PubSub is wide open, can we authenticate messages?

I’m trying pubsub, but I notice you pick a topic and send data… nothing is authenticated. Is there a way to sign messages with the node’s private key, so that other peers know it’s from me?

My goal is to speed up IPNS by having the peers push out their new ipns reference through pubsub… but it needs the same sort of authentication… if it’s not baked in… I’ll need to handle the crypto out of band… and that can be annoying :slight_smile:

thanks a lot for the great project!

Newer versions of go-floodsub have support for arbitrary message validation but it’s not exposed over the CLI.

However, if you’re looking for IPNS over pubsub, we already have support for that. You can enable it by running the daemon with the --enable-namesys-pubsub flag. IPFS will check the IPNS signatures internally so you won’t have to do that.