I’m new to IPFS, I’ve been reading the documentation
I’m trying to build a distributed project on top of IPFS. Since I’m new, I’ve been reading the documentation and I’ll now start running some tests.
For my project, I want the network of peers that hold a “copy” of the content to be restricted but everyone in the world able to access the content. I refer as the network to be restricted because I want certain requirements to be met, in order to join the network. One of the requirements would be to use a raspberry pi as the underlying device.
Just wanted to verify that I’m on the right track here.
As far as I understood, I’ll need an IPFS cluster but I wanted to confirm! Any tips on this?
I’m a little confused. I don’t quite understand, "I want the network of peers that hold a “copy” of the content to be restricted but everyone in the world able to access the content. " If anyone can access the content then anyone can hold a copy of the content so I don’t get what’s restricted. Do you mean restricted that only certain people can join the network in the first place?
I have no idea how you’d enforce a restriction like someone must be running a Raspberry PI but access to the network is going to be limited to anyone with with the swarm key how you do that is up to you. Setting up a revocation scheme is also an open problem.
I refer as the network to be restricted because I want certain requirements to be met
Sounds suspiciously like centralisation.
One of the requirements would be to use a raspberry pi as the underlying device.
That physicaly not possible, you can’t prove that you run on an RPI. I could just take your code, compile it for something else and run on an other machine.
Plus why do you really care about that ? I mean if someone wants to use an 8 core 64 Gig machine with 10Gbps internet because an RPI is too slow, why is that an issue ?
Yes
IPFS cluster allows you to syncronise a pinset in a centralised manner.
So you can have a few master nodes that say what nodes need to pin, and then everyone follow them and pin whatever is required.
But that centralised and scaling it with public networks is questionable. (I mean that if you do a cluster with only peers you own it’s fine because you are trusting yourself, however if someone joins your network they can’t know if you are pinning bad files or even censoring some things, you could code something that listen the blockchain for new pins with a governance instead).
Great point! I will probably need to do this with some script, yes.
I could handle the pinning via code as well, right? I understand people will be able to pined other stuff but I’ll research it later
I don’t know of any way to do that unless the RaspberryPi has some sort of crypto module I don’t know about. I’m thinking something like this. Short of that you’re going to have to rely on some sort of a cooperative solution where the person isn’t trying to subvert your efforts to enforce it.
You are really wasting your time, I don’t like to say that because I’m no one to say what you should spend your time, if you like doing that then why should I stop you from having fun ? But about that really, you can’t !
The only way I know off to do that you would need to execute your code in some secure core (some cpus that are hard fused at the factory to only execute one type of code), however the RPI doesn’t have such cores.
(also I would add that secure code aren’t perfect they are really hard to break but someone could in theory use acids to disolve the chip and image layer by layer to reverse enginer it that really hard but doable).
I appreciate @Jorropo 's sentiment. Maybe it would be better to explain why you want to restrict it to R-Pis and maybe we can suggest some alternatives.
Only include lines that show the machine to be a RPi. This should result in a family of hashes for each type of Raspberry Pi. The hash could be placed in the IPFS node as a text file.
Generate your swarm key and distribute the key.
Generate an IPNS key and distribute. yeah - that won’t work
Have any potential network user place the hardware hash at
/ipns/ipnskey/some-unique-id/hardware-hash.txt
/ipfs/some-unique-id/hardware-hash.txt
or something like that.
The “master” node grabs the hardware-hash.txt and checks it before the new node can join the network.
I’m just posting stream of thought… so some of these things may not work… but that would be my general process.
