This study empirically uncovers, for the first time, a structural tension between anonymity design and content governance in the IPFS ecosystem: malicious actors exploit its decentralization and anonymity to persistently upload and disseminate harmful content. Using an automated testing framework, we deployed controlled malicious files across mainstream public gateways and 12 categories of pinning services; multi-node response analysis and cross-service availability tracking revealed that 93% of gateways and all tested pinning services perform no content legality verification—resulting in malicious files persisting on average over 30 days and being widely cached and distributed. The paper identifies IPFS’s lack of intrinsic security assessment and propagation-blocking mechanisms. It proposes a lightweight governance interface design paradigm, offering both actionable technical pathways and theoretical foundations for content safety governance in decentralized storage systems.

The InterPlanetary File System~(IPFS) offers a decentralized approach to file storage and sharing, promising resilience and efficiency while also realizing the Web3 paradigm. Simultaneously, the offered anonymity raises significant questions about potential misuse. In this study, we explore methods that malicious actors can exploit IPFS to upload and disseminate harmful content while remaining anonymous. We evaluate the role of pinning services and public gateways, identifying their capabilities and limitations in maintaining content availability. Using scripts, we systematically test the behavior of these services by uploading malicious files. Our analysis reveals that pinning services and public gateways lack mechanisms to assess or restrict the propagation of malicious content.