search

TheDiscordian / ipfs-sync

A simple daemon which will watch files on your filesystem, mirror them to MFS, automatically update related pins, and update related IPNS keys.
BSD 3-Clause "New" or "Revised" License
94 stars 14 forks source link

Sharing Mechanism #9

Open TheDiscordian opened 3 years ago

TheDiscordian commented 3 years ago

Following the completion of #6 and #8, a sharing mechanism could be very useful. A code could be generated via the hash of a generated public key + random data, shared, and a libp2p connection could be initiated. Upon connection, public keys are shared. The client then automatically verifies that the hash of the public key matches the code used to connect. Then the client sends the code (masked through argon2id by concatenating random data with the hash of the client's public key) and verified. Once verification is done, the host encrypts the IPNS public key hash, the exported IPNS private key (optional), and/or the directory encryption key (optional) using the client's public key, signs it using the host's private key, and then sends the data to the client. The client then verifies the data is correct, stores the related keys if available (marking the directory "read-only" if no IPNS private key is available), and terminates the connection.

Optionally support a password, used during verification. Perhaps the verification step could be encrypted using the password and argon2id.

TheDiscordian commented 3 years ago

I've been thinking about this, and I want it to be as simple as possible. Like a password, security can be up to the user.