I'm happy to announce that SporeStack now offers truly hidden hosting. Hosting where a VM's traffic is entirely pushed in/out of Tor, access is over a hidden service, and the VM does not even know where it is hosted.
Further, this has been designed in such a way that the hidden infrastructure is independent of the "clearnet" business. If a government agency or other group managed to "shut down" SporeStack LLC, the hidden hosting could still function. At the moment, there is a different endpoint for Tor hosting than for clearnet hosting -- they may be "combined" at some point as long as the halves can function independently of each other. What this means is that the hidden endpoint must be used for launching Tor servers and the clearnet endpoint must be used for launching clearnet servers.
There are numerous caveats. iPXE is the only supported boot option. Renewal is not supported at this time (which is fairly intentional). It's expensive (about $24/month for a 1GiB VM with 1 core and 5 GiB of disk). It basically has one flavor which maxes out at 5GiB of disk. With demand we can adjust these things, but I'm not sure if such a service has been launched before. The upstream hosting for our Tor hidden service is kept separate from the rest and should not be easily identified as being from SporeStack. Funds send to the upstream hosts are "mixed", as needed. The dedicated server(s) hosting the VMs store data in disposable encrypted mount points. Meaning, the host won't survive a reboot, but this means that if the host were pulled for examination the disk contents would be worthless. The SporeStack Tor API nodes are hosted on this infrastructure and don't even know where the physical hosts reside.
All of this said, this could be the most secure and advanced API driven hosting that exists on Tor. It is a premium service at a premium price.
If you want to give it a try, use sporestackv2 as usual, but be sure to set --ipv4 tor, --ipv6 tor, and --api_endpoint http://spore64i5sofqlfz5gq2ju4msgzojjwifls7rok2cti624zyq3fcelad.onion.
Our V2 Hidden Service is spore64zke3ofvbp.onion. To help protect our customer's privacy and security, it is being replaced with a V3 Hidden Service: spore64i5sofqlfz5gq2ju4msgzojjwifls7rok2cti624zyq3fcelad.onion. spore64zke3ofvbp.onion will redirect to spore64i5sofqlfz5gq2ju4msgzojjwifls7rok2cti624zyq3fcelad.onion, but please update your links. API functionality to this endpoint will be slightly "different," and is not yet recommended at this time.
On an unrelated note that has nothing to do with Tor, SporeStack V1 has been terminated. Remaining servers should run 6 months past their expiry date but will be deleted in the future.
SporeStack V1 has been deprecated in favor of V2. If you use the SporeStack pip installable, you'll want to use `sporestackv2` instead of `sporestack`.
We do not have a phase out deadline in place yet for V1. For the foreseeable future, V1 topups will be allowed but migrating entirely to V2 is preferable. Expect launching on V1 to be disabled sooner than later, however.
Feature wise, we are still not at parity. If you're finding an important feature missing in V2, please contact us and let us know. Development is driven largely by demand.
SporeStack V2 API is now in public beta. It's quite different, now very provider agnostic. It's been used for a couple months now in private beta. API documentation can be found on any 404 page on the new endpoint, sporestack-python (sporestack on pip) will now install with a sporestackv2 binary side by side. It's very different, without launch profiles, QR codes for payment, and Vultr's IDs have been replaced with requested amounts of disk, memory, text operating system names, etc. Can pay straight from a Walking Liberty wallet. More news to come. V1 API will be deprecated but not yet.
If ipxescript and operating_system/ssh_key is specified, you will have a greater capacity of backends to be provisioned into. There are less features in some ways, and more in others (start, stop, serialconsole on baremetal hosted VMs, IPXE only). While this is not much of an immediate improvement in ease of use, the backend is significantly more flexible and should improve in time. Open to suggestions. For the time being, there is no Tor discount for V2. That may or may not come back, however there will be more news on the Tor front in the future.
SporeStack is now a Wyoming LLC. Regarding the previously mentioned capacity issues, we have been scaling rapidly and have some room, but not lots. More is on the way.
Update: SporeStack has changed to a Texas LLC.
We had immense growth over the past couple of months and have been scrambling to keep up. We've ran into limits with our current hosting and work is nearly complete for a revised system that will allow us to keep scaling, while adding making SporeStack more like a traditional VPS host in terms of start/stop/console features. Still as anonymous as you make it, with Bitcoin and Bitcoin Cash payments, and at a similar price point.
