sploodged

definitely opens up another surface for attack, could see flooding namespace, sibyl, hijacking consensus mechanism somehow, lots of very bad content would surface too which some of the current "curators" try to dampen. Consensus mechanism would be tricky to get right

non maliciously this is occasionally a problem. different registrars have different rules, some will delete a name after so long the destination is dead, others wont. so registrars will let you register an abandoned name with a new destination, but some wont. But local address books will default to the older destination over the newer one.

i think it was done this way so there could be no one thing declaring google.i2p goes to a destination, locally you decide. wouldn't be a bad idea to incorporate some sort of cert though, a lot of that work would fall to the registrars to agree i'd think, like on expiring names.

i think the idea of using dht for this so it's more like a network consensus thing has come up, but there's reasons not to do this.

behold. LEAF

Here's the scary sounding part that can be counterintuitive. The routers you're communicating with do know your ip, since they have to like you mentioned. Your ip address is also in i2p's DHT as a "router info" which functions as a network addressbook for routers and services so things can be found without needing a centralized lookup service. Again, because for the network to work, routers need to be able to find eachother, or they can't communicate.

But, routers function on a need to know basis. i2p uses separate up and down links for each tunnel, and your side of the tunnel by default has 3 hops. other side usually also has 3 hops. typical unidirectional tunnel looks like this with total of 7 hops:

A-x-x-x=x-x-x-B

None of the chains in the link know what position they're in (except for the endpoints). They also don't know how long the whole tunnel is. The sender and receiver only know their parts of the tunnel. On the dht side, by design no single router has a whole view of the network, but there isn't a whole lot of information you get from that other than knowing that person at stated ip address uses i2p, which your isp would be able to tell for example anyway just like using tor or a vpn. There's no reason to try to obfuscate that except for getting around restrictive countries firewalls.

The way i made sense of it was like you have an envelope that is inside several other envelopes, with each envelope representing a layer of encryption. You get an envelope from kevin, so you know kevin. You open the envelope and see another envelope addressed to george, you give the envelope to him. So you know kevin and george. But the rest is unknown to you. You don't know who the true originator of the envelope is or where the message is ultimately going.

Not a perfect analogy, but because of this the ultimate sender and receiver are blind to each others ip address. It's layered encryption allowing this to happen which is similar to onion routing. Called garlic routing in i2p since there are some tweaks.

https://geti2p.net/en/docs/how/garlic-routing

yeah some of the docs on the official site lean more technical than practical

similar yes but not the same. tor held together by volunteer that run nodes, i2p everyone is a node. tor good for clearnet things, i2p good for in-network things. torrenting in i2p is good for i2p, not tor. torrenting in i2p stays in the i2p network, doesn't go through exit nodes. there's only about 3 of those. it's torrenting as a darknet hidden service.

It's 2024 back that shit up on a dictaphone already

welcome!

nothing has changed, qbittorrent doesn't yet support i2p's dht. snark and bigly bt are the only two that do at the moment.

there are open trackers in i2p that can help with peer discovery so in most cases it's a non-issue but i hope libtorrent supports it soon. I ended up switching to bigly bt in part because of this, it's a beefy client with a lot of options but it's i2p support is solid.

also just known as regular socks if you use i2p

it's generally advisable to not run a vpn in front of i2p. it will run better without one and you introduce another point of failure that can reduce your anonymity in some circumstances.

you can use a vpn for clearnet like normal along with i2p,ideally i2p not through the vpn though. it's a good way to cross-seed stuff into i2p though (you can do this as you're downloading from clearnet peers) and every now and again might find some random i2p seed holdout on a "rare" torrent.