Hyperswarm topic security and peer filtering #2
Description
Problem
On any given Hyperswarm DHT topic lookup give me plenty of spurious peers (that I do not know where they came from). They are definitely not my peers who have announced themselves on this DHT topic. We saw the same with bittorrent-dht when we used it to experiment with NAT hole punching in 2014.
I see the following issues with this:
-
it is not efficient to connect to all peers only to discover they are some visitors there from Mars colony, Cypher or an agent
-
I plan to have my phone, tablet, mac, and my 3 Personal Cloud replicas sitting on that Hyperswarm DHT topic and at any given moment I only need to connect to one of my Personal Cloud replica to publish some new things
What exists in Hypercore already and why is it lacking?
Data can already be put in Hyperswarm DHT, which can then be used to select the right peer (phone / PC / server, a particular server replica that is not overloaded, my second device that needs to be replicated to, etc.).
Proposal
Put a bouncer at the door - only accept signed announces to DHT
This will:
- increase security as unwanted peers will not be able to announce
- save DHT memory, as unwanted peers will not be able to announce
What detrimental effects could it have on DHT? Has it being tried before?
Who else implemented similar things?
-
First of all BitTorrent BE44 expands from BEP5 which allowed to store IP,port of peers to using DHT as a generic key-value tore.
-
Need to study webtorrent implementation of tokens, signing for mutable content