-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
When Brave is configured to use a public gateway, enforce checking IPFS hashes automatically #13500
Comments
I keep collecting notes about verifiable HTTP responses in ipfs/in-web-browsers#128. It is a surprise to many that it is not a clear-cut thing. TLDR is that files bigger than 256KB are chunked and represented as a DAG, where each level is hashed (like in git), so the root CID is not representing the hash of the file, but hash of the DAG representation of the file. This means right now it is not possible to verify responses bigger than 256KB without knowing how DAG looks like, and for that you need to run IPFS node. Verifiable gateway via IPFS node in offline mode and CAR importWe are looking into various ways of solving this, details listed on the linked issue, but in case of Brave, I see an additional way of having verifiable gateway responses in form of
@bbondy does this sound feasible, or should we wait for gateway responses that do not require go-ipfs? |
We can't install go-ipfs without the user opt'ing into it and I think asking the user to opt into this would be complicated for the user UI-wise. @lidel what about if we add some basic protocol support directly into Brave. This is maybe a start of future things to come. Maybe you can describe how we could do this at the protocol level? |
Ok, so I let's scope the verification problem to files represented with unixfs (files and directories). In IPFS unixfs files can be represented as a CID with one of two multicodecs:
If you want to validate CID without running IPFS node you need to:
(2) is easy and could be implemented for small files as a PoC Due to this, we could:
@aschmahmann mind doing sanity check on this? I don't see (C), but lmk if I missed something. |
I guess B is best to avoid collusion between known preconfigured 2 gateways. |
Quick update: go-ipfs 0.9.0 will expose The client working in offline mode ( |
FYSA this is now possible thanks to verifiable Block and CAR responses on HTTP Gateways:
There are also:
|
Currently you only have a guarantee that the files you're accessing on IPFS are what they say they are if you're using a local node. This task is to check the contents of files that are loaded against the CID so that even if you're using a gateway, you can be sure the gateway is not doing anything sketchy.
The text was updated successfully, but these errors were encountered: