How is a client verifying responses?

How is a client verifying responses from the network?

  • for static files: that’s simple: hash(received_data) == requested_data_id
  • but how does a client know, that the response is coming from a legitimated group? My guess would be: the response contains:
    • a “proof” from the group. Votes/signatures from the group members. This verifies the response is coming from that particular group.
    • the proof has a reference to a datachain entry at the particular time of voting. Then the client can traverse the datachain back to the “genesis block” which is hardcoded in each client. This verifies the legitimation of the group/voters.
  1. is this in any way correct, or am i just missing something?
  2. this isn’t solving the problem of really outdated responses, say a malicious node would deliberately respond with outdated data (Replay attack)

Messages sent from one group to another group are reliable because they are always signed by a known group.

A->B->C->D where B knows A, C knows B and D knows C.

(The system is something more complex because only the Hash of the message is signed while the message is sent to destination in the fastest way.)


Yeah, we already have DHT Fingers (/Kademlia Routing) (TODO: link to actual rfc/routing table behaviour). Each group holds connections to other known groups all over the XOR address space. A request is routed to the best-fitting (smallest XOR-distance) directly connected group, then that group routes it to the best-fitting directly connected group and so on…

while the message is sent to destination in the fastest way

I’ve read about all request and responses being handled recursively to make them anonymous (TOR-like behaviour). Thus we would only communicate with known groups => no need for complexity. But i guess that’s not a goal anymore/never was a goal (because of bad performance? caching should help mitigate this. Caching isn’t a problem for static files as the file content never changes, caching MD should work as well)?

addition: recusrive as in recursive dns queries