About PubSub sniffing


Can someone sniff messages sent over a pubsub channel without actually be connected to this channel?

If so, is there a proper way to prevent this?

Does the attacker needs to know the channel name?
→Would hashing the channel name be a good solution?

Are messages encrypted with the channel name?
→Would encrypting them be a good solution?


pubsub doesn’t have channels. It has “topics”. And you don’t connect to a channel, you subscribe to a topic, which means that you have interest in certain messages that you receive, and re-broadcast them accordingly, while you drop and ignore everything else (by default).

It is then perfectly possible to sniff pubsub messages. Choosing a weird/difficult topic name won’t help since the pubsub message itself (topic name, sequence number etc) is sent around for everyone to see.

You can however put whatever you want in the payload of the message, so you can send encrypted messages that everyone will receive but only some people will be able to decrypt.

Pubsub messages are now signed by the peer ID that issues then, but I think strict signature-checking is not enabled in IPFS yet (not sure though).