Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for swarm keys #172

Closed
wants to merge 2 commits into from
Closed

Support for swarm keys #172

wants to merge 2 commits into from

Conversation

jacobheun
Copy link
Contributor

@jacobheun jacobheun commented Jul 19, 2018
edited
Loading

This gives ipfs-repo the ability to return swarm.key files that are stored in its root. This is necessary for autostarting an ipfs node with a private network swarm.

This will make it possible to implement the pnet protector in js-ipfs.

@ghost ghost assigned jacobheun Jul 19, 2018
@ghost ghost added the status/in-progress In progress label Jul 19, 2018
@jacobheun
Copy link
Contributor Author

Current ci failures in travis are due to npm rebuilding their search index.

richardschneider
richardschneider suggested changes Jul 20, 2018
View reviewed changes
src/index.js
*/
swarmKey (callback) {
const swarmKeyKey = new Key('swarm.key')
this.root.get(swarmKeyKey, (err, swarmKeyBuffer) => {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All keys should be on the keychain

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@richardschneider this implementation is based off of the current implementation for private network keys in go, https://github.com/ipfs/go-ipfs/blob/07feeec9c4f40f59efb57d7e16739a35b4c42d5b/repo/fsrepo/fsrepo.go#L681-L695, which are not store in the key store.

Looking at the keychain it doesn't look like it currently has the ability to store this key type. Here is the working private network spec for reference https://github.com/libp2p/specs/blob/b1365bedcd46442074fbf96610f66b0663be088a/pnet/Private-Networks-PSK-V1.md

@jacobheun
feat: add swarm key getter method
eef12e5 
License: MIT
Signed-off-by: Jacob Heun <jacobheun@gmail.com>
@jacobheun jacobheun mentioned this pull request Feb 15, 2019
Open
@daviddias
Copy link
Member

@jacobheun what's missing to land this?

@jacobheun
Copy link
Contributor Author

@daviddias we need to confirm the path forward, given the concern that this is not leveraging the libp2p Keystore. There are two primary options as I see it:

Behave like go-ipfs
go-ipfs currently checks the repo for the existence of swarm.key in its root. If it exists, it loads the key and privatizes all connections. The advantage of doing this is that we behave the same way as go-ipfs. The disadvantage is that we're not using the Keystore. If we do this we could do one of two things:

  1. Rebase and merge this PR with the latest async changes, then update js-ipfs
  2. Close this PR and keep the logic isolated to js-ipfs. This would allow us to more easily migrate to Keystore later if we wanted to, without leaving any PSK code in js-ipfs-repo.

Use the Keystore
The main drawback here is that this will not behave like go-ipfs. Rather than adding your key to the root of your IPFS repo, you would add it to the Keystore, such as jsipfs key import -t psk -f ./swarm.key SwarmKey. Libp2p could then check the Keystore for the existence of the swarm key. In order to do this we would need to:

  1. Update libp2p-keystore to support importing and storing PSKs
  2. Update the js-ipfs cli to support importing PSKs
  3. Update js-ipfs to configure libp2p with the PSK from the Keystore

IMO, we should match go-ipfs and do option 2. Additionally, we should open an issue to discuss migrating both implementations to using the Keystore in the future, as that should be the approach we use long term.

Just a note, it is possible to privatize js-ipfs today, as libp2p can programmatically be customized, however, it can't be done using just the CLI client.

cc: @alanshaw

@alanshaw
Copy link
Member

IMO, we should match go-ipfs and do option 2. Additionally, we should open an issue to discuss migrating both implementations to using the Keystore in the future, as that should be the approach we use long term.

+1

@achingbrain
Copy link
Member

@jacobheun do we still need this PR?

@jacobheun
Copy link
Contributor Author

No, we have the ability to create pnets by customizing libp2p in js-ipfs. If we want to support that being built in by just adding a swarm.key file, we can modify js-ipfs to check for the existence of the key on boot. Closing this.

@jacobheun jacobheun closed this Mar 4, 2020
@jacobheun jacobheun deleted the feat/pnet branch March 4, 2020 10:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@richardschneider richardschneider richardschneider requested changes

@daviddias daviddias Awaiting requested review from daviddias

@alanshaw alanshaw Awaiting requested review from alanshaw

Assignees

@jacobheun jacobheun

Labels
status/in-progress In progress
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@jacobheun @daviddias @alanshaw @achingbrain @richardschneider