Web3 brings the vision of decentralization, can the content ecology also benefit? It is often said that technologies such as IPFS can assist in the storage of content, so that the content will not be "disappeared", but when encountering various large-scale malicious attacks, how can content platforms resist network attacks? This time Matters invited a number of experts from different fields to discuss ideas, examples, and explore the current situation and future of the content ecology.

Matters will regularly hold a Space on Twitter every month to discuss the current important Web3 issues, and invite experts from all walks of life to participate, hoping to connect different experts in the industry to exchange views with each other. If you miss the live broadcast by accident, you can also review it through the record of Twitter Space. We will also organize the written record and put it in Matt City, so that everyone can easily review it and become a resource for Web3 to learn together.

The following is a transcript of the Twitter Space event " What will the decentralization of Web3 bring to the future content ecosystem: storage and attack resistance ".

What will the decentralization of Web3 bring to the future content ecology: storage and anti-attack

Date: August 26 (Friday)

Time: 21:30 - 22:30 (East Eighth District)

Guest introduction:

Guo: Head of Matters Technology

Zhixiong Pan: Co-founder of ChainFeeds, his main research interests include public chains and IPFS.

Pellaeon: Network security researcher, focusing on privacy and security of mobile applications.

Jeremy: Deflect team leader, dedicated to protecting human rights-related independent media and news organizations from DDos attacks.

Host:

Ali: Matters content operation

Voice recap: https://twitter.com/matterslab/status/1563155720702271489?s=21&t=k7429yhyFp6YHxzn7m8V_Q

Q: First of all, please introduce the general situation of the DDos attack at that time.

Guo:

• In about two weeks from the end of July to the beginning of August, the team observed traffic equal to about 10,000 times, with 2 million to 4 million requests per second, which is already a relatively large DDos attack for the content platform ( More information can be found in Guo's previous analysis in his article ).
• There is no obvious source of IP addresses for this attack, so it cannot be countered by blocking users in a certain region.
• Matters also suffered a DDos attack two years ago, but the traffic at that time was only one-tenth of the current traffic, so our infrastructure was actually not ready for this attack.
• In the end, although no user information or assets were lost, the website was inaccessible for five or six hours, and the website remained in an unstable state for two or three days after that.
• Some reflections: Matters lab is actually a bridge between Web2 and Web3. We can allow users to use some Web3 services, such as digital assets and distributed storage, and we also provide services with some basic Web2 technologies. When attacked, our Web3 service was not affected. It seems that the content of Web3 is more resilient. Because it has many holes, there are many ways to reach it.

Q: What do other speakers think of this attack?

Pan:

• In fact, Ethereum also encountered this problem in the early years. At present, in terms of the number of nodes of Bitcoin, Ethereum, and IPFS, the difficulty and cost of attacking nodes of this order of magnitude on a global scale are staggering.
• This situation may be different for POS because it is not completely random. Although there will be some randomness at the beginning, because it produces blocks in a certain order, the attacker can still master these rules to carry out fixed-point attacks.
• For IPFS , I think the weakest is probably the public gateway . Because the current number of gateways is actually a single digit, if DDos attacks these large nodes, it will greatly increase the difficulty for ordinary users to access the network. Although the number of IPFS nodes is in units of thousands to hundreds of thousands, the public gateway is still very small, so it is a possible attack point.

Guo:

• This kind of attack is indeed possible at present, but it is different from the traditional Web2 DDos attack, that is, the user has the possibility of taking this right back. Although the current infrastructure level is not up to the level, if users can run an ethereum node or IPFS node anytime, anywhere, they can basically not be affected by this.
• This trend can be observed from this tornado cash incident. At present, many node providers in the United States are instructed by the US government to block the address of the smart contract of tornado cash. Then this is not a DDos attack, but another form of censorship. Tornado cash provides an interface on the UI that allows you to switch the address of the node provider behind it, and even serve the address of the public gate that is responsible for IPFS. I think this will empower users and increase user control in a short period of time. should be more common in the short term. Because it is no longer dependent on a center, the possibility of such a center being attacked becomes smaller.

Pan:

• Yes, in fact, the core is to reduce the cost of users accessing the P2P network. IPFS is already doing this. Because after you connect to the P2P network, you may connect dozens or hundreds of nodes, and the possibility of them all going down is extremely low, and as long as you can connect to one or two of them, you can restart Connecting to this network makes it more likely to defend against this type of attack.

Jeremy:

• Both of you mentioned the gateway issue just now. I think this actually points to a very troublesome problem: the concept of IPFS is very good, but in the end, everyone still has to rely on a very centralized and very large organization like Cloudflare . Complete the function of gateway. For example, the website of the Digital Development Department that Tang Feng made this time, he seems to be on Cloudflare in the end.

