BlumeOps Docs

Snowflake Proxy

2 min read

Snowflake Proxy

Tor Snowflake proxy that helps censored users reach the Tor network. Runs as a native systemd service on ringtail.

Quick Reference

PropertyValue
Hostringtail
TypeNixOS systemd service
Packagepkgs.snowflake (nixpkgs)
Binaryproxy
Upstreamhttps://snowflake.torproject.org/
Sourcehttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake
Metricslocalhost:9999/metrics (Prometheus)

Architecture

Snowflake is a pluggable transport for Tor that uses WebRTC to provide short-lived proxies. The proxy:

  1. Polls the Tor broker for censored clients needing a bridge
  2. Establishes a WebRTC connection with the client
  3. Forwards the encrypted traffic to a Tor bridge (relay)

This proxy is NOT a Tor exit node. Traffic exits through Tor exit nodes operated by others. The proxy operator cannot see traffic content (double-encrypted: WebRTC DTLS + Tor onion routing) and destination servers never see the proxy’s IP.

Censored user ──[WebRTC/DTLS]──▶ THIS PROXY ──[encrypted]──▶ Tor bridge ──▶ Tor network ──▶ Exit node

Configuration

The service runs with default settings — no special configuration needed. Key defaults:

SettingValue
Brokerhttps://snowflake-broker.torproject.net/
Relaywss://snowflake.torproject.net/
STUNGoogle + BlackBerry STUN servers
CapacityUnlimited concurrent clients
Summary interval1 hour
Metrics port9999 (Prometheus format)

Resource Usage

Based on community reports, a Snowflake proxy typically uses:

  • Bandwidth: ~5-10 GB/day (varies with client demand)
  • Memory: Under 100 MB
  • CPU: Negligible

Running a Snowflake proxy carries very low legal risk in the US:

  • Traffic does not exit from the proxy’s IP (exit nodes are elsewhere)
  • Content is not visible to the proxy operator (end-to-end encrypted)
  • No known legal cases against Snowflake proxy operators worldwide
  • EFF and Tor Project both classify this as minimal-risk activity
  • US intermediary protections (Section 230, ECPA) apply

Graph View

Backlinks