Any peer-to-peer network must face the threat of active attacks against the network by some of the peers. One of the most vulnerable areas of cooperation is the sharing of metadata. Sharing of metadata is particularly susceptible to attack because metadata (for example, the authorship of a work of art, the keywords used to index a text, or an opinion of the beauty of a piece of music) is often impossible to verify for "correctness" automatically. Attackers have already initiated "metadata poisoning" attacks against many of the peer to peer networks, for example by uploading mp3 files marked as being copies of popular songs, but containing instead a recording of a chainsaw or of an anti-piracy lecture.

We introduce "attack resistance" -- a measure of the robustness of a network in the face of active attacks by some of its peers -- as applied to systems for metadata sharing, and propose a novel protocol for sharing arbitrary metadata across a network while ensuring this property. In addition to attack resistance, the proposed protocol exhibits other desirable characteristics, such as respecting the presence of diverse opinions, and discovering well-recommended but little-known songs ("diamonds in the rough").

The metadata sharing protocol is only one example of a general class of flow-bounded trust networks, a class which includes the Advogato trust metric. An experimental implementation is underway on the Mojo Nation peer-to-peer network.