Are there any negative consequences for users in running your own relay for a snowflake proxy and create a similar setup to an obfs4-bridge? I haven’t seen it documented anywhere, but using a central entry point for all snowflake users seems to have some scaling problems and it creates a single point of failure. So i guess there has to be a good reason for the current approach.
Are you asking about setting up a Snowflake bridge, as opposed to a proxy?
Snowflake proxies can be run as a webextension or as a standalone Go program. They are Tor agnostic but configured in our case to forward all traffic to the deployed Snowflake bridge.
Right now Snowflake can only support a single Snowflake bridge, and work must be done to support more. See Prepare all pieces of the snowflake pipeline for a second snowflake bridge (#28651) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
3 Likes
I saw there is an option - relay string for the proxy, which defaults to wss://snowflake.torproject.net/. Since the snowflake-server is also available in the snowflake repository i wondered if it would be possible to simply set up a relay using it as pluggable transport and point the snowflake-proxy i am running to my own relay.
That will unfortunately not work as intended at the moment since clients will also specify the fingerprint of the bridge in their torrc file. So for example the default configuration in Tor Browser has the fingerprint set to the current Snowflake bridge.
Since all clients fetch proxies from the same broker, clients that get matched with your proxy would be making a connection to a bridge with a different fingerprint than the one they expect, causing the bootstrap to fail with the following log message:
[warn] Problem bootstrapping. Stuck at 14% (handshake): Handshaking with a relay. (Unexpected identity in router certificate; IDENTITY; count 1; recommendation warn; host 2B280B23E1107BB62ABFC40DDCC8824814F80A72 at 192.0.2.3:1)
So, we still have some work to do before we can open up the option to run/point to different Snowflake bridges. Thank you for your interest, if you wish to run a Snowflake bridge in the future, keep an eye on the above issue 
2 Likes
This topic was automatically closed 2 hours after the last reply. New replies are no longer allowed.