search

libp2p / js-libp2p

The JavaScript Implementation of libp2p networking stack.
https://libp2p.io
Other
2.29k stars 438 forks source link

Remove private key from peer id #2659

Closed wemeetagain closed 1 week ago

wemeetagain commented 1 month ago

in libp2p 1.0, the peer id encapsulates a type, multihash, public key, and a private key.

export interface PeerId {
  type: PeerIdType
  multihash: MultihashDigest
  privateKey?: Uint8Array
  publicKey?: Uint8Array
  ...
}

While conceptually, the peer id is highly related and mostly synonymous with "public key", the same cannot be said for "private key".

With codepaths used 99% of the time, peer ids should never contain a private key. There is only a single peer id that contains a private key, and that is a node's own peer id.

That said, my opinion is that it's a mistake to combine the private key in the peer id. Rather, access to a node's own private key should be exposed explicitly (as is already being done in #2303).

2.0 release is an opportunity to remove the private key from peer id.

wemeetagain commented 1 month ago
achingbrain commented 1 week ago

Fixed in #2660