Skip to content
This repository has been archived by the owner on Apr 29, 2020. It is now read-only.

Is it possible to store private objects in ipfs without encrypting them? #181

Closed
Ekleog opened this issue Sep 18, 2016 · 6 comments
Closed

Is it possible to store private objects in ipfs without encrypting them? #181

Ekleog opened this issue Sep 18, 2016 · 6 comments
Labels
answered

Comments

@Ekleog
Copy link

Ekleog commented Sep 18, 2016

In order to fetch an ipfs object, one needs a hash. Does this hash sometimes leak to other nodes who didn't know it beforehand, or can one rely on the fact that in order to fetch an object one has to know the hash in some way?

Along the same idea, is it possible to store data pinned in an ipns record privately, if the ipns record is kept private? (this question assumes the ongoing work on using an ipns key different from the node ip is complete)
@ghost
Copy link

ghost commented Sep 18, 2016

tl;dr check out peergos :) https://github.com/Peergos/Peergos

Rule of thumb: data added to IPFS generally isn't private, unless you 1) encrypt it, or 2) never connect your node to the network. The former will be a part of IPFS itself in the near future, the latter is currently brittle and needs better support for ensuring you really don't connect.

For fetching, you usually need to know the respective hash. Because of the way content routing in IPFS currently works though, it's possible to write a tool that listens for so-called "provider records". Everytime you add something to IPFS, your node becomes a provider of that thing, and broadcasts the hashes it provides to the network, so that other nodes can respond to queries for the location of these.

@ghost
Copy link

ghost commented Sep 18, 2016

Oh sorry, I just realized you asked explicitly for "without encryption". What I wrote about provider records is still relevant I think.

About having your own network:

  1. empty the bootstrap list: ipfs bootstrap rm --all
  2. put IPFS on a non-standard port, or ideally on a non-public ip address
  3. put a few of the other nodes in your network into the bootstrap list
  4. monitor your connections with ipfs swarm peers

Note that if you get connected to the public network once, nodes will remember your address, and under certain circumstances keep connecting to you. You can mitigate this by changing the port or address IPFS listens on (see 2).

@ghost
Copy link

ghost commented Sep 18, 2016

There's a pretty cool proposal for private networks here btw: ipfs/notes#146

@Ekleog
Copy link
Author

Ekleog commented Sep 18, 2016

Thanks! Leaving this open for record, I suppose someone with tag-setting abilities should add tag answered :)

@ghost
Copy link

ghost commented Sep 18, 2016

Great, obliged!

@ghost ghost added the answered label Sep 18, 2016
@ajbhatia-visa ajbhatia-visa mentioned this issue Feb 13, 2017
Open
@madavieb
Copy link

This issue has been moved to https://discuss.ipfs.io/t/is-it-possible-to-store-private-objects-in-ipfs-without-encrypting-them/460.

@progval progval mentioned this issue Mar 27, 2018
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
answered
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Ekleog @madavieb