Although IPFS is the dominant decentralized storage protocol, its nodes and content are highly concentrated in a few public cloud providers, rendering it vulnerable to BGP routing attacks—such as prefix hijacking and passive eavesdropping—for censorship; this threat remains systematically unexplored. Method: We conduct the first empirical analysis of BGP attacks’ impact on IPFS content availability, building a network-level simulation platform using 3,000 globally distributed CIDs to quantify attack efficacy. Contribution/Results: Our evaluation shows that a single malicious AS can render 57% of requesting nodes unable to access 75% of content, with just 62 hijacked prefixes achieving 70% attack coverage. To counter this, we propose a defense mechanism combining global content replication with hijack-resilient backup nodes, significantly enhancing system robustness. This work fills a critical gap in routing-layer security research for Web3 infrastructure and provides essential security foundations for real-world deployment of decentralized storage.

The InterPlanetary File System (IPFS) has been successfully established as the de facto standard for decentralized data storage in the emerging Web3. Despite its decentralized nature, IPFS nodes, as well as IPFS content providers, have converged to centralization in large public clouds. Centralization introduces BGP routing-based attacks, such as passive interception and BGP hijacking, as potential threats. Although this attack vector has been investigated for many other Web3 protocols, such as Bitcoin and Ethereum, to the best of our knowledge, it has not been analyzed for the IPFS network. In our work, we bridge this gap and demonstrate that BGP routing attacks can be effectively leveraged to censor content in IPFS. For the analysis, we collected 3,000 content blocks called CIDs and conducted a simulation of BGP hijacking and passive interception against them. We find that a single malicious AS can censor 75% of the IPFS content for more than 57% of all requester nodes. Furthermore, we show that even with a small set of only 62 hijacked prefixes, 70% of the full attack effectiveness can already be reached. We further propose and validate countermeasures based on global collaborative content replication among all nodes in the IPFS network, together with additional robust backup content provider nodes that are well-hardened against BGP hijacking. We hope this work raises awareness about the threat BGP routing-based attacks pose to IPFS and triggers further efforts to harden the live IPFS network against them.