-
Notifications
You must be signed in to change notification settings - Fork 233
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
ipip(ipns-record): ipns record on gateway
- Loading branch information
Showing
3 changed files
with
94 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,77 @@ | ||
# IPIP 0351: IPNS Signed Records Response Format on HTTP Gateways | ||
|
||
- Start Date: 2022-11-29 | ||
- Related Issues: | ||
- [ipfs/specs/issues/320](https://github.com/ipfs/specs/issues/320) | ||
- [ipfs/specs/pull/351](https://github.com/ipfs/specs/pull/351) | ||
- [ipfs/kubo/pull/9399](https://github.com/ipfs/kubo/pull/9399) | ||
|
||
## Summary | ||
|
||
Add IPNS Signed Records response format to the [HTTP Gateway](../http-gateways/). | ||
|
||
## Motivation | ||
|
||
Currently, the gateway allows for trustless retrieval of data under the `/ipfs` | ||
namespace, bu fetching the data as a CAR, or Block, and then verifying it locally. | ||
This is especially important for light IPFS clients, so that they can retrieve | ||
data from other gateways without delegating any of the trust to them. Unfortunately, | ||
this is not possible under the `/ipns` namespace. | ||
|
||
In contrary to DNSLink, IPNS provides cryptographically-verifiable records that | ||
can be verified by the client. This means that, if a gateway is able to provide | ||
the IPNS signed record to an HTTP client, trustless retrieval would also be available | ||
under the `/ipns` namespace. | ||
|
||
In this IPIP, we propose adding [IPNS signed records][ipld-record] as a response | ||
format to the gateway under the `/ipns` namespace, allowing for trustless | ||
retrieval of IPNS records. | ||
|
||
## Detailed design | ||
|
||
The solution is to allow the Gateway to provide an IPNS signed record by | ||
requesting it using either the `Accept` HTTP header or the `format` URL query. | ||
|
||
## Test fixtures | ||
|
||
IPNS records for testing can be generated in Kubo by creating an IPNS record: | ||
|
||
```bash | ||
$ ipfs key gen <key-name> | ||
k51Key | ||
|
||
$ ipfs name publish /ipfs/bafyHash --key=<key-name> --ttl=<record-ttl> | ||
Published to k51Key: /ipfs/bafyHash | ||
|
||
$ ipfs routing get /ipns/k51Key > key.pb | ||
``` | ||
|
||
## Design rationale | ||
|
||
The current gateway already supports different response formats via the | ||
`Accept` HTTP header and the `format` URL query. This IPIP proposes adding | ||
one more supported format to that list. | ||
|
||
### User benefit | ||
|
||
By providing IPNS records through the gateway, IPFS light clients are able | ||
to race multiple gateways in search for an IPNS record for a certain IPNS key. | ||
This way, IPFS light clients do not necessarily need to implement the required | ||
machinery to fetch IPNS records from other IPFS nodes through the DHT or PubSub. | ||
|
||
In addition, the retrieval of IPNS records is trustless in the sense that they can | ||
be verified by the client since the IPNS record includes a cryptographic signature | ||
provided by its creator. | ||
|
||
### Compatibility | ||
|
||
This IPIP proposes a new format to be added to the gateway, but does not change | ||
any prior format. Therefore, this IPIP is backwards compatible. Please note | ||
that IPNS records are also added to the [Trustless Gateway](../http-gateways/TRUSTLESS_GATEWAY.md) | ||
specification. | ||
|
||
### Copyright | ||
|
||
Copyright and related rights waived via [CC0](https://creativecommons.org/publicdomain/zero/1.0/). | ||
|
||
[ipld-record]: ../ipns/IPNS.md#ipns-record |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters