edit

14_1_Verifying_Your_Tor_Setup.md

@@ -6,13 +6,13 @@ If you did a standard installation with [Bitcoin Standup](https://github.com/Blo
 
 > :book: ***What is Tor?*** Tor is a low-latency anonymity and overlay network based on onion routing and path-building design for enabling anonymous communication. It's free and open-source software with the name derived from the acronym for the original software project name: "The Onion Router". 
 
-> :book: ***Why Use Tor for Bitcoin?*** The Bitcoin network is a peer-to-peer network that listens for transactions and propagates them using an IP public address.  When connecting to the network not using Tor, you would share your IP address, which could expose your location, your uptime, and others details to third parties — which is an undesirable privacy practice. To protect yourself online you should use tools like Tor to hide your connection details. Tor allows improve your privacy online as your data is cryptographically encoded and goes through different nodes, each one decoding a single layer (hence the onion metaphor).
+> :book: ***Why Use Tor for Bitcoin?*** The Bitcoin network is a peer-to-peer network that listens for transactions and propagates them using a public IP address.  When connecting to the network not using Tor, you would share your IP address, which could expose your location, your uptime, and others details to third parties — which is an undesirable privacy practice. To protect yourself online you should use tools like Tor to hide your connection details. Tor allows improve your privacy online as your data is cryptographically encoded and goes through different nodes, each one decoding a single layer (hence the onion metaphor).
 
 ## Understand Tor
 
 So how does Tor work?
 
-When a user wants to connect to an Internet server, Tor tries to build a path formed by at least three Tor nodes relays, called Guard, Middle, and Exit. While building this path, symmetric encryption keys are negotiated; when a message moves along the path, each relay then strips off its layer of encryption. In this way, the message arrives at the final destination in its original form, and each party only knows the previous and the next hop and cannot determinate origin or destination.
+When a user wants to connect to an Internet server, Tor tries to build a path formed by at least three Tor nodes relays, called Guard, Middle, and Exit. While building this path, symmetric encryption keys are negotiated; when a message moves along the path, each relay then strips off its layer of encryption. In this way, the message arrives at the final destination in its original form, and each party only knows the previous and the next hop and cannot determine origin or destination.
 
 Here's what a connection looks like without Tor:
 ```
@@ -44,7 +44,7 @@ Similarly, Bitcoin Tor users could be fingerprint-attacked by setting an address
 
 Meanwhile, even over Tor, Bitcoin is only a pseudoanonymous service due to the many dangers of correlation that stem from the permanent ledger itself. This means that Bitcoin usage over Tor is actually more likely to be _deanonymized_ than other services (and could lead to the deanonymization of other activities).
 
-With that said, Tor is generally considered far safer than the alternative, which is non-anonymous browsing.
+With that said, Tor is generally considered safer than the alternative, which is non-anonymous browsing.
 
 ## Verify Your Tor Setup
 
@@ -53,20 +53,20 @@ So how do you verify that you've enabled Tor? If you installed with Bitcoin Stan
 $ sudo -u debian-tor tor --verify-config
 ```
 
-If Tor is installed correctly you should see an output like this:
+If Tor is installed correctly you should output like this:
 ```
 Jun 26 21:52:09.230 [notice] Tor 0.4.3.5 running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.2n, Zlib 1.2.11, Liblzma 5.2.2, and Libzstd N/A.
 Jun 26 21:52:09.230 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
 Jun 26 21:52:09.230 [notice] Read configuration file "/etc/tor/torrc".
 Configuration was valid
 ```
-> :warning: **WARNING:** This just means that Tor is running, not that its being used for all connections.
+> :warning: **WARNING:** This just means that Tor is running, not that its being used for all (or any) connections.
 
 ### Verify Your Tor Setup for RPC
 
 The most important purpose of Tor, as installed by Bitcoin Standup, is to offer hidden services for the RPC ports that are used to send command-line style commands to `bitcoind`.
 
-> :book: ***What is a Tor Hidden Service?*** A hidden service (aka "an onion service") is a service that is accessible via Tor. Connection made to that service _using the Onion Network_ will be protected. In this case, there is a hidden service for `bitcoind` on Testnet, but there are also visible services using IPv4 and IPv6.
+> :book: ***What is a Tor Hidden Service?*** A hidden service (aka "an onion service") is a service that is accessible via Tor. Connection made to that service _using the Onion Network_ will be anonymized.
 
 The Tor config file is found at `/etc/tor/torrc`. If you look at it, you should see the following services to protect your RPC ports:
 ```
@@ -78,16 +78,14 @@ HiddenServicePort 1309 127.0.0.1:8332
 ```
 > :link: **TESTNET vs MAINNET:** Mainnet RPC is run on port 8332, testnet on port 18332.
 
-> :information_source: **NOTE:** The `HiddenServiceDir` is where all the files are kept for this particular service. If you need to access keys or add authorized clients, this is where to do so!
+> :information_source: **NOTE:** The `HiddenServiceDir` is where all the files are kept for this particular service. If you need to lookup your onion address, access keys, or add authorized clients, this is where to do so!
 
-The easy way to test this is to use the [QuickConnect API](https://github.com/BlockchainCommons/Bitcoin-Standup/blob/master/Docs/Quick-Connect-API.md) built into Bitcoin Standup.
+The easy way to test your RPC Hidden Service is to use the [QuickConnect API](https://github.com/BlockchainCommons/Bitcoin-Standup/blob/master/Docs/Quick-Connect-API.md) built into Bitcoin Standup. Just download the QR code found at `/qrcode.png` and scan it using a wallet or node that support QuickConnect, such as [The Gordian Wallet](https://github.com/BlockchainCommons/FullyNoded-2). When you scan the QR, you should see the wallet sync up with your node; it's doing so using the RPC hidden services.
 
