There is need for privacy enhanced DHT. Current problem is that its possible to listen for DHT announces and grab list of new CIDs appearing in the network.
Instead of announcing raw CID to DHT server, node would announce something like HMAC computed from two parts - CID and node Id which is announce sent to. Similar thing got implemented in tor network as part of migration to Onion v3 hidden services.
This will prevent two cases:
- DHT server can’t snoop for announced CIDs, then fetch them and scan for content.
- Announced data can’t be aggregated by other DHT servers
- (Maybe) some kind of signature, node publishing DHT record will sign it.