Any thoughts on how you might go about rekeying a private swarm? Say you have Alice, Bob, and Charlie in a private swarm with a shared swam key and you want to kick Charlie out. How do Alice and Bob go about agreeing on a new swarm key and transitioning to it?
I should include that I’m not necessarily interested in a consensus based solution. There’s no consensus with creating and distributing the initial key anyway. I’m more interested in an automated way of distributing a new key
Currently it appears you’d have to use go-ipfs-swarm-key-gen to generate a new key, and then redistribute that key to the nodes. So for example If Alice and Bob wanted to kick Charlie out, Alice could generate a new swarm key and send it to Bob. Bob and Alice would replace their old swarm keys with the new one, and now Charlie is excluded from the private network.
I don’t know of how you could trigger this automatically, but you could write a custom solution. I believe you just replace the swarm key, and restart the node.
Note that you will still need a consensus (in a very broad definition) for it. You need to decide when to kick: majority? Threshold? “Admin” or blessed users deciding? etc.
You will also need to think of scenarios like Alice and Bob want Edgar out, Clarlie and Dorothy want to keep him. Charlie, Dorothy and Edgar will still be able to communicate with the old key, etc.
Otherwise, a simple processus would be that every node sends to all the other nodes their decision on wether Charlie must be kick or not. Every other node acknoledge all the other messages. Then the one with the smaller ID create a new key and send it to people wanting Charlie out. If this node doesn’t answer after a timeout, the second smallest node ID sends a new key, etc.
A problem is if a Dorothy says she wants Charlie out and lie, then forward the new key to Charlie…
There is probably a better design.
Something with consensus would be interesting but I figured going for something simple to start would be best. The initial forming of a swarm isn’t consensus driven other than everyone agreeing to use the swarm key and joining. It’s more like “I’m having a private party and you’re all invited”. Rekeying is like having an after party, “Hey, there’s an after party but Bob and and Alice aren’t invited. Meet me here at this new swarm key”. I don’t really care if Charlie and Edgar want to keep partying. So no consensus, It’s my party and I do what I want. I just might be partying alone.
1 Like