Q (question from Pellaeon):

I would like to ask friends who are more familiar with IPFS, that is, if I want to attack IPFS itself, do I need to get all the hosts of this account ID through DHT, and then attack all the hosts, so that no one on this pin can respond. , then can I successfully DDos on IPFS?

Guo:

• Theoretically it is possible. However, because the scope involved is relatively wide, and if all these IPs are not blocked, other nodes may continue to catch new content, so this goal is constantly expanding. This is a dynamic, constant The update process makes the attack very difficult.
• Also responding to Jeremy's observations, I have similar thoughts myself. I think that Web3 is now a new technology, and it also brings many new changes, but it will not necessarily replace many old technologies, and it may not be able to solve many problems of old technologies. on top of existing technology. And then the changes it brings may take us slowly to appreciate.
• An example git and github. At the beginning, when git was born, there was also a concept of decentralization. I hope that users can rely on a certain server, but in the end, it is github that allows git to be promoted on a large scale. It is a completely centralized and Microsoft is behind it. A company that has historically not supported open source. But looking back, the changes brought by github actually allow everyone to migrate their content and information faster. So I'm thinking Web3 will go down a similar path.

Pellaeon:

• But the reason why users also become a content producer when they download, makes us think that users will follow a benign community regulation, but attackers generally do not upload, they only download. This problem Bittorrent encountered a long time ago, but at present I feel that IPFS still has no way to solve this problem.

Guo:

• Yes, IPFS has no way to solve this problem in principle. This kind of thing can be called the "blood-sucking bug problem", and a common way is to have a shared blacklist in different communities. I guess that if there are more blood-sucking bugs or DDos problems in the future, IPFS should have a more dynamic blacklist, but the "blacklist" itself is centralized.

Pan:

• Although the principles of Bittorrent and IPFS are similar, the user scenarios designed are quite different. Bittorrent is used to spread relatively large files, so the blood-sucking bug problem will have a very big impact on this network. But IPFS is essentially used to spread the relatively small resource files we can see now, so even if there are 10% blood-sucking worms in the network, the impact on the network will not be great, because the two networks are designed for the purpose Not quite the same.

Guo:

• Yes, in fact, the availability of the network, or the extent to which a well-behaved user in the network will lose their own interests, actually depends on the proportion of blood-sucking worms, and then this really depends on the biggest design scenario of this protocol. And the proportion of users who have grown up in the ecosystem. Like before, Bittorrent is basically used as a client of Bit, but the user scenario of IPFS is that it is brought to many clients, such as brave browser . In this case, there is a project behind it, and it only uses IP as one of its infrastructures, so most of the projects still follow the rules. Therefore, the proportion of blood-sucking worms in IPFS will become relatively low in this ecology.

Jeremy:

• Back to content delivery and censorship, our company has actually done a lot of work in this area. Because many of our customers are in Russia and Ukraine, the first problem they encounter is DDos attack. For example, some users in Ukraine may be easily attacked by DDos after publishing some news.
• Another problem is disconnection due to war or government action. Different totalitarian countries have different practices. For example, some countries limit the speed, while others directly interrupt it. Although their news is protected on web3, the disconnection has also hit them hard.
• Our company has a product called Ceno browser , which uses traditional BT technology. Its logic is that the browser of your mobile APP is a firefox that has been modified by us and added with plug-ins, then it will become a BT client, so it will not be shared when you browse any website, which is equivalent to any People's mobile phones will become a node. It is equivalent to using a technology similar to IPFS, but it spreads node to everyone's mobile phones. So in theory, even if the Ukrainian network is cut off today, everyone can still have this copy in a short time.

Q (from Jeremy):

So I will be quite curious about your solution to the IPFS technology for the disconnection problem I just mentioned. Because my current experience is that BT technology is actually enough to fight censorship.

Pan:

• The better point of IPFS than BT is that it has made some upgrades on BT's protocol station, which has just been mentioned. In addition, the user scale of BT has declined significantly in the past ten years, while the growth of IPFS is very good. , so I think the number of nodes is also an important factor in evaluating which protocol to choose.

Guo:

• I think a limitation that BT has always had is that its nodes are larger, and although there are several improved versions, the consumption is larger.
• Another limitation is that BT references will be longer.
• Another problem is that the model in it is not too swappable. For example, if I want to change a DHCP protocol, I need to coordinate many nodes to upgrade.
• The last problem is that since BitTorrent was originally designed for static content, it has less support for dynamic content. But in essence the efficiency and potential of the two are actually similar.

