Hacker News new | past | comments | ask | show | jobs | submit login
Building Permanent and Censorship-Resistant Blog with Ethereum ENS and IPFS (pawelurbanek.com)
199 points by pawurb on June 29, 2021 | hide | past | favorite | 103 comments



I looked into this the last time someone posted about it here:

https://news.ycombinator.com/item?id=27551619

One thing I realized is how expensive Ethereum domains are. The domain price is equivalent to a regular domain and then you still have to pay the gas fee, which makes it more expensive than a casual .org or .net

The other drawback of these censorship-resistant blogs is that they all require plugins to access the non-HTTP domain, which all but rules out most non-technical people who don't even know what HTTP is.

And while it can still be accessed over HTTP, the bottlenecks become the same companies that might comply with censorship requests.


It's all a matter of time. The plugins are a current workaround for when browsers don't natively understand IPFS content.

But the rate of growth of this space and with browsers like Brave gaining some traction, I won't be surprised if Firefox starts natively supporting Web3 tools at some point in the future and that would make Google and Apple think about it as well.

Definitely will take time but this seems like the logical next step given how far this tech has already come in the last 5 years.


How's IPFS on mobile? I'd expect it either eats battery or is slow. Maybe both.


> The other drawback of these censorship-resistant blogs is that they all require plugins to access the non-HTTP domain, which all but rules out most non-technical people who don't even know what HTTP is.

All .eth addresses are resolved by cloudflare with the .link tld, so hn.eth could be visited as a normal site with hn.eth.link


Until Cloudflare is required by law to unlink something.


I'm sure they do have a blacklist, and for those hiy can run the infrastructure yourself if you want to view those


If they are using HTTP without knowing what it is, then their understanding of protocols is quite possibly not the important part of the puzzle.

I'd struggle to explain what IFPS is but I can follow the link just fine.


There's a comparable stack using Skynet and HNS. HNS is a lot cheaper than Ethereum because it's a blockchain dedicated to domains, you aren't competing with things like yield farming or crypto kitties for block space. If fees are high, it's because a lot of people are buying names.

Skynet is different from IPFS in that everything is hosted by paid servers, and it uses direct routing instead of a DHT, so you get a lot better latency. Skynet's IPNS equivalent (called SkyDB) is also a lot faster, p999 on the order of 200ms to update something.

The other nice thing about Skynet is it's all http accessible. Anyone can run their own Skynet portal, and that portal by default serves over http. You can grab any content from any Skynet portal, and there's even an upgrade in development that will automatically find alternate portals for you if requests fail.


You might be dealing with outdated price information. I just picked a random available 6 letter domain "prider.eth" and it costs ~$5 a year with a ~$12 fee. That means you can register an "unstoppable" domain for a decade for ~$62 at this moment. $12 seems like a pretty reasonable fee for such a service.

Secondly, you need specialized software for HTTP, it's called a web browser. There are browsers that have (or will) have native eth/ipfs support. I think Brave already does out of the box. People will download whatever app their friends are using, even if they have no idea what's going on underneath.

The HTTP gateways for all this stuff are only so "legacy" tech can communicate to that world. It's a bridge, not a destination.


> And while it can still be accessed over HTTP, the bottlenecks become the same companies that might comply with censorship requests.

This is something that bothers me about the state of dapps right now. The way many of them connect to the blockchain is via Infura (a centralized service); even Metamask uses Infura to connect to the blockchain. There’s this abstraction that you trust, that you’re working with something totally decentralized, but right now the technical constraints necessitate single points of failure or censorship.

Of course, the data is still there in the blockchain, decentralized over many nodes, but the way we access that information seems very, very brittle.


This is very true. Like I said in another comment, the HTTP gateways are bridges, not destinations. It'll only take one or two bridge collapses before people wise up and move to sturdier ground.


This is true; but there are multiple entry points to that data (The Graph, Infura, etherscan, etc) and just because one fails does not mean the entire ecosystem will collapse (ie: you can easily create a new indexer and switch HTTP provider from Infura to NewInfuraReplacement), or even run your own node for your company.


You can access https version of an ENS website without plugins by using a `link` suffix:

https://pawelurbanek.eth.link/


>And while it can still be accessed over HTTP, the bottlenecks become the same companies that might comply with censorship requests.

As the OP said, you're just back to relying on a centralized service


Kind of. eth.link breaks the chicken and egg problem. Early adopters can stand up visible pages this way and provide signal to browsers for future inclusion by default.


Resources on the page at that URL still load from your .com domain - will Cloudflare serve those too?


Looks like I've left some absolute paths by mistake. They should also be served by IPFS.


Let’s say the entire internet switches over to this. Does it keep up in performance, does it slow down as use becomes ubiquitous - or does it become faster?


More people is actually an asset to protocols like IPFS because everyone who downloads the data also serves it to others, so actually the more popular something is, the easier it is to get.

Likewise with ENS, all the data is stored locally on your local copy of the chain, so it doesn't matter how many users are making queries because each one is only querying their own node.

Also users are serving files to each other in an offline-first ecosystem. From that perspective it could be faster and more reliable as well.


From the article,

> In addition to the cost of the domain ($5/year), you have to pay the gas fees.

Who does the $5/year go to? What incurs gas fees? Registration & updates? Updates are mentioned below:

> One downside is that each data update costs money, ~$1.5 at the time of writing.

Are initial gas fees higher?


Well I guess it depends on the current price of gas. I was playing around with ENS on Ropsten and I estimated it takes about 1/2 a million gas to buy an ENS domain. At current gas prices that's ~$30USD, but this time last year it would have been around $5. With the per year cost of the domain being $5 on ENS and About $12 on most of the registrars I looked at, it would have been better to go the ENS route (setting aside the gas cost of regularly updating the site, which I guess could also be avoided using IPNS, though it wasn't mentioned in the blog post so I am not sure about this).


One big issue here is scalability. If enough people start using ENS that gas price will go up significantly. Ethereum is fundamentally not scalable.


Not at present; sharding (part of Eth2) will change this scalability dramatically though.


A possible counter argument at least to the plugin problem is that having the people who don't even know what HTTP is joining the internet was part of what led to the censorship problem in the first place.


>which all but rules out most non-technical people who don't even know what HTTP is

This is why they call it web3. web1 had the same initial problems. Use Brave.


Nice post.

For permanent storage you should check out https://www.arweave.org/ rather than IPFS + centralised pinning services like Pinata. With Arweave you pay a small upfront fee to have the network store your file forever.

It's the promise of IPFS+Filecoin but actually live and being used (eg by the Internet Archive). There's some decent tooling & docs for it too: https://github.com/ArweaveTeam/arweave-deploy

Edit: Filecoin is also live and being used, I was out of date. https://docs.filecoin.io/store/


Looks like you may be able to use IPFS addresses with data stored in Arweave so that Arweave becomes effectively one of the several redundant hosts you might use with IPFS, if I understand it right.

"This Arweave+IPFS bridge allows you to have truly permanent backing of your data using Arweave, while also making it available in IPFS." [1]

[1] https://arweave.medium.com/arweave-ipfs-persistence-for-the-...


Forgot about this. Thanks!


Filecoin is live and being used, could you clarify what you mean? See eg Textile, Fleek, etc. It is currently storing ~20 PiB across ~1 million storage deals, according to https://storage.filecoin.io.


I read the Filecoin docs and it completely fails to explain the economic incentive. Can someone fill me in? Miners receive Filecoins as reward for storing people's data, who pay Filecoin to access their files. So... the only use for Filecoin is to gain storage access? Why would a miner, who by definition has storage, want a currency that can only buy more storage? Is there something else one can buy with Filecoin? According to Coinbase, Filecoins are "worth $50", meaning they can be traded for dollars?


People who want storage but don't have it must first buy Filecoin, which creates a market to exchange Filecoin to and from other (crypto or not) currencies. Miners sell their Filecoin on that market.


they can just sell it? What's the problem there?


