diff --git a/cmd/ipfs/daemon.go b/cmd/ipfs/daemon.go index af105589db5a..b5a26c4c81e9 100644 --- a/cmd/ipfs/daemon.go +++ b/cmd/ipfs/daemon.go @@ -30,6 +30,7 @@ import ( fsrepo "github.com/ipfs/kubo/repo/fsrepo" "github.com/ipfs/kubo/repo/fsrepo/migrations" "github.com/ipfs/kubo/repo/fsrepo/migrations/ipfsfetcher" + p2pcrypto "github.com/libp2p/go-libp2p/core/crypto" pnet "github.com/libp2p/go-libp2p/core/pnet" sockets "github.com/libp2p/go-socket-activation" @@ -459,6 +460,16 @@ func daemonFunc(req *cmds.Request, re cmds.ResponseEmitter, env cmds.Environment printSwarmAddrs(node) + if node.PrivateKey.Type() == p2pcrypto.RSA { + fmt.Print(` +You are using an RSA Peer ID, thoses are deprecated and support will be removed sometime second half of 2023. +To keep compatibility with newer nodes and bootstrappers create a new Ed25519 (recommended), ECDSA or secp256k1 key with: + ipfs key rotate -o my-old-key -t ed25519 +Then restart your node for it to take effect. + +`) + } + defer func() { // We wait for the node to close first, as the node has children // that it will wait for before closing, such as the API server. diff --git a/docs/changelogs/v0.18.md b/docs/changelogs/v0.18.md index 58077e21481e..9dc017e31e91 100644 --- a/docs/changelogs/v0.18.md +++ b/docs/changelogs/v0.18.md @@ -22,6 +22,7 @@ Below is an outline of all that is in this release, so you get a sense of all th - [Differentiating QUIC versions](#differentiating-quic-versions) - [QUICv1 and WebTransport config migration](#quicv1-and-webtransport-config-migration) - [Improving libp2p resource management integration](#improving-libp2p-resource-management-integration) + - [RSA Peer ID deprecation](#rsa-peer-id-deprecation) - [๐Ÿ“ Changelog](#-changelog) - [๐Ÿ‘จโ€๐Ÿ‘ฉโ€๐Ÿ‘งโ€๐Ÿ‘ฆ Contributors](#-contributors) @@ -159,7 +160,7 @@ To support QUICv1 and WebTransport by default a new config migration (`v13`) is To help protect nodes from DoS (resource exhaustion) and eclipse attacks, Kubo enabled the [go-libp2p Network Resource Manager](https://github.com/libp2p/go-libp2p/tree/master/p2p/host/resource-manager) by default in [Kubo 0.17](https://github.com/ipfs/kubo/blob/master/docs/changelogs/v0.17.md#libp2p-resource-management-enabled-by-default). - + Introducing limits like this by default after the fact is tricky, and various improvements have been made to improve the UX including: 1. [Dedicated docs concerning the resource manager integration](https://github.com/ipfs/kubo/blob/master/docs/libp2p-resource-management.md). This is a great place to go to learn more or get your FAQs answered. @@ -168,6 +169,16 @@ and various improvements have been made to improve the UX including: 4. Adjusted log messages and levels to make clear that the resource manager is likely doing your node a favor by bounding resources. 5. [Other miscellaneous config and command bugs reported by users](https://github.com/ipfs/kubo/issues/9442). +#### RSA Peer ID deprecation + +In [v0.7 we changed the default public key type from RSA to Ed25519](./v0.7.md#ed25519-keys-are-now-used-by-default), due to the higher CPU load RSA handshakes force upon other peers in the network we will remove support for RSA peer ids sometime in the second half of 2023. + +See some rational here [libp2p/go-libp2p#1952](https://github.com/libp2p/go-libp2p/issues/1952#issuecomment-1350401449). + +Kubo now warns you when you start `ipfs daemon` using an RSA key. + +For now, we do not plan to remove support for RSA IPNS keys, only nodes identity. + ### ๐Ÿ“ Changelog ### ๐Ÿ‘จโ€๐Ÿ‘ฉโ€๐Ÿ‘งโ€๐Ÿ‘ฆ Contributors