After some investigation, I found how to fake the IPFS node’s ED25519 private key and PeerID with your own ones. IPFS use Protocol Buffers, so libprotobuf
and the recent protoc
are needed. At first, obtain Python code from message definition:
wget https://github.com/libp2p/go-libp2p-core/raw/master/crypto/pb/crypto.proto
protoc --python_out=. crypto.proto
which will produce crypto_pb2.py
Python library.
Then run the Python script (based on the previous):
import base58
import base64
import cryptography.hazmat.primitives.asymmetric.ed25519 as ed25519
from cryptography.hazmat.primitives import serialization
import crypto_pb2
# Capturing keys (from any source, Base58 strings here)
shared_key = 'BNJDrwA9tRQAnCu82JUo6BnXCU8WFGHMjzPYG7r7JBUv'
secure_key = '55kzhEqc9gsdJqDsG5Y5cAUoLfXCg8GvBh9GivRSsxMKEQcotRwmt9F35yERpT3WeXbtwYkhVoGAZMsXEFFD1u7x'
# Decoding keys
decoded_shared = base58.b58decode(shared_key)
decoded_secure = base58.b58decode(secure_key)
ipfs_shared = ed25519.Ed25519PublicKey.from_public_bytes(decoded_shared)
ipfs_secure = ed25519.Ed25519PrivateKey.from_private_bytes(decoded_secure[:32])
ipfs_shared_bytes = ipfs_shared.public_bytes(encoding=serialization.Encoding.Raw,
format=serialization.PublicFormat.Raw)
ipfs_secure_bytes = ipfs_secure.private_bytes(encoding=serialization.Encoding.Raw,
format=serialization.PrivateFormat.Raw,
encryption_algorithm=serialization.NoEncryption())
# Formulating PeerID
ipfs_pid = base58.b58encode(b'\x00$\x08\x01\x12 ' + ipfs_shared_bytes)
print('Peer ID: {}'.format(ipfs_pid.decode('ascii')))
# Serializing private key in IPFS-native mode, the private key contains public one
pkey = crypto_pb2.PrivateKey()
pkey.Type = crypto_pb2.KeyType.Ed25519
pkey.Data = ipfs_secure_bytes + ipfs_shared_bytes
print('Private key: {}'.format(base64.b64encode(pkey.SerializeToString()).decode('ascii')))
This script will produce the keys:
Peer ID: 12D3KooWLBfPc4js5KffC6QYeuE8rysMgoB9GxMqhakZe711C8Cr
Private key: CAESQMwr6/A1xOkDvVLougeWiWEPuKostN9s7PQlnYLqK7r4mgmJ99K25LsW6aQyBXJBBo48V6rcH1W4EvQEJwbGamM=
These keys could be substituted into the IPFS node config file instead of the original ones.