diff --git a/docs.d/TIPS-FOR-MINING-ONIONS.md b/docs.d/TIPS-FOR-MINING-ONIONS.md index fda93f3..44c4419 100644 --- a/docs.d/TIPS-FOR-MINING-ONIONS.md +++ b/docs.d/TIPS-FOR-MINING-ONIONS.md @@ -1,59 +1,73 @@ # Tips when mining Onion Addresses -## for v2 and v3 onion addresses; updated 26 jun 2019 +## For v3 onion addresses; updated 18 May 2021 -* Copied from: - https://medium.com/@alecmuffett/tips-when-mining-onion-addresses-8eece14cbd95 +Hello from Alec - and congratulations! You are setting up an Onion +site! And you want a vanity onion address! There is lots of software +out there that you can use to generate them! -Congratulations! You are setting up an Onion site! And you want a -vanity onion address! There is lots of software out there that you can -use to generate them! +## What do I use? -I'm not going to make strong software recommendations, because it's a -matter of what you have at your disposal already, and what fits the -hardware that you have access to. +Some people mine onion addresses on local hardware for privacy and +safety, whilst others are happy to rent a GPU-based compute-heavy +instance from AWS, or similar. -* for v2: Onions: `Scallion` (C# or Mono, GPU accelerated), `Shallot`, - or `Eschalot`; go for the latest versions of each. +I'm not going to make terribly strong software recommendations, +because it's a matter of what you have at your disposal already, +and what fits the hardware that you have access to. -* for v3 Onions: I have no idea of the standout tools, please check - back and/or suggest something in the comments +In my case I have a small cluster of Raspberry Pi, and I use +[`mkp224o`](https://github.com/cathugger/mkp224o) for mining with them. +I compiled the code manually, using +[the instructions](https://github.com/cathugger/mkp224o/blob/master/README.md) +and +[the tuning instructions](https://github.com/cathugger/mkp224o/blob/master/OPTIMISATION.txt) +to build something suitable for me. -Some people mine onion addresses on local hardware for safety, others -are happy to rent a GPU-based compute-heavy instance from AWS, or -similar. +If you are looking for a really meaningful, long-prefix onion address +up front, you will have to expend a lot of money and CPU-time in order +to find one. This is why the next section is really important in +order to get the most "bang for your buck". + +## How do I best approach this challenge? If you're setting up multiple onions for your site -- eg: if there is one/more CDNs associated with your site, it is nice to set up vanity onions for them, too; partly for "cute" but also to stop yourself going crazy during debugging. -For instance, the NYT onion is https://www.nytimes3xbfgragh.onion/ and -their CDN Onion is https://graylady3jvrrxbe.onion/ +For instance, the (defunct, V2) NYT +onion was https://www.nytimes3xbfgragh.onion/ and their CDN +onion was https://graylady3jvrrxbe.onion/ -Similarly there exist https://www.facebookcorewwwi.onion/ and -https://fbcdn23dssr3jqnq.onion/ +Similarly there were +https://www.facebookcorewwwi.onion/ and +https://fbcdn23dssr3jqnq.onion/ for Facebook. -* Perhaps use your CDN Onion to reflect your own history and -site/brand culture? +Ask yourself now: perhaps use your CDN Onion to reflect your own +history and site/brand culture? Perhaps you can mine several onion +addresses at the same time, even speculatively? -Onion mining is a matter of luck and resource, and -(counterintuitively?) the rarest resource that you have, is time, as -measured by your wall clock. +Onion mining is a matter of luck and expensive resource, and +(counterintuitively?) the rarest resource that you have, is time +as-measured by your wall clock. Therefore, if you are mining onions for a lot of sites, the best strategy is follows: * Have breakfast and some tea or coffee. Try to get into a creative - mood. + mood. You are making an investment of time *now* to save yourself + time and effort, later. -* Sit down, open a document, and try to think inclusively of every - possible prefix that you might ever find acceptable at the start (or - finish) of your onion addresses, for all of your sites, and write - them all down. You may create 10, 20, or more. No ideas are bad - ideas. Deduplicate them (eg: it's pointless to look especially for - `nytimes` if you are already happy to have anything beginning with - `nyt`) +* Sit down, open a document, and try to think inclusively of EVERY + POSSIBLE PREFIX THAT YOU MIGHT EVER FIND ACCEPTABLE at the start (or + suffix, at the end) of your onion addresses, for all of your sites + and CDNs, and write them all down. You may create 10, 20, or + more. No ideas are bad ideas. Deduplicate them (e.g.: it's pointless + to look for `nytimes` if you're already looking for anything + beginning with `nyt`). Each additional prefix is nearly zero-cost, + compared to the days, weeks, or months of time that your computers + will spend in grinding their way through cryptography. * Configure your software to search for all of these, for all of your sites, simultaneously. Set it running. Make sure to configure @@ -73,9 +87,9 @@ strategy is follows: dealing with randomness here, and raw entropy is more creative than you'd ever imagine. -* There is also a vast amount of noise -- huge, enormous quantities - of gibberish -- but that's okay, because `storage+grep` is cheaper - than `encryption+wallclocktime`. +* There is also a vast amount of noise -- huge, enormous quantities of + gibberish -- but that's okay, because (again) `storage+grep` is + mucg cheaper than `encryption+wallclocktime`. * When we mined the Facebook onion address, the search-patterns were `^(facebook|fbcdn|fbsbx|...)` and a few others all in a single @@ -103,6 +117,29 @@ strategy is follows: Best of luck to you. :-) +## Converting your V3 onion addresses for EOTK + +Tools like `mkp224o` save the keys they generate as three separate +files: `hs_ed25519_public_key`, `hs_ed25519_secret_key`, and +`hostname`; this is elegant but hard to manipulate, so EOTK creates +its own standard for storing v3 onion addresses in the `secrets.d` +folder. + +If you are in a directory which contains the above-named three files, +you can run a helper shellscript by using a command, something like: + +``` +~/eotk/lib.d/rename-v3-keys-for-eotk-secrets.sh +``` + +...which will safely create TWO files: + +* `someverylongonionaddressinvolvingalotofbase32characterss.v3pub.key` +* `someverylongonionaddressinvolvingalotofbase32characterss.v3sec.key` + +...that can be moved into your `~/eotk/secrets.d/` folder, for EOTK to +use when you run `eotk config ...` + ## War Stories and Problems When Mining Onions A long time ago I mined a bunch of test onion addresses for the New @@ -131,9 +168,9 @@ rather than actual, `hostname` file during install; so it might not reflect reality if your V2 onion keys are thusly afflicted - for instance if your Onion site is 100% unreachable. -The way to test a **V2 Onion** address for this syndrome is to `cd` -into `projects.d/.../foofoofoofoofoo.d/` and then **remove** the -`hostname` file in that directory. +The way to test a **V2 Onion** address for this syndrome is to +`cd` into `projects.d/.../foofoofoofoofoo.d/` and then **remove** +the `hostname` file in that directory. Then do: