From 7772f2db79533c47233d7d25679cdec13cebf33c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20W=C3=BCnsch?= <michael90@protonmail.com>
Date: Fri, 21 Aug 2020 08:55:04 +0200
Subject: [PATCH] Skip certificate verification for tor connections (#242)

---
 .../java/zapsolutions/zap/HomeActivity.java   |  2 +-
 .../CustomSSLSocketFactory.java               | 65 ------------
 .../HostnameVerifierAllowAll.java             | 11 ---
 .../lndConnection/BlindHostnameVerifier.java  | 15 +++
 .../lndConnection/BlindTrustManager.java      | 27 +++++
 .../LndConnection.java                        | 50 +++-------
 .../lndConnection/LndSSLSocketFactory.java    | 98 +++++++++++++++++++
 .../MacaroonCallCredential.java               |  3 +-
 .../manageWalletConfigs/WalletConfig.java     |  7 ++
 .../lndConnect/LndConnectStringParser.java    | 19 ++--
 .../zap/fragments/ReceiveBSDFragment.java     |  2 +-
 .../zap/fragments/SendBSDFragment.java        |  2 +-
 .../zap/fragments/WalletFragment.java         |  2 +-
 .../channel/LnUrlChannelBSDFragment.java      |  2 +-
 .../zap/lnurl/pay/LnUrlPayBSDFragment.java    |  2 +-
 .../withdraw/LnUrlWithdrawBSDFragment.java    |  2 +-
 .../LnPaymentDetailBSDFragment.java           |  2 +-
 .../zapsolutions/zap/util/InvoiceUtil.java    |  2 +-
 .../java/zapsolutions/zap/util/TorUtil.java   |  4 +-
 .../java/zapsolutions/zap/util/Wallet.java    |  2 +-
 .../WalletDetailsActivity.java                |  2 +-
 21 files changed, 185 insertions(+), 136 deletions(-)
 delete mode 100644 app/src/main/java/zapsolutions/zap/connection/establishConnectionToLnd/CustomSSLSocketFactory.java
 delete mode 100644 app/src/main/java/zapsolutions/zap/connection/establishConnectionToLnd/HostnameVerifierAllowAll.java
 create mode 100644 app/src/main/java/zapsolutions/zap/connection/lndConnection/BlindHostnameVerifier.java
 create mode 100644 app/src/main/java/zapsolutions/zap/connection/lndConnection/BlindTrustManager.java
 rename app/src/main/java/zapsolutions/zap/connection/{establishConnectionToLnd => lndConnection}/LndConnection.java (80%)
 create mode 100644 app/src/main/java/zapsolutions/zap/connection/lndConnection/LndSSLSocketFactory.java
 rename app/src/main/java/zapsolutions/zap/connection/{establishConnectionToLnd => lndConnection}/MacaroonCallCredential.java (92%)

diff --git a/app/src/main/java/zapsolutions/zap/HomeActivity.java b/app/src/main/java/zapsolutions/zap/HomeActivity.java
index f707b2ac..996d3e3c 100644
--- a/app/src/main/java/zapsolutions/zap/HomeActivity.java
+++ b/app/src/main/java/zapsolutions/zap/HomeActivity.java
@@ -44,7 +44,7 @@
 import zapsolutions.zap.baseClasses.BaseAppCompatActivity;
 import zapsolutions.zap.channelManagement.ManageChannelsActivity;
 import zapsolutions.zap.connection.RemoteConfiguration;
-import zapsolutions.zap.connection.establishConnectionToLnd.LndConnection;
+import zapsolutions.zap.connection.lndConnection.LndConnection;
 import zapsolutions.zap.connection.internetConnectionStatus.NetworkChangeReceiver;
 import zapsolutions.zap.connection.manageWalletConfigs.WalletConfigsManager;
 import zapsolutions.zap.customView.CustomViewPager;
diff --git a/app/src/main/java/zapsolutions/zap/connection/establishConnectionToLnd/CustomSSLSocketFactory.java b/app/src/main/java/zapsolutions/zap/connection/establishConnectionToLnd/CustomSSLSocketFactory.java
deleted file mode 100644
index 96c58180..00000000
--- a/app/src/main/java/zapsolutions/zap/connection/establishConnectionToLnd/CustomSSLSocketFactory.java
+++ /dev/null
@@ -1,65 +0,0 @@
-package zapsolutions.zap.connection.establishConnectionToLnd;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.KeyStore;
-import java.security.SecureRandom;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateFactory;
-
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLSocketFactory;
-import javax.net.ssl.TrustManagerFactory;
-
-/**
- * Creates an SSLSocketFactory instance for use with a custom CA,
- * which would otherwise be considered "not trustworthy".
- * This can be fed into HttpsURLConnection, as well as networking libraries such as OkHttp's OkHttpClient.
- */
-public final class CustomSSLSocketFactory {
-
-    private CustomSSLSocketFactory() {
-        throw new AssertionError();
-    }
-
-    /**
-     * Creates an SSLSocketFactory instance for use with the provided CA certificate.
-     *
-     * @param certificate Certificate as byte array
-     * @return An SSLSocketFactory which trusts the provided CA when provided to network clients
-     */
-    public static SSLSocketFactory create(byte[] certificate) {
-        InputStream caInput = null;
-        try {
-            // Generate the CA Certificate from the supplied byte array
-            caInput = new ByteArrayInputStream(certificate);
-            Certificate ca = CertificateFactory.getInstance("X.509").generateCertificate(caInput);
-
-            // Load the key store using the CA
-            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
-            keyStore.load(null, null);
-            keyStore.setCertificateEntry("ca", ca);
-
-            // Initialize the TrustManager with this CA
-            TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
-            tmf.init(keyStore);
-
-            // Create an SSL context that uses the created trust manager
-            SSLContext sslContext = SSLContext.getInstance("TLS");
-            sslContext.init(null, tmf.getTrustManagers(), new SecureRandom());
-            return sslContext.getSocketFactory();
-
-        } catch (Exception ex) {
-            throw new RuntimeException(ex);
-
-        } finally {
-            if (caInput != null) {
-                try {
-                    caInput.close();
-                } catch (IOException ignored) {
-                }
-            }
-        }
-    }
-}
diff --git a/app/src/main/java/zapsolutions/zap/connection/establishConnectionToLnd/HostnameVerifierAllowAll.java b/app/src/main/java/zapsolutions/zap/connection/establishConnectionToLnd/HostnameVerifierAllowAll.java
deleted file mode 100644
index 912dca60..00000000
--- a/app/src/main/java/zapsolutions/zap/connection/establishConnectionToLnd/HostnameVerifierAllowAll.java
+++ /dev/null
@@ -1,11 +0,0 @@
-package zapsolutions.zap.connection.establishConnectionToLnd;
-
-import javax.net.ssl.HostnameVerifier;
-import javax.net.ssl.SSLSession;
-
-public class HostnameVerifierAllowAll implements HostnameVerifier {
-    @Override
-    public boolean verify(String hostname, SSLSession session) {
-        return true;
-    }
-}
diff --git a/app/src/main/java/zapsolutions/zap/connection/lndConnection/BlindHostnameVerifier.java b/app/src/main/java/zapsolutions/zap/connection/lndConnection/BlindHostnameVerifier.java
new file mode 100644
index 00000000..26fe0e03
--- /dev/null
+++ b/app/src/main/java/zapsolutions/zap/connection/lndConnection/BlindHostnameVerifier.java
@@ -0,0 +1,15 @@
+package zapsolutions.zap.connection.lndConnection;
+
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.SSLSession;
+
+/**
+ * This HostnameVerifier trust all host names. No verification will take place.
+ * In our context we only use it for tor connections and in debug builds to simplify the regtest setup.
+ */
+public class BlindHostnameVerifier implements HostnameVerifier {
+    @Override
+    public boolean verify(String hostname, SSLSession session) {
+        return true;
+    }
+}
diff --git a/app/src/main/java/zapsolutions/zap/connection/lndConnection/BlindTrustManager.java b/app/src/main/java/zapsolutions/zap/connection/lndConnection/BlindTrustManager.java
new file mode 100644
index 00000000..63d2a186
--- /dev/null
+++ b/app/src/main/java/zapsolutions/zap/connection/lndConnection/BlindTrustManager.java
@@ -0,0 +1,27 @@
+package zapsolutions.zap.connection.lndConnection;
+
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+import javax.net.ssl.X509TrustManager;
+
+/**
+ * This TrustManager trust ALL certificates. No validation takes place.
+ * In our context we use it only for tor connections.
+ */
+public class BlindTrustManager implements X509TrustManager {
+
+    public X509Certificate[] getAcceptedIssuers() {
+        return null;
+    }
+
+    public void checkClientTrusted(X509Certificate[] chain, String authType)
+            throws CertificateException {
+
+    }
+
+    public void checkServerTrusted(X509Certificate[] chain, String authType)
+            throws CertificateException {
+
+    }
+}
diff --git a/app/src/main/java/zapsolutions/zap/connection/establishConnectionToLnd/LndConnection.java b/app/src/main/java/zapsolutions/zap/connection/lndConnection/LndConnection.java
similarity index 80%
rename from app/src/main/java/zapsolutions/zap/connection/establishConnectionToLnd/LndConnection.java
rename to app/src/main/java/zapsolutions/zap/connection/lndConnection/LndConnection.java
index 841bbab0..55ff4bb0 100644
--- a/app/src/main/java/zapsolutions/zap/connection/establishConnectionToLnd/LndConnection.java
+++ b/app/src/main/java/zapsolutions/zap/connection/lndConnection/LndConnection.java
@@ -1,12 +1,9 @@
-package zapsolutions.zap.connection.establishConnectionToLnd;
+package zapsolutions.zap.connection.lndConnection;
 
 
-import com.google.common.io.BaseEncoding;
-
 import java.util.concurrent.TimeUnit;
 
 import javax.net.ssl.HostnameVerifier;
-import javax.net.ssl.SSLSocketFactory;
 
 import io.grpc.ManagedChannel;
 import io.grpc.okhttp.OkHttpChannelBuilder;
@@ -42,7 +39,6 @@ public class LndConnection {
 
     private static LndConnection mLndConnectionInstance;
 
-    private SSLSocketFactory mSSLFactory;
     private MacaroonCallCredential mMacaroon;
     private ManagedChannel mSecureChannel;
     private LndAutopilotService mLndAutopilotService;
@@ -111,50 +107,26 @@ private void readSavedConnectionInfo() {
 
         // Generate Macaroon
         mMacaroon = new MacaroonCallCredential(mConnectionConfig.getMacaroon());
-
-        mSSLFactory = null;
-
-        // Generate certificate if one was supplied
-        if (mConnectionConfig.getCert() != null) {
-            // We have a certificate, try to load it.
-
-            String certificateBase64UrlString = mConnectionConfig.getCert();
-            byte[] certificateBytes = BaseEncoding.base64Url().decode(certificateBase64UrlString);
-
-            try {
-                mSSLFactory = CustomSSLSocketFactory.create(certificateBytes);
-            } catch (RuntimeException e) {
-                ZapLog.e(LOG_TAG, "Error creating certificate");
-            }
-
-        }
     }
 
     private void generateChannelAndStubs() {
         String host = mConnectionConfig.getHost();
         int port = mConnectionConfig.getPort();
 
-        HostnameVerifier hostnameVerifier = null;  // null = default hostnameVerifier
-        if (BuildConfig.BUILD_TYPE.equals("debug")) {
+        HostnameVerifier hostnameVerifier = null;
+        if (BuildConfig.BUILD_TYPE.equals("debug") || mConnectionConfig.isTor()) {
             // Disable hostname verification on debug build variant. This is is used to prevent connection errors to REGTEST nodes.
-            hostnameVerifier = new HostnameVerifierAllowAll();
+            // On Tor we do not need it, as tor already makes sure we are connected with the correct host.
+            hostnameVerifier = new BlindHostnameVerifier();
         }
 
         // Channels are expensive to create. We want to create it once and then reuse it on all our requests.
-        if (mSSLFactory == null) {
-            // BTCPay
-            mSecureChannel = OkHttpChannelBuilder
-                    .forAddress(host, port)
-                    .hostnameVerifier(hostnameVerifier)
-                    .build();
-
-        } else {
-            mSecureChannel = OkHttpChannelBuilder
-                    .forAddress(host, port)
-                    .hostnameVerifier(hostnameVerifier)
-                    .sslSocketFactory(mSSLFactory)
-                    .build();
-        }
+        mSecureChannel = OkHttpChannelBuilder
+                .forAddress(host, port)
+                .hostnameVerifier(hostnameVerifier) // null = default hostnameVerifier
+                .sslSocketFactory(LndSSLSocketFactory.create(mConnectionConfig)) // null = default SSLSocketFactory
+                .build();
+
 
         mLndAutopilotService = new RemoteLndAutopilotService(mSecureChannel, mMacaroon);
         mLndChainNotifierService = new RemoteLndChainNotifierService(mSecureChannel, mMacaroon);
diff --git a/app/src/main/java/zapsolutions/zap/connection/lndConnection/LndSSLSocketFactory.java b/app/src/main/java/zapsolutions/zap/connection/lndConnection/LndSSLSocketFactory.java
new file mode 100644
index 00000000..865296cc
--- /dev/null
+++ b/app/src/main/java/zapsolutions/zap/connection/lndConnection/LndSSLSocketFactory.java
@@ -0,0 +1,98 @@
+package zapsolutions.zap.connection.lndConnection;
+
+import com.google.common.io.BaseEncoding;
+
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
+import java.security.KeyManagementException;
+import java.security.KeyStore;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateFactory;
+
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
+
+import zapsolutions.zap.connection.manageWalletConfigs.WalletConfig;
+import zapsolutions.zap.util.ZapLog;
+
+/**
+ * Creates an SSLSocketFactory instance for use with a self signed Certificate,
+ * which would otherwise be considered "not trustworthy".
+ * This can be fed into HttpsURLConnection, as well as networking libraries such as OkHttp's OkHttpClient.
+ */
+public class LndSSLSocketFactory {
+
+    private static final String LOG_TAG = LndSSLSocketFactory.class.getName();
+
+    private LndSSLSocketFactory() {
+        throw new AssertionError();
+    }
+
+    public static SSLSocketFactory create(WalletConfig walletConfig) {
+        SSLContext sslCtx = null;
+
+        try {
+            sslCtx = SSLContext.getInstance("TLS");
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+            return null;
+        }
+
+        if (walletConfig.isTor()) {
+            // Always trust the certificate on Tor connection
+            try {
+                sslCtx.init(null, new TrustManager[]{new BlindTrustManager()}, null);
+            } catch (KeyManagementException e) {
+                e.printStackTrace();
+                return null;
+            }
+            return sslCtx.getSocketFactory();
+
+        } else {
+            // On clearnet we want to validate the certificate.
+            if (walletConfig.getCert() != null && !walletConfig.getCert().isEmpty()) {
+                //try to create a trustmanager that trust the certificate that was transmitted with the lndconnect string.
+                try {
+                    InputStream caInput = null;
+                    String certificateBase64UrlString = walletConfig.getCert();
+                    byte[] certificateBytes = BaseEncoding.base64Url().decode(certificateBase64UrlString);
+
+                    // Generate the CA Certificate from the supplied byte array
+                    caInput = new ByteArrayInputStream(certificateBytes);
+                    Certificate ca = CertificateFactory.getInstance("X.509").generateCertificate(caInput);
+
+                    // Load the key store using the CA
+                    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
+                    keyStore.load(null, null);
+                    keyStore.setCertificateEntry("ca", ca);
+
+                    // Initialize the TrustManager with this CA
+                    TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+                    tmf.init(keyStore);
+
+                    // Create an SSL context that uses the created trust manager
+                    sslCtx.init(null, tmf.getTrustManagers(), new SecureRandom());
+                    return sslCtx.getSocketFactory();
+
+                } catch (Exception e) {
+                    ZapLog.e(LOG_TAG, "Error while initializing self signed certificate.");
+                    e.printStackTrace();
+                }
+            }
+        }
+
+        // If the above failed, use the default TrustManager which is used when set to null
+        // This will be the case for btc pay for example as no self signed certificates are used
+        try {
+            sslCtx.init(null, null, new SecureRandom());
+        } catch (KeyManagementException e) {
+            e.printStackTrace();
+            return null;
+        }
+        return sslCtx.getSocketFactory();
+    }
+}
diff --git a/app/src/main/java/zapsolutions/zap/connection/establishConnectionToLnd/MacaroonCallCredential.java b/app/src/main/java/zapsolutions/zap/connection/lndConnection/MacaroonCallCredential.java
similarity index 92%
rename from app/src/main/java/zapsolutions/zap/connection/establishConnectionToLnd/MacaroonCallCredential.java
rename to app/src/main/java/zapsolutions/zap/connection/lndConnection/MacaroonCallCredential.java
index 49f67f66..60fea672 100644
--- a/app/src/main/java/zapsolutions/zap/connection/establishConnectionToLnd/MacaroonCallCredential.java
+++ b/app/src/main/java/zapsolutions/zap/connection/lndConnection/MacaroonCallCredential.java
@@ -1,4 +1,4 @@
-package zapsolutions.zap.connection.establishConnectionToLnd;
+package zapsolutions.zap.connection.lndConnection;
 
 import java.util.concurrent.Executor;
 
@@ -30,7 +30,6 @@ public void applyRequestMetadata(
             final MetadataApplier metadataApplier
     ) {
         String authority = requestInfo.getAuthority();
-        // System.out.println(authority);
         executor.execute(new Runnable() {
             public void run() {
                 try {
diff --git a/app/src/main/java/zapsolutions/zap/connection/manageWalletConfigs/WalletConfig.java b/app/src/main/java/zapsolutions/zap/connection/manageWalletConfigs/WalletConfig.java
index 3da6d38e..76129027 100644
--- a/app/src/main/java/zapsolutions/zap/connection/manageWalletConfigs/WalletConfig.java
+++ b/app/src/main/java/zapsolutions/zap/connection/manageWalletConfigs/WalletConfig.java
@@ -48,6 +48,13 @@ public WalletConfig (String id) {
         this.id = id;
     }
 
+    public boolean isTor() {
+        if (getHost() == null) {
+            return false;
+        }
+        return getHost().toLowerCase().endsWith(".onion");
+    }
+
     @Override
     public int compareTo(WalletConfig walletConfig) {
         WalletConfig other = walletConfig;
diff --git a/app/src/main/java/zapsolutions/zap/connection/parseConnectionData/lndConnect/LndConnectStringParser.java b/app/src/main/java/zapsolutions/zap/connection/parseConnectionData/lndConnect/LndConnectStringParser.java
index fe5669b0..3b722d36 100644
--- a/app/src/main/java/zapsolutions/zap/connection/parseConnectionData/lndConnect/LndConnectStringParser.java
+++ b/app/src/main/java/zapsolutions/zap/connection/parseConnectionData/lndConnect/LndConnectStringParser.java
@@ -2,10 +2,14 @@
 
 import com.google.common.io.BaseEncoding;
 
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
 import java.net.URI;
 import java.net.URISyntaxException;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
 
-import zapsolutions.zap.connection.establishConnectionToLnd.CustomSSLSocketFactory;
 import zapsolutions.zap.connection.parseConnectionData.BaseConnectionParser;
 import zapsolutions.zap.util.ZapLog;
 
