The developers of the Tor anonymous network have released the release of the Arti 0.0.3 project, which develops a Tor client written in Rust. The project has the status of an experimental development, lags behind the functionality of the main Tor client in C and is not yet ready to fully replace it. In March, the release of 0.1.0 is expected, which is positioned as the first beta release of the project, and in the fall, the release of 1.0 with the stabilization of the API, CLI and settings, which will be suitable for initial use by ordinary users. In the more distant future, when the Rust code reaches a level that can completely replace the C version, the developers intend to make Arti the main implementation of Tor and stop maintaining the C implementation.
Unlike the C implementation, which was originally designed as a SOCKS proxy and then customized to suit other needs, Arti is initially developed as a modular plug-in library that can be used by various applications. In addition, when developing a new project, all past Tor development experience is taken into account, which will avoid known architectural problems, make the project more modular and efficient. The code is distributed under the Apache 2.0 and MIT licenses.
The reasons for rewriting Tor in Rust are the desire to achieve a higher level of code security through the use of a memory-safe language. According to the Tor developers, at least half of all vulnerabilities tracked by the project will be excluded in the Rust implementation if the code does not use "unsafe" blocks. Rust will also allow you to achieve faster development speed than using C, due to the expressiveness of the language and strong guarantees that allow you not to waste time on double checks and writing unnecessary code.
Of the changes in the 0.0.3 release, there is a complete overhaul of the configuration system and its associated API. The change allowed Rust to change settings on the fly while the Tor client was running. A new system for preemptive circuit construction has also been added, taking into account previously used ports to preemptively create chains that are likely to be needed in the future.
Source: opennet.ru