charm behind the firewall at work, and protects metadata, which no other chat app/protocol I know does.

Exhibit 2: OnionShare ( does the same for file sharing, and it's actually a much easier user experience to send large files this way than any other. Why? "Static anomyous IP" (onion address) and NAT traversal because all tor hidden services work by making outgoing connections to Tor relays and don't need any open ports.

Those are two great apps that, unlike Tor Browser (which I love very much, but hear me out), improve the user experience, through Tor, in comparison with the mainstream (OnionShare even more so). The user might not even care about security or anonymity, it's just a better experience, period.

You don't have to convince people to make sacrifices in the name of privacy, you just have to show them something they want.

Like water

That's when natural demands kicks in and suddenly you're not pushing water uphill anymore, you've changed the landscape and it flows in the direction you want. Like when Tesla made electric cars that people buy despite being electric, not because of it.

As good as Ricochet and OnionShare are, they still had to go through the trouble of integrating hidden services themselves.

If there is a virtual network interface that transparently maps static IPs to onion addresses, all sorts of things could benefit from the backward compatibility (old games, IP-based voip, screensharing, real-time collaborative writing, etc.) and new ones could be built a lot more easily.

[ZeroTierOne ( does this, but doesn't worry about privacy.]

The only thing better than serving the privacy-conscious is serving privacy to those who don't even know they want it.

Demand vs capacity

Of course massive use would probably crush the current network, but uptake would be gradual, and I imagine demand has a greater power to drive capacity than the other way around.

I'm nowhere near an expert and I could be just talking out of my ass, so please let me know if this is completely stupid and would never work. Thanks!

Cheers, Helder

P.S.: you can follow me @obvio171 on Twitter.

P.S.2: more comments on Hacker News:

P.S.3: more comments on tor-talk: (OnionCat seems to already implement something like what I describe.)

P.S.4: follow up post:


I've run an IRC bouncer and SSH reverse tunnels over Tor for years. Not for the privacy but just for the ease of use. Also it reduces concerns with maintaining up to date linux hosting. While the risk of my .onion being discovered through the cat-and-mouse game that is de-anonymizing .onion's may permit some 3 letter agency to discover and root my host I at least reduce the attack service drastically by completely removing internet script kiddies from the threat model. So their is a security benefit in addition to the NAT transversal. The NAT transversal really makes a different and very easy reverse workflow possible. With some simple haggling with scripts and SSH you can reverse almost anything that is low bandwidth. I totally agree there is something to the ease of use provided that services have not fully explored yet.

And since most single-peer to home services never require an exit node bandwidth is never an issue. File transfer, remote mail, even a reverse tunnel to use a home IP as your exit node, all work with little to no bandwidth constraints. I really believe there are services to be built on this ease of use. Things that utilise these features without requiring one understand SSH reverse tunnels and the likes.

Finally, somehow I think the more services built on such a model the better we will understand how to fix some of the major flaws of the internet as a whole. Namely discrimination based on GeoIP comes to mind. If the internet were built in this manner instead of addressing a service I could have it address me through my own .onion reverse I think location discrimination would become a much more complex task. GeoIP is becoming much more fundamental. as the xkeyscorerules100.txt shows GeoIP is no longer just something used by media companies to prevent someone watching TV out of country and is today used to determine citizenship and basic civil liberties.


Those are very clever uses of this idea, glad to hear more people have thought of and run with it.

I hadn't given GeoIP much thought yet, but you make an excellent point. GeoIP determining citizenship and basic civil liberties is indeed crazy scary. Can't get more "the architecture is the truth" and "code is law" than that.

Let's hope someone smarter than me can figure out a good way to make this interface easier to use and more widespread, be it with a virtual network interface or not. It could just be a well-design, dead-simple API for building serverless/p2p apps on top of hidden services without knowing Tor, or a streamlined way to do tunneling as you're doing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.