Distributing NixOS with IPFS

I&#x27;ve been following these github issues for a while; fetching sources from IPFS seems like a great step forward for resiliency in general, and quite a natural one for Nix considering things are already immutable. Using IPFS as a binary cache is nice, as it would lower the maintainers&#x27; burden and make out-of-tree experimentation easier, i.e. without damaging the integrity of nixpkgs and cache.nixos.org.<p>I hadn&#x27;t even thought about using the FUSE integration of IPFS, but it makes a lot of sense. Nix is a lazy language, and the nixpkgs repository basically defines one big value: a set of name&#x2F;value pairs for every package it contains (as well various libraries for e.g. working with Python packages, Haskell packages, etc.). The only difference between installed&#x2F;uninstalled packages is whether anything&#x27;s forced the contents to be evaluated yet.<p>Likewise, an IPFS FUSE mount conceptually contains the whole of IPFS. The only difference between downloaded&#x2F;undownloaded files is whether anything&#x27;s forced the contents to be evaluated yet.

Very cool.<p>One benefit of schemes like this that people don&#x27;t talk about much is that, by no longer downloading from an expected place, you&#x27;re removing the possibility for a compromised developer or server operator to selectively serve up malware to a targeted user. Instead you&#x27;re getting the file over bittorrent and checking its hash, and you could gossip with other bittorrent clients to confirm that everyone&#x27;s trying to get the same hash.<p>Compare with the state of the art in most software updates, which is that you connect to some download server and it could serve signed malware to people on its target list and probably no-one would notice.<p>(Schemes that use some of these techniques to take out the single point of malware-insertion have been called &quot;Binary Transparency&quot; schemes, as an analog to Certificate Transparency.)

I want to ditch the Nar format as soon as possible. IPFS&#x27;s unixfs format is too rich however.<p>When will the IPFS people finish up <a href="https:&#x2F;&#x2F;github.com&#x2F;ipld&#x2F;cid" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;ipld&#x2F;cid</a> so we can link whatever content addressable data we want?<p>I&#x27;d use git tree objects, despite SHA-1, because it&#x27;s widely supported. Or do a format identical tree objects but with the IPFS&#x27;s multihash and SHA-1 banned.<p>Point is, underlying protocol should be agnostic to hashing scheme, we should have a trait&#x2F;type class like<p><pre><code> &#x2F;&#x2F;&#x2F; Node in try trait Payload { type Hash: HashingTrait; fn unpack(Payload) -&gt; (Vec&lt;u8&gt;, Set&lt;Hash&gt;); fn pack(Vec&lt;u8&gt;, Set&lt;Hash&gt;) -&gt; Payload; &#x2F;&#x2F; Implement either and get the other for free! fn hash_packed(p: Payload) -&gt; Hash { hash_unpacked(packed(p)) fn hash_unpacked(p: (Vec&lt;u8&gt;, Set&lt;Hash&gt;)) -&gt; Hash { hash_packed(packed(p)) } } </code></pre> any `(Hash, Payload)` than can define a `(binary blob, Set&lt;Hash&gt;) -&gt; Hash` and Payload function should work.

I&#x27;ve felt for a while that a standard, widely-implemented, distributed content-addressable store is one of the biggest missing pieces of the modern internet. Glad to see any steps in that direction.<p>I&#x27;ll know real progress has been made when my browser can resolve something like:<p>cas:&#x2F;&#x2F;sha256&#x2F;2d66257e9d2cda5c08e850a947caacbc0177411f379f986dd9a8abc653ce5a8e

Nice project! Guix had a GSoC student working on binary distribution using GNUnet&#x27;s file sharing component a while back: <a href="https:&#x2F;&#x2F;gnu.org&#x2F;s&#x2F;guix&#x2F;news&#x2F;gsoc-update.html" rel="nofollow">https:&#x2F;&#x2F;gnu.org&#x2F;s&#x2F;guix&#x2F;news&#x2F;gsoc-update.html</a> . That has not led (yet?) to production code, but there might be ideas worth sharing.

It&#x27;s almost ridiculous how good the two fit together.<p>I had the feeling NixOS has a bit of a hard time get users and prove that it&#x27;s a superior solution to ansible&#x2F;docker&#x2F;chef&#x2F;etc. probably because of it&#x27;s mediocre UX, haha.<p>But this would add another killer feature to it.

Very interesting development. It would be great to see NixOS as an early adopter for IPFS.<p>BTW, there is a small typo:<p><pre><code> IPFS is aims to create the distributed net. </code></pre> It should be:<p><pre><code> IPFS aims to create the distributed net.</code></pre>

I&#x27;m really excited to see what the future holds for IPFS! However, hosting websites with custom domains is not quite feasible yet. Using IPFS&#x27; DNS (IPNS) means you have to keep the IPFS daemon running constantly, or else the files will be purged within an hour.

This is a really great idea! Reminds me of other projects that are working on integrating IPFS with the Operating System: <a href="https:&#x2F;&#x2F;github.com&#x2F;vtomole&#x2F;IPOS" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;vtomole&#x2F;IPOS</a>

Good to see other people are inventing AppFS ( <a href="http:&#x2F;&#x2F;appfs.rkeene.org&#x2F;" rel="nofollow">http:&#x2F;&#x2F;appfs.rkeene.org&#x2F;</a> ) :-)

Stage 2 seems problematic at least the way I see it. Most users have at least a thousand derivations- is it possible to fuse mount each one?<p>Also: I think some people are unaware that Nix hashes are not content addressable. The best solution (which OP is proposing) is probably to use the .nar hashes in IPFS which is content addressable.

Someone should do something similar with Gentoo&#x27;s portage, because the potential of IPFS could lead to amazing things, like verified pre-compiled -march=native builds for every architechture Gentoo supports.