When I run a local IPFS node or upload to a pinning service can someone take one of my CIDs and use that to find any other CID that I have uploaded? I understand that if I pin it on my node that people can look up my node and ip address. But can they see the other files I added or do my files blend in with any ohter files that my node chooses to cache? If I go with a pinning service instead, can my uploads be correlated with each other? I want to avoid one image being correlated with another.
I’m not sure if I understand your question but the link may provide an answer
Thanks @Freddy1 , thats a great doc. It still leaves me wondering.
Lets say I have file a and file b and I run a local node. I upload a and b and pin them to the local node. I share the CID of a with the world. I keep b’s CID private or otherwise not related to a. Another node can query the DHT for the CID of a and get info about my node and what else is pinned there? Now people know that a and b came from the same place?
Similarily, when you sign up for Pinata, they assign you a login. If I pin two files with pinata like above, can someone associate a and b?
Sorry, I can’t help. I found the link as I was trying to understand your problem. I guess it could help if you explain why you worry about file association.
lol, asking for a friend.
No really though lets say I work for Facebook and I want to leak a document and I pin it on the same local server I use to pin my homework. Can someone correlate them?
Hmm, I read a little about it. It can be seen as an alternative to an nft on a blockchain for small amounts of data and dropbox for larger files. And anyone can run a node I suppose if that’s what you call it. So it could be the NSA, CIA or FSB, formerly known as KGB, right? And every file should be present on every node, right?
You can’t claim ownership, can you. If it is somewhat similar to a regular filesystem like ntfs, you provide something like a path?
If what I say is true then you can’t be sure unless, perhaps, if you upload these files from different ip addresses. It seems to be an easy task to create a custom version which associates each file with the ip address it comes from. It seems some tor relays have been compromised so that the real ip address can be found. If the files are private in nature, they should be encrypted using 7z or similar.
I need to do more research to understand what pinning n local serers mean.
I posted the same question to reddit and got more activity there but I’m not sure how accurate the responses were. Anyone care to elaborate?
The way I understand this is that these CIDs are not secret in any way, more like filepaths, something that could be published. I suppose there could be sites with these things for that comminity like math papers or something. If so, just because you pinned something doesn’t mean that it necessarily was uploaded by you. It could be something tou found somehow and found worth pinning.
In principle, it is already in the document linked by @Freddy1 above:
CIDs just identify content. They do not contain any indication of where that content was produced or put into the IPFS network.
But it can be queried, where a file is available. If you pin both files and they are only available on few nodes, it can be seen that they are both available from your node. That does not prove anything, but could be a hint.
If you let them be pinned by pinata, pinata surely knows that your account wanted them both pinned. (…, but you could, of course, open several accounts on pinata and pin the files from different accounts.)
1 Like
For my purposes, multiple accounts on pinata may be the best strategy. Thanks!