BitSwap ledgers are open to manipulation #26
Comments
|
Yep! Individual ledgers are described in IPFS today are not meant to be transferred at all, or be secure accounts of value exchanged. This is why no ledgers are exchanged, you only generate them locally, and they're meant for rough estimates of mutually profitable peering agreements. (as you said, you can trust yourself) Think of BitSwap for now as generalized BitTorrent. Sybills that extract a little bit of traffic are similar to legitimate new users or leeching users. (i.e. want to avoid supporting them, but need a way to still provide good service to new users). As hinted at in the paper (mention of currencies), the plan is to support complex bitswap strategies, including cryptocurrency exchanges for data, and more secure ledgers (potentially using distributed consensus systems). Note that BitSwap nodes are free to set their own strategy, whatever that may be. The one offered is simply a good base. It needs lots of work though, I'd like to have something as optimal as PropShare. I do not want to require any distributed consensus for BitSwap ledgers, because a critical point of IPFS is to be able to work in entirely p2p environments, including nodes that are temporarily (or permanently) disconnected from the majority of the internet. BitSwap sets up simple rules for exchange of data, upon which you can layer more sophisticated trade strategies, like the use of currencies. In general, BitSwap is the part of IPFS that could be improved the most. There's lots of room in the design space. :) |
|
Oh and, safer NodeID generation is potentially a good way to handle lots of this. S/Kad PoW isn't really sybil-safe (just heightens the bar). Other DHTs have proposed the use of social nets (Whanau, etc). Stake based currencies are also interesting. |
|
Has this been changed since you wrote the IPFS paper then, or am I just misunderstanding? From the paper: "When activating a connection, BitSwap nodes exchange their ledger information." Thanks for clearing this up. :) |
|
Oh, they exchange it to verify they match (this could just be sending a On Mon, Aug 25, 2014 at 3:08 PM, Matt Bell [email protected] wrote:
|
|
Ah, then I interpreted that incorrectly. Thanks :) |
The design of BItSwap is viable for p2p relationships, but the exchange of ledgers is not trustworthy. Bad things can happen when an attacker creates Sybil nodes and sends crafted ledgers in order to erase debt/add credit, or possibly create a DoS attack against a user by creating debt. The consensus of debt/credit exchanged among peers can't be trusted in a Byzantine environment. If it could, viable cryptocurrency would have been around before the invention of the blockchain (a PoW blockchain is still the only Sybil-proof consensus mechanism).
Additionally, tying debt only to a node ID possibly allows nodes to erase debt by simply generating a new ID.
A viable solution for dealing with unknown/untrusted peers is to tie the exchange to cryptocurrency micropayments. This could either be remuneration (a node charges a price for certain data, and peers pay to download), or fidelity bonds (a downloader proves they have destroyed or donated money before data is exchanged). Since it doesn't really matter what blockchain is being used, Bitcoin, Filecoin, or both could be supported.
I am only addressing a replacement for the p2p debt/credit ledger exchange, cryptocurrency payments aren't necessary if data is being exchanged instead. Ledgers will work fine if they were created on the local node (you can trust yourself).
The text was updated successfully, but these errors were encountered: