You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
An IPFS server should provide the signature associated with the closest peers (peer records) it returns if any. IIUC the signatures are stored in the libp2p host peerstore, hence in addition to the ipfsv1 message module, the libp2p endpoint module also has the be updated.
We also need to make sure that the IPFS node shares its own signed peer record, otherwise the signed peer records cannot propagate. I am not sure if this is done in libp2p or if we should actively add a peer's signed record to DHT messages.
The IPFS DHT has the capability to use Signed peer records. We should definitely use them as they add security.
This should be implemented in the ipfsv1 message format, an optional
signature
field can be added in the protobufPeer
message https://github.com/plprobelab/go-kademlia/blob/dc867cbd3316a89cabaa5be19900cdbf5d2f0805/network/message/ipfsv1/message.proto#L60-L69An IPFS server should provide the signature associated with the closest peers (peer records) it returns if any. IIUC the signatures are stored in the libp2p host peerstore, hence in addition to the ipfsv1 message module, the libp2p endpoint module also has the be updated.
We also need to make sure that the IPFS node shares its own signed peer record, otherwise the signed peer records cannot propagate. I am not sure if this is done in libp2p or if we should actively add a peer's signed record to DHT messages.
References
The text was updated successfully, but these errors were encountered: