Tor Support for iOS and Android

@tgreer and @kspearrin

Feature name:

  • Connect to your Bitwarden Server over Tor!

Feature Description

  • For iOS and Android apps, users can enable Tor in settings menu
  • If Tor is enabled, a Tor circuit will be established on app startup and closed on app background
  • If Tor is enabled and connected, users can enter a Tor “.onion” URL for their server address

Clients / Repos Affected:

  • Mobile

Timeline to completion (estimate):

  • 1 month

ETA: Q3/2020

Welcome, @Matt_Hill! Thanks for submitting this, very interesting. Let us take a little time to think it over :slight_smile:

What would need to be done to support this? I am not familiar with using Tor.

At the end, all you want is proxy support, no? You set up Tor on your device which runs a local proxy and then enter the proxy in third party apps, e.g. Bitwarden, so that they use your local proxy to connect to Tor?

Hi kspearrin. On mobile there isn’t too much that needs to be done.

The overview is that any HTTP connections need to be made over a SOCKS5 proxy. The standard iOS and Android HTTP libs support this straight out of the box. The only new addition to the bitwarden software is to start the Tor SOCKS proxy up when the app starts up. On iOS the Tor.framework library can be used. On the Android side we have modified the TorOnionProxy library to manage the tor instance which can be found in our capacitor plugin here. On iOS we can’t rely on an external proxy since Apple disallows that.

What @ProofOfKeags said. We are working together. Regarding the UI/UX around this, would probably be good to discuss how you’d like it done.

We want to implement this feature because our own Embassy product allows our users to fire up a Bitwarden Server on a Tor V3 Hidden Service on their own physical server with the push of a button. By hosting Bitwarden on a Hidden Service, users don’t have to worry about setting up a domain, a static IP, https, or port forwarding. It just works.

Currently, the only way our users can access their Hidden Service Bitwarden Server is through the Bitwarden Extension for Tor Browser or Firefox. It would be awesome if they could download the Bitwarden mobile app and provide their server URL there too.

I wanted to follow up here. We are willing to put the work of getting Tor into Bitwarden. The question we have is as to whether or not it would be accepted, where the code is, and if there would be a preferred approach that you have for it.

Have you had a chance to think about this?

Hey guys! Sorry for the delays here - it’s been a fast-paced couple of weeks! Can @kspearrin and I take just a bit longer to discuss?

Of course. Standing by.