search

tomeshnet / prototype-cjdns-pi

Prototype system for mesh networks on single board computers
https://chat.tomesh.net/#/room/#software:tomesh.net
GNU General Public License v3.0
218 stars 42 forks source link

IPFS dnsaddr peering #401

Closed darkdrgn2k closed 5 years ago

darkdrgn2k commented 5 years ago

IPFS vv.20 added supports /dnsaddr/bootstrap.libp2p.io like peering that does not require an ID changelog

We maybe be able to use this to stop relaying on curl and nodeinfo.json providing a more universal peering method over CJDNS

https://github.com/tomeshnet/prototype-cjdns-pi/blob/master/scripts/ipfs/ipfs-swarm.sh#L19-L26

Reason revealing IDs or using this method is possibly risky Question was "What attack vector could an impersonated node have?" @aschmahmann said

there are a number of possible issues that may/may not be relevant for your case. For example, if I know that I can make sure you bootstrap from me then I can give you lots of nodes that are controlled by me. This then gives me the ability to make you think that you've made data available to the IPFS network at large, but in reality I've censored out anything I feel like.

makew0rld commented 5 years ago

This requires DNS. I'm not sure what you're saying about making it easier. Could you explain further?

darkdrgn2k commented 5 years ago

It SUPPORST dns but does not REQUIRE dns.

The reason for this is when you have a cluster of ipfs nodes and you put them all on the same DNS hostname you dont know WHICH ipfs server you will get (and as such which ipfs public key to use) so dnsaddr does NOT require a public key

meaning we dont need node-info anymore

darkdrgn2k commented 5 years ago

Turns out currently it requires a DNS name (hosts dont even work)

Will not work for us :(