Thanks, I didn't know. I've updated my original comment


> With Arweave you pay a small upfront fee to have the network store your file forever.

How are the economics of this sustainable? "Forever" hosting for a small upfront fee seems like it must be a lie.

Can you only upload small files, so you end up paying 1000x+ S3 prices, with the hope that Moore's law outpaces cost of keeping the file online?

Are reads monetized, so unpopular files will inevitably lose the forever guarantee?


Seems like distributed file systems have a 'choice triangle': permanent, cheap or "doesn't allow hosting child porn" - choose one.


the fee pays into an endowment. the endowment is only paid out to miners if the block reward in USD terms is too low to justify storing the full weave.


So, if block reward value grows more slowly than the stored data, the endowment gets drained and when it hits zero the system implodes?

Seems like an obfuscation of the economic problem that doesn't solve it.


the size of the fee is a function of 1) the amount of data you wish to store and 2) the estimated cost of storing the weave between the current time and the end of the storage period ("forever" is actually assumed to be about 200 years for these purposes).

If you were to store 100 TB on the weave tomorrow (the weave is currently 10TB), the block reward would remain the same, but the endowment payout would trigger much sooner.

The endowment fees are sized with the assumption that the endowment will have to pay out immediately and until the end of the 200 year period.


Ah, that makes sense. I think their 'sales pitch' would be more compelling to more technical users (which I assume is the main initial demographic) if the 'forever's had asterisks and the 200+ year assumption was prominently displayed on landing page.

That shifts my expectations from "economically infeasible lie" to "small fee may not be so small, but feasible with proper stewardship and valuable for certain use cases."

In the crypto/DeFi space, superlative marketing copy is more likely to be interpreted as 'potential scam' than other domains IMO.


Amazing, thanks I'll check it out!


Nice post, thanks for making it :)

I'm always curious, though - there are some things that we want to censor for good reasons. The usual poster child (sorry) for this is kiddie porn. But there's other stuff - revenge porn, libel, etc that we as a society might want to censor. How do we do this on infrastructure like IPFS?


There's the unfortunate reality where if you make one thing censorable, you make the entire thing censorable ; there's no notion of only letting the 'good stuff' through.


I think there needs to be. Because the consequences of keeping the bad stuff accessible are worse than the consequences of censoring the good stuff.


Conceptually, though, how would it work, and who becomes the arbiter of what's good and what's bad, and what can be shared and what cannot ?

In no way shape or form am I defending the nasty stuff or saying that it should be allowed, but when defending privacy and liberty, there's a real question about how we deal with hidden lawlessness that uses the same tools people use for legitimate purposes, or, more importantly, how people use these tools in a way that a government views as illegitimate or a thought crime but are in the defense of liberty.

I think there's a notion of policing that comes out of this discussion that is not part of the technology but rather a complement to it. I don't know what shape that would take.


Well, that's where we have laws, and elections, and all that stuff.

We similarly have a complete ban on violence, except for the state which has a monopoly on it. This does get abused sometimes, the system isn't perfect. But it's better than allowing anyone to use violence whenever they want to resolve disputes.

I agree that there's a discussion that we technologists need to have about policing and censorship, which we're currently not having.


Such complement cannot really exist. If it will exist and actually be effective, the technology as a whole would be pointless.

An analogy can be made to WhatsApp. It's known to be used to coordinate terrorist attacks in Europe yet not a single government intelligence agency has managed to legislate Facebook into opening a back door. Because a backdoor makes encryption quite pointless.

Similarly, the case with Apple. Whom categorically refuses an unlock ability to authorities, and so far has won.

There's no public outrage. The public seem happy to be protected from the prying eyes of their governments. And I guess the public implicitly accepts that as part of this protection, some very nasty stuff goes around these same platforms.

That's why I believe we should separate content extermination (which is fully impossible) from hiding said content from view. The latter is doable and common.

For example, terrorist videos are almost immediately removed from social media platforms upon detection. This stops it from spreading and its damage and shock effect is contained. However, should you specifically seek out such videos, they can still be found in several places, and you don't even need to go to the darkweb.

