Greetings IPFS friends,
My name is Bo & I've been tasked with decentralizing some data relevant to a DAO and have a few questions re best practices for administering an IPFS node.
At a high level, I'm planning on saving some data in IPFS & sticking the resulting hash on the Ethereum blockchain so it can be retrieved by other clients later. Some questions.
This contract has been deployed & only provides 32 bytes of storage for each description hash. IPFS uses a multihash which is usually 32 byte hash + 2 byte hash-identifier. Ideally, we'd have a hash function w a 30 byte output so that would could fit the full multihash into this slot but I doubt any are available right now. In the meantime, the plan is to drop the 2 byte id & always assume the id is "Qm" which isn't super future proof but it'll work for now. I'm open to suggestions though.
We will be running an IPFS node server-side and this node needs to be able to add blobs of JSON data provided by the client. This means exposing bits of the admin api (port 5001) and my current solution is to use an nginx proxy to restrict access to any endpoint other than
api/v0/add. This still leaves us open to a DOS attack where someone hijacks the client to dump data into this endpoint until the disk fills up but this seems like a relatively minor vulnerability & is something we can live with. Wondering if there is anything else I should consider here.
I'm getting 403 Forbidden errors anytime I try to add files to the server-side IPFS node. This is but one bug so I'm not terribly worried about it but it has exposed a systematic point of friction in debugging: the ipfs logs. I don't understand how the logs are supposed to work. For bugs like this, I'd expect to be able to check the IPFS daemon's logs to see whether it received the request or whether it was blocked by the proxy but I have no idea how to go about doing this. My attempts at viewing the logs manually have failed & I opened a github issue w both a feature request & potential bug report. In the meantime, how do I get visibility into what requests my IPFS node receives & how they're being handled? I'm using the
ipfs/go-ipfs docker image server-side and the "ipfs-mini" js module client-side.
This is all for now but I'm very new to working with IPFS and will likely be asking for help here again before too long. I'm super excited by this project & can't wait to start using it to build a better web Thanks to the contributors for all the work you've done on this project so far.