On Tue, Aug 13, 2024, at 12:23 PM, Sergio Pastor Pérez wrote: > Wouldn't it be enough to have a few independent seeders that have the > same derivation output? We could have a field in the p2p service type > which allows the user to configure a "level of trust", where the user > specifies the minimum number of seeders with the same output for the > daemon to accept the substitute.
This might be enough if you could do it, but the trouble is identifying "independent" seeders. If you get the same output from five different seeders, that could be five different people... or I could have set up five different nodes participating in the swarm serving my malicious substitutes. (This is known as a Sibyl attack.) But maybe taking inspiration from this... perhaps you could do something more akin to some of the web-of-trust features of e.g. PGP. In other words, you might have the ability to partially trust a server's substitutes such that you'll only use a substitute if N other partially trusted servers (or at least one fully trusted server) serve up the same content. This would still not let you have a totally permissionless set of P2P substitutes, but it would allow the community to build a list of individuals who are at least trusted not to collude with one another, if not fully trusted. Though there's a detail that might need addressing for this to work... you would want this to be an indication that multiple individuals were able to reproducibly build the same packages bit-for-bit. But my impression is that substitutes served by 'guix publish' are always signed with the substitute server's signing key, regardless of where they were built. That does mean that if 4 people were to pull substitutes of a package from one other person, those 5 people would end up serving substitutes originating from one person. You may want a way for someone running a substitute server to additionally attest that they had individually built the derivation in question.
