In conjunction with proxy support, multiple account support should check and ensure that circuit isolation is complete when the proxy used for an account is Tor.
Without complete circuit isolation, multiple accounts share the same circuit paths and exit nodes within the Tor network, and therefore can be easily correlated by an active or passive observer. Multiple accounts in a single circuit breaks compartmentalization, anonymity, and therefore security. Circuit isolation and multi-account support should be inseparable.
Circuit isolation is not something that takes place within Delta Chat, it is a flag than can be set in the Tor daemon or client, which in the case of Android is typically Orbot. However, there are different ways that Delta Chat could access a proxy, and the method used should compartmentalize each connection completely, and ensure that Tor dedicates a separate circuit to each connection.
Can anyone eli5 how Delta Chat calls the proxy? And whether the method aligns with Tor’s requirements for triggering circuit isolation? Does each account call the proxy separately? Or are all accounts bundled as a single connection to the proxy assigned?
I could not find any attention to circuit isolation in any of the PRs at Github, or in topics in this forum. The closest I found was this: Using Tor with socks5 leaks un-anonymized traffic in several situations · Issue #3093 · deltachat/deltachat-desktop · GitHub