> DNS costs money to use (which I argue is not suitable for all uses.)
This kind of thinking is a trap that I see many people fall into. Domains cost money because they have to cost money. Human-friendly names are a scarce resource (there can only be one google.com and one @johnsmith). They have value, and the market tends to reach equilibrium. If a scarce resource costs (or is given away for) less than some people are willing to pay for it, speculators will grab it and resell it for the "right" price. Free domains for everybody actually means free domains for an enterprising businessman who grabs all of them with a simple Python script in 24 hours, and then resells them for $10 a pop. We already see that with normal DNS, short and memorable domain names go for astronomical amounts, but because every registration costs money, registering more unusual domain names if you don't actually have a need for them is not a profitable strategy, and so good enough names can still be registered somewhat cheaply. You need to increase prices to make speculation unprofitable while still remaining affordable to end users. It's a balancing act.
If you don't create the barrier to entry yourself, the barrier to entry will be created for you, and not in a way you like or can control. Such a barrier doesn't have to be monetary, it can be (difficult) proof of work, centralized identity verification and abuse prevention policies, legal consequences for scalping, invitation / vouching requirements etc, but a barrier always exists, whether created by the system developers or the free market.
This only applies at large scales of course, if your system is used by 10 people and all of them trust each other, "grab any name you want for free" is totally fine.
Having a programmer understand the economic and societal background when they create a new project seems to be a bold assumption. Obviously tech can solve everything, right?
I'm still waiting for the OAuth-based online US government ID for all citizens that lets us sign up for utilities, apply for colleges and loans, set up bank accounts, etc. instead of entering social security numbers everywhere.
How could someone as lowly as a mere programmer possibly understand the complexity of how things cost money and their impact on participation? Sounds to me like I should have sought your esteemed council before making this project to save myself the embarrassment. In future I will make sure to consult you before I do something.
The reasons parent posted are just made up "facts" that fit and tell a story that sounds right. Assuming programmers, who tend to be on the more intelligent side, reject it because they don't understand faulty reasoning is a faulty assumption itself..
Comments like this are unhelpful and just read like an attempt to punch-down on someone. If you think that something doesn't make sense then you must be able to list and describe what's wrong. Or do you expect people to be able to read your mind when you post something like this? The vagueness makes it sound as if you have a point but if you do it's not included in your post.
Which just proves my point. The barrier to entry doesn't have to be monetary, a competent human being individually checking each application works just as well.
There's also the point about scale, if your network is small and you trust your users, which was the case on the old internet, you can get away with a system that assumes no speculators.
I know this is HN but not everything needs to be monetized. There is such a thing as doing something because you want to. People write open source software largely because they want to and if it helps them they might as well let others use it too. There's more than enough unused network resources on the Internet to make a free alternative to DNS. OpenNIC comes fairly close to this but still fails to provide a good registration system.
>enterprising businessman who grabs all of them
I'm mostly targeting short names that can be shared with people in place of IPs. So think about server lobbies where normally you might type in an IP to connect to a friends server. The current domain name system has popular TLDs but my design isn't based on fixed TLDs. The name can be anything and there's no 'most popular' TLD so name squatting isn't an issue.
It may be an issue if this were to emerge more for apps and websites though.
> I know this is HN but not everything needs to be monetized.
It's not whether something should be monetized, but rather about whether it inevitably will. It's not a question of "if", but "by whom", "when" and "how much". Either you do the monetizing, via crypto or otherwise, or you hide your head in the sand, pretend that the issue doesn't exist and let the scalpers get all the profits.
> Domains cost money because they have to cost money.
That's not entirely true. They cost money because they're market commodities and thus have market value. Making them cost non-trivial amounts of money to register is a way to de-incentivize scalping by reducing the profit margin but it's mostly done because it enables registries to pocket the premium that would otherwise go the the scalpers (aka "squatters").
