Is it possible to store private objects in ipfs without encrypting them?

From @Ekleog on Sun Sep 18 2016 18:10:41 GMT+0000 (UTC)

In order to fetch an ipfs object, one needs a hash. Does this hash sometimes leak to other nodes who didn’t know it beforehand, or can one rely on the fact that in order to fetch an object one has to know the hash in some way?

Along the same idea, is it possible to store data pinned in an ipns record privately, if the ipns record is kept private? (this question assumes the ongoing work on using an ipns key different from the node ip is complete)

Copied from original issue:

From @lgierth on Sun Sep 18 2016 21:39:44 GMT+0000 (UTC)

tl;dr check out peergos :slight_smile:

Rule of thumb: data added to IPFS generally isn’t private, unless you 1) encrypt it, or 2) never connect your node to the network. The former will be a part of IPFS itself in the near future, the latter is currently brittle and needs better support for ensuring you really don’t connect.

For fetching, you usually need to know the respective hash. Because of the way content routing in IPFS currently works though, it’s possible to write a tool that listens for so-called “provider records”. Everytime you add something to IPFS, your node becomes a provider of that thing, and broadcasts the hashes it provides to the network, so that other nodes can respond to queries for the location of these.

From @lgierth on Sun Sep 18 2016 21:43:38 GMT+0000 (UTC)

Oh sorry, I just realized you asked explicitly for “without encryption”. What I wrote about provider records is still relevant I think.

About having your own network:

  1. empty the bootstrap list: ipfs bootstrap rm --all
  2. put IPFS on a non-standard port, or ideally on a non-public ip address
  3. put a few of the other nodes in your network into the bootstrap list
  4. monitor your connections with ipfs swarm peers

Note that if you get connected to the public network once, nodes will remember your address, and under certain circumstances keep connecting to you. You can mitigate this by changing the port or address IPFS listens on (see 2).

From @lgierth on Sun Sep 18 2016 21:44:29 GMT+0000 (UTC)

There’s a pretty cool proposal for private networks here btw:

From @Ekleog on Sun Sep 18 2016 22:04:09 GMT+0000 (UTC)

Thanks! Leaving this open for record, I suppose someone with tag-setting abilities should add tag answered :slight_smile:

From @lgierth on Sun Sep 18 2016 22:05:11 GMT+0000 (UTC)

Great, obliged!

Has this been resolved?

Has IPFS implemented Private Networks?

IPFS private network is available as part of experimental feature in go-ipfs here.