The developers of the Tor anonymous network have released the release of the Arti 0.2.0 project, which develops a Tor client written in Rust. The project has the status of an experimental development, lags behind the main Tor client in C in terms of functionality and is not yet ready to fully replace it. A 1.0 release is planned for September, with API, CLI, and settings stabilizing, which will be suitable for initial use by regular users. In the more distant future, when the Rust code reaches a level that can completely replace the C version, the developers intend to make Arti the main implementation of Tor and stop maintaining the C implementation.
Unlike the C implementation, which was originally designed as a SOCKS proxy and then customized to suit other needs, Arti is initially developed as a modular plug-in library that can be used by various applications. In addition, when developing a new project, all past Tor development experience is taken into account, which will avoid known architectural problems, make the project more modular and efficient. The code is distributed under the Apache 2.0 and MIT licenses.
The reasons for rewriting Tor in Rust are the desire to achieve a higher level of code security through the use of a memory-safe language. According to the Tor developers, at least half of all vulnerabilities tracked by the project will be excluded in the Rust implementation if the code does not use "unsafe" blocks. Rust will also allow you to achieve faster development speed than using C, due to the expressiveness of the language and strong guarantees that allow you not to waste time on double checks and writing unnecessary code.
The most notable changes in the 0.2.0 release are related to performance and reliability improvements. Improved work in networks that support only IPv6. Reduced memory consumption for storing data from directory servers. Added dns_port option, with which you can configure the sending of DNS queries through Tor. A new code for working with the configuration has been proposed. APIs have been added to define rules for isolating threads and enabling sleep mode (suspending work for inactive clients). The ability to connect alternative code implementations for working with directory servers is provided.
Prior to the publication of release 1.0.0, the developers intend to provide Arti with full support for working as a Tor client providing access to the Internet (implementation of support for onion services has been postponed for the future). Including it is planned to achieve parity with the main implementation in the C language in areas such as network performance, CPU load and reliability, as well as to ensure support for all security-related features.
Source: opennet.ru