|Original author(s)||I2P Team|
2.2.1 / 12 April 2023
|Operating system||Cross-platform: Unix-like (Android, Linux, BSD, macOS), Microsoft Windows|
|Available in||English, Spanish|
Incomplete translations: Russian, French, Romanian, German, Swedish, Italian, Portuguese, Chinese, Dutch, Polish, Hungarian, Arabic, Japanese, Estonian, Persian
|Type||Anonymity application, Overlay network, mix network, garlic router, peer-to-peer|
|License||Free/Open Source – different licenses for different parts Public domain, BSD, GPL, MIT|
|Part of a series on|
|Video sharing sites|
|File sharing networks|
|Anonymous file sharing|
|History and societal aspects|
|By country or region|
The Invisible Internet Project (I2P) is an anonymous network layer (implemented as a mix network) that allows for censorship-resistant, peer-to-peer communication. Anonymous connections are achieved by encrypting the user's traffic (by using end-to-end encryption), and sending it through a volunteer-run network of roughly 55,000 computers distributed around the world. Given the high number of possible paths the traffic can transit, a third party watching a full connection is unlikely. The software that implements this layer is called an "I2P router", and a computer running I2P is called an "I2P node". I2P is free and open sourced, and is published under multiple licenses.
I2P is beta software since 2003, when it started as a fork of Freenet. The software's developers emphasize that bugs are likely to occur in the beta version and that peer review has been insufficient to date. However, they believe the code is now reasonably stable and well-developed, and more exposure can help the development of I2P.
The network is strictly message-based, like IP, but a library is available to allow reliable streaming communication on top of it (similar to TCP, although from version 0.6, a new UDP-based SSU transport is used). All communication is end-to-end encrypted (in total, four layers of encryption are used when sending a message) through garlic routing, and even the end points ("destinations") are cryptographic identifiers (essentially a pair of public keys), so that neither senders nor recipients of messages need to reveal their IP address to the other side or to third-party observers.
Although many developers had been a part of the Invisible IRC Project (IIP) and Freenet communities, significant differences exist between their designs and concepts. IIP was an anonymous centralized IRC server. Freenet is a censorship-resistant distributed data store. I2P is an anonymous peer-to-peer distributed communication layer designed to run any traditional internet service (e.g. Usenet, email, IRC, file sharing, Web hosting and HTTP, or Telnet), as well as more traditional distributed applications (e.g. a distributed data store, a web proxy network using Squid, or DNS).
Many developers of I2P are known only under pseudonyms. While the previous main developer, jrandom, is currently on hiatus, others, such as zzz, killyourtv, and Complication have continued to lead development efforts, and are assisted by numerous contributors.
I2P uses 2048bit ElGamal/AES256/SHA256+Session Tags encryption and Ed25519 EdDSA/ECDSA signatures.
I2P has had a stable release every six to eight weeks. Updates are distributed via I2P torrents and are signed by the release manager (generally zzz or str4d).
On the website it states, that "funding for I2P comes entirely from donations". Admins and managers of the project said, that "the core project itself doesn't take donations". These should instead go to secondary applications or be spent on hiring others, to work on I2P. Support for the onboarding for I2P came from the Open Technology Fund. In contrast to The Tor Project, I2P has "not the financial or legal infrastructure to support a network of exit nodes". The reseed servers, a sort of bootstrap nodes, which connect the user with the initial set of peers to join the I2P-network, should be run by volunteers.
Since I2P is an anonymizing network layer, it is designed so other software can use it for anonymous communication. As such, there are a variety of tools currently available for I2P or in development.
The I2P router is controlled through the router console, which is a web frontend accessed through a web browser.
Currently, Vuze and BiglyBT are the torrent clients that make clearnet (connections not through I2P) torrents available on I2P and vice versa. Depending on the client settings, torrents from the internet can be made available on I2P (via announcements to I2P's DHT network) and torrents from I2P can be made available to the internet. For this reason, torrents previously published only on I2P can be made available to the entire Internet, and users of I2P can often download popular content from the Internet while maintaining the anonymity of I2P. As of August 2022 the default outproxy is exit.stormycloud.i2p which is run by StormyCloud Inc
The Privacy Solutions project, a new organization that develops and maintains I2P software, launched several new development efforts designed to enhance the privacy, security, and anonymity for users, based on I2P protocols and technology.
These efforts include:
The code repository and download sections for the i2pd and Abscond project is available for the public to review and download. Effective January, 2015 i2pd is operating under PurpleI2P.
Some cryptocurrencies that support I2P are listed below.
.i2pnames are resolved by browsers by submitting requests to EepProxy which will resolve names to an I2P peer key and will handle data transfers over the I2P network while remaining transparent to the browser.
Denial of service attacks are possible against websites hosted on the network, though a site operator may secure their site against certain versions of this type of attack to some extent.
A zero-day vulnerability was discovered for I2P in 2014, and was exploited to de-anonymize at least 30,000 users. This included users of the operating system Tails. This vulnerability was later patched.
A 2017 study examining how forensic investigators might exploit vulnerabilities in I2P software to gather useful evidence indicated that a seized machine which had been running I2P router software may hold unencrypted local data that could be useful to law enforcement. Records of which eepsites a user of a later-seized machine was interested in may also be inferred. The study identified a "trusted" I2P domain registrar ("NO.i2p") which appeared to have been abandoned by its administrator, and which the study identified as a potential target for law enforcement takeover. It alternatively suggested waiting for NO.i2p's server to fail, only to social engineer the I2P community into moving to a phony replacement. Another suggestion the study proposed was to register a mirror version of a target website under an identical domain.
From August 15, 2015 to August 16, 2015 an I2P convention was held in Toronto, Ontario. The conference was hosted by a local hackerspace, Hacklab. The conference featured presentations from I2P developers and security researchers.