Decentralized data storage systems like the Interplanetary Filesystem (IPFS) are becoming increasingly popular, e.g., as a data layer in blockchain applications and for sharing content in a censorship-resistant manner. In IPFS, data is hosted by an open set of peers, requests to which are broadcast to all directly connected peers and routed via a DHT. In this paper, we showcase how the monitoring of said data requests allows for profound insights about the IPFS network while simultaneously breaching individual users' privacy. To this end, we present a passive monitoring methodology that enables us to collect all data requests of a significant and upscalable portion of the total IPFS node population. Using a measurement setup implementing our approach and data collected over a period of nine months, we demonstrate the estimation of, among other things: the size of the IPFS network, activity levels and structure, and content popularity distributions. We furthermore present how our methodology can be abused for attacks on users' privacy. As a demonstration, we identify and successfully surveil public IPFS/HTTP gateways, thereby also uncovering their (normally hidden) node identifiers. We give a detailed analysis of the mechanics and reasons behind implied privacy threats and discuss possible countermeasures.
