Exploring ways to improve ipns

# Exploring ways to improve IPNS! slides: https://hackmd.io/@hugodias/ipns --- ## Who are we? - Hugo Dias & Adin Schmahmann - Porto, Portugal & Boston, USA :heart: - IPFS Core Developers :cat: Note: ask who knows about IPFS, IPNS and DHT --- ### IPNS :space_invader: Inter-Planetary Naming System :space_invader: --- ## IPFS is Immutable ```shell > echo 'IPNS' > test.txt > ipfs add test.txt /ipfs/Qmcpr6B63t55cMni4zsZwdfsmc76bBWPgdP8fuoaGeat4x > echo 'mutable' >> test.txt > ipfs add test.txt /ipfs/QmdfuCQQZG3ZknEcUs4vGuf8rWXFpZWD3eakTth74HbpNw ``` Note: IPFS is powered by content-addressed data, which by nature is immutable: changing an object would change its hash, and consequently its address, making it a different object altogether. However, there are several use cases where we benefit from having mutable data. This is where IPNS gets into the equation. --- ## IPNS enables the creation of mutable pointers to a content path. Note: Each time a file is modified, its content address changes. As a consequence, the address previously used for getting that file needs to be updated by who is using it. As this is not pratical, IPNS was created to solve the problem. --- ## IPNS is Mutable ```shell > echo 'IPNS' > test.txt > ipfs add test.txt /ipfs/Qmcpr6B63t55cMni4zsZwdfsmc76bBWPgdP8fuoaGeat4x > ipfs name publish /ipfs/Qmcpr6B63t55cMni4zsZwdfsmc76bBWPgdP8fuoaGeat4x /ipns/QmcjrwMdCoLLSUk4bidy8PxFdDHFJLq4dq2i3k2Z3t8esv > echo 'mutable' >> test.txt > ipfs add test.txt /ipfs/QmdfuCQQZG3ZknEcUs4vGuf8rWXFpZWD3eakTth74HbpNw > ipfs name publish /ipfs/QmdfuCQQZG3ZknEcUs4vGuf8rWXFpZWD3eakTth74HbpNw /ipns/QmcjrwMdCoLLSUk4bidy8PxFdDHFJLq4dq2i3k2Z3t8esv ``` Note: IPNS is based on Self-certifying File System (SFS). It consists of a PKI namespace, where a name is simply the hash of a public key. As a result, whoever controls the private key has full control over the name. Accordingly, records are signed by the private key and then distributed across the network. --- #### An IPNS record is a data structure containing the following fields: - **value** (eg. /ipfs/bafy...) - **sequence** - **signature** - **public key** - validity - validity type - ttl Note: - value - It can be any path, such as a path to another IPNS record, a dnslink path (eg. /ipns/example.com) or an IPFS path (eg. /ipfs/Qm...) - validity - Expiration date of the record - Signature - Concatenate value, validity field and validity type. Sign the concatenation result with the provided private key. - Validity type - Allows us to define the conditions under which the record is valid. - Sequence - Represents the current version of the record (starts at 0) - Pubkey - Ttl - A hint for how long the record should be cached before going back to, for instance the DHT, in order to check if it has been updated. --- ### Current Overview ![ipns overview](https://github.com/ipfs/specs/blob/master/img/ipns-overview.png?raw=true) Note: Routing - DHT acts as a KV store and router - Right now PubSub works mostly to get faster updates --- ### Multiple routers :tada: We don't need to choose just one router! :tada: - DNS - MDNS - Workers - PubSub - DHT Note: Strategies: fastest, guaranteed of freshness, offline only. --- ### IPNS over DNS ```shell dig TXT bafybeicagsz6fho75fzralubljnhmvayrnkzgm4vtujedd7ldsojzn3xym.dns.ipns.dev /ipfs/QmdfuCQQZG3ZknEcUs4vGuf8rWXFpZWD3eakTth74HbpNw ``` ![image alt](https://hugomrdias.keybase.pub/ipns-dns.jpg) Note: * we built a package called ipns-ns * Nameservers for a domain (ipns.dev) --- ### IPNS over DNS * Fast resolves < 100ms * Provides Origin Isolation in browser * [https://<key hash>.ipns.dev](https://) * Human readable names * https://pretty-cat.ipns.dev * DNS over HTTPS * Publishing is centralized * Resolving can be federated * Anyone can run nameservers --- ### IPNS over MDNS * Works offline * MDNS annouces ipns.local * Browser can resolve ipns.local --- ### IPNS over Cloudflare Workers * Just a HTTP API with GET and PUT * Prototype to understand how IPNS works * It's still self-certifying :dizzy_face: * Shows that any KV store can be used as a backend * Runs in the edges :dash: --- ### IPNS over DHT - Put and Get IPNS records into DHT - Resolve/Publish decentralized - On resolve ask for multiple records to confirm we have the latest version - Slow resolves since we need to find multiple records --- ### IPNS over PubSub - Publish/Resolve records to/from **interested** peers - Fast record updates - Discover peers with: - DHT - DNS or MDNS - Rendezvous servers - Resolve speed depends on peer discovery method - Enables advanced use cases (e.g. multiple writers) Note: - Publish/Resolve records to/from **interested** peers - Decentralized given interested peers - Discover peers with: - Any KV store - Resolve speed depends on peer discovery method - DHT peer discovery much faster than DHT record search --- ### TLDR - multiple routers :+1: - ipns can be fast :horse_racing: - ipns can be flexible :electric_plug: - ipns can be simple :white_circle: <br> ```cpp= IPFS = *Content => Content IPNS = **Content => *Content ``` --- ### Future work - Revocation and Rotation of IPNS keys - Multiple writers to a single IPNS key - Including access control/capabilities - Third-party republishing - Flexible strategies for multiple routers --- ### Thank you! :clap: You can find us online with the handles #### @hugomrdias @aschmahmann