hi, how many inbound connections after you restart the Tor?
I missed your post, sorry. After I restarted my node IIRC it gradually got 10+ connections.
A further precaution note of Umbrel security disclosure.
Recently there is a known NPM package security vulnerability, node-ipc[1]. In short, the malicious package will overwrite all the files if the user's IP comes from Russia or Belarus. While the Umbrel node may or may not be affected, it is worth noting the precatory security measure from the Umbrel developers.
And while that issue is already being addressed and even if somehow the Umbrel node is affected, I believe it won't fully affect the whole system since Umbrel systems are containerized and the only thing I can see is it only may impact the
umbrel-dashboard app since the nested dependencies contained the malicious package. Also, noting the node ran on Tor and the Exit relay of those IPs is few, so mostly, it will hardly get affected.
After all, since as on the security disclosure Umbrel mentioned using a bunch of 3rd party dependencies, this snipped quote is worth consideration for future Umbrel development:
While this is an attack with protest-driven motivations, it highlights a larger issue facing the software supply chain: the transitive dependencies in your code can have a huge impact on your security.
More info about the vuln:
https://gist.github.com/MidSpike/f7ae3457420af78a54b38a31cc0c809c and
Alert: peacenotwar module sabotages npm developers in the node-ipc package to protest the invasion of Ukraine.
[1]
https://security.snyk.io/vuln/SNYK-JS-NODEIPC-2426370