This repository has been archived by the owner on Dec 27, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 545
Is Dat a "secure" protocol?
Paul Frazee edited this page Jun 19, 2018
·
3 revisions
Dat is a peer-to-peer hypermedia protocol. It provides public-key-addressed file archives which can be synced securely and browsed on-demand. It's described in detail at datprotocol.com.
Dat asserts three security guarantees:
- Content integrity. Dat archives are identified by sha256 hashes or ed25519 keypairs, which are used to verify content integrity.
- Uniform distribution. A "flattened" merkle tree is used to track the change history of mutable archives and reject alterations in the history (a corruption event). This prevents nodes in the network from corrupting an archive's content in order to deliver a targeted payload.
- Per-swarm connection privacy. Archive identifiers are used as encryption keys to entering discovery swarms and reading network traffic, providing connection-level security to users who do not possess the archive's URL.
There's a dissection of the state of passive monitoring in Dat written on the Dat blog. While transport encryption is used, it is dependent on the holders of the content URL, a datum which (in the common case) is widely spread.