I've been thinking about this for a while now.. gnutella search results currently contain the IP of the person with a match for the search request. But wouldn't it be great if there was a way to get the file back to the end user without revealing the posessor's IP address? If one or more hosts between the file posessor and the requester supported a special extension whereby the search results were rewritten to traverse a HTTP proxy chain created on the fly, privacy would be improved. Furthermore, if those HTTP proxy chains supported caching, performance might be improved too. Here's how it works: Host X joins the network, connecting to host Y, which is connected to host Z. Host Y supports the new anonymous downloading feature. Host Z does not support the anonymous downloading feature. Host A, which may or may not support anonymous downloading, connects to the gnutella network and searches for a document. The search request is broadcast to attached hosts B and C. Host C happens to be connected to host Z, which is connected to Y, and thus Z. Host X sees that it has received a search request for a document it has from host Y, and sends a routed message back through Y to the gnutellanet network. Host Y rewrites the search result to include its own IP address. It also makes an entry in a time-expired table and agrees to proxy the request to host X for anyone that asks. If for some reason Y can not agree to proxy the request (perhaps it is over its bandwidth cap) it will pass the search result unmodified to Z. When a request comes for that document, Y it will fetch it from X. Host Y hands off the rewritten packet to Z, which goes to C, B, and A. From host A's perspective, Y had the file, not Z. At Y's discression, Y will enter the file it got from X in its cache and also answer search requests matching it affirmatively. Now the response is passed up the chain, eventually to host A. Host A requests the document from host Y, which proxies it to host X, which has the document. Who did the user get the document from? They think they got it from Y, but did they? No. They got it from X. Even if host Y leaves host X's IP in the response, how can we be sure host Y isn't just forwarding the request for someone else? Even when responding to requests that can be fulfilled locally, servers should insert a random delay. In fact, if such a system is in use, there is no reliable way to prove who you got a document from unless you can monitor the Internet connections between every site involved in the transaction. Further complicating the matter might be the use of encryption and connection multiplexing between involved hosts. Hosts X and Y, for example, might communicate all information including proxied requests over a single encrypted channel. They might pass fodder on that channel when no transactions were in progress to reduce the effectiveness of traffic analysis. One other great advantage is that caching could be employed to much improve download rates for popular files. Host Y, for example, could agree to keep around a few hundred megs of recently downloaded files. It then could respond to search requests for those files. With additional client support, a system for finding other files with the same checksum as a search result could be employed. A round-robin DNS of hosts that agree to answer requests for a common namespace of files could be established. If a given host in the DNS listing did not have a file locally, it would try to get it. Since gnutella file transfers are based purely on HTTP, such a DNS entry could be used in responses to improve speed for gnutella clients fetching documents through a caching proxy server network such as squid. The use of such common namespace for responses would be negotiated by the gnutella client.