So, one big drawback to your system is that it could be used as a command-and-control node for a botnet.

Since IPFS is a hash table, generally it’s going to be incredibly difficult to find a hash collision with an existing file. So you’ll need the link any ways. Since changing the file changes the hash, it can’t be used to communicate through - it is always simply a file storage.

But with Tenfingers, once the link is out there - the data can change. This means it wouldn’t be difficult to use a file itself for communication - you’d only need to point someone at the file, and since the hash never changes, you could theoretically control a botnet through it.

Granted, at the same time - this could also be used for “encrypted” communications, so long as Tenfingers itself doesn’t keep track of hashes. If it keeps track of the existing hashes, then technically it has every link available to the network and thus, also has the ability to break the encryption, right?

If someone has the link - generally those are retrieved in plain-text. Even with an HTTPS connection, you’re asking the server in, basically plaintext “give me the data for [X]” – do you guard against that somehow?