Delegated content erasure in IPFS

The InterPlanetary File System (IPFS) is employed extensively nowadays by many blockchain projects to store personal data off-chain to comply with the Right to be Forgotten (RtbF) requirement of the General Data Protection Regulation (GDPR), the new regulatory regime for personal data protection in the EU. In such a way, when a request for content erasure is to be carried out under the RtbF, the onus of removing the actual personal information moves to the IPFS protocol. Nevertheless, enforcing data erasure across the entire IPFS network is not actually feasible, mainly due to its decentralized nature. Consequently, the implementation of a delegation mechanism for handling content erasure requests within the IPFS would be the most conducive way towards aligning the IPFS with the GDPR. To that end, in this work, we propose an anonymous protocol for delegated content erasure requests in the IPFS. The proposed protocol could be smoothly integrated into the IPFS to distribute an erasure request among all the IPFS nodes and, ultimately, to fulfil the erasure requirements foreseen in the RtbF. Furthermore, the protocol complies with the primary principle of the IPFS to prevent censoring; therefore, erasure is only allowed to the original content provider or her delegates. A formal definition and the security proofs are provided, along with a set of experiments that prove the efficacy of the proposed protocol. We demonstrate that the overhead introduced by the proposed protocol does not affect the system's efficiency. Our experimental results exhibit a robust performance as the average times for generating the content-dependent keys and for spreading the erasure requests do not affect the overall performance of the IPFS.