Photo of Nikita Gillmann

Guix and GNUnet FS - a public draft

April 21, 2017

This article is a public draft, expect it to change. At this point it mostly originates from chats with some minor edits. If you read this, keep in mind: The pieces of information contained in here do not reflect the current ideas and research I keep offline.

At secushare we already collected some notes about certain aspects of GNUnet and why we picked it over other existing networks and technologies. As it has been an topic since the start of Guix (search archives of guix-devel for 'binary distribution through gnunet'), a couple of people have been working on this, but if I remember correctly no one has mentioned in detail why we should use GNUnet FS and not ipfs, torrents, and the like.

On our page titled anonymity we explain why it is of fundamental importance that we use one single technology for anonymization of all use cases and not several technologies like ipfs, freenet, tor, and others side by side. Compared to freenet, GNUnet FS has extensive censorship resistance and sibyl attack protection.

IPFS does not gossip (proactively disseminate some information that may be useful later), so if nobody cares for what you publish it will disappear. It (IPFS) depends on getting attention for your content (attention economy), which can be bad if for example a whistleblower publishes information but needs to disconnect before announcing it to the public.

It is foundational for GNUnet to make padding actually useful, whereas in some of tor’s bridge protocols it is just thrown away bandwidth.

IPFS has the advantage of being fast and simple, but it can never be anonymous, not even when you combine it with tor.

Freenet is working alright, but is has the disadvantage of not being very good for real-time applications and that the attacks descibed in the paper of Christian Grothoff aren’t fixed yet as far as I know at this point.

So, GNUnet would be good in this case (distributing binary substitutes for Guix), to not just serve one technology.

So far we don’t know of any flaws in the architectural design of GNUnet which would leave it open to attacks on that level.

In addition to the pure (binary substitutes) distribution purpose, I want to go beyond just publishing binaries. More on that (much) later.

To be edited and continued…

Version 2, 2017-12-16: Moved source from Commonmark to SXML. Fixed small errors. Version 2.1, 2019-06-28: Back to markdown for now