This sounds awesome! We already have OnionShare using Tor, this could be a great addition since it's using i2p, more networks = more resiliency. I'll do more research and potentially make a PR if adequate.

Ok I have made a PR.

I think this software deserves to be recommended, and at the 2nd position just after OnionShare and before Magic Wormhole.

Indeed, MuWire provides both an easy file sharing application and strong anonymity guarantees since it's using the I2P network. Hence, it is at least on par with OnionShare in terms of privacy and functionality, if not more for the latter since MuWire also includes publication feeds that you can subscribe to and distributed, searchable file discovery as well as a textual chat system. However, MuWire is much younger and less scrutinized than OnionShare, so it cannot be the top recommendation.

Hence, I strongly recommend MuWire to be the 2nd recommendation for File Sharing. However, if PTIO's team prefer a Worth Mentioning, I will adapt the PR accordingly. But for easy anonymous file sharing, there's only OnionShare and now MuWire.

Thank you @lrq3000 , I'm happy to answer any questions, here on the issue or on the PR.

@zlatinb That's great because I indeed have some questions ;-)

First, thank you very much for this amazing software and the extensive documentation you wrote, very interesting to read. For example, I find your Markov connection algorithm to optimize routing very interesting! I also appreciate the use of reproducible builds.

About self-hosting, I guess you were referring to this documentation? And more precisely to the HostCache, which is the only centralized point in the MuWire network if I understand correctly?

If yes, then I have a question about it. HostCache is a point of entry for new clients who do not yet know of any other MuWire nodes. Once they have a list of nodes, they can connect directly to other nodes to get a refreshed update of the network topology. But so what happens if the HostCache is ran by an evil actor? Can it compromise the new client's anonymity?

Hi,

the bootstrapping happens in two stages.. The first stage is a bootstrap into the I2P network which can be done via several mechanisms, the most common one being querying one or more of several bootstrap servers run by volunteers. There are however other methods of bootstrap such as providing a set of I2P nodes on a USB stick for example.

Once bootstrapped into I2P, the new MuWire node will issue a request to a HostCache over I2P, so the HostCache does not see the actual IP address of the MuWire node, just a cryptographic identifier known as I2P Destination. So let's say the worst happens and someone takes control of all HostCaches - the worst they could do is disrupt the ability of new MuWire nodes to discover other MuWire nodes, but the anonymity would not be harmed.

This shifts the risk back to the initial bootstrap into I2P via its bootstrap servers. Yes it is possible that all or sufficient majority of bootstrap servers become compromised; then all new I2P nodes would be at risk unless they use other means of bootstrapping like the USB stick mentioned earlier.

Ok awesome! I can see you put a lot of thoughts into the architecture of the MuWire network. It's fine then if the anonymity relies on I2P, it's a much more developed and well established network by now. If the I2P network gets broken, that's not under MuWire's responsibilities anyway.