EDIT (2023-07-31T22:18:52Z): I have realized that I was not clear in my original intent for this post – it could be interepereted to mean that I am asking whether or not you could access, for example, Lemmy through the Tor browser. This is not what I meant. What I was more alluding to was if it were possible to create a sort of “hidden fediverse” that was separate from the fediverse over the clearnet. There exitsts, already, Dark Web forums, like Dread, and I wonder if those would benefit more from being federated – Lemmy seems like a good candidate for this.
Title changes: Added “More specifically, could one make a sort of “Hidden Fediverse”?”
You can connect to most instances over Tor, but hosting a server over a Tor hidden service would cause problems as it can’t be connected to by stock servers. (If you convince others to run other Tor hidden service instances, they could probably federate with each other)
If you can authenticate to that web endpoint, you can do RESTful things with it.
ActivityPub isn’t anything more than JSON over HTTP(s); there’s no reason at all that you couldn’t simply tunnel all the traffic using hidden services over Tor using nothing more than the Tor daemon to create a hidden service and the proxy functionality to route all outbound HTTP traffic over Tor.
Most instances won’t be routing onion addresses, it will only work between instances that have it set up.
It should works using .onion domain, but as lemmy currently doesn’t support changing your domain name nor having multiple domains (to make the instance reachable using an onion domain and normal domain), you can only federate with other instances that use onion address because other instances on normal network won’t be able to reach your onion address to send their activity messages.
so it would create a second whole feddiverse
Instances with public domain names could successfully federate with onion instances, as long as it’s capable of accessing both networks.
Onion instance talks to the public instance through an exit node, public instance can reach back to the onion instances through its hidden service.
But that doesn’t remove the requirement that both ends needs to be on the Tor network, but at least one end doesn’t have to have an onion address. And obviously, the onion instance will have limited ability to interact with non-Tor-enabled instances, and one of them being public renders the usage of Tor somewhat moot.
That’s pretty much exactly what they said.
Depends on the specific instance. Some services run where they are natively accessible through tor, but most don’t.
Just remember that ActivityPub is a sharing protocol, and individual admins are fully capable of seeing everything. There is no end to end encryption, everything is stored in plain text.