Of course it would be entirely possible to devise a system that treats them less as a commodity or enforces usage-based rights but to do so in a less rigid and mindless way than "no activity in N cycles equals forfeiture" (like Twitter and Google have done or announced their intent to do before) is hard and doesn't play well with pretending to be a neutral actor enabling a free marketplace of ideas.
One big problem I see with this, is it sounds like you're proposing we dramatically expand the scope of registrar duties while also proposing we stop paying them.
Where are they going to get the money to fund their nuanced and mindful enforcement of usage based rights? Is a team of legal specialists going to review domain applications for less than $15/y?
It sounds like your concern is that private companies are making a lot of rent off public goods. I could have an incorrect understanding of this, but isn't it all run by ICANN at the end of the day? A solution might be to make sure the rent captured on domains goes back into funding public goods. Like a digital land value tax.
I'm not talking about changing anything. I'm saying the registrar system is set up this way. It's never easy to completely rearchitect a system once it is already in place and well-established. I'm simply arguing that the way it works isn't a law of nature but a consequence of the underlying ideology and economic system.
Sorry, I must have missed the part where you pointed out a glaring hole because all I read was an explanation of how it's hard to change things after the fact (which I agree with) and some gesturing at human nature (which is contextual, i.e. it's human nature to act a certain way within a given environment but that doesn't mean it's not also human nature to act differently within a different environment).
As others have pointed out, domain names didn't start out as a highly valued commodity. Arguably they only became that during the dot-com boom when domains functioned as brands. I'd even go as far as saying they largely lost most of their value from that time period in the Web 2.0 days when startups started slapping random syllables together and dropping letters and have instead become more of a speculative asset, especially with the flood of new TLDs nobody can keep up with.
In fact, there are market restrictions enforced by various registrars like requiring legal presence in a given country for ccTLDs or providing content in Catalano and/or information about Catalonian culture for dot-cat domains. Of course there are workarounds for most of these but as I said these are just bandaids bolted on after the fact, just like premium pricing tiers.
If we're going to discuss this, I'd like to keep things on point. My specific question was, how do you propose paying for this system of allocation when the entire premise is to eliminate non-trivial domain fees.
Spam is unwanted messages that displace what you want to see. In IRC: channels can be set to private which hide them from the channel listing. So that the server continues to operate in the same way. The software isn't doing anything outside of what is already allowed by these servers. Everything from the number of channels a user is allowed to create to limitations on expiry are already factored in to how people use the service.
If a channel typically attracts users and their discussion increases as more people join, which may happen over a very long time frame, then I argue that my design is actually less impactful than a traditional channel. Since it is not designed for discussion.
This kind of thing falls under spam. IRC networks are not your infrastructure to use for any project.
At the very least, I can tell you that Libera would define this as abuse and actively remove it. Our servers are for users to chat, not for software to communicate.
And to clarify on spam, this takes resources from the target of a given network. If that networks target is to be a platform for software communication, sure. But in general, IRC networks are there to relay chat, hence the Internet Relay Chat name. This kind of thing takes processing power away from users, and increases memory load on the server. Not to mention bloating it's services database.
Spam is any unwanted activity. It's visible to the service operators, and I predict that it'll annoy them, and they'll try to stop it. Apart from anything else, it'd start filling up their disks if it was widely used. Have you asked the opinion of any IRC admins?
This is really abuse of public infrastructure if you really want to do this, look at veilid (https://veilid.com/). Veilid provides modern crypto primitives to do this and more importantly the people running the network actually want you to use it like this.
veilid itself basically just provides a p2p backbone (where peers are identified by their public keys) on which you can build other applications. i.e. it's the replacement to the "random public IRC servers" part of this equation, and not the DNS-like system as a whole.
What are assumptions involved for submitting and retrieving node’s IP address with a given public key to a Veilid network? For instance how does new users discover other Veilid nodes. Are those baked in statically? What happens if public IP addresses of the network change?
There's a list of public bootstrap nodes, similar to how Tor bootstraps. Nodes report their own