This Flutter plugin allows mobile applications to host Tor v3 Onion Services and route traffic securely through the Tor network. With built-in support for Android, it simplifies the creation of public .onion addresses and enables users to make anonymous requests to other Onion services, making it an essential tool for privacy-focused developers.
The Tor Hidden Service Flutter plugin offers a powerful solution for mobile applications that want to host Tor v3 Onion Services and route traffic anonymously via the Tor network. This plugin facilitates both server and client operations over the Tor network, making it versatile for various use cases.
Key Features
- Android Support: Utilizes the Guardian Project’s Tor binaries, ensuring seamless integration on Android devices.
- Host Onion Services: Automatically maps public Onion addresses (port 80) to a local server (port 8080) within the app, allowing for easy hosting of .onion services.
- HTTP Connect Tunnel: Outbound proxy available on port 9080 for routing requests through the Tor network.
- Custom HTTP Client: The
TorOnionClientallows for plain HTTP requests to .onion addresses without SSL requirements, simplifying service interactions. - Real-Time Bootstrap Logs: Provides live logs during the Tor startup process for easy monitoring and debugging.
Usage
To utilize the plugin, start by initializing the Tor service in a Dart environment:
import 'package:tor_hidden_service/tor_hidden_service.dart';
final _torService = TorHiddenService();
// Listen to bootstrap logs
_torService.onLog.listen((log) => print("TOR: $log"));
await _torService.start();
Hosting a Service
To host incoming traffic, bind a standard HTTP server to the HTTP port:
import 'dart:io';
HttpServer server = await HttpServer.bind(InternetAddress.anyIPv4, 8080);
server.listen((request) {
request.response.write('Hello from the Onion Network!');
request.response.close();
});
String? hostname = await _torService.getOnionHostname();
print("Hosting at: http://$hostname");
Making Requests
Depending on the destination, requests can be made through either plain HTTP or secure HTTPS:
Plain HTTP Requests:
final client = _torService.getUnsecureTorClient();
try {
final response = await client.get('http://example.onion');
print("Status: ${response.statusCode}");
print("Body: ${response.body}");
} catch (e) {
print("Request failed: $e");
}
Secure HTTPS Requests:
HttpClient client = _torService.getSecureTorClient();
try {
var request = await client.getUrl(Uri.parse('https://api.ipify.org'));
var response = await request.close();
var body = await response.transform(utf8.decoder).join();
print("My Tor IP: $body");
} catch (e) {
print("Request failed: $e");
}
Architecture & Port Mapping
The plugin efficiently manages the necessary port mappings for P2P functionality:
| Type | Port | Description |
|---|---|---|
| SOCKS5 | 9050 | Standard Tor SOCKS proxy |
| HTTP Tunnel | 9080 | Outbound proxy for Tor client requests |
| Hidden Service | 80 → 8080 | Inbound traffic routing for .onion addresses |
Troubleshooting
Common issues and their resolutions:
- 503 Service Unavailable: Ensure enough time has passed after startup for the hidden service descriptor to propagate.
- SocketException: Verify the binding is to
InternetAddress.anyIPv4instead oflocalhost. - HandshakeException: Use the appropriate client for the protocol you are connecting to (secure vs unsecure).
Disclaimer
The plugin is intended for educational and research purposes. It enhances privacy; however, it is essential to understand the limitations of Tor before relying on it for sensitive applications.
No comments yet.
Sign in to be the first to comment.