@@ -81,10 +85,13 @@ public LndConnectStringParser parse() {
                     try {
                         byte[] certificateBytes = BaseEncoding.base64Url().decode(cert);
                         try {
-                            CustomSSLSocketFactory.create(certificateBytes);
-                        } catch (RuntimeException e) {
-
-                            ZapLog.e(LOG_TAG, "certificate creation failed");
+                            // Generate the CA Certificate from the supplied byte array
+                            InputStream caInput = null;
+                            caInput = new ByteArrayInputStream(certificateBytes);
+                            Certificate ca = CertificateFactory.getInstance("X.509").generateCertificate(caInput);
+                        } catch (CertificateException e) {
+                            e.printStackTrace();
+                            ZapLog.e(LOG_TAG, "certificate validation failed");
                             mError = ERROR_INVALID_CERTIFICATE;
                             return this;
                         }
@@ -113,7 +120,7 @@ public LndConnectStringParser parse() {
                     }
                 }
 
-                // everything is ok, initiate connection
+                // everything is ok
                 LndConnectConfig lndConnectConfig = new LndConnectConfig();
                 lndConnectConfig.setHost(connectURI.getHost());
                 lndConnectConfig.setPort(connectURI.getPort());
diff --git a/app/src/main/java/zapsolutions/zap/fragments/ReceiveBSDFragment.java b/app/src/main/java/zapsolutions/zap/fragments/ReceiveBSDFragment.java
index 6c492db4..d4285657 100644
--- a/app/src/main/java/zapsolutions/zap/fragments/ReceiveBSDFragment.java
+++ b/app/src/main/java/zapsolutions/zap/fragments/ReceiveBSDFragment.java
@@ -40,7 +40,7 @@
 import zapsolutions.zap.GeneratedRequestActivity;
 import zapsolutions.zap.R;
 import zapsolutions.zap.channelManagement.ManageChannelsActivity;
-import zapsolutions.zap.connection.establishConnectionToLnd.LndConnection;
+import zapsolutions.zap.connection.lndConnection.LndConnection;
 import zapsolutions.zap.connection.manageWalletConfigs.WalletConfigsManager;
 import zapsolutions.zap.customView.NumpadView;
 import zapsolutions.zap.util.HelpDialogUtil;
diff --git a/app/src/main/java/zapsolutions/zap/fragments/SendBSDFragment.java b/app/src/main/java/zapsolutions/zap/fragments/SendBSDFragment.java
index 48c1fe8d..5fd131f8 100644
--- a/app/src/main/java/zapsolutions/zap/fragments/SendBSDFragment.java
+++ b/app/src/main/java/zapsolutions/zap/fragments/SendBSDFragment.java
@@ -48,7 +48,7 @@
 
 import zapsolutions.zap.R;
 import zapsolutions.zap.channelManagement.ManageChannelsActivity;
-import zapsolutions.zap.connection.establishConnectionToLnd.LndConnection;
+import zapsolutions.zap.connection.lndConnection.LndConnection;
 import zapsolutions.zap.connection.manageWalletConfigs.WalletConfigsManager;
 import zapsolutions.zap.customView.LightningFeeView;
 import zapsolutions.zap.customView.NumpadView;
diff --git a/app/src/main/java/zapsolutions/zap/fragments/WalletFragment.java b/app/src/main/java/zapsolutions/zap/fragments/WalletFragment.java
index 4b01bfa4..adbfafb8 100644
--- a/app/src/main/java/zapsolutions/zap/fragments/WalletFragment.java
+++ b/app/src/main/java/zapsolutions/zap/fragments/WalletFragment.java
@@ -29,7 +29,7 @@
 import zapsolutions.zap.R;
 import zapsolutions.zap.ScanActivity;
 import zapsolutions.zap.baseClasses.App;
-import zapsolutions.zap.connection.establishConnectionToLnd.LndConnection;
+import zapsolutions.zap.connection.lndConnection.LndConnection;
 import zapsolutions.zap.connection.internetConnectionStatus.NetworkUtil;
 import zapsolutions.zap.connection.manageWalletConfigs.WalletConfigsManager;
 import zapsolutions.zap.customView.WalletSpinner;
diff --git a/app/src/main/java/zapsolutions/zap/lnurl/channel/LnUrlChannelBSDFragment.java b/app/src/main/java/zapsolutions/zap/lnurl/channel/LnUrlChannelBSDFragment.java
index a334b5a0..709af5fa 100644
--- a/app/src/main/java/zapsolutions/zap/lnurl/channel/LnUrlChannelBSDFragment.java
+++ b/app/src/main/java/zapsolutions/zap/lnurl/channel/LnUrlChannelBSDFragment.java
@@ -49,7 +49,7 @@
 import io.reactivex.rxjava3.schedulers.Schedulers;
 import zapsolutions.zap.R;
 import zapsolutions.zap.connection.HttpClient;
-import zapsolutions.zap.connection.establishConnectionToLnd.LndConnection;
+import zapsolutions.zap.connection.lndConnection.LndConnection;
 import zapsolutions.zap.connection.manageWalletConfigs.WalletConfigsManager;
 import zapsolutions.zap.fragments.RxBSDFragment;
 import zapsolutions.zap.lightning.LightningNodeUri;
diff --git a/app/src/main/java/zapsolutions/zap/lnurl/pay/LnUrlPayBSDFragment.java b/app/src/main/java/zapsolutions/zap/lnurl/pay/LnUrlPayBSDFragment.java
index 028836ae..1ff61a73 100644
--- a/app/src/main/java/zapsolutions/zap/lnurl/pay/LnUrlPayBSDFragment.java
+++ b/app/src/main/java/zapsolutions/zap/lnurl/pay/LnUrlPayBSDFragment.java
@@ -58,7 +58,7 @@
 import io.reactivex.rxjava3.android.schedulers.AndroidSchedulers;
 import zapsolutions.zap.R;
 import zapsolutions.zap.connection.HttpClient;
-import zapsolutions.zap.connection.establishConnectionToLnd.LndConnection;
+import zapsolutions.zap.connection.lndConnection.LndConnection;
 import zapsolutions.zap.customView.NumpadView;
 import zapsolutions.zap.fragments.RxBSDFragment;
 import zapsolutions.zap.util.ClipBoardUtil;
diff --git a/app/src/main/java/zapsolutions/zap/lnurl/withdraw/LnUrlWithdrawBSDFragment.java b/app/src/main/java/zapsolutions/zap/lnurl/withdraw/LnUrlWithdrawBSDFragment.java
index aa6cf490..c8312e1a 100644
--- a/app/src/main/java/zapsolutions/zap/lnurl/withdraw/LnUrlWithdrawBSDFragment.java
+++ b/app/src/main/java/zapsolutions/zap/lnurl/withdraw/LnUrlWithdrawBSDFragment.java
@@ -46,7 +46,7 @@
 
 import zapsolutions.zap.R;
 import zapsolutions.zap.connection.HttpClient;
-import zapsolutions.zap.connection.establishConnectionToLnd.LndConnection;
+import zapsolutions.zap.connection.lndConnection.LndConnection;
 import zapsolutions.zap.customView.NumpadView;
 import zapsolutions.zap.fragments.RxBSDFragment;
 import zapsolutions.zap.util.MonetaryUtil;
diff --git a/app/src/main/java/zapsolutions/zap/transactionHistory/transactionDetails/LnPaymentDetailBSDFragment.java b/app/src/main/java/zapsolutions/zap/transactionHistory/transactionDetails/LnPaymentDetailBSDFragment.java
index b55c399d..058dd7a7 100644
--- a/app/src/main/java/zapsolutions/zap/transactionHistory/transactionDetails/LnPaymentDetailBSDFragment.java
+++ b/app/src/main/java/zapsolutions/zap/transactionHistory/transactionDetails/LnPaymentDetailBSDFragment.java
@@ -18,7 +18,7 @@
 import com.google.protobuf.InvalidProtocolBufferException;
 
 import zapsolutions.zap.R;
-import zapsolutions.zap.connection.establishConnectionToLnd.LndConnection;
+import zapsolutions.zap.connection.lndConnection.LndConnection;
 import zapsolutions.zap.fragments.RxBSDFragment;
 import zapsolutions.zap.util.ClipBoardUtil;
 import zapsolutions.zap.util.MonetaryUtil;
diff --git a/app/src/main/java/zapsolutions/zap/util/InvoiceUtil.java b/app/src/main/java/zapsolutions/zap/util/InvoiceUtil.java
index b7ff7b00..3a20857b 100644
--- a/app/src/main/java/zapsolutions/zap/util/InvoiceUtil.java
+++ b/app/src/main/java/zapsolutions/zap/util/InvoiceUtil.java
@@ -16,7 +16,7 @@
 import io.reactivex.rxjava3.android.schedulers.AndroidSchedulers;
 import io.reactivex.rxjava3.disposables.CompositeDisposable;
 import zapsolutions.zap.R;
-import zapsolutions.zap.connection.establishConnectionToLnd.LndConnection;
+import zapsolutions.zap.connection.lndConnection.LndConnection;
 
 public class InvoiceUtil {
     private static final String LOG_TAG = InvoiceUtil.class.getName();
diff --git a/app/src/main/java/zapsolutions/zap/util/TorUtil.java b/app/src/main/java/zapsolutions/zap/util/TorUtil.java
index de2eb886..b6d07715 100644
--- a/app/src/main/java/zapsolutions/zap/util/TorUtil.java
+++ b/app/src/main/java/zapsolutions/zap/util/TorUtil.java
@@ -14,7 +14,7 @@
 import java.util.List;
 
 import zapsolutions.zap.R;
-import zapsolutions.zap.connection.establishConnectionToLnd.LndConnection;
+import zapsolutions.zap.connection.lndConnection.LndConnection;
 
 public class TorUtil {
 
@@ -29,7 +29,7 @@ public static boolean isCurrentConnectionTor() {
         if (LndConnection.getInstance().getConnectionConfig().isLocal()) {
             return false;
         } else {
-            return LndConnection.getInstance().getConnectionConfig().getHost().contains(".onion");
+            return LndConnection.getInstance().getConnectionConfig().isTor();
         }
     }
 
diff --git a/app/src/main/java/zapsolutions/zap/util/Wallet.java b/app/src/main/java/zapsolutions/zap/util/Wallet.java
index 03cd05d8..617f2a98 100644
--- a/app/src/main/java/zapsolutions/zap/util/Wallet.java
+++ b/app/src/main/java/zapsolutions/zap/util/Wallet.java
@@ -58,7 +58,7 @@
 import io.reactivex.rxjava3.schedulers.Schedulers;
 import zapsolutions.zap.R;
 import zapsolutions.zap.baseClasses.App;
-import zapsolutions.zap.connection.establishConnectionToLnd.LndConnection;
+import zapsolutions.zap.connection.lndConnection.LndConnection;
 import zapsolutions.zap.connection.manageWalletConfigs.WalletConfigsManager;
 import zapsolutions.zap.lightning.LightningNodeUri;
 import zapsolutions.zap.lightning.LightningParser;
diff --git a/app/src/main/java/zapsolutions/zap/walletManagement/WalletDetailsActivity.java b/app/src/main/java/zapsolutions/zap/walletManagement/WalletDetailsActivity.java
index 0d4fc6ca..547a614d 100644
--- a/app/src/main/java/zapsolutions/zap/walletManagement/WalletDetailsActivity.java
+++ b/app/src/main/java/zapsolutions/zap/walletManagement/WalletDetailsActivity.java
@@ -19,7 +19,7 @@
 import zapsolutions.zap.LandingActivity;
 import zapsolutions.zap.R;
 import zapsolutions.zap.baseClasses.BaseAppCompatActivity;
-import zapsolutions.zap.connection.establishConnectionToLnd.LndConnection;
+import zapsolutions.zap.connection.lndConnection.LndConnection;
 import zapsolutions.zap.connection.manageWalletConfigs.WalletConfig;
 import zapsolutions.zap.connection.manageWalletConfigs.WalletConfigsManager;
 import zapsolutions.zap.setup.ConnectRemoteNodeActivity;