Saturday, March 4, 2017

Open Bazaar Finally Integrates Tor

On January 18th OpenBazaar released their Milestone 1 Developer Release of OpenBazaar 2.0, a new version of the software which is built on the decentralized InterPlanetary File System (IPFS). The new version of OpenBazaar includes long awaited privacy features, such as support for Tor. On February 14th it was revealed that the code to allow Tor integration with OpenBazaar was ready. The new features could mark a huge step forward for decentralized darknet markets.

OpenBazaar officially launched with version 1.0 of their software in early 2016. The project started as DarkMarket made by Amir Taaki in 2014 at a Toronto Bitcoin Hackathon but was forked into OpenBazaar by Brian Hoffman. The first version of OpenBazaar utilized the UDP protocol, which when used over Tor poses a significant privacy threat through the leaking of a user’s IP address. Despite the risks to privacy, when OpenBazaar first launched, there were listings for marijuana and child pornography.

“Bring on the illegal commerce,” one Redditor wrote in response to the announcement of OpenBazaar 2.0. “Tor has always been the most requested feature by far — but it’s always been a bit of a technical challenge to implement,” OpenBazaar developer Chris Pacia told Bitcoin.com. While the Milestone 1 Developer release of OpenBazaar 2.0 was available in late January, it wasn’t until February 14th that the OpenBazaar team revealed to Bitcoin.com that the code for Tor integration was ready. “I’m happy we got it merged but there’s still more to do,” Pacia told Bitcoin.com.

Other new privacy enhancing features included in OpenBazaar 2.0 are the options to create private stores and private listings. Under version 1.0 of the software, all listings and stores are automatically public to everyone on the network. In version 2.0, users will only be able to access private listings and private stores if they know the OpenBazaar address. OpenBazaar also plans to update it’s messaging system by integrating Signal’s OTR forward secrecy ratcheting. Users will also be able to make requests for goods and services under version 2.0 of the software. OpenBazaar also says they plan to introduce “a more robust and useful” reputation and reviews system for all users.

In 2016, OB1 CEO Brian Hoffman explained in an interview with Bitcoin Magazine that the reason Tor integration was put off until later in the development of OpenBazaar was because they had hoped it would give them, “time to establish a baseline of nodes on the network and liquidity of items without overwhelming it with just darknet items.” While OpenBazaar has integrated Tor, developer Chris Pacia suggests people should only use the current version for testing purposes. “At some point, we want to have a security audit for both OpenBazaar and IPFS. Until we do that I wouldn’t recommend people using it for anything other than testing. Going forward there’s still a few more features to implement in the daemon and a bunch of tests to write. And most of the features need to be incorporated into the UI,” Pacia told Bitcoin.com.