Q (from Guo):

I have a question, what step can the Ceno project achieve at present? For example, assuming the worst case scenario is that the network is completely disconnected, then do you use Bluetooth to connect your intranet at that time, or do I still need a main local network?

Jeremy:

• At this stage, Ceno still needs a network, it doesn't have a connection like Bluetooth or Wi-Fi. However, its application scenarios have always been developed with the model of national or regional network disconnection as the threat.
• Then we will encounter sites that are placed in high-risk areas of disconnection, such as Iran and Ukraine. We still hope that more people will use it so that the network will work faster and more densely.

Q (from Guo):

In fact, I have been thinking about a problem all the time. When we think about content dissemination, we will see many advantages of Web3, but the current hot topic is actually capitalization. Realize. Moreover, decentralization itself also has a dissemination mechanism that resists auditing, and after the scope of users is expanded, its ecology will become better, because it is more difficult to be controlled by a center. But from the user's point of view, it is difficult to appreciate its benefits from the beginning, and I imagine that Ceno may face similar problems. It is its advantage that users cannot experience under ordinary circumstances. So we are thinking about what better way to distribute these new technologies and bring more perceivable benefits to everyone?

Jeremy:

Our main positioning for the product is an emergency plan. Because if you don't prepare in advance, it may be too late when you are attacked. So the current strategy of our product is to treat it as an emergency device, to be put in when it is most needed.

Pellaeon:

The problem mentioned by Guo is indeed quite difficult.

• My own observation is that one of the advantages of Bittorrent compared to IPFS currently is that it allows partial centralization . Using trackers to achieve partial centralization allows you to exchange to more nodes more quickly, which may be better. content search.
• There is also a protocol called metalink, which is basically a URI protocol, which allows you to import many other URIs of different protocols in one URI. For example, a metalink protocol can embed the hash of a Bittorrent file, and then I can Embed a normal HTTP hyperlink, then I can embed an FTP hyperlink. Then all of these will be returned as the same file, which is more convenient for sharing across protocols.

Pan:

• The first is that users can be separated from those who provide services , users pay some costs, and some incentives are given to those who provide services. Helium is like this at present. Although it may not be successful in the long run, I think this is a direction to design a similar mechanism.
• I am also thinking about what other functions I can provide directly with decentralization. An example I think of is Planet , which allows me to publish a website directly on IPFS without registering a domain name, and this website is publicly available. It is accessible online. To do this so smoothly, it is indeed much lower than the cost of registering a server, registering a domain name, and publishing a website. This may be a very good product.

Guo:

• The example of metalink just made me think of many new protocols that have appeared before, such as storj, swarm (in the ethereum ecosystem), and Secure scuttlebutt. In fact, these technologies have been used, but their core problems and solutions are relatively old , then what is new in such an ecology, even before Planet had similar products.
• So I think this ecological improvement itself is not just technical. Although the speed may have become faster, the user experience has become better, or there are some native payment systems as the blockchain matures, but in fact, many attempts have been made.
• So I think users are changing and times are changing. The demand for Canadian currency may be partly due to the intensification of countries' control over currencies, making it more difficult to transfer funds across borders. As for the smoothness of information, it may be that there are more and more information wars, but it is the change of demand, which allows more developers to find ways to improve the user experience.

Pellaeon:

• One of the reasons why I want to join the discussion today is that most of the new technologies seem to me to be slightly modified from the old things and then launched. So if you want to return to the decentralized structure of the network, whether it is economic or technical, you should try to integrate the efforts of different people. Because most of the technologies that were introduced years ago have their own advantages, someone should integrate these technologies.
• For those of us who promote the decentralization of the web, we should not treat users as purely accepting individuals. Users should be educated, we need to let users know what a healthy Internet is and what kind of structure a healthy Internet should have. If we don't introduce this information, users will always pursue the fastest, cheapest, and most connected services. But these characteristics are not inherently advantages of decentralized technology compared to centralized technology.
• It is to let everyone understand that when using the Internet, just as a citizen of a country has a responsibility to understand public issues, a user also has a responsibility to understand this knowledge. This network can only be maintained in a healthy state by people's concern.
• Because people's group interaction itself requires trust, although many decentralized platforms say "no trust", it actually goes against human nature a bit. Because what people achieve in society, such as technological achievements, depends on the trust between people. Looking at our existing social system, we will find that the centralized system is actually a more intuitive choice for people, so it is more necessary to persuade customers.

Guo:

• I think the "communication" I just mentioned is itself a process of forming a consensus. Both Bitcoin and human-to-human traffic require consensus. When we want a decentralized network, everyone's rights and responsibilities are shared with each other, so there must be a consensus. This consensus is not only at the mechanism level, for example: we all think that blood-sucking bugs are bad, and we need to fight it together; it also includes why we need a decentralized architecture, or the meaning of decentralization what is. This consensus itself is not only a means to maintain network security, but also the purpose of establishing a social organization.
• And then back to the integration of these efforts mentioned earlier, which is actually a consensus-building process. Not only at the technical level, we also need to see the reference significance of some studies in other fields for decentralized community governance , such as the study and design of democratic systems in political science. Through four-yearly elections, a new center is elected, although the center still exists, but the system is designed to make it more fungible or more easily scrutinized.
• For example, bitcoin check will not become a centralized problem in Bitcoin, because bitchecker is easy to be replaced, so it is difficult to do evil, and similar situations can also be observed in github and gitlab. So I think it is possible to learn from other fields how to coordinate the power and responsibility relationship between individuals and centralized existence.

Pan:

• I agree, and I think it's an ongoing process that we find a narrative and promote it as a social movement.

Jeremy:

• I think it is easy for developers to treat users as just a receiver, but in fact we need to get out of this way of thinking and give users a kind of initiative, including their choice of technology, whether they focus on their privacy or speed, this preference It should become more and more obvious. At this time, if you add an extreme, or give a hodgepodge, it may not be a good choice, and everyone will "vote with their feet".
• Regarding trust, it is true that the current system of social subjects is based on trust, so if you choose "no trust" simply for "anti-fraud", I will feel that the cart before the horse is put the cart before the horse. In fact, as long as it is based on trust between people, as long as the drawback is not too unacceptable, then we can gradually improve on this basis, rather than presupposing that everyone will take advantage of the loophole from the beginning.

Audience questions:

Q: At that time, Bittorrent was used to download data, and Filecoin as the incentive layer of IPFS seemed to be developing poorly. Would you like to know the views of each speaker on the incentive mechanism of Filecoin IPFS?

Pan:

As the incentive layer of IPFS, first of all, because it has just started, I think there may not be many demanders in the network, and they are mainly miners. I think it will take some time to come to a conclusion. Whether Filecoin is the best solution from an IPFS perspective is hard to say. Because Filecoin is a technical consensus, in fact, there is also a social consensus in IPFS, such as whether files that are in greater demand should also be stored longer, which also has room for discussion. And I think IPFS should also evolve more and more interesting incentive layers.

Guo:

I think there is a paradox that, from the perspective of IPFS, from the most reliable point of view, it is best for everyone to store their own data, and then form a social consensus, that is, what kind of communication content everyone needs , and put this logic into the product, so that the network does not need this incentive layer. Or rather, incentives had become a backup plan. When it comes to the incentive layer, Filecoin is not the most available incentive layer, such as cross network, which is less expensive than Filecoin technology, but I believe that in the future, if the scale of IPFS expands, there will be more similar projects. But in fact, the ideal situation is that there is no need for an incentive layer, so that the user's behavior can naturally back up the network.

[Introduction to Background Information]: Recommendations for some related articles

About the ins and outs of Matters being attacked by this DDos:

Thoughts on DDoS and Decentralization by @刘国| Guo Liu

"Matters.News suffered a large-scale DDoS attack last night. Although Matters.News has encountered several DDoS attacks in history, this one has the longest time and the largest traffic, lasting 9 hours before and after, with a peak of 50 million every five minutes. requests.

The success of this attack also lies in its decentralization. The IPs that initiate the request are evenly distributed all over the world, which makes it impossible for us to block the attacker's traffic by geographical location. In the end, we can only distinguish real users and robots through CAPTCHA indiscriminately, so that users can access it normally. "

What is a DDos attack? Will my personal information be leaked? What are the characteristics of this type of attack?

Interstellar file system: how to deal with the war of attrition of network attacks with Web3? by @徐明恩

"The government website is a bit like a busy phone line these days. Many people call from abroad to the dedicated line, but they cannot dial in. This is technically called a massive denial of service attack (DDoS). But in fact, the phone line is not broken. The government data has not been leaked. If people don't take it seriously, it will not disturb people's hearts. If it is regarded as a ridiculous thing that will make people sleep well, the attack will have the effect of psychological warfare. normalize."

Advantages of the Web 3 platform when dealing with this type of attack:

What is a resilient content ecosystem? Quick Comment Matters suffered DDOS attack by @bean paste

"The target of a hacker (or cyber army) DDoS cannot be a distributed storage node, which is too expensive, so it can only attack the front-end service of Matters. In this situation, users don't have to worry about their articles disappearing, as long as you have Store your fingerprints, you can go back to IPFS to find your articles at any time; and recently Matters integrated the ISCN service of LikeCoin, in theory, we can easily search for articles.”