I'm not entirely sure if this is the right place to ask this, and I'm also slightly fuzzy on how the p2p system works, so correct me if I'm wrong.
I've been looking into the practical implications of decentralized P2P networks, and there's a few issues I've noticed, generally relating to the security side of things. First, as stated in this post, I can forsee that problems would arise with MITM and spoofing attacks, so I'm not sure what the best practice is. For instance, let's say a node A
sends data to node B
, and then B
relays that info to C
, what is stopping B
from spoofing, sniffing or modifying the data? Also, wouldn't it be a huge risk on the part of all nodes to open the ports for a P2P connection in the first place? Is there some possible way for the nodes to communicate directly without opening extra ports? I'm mostly just wrapping my head around how anyone would implement this securely.