IPFS as a transport layer

Hello i’m new to IPFS and I have an idea I want to bring to life that utilizes IPFS. I’m a beginner so i won’t front like I know more than anyone else of IPFS.

With my intro out of the way, i was wondering. Is it possible to create a private network that interacts with the main IPFS network?

It sounds like what you want is what IPFS already does. When you add a file to IPFS you are given a hash that acts as the address for the file, instead of a URL like “www.foo.bar/file” . The file is not automatically sent out to anyone unless someone asks for your file with the hash. IPFS is meant to replace things like HTTP and other protocols that rely on an address that points to a physical server. It isnt a storage network, unless a bunch of other people have already downloaded your file you still need to host it yourself. However when someone requests the file they can download it from anyone who has previously downloaded the file and not deleted it yet, sort of like BitTorrent, but on a per-file-basis rather than a whole collection of files as contained in a torrent. Individual files on your social network, say images, posts, private messages, are available to anyone, but no one downloads them unless they try to, same as you didn’t download the forum thread page until you tried going to the forum and created a new thread.

Hope that helps to clarify things a bit. I’ll try to answer any further questions you may have, but I’ll warn you that I’m not actually an IPFS developer, just an enthusiast of sorts with a technical understanding of lots of things.

1 Like

ok cool thank you for the reply

Works sort of like that, basically what it sounds like you should do a rather than having a private network (which you would only do if you wanted to be 100% sure people didn’t download stuff hosted in certain nodes) instead you should have all your nodes on the main network, you can configure some nodes to automatically download some or all the content from another node, which is useful for distributed storage. Then any other node on the network could also download content from your node(s) and any node that had the content would be able to send the files. Any of your “private” nodes and any other nodes on the network if they have the content.

Make sense?

Have a look at the IPFS Cluster project which serves to sync up pinned content between nodes. From what I understand what you want for a private network would be best served with a “cluster” on the main network.

So what about private information that you want to release at will, let’s say a user’s location ?

If I use IPFS Cluster on mainnet, to pin individual profiles of users to individual 1 to 1 nodes(meaning each profile has its own node containing the information of the user) , would the user be able to keep their location private and unprivatize it without the need to switch between private and main?

Keeping in mind that there’s no way to guarantee someone else doesn’t store past location information that they’ve received, I’d handle it by having your client app only add the location data to IPFS when it needs to be shared. Hypothetically (due to the complexity of a data file hash) no one should be easily able to guess a hash and get the file without you sending it to them.

Could finding a hash be linked to seeing the data packets coming from ones IP?

Well, I hadn’t thought of that, but I suppose it wouldn’t be impossible. Using an encrypted IPFS bridge may solve that problem. It would sort of depend on the level of packet snooping at that point. As far as that goes I think you’d have to ask someone else more familiar with packet analysis and encryption techniques. China is known to have employed the appropriate techniques in determining what citizens are accessing on the internet, but I can’t say that they’d be willing to divulge their exact capabilities. Doing some research towards anti-China censorship methods might return some useful results. Again though, unless you’re looking to hide from an organization with the resources of the Chinese government I’d say typical HTTPS encryption, possibly augmented by the Tor network would suffice. If you are trying to conceal data from the Chinese government, well… I’ve never come up with a great solution for that.

Sorry for the late reply, do you happen to know of any good windows Guides for setting up IPFS private and cluster networks?

I got the IPFS daemon to boot properly, and i also got my swarm key. I just need assistance in bootstraping, and setting up the cluster network!

Aside from what’s at cluster.ipfs.io I don’t know of any. I’d start by searching the forum here, if you’ve already done that then hit up Google. Unfortunately I just don’t think there’s many people doing what you’re trying to do so documentation isn’t extensive.

Any professionals I can get in contact with?

That thread might be interesting for you.

It’s all based on MacOS though, can’t do anything with it


the most common approach to do what you want to do is to encrypt your content before putting it on the IPFS network (see Textile.io and their blog posts explaining how they do these things), and giving the keys to whoever needs them.

Hiding the “hash” (CID) from anyone does not prevent discovery or download from 3rd parties as every CID is published to the global DHT which can be easily sniffed. If you would not publish it, then other people would not be able to find that your node provides it. If you directly point them to your node, then this might work but I would not count on this as a way of protecting data since your node will be connected to many places by default.

IPFS Cluster is of not help here. It can’t move content from a private network daemon to a public network daemon. Not that there is no “privatization” of content once it’s been on the public network. As soon as someone else downloads it it will live on the network, until all copies are gone at least.

Thanks I was thinking the same thing