From 65e503e8499f18e48d7801a298d9acdd6ed62d0b Mon Sep 17 00:00:00 2001
From: Eval EXEC <execvy@gmail.com>
Date: Mon, 3 Mar 2025 23:26:04 +0800
Subject: [PATCH] torcontrol: Add comment explaining Proxy credential
 randomization for Tor privacy

Signed-off-by: Eval EXEC <execvy@gmail.com>
---
 src/torcontrol.cpp | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/torcontrol.cpp b/src/torcontrol.cpp
index 17c51cd8e02..d34bbd2ef50 100644
--- a/src/torcontrol.cpp
+++ b/src/torcontrol.cpp
@@ -397,7 +397,11 @@ void TorController::get_socks_cb(TorControlConnection& _conn, const TorControlRe
 
     Assume(resolved.IsValid());
     LogDebug(BCLog::TOR, "Configuring onion proxy for %s\n", resolved.ToStringAddrPort());
-    Proxy addrOnion = Proxy(resolved, true);
+
+    // With m_randomize_credentials = true, generates unique SOCKS credentials per proxy connection (e.g., Tor).
+    // Prevents connection correlation and enhances privacy by forcing different Tor circuits.
+    // Requires Tor's IsolateSOCKSAuth (default enabled) for effective isolation (see IsolateSOCKSAuth section in https://2019.www.torproject.org/docs/tor-manual.html.en).
+    Proxy addrOnion = Proxy(resolved, /*_randomize_credentials*/ true);
     SetProxy(NET_ONION, addrOnion);
 
     const auto onlynets = gArgs.GetArgs("-onlynet");