guerrerocarlos
commented
8 years ago This very important, thanks for pointing it out.
Open ghost opened 8 years ago
guerrerocarlos
commented
8 years ago This very important, thanks for pointing it out.
ghost
commented
8 years ago Hey @guerrerocarlos , when you create the torrents, you could put a seperate text file inside the torrents with a sha256 hash, then you could just check the hash in that file.
ghost
commented
7 years ago @guerrerocarlos There was a relatively practical sha1 collision found: http://shattered.io/
Anyone with sufficient resources can break current torrent systems. This includes cachep2p.
Sha1 has known collisions. While it is not yet practical to attack a CacheP2P site by creating sha1 collisions.
CacheP2P should switch to sha256.
Yes, I know webtorrent only supports sha1, but this is still something to note.