DEV Community

Cover image for The ₿OSS Challenge: Cloaking My Signet Node for the Wallet challenge
0xkniraj
0xkniraj

Posted on

The ₿OSS Challenge: Cloaking My Signet Node for the Wallet challenge

#bitcoin #tor #programming #opensource

Hello, dear readers! It has been some time, but I greet you once more from the pages of my logbook — the record of my grandest technical adventures yet!

It is I, your humble explorer of the digital frontier. These days, I’ve traded my traveling cloak for a terminal window as I embark on a rigorous new expedition: I have officially stepped up as a challenger of the ₿OSS (Bitcoin Open Source Software) 2026!

My journey began in the year 2139—or at least, the version of it found in the Saving Satoshi RPG. With my trusted Holocat companion (that brilliant, nose-boopable AI guide from Chaincode Labs) by my side, I’ve been decoding genesis blocks and mastering elliptic curve cryptography to save the network from a standstill. Having "Saved Satoshi," I am now venturing into the practical world of running Bitcoin node.

Today, I’m sharing the "architectural scrolls" for a setup that is essential for any ₿OSS challenger: running a Bitcoin Signet node entirely over Tor using Docker.

The Master Blueprint: Docker Compose

To begin this ritual of deployment, you must prepare your docker-compose.yaml. This file summons the Bitcoin Core spirit and its silent Tor guardian.

services:
  bitcoin-core:
    image: bitcoin/bitcoin:latest
    container_name: bitcoin_signet
    command:
      - -signet=1        # Directs the node to the Signet testing realm
      - -printtoconsole
      - -rpcallowip=0.0.0.0/0
      - -rpcbind=0.0.0.0
      - -txindex=1
      - -zmqpubhashblock=tcp://0.0.0.0:28332
      - -zmqpubhashtx=tcp://0.0.0.0:28333

      # Tor Configuration
      - -proxy=tor:9050 # Route outgoing traffic through Tor
      - -listen=1 # Accept incoming connections
      - -bind=0.0.0.0 # Bind to all interfaces inside the container
      - -onion=tor:9050 # Use Tor for .onion addresses
      - -discover=1 # Try to self-discover the onion address
      - -torcontrol=tor:9051

    ports:
      - "38332:38332" # RPC port
      - "18444:18444" # P2P port
      - "28332:28332" # ZMQ block notifications
      - "28333:28333" # ZMQ transaction notifications
    volumes:
      - ./bitcoin-data:/home/bitcoin/.bitcoin
      - ./tor-data:/var/lib/tor:ro # Shared volume for the auth cookie
    restart: unless-stopped
    networks:
      - bitcoin-network
    depends_on:
      - tor

  tor:
    image: osminogin/tor-simple:latest
    container_name: tor_proxy
    user: "0:0" 
    environment:
      - TOR_CONTROL_PORT=9051
    volumes:
      - ./torrc:/etc/tor/torrc:ro
      - ./tor-data:/var/lib/tor # Shared volume for the cookie
    restart: unless-stopped
    networks:
      - bitcoin-network

networks:
  bitcoin-network:
    driver: bridge
Enter fullscreen mode Exit fullscreen mode

The Secret Instructions: torrc

As every ₿OSS knows, the proxy needs specific rules to function. Create a file named torrc in your directory and whisper these lines into it:

# SOCKS5 Proxy
SocksPort 0.0.0.0:9050

# Control Port
ControlPort 0.0.0.0:9051

# Use Cookie instead of Password
CookieAuthentication 1
CookieAuthFileGroupReadable 1
DataDirectory /var/lib/tor
Enter fullscreen mode Exit fullscreen mode

Entering the Private Signet Challenge

Now, listen closely, for this is the step that separates a standard traveler from a true challenger! If you are like me and taking on the ₿OSS 2026 trials, you need to point your node toward the private signet used for our tasks.

Simply copy your challenge configuration into the data directory we created:

cp config/bitcoin.conf bitcoin-data/bitcoin.conf
Enter fullscreen mode Exit fullscreen mode

By doing this, you've shared the secret "handshake" (the signetchallenge hex) with your node. Now, when you run your containers, you aren't just on any network but you are officially using the ₿OSS private signet!

Proof of Success: The "getnetworkinfo" Reveal

Once you’ve cast the docker-compose up -d spell, it’s time to verify your work. I used the following command to check if my node was truly hidden behind the Tor cloak.

Witness the results of my successful incantation! My node has successfully manifested its own .onion address and is reaching out to the world through the proxy:

 docker exec bitcoin_signet bitcoin-cli -signet -datadir=/home/bitcoin/.bitcoin getnetworkinfo
{
  "version": 280100,
  "subversion": "/Satoshi:28.1.0/",
  "networks": [
    {
      "name": "ipv4",
      "reachable": true,
      "proxy": "192.168.97.2:9050"
    },
    {
      "name": "onion",
      "reachable": true,
      "proxy": "192.168.97.2:9050"
    }
  ],
  "localaddresses": [
    {
      "address": "<your address>.onion",
      "port": 38333,
      "score": 4
    }
  ]
}
Enter fullscreen mode Exit fullscreen mode

What does this tell us?

  • Reachable: true: Our node can see the network!
  • Proxy: Notice the IP 192.168.97.2? That is the internal Docker address of our tor_proxy service.
  • Localaddresses: That long string ending in .onion is our node's secret identity. It’s how other peers can find us without ever knowing our real-world location.

Final Thoughts from the Digital Frontier

Manifesting a node like this is just the first boss fight in the ₿OSS 2026 challenge. By using Signet, we can experiment with transactions without losing real sats, and by using Tor, we stay true to the cypherpunk spirit of privacy.

As the Holocat says, "Bitcoin is serious, but learning about it doesn't have to be!" I’m off to tackle the next chapter of my developer training. There are more blocks to verify and more code to write!

Top comments (0)