Monitoring Data Requests in Decentralized Data Storage Systems: A Case Study of IPFS

Decentralized data storage systems like the Interplanetary Filesystem (IPFS) are becoming increasingly popular, e. g., as a data layer in blockchain applications and for sharing content in a censorship-resistant manner. In IPFS, data is hosted by an open set of peers, requests to which are broadcast to all directly connected peers and routed via a distributed hash table (DHT). In this paper, we showcase how the monitoring of said data requests allows for profound insights about the IPFS network while simultaneously breaching individual users' privacy. To this end, we present a passive monitoring methodology that enables us to collect data requests of a significant and upscalable portion of the total IPFS node population. Using a measurement setup implementing our approach and data collected over a period of fifteen months, we demonstrate the estimation of, among other things: the size of the IPFS network, activity levels and structure, and content popularity distributions. We furthermore present how our methodology can be abused for attacks on users' privacy. As a demonstration, we identify and successfully surveil public IPFS/HTTP gateways, thereby also uncovering their (normally hidden) node identifiers. We find that the number of requests by public gateways is substantial, suggesting substantial usage of these gateways. We give a detailed analysis of the mechanics and reasons behind implied privacy threats and discuss possible countermeasures.