Ben Stokman


IPvPub: A Better Way For a Peer to Peer Internet

IPvPub Part One

To be clear, I have not programmed anything, I have only created an idea.

Credit: Manuel, Pixels

Many people have come up with elaborate ways for a trustless, decentralized, internet. However, these methods essentially take a sledgehammer to the current internet’s protocols to shape it into what they want. I have learned that if something is forced to do something it was not built to do, problems will arise when changes have to be made. Many problems arise that would have not if the system was redesigned to fit the demand of the system.

If anyone wants any innovation in the future, a new protocol will have to be made to serve all possible demands of the system that will arise.

What I am Proposing

I am proposing a new Internet Protocol Address. It will be built similarly to IPv6, but it will use a private-public keypair instead of a mac address. The IPv6 pert can be changed if the layout of the internet changes.

This will provide a truly personal IP address that cannot be forged. This will also allow for direct interaction with blockchains and decentralized systems, assuming they use 256 bit ECDSA

The layout is simple. It is simply the IPv6 layout with a 256 bit ECDSA public key.

Example IP address:

There will still be sixteen bit ports.

Every packet will be encrypted first with the sender’s private key, and then the receiver’s public key; basic peer to peer encryption.

The packet can be of any length up to 16Kb of encrypted data. Larger chunks of data are more efficient. The packet will keep its data in pure ones and zeroes.

The packet also contains a SHA-256 (or any other hash) of the completely signed data for error detection, and your normal data in the header. Basic stuff — the focus is on the encryption.


The Domain Name System converts the familiar names of services into IP addresses that our computers need to contact services.

It is highly unlikely the DNS system will change from the way it is today, but a record will be kept on each local server.

The local server will host the DNS records on an IP with the customer and subnet of zero. All DNS records will be encrypted much like all other internet protocols.


The Onion Router is an open sourced anonymization tool. It works by routing your traffic though three nodes in its network, each node decrypting one layer of encryption.

IPvPub will have onion routing technology built right into it.

Each Local server will run its own node, which will have the customer and subnet of zero like the DNS protocol; there is nothing enforcing this, it will just be a public service. People can also run their own nodes, much like the TOR network today. These nodes will be listed in the domain name system system.

The traffic will be routed through however many nodes that the client wants, and then will eventually reach the exit node. There is no specific IP addresses that the clients will exit from; they will create and manage their own IP, that the exit node will host. The location of the address (first 64 bits) will be the same as the exit node. The local servers can forge any part that is under them.

The packets will be encrypted with the node’s public keys on the client side, in order. The only private key that the client uses is the one for the virtual IP. The nodes will encrypt the data with the receiver’s public key when transferring to a different node. The universal verification that the node needs is the circuit ID, which is included in the data transmitted to the node.

Hidden Service

TOR allows for anonymous hosting of services. Special software is required to access the hidden services of the TOR network, but with IPvPub, no special software is needed.

Since the client is in complete control over their IP, the exit node will not be able to differentiate a hidden service from a client. Nor will a client be able to differentiate between a hidden service, and a unhidden service.

The exit node will never see the private key of an IP of a hidden service.

Hidden services will be compatible with surface services in every way, and indistinguishable in every way. People will be able to easily publish content anonymously, and have anyone access it wether or not they use or have the knowledge of onion routing technology. A massive step for free speech.


This system can also be used for trustless uncensoring. Assuming that popular services like Google or Google run TOR nodes, they can be used as a relay for censored data. Because all data is end to end encrypted from the start, only one relay has to be used, assuming that the client does not need full anonymity.

If someone is in a country that does not keep TOR records in their DNS servers, someone can catch ear of an IP address or domain of a TOR node. The only way to stop people from accessing censored content is to shut down the internet itself; and that will be a hindrance to the citizens, and will not be popular.

Feel free to leave comments on what you think of my idea, I will try to respond as soon as possible. I will be writing more articles going into more depth about each individual topic as time goes on.

Again, I have not programmed or coded any of the things mentioned in this article, I have only created an idea; do not ask for any “sources” or whatever.

More by Ben Stokman

Topics of interest

More Related Stories