At the moment, we are cutting things pretty close but the end is in sight. However, please contact us before making any large deployments on SporeStack over the next few weeks. Stay tuned for updates.
We are starting a shift away from hostnames in SporeStack. It's best if you use the IPv4 and IPv6 addresses provided directly. If you can, use the IPv6 as a default.
Initially, all servers were setup with a resolvable hostname of uuid.node.sporestack.com. That is being phased out. Now, the hostname returned will look unusual, having a prefix with the IPv6 and IPv4 addresses of the server on a aaaaplusa.hostnameomatic.com suffix. This is primarily for backwards compatibility. Hostnameomatic server and "client" are both open source.
For now, uuid.node.sporetack.com is still being created. That will be phased out, along with the reverse DNS records. Older SporeStack client implementations explicitly used uuid + '.node.sporestack.com' explictly and should be upgraded to the latest version.
This may seem like a step backwards, but it is not. This will help increase the reliability and performance of the SporeStack API and allows for future growth. And in general, DNS servers are some of the most common failure points due to DDoS attacks. It's fairly straight forward to run your own nameservers (or use existing ones that are designed for high traffic) and can eliminate a fairly easy target. Say you were using CNAME or NS records to point to uuid.node.sporestack.com instead of adding A/AAAA records on your own domain. Someone might not like another customer's content hosted at SporeStack using similar DNS tactics. They send a 20Gbit/sec attack to the nameservers and now even though your server is likely fine and online, it can't resolve. We believe this is a more sensible and stable long term approach.
If you have any questions, please reach out: support at sporestack dot com
When Bitcoin Cash first came out, it was customary to use the same address format as Bitcoin (the 1-prefixed addresses with base58 encoding). The community has now settled on "CashAddr" which uses bech32 and has some advantages with QR code size and error detection. It also helps keep people from sending money to the wrong place as Bitcoin and Bitcoin Cash are two distinct currencies.
Unfortunately, any new change can be tricky to maintain backwards compatibility. And there get to be a lot of chicken and egg problems, very, very quickly. On Valentine's Day (Wednesday, the 14th of Febuary) I will switch SporeStack's Bitcoin Cash payment address to CashAddr. Make sure that your tooling supports both formats. If you need to convert back and forth, this Python library can be handy.
In anticipation of this, I have added CashAddr support to bitcash, and with it, WalkingLiberty, and bitcoinacceptor. As well as to sporestack-python 0.7.2 (the 'sporestack' pip installable package).
If you have any questions, please reach out: support at sporestack dot com
I launched SporeStack just over a year ago, unsure of what would happen. It pretty immediately had customers and compared to my earlier services, it was a clear success. Usage has slowly but steadily gained since then.
I'm very grateful to my customers who have decided to host with me. All in all, it's been a really good year.
Now on a not so great note, I've had my second abuse report and have had to delete a server. It was pretty blatant, multiple reports (Spamhaus, scanning, etc), and the server hadn't even been up 24 hours. Had a 6 hour window pushing 106GiB with almost nothing inbound. As I discussed before, if you create a server that's just spamming and such, my only course of action is to delete it. And no, there's no refunds.
The first abuse ticket I got was a few weeks ago. It was actually completely my fault. I was setting up Tor relays to try and help the network. I accidentally disabled the exit policy and the server acted as an exit node long enough to be noticed (a few hours).
Even though I have PTR records set in place and an abuse policy written on the front page, people still go through Vultr for abuse reports. I'm guessing they go by whois data on the IP block.
This does challenge my earlier assumption that this would be too expensive to be worth buying servers for blatant malicious use. If it continues I may have to set a higher price floor where you only end up with a decent rate buying a week at a time. I'm also thinking about adding an optional Bitmessage Address field in the spawn call. That way I can at least notify someone/something about what's happened. I think that will matter more in the less blatant cases (server's been up for two weeks, had one trivial complaint, maybe was compromised or playing too much with nmap).
Of course I think it'd be unfortunate to make the day-long servers more expensive. There's lots of possibilities like paying into a redeemable services card of sorts, where you use --paycard XXXXXXXXX and then top up one "card" in particular. That would help a lot with 1 day servers where fees often cost more than the transaction itself. I also do not want to sacrifice the potential anonymity of SporeStack as that's one of its most important traits (paycodes and Bitmessage can be done with no risk to anonymity).
