Proposal: improve Shortcomings of IPFS

  • While IPFS has many advantages and aura, it is not designed to meet the persistent storage market demand. If no other node pulls that data, only the local machine holds an orphan copy of that data, and if the local machine fails, that data will be lost. In other words, IPFS does not automatically do redundancy on data, let alone heartbeat monitoring and automatic data reconstruction. Therefore, IPFS has no data persistence guarantee mechanism. In other words, IPFS does not guarantee that the stored data content will not be lost permanently.

  • The fact that IPFS is not designed with a data persistence guarantee mechanism is directly related to the fact that IPFS does not encrypt data. According to ethical requirements, IPFS cannot automatically push data to other nodes to avoid pushing pornographic images to women or religious taboo content to inappropriate people. This problem does not exist if the data is encrypted, are random numbers of general ciphertext that cannot see the content, but for plaintext data this ethical issue must be considered.

  • The fact that IPFS does not encrypt is directly related to the fact that IPFS does not have ciphertext de-duplication technology. As we all know, ciphertext de-duplication is a proprietary technology owned by YottaChain, so IPFS can only choose between encryption and de-duplication. IPFS chooses data de-duplication at the expense of data encryption, which leads to the lack of data persistence guarantee mechanism of IPFS.

  • The lack of encryption in IPFS also directly leads to the lack of data security in IPFS. The data uploaded to IPFS is open to anyone who knows the Hash value to read it. If a centralized platform like BAT steals user data for evil, it is only a person who steals it, while storing data to a decentralized storage system like IPFS without data security mechanisms, it becomes a system where everyone can steal data. After all, pinning the hope of data not being stolen on the fact that no one knows the Hash value of that data is equivalent to putting private data on a public website and betting that no one knows the domain name of that website.

  • IPFS also does not utilize hard disk resources very well, with a sample survey showing that IPFS only utilizes 70% of hard disk space, and the rest of the space is wasted.

  • The concurrency performance of IPFS also needs to be improved, and many users have reported congestion and even errors when the number of concurrency exceeds 2.


Misunderstanding of IPFS propaganda
Because IPFS involves a very specialized field, some lay people often misunderstand and misrepresent it when promoting it. In fact, if you read the official website carefully, it is not difficult to find some common misconceptions in the propaganda

Myth 1: IPFS can retain data permanently.

Truth: IPFS is not designed for permanent data retention, as IPFS does not have a data persistence guarantee mechanism. But IPFS enables you to find the same data saved by other nodes on the IPFS network, so you will always be able to find that data as long as it is still available across the network. For data that many people use (i.e., hot data), you won’t lose it, but for data that only you use, or that you are legally required to keep for 10 or even 20 years but no one has pulled it at all in that time, IPFS is not a suitable storage method. The data is permanently lost because no one has ever pulled it, and there is no copy of it anywhere else.

Myth #2: IPFS doesn’t have to worry about privacy leaks

Truth: IPFS has no data security mechanism and does not encrypt data. Any data you upload to IPFS is exposed to all the public, so you need to do your own encryption for private data before uploading. But the hash value of the encrypted data is the ciphertext hash value, no one will pull the data except you, so you can’t expect other nodes to save the data, your data is destined to be only an orphan, you must take the responsibility to keep the data properly (i.e., you need to establish a data persistence guarantee mechanism).

Myth 3: IPFS has high performance

Truth: When you upload data to IPFS, IPFS actually just saves the data to your local IPFS node. In other words, the data is still on your local machine, it’s just moved to another directory. Since the data is not transferred over the network, it appears to be high performance. Similarly, when you read data from IPFS, you are probably reading what you uploaded before, so the data is stored on your local IPFS node, and IPFS is copied to you from your local machine, which also appears to be high performance. However, if there is no data on the local machine, you need to use a distributed hash table to find it. A distributed hash table can only record part of the metadata of the whole network, so you need to jump several times to find the data, which is not high enough performance, plus the IPFS concurrency performance is not ideal, the download speed may not reach your expectations at this time.


Copyright: This article is an original article by CSDN blogger “Wang Donglin”, and follows the CC 4.0 BY-SA copyright agreement, please include the original source link and this statement.
Link to original article: https://blog.csdn.net/weixin_43966037/article/details/119283678

Translated with DeepL Translate: The world's most accurate translator (free version)

Myth #1 I see this very often.
Myth #2 People don’t care about privacy in general IMO.
Myth #3 Having centralised server with decades of optimisations as an expected standard is hard for IPFS.

About your other points, IPFS as a protocol says nothing about storage or encryption on purpose, it is left to be built on top of it. Filecoin is an attempt at providing long term storage, as for encryption it’s still early.

You can criticise go-ipfs all you want but please make it clear that’s what your doing it’s a little confusing right now.

1 Like

If you want #1 go for arweave. I want to be able delete data from IPFS on my nodes. People often want #1 because it will give them free storage forever.

#2 - you always have to deploy data persistence agreement - encrypted data or not.

IPFS doesn’t push data to other node partly because of ethics/regulation/other human stuffs, but also to avoid a very, very, very DOS. Anyone could ask anybody to store random junk and pretend it’s its encrypted files. And also: nobody wants to store others’ crap for good reasons. Deduplication is not a strategy to cope with lack of encryption, it’s a fundamental feature. IPFS is not a software, it’s a protocol. On top of it, you build app or software to do stuff, and use IPFS (the protocol), to move bits around. It you want the bits to be encrypted, make your app do that.

This is a direct quote from YottaChain, but it is probably false. Also, I don’t know YottaChain but judging by the name, they solves different problem.

More generally, I see a lot of confusion in the first part of the message, before the myths.

2 Likes

Because you think arweave incentive model is sustainable :upside_down_face: ?

1 Like