Mutability using IPNS, but multiple contributors

I was trying to understand IPNS and something came to my mind.

By following the IPFS Examples, I noticed that the ipfs name publish <hash> command publishes the content using PeerID. So, if I understand well how IPNS works, it means that I am the only one who is able to publish content to this PeerID.

So now let’s say my friend wants to contribute to my content (by “contribute” I mean update content and then publish it to my PeerID). How can I let him do that ? Is it impossible because the ipfs name publish <hash> command only allows the PeerID owner to publish ?

2 Likes

The keys are in $HOME/.ipfs/keystore, so maybe it’s possible to generate a key for the website, and then share it with collaborators. (?)

I.e.
ipfs key gen --type=rsa --size=2048 shared-site-key
then share the key, and then anyone with the key can publish to ipns via
ipfs name publish --key=shared-site-key /ipfs/Hash

But I’m not sure whether additional keys are tied to the originating node.

1 Like

On the other hand, a collaborator can just ipfs get the underlying ipfs directory, edit the necessary files, then re-add the directory to ipfs recursively, which will produce a new parent hash, then you can publish that hash to ipns. This way, the publishing key would stay on your node.

Yes, that is exactly how you do it. One can have multiple keys in .ipfs/keystore.
Those additionally generated keys are not tied to a node (which has a separate, “identity” key on its own).
One can copy one of those keys to a different node and publish to the same ipns from there. :rocket:

(Some time ago I did PoC for publishing with the same key from two different nodes using HTTP API, so it really works)

1 Like

Ok so I understand I have to manually copy the generated key across all nodes that I want to allow to contribute.
Thank you.

Right. But you have to keep in mind that, aside from publishing to ipns when file changes occurred, you also need to republish after every 24 (12?) hours even without changes, but that has to be done manually if you’re using a different key than your node’s default key self, i.e. your PeerID. Auto-republication by your node only happens, if you use the default PeerID. But on GitHub I heard that the devs are working on extending this functionality to the user-generated keys, but I have no idea how soon this will happen.

This is exactly what I was looking at :
IPNS publish lifetime discussion

So, currently i’m able to republish only if I do it manually from any node which holds the publishing key ?

If you find something about auto-republication using generated keys, could you please let me know ?

You could (if you’re on macOS) create a LaunchAgent that runs e.g. every 4 hours and automates the “republication”. See the script below, but I’m not sure if that’s all that’s needed (I haven’t tested it). If IPFS isn’t yet running, it would run ipfs daemon and wait 5 seconds before starting the repub loop; I guess that’s time enough. And you would need a text file $HOME/.ipns/ipns-pubs.txt, a path you can obviously change. In that text file you would need one line for each IPNS publication, each with two columns, the first column with the current IPFS parent hash, and the second column with the key that you’re using to (re-) publish that IPFS hash; use “self” if you’re publishing an IPFS hash using your default PeerID. /usr/local/bin needs to be in your $PATH, of course… or your $GOPATH, if you’ve built go-ipfs yourself.

#!/bin/bash
IPFS=""
IPNS_LIST=$(cat "$HOME/.ipns/ipns-pubs.txt")
if [[ "$IPNS_LIST" == "" ]] ; then
	echo "No hashes to republish."
	echo "Exiting."
	exit
fi
if [[ $(ps aux | /usr/bin/grep "ipfs daemon" | grep -v "/usr/bin/grep ipfs daemon") == "" ]] ; then
	echo "IPFS daemon not running. Starting now..."
	ipfs daemon &
	sleep 5
	IPFS="start"
else
	echo "IPFS daemon already running."
fi
while read -r LINE
do
	[[ "$LINE" == "" ]] && continue
	IPFS_HASH=$(echo "$LINE" | awk '{print $1}')
	IPNS_KEY=$(echo "$LINE" | awk '{print $2}')
	[[ "$IPNS_KEY" == "" ]] && continue
	echo "Now publishing $IPFS_HASH with $IPNS_KEY"
	if [[ "$IPNS_KEY" == "self" ]] ; then
		ipfs name publish /ipfs/"$IPFS_HASH"
	else
		ipfs name publish --key="$IPNS_KEY" /ipfs/"$IPFS_HASH"
	fi
done < <(echo "$IPNS_LIST")
if [[ "$IPFS" == "start" ]] ; then
	echo "Stopping IPFS daemon..."
	killall ipfs
fi
echo "Done."

I’ve added the script in the Coding category, so if there are changes/improvements to the script, you should look there from time to time. :slight_smile:

Thanks a lot for yours answers.
That’s what I thought, thank you very much for the script.
It might be useful for my future plans.