-Just download the QR code found at `/qrcode.png` and scan it using a wallet or node that support QuickConnect, such as [FullyNoded 2](https://github.com/BlockchainCommons/FullyNoded-2). When you scan the QR, you should see the wallet sync up with your node.
+The hard way to test your RPC Hidden Service is to send a `bitcoin-cli` command with `torify`, which allows you to translate a normal UNIX command to a Tor-protected command. It's difficult because you need to grab three pieces of information.
 
-The hard way is to send a `bitcoin-cli` command with `torify`, which allows you to translate a normal UNIX command to a Tor-protected command. It's difficult because you need to grab three pieces of information.
-
-1. **Your Hideen Service Port.** This comes from `/etc/tor/torrc/`. By default, it's 1309.
-2. **Your Tor Address.** This is in the `hostname` directory in the `HiddenServiceDir` defined in `/etc/tor/torrc`. By default the file is thus `/var/lib/tor/standup/hostname`. It's protected, so you'll need to `sudo` to access it:
+1. **Your Hidden Service Port.** This comes from `/etc/tor/torrc/`. By default, it's port 1309.
+2. **Your Tor Address.** This is in the `hostname` file in the `HiddenServiceDir` directory defined in `/etc/tor/torrc`. By default the file is thus `/var/lib/tor/standup/hostname`. It's protected, so you'll need to `sudo` to access it:
 ```
 $ sudo more /var/lib/tor/standup/hostname
 mgcym6je63k44b3i5uachhsndayzx7xi4ldmwrm7in7yvc766rykz6yd.onion
@@ -101,9 +99,9 @@ $ torify bitcoin-cli -rpcconnect=mgcym6je63k44b3i5uachhsndayzx7xi4ldmwrm7in7yvc7
 
 ### Verify Your Tor Setup for Bitcoind
 
-Bitcoin Standup also ensures that your `bitcoind` is set up to optionally answer on an onion address.
+Bitcoin Standup also ensures that your `bitcoind` is set up to optionally communicate on an onion address.
 
-You can verify the initial setup of Tor for `bitcoind` by grepping for 'tor' in the `debug.log` in your data directory:
+You can verify the initial setup of Tor for `bitcoind` by grepping for "tor" in the `debug.log` in your data directory:
 ```
 $ grep "tor:" ~/.bitcoin/testnet3/debug.log 
 2020-07-15T17:56:34Z tor: ADD_ONION successful
@@ -201,7 +199,7 @@ You can see similar information with `getnetworkinfo`.
   "warnings": "Warning: unknown new rules activated (versionbit 28)"
 }
 ```
-This hidden service will allow connections to your `bitcoind` over the Bitcoin Network.
+This hidden service will allow anonymous connections to your `bitcoind` over the Bitcoin Network.
 
 > :warning: **WARNING:** Running Tor and having a Tor hidden service doesn't force either you or your peers to use Tor.
 
@@ -350,13 +348,13 @@ Some might not, such as this IPv6 connection:
   }
 ...
 ```
-Having Tor connections for your `bitcoind` is probably somewhat less useful than having Tor for your RPC connections. That's in part because it's not particularly recommended to try and send all your Bitcoin connections via Tor, and in part because protecting your RPC commands is really where it's at, because you're much more likely to be doing that remotely, from a software wallet like FullyNoded 2, while your server itself is more likely to be sitting in your office, basement, or bunker.
+Having a Tor address for your `bitcoind` is probably somewhat less useful than having a Tor address for your RPC connections. That's in part because it's not recommended to try and send all your Bitcoin connections via Tor, and in part because protecting your RPC commands is really what's important: you're much more likely to be doing that remotely, from a software wallet like The Gordian Wallet, while your server itself is more likely to be sitting in your office, basement, or bunker.
 
-There are some setups to push Bitcoin further into usage of Tor, as discussed in the next section.
+Nonetheless, there are ways to make `bitcoind` use Tor more, as discussed in the next section.
 
 ## Summary: Verifying Your Tor Setup
 
-Tor is a software package installed at part of Bitcoin Standup that allows you to exchange communications anonymously. It will protect both your RPC ports (8332 or 18332) and your `bitcoind` ports (8333 or 18333) — but you have to actively connect to the onion address to use them! Tor is the foundation of privacy and security for your Bitcoin setup, and you can verify it's available and linked to Bitcoin with a few simple commands.
+Tor is a software package installed at part of Bitcoin Standup that allows you to exchange communications anonymously. It will protect both your RPC ports (8332 or 18332) and your `bitcoind` ports (8333 or 18333) — but you have to actively connect to the onion address to use them! Tor is a building stone of privacy and security for your Bitcoin setup, and you can verify it's available and linked to Bitcoin with a few simple commands.
 
 > :fire ***What is the power of Tor?*** Many attacks on Bitcoin users depend on knowing who the victim is and that they're transacting Bitcoins. Tor can protect you from that by hiding both where you are and what you're doing. It's particularly important if you want to connect to your own node remotely via a software wallet, and can be crucial if you do so in some country where you might not feel that your Bitcoin usage is appreciated or protected. If you must take your Bitcoin services on the road, make sure that your wallet fully supports Tor and exchanges all RPC commands with your server using that protocol.