Anyway. Thanks for reading and Happy New Year!
Update: I started work on mitigation features for malicious users. I want to keep a good reputation with Vultr so they don't pull the plug on my account and impact both myself and all of my problem-free customers (which has been all of them until today). The first mitigation is a "cents floor", which you can see in the /node/options endpoint. The floor only comes into effect on the cheapest servers. So say the "cents floor" is 50 cents and you order a 1GiB server for a day, which comes out to 44 cents. The price will be rounded up to 50 cents. If you bought that same server for two days, the price would still be 2*44=88 cents. Keep in mind that the "cents" calculation is before converting to cryptocurrency which has its own payment floor so that only spendable amounts are sent. For now I will be setting a "cents floor" of 50 cents so I can watch the code's behavior and output in the graphs. I'll be able to see how often it's hit. And if this user does prove to be malicious, I will raise the value until they give up. Most likely to 200 cents and then 500 cents if I absolutely have to. If the coast is clear, I'll lower it back down. While I hate to impact my good users, in the end I have no "users" from a technical standpoint since all API requests don't have any mandatory data which associates them. While I dislike randomly raising prices, this is most commonly a 6 cent increase for single-day servers. At the end of the day, refer to the API's output for how much your server will cost. If it's too much, you don't have to pay it.
Mitigation 2 is if double spends start to become a problem, I may set a minimum confirmation (most likely of 1) to avoid such attempts at "free" servers.
If you have any questions, please reach out: support at sporetack dot com
SporeStack has now deprecated Bitcoin (BTC) payments given the unspendability of small inputs in the Bitcoin blockchain. Today, the recommended fee has hovered over 900 Satoshis per byte. At current rates, this has meant even the most basic single input, output, return output payment (226 bytes~) costs $27 to send and have confirmed in a short amount of time. Thus, SporeStack loses money on any Bitcoin transaction under quite a large amount. Break even might be on a very large server for 28 days where we are not even profiting. Anything less than that and we have to cover the cost of the server while you pay an exhorbitant amount in transaction fees. And the money sent our way is literally unspendable at the amount of most of SporeStack's transactions. This is unfortunate and we hoped it wouldn't come to this so soon, but it has. Bitcoin is not functional as a currency for any "small" denominations anymore.
Bitcoin Cash has none of these problems and is cheaper for you and sustainable for us. Why would you want to launch a 1GiB server for 28 days, paying $14, to then pay an additional $27 in transaction fees?
We will be updating libraries and utilities to select Bitcoin Cash as default. This will break those not explicitly specifying Bitcoin who wish to pay with it. The next course of action will be to either set an enormous Bitcoin price floor or remove the option entirely.
SporeStack now accepts Bitcoin Cash. Paying in Bitcoin Cash will likely be cheaper as the price floor is not yet being hit and transaction fees are substantially less. Buying a server for 28 days with Bitcoin might cost $14 normally and with another $14 in fees. If you bought that same server with Bitcoin Cash it'd be $14 and fees could be $0.50 or less. Of course, fee algorithms are highly variable but you should easily come out ahead.
We highly recommend switching over to Bitcoin Cash as soon as possible for SporeStack use. We have been losing money on most Bitcoin transactions as a server for a week might cost $4, but spending that input can easily cost $5 as part of a larger transaction. If this congestion trend continues with Bitcoin we may set a very large price floor, likely 100,000 Satoshis, so that we can still afford to accept Bitcoin. Bitcoin Cash will be able to have a much lower price floor given the much higher transaction handling rate of the network. You may already have BitcoinCash if you held Bitcoins at the time of the hard fork on 2017-08-01. If not, converting Bitcoin to Bitcoin Cash with ShapeShift should be straight forward, of course there are numerous other exchange options.
In preparation for this, we have forked the Python 3 bit library to bitcash, upgraded WalkingLiberty with Bitcoin Cash support, and refactored bitcoinacceptor to also accept Bitcoin Cash. This was a large undertaking but we believe the Bitcoin Cash community as a whole can benefit. If you've previously had the SporeStack cli installed, upgrade it with pip install -U sporestack. Python 3 is now recommended and Python 2 support for the SporeStack Python library and CLI may be removed in the future.
