Ipfs and privacy

I see Ipfs as a great architecture to beat the trend of centralization that is killing the Internet.

I the centralization of the Internet closely related to the business model of selling personal data.

I wonder if Ipfs is aiming to fix that problem too, or if by snooping Ipfs traffic personal profiles can also be built.

Is there any analysis written about IPFS and privacy?

Is there any privacy road map?

So far (and I could be wrong), the only way to ensure privacy when using IPFS is to create a private IPFS network.

Here is an article written on the pros and cons of having a private IPFS network:

Hope this helps.


That seems very useful for enterprise or even special communities.

But I was more thinking in a p2p social networking alternative to twitter or Facebook.

It should be possible to use ipfs without any network operator learning about its users, just because they are using ipfs.

whether is it possible to snoop ipfs traffic or not, weather the ipfs network is formed by nodes properly identified, or one can pretend being all nodes, etc.

I just don’t know if there’s a discussion about this at all.

Ipfs and metadata leakage?

Maybe check and participate here:

And here:

I have no ideas specifically relating to metadata occlusion though. Except for Tor and HTTPS encryption.

There seems to be a lot of discussion lately about anti-censorship usage of IPFS for instant messaging and chat. Personally I think that instant messaging would be better served by something older fashioned like IRC. Something that just sends messages from one computer to another and doesn’t worry about storing them long term. But that’s just to me. I get people wanting a more modern solution that works as a proper social network.

The privacy abuses that we are suffering are unprecedented. Any protocol that aspires to mass adoption should take this very seriously.

It really does not matter which kind of app you are going to implement with ipfs, leaking personal metadata is not acceptable.

Thanks for pointing me to those conversations, will follow up!

I have been recently obsessed by one question: How to completely decentralize not just the web (that’s the goal of IPFS), but the whole Internet (no registrars, no ISPs, noone to maintain the wired network,…). That leaves many questions, like “Is it possible to have an IPFS equivalent of HTTPS without trusted third parties?” To replace TLS/SSL electronic certificates we can use a blockchain to reach consensus (though I’m not really a fan of it).
Another problem, maybe more on topic this time, how do we have private data given that all the data on IPFS is public (provided that you have its CID — content identifier)? We can encrypt it using a secret key. Everybody has access to the encrypted data, but not everybody can decrypt it. I agree, it is less secure than not having access to the data at all like with the client-server architecture used by HTTP, but it is still very secure. A private network will in fact be a group of peers who possess this secret key and who can share data only between themselves. To sell data, you can just sell the secret key to someone.

We are building a privacy and security focused social network on top of IPFS called Peergos. The main thing we haven’t implemented yet is Tor usage, but OpenBazaar maintain a fork of IPFS with a Tor transport.

Very interesting! I will check out Peergos.

I am not sure TOR is the answer to this problem. I think that IPFS must deal with privacy too.

Most protocols today leak private information because privacy/security is left off to other protocol layers, that often require complex configuration, and that in practice, most users are not using.

Also, we have reached the point in which surveillance state/corporations have unlimited resources.

I think IPFS should marry Monero and make babies. The most beautiful one would be the ideal protocol to create a social network.