Replies: 1 comment 3 replies
-
|
Yes, agreed that iroh's discovery publishing could be improved. OTOH it is rather hard to know for iroh what the useful IP addresses are to publish. This is something the application has better knowledge of. There probably is a good argument for always publishing fully public ones. There is also the privacy consideration: not everyone likes to publish their IP addresses by default. Currently if there is no relay URL at all, the IP addresses will get published btw. But that's pretty hidden and I expect that more people might be caught out by this that would be helped. I think that might also be something that should be re-visited and made more explicit. Perhaps there should be more control over what is published. Maybe some ideas:
And I guess ideally that mechanism should be generic regardless of what publisher you're using, so pkarr or dns. |
Beta Was this translation helpful? Give feedback.
-
Is there anything that is not exposed by publishing the relay address? Anyone can just make a call to the relay and probably gets sent a list of IPs to connect to, no? By using Iroh I already accepted that the connectivity is directly and public. At least in case of Pkarr there's a limit of amount of data for a given identity (1024 B, IIRC), so publishing all IPs is often not possible. In my app, I have been sorting IPs by their usefulness, and filtering anything that didn't look publicly routable. IPs are just a best effort fallback.
That makes sense. |
Beta Was this translation helpful? Give feedback.
-
Yes, currently that is true. Though I'd like to fix this at some point so you can delay starting holepunching until you've validated the NodeId connecting to you. |
Beta Was this translation helpful? Give feedback.
-
|
Oh. So I guess that's the reason not to publish own IPs directly. It makes the privacy better, as only e.g. nodes that know your NodeID can query it? There's also DDoS consideration here: what if someone publishes someone else's IPs in a Iroh's identity record, just have people attempt connecting with them... |
Beta Was this translation helpful? Give feedback.
-
Currently (AFAICT) Iroh publishes only the relay address for a given endpoint
In my domain of work, applications typically aim at maximum trust minimization and censorship resistance, but this one aspect seems like a downgrade comparing to using IP addresses directly. Just to clarify: Iroh connectivity provides plenty of benefits, but in this one aspect it's a downgrade as the connectivity is dependent on relays, which is an additional trust assumption and potential point of failure.
Had iroh published public, routable IP addresses along with with relay address itself, nodes that do have public IP address would be reachable irrespective of the relays. Assuming the UDP port is open, and that Pkarr DHT Name Discovery enabled, making public IP connectivity not depend on any external centralized service.
This can be implemented manually. In one of my applications I already use Pkarr DHT to directly publish public IP addresses in form of an iroh Ticket, along-side Iroh connectivity, but I had to do it for other reasons anyway (one identity can have multiple Iroh nodes replicating things at app level). There's also https://docs.rs/iroh/latest/iroh/endpoint/struct.Builder.html#method.user_data_for_discovery . But it seems to me that it would be way better handled directly in Iroh anyway as a standard mechanism that increases robustness.
Beta Was this translation helpful? Give feedback.
All reactions