Update: Unfortunately, this is no longer the case. However, we have more in the works as far as Tor goes.
SporeStack now gives a 10% discount to users connecting to its Hidden Services endpoint of spore64zke3ofvbp.onion. Keep in mind the price floor mentioned here, and the "security Satoshis" used to identify the transaction. In effect, it should be roughly 10% less for servers that are more than 3 days in life at current BTC/USD rates. Tor is a valuable tool for protecting privacy and we would like to encourage its use.
SporeStack (finally!) has prices pinned to the US dollar. The incredible rise in th Bitcoin price made this even more important than it was before. This breaks the "SATOSHIS_PER_DAY" feature in the API, library, and CLI client. But, you should get consistently much more reasonable prices. If the fiat US dollar proves unstable, we may pin to gold grams. Note that there is a price floor around 10,000 Satoshis, so 1-2 day 1GiB servers may seem quite expensive whereas the same server for a week or a month should be more reasonable. There can be issues transacting with less than 10,000 Satoshis, so it's generally not advised.
With self-spawning infrastructure it can be dangerous to pin to just one datacenter and have you respawning script fail because the datacenter was out of capacity. Now you can specify AUTO, AUTO-EU, or AUTO-NA to give you a random datacenter with capacity. AUTO is the new default if you specify null. But setting --dcid with any of the AUTO options will require the SporeStack Python CLI 0.6.8.
We've dropped prices by 25%. Well, sort of. Prices have always been pinned to Bitcoin and not the US dollar. As the US dollar has climbed we've not been adjusting automatically. This is something we may do in the future, especially if there is demand for it. But for
now, you can now buy 25% more nodes for your coin.
Since launch, SporeStack has never required a single personal detail to launch a server. No credit card, name, email address, phone number, or date of birth. We only require non-reversable payment up front with Bitcoin.
While fraud, spam, or Denial Of Service has not been an issue for us (most spammers don't have high enough margins to afford servers that aren't part of botnets), we see the value in the fight against serial pirates, casual tor users, non-mainstream opinions, and convenience.
As of today you will need the latest SporeStack client, so run pip install sporestack --upgrade if you're out of date.
In the past, you could launch a server in this fashion:
Once payment has been processed your information will be validated, logged, and then your server will be launched.
While we've been traditionally a Bitcoin-only shop, the credit card requirement will help reduce fraud. You will be liable for any "damages" caused by your server. This greatly simplifies copyright violation reports.
Such an inquiry might look like:
127.0.0.1 has been caught seeding SAVING PRIVATE RYAN over Bit Torrent. Please pay a fine of $3,000 for the three complete seeds we logged.
Unfortunately, in the past we had no personal information to give such inquiries. Now, we can simply reply with your personal information. Due process would involve too much overhead. While some innocent users will be affected, we trust in the thoroughness and certainty of anti-piracy requests.
SporeStack now supports topping up server lifetime. While SporeStack is intended for ephemeral use (replacing your server frequently), under current circumstances it is now possible to top up your node balance and extend its lifetime. This makes SporeStack an alternative to existing VPS hosts in the fashion that most users are used to using.
This will require the latest SporeStack client, so run pip install sporestack --upgrade if you're out of date.
Be prepared for this to not always work. Always back up your data and have a plan in case the server's life cannot be extended, or if there is a failure and the machine is terminated. But, it is a best-effort convenience feature. In the future, not all providers may support this. For instance there may be a case where a physical host machine is scheduled for an upgrade. Top ups beyond a certain point will not be allowed for servers on that host so that the maintenance can be performed when all servers have expired. Certain maintenance may not be so ideal, but hopefully most can be done with no live nodes on the machine.
It is possible for anyone to top up any server. If for your particular use case it is an issue for someone to top up your server and have it live longer than expected, please contact us. Your best bet may be to force a scheduled shutdown with at.
SporeStack now supports iPXE scripts and basic chain URL loading. This allows you to use netboot.xyz, boot.rackspace.com, and others.
For a basic example, we'll use CoreOS. Already supported by an image with our Vultr provider, but this should give you an idea. This will require the latest SporeStack client, so run pip install sporestack --upgrade if you're out of date.