Paper 2025/2131

Persistent BitTorrent Trackers

François-Xavier Wicht, University of Bern, IC3
Zhengwei Tong, Duke University
Shunfan Zhou, Phala Network
Hang Yin, Phala Network
Aviv Yaish, Yale University, IC3, Complexity Science Hub Vienna
Abstract

Private BitTorrent trackers enforce upload-to-download ratios to prevent free-riding, but suffer from three critical weaknesses: reputation cannot move between trackers, centralized servers create single points of failure, and upload statistics are self-reported and unverifiable. When a tracker shuts down, users lose their contribution history and cannot prove their standing to new communities. We address these problems by storing reputation in smart contracts and replacing self-reports with cryptographic attestations. Peers sign receipts for received pieces; the tracker aggregates them via BLS signatures and updates reputation. If a tracker is unavailable, peers fall back to an authenticated distributed hash table (DHT): stored reputation acts as a public key infrastructure (PKI), preserving access control without the tracker. Reputation is portable across tracker failures through single-hop migration in factory-deployed contracts. We also address the privacy implications of publishing public keys and reputations tied to private trackers on a public ledger: we propose ephemeral session keys to prevent linking peer identities, zero-knowledge membership proofs for anonymous DHT participation, and confidential reputation using homomorphic commitments. We formalize the security requirements, prove four security properties under standard cryptographic assumptions, and evaluate a prototype. Measurements show that transfer receipts add less than 5\% end-to-end overhead with typical piece sizes. To minimize signing overhead, we adopt a hybrid signature scheme: ECDSA signs individual piece receipts at transfer time for low per-operation latency, while BLS serves as the overarching scheme, enabling compact aggregation of many receipts into a single proof at report time. This design reduces client-side signing cost by an order of magnitude compared to using BLS throughout.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. Major revision. 2026 IEEE 11th European Symposium on Security and Privacy (EuroS&P)
Keywords
p2pfile transfercensorship resistancereputation-based systemdistributed file exchange
Contact author(s)
francois-xavier wicht @ unibe ch
zt70 @ duke edu
shelvenzhou @ phala network
hangyin @ phala network
a @ yai sh
History
2026-04-15: last of 3 revisions
2025-11-21: received
See all versions
Short URL
https://ia.cr/2025/2131
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2025/2131,
      author = {François-Xavier Wicht and Zhengwei Tong and Shunfan Zhou and Hang Yin and Aviv Yaish},
      title = {Persistent {BitTorrent} Trackers},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/2131},
      year = {2025},
      url = {https://eprint.iacr.org/2025/2131}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.