Feat/4299 tor networking crate

[fresh3nough]

Summary
This PR adds a new lightning-net-tor crate that provides native Tor networking support for Lightning Network nodes, enabling enhanced privacy through .onion connections.

Motivation
Lightning nodes often need to connect over Tor for privacy reasons. Currently, users must implement their own Tor integration or use external tools. This crate provides a first-class Tor networking stack similar to lightning-net-tokio, making it easy to connect Lightning nodes over Tor with minimal setup.

Implementation Details

New Crate: lightning-net-tor
• Location: lightning-net-tor/
• Architecture: Built on top of Arti, the Rust implementation of Tor
• Runtime: Uses Tokio for async operations
• API: Mirrors lightning-net-tokio for consistency

Core Components

1. TorConnection - Manages Tor stream state and I/O operations
2. TorSocketDescriptor - Implements peer_handler::SocketDescriptor for PeerManager integration
3. Connection Functions:
   ◦ connect_outbound_tor() - Connect to a Lightning node over Tor
   ◦ setup_outbound_tor() - Initialize outbound Tor connection
   ◦ setup_inbound_tor() - Initialize inbound Tor connection (for hidden services)

USAGE EXAMPLE

use bitcoin::secp256k1::PublicKey;
use std::sync::Arc;

// Assuming you have a PeerManager set up
let peer_manager: Arc<PeerManager<TorSocketDescriptor, ...>> = ...;

// Connect to a Lightning node over Tor
let target_pubkey = PublicKey::from_str("02...").unwrap();
let onion_address = "abc123def456.onion";
let port = 9735;

if let Some(connection_future) = connect_outbound_tor(
    peer_manager.clone(),
    target_pubkey,
    onion_address,
    port,
).await {
    tokio::spawn(connection_future);
}

Testing

Integration Tests
Added comprehensive integration tests in tests/integration_test.rs:
• Tor client initialization - Verifies Tor client creation and bootstrap
• Real connectivity test - Connects to DuckDuckGo's .onion service to verify Tor connectivity
• PeerManager integration - Ensures TorSocketDescriptor works with Lightning's PeerManager
• Daemon status checks - Helper to verify Tor daemon is running

Testing Documentation
Added TESTING.md with:
• Installation instructions for Tor daemon (Ubuntu, macOS, Arch)
• Step-by-step test execution guide
• Manual end-to-end testing with real Lightning nodes
• Troubleshooting for common issues
• Performance benchmarks and security considerations
• CI/CD integration examples

[ldk-reviews-bot]

👋 Thanks for assigning @tnull as a reviewer!
I'll wait for their review and will help manage the review process.
Once they submit their review, I'll check if a second reviewer would be helpful.

[tnull]

Hi! Thank you for looking into this!

Unfortunately, as it currently stands arti-client has a huge dependency tree that would be a liability to take on for any security-conscious Lightning node. So, as discussed over at #4299 we recently decided against going this way for now, and just merged #4305 to allow users to connect via Tor's SOCKS5 interface for the time being.

So I'm afraid until arti-client has a bit saner dependency tree, we're not ready to take on maintainership of a whole new networking crate based on it. I hope that's understandable.

[ldk-reviews-bot]

👋 The first review has been submitted!

Do you think this PR is ready for a second reviewer? If so, click here to assign a second reviewer.