Paper 2025/2131
Persistent BitTorrent Trackers
Abstract
Private BitTorrent trackers enforce upload-to-download ratios to prevent free-riding, but suffer from three critical weaknesses: reputation cannot move between trackers, centralized servers create single points of failure, and upload statistics are self-reported and unverifiable. When a tracker shuts down, users lose their contribution history and cannot prove their standing to new communities. We address these problems by storing reputation in smart contracts and replacing self-reports with cryptographic attestations. Peers sign receipts for received pieces; the tracker aggregates them via BLS signatures and updates reputation. If a tracker is unavailable, peers fall back to an authenticated distributed hash table (DHT): stored reputation acts as a public key infrastructure (PKI), preserving access control without the tracker. Reputation is portable across tracker failures through single-hop migration in factory-deployed contracts. We also address the privacy implications of publishing public keys and reputations tied to private trackers on a public ledger: we propose ephemeral session keys to prevent linking peer identities, zero-knowledge membership proofs for anonymous DHT participation, and confidential reputation using homomorphic commitments. We formalize the security requirements, prove four security properties under standard cryptographic assumptions, and evaluate a prototype. Measurements show that transfer receipts add less than 5\% end-to-end overhead with typical piece sizes. To minimize signing overhead, we adopt a hybrid signature scheme: ECDSA signs individual piece receipts at transfer time for low per-operation latency, while BLS serves as the overarching scheme, enabling compact aggregation of many receipts into a single proof at report time. This design reduces client-side signing cost by an order of magnitude compared to using BLS throughout.
Metadata
- Available format(s)
-
PDF
- Category
- Applications
- Publication info
- Published elsewhere. Major revision. 2026 IEEE 11th European Symposium on Security and Privacy (EuroS&P)
- Keywords
- p2pfile transfercensorship resistancereputation-based systemdistributed file exchange
- Contact author(s)
-
francois-xavier wicht @ unibe ch
zt70 @ duke edu
shelvenzhou @ phala network
hangyin @ phala network
a @ yai sh - History
- 2026-04-15: last of 3 revisions
- 2025-11-21: received
- See all versions
- Short URL
- https://ia.cr/2025/2131
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2025/2131,
author = {François-Xavier Wicht and Zhengwei Tong and Shunfan Zhou and Hang Yin and Aviv Yaish},
title = {Persistent {BitTorrent} Trackers},
howpublished = {Cryptology {ePrint} Archive, Paper 2025/2131},
year = {2025},
url = {https://eprint.iacr.org/2025/2131}
}