It seems like today ipns record creation is overly tied to running a node. If somebody else is running a node I’d like to be able to sign records to give to them. Ideally I’d like to use a ethereum wallet like meta mask which already has a public key (and uses elliptical curve?) so I could sign things in a web app with an extension I already have. Has anybody looked at this already?
There’s a bunch of services like infura and cloudfare offerening ipfs as a service which is great but there’s but nobody is really offering ipns as a service. Maybe this would help drive it?
Signing your IPNS records through your wallet would be doable (you just do an ethereum rpc sign call and pass the IPNS record as value).
Ethereum use Ed25519 which is one of the public key supported for IPNS, alternatives are RSA and secp256k1 (what bitcoin use). However our key encoding is different than ethereum and bitcoin so even tho they are identical their representation would be different.
(we recommend to use Ed25519 and is the default in Kubo)
I can point to the IPNS specs & code examples if you want to try implementing that.
FYI a peerid is just a fancy multiformats compatible wrapper arround a public key.
I would take a look at the underlying implementation of the signing code, you should be able to fork it and replace it by web3_provider based signing fairly easily.
I think there is a call in the ethereum RPC that doesn’t add thoses.
If there isn’t then you need to recover the private key of the wallet and do crypto yourself.
I think there is a call in the ethereum RPC that doesn’t add thoses.
If there isn’t then you need to recover the private key of the wallet and do crypto yourself.
There is but it’s not secure someone could trick you into signing a message then use it to spend your coins, that is why it’s prefixed.
Also, recovering the public key is not the problem, a user does not control how the wallet sign messages and neither how Kubo verify and they are not compatible because of a different hash algo is used and prefix used in the case of BTC & ETH.
You can always do the crypto yourself but your out of luck if you want to use a preexisting wallet hardware or not.
Could roll my own variant of ipns and try and shove it into Ipfs’s dht or an different kademila dht but was hoping to use a common standard to get better replication.
Could roll my own variant of ipns and try and shove it into Ipfs’s dht or an different kademila dht but was hoping to use a common standard to get better replication.
Would be easier to add ETH & BTC signature schemes to Kubo since there’s already secp256k1 curve verification but without prefix.
edit: same problem with DAG-JOSE can’t use crypto wallet either
So in my project just did something similar to ipns and broadcast that to pubsub. Its not idea since it doens’t get as many repeaters as ipfs (and makybe i should be putting on a dht instead)
The oldest siging method makes that disclaimer to stop people from being tricked into making transactions but personal sign is pretty safe because it prefixes it something to the data that means it can’t be a transaction.
For my use case, I finally decided to not use ETH signatures, here’s why.
Key rotation is a must and to complement that, ETH account can sign a message that allow certain other keys to update IPNS record for some identity.
This system is going in the same direction as UCANs tokens. Bunch of keys can be bundled together in a way that allow rotation and specify X keys are for X purpose.
Easy to use decentralized identity will happen and the problems of I need this system to support this crypto will disappear IMO.