Below is a Python recommendation engine example that you can improve through usage and that supports sharing anonymized training data via onion‐routed communication (e.g., using Tor onion services). Onion routing (used by Tor) ensures that the data you share with the server is routed through multiple encrypted layers so no single node knows both where it came from and where it’s going, improving privacy.
📌 System Architecture Overview
Clients
Each user runs a local Python instance.
They compute recommendation model updates (e.g., collaborative filtering gradients).
Updates are sent through a Tor onion service to the central server.
Tor Onion Service
A server instance runs a hidden Tor service that only accepts connections routed through the Tor network.
This protects both client identities and server location.
Server
Aggregates anonymized model updates.
Sends back an updated global model
🧠 Step 1 — Setup Tor Onion Service
First, set up Tor on the server and configure your hidden service in torrc:
Example torrc
HiddenServiceDir /var/lib/tor/recommendation_service/ HiddenServicePort 5000 127.0.0.1:5000
After restarting Tor, this will generate an .onion address that clients will use to send requests through the Tor network.
🔧 Step 2 — Basic Recommendation Engine (Python)
This example uses matrix factorization for collaborative filtering; replace with your preferred algorithm.
- Install libraries:
pip install numpy pandas scikit-learn flask requests[socks]
- Shared codebase:
📌 server.py
from flask import Flask, request, jsonify import numpy as np import threading
app = Flask(name)
Global model (random initialization)
n_users, n_items, n_factors = 1000, 1500, 50 user_factors = np.random.rand(n_users, n_factors) item_factors = np.random.rand(n_items, n_factors)
lock = threading.Lock()
@app.route("/update_model", methods=["POST"]) def update_model(): data = request.get_json() uf = np.array(data["user_factors"]) ifac = np.array(data["item_factors"])
with lock:
# Simple addition aggregation (for demo)
global user_factors, item_factors
user_factors[: uf.shape[0]] += uf
item_factors[: ifac.shape[0]] += ifac
return jsonify({"status": "ok"})
@app.route("/get_model", methods=["GET"]) def get_model(): return jsonify({ "user_factors": user_factors.tolist(), "item_factors": item_factors.tolist() })
if name == "main": app.run(port=5000)
📡 Step 3 — Client Code Sending Updates via Tor
client.py
This uses requests with a SOCKS proxy pointed at Tor’s local SOCKS port (typically 9050).
import numpy as np import requests
Train or load your local data
local_user_factors = np.random.rand(10, 50) local_item_factors = np.random.rand(20, 50)
onion_url = "http://.onion"
session = requests.Session() session.proxies = { "http": "socks5h://localhost:9050", "https": "socks5h://localhost:9050" }
Send updates through Tor
resp = session.post( f"{onion_url}/update_model", json={ "user_factors": local_user_factors.tolist(), "item_factors": local_item_factors.tolist() }, timeout=30, )
print("Server response:", resp.json())
Optionally fetch updated model
updated = session.get(f"{onion_url}/get_model").json() print("Updated global model fetched.")
🛡️ Key Concepts & Extensions
🔹 Onion Routing for Privacy
Onion routing wraps messages in layers of encryption through multiple relays so no single point knows both endpoints, preserving privacy. This model ensures data sharing between clients and server stays anonymous.
📈 Improving With Federated Techniques
To avoid sending raw model data and further improve privacy, integrate federated learning:
Each client trains locally.
Only model updates (not raw data) are sent to the server.
A server aggregates updates to improve a global model. Research in this area includes FedGNN, LightFR, and other privacy-preserving federated recommenders.
🧠 Privacy Enhancements
Use differential privacy on gradients before sending them.
Use secure multi-party computation (SMPC) or encryption layers.
🧪 Testing & Deployment
- Local tests — Run server locally and point client via Tor SOCKS.
- Dockerize components for reproducible deployment.
- Security audits — Ensure the onion service and proxy configuration don’t leak identifying info.