-
Notifications
You must be signed in to change notification settings - Fork 324
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Is 32bit murmur3 safe to use in IPFS-based URL Shortener? #305
Comments
I don't know man, I feel like this really shouldn't live in the /ipfs namespace, since it removes the most important property of things within /ipfs: being able to cryptographically verify the contents.
Wow, I hadn't noticed -- this is not good, for the reason above. We shouldn't allow non-cryptographic hashes in /ipfs or /ipns. |
Yeah.. a lot of things here smell weird. Been using "URL Shortener" a bit today and I am worried about the confusion between option to "get short url" and "upload to IPFS". In both cases user ends up with IPFS path, one is "native", one might redirect to "non-distributed internet". I'll sleep on it, but I think this should be removed from browser extension. |
@lidel please don't publish this feature, insecure hashes will be blocked in future breaking this completely. |
As noted in #305 this introduces confusing UX and additionally short hashes produced by murmur3 are non-cryptographic and support for it in CIDs will be removed / blocked in near future
The experiment is already removed 👌 Glad it at least helped to surface problems with murmur3. I am closing this issue. Blocking murmur3 in |
I've just released
2.0.15beta4with a small experiment: URL Shortener.It is located under right-click context-menu.
When executed against a page or an image, it creates a small static HTML page that when opened, redirects user to original, long URL. The redirect page is published to IPFS and a shareable public URL is copied to user's clipboard.
Would appreciate some feedback.
Default CIDs are bit long, so this experiment uses a non-cryptographic hash function suitable for general hash-based lookup:
murmur3
(32bit version is supported bygo-ipfs
thanks to @tabrath).Examples:
Question:
murmur3
for URL Shortener?The text was updated successfully, but these errors were encountered: