Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Static peer_id in Distributed Hash Table (DHT) #8326

Open
teddyrogers opened this issue Dec 10, 2024 · 9 comments
Open

Static peer_id in Distributed Hash Table (DHT) #8326

teddyrogers opened this issue Dec 10, 2024 · 9 comments

Comments

@teddyrogers
Copy link

teddyrogers commented Dec 10, 2024

I noticed peer_id for DHT remains static and can be used for tracking and fingerprinting.

It may be better to renew the peer_id value on each Tribler start-up and/ or rotate a new fingerprint every x hour.

@qstokkink
Copy link
Contributor

Don't worry. For downloading, all fingerprinting is stripped out before entering the BitTorrent DHT:

ltsession = lt.session(lt.fingerprint("TL", 0, 0, 0, 0), flags=0) if hops == 0 else lt.session(flags=0)

In case of an anonymous download, we go even further and anonymize the routing path and shield the IP:

settings["anonymous_mode"] = True
settings["force_proxy"] = True

There are also long-lived keys for your "core identity" (for example, we used these keys to earn and pay with tokens for anonymous download bandwidth in our TrustChain research in the past). I assume these are what you looked at. However, these are definitely not sent into the BitTorrent DHT network.

@teddyrogers
Copy link
Author

If it is stripped out and, for piece of mind, why not randomise all fixed fingerprint id's?

@qstokkink
Copy link
Contributor

Essentially, we use different identities/keys for different things. In some cases, like (anonymous) downloading, we want short-lived single-hop identities that are just strong enough to transfer data and then disappear completely. For other cases, like token wallets, we want longer-lived keys. For example, imagine the case where you buy 10 bitcoins and we automatically remove your private key: deleting your 10 bitcoins would be bad. A single key-lifetime strategy for everything will not work (though, technically, I guess you could say deleting 10 bitcoins "works as intended" if all you care about it key rotation).

@teddyrogers
Copy link
Author

@qstokkink the token wallets you mention, are these also used for and part of the "Channels" feature?

Now that I mention the "Channels", I noticed in Tribler 7.x there was an entire menu section for searching, subscribing and creating your own channel/s. In Tribler 8.x;

  1. I do not see any of the, "Channels", menu options or features, where did they go?
  2. Now there is only an option titled, "Popular". How would I go about finding or creating channels?
  3. How are files added to the, "Popular", search list and how is the search listing sourced when using the, "Search for your favorite content"?
  4. Where are the, "Popular", search queries being sent to, is there some sort of default channel that is being subscribed to?

@qstokkink
Copy link
Contributor

The token wallets and channels were separate features. The idea of token wallets was to (anonymously) pay people for relaying anonymous data (to exit nodes). The idea of channels was to create decentralized account management to share torrents.

The channels were removed (bullet 1). So, you can't find or create channels anymore (bullet 2). I can give a short insight into why we removed them. Channels were hand-curated by people/users to contain their best torrents. So, a lot of effort on our users. Then, they were shared (decentralized) between users, having them store a lot of data. Lastly, the quality channels were effectively drowned-out by thousands of "garbage" channels. Essentially, a lose-lose-lose. Instead, we now shifted our attention to better search and ranking of results (our PhD researchers are investigating if light-weight artificial intelligence can help here). Hopefully, that ends with no-effort lightweight and good search results, a win-win-win.

The popular search list is no more than the torrents from your database with the biggest seeder/leecher counts (bullet 3). When viewing the popular torrents page, we also ask the "neighbors" in your overlay network what torrents they consider popular (bullet 4). So, no secret channel. Of course, in the back end, the neighbors' results get injected into your local database and the next refresh could show more popular torrents than you already knew about.

@teddyrogers
Copy link
Author

Thank you for the insightful response on Tribler.

Where can I find all the changes/ omissions from Tribler 7/x to Tribler 8.x that you have mentioned, is there some documentation or site I am not aware of?

The popular search list is no more than the torrents from your database with the biggest seeder/leecher counts (bullet 3).

How do I compile my own database or are you implying that all the torrents that I have in my list become accessible to find and share with "neighbours" in my overlay network?

4). So, no secret channel. Of course, in the back end, the neighbors' results get injected into your local database and the next refresh could show more popular torrents than you already knew about.

The different search results is something I have noticed occur if checking every so often.

@qstokkink
Copy link
Contributor

Where can I find all the changes/ omissions from Tribler 7/x to Tribler 8.x that you have mentioned, is there some documentation or site I am not aware of?

We try include a list of the bigger changes in each release message of the GitHub Releases. If you want absolutely all the nitty-gritty development details, you can check out our GitHub Pull Requests history. We also have some historic perspectives on our 20 year legacy here: https://github.com/Tribler/tribler/wiki

How do I compile my own database or are you implying that all the torrents that I have in my list become accessible to find and share with "neighbours" in my overlay network?

Your database files are automatically compiled and stored in your "state directory" (~/.Tribler on Linux/Mac, and %APPDATA%/.Tribler for Windows) and, yes: you continuously exchange torrent files with other people. Together with other people, you form a decentralized search index in an overlay network.

@teddyrogers
Copy link
Author

Your database files are automatically compiled and stored in your "state directory" (~/.Tribler on Linux/Mac, and %APPDATA%/.Tribler for Windows) and, yes: you continuously exchange torrent files with other people. Together with other people, you form a decentralized search index in an overlay network.

Is it possible to disable this and how does Tribler behave with private torrents?

@qstokkink
Copy link
Contributor

You can disable it, by editing your configuration.json in your "state directory" (if you're using any of the 8.0.x releases this file will be in the 8.0 subdirectory). Specifically, you'd want to change the following settings:

  • "database": { "enabled": true } -> "database": { "enabled": false }
  • "content_discovery_community": { "enabled": true } -> "content_discovery_community": { "enabled": false }
  • "knowledge_community": { "enabled": true } -> "knowledge_community": { "enabled": false }
  • "torrent_checker": { "enabled": true } -> "torrent_checker": { "enabled": false }
  • "rendezvous": { "enabled": true } -> "rendezvous": { "enabled": false }

Of course, this effectively neuters Tribler: none of your search-related functionality will work.

I believe the underlying library, which Tribler uses, allows for private torrents. However, we never tested private torrents. Untested things usually don't work (but maybe you're lucky?).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

No branches or pull requests

2 participants