So let’s say I really hate johnny. And Johnny has a sole file in IFPS. I could DDOS him by spinning up 1000 nodes that start to access said file. Now those 1000 nodes would start seeding the file, however whever anyone asks for the data my nodes would send over corrupted data. The client would quickly find out that my data is bad and would move on to the next node. In this case I’d own such a high percentage of the nodes sharing Johnny’s file that I’d effectively make it that much harder to use IPFS.
attack #1.1, simply adding lots of nodes to IPFS which received the initial data in an honest way, but seed only corrupted data.
In this case every malicious node would need to download the original file at least once, which makes attacking a single file cheap, but the network expensive.
I have Node A download a file F from a peer. From there Node A claims that it gave File F to 1000 of my fake nodes. Those Fake nodes now advertise they have File F and transmit corrupted data. Those fake nodes never needed to download the data, and IPFS tokens only changed within my hands. Now I’m able to add lots of fake nodes without incurring as much of a cost.
attack #1.2: Lots of nodes that show they have the file in the IPFS chain, but actually do not have any bits of the file, and instead transmit random bits.
Now lets say i dont want to simply spam IFPS, but I want to make it incredibly slow. In this case my fake nodes would stream actual data but at incredibly slow speeds.
Attack #1.3: Lots of nodes that show they have the file in the IPFS, and simply transmit at super slow speeds (think 1kbit/s). Making it unusable for you to download a large file.
All of these scenarios can be prevented with some ranking of each node’s past transaction performance. Think something similar to how ebay ranks it sellers (# of past sales, average rating by users,…etc).