The developers of the anonymous Tor network presented the first beta release (0.1.0) of the Arti project, which develops a Tor client written in Rust. The project has the status of an experimental development, it lags behind the functionality of the main Tor client in C and is not yet ready to fully replace it. In September it is planned to create release 1.0 with stabilization of the API, CLI and settings, which will be suitable for initial use by ordinary users. In the more distant future, when the Rust code reaches a level that can completely replace the C version, the developers intend to give Arti the status of the main implementation of Tor and stop maintaining the C implementation.
Unlike the C implementation, which was originally designed as a SOCKS proxy and then customized to suit other needs, Arti is initially developed as a modular plug-in library that can be used by various applications. In addition, when developing a new project, all past Tor development experience is taken into account, which will avoid known architectural problems, make the project more modular and efficient. The code is distributed under the Apache 2.0 and MIT licenses.
The reasons for rewriting Tor in Rust are the desire to achieve a higher level of code security through the use of a memory-safe language. According to the Tor developers, at least half of all vulnerabilities tracked by the project will be excluded in the Rust implementation if the code does not use "unsafe" blocks. Rust will also allow you to achieve faster development speed than using C, due to the expressiveness of the language and strong guarantees that allow you not to waste time on double checks and writing unnecessary code.
Among the changes in release 0.1.0, there is a basic stabilization of high-level APIs and bringing the library to readiness for experimental integration with other projects. Among the changes, the addition of an API for creating TorClient instances is mentioned, including the ability to build and initialize (bootstrap) in the background upon first use. In addition, a new high-level API for error handling has been added.
Prior to the publication of release 1.0.0, the developers intend to provide Arti with full support for working as a Tor client providing access to the Internet (implementation of support for onion services has been postponed for the future). Including it is planned to achieve parity with the main implementation in the C language in areas such as network performance, CPU load and reliability, as well as to ensure support for all security-related features.
Source: opennet.ru