Got some questions regarding the exposure of IP address of the end user of Holo network that I hope we can have some discussion on.
Is the IP address of the end user of Holo Network exposed to anyone inside/outside of the holo network? Or is it only visible to the agent inside the DHT the end user reside in?
If the answer to 1 is yes, is there anyway for malicious actors outside of Holo network to get a hold of IP address of the end user? (and probably know which happ the user is using assuming there is some mapping of the end user’s ip address to the happ the end user is using on holo network)
@tats_sato I don’t know the correct answer, but the Holo router sits between HoloPorts and end-users. That means that it’s a proxy server that knows the IP address of the end-user but doesn’t have to pass it to the host. Whether it does, I don’t know, but I suspect that it doesn’t. Waiting for an answer from the Holo dev team. And if I’m right, it would mean that the Holo router knows the user’s IP address, which can’t be avoided, but even the DHT that the user belongs to doesn’t know their IP.
I see… just read a little bit about proxy server (still a noob on networking ) and it seems like if holo router works like a proxy server, then end-user’s IP addresses are protected which is great!!
I personally hope they do not pass the IP address to the host though or at least an option not to when the user chooses so!
@tats_sato sometimes proxy servers will pass on the client’s IP address to the application server, because the application server needs it to do its job. I wanted to make sure we weren’t doing that in Holo Host, so I asked the Holo devs. I asked:
hey, folks, a question: can a host see the IP address of the end-user connected to them? That is, does the Holo router pass along an X-Forwarded-For header or anything like that?
And the answers I got were:
no, it can’t. holo router operates on raw tcp level, it can’t even tell if it’s http or not
and
Yes we actually don’t want to see that to protect user privacy
So there you go! What this means is that, from a user-data perspective, it’s as if the port and user are talking directly to each other with no middleman (thanks to SSL encryption terminating at the port, not the router). But from a networking perspective, the port only sees the router’s IP, not the user’s IP.