It seems like today ipns record creation is overly tied to running a node. If somebody else is running a node I’d like to be able to sign records to give to them. Ideally I’d like to use a ethereum wallet like meta mask which already has a public key (and uses elliptical curve?) so I could sign things in a web app with an extension I already have. Has anybody looked at this already?
There’s a bunch of services like infura and cloudfare offerening ipfs as a service which is great but there’s but nobody is really offering ipns as a service. Maybe this would help drive it?
Signing your IPNS records through your wallet would be doable (you just do an ethereum rpc sign call and pass the IPNS record as value).
Ethereum use Ed25519 which is one of the public key supported for IPNS, alternatives are RSA and secp256k1 (what bitcoin use). However our key encoding is different than ethereum and bitcoin so even tho they are identical their representation would be different.
(we recommend to use Ed25519 and is the default in Kubo)
I can point to the IPNS specs & code examples if you want to try implementing that.
FYI a peerid is just a fancy multiformats compatible wrapper arround a public key.
I would take a look at the underlying implementation of the signing code, you should be able to fork it and replace it by web3_provider based signing fairly easily.
I think there is a call in the ethereum RPC that doesn’t add thoses.
If there isn’t then you need to recover the private key of the wallet and do crypto yourself.
There is but it’s not secure someone could trick you into signing a message then use it to spend your coins, that is why it’s prefixed.
Also, recovering the public key is not the problem, a user does not control how the wallet sign messages and neither how Kubo verify and they are not compatible because of a different hash algo is used and prefix used in the case of BTC & ETH.
You can always do the crypto yourself but your out of luck if you want to use a preexisting wallet hardware or not.
The oldest siging method makes that disclaimer to stop people from being tricked into making transactions but personal sign is pretty safe because it prefixes it something to the data that means it can’t be a transaction.