The earliest version of the cryptocart deploys beautifully through traditional means. I quickly learned, however, that it could not be deployed anonymously via Tor.
The reason was simple… the email ordering system - awesome though it may be - was inherently insecure.
Based on this realization and the feedback offered by my early human test subjects, I had to redesign the checkout process for two reasons:
- It’s a break from the norm
- It doesn’t work on Tor anyway
In adopting this feedback (thanks y’all!) I aim to:
- Preserve as much mutual anonymity as possible between buyer and seller
- Minimize record collection and facilitate record encryption
- Minimize database dependencies
These are challenges huge in their subtleties. They haven’t been met yet, yet I bet they do get met.
With that, I present…
Bad news… if you really want anonymity, then buyer-seller email communication becomes a manual exercise. You’ll need something like mail2tor.com to talk to your customers.
Moreover, the cart application sends email notifications to the seller, which cannot be allowed to leave the server. Consider this healthy paranoia…
These steps are executed on an updated Ubuntu 16.04 Server (sorry, haven’t tried 18 yet). Docker, Compose, Node, Git, etc., should be set up and ready go. If none of that makes sense to you, buy a t-shirt and maybe the Mining King will help you set up shop.
I’m also assuming a production deployment. The steps that follow are the minimum required to set up a Tor shop. The crypto-shopping-cart is open-source and free for everyone to use. Adapt it to your purposes. Contributors are welcome!
At the very least, this will prevent anyone from attempting to guess or brute-force their way in.
Execute the following on your local system, i.e., not on the Tor server:
ssh-keygen -t rsa
Follow the prompts. The default filename (
rsa_id) is fine. For extra paranoia, be sure to encrypt your private key with a passphrase.
Now, install the public key on the remote server:
ssh-copy-id -i $HOME/.ssh/rsa_id.pub email@example.com
The passphrase won’t make your login any faster. You’ll need to enter the passphrase every time you use the key to access your remote server:
Assuming you have successfully logged into the machine, disable root and remote password logins:
sudo vi /etc/ssh/sshd_config
Find and set the following as shown:
sudo /etc/init.d/ssh reload
If you log out and attempt to login with a password via
root or your user, you will now be denied. Only the holder of the private
rsa_id file can gain access.
These instructions are adapted from the crypto-shopping-cart’s
Obtain the cryptocart software and install its dependencies:
git clone https://github.com/TheMiningKing/crypto-shopping-cart
.env file and adapt the following for your purposes:
# Don't change these
The Don’t change settings are configured so that email does not exit the server hosting your hidden service. Obviously, you’ll want to change
SITE_NAME, et al.
Execute the Docker composition:
docker-compose -f docker-compose.tor.yml up -d
You probably don’t want to sell sick mining Ts on your hidden site. You can set your own product information in the
db/data.json file. Note that product prices are specified in Gwei, because floating point stuff is a pain.
Once you’ve set up your product information (pictures go in
public/images/products/), seed your database:
docker-compose -f docker-compose.tor.yml run --rm node node db/seed.js NODE_ENV=production
At this point, your shop should be running, but it won’t be accessible from Tor or the clear web.
These steps were adapted from here.
Tor should be setup in a directory apart from your shop. Assuming you are currently in the
Paste the following to
Dockerfile in this new directory:
Paste the following to
docker-compose.yml (still in the
Hopefully you know a thing or two about Docker and Compose. Notice the shared
volumes. We need to configure a file called
torrc contained in the
config directory located in the
tor-proxy directory. But before we can do this, we need to know the name of the application container we want to provide as a hidden Tor service…
You’ll see something similar to this:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
NAMES column is where you find your crypto-shopping-cart hostname. In this case, it is
cryptoshoppingcart_node_1. This means the contents of
config/torrc must look like this:
docker-compose up -d
Assuming all went well, you can obtain your new
.onion address like this:
docker-compose exec tor cat /home/user/.tor/hidden_app_1/hostname
The crypto-shopping-cart’s Tor-safe deployment ensures all outgoing emails are intercepted. Emails intended for customers will need to be manually copied and pasted off of your hidden service server and relayed manually through an anonymous mail service like mail2tor.com.
For server side email management, I use
sudo apt install mutt
Intercepted mail is deposited into the
crypto-shopping-cart/mailorders directory. To see the captured mail, execute the following from the
sudo mutt -f mailorders/root
How do we preserve both anonymity and build trust?
It’s a ways off yet, but I plan to incorporate Ethereum smart contracts into the order process. My early goal is to withhold payment until Canada Post reports that a package has been delivered.
If you want to take a stab at it, contributions are welcome!