Using IPFS for user apps with user data typically requires encryption. Since IPFS does not natively provide encryption, this is something that developers need to find a solution for.
Encryption of user data is a broad topic, and with user-owned data, this is even more challenging as it typically requires some form of key management.
In the last couple of months, I came across several tools and approaches to this problem, so I’m trying to curate a list of tools, libraries, and services that address this.
- WNFS is a filesystem built on top of IPFS by the Fission team. WNFS is pretty clever and uses a unique symmetric encryption key for each file and directory while encapsulating the encryption keys in the actual IPLD nodes. This concept is known as a Cryptree (more on this in this talk WebNative File System (WNFS) - @expede, @matheus23 - IPFS Implementations - YouTube)
- Peergos is another filesystem built on top of IPFS that also implements Cryptrees, the same pattern used by WNFS.
- Ceramic created the dag-jose codec for IPLD which allows storing encrypted data.
WNFS is the only one I’ve tried, thanks to some help I got from the Fission team.
The nice thing about WNFS is that it works in browsers, and Fission’s work on WalletAuth means that the encryption keys for the private filesystem are derived from the user’s blockchain wallet,e.g. via metamask.
As far as I know, WNFS is agnostic to where you derive the root key from, and they also have an example that uses the WebCrypto API to generate non-extracable keys in the browser. In this case, when using multiple devices, each device has its key and access is delegated with UCANs.
Unlike the projects above, the following are hosted services that handle encryption for you. I haven’t actually tried any of these, but they seem suitable for trusted setups where you want to ensure data isn’t public by default, but are willing to delegate trust to the service to manage encryption (in a somewhat similar way to how you use Google Drive and Dropbox):
- Fileverse an encrypted user storage and sharing app built on top of IPFS that integrates with cryptowallets.
- Chainsafe files an encrypted user storage/sharing app built on top of IPFS
- Lighthouse storage a hosted IPFS service with encryption. They manage the keys for you. They have an SDK which means you can use this programmatically in apps.
Another thing that’s worth flagging is private IPFS swarms.
Private IPFS swarms do not encrypt any of the data, instead they limit network participation and communication to nodes that share an encryption key.
from the config docs:
It allows ipfs to only connect to other peers who have a shared secret key.
Some more details about private IPFS swarms from a GitHub comment:
Basically, everyone on the network uses the same symmetric key to encrypt all traffic (on top of the other encryption we do). This means you can’t join without this symmetric key.
Forward secrecy: connections are already encrypted and secured with a Diffie-Hellman handshake before they’re re-encrypted with this shared secret. So yes, it does have forward secrecy.
However, if you leak the secret key, anyone with access to the secret key can now join the network unless you rotate the secret key first.
Any services, tools, or libraries I missed? Let me know by replying! I’d love to know