Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
noman-land 5 hours ago

How does one find large DHTs? Is there anything connecting them all?

Realman78 4 hours ago | parent | next [-]

Good question. The 4 initial bootstrap nodes that I provided (in the README) are all connected to each other. If everyone connects to all of them, we are all basically on the same network instead of on "isolated islands"

blamestross 4 hours ago | parent | prev [-]

"Mainline DHT" is the primary one. It backs magnet links and has resisted censorship for over a decade. Largest most robust group of cooperating computers there is.

You can reliably use it to store arbitrary key-value pairs up to 1kb in in size.

https://en.wikipedia.org/wiki/Mainline_DHT

Realman78 4 hours ago | parent [-]

In theory, if only Kiyeovo nodes were handling Kiyeovo records, then yes, they could kind of behave like their own subnetwork. The problem is that in a public DHT, the nodes responsible for storing keys are those closes to that key, we cannot guarantee it would be a Kiyeovo node. So even if Kiyeovo clients all use the same validation rules locally, the actual nodes that get hit with the queries do not. The chances of the network converging to the same, correct answer are much slimmer this way

blamestross 4 hours ago | parent [-]

So DHT robustness against censorship is superlinear of the number of participants.

The "break point" is when a DHT gets big enough I can't realistically MITM all the links with nodes "closer to the target" than existing ones.

This means big networks are great, small ones are cheap to just break. Its hard to skip the messy bootstrapping phase.

I'd encourage protocols to only rely on DHTs for small key-value stores if there isn't a trust mechanism in place to validate new peers.

Otherwise, all I have to do is mine for O(n^2) dht keys that cover the network. Figure out what your key mining difficulty is and you can identify what the cost would be.

Realman78 3 hours ago | parent [-]

You're right in general. The main mitigation here is that Kiyeovo does not trust unsigned DHT data: the important records are signed and validated. That doesn't fully solve censorship nor eclipse attacks, but it does stop record forgery. The remaining risk is mostly availability/partitioning - bootstrap connectivity (topology) matters a lot here