Home

Awesome

ipfs-check

Check if you can find your content on IPFS

A debugging tool for checking the retrievability of data by IPFS peers

Install

go install github.com/ipfs/ipfs-check@latest will build and install the server binary in your global Go binary directory (e.g. ~/go/bin)

Docker

Automated Docker container releases are available from the Github container registry:

When using Docker, make sure to pass necessary config via -e:

$ docker pull ghcr.io/ipfs/ipfs-check:main-latest
$ docker run --rm -it --net=host -e IPFS_CHECK_ACCELERATED_DHT=true ghcr.io/ipfs/ipfs-check:main-latest

Learn available variables via ./ipfs-check --help

Build

Backend

go build will build the ./ipfs-check binary in your local directory

Frontend

There are web assets in web that interact with the Go HTTP server that can be deployed however you deploy web assets. Maybe just deploy it on IPFS and reference it with DNSLink.

For anything other than local testing you're going to want to have a proxy to give you HTTPS support on the Go server.

At a minimum, the following files should be available from your web-server on prod: web/index.html, web/tachyons.min.css.

Running locally

Terminal 1

$ go build
$ ./ipfs-check
Starting ipfs-check
...
2024/08/29 20:42:34 Please wait, initializing accelerated-dht client.. (mapping Amino DHT may takes 5 or more minutes)
2024/08/29 20:42:34 Accelerated DHT client ready
2024/08/29 20:46:59 Backend ready and listening on [::]:3333
2024/08/29 20:46:59 Test fronted at http://localhost:3333/web/?backendURL=http://localhost:3333
2024/08/29 20:46:59 Ready to start serving.

As a convenience, a test frontend is provided at http://localhost:3333/web/?backendURL=http://localhost:3333.

Terminal 2

If you don't want to use test HTTP server from ipfs-check itself, feel free to use any other tool to serve the contents of the /web folder (you can open the html file directly in your browser).

npx -y serve -l 3000 web
# Then open http://localhost:3000?backendURL=http://localhost:3333

Running a check

To run a check, make an http call with the cid and multiaddr query parameters:

$ curl "localhost:3333/check?cid=bafybeicklkqcnlvtiscr2hzkubjwnwjinvskffn4xorqeduft3wq7vm5u4&multiaddr=/p2p/12D3KooWRBy97UB99e3J6hiPesre1MZeuNQvfan4gBziswrRJsNK"

Note that the multiaddr can be:

Check results

The server performs several checks depending on whether you also pass a multiaddr or just a cid.

Results when only a cid is passed

The results of the check are expressed by the cidCheckOutput type:

type cidCheckOutput *[]providerOutput

type providerOutput struct {
	ID                       string
	ConnectionError          string
	Addrs                    []string
	ConnectionMaddrs         []string
	DataAvailableOverBitswap BitswapCheckOutput
}

The providerOutput type contains the following fields:

Results when a multiaddr and a cid are passed

The results of the check are expressed by the peerCheckOutput type:

type peerCheckOutput struct {
	ConnectionError             string
	PeerFoundInDHT              map[string]int
	ProviderRecordFromPeerInDHT bool
	ConnectionMaddrs            []string
	DataAvailableOverBitswap    BitswapCheckOutput
}

type BitswapCheckOutput struct {
	Duration  time.Duration
	Found     bool
	Responded bool
	Error     string
}
  1. Is the CID (really multihash) advertised in the DHT by the Passed PeerID (or later IPNI)?
  1. Are the peer's addresses discoverable (particularly useful if the announcements are DHT based, but also independently useful)
  1. Is the peer contactable with the address the user gave us?
  1. Is the address the user gave us present in the DHT?
  1. Does the peer say they have at least the block for the CID (doesn't say anything about the rest of any associated DAG) over Bitswap?

Metrics

The ipfs-check server is instrumented and exposes two Prometheus metrics endpoints:

Securing the metrics endpoints

To add HTTP basic auth to the two metrics endpoints, you can use the --metrics-auth-username and --metrics-auth-password flags:

./ipfs-check --metrics-auth-username=user --metrics-auth-password=pass

Alternatively, you can use the IPFS_CHECK_METRICS_AUTH_USER and IPFS_CHECK_METRICS_AUTH_PASS env vars.

License

SPDX-License-Identifier: Apache-2.0 OR MIT