js-libp2p Remove private key from peer id

Remove private key from peer id

Open wemeetagain opened this issue 1 year ago • 1 comments

in libp2p 1.0, the peer id encapsulates a type, multihash, public key, and a private key.

export interface PeerId {
  type: PeerIdType
  multihash: MultihashDigest
  privateKey?: Uint8Array
  publicKey?: Uint8Array
  ...
}

While conceptually, the peer id is highly related and mostly synonymous with "public key", the same cannot be said for "private key".

With codepaths used 99% of the time, peer ids should never contain a private key. There is only a single peer id that contains a private key, and that is a node's own peer id.

That said, my opinion is that it's a mistake to combine the private key in the peer id. Rather, access to a node's own private key should be exposed explicitly (as is already being done in #2303).

2.0 release is an opportunity to remove the private key from peer id.

Aug 12 '24 14:08 wemeetagain

Possibly also related https://github.com/libp2p/js-libp2p/issues/680

Aug 12 '24 15:08 wemeetagain

Fixed in #2660

Sep 04 '24 13:09 achingbrain

js-libp2p js-libp2p copied to clipboard

Remove private key from peer id

js-libp2p
js-libp2p copied to clipboard