Distributed Repository for Software Packages Using Blockchain

Abstract

A package repository is an essential piece of a software ecosystem. In FOSS, the software repositories are oftentimes hosted using limited donations, given the technical solutions adopted in the implementation. This work proposes a package repository using Blockchains with experiments and statistics based on a real-world scenario. The Blockchain described has its consensus algorithm crafted to befit the purpose of a package repository without financial appeal; Also, the proposed Blockchain keeps a compatible layer with the traditional repositories, easing its adoption. Furthermore, this work also presents a package search over peer-to-peer, computed on untrusted nodes, yet guaranteeing that the results are trusted. Finally, we present a functional Blockchain that cohesively exposes the PyPi catalog.