|
| 1 | +# CJDNS support in Bitcoin Core |
| 2 | + |
| 3 | +It is possible to run Bitcoin Core over CJDNS, an encrypted IPv6 network that |
| 4 | +uses public-key cryptography for address allocation and a distributed hash table |
| 5 | +for routing. |
| 6 | + |
| 7 | +## What is CJDNS? |
| 8 | + |
| 9 | +CJDNS is like a distributed, shared VPN with multiple entry points where every |
| 10 | +participant can reach any other participant. All participants use addresses from |
| 11 | +the `fc00::/8` network (reserved IPv6 range). Installation and configuration is |
| 12 | +done outside of Bitcoin Core, similarly to a VPN (either in the host/OS or on |
| 13 | +the network router). |
| 14 | + |
| 15 | +Compared to IPv4/IPv6, CJDNS provides end-to-end encryption and protects nodes |
| 16 | +from traffic analysis and filtering. |
| 17 | + |
| 18 | +Used with Tor and I2P, CJDNS is a complementary option that can enhance network |
| 19 | +redundancy and robustness for both the Bitcoin network and individual nodes. |
| 20 | + |
| 21 | +Each network has different characteristics. For instance, Tor is widely used but |
| 22 | +somewhat centralized. I2P connections have a source address and I2P is slow. |
| 23 | +CJDNS is fast but does not hide the sender and the recipient from intermediate |
| 24 | +routers. |
| 25 | + |
| 26 | +## Installing CJDNS and connecting to the network |
| 27 | + |
| 28 | +To install and set up CJDNS, follow the instructions at |
| 29 | +https://github.com/cjdelisle/cjdns#cjdns. |
| 30 | + |
| 31 | +Don't skip steps |
| 32 | +["2. Find a friend"](https://github.com/cjdelisle/cjdns#2-find-a-friend) and |
| 33 | +["3. Connect your node to your friend's |
| 34 | +node"](https://github.com/cjdelisle/cjdns#3-connect-your-node-to-your-friends-node). |
| 35 | +You need to be connected to the CJDNS network before it will work with your |
| 36 | +Bitcoin Core node. |
| 37 | + |
| 38 | +Typically, CJDNS might be launched from its directory with |
| 39 | +`sudo ./cjdroute < cjdroute.conf` and it sheds permissions after setting up the |
| 40 | +[TUN](https://en.wikipedia.org/wiki/TUN/TAP) interface. You may also [launch it as an |
| 41 | +unprivileged user](https://github.com/cjdelisle/cjdns/blob/master/doc/non-root-user.md) |
| 42 | +with some additional setup. |
| 43 | + |
| 44 | +The network connection can be checked by running `./tools/peerStats` from the |
| 45 | +CJDNS directory. |
| 46 | + |
| 47 | +## Run Bitcoin Core with CJDNS |
| 48 | + |
| 49 | +Once you are connected to the CJDNS network, the following Bitcoin Core |
| 50 | +configuration option makes CJDNS peers automatically reachable: |
| 51 | + |
| 52 | +``` |
| 53 | +-cjdnsreachable |
| 54 | +``` |
| 55 | + |
| 56 | +When enabled, this option tells Bitcoin Core that it is running in an |
| 57 | +environment where a connection to an `fc00::/8` address will be to the CJDNS |
| 58 | +network instead of to an [RFC4193](https://datatracker.ietf.org/doc/html/rfc4193) |
| 59 | +IPv6 local network. This helps Bitcoin Core perform better address management: |
| 60 | + - Your node can consider incoming `fc00::/8` connections to be from the CJDNS |
| 61 | + network rather than from an IPv6 private one. |
| 62 | + - If one of your node's local addresses is `fc00::/8`, then it can choose to |
| 63 | + gossip that address to peers. |
| 64 | + |
| 65 | +## Additional configuration options related to CJDNS |
| 66 | + |
| 67 | +``` |
| 68 | +-onlynet=cjdns |
| 69 | +``` |
| 70 | + |
| 71 | +Make automatic outbound connections only to CJDNS addresses. Inbound and manual |
| 72 | +connections are not affected by this option. It can be specified multiple times |
| 73 | +to allow multiple networks, e.g. onlynet=cjdns, onlynet=i2p, onlynet=onion. |
| 74 | + |
| 75 | +CJDNS support was added to Bitcoin Core in version 23.0 and there may be fewer |
| 76 | +CJDNS peers than Tor or IP ones. You can use `bitcoin-cli -addrinfo` to see the |
| 77 | +number of CJDNS addresses known to your node. |
| 78 | + |
| 79 | +In general, a node can be run with both an onion service and CJDNS (or any/all |
| 80 | +of IPv4/IPv6/onion/I2P/CJDNS), which can provide a potential fallback if one of |
| 81 | +the networks has issues. There are a number of ways to configure this; see |
| 82 | +[doc/tor.md](https://github.com/bitcoin/bitcoin/blob/master/doc/tor.md) for |
| 83 | +details. |
| 84 | + |
| 85 | +## CJDNS-related information in Bitcoin Core |
| 86 | + |
| 87 | +There are several ways to see your CJDNS address in Bitcoin Core: |
| 88 | +- in the "Local addresses" output of CLI `-netinfo` |
| 89 | +- in the "localaddresses" output of RPC `getnetworkinfo` |
| 90 | + |
| 91 | +To see which CJDNS peers your node is connected to, use `bitcoin-cli -netinfo 4` |
| 92 | +or the `getpeerinfo` RPC (i.e. `bitcoin-cli getpeerinfo`). |
| 93 | + |
| 94 | +To see which CJDNS addresses your node knows, use the `getnodeaddresses 0 cjdns` |
| 95 | +RPC. |
0 commit comments