Monitoring Data Requests in Decentralized Data Storage Systems: A Case Study of IPFS

Decentralized data storage systems like the Interplanetary Filesystem (IPFS) are becoming increasingly popular, e. g., as a data layer in blockchain applications and for sharing content in a censorship-resistant manner. In IPFS, data is hosted by an open set of nodes and data requests are broadcast to connected peers in addition to being routed via a distributed hash table (DHT). In this paper, we present a passive monitoring methodology that exploits this design for obtaining data requests from a significant and upscalable portion of nodes. Using an implementation of our approach for the IPFS network and data collected over a period of fifteen months, we demonstrate how our methodology enables profound insights into, among other things: the size of the IPFS network, activity levels and structure, and content popularity distributions. We furthermore present that our methodology can be abused for attacks on users' privacy. For example, we were able to identify and successfully surveil the IPFS nodes corresponding to public IPFS/HTTP gateways.We give a detailed analysis of the mechanics and reasons behind implied privacy threats and discuss possible countermeasures.