Censorship, in the practical sense, should be seen as hiding from view. Not deletion.


From what I’ve seen, you would basically just unpin or force unpin undesirable content. As long as no one requests that content, it will be garbage collected/deleted.


Countries which have more censorship tend to end up being less desirable places to live than places with less censorship, and I dare say that a country with no censorship at all would be better than a country where the government has complete control over all media (even if both of those scenarios would be worse than the average liberal democracy).


I disagree, having lived in countries with pretty severe censorship (e.g. Australia), and countries without (e.g. Cambodia). I think this truism is actually false.


I'm not sure how you are measuring censorship levels, but Freedom House ranks Australia as "Free" with a score of 76, and Cambodia as "Partly Free" with a score of 43, in their latest Internet Freedom Scores:

https://freedomhouse.org/countries/freedom-net/scores


Well, Australia's Federal Police raided the state broadcaster [0] and has a whole bunch of laws against hate speech that get regularly used. While Cambodia really only cares about whether or not you say bad things about the ruling party on Facebook. It depends on what you consider "free speech" I guess.

I think the larger picture here is that censorship really doesn't impact how pleasant a place is to live in. I currently live in Berlin, and there's a whole heap of sensitive history here, but that doesn't really affect you if you just want to live a normal life.

[0] https://www.bbc.com/news/world-australia-48522729


I think it is misleading to cherry-pick an extreme example of the Australian government getting a search warrant to look for copies of leaked defence documents, while ignoring Cambodia's complete crackdown on independent newspapers[0] and radio stations[1].

Even more worrying is Cambodia's recently introduced internet censorship decree, which "requires all internet traffic in Cambodia to be routed through a regulatory body charged with monitoring online activity before it reaches users."[2]

[0] https://freedomhouse.org/article/death-press-freedom-cambodi...

[1] https://www.aljazeera.com/news/2017/9/22/cambodia-switching-...

[2] https://www.hrw.org/news/2021/02/18/cambodia-internet-censor...


Well, this was the radio interview I gave to the ABC when the Post was sold: https://www.abc.net.au/radio/programs/pm/mass-resignations-a...

As I said in that interview, there are a lot of cultural factors at play, and it's not nearly as clear-cut as it has been made out to be.


Really? The bad stuff is already accessible.


> we as a society might want to censor

Before the internet, all of that stuff could be (and was) published using traditional printing presses and distributed like everything else that was printed. We dealt with the outliers then the same way we ought to deal with them now: find and prosecute (or sue, in the case of libel) the people that were responsible for publishing them, not try to outlaw the printing press itself for not having a "no bad stuff" backdoor.

Because, really, if somebody comes up with a truly uncensorable distribution platform, the point of whether or not it can be used to distribute "bad stuff" will become moot: it will be uncensorable by definition, and we'll have to go back to the "old way" of handling the edge cases.


There's no way to if the system is designed specifically to be uncensorable, but maybe you could blackhole routes on the BGP level.


Whoever's hosting it can still be found by law enforcement in the usual ways. Or maybe more idealistically we change society to remove all those taboos about people's bodies.


OK, so someone posts a video of a child being abused. The person is prosecuted, tried, found guilty, and banged up for the rest of their days. What happens to the video?

Because if the answer is "it stays accessible" then this technology is fundamentally broken and we need to stop using it or promoting it immediately.


I tend to agree with your comments here, but note that it's not an easy answer: I don't think this problem only indicts technologies like IPFS, but also E2E encrypted communication services like Signal and WhatsApp. Are those also "fundamentally broken and we need to stop using them and promoting them immediately"? Maybe so, but it seems a heavy lift to me.


Yes, as I've said elsewhere, I think we need to have a discussion about E2E and law enforcement. In order for our legal system to work, we need to have some access to "private" communications.

I do get the need to prevent governments snooping on journalists and protesters. But I think there's also a valid need for access to evidence for our justice system to function properly. If we can't convict people without evidence (rightly), and we can't force people to incriminate themselves (rightly), then we must be able to access evidence somehow.


Reading this in Hong Kong with arrest and in jail without bail likely for years and then a law … and news agency employed 1000 people shut down just without any proper legal process just said so … sorry but it is hard to read about the justice system.

Anyway, the child issue is also a problem vs sanction. Anyone hosting the data in a normal judicial system want will it be ?


My sympathies for your situation. I think the conversation about E2E needs to include journalists and protesters (as I mentioned above), I'm not minimising that aspect of it. And this conversation is wider than just E2E, too: Julian Assange is also sitting in jail without bail and without any proper legal process, and all his technological know-how didn't save him.

In the normal hosting business, content like this is taken down by the hosting provider. For IPFS, a key question has to be "who gets to decide when content should be removed, and how does that happen?". If that person isn't a government because no-one trusts the government, that's fine. But someone needs to be able to make that decision and act on it. Then the usual legal channels can be followed for taking content down if necessary.


The justice system functioned decently well before the time when ubiquitous surveillance was possible.


This isn't a totally hypothetical question, unfortunately: https://www.theguardian.com/technology/2018/mar/20/child-abu...


Images of child abuse are not a "taboo about people's bodies".

Wow.


Taboos about people's bodies and the right to not have pictures of yourself posted to the Internet are fairly orthogonal.


I would rather be interested in a database system over IPFS or similar where you can update data, with both public and private encrypted data. Freenet is good, but it's not a database system, and it's pretty complex.

Bitmessage is also pretty awesome already...


Have thought the same thing but have not seen access control implemented well[0] so been working on just such a thing[1]

[0]https://github.com/textileio/go-threads/issues/295

[1]https://github.com/collabswarm/collabswarm


Check out Ceramic



This would be in line with my question about an ipfs commenting capability. I guess a database on ipfs could support commenting and dynamic data over ipfs.


But maybe there is a hybrid here. Like perhaps you use a regular database in a fully encrypted manner where ipfs holds the encryption keys. So your ipfs website relies on a centralized database where the data stored is totally encrypted and protected from censorship…

But I guess as long as that data is centralized it could be censored.


A decentralized database would be versioned, a little like GIT.

In essence, only valid queries would be transmitted and replicated across peers.

It would not be a single ledger, it would be a collection of ledgers. Data that is often queried would have higher short term redundancy, that would face over time. Any data submitted would be have at least 10 or 25 copies across all clients, and data would be found through a DHT.

I guess public data would be encouraged since visible by everyone, but private encrypted data be limited. Trust and data moderation are also problems.


Anyone know of any commenting systems that work on IPFS? In theory how would this work? Could there be some distributed application that stores individual comments on ipfs and serves as some type of routing mechanism or lambda function to aggregate comments into a master thread which can be continuously updated as a static files stored on ipfs?


One of the building blocks for such a system might be something like:

https://webmention.io/


WebMention requires a server, so it would have all the same problems as other approaches.

The fundamental problem is that when a page is created, we don't know what address the comments will get (since it will be based on their content).

We can easily look backwards, from a comment to all of the previous thread, e.g.:

    Page <- 1stComment <- 2ndCommentB <- 3rdComment <- ...
The problem is those arrows only point one way; we need to know a name/URL for a comment, rather than the page. To solve this we need a mutable reference, like DNS, IPNS, some third-party service, etc. If we have that, there are lots of things we could use to accumulate and render comments (like WebMention).


Say the page is “Hello world!” (CID: `QmXgBq2xJKMqVo8jZdziyudNmnbiwjbpAycy5RbfDBoJRM`), then the comments can “point to” this CID `QmXgB…` and so on. The problem to me is not necessarily the direction of the graph but the existence of this graph at all. IPFS seems to have no method of creating “references” to other hashes, but if it did then I can see comments working unless I’m missing something.


Yes that's exactly the problem: comments can include a reference to the page (via its URL); they can also reference any comments they're replying too (via their URL). Those URLs are the 'arrows' that I drew.

> IPFS seems to have no method of creating “references” to other hashes

Such references would be arrows pointing the other way.


The most censorship resistent blog is one that doesn't use any resources owned by a third party. Unless you're rich that generally means hosting from your home computer.

It's simple, It's effective (for most non "web scale"/commercial use cases), and it's legally safe.


ISPs typically block 80 and 443 and have clauses in the service contracts that put some nasty language around self-hosting.


> hosting from your home computer. ...until your home gets raided?


I did something similar using https://fleek.co/ using a nuxtjs template I edited in my GitHub repository: https://github.com/klaudioz/klaudioz.eth

It was very easy to set. No code. My site is: https://klaudioz.eth.link/

Also i bought the eth domain when the gas was a very low price.


"permanently censorship resistant"

"requires cloudflare"


only requires cloudflare if your node goes down. Also, you can use the coin to incentivize others to host your info.


We need an open standard for blogs, like email or news servers. Everyone publishes on their own server of choice and it gets fully replicated through API from server to server -- who ever subscribe to whom.

Banned from a server? Post on another one or your own server from where subscribers will pull your posts. Digital signatures for validation.

Publishing the specs will suffice. As developers can come up with various implementations based on it.


That sounds a lot like ActivityPub and the Fediverse.


The reality is that we aren't very close to a world where everyone runs their own servers. Maybe we'll get there some day, but that feels at least a decade away.

We built an alternative platform called Skynet, which allows anyone to host decentralized webapps like blogs, or even more advanced things like chess tournaments. There's a design pattern called a DAC that makes it easy for multiple frontends to use the same data, without anyone needing to learn a data spec.


Sounds like Secure Scuttlebutt http://scuttlebot.io


Email has a spam issue. Lots of junk. Lots of false positives for spam.


You subscribe to servers or users that you like to follow. Similar to Twitter/FB. Unsubscribe those that you don't like or are spammy.


It would be much better to store the blog content directly on the blockchain. This is very expensive to do on Ethereum, but should hopefully get cheaper over time.

Is IPFS really resistant to censorship? It seems like any state-based actor could easily block access to IPFS nodes if they were serving a specific CID.


I could be incorrect, but my understanding is that the DHT used to route through IPFS is not robust to attack. A bunch of nodes could join the DHT and start maliciously routing data in circles, and that would be a very low cost way to significantly disrupt data availability and uptime on IPFS.

A few papers exist that describe byzantine fault tolerant DHTs, but they make assumptions about the percentage of evil nodes, which requires some method of authentication / Sybil resistance to be effective. Also the network cost blows up substantially, and DHTs already aren't very fast in terms of loading things like web pages.


It is not censorship proof but it is resistant to censorship.

A state actor would need to block all IPFS hosts as soon as they begin to serve a specific CID. This is a game of whack-a-mole that would be difficult to maintain.


> but should hopefully get cheaper over time.

It will get cheaper to "save" but more expensive to access


You have to renew .eth domains yearly and they are a ripoff... IPFS is about as permanent as a .torrent file imho until proven otherwise. Like if you really wanted to accomplish this in the blockchain, everything's there for you without using some DNS abstraction (use a smart contract address, it won't change or expire) and without using IPFS, you can store on the blockchain. IPFS and ENS aren't necessary, and could be fads.


> On Firefox and Chrome, you can add support for eth domains via a Metamask extension

This has never worked for me

Is there supposed to be some advanced setting not on by default in Metamask that allows .eth domains to resolve?


Sorry, I might have mixed up Metamask with https://unstoppabledomains.com/extension


no, metamask works, just needs https://. unstoppable is for some other extensions


Thanks, I've updated the post to reflect that.


you have to add https:// before the .eth domain. otherwise it just googles the address I have found.


that worked, thanks!


Does it work in China? Can a website hosted in ipfs be blocked by them?


People have been adding censorship-resistant data to the Bitcoin blockchain too.

https://internetofbusiness.com/bitcoin-blockchain-contains-i...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: