Ethereum signining of IPNS

It seems like today ipns record creation is overly tied to running a node. If somebody else is running a node I’d like to be able to sign records to give to them. Ideally I’d like to use a ethereum wallet like meta mask which already has a public key (and uses elliptical curve?) so I could sign things in a web app with an extension I already have. Has anybody looked at this already?

There’s a bunch of services like infura and cloudfare offerening ipfs as a service which is great but there’s but nobody is really offering ipns as a service. Maybe this would help drive it?

IPNS isn’t tied to running a node, this is implementation details of Kubo.
There is web3.storage with GitHub - web3-storage/w3name: IPNS client and service for generating, updating, and tracking immutable names with signed updates which has an IPNS service (you give them some signed records and they republish them on the DHT for you).

Signing your IPNS records through your wallet would be doable (you just do an ethereum rpc sign call and pass the IPNS record as value).
Ethereum use Ed25519 which is one of the public key supported for IPNS, alternatives are RSA and secp256k1 (what bitcoin use). However our key encoding is different than ethereum and bitcoin so even tho they are identical their representation would be different.

(we recommend to use Ed25519 and is the default in Kubo)

I can point to the IPNS specs & code examples if you want to try implementing that.

2 Likes

THanks looking at web3-storage/w3name.
Was looking at signing an ipns record in javascript
but js-ipns seemed to take a peerid

Was deciding if I could mock up a peerid with a web3.personal.sign as its private key.

FYI a peerid is just a fancy multiformats compatible wrapper arround a public key.
I would take a look at the underlying implementation of the signing code, you should be able to fork it and replace it by web3_provider based signing fairly easily.

I just refactored my code for manually creating IPNS record.

NO you can’t use crypto wallet to sign records.

Kubo expect very specific hash and crypto algorithm plus crypto wallet always add prefixes to messages signed.

Kubo could be modified to verify BTC or ETH signatures and that would make my life way easier!

I think there is a call in the ethereum RPC that doesn’t add thoses.
If there isn’t then you need to recover the private key of the wallet and do crypto yourself.

I think there is a call in the ethereum RPC that doesn’t add thoses.
If there isn’t then you need to recover the private key of the wallet and do crypto yourself.

There is but it’s not secure someone could trick you into signing a message then use it to spend your coins, that is why it’s prefixed.

Also, recovering the public key is not the problem, a user does not control how the wallet sign messages and neither how Kubo verify and they are not compatible because of a different hash algo is used and prefix used in the case of BTC & ETH.

You can always do the crypto yourself but your out of luck if you want to use a preexisting wallet hardware or not.

There is but it’s not secure someone could trick you into signing a message then use it to spend your coins, that is why it’s prefixed.

That’s unfortunate web3.personal.sign was what I was considering ethsign/index.html at 74b24d6884c56417ec6882d652860c24d6718955 · shobhitic/ethsign · GitHub
But that prefixing sounds correct.

Could roll my own variant of ipns and try and shove it into Ipfs’s dht or an different kademila dht but was hoping to use a common standard to get better replication.

Yep definitely prefixes
web3.eth.personal — web3.js 1.0.0 documentation (web3js.readthedocs.io)

The sign method calculates an Ethereum specific signature with:

sign(keccak256(“\x19Ethereum Signed Message:\n” + dataToSign.length + dataToSign)))

Could roll my own variant of ipns and try and shove it into Ipfs’s dht or an different kademila dht but was hoping to use a common standard to get better replication.

Would be easier to add ETH & BTC signature schemes to Kubo since there’s already secp256k1 curve verification but without prefix.

edit: same problem with DAG-JOSE can’t use crypto wallet either

Would kubo maintainers actually be open to taking something like that assuming somone wrote the code?

IPNS Spec

Records
Keys

Useful links if your going to implement something.

1 Like

Tried to raise this up here.
[Feature] Support ethereum wallet signing. · Issue #44 · ipfs/go-ipns (github.com)

Think I can pretty easily verify an eth sig just need suggestions on when we should check that prefix.

1 Like