# IPFS Cluster Setup

## The cluster secret
The 32-byte hex-encoded secret in the service.json file acts as libp2p network protector. This provides additional encryption for all communications between peers (libp2p) using a pre-shared key.

In [1]:
# od  -vN 32 -An -tx1 /dev/urandom | tr -d ' \n'

In [2]:
import secrets
import base64

# Generate a random 32-byte secret
secret_bytes = secrets.token_bytes(32)
print(f'{secret_bytes.hex()=} (hex)')

# Encode the secret in base64
secret_base64 = base64.b64encode(secret_bytes).decode('utf-8')

print(secret_base64)


secret_bytes.hex()='0af9f040e0f1ce835cc2ef97cf4f9176739c563a53fef072c347319f7a3fb1c0' (hex)
CvnwQODxzoNcwu+Xz0+RdnOcVjpT/vByw0cxn3o/scA=


In [3]:
# pip install cryptography

In [4]:
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import rsa

# Generate a new RSA private key
private_key = rsa.generate_private_key(
    public_exponent=65537,
    key_size=2048
)

# Serialize the private key to PEM format
private_key_pem = private_key.private_bytes(
    encoding=serialization.Encoding.PEM,
    format=serialization.PrivateFormat.PKCS8,
    encryption_algorithm=serialization.NoEncryption()
)

# Extract the public key from the private key
public_key = private_key.public_key()

# Serialize the public key to PEM format
public_key_pem = public_key.public_bytes(
    encoding=serialization.Encoding.PEM,
    format=serialization.PublicFormat.SubjectPublicKeyInfo
)

# Print the keys
print("Private Key:")
print(private_key_pem.decode('utf-8'))
print("Public Key:")
print(public_key_pem.decode('utf-8'))


Private Key:
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCzhukbkCR/zhoM
pfik1vA428WzoinM5zzQ1pmgKx3C0h4WF46Bo59xMmTx/PZqWvGBkNcat4jsp0KD
Z9YUfETYwwZ6P/kbuI8B631hEBpjAvv5xk3ISadJO96u4hMUKQMLffDYBJnaqo+e
Yjkqd1/u2T2cZofA1iY0dL7nu04OqeABcIe+Oqdrp+CxgF5EmEiFDnnK06iGNeKy
9oJsls4oSyIZVwwb7sPYCcPqIL6ckw7Q7jzorqNNYgzhLYE4x2mp9x+24dW+mujI
Z5jyP5JaU7fVmiYyRtzIwotRzLAUv68sBvoPa/y0CeY8XtVPQQr4Crcg4LRd4Fmx
6s0ZRdPFAgMBAAECggEAKqKDgbQ9tsxvi0lvP1Z8PkSTMxHz82GHI+GTImKa8sWL
t5tokIkXOH7LUlzM+H0YlbicHRAxSGKAfUyPntXUU9YdF7NRqa+u5rnSUNbOLW1s
AemCV2qGe/Hn9IhkF4mV24jRRbvx/eg7q1WQVfF7qvGUnCwNWVKCSDrhi48D/p8a
SLexfXASWVu8Go8HvSezo7dsbYXtT1qFKHq+KPuJbuT7g/LNzg23M1pPTS8I3Tsk
DDxdmrrzUUb9eqq8rs52s4jGli+iEKaXCnz0QkR99YBn2hQ41HikPejBh3ge+YVv
visJRI0+XXnKVMiOYXDu4Nhq66eCqsjoAYPkEY7dAQKBgQD48QlOKu9I8fZIl7Ms
uGDyNQjsrFNz10WAHLV8QYmNZjMin6TdA+nepGbcQT2+TqaEn58BWKSr/YXi4+ps
CFr3v3haK0Qy5e9YB1f/cUfzuU+YeHmBB316V/Cis7szpTNs+z1rjbGqi2ZAYS2Y
dHfZCG6jBifuHTGtyhIkgtIlMQKBgQC4ngXQrtX/g0PktjSVB

## libp2p

In [5]:
# pip install xcrun

In [6]:
# pip install fastecdsa

In [7]:
# from libp2p.crypto.keys import KeyPair
# from libp2p.crypto.secp256k1 import create_new_key_pair

# # Generate a new key pair
# key_pair = create_new_key_pair()

# # Get the private key and public key
# private_key = key_pair.private_key
# public_key = key_pair.public_key

# # Serialize the keys to bytes
# private_key_bytes = private_key.to_bytes()
# public_key_bytes = public_key.to_bytes()

# print(private_key_bytes)
# print(public_key_bytes)