Onion Fs -

Prepared for: R&D / Cybersecurity Analysis Date: April 2026 Classification: Technical Evaluation 1. Executive Summary OnionFS refers to the practice of exposing a file storage system (e.g., WebDAV, FTP, SMB, or a custom HTTP API) exclusively through a Tor onion service. Unlike IPFS or BitTorrent, OnionFS does not provide native content addressing or distributed replication. Instead, it offers anonymous access and hidden origin for files, at the cost of performance and availability.

HiddenServiceDir /var/lib/tor/onionfs/ HiddenServicePort 80 127.0.0.1:8080 HiddenServiceVersion 3 Nginx config (backend): onion fs

server listen 127.0.0.1:8080; root /srv/onionfs/data; autoindex on; # disable for private use auth_basic "Restricted"; auth_basic_user_file /etc/nginx/.htpasswd; Prepared for: R&D / Cybersecurity Analysis Date: April

| Component | Role | | ------------------ | -------------------------------------------------------------------- | | | Tor hidden service (v3) with a .onion address | | File server | Lightweight HTTP server (e.g., Nginx, Caddy) or FTP/WebDAV backend | | Auth layer (optional) | HTTP Basic Auth, client certificates, or shared secret via Tor's auth | | Client | Tor Browser + http://<onion>/ or curl --socks5-hostname localhost:9050 | Instead, it offers anonymous access and hidden origin

| Operation | Clear web (HTTPS) | OnionFS (tor+nginx) | Degradation | | ----------------------- | ----------------- | ------------------- | ----------- | | Directory listing (100 files) | 0.08 sec | 1.2–2.5 sec | 15–30× | | Download 10 MB file | 0.3 sec | 4–8 sec | 13–27× | | Upload 10 MB (WebDAV) | 0.4 sec | 6–12 sec | 15–30× | | Concurrent clients (10) | 200 req/sec | 12–20 req/sec | 10–16× |