IPNS Signature Authentication

farhan-troon · March 21, 2019, 2:32pm

From couple of days, i have been looking into IPNS and key authentication and learned that IPNS provide a way to create and authenticate filesystem by using key on IPFS node but from user point of view, it’s not secure for user to create or send his key over the network to modify his filesystem so Is there any way for user to generate signature with data and then send over IPFS network for authentication?
I can create client side application that generate signature with data but is there any interface for signature authentication and after that publish data over the IPFS node?

Sorry for bad english.

koalalorenzo · March 21, 2019, 2:48pm

What is the real use case?
Probably you want to use a different kind of authentication, and rely on IPFS just for storage.
You might want to look into Ethereum dApps and how they manage authentication

But maybe the use case is very very different and needs to reimplement the wheel.

farhan-troon · March 21, 2019, 2:56pm

I want for users to have a separate and authenticated file system on IPNS using their own namespace where they can modify or create new filesystem using their key but give only signature while publishing data.

I know how ethereum work but blockchain is a single merkle DAG and use for only transaction not storage while on IPFS, you can create your own separate DAG but it’s not authenticated, I guess because anyone who have access to IPFS node can add any object in the DAG if i’m not wrong?

farhan-troon · March 21, 2019, 3:08pm

IPFS provide authentication using IPNS but key stored on IPFS node, whoever access to the IPFS node can get the key from that node. For using on multiple IPFS node, I have to stored the key on every IPFS node. Is should be way to accept only signature with data for authenticate that could work on any IPFS node on network.

ianopolous · March 22, 2019, 8:56am

We (Peergos) asked for that in 2016 (https://github.com/ipfs/notes/issues/117). It would be a great addition based of the principle of least authority. A prerequisite is agreeing a multikey format for public keys: (https://github.com/ipfs/specs/issues/58) We’ve since worked around it, but we’d still like it as a backup for our IPNS replacement.

It sounds like you might be interested in Peergos.

farhan-troon · March 22, 2019, 12:53pm

Nice! I love how you done it. I want similar functionality in my project that could work with blockchain so i have a question how you’re achieving authorization in your project?

ianopolous · August 6, 2019, 6:43pm

Sorry, only just saw this response. The high level summary is we are capability based, and the owner of a file can revoke capabilities to users (by rotating the keys). You can read more about this here:
https://book.peergos.org/security/cryptree.html
and here:
https://book.peergos.org/security/login.html

Topic		Replies	Views
Clarification needed for a student project Help js-ipfs , go-ipfs , ipns	0	314	February 5, 2022
How IPFS can be uses with blockchain? Coding blockchain	9	7093	December 11, 2017
Ipfs key and hash saving Help	1	306	March 31, 2019
Signing IPFS content with personal GPG/SSH Keypair Ecosystem	0	517	March 25, 2018
Signing public data with dag-jose Ecosystem use-cases-and-apps	1	615	March 3, 2021

IPNS Signature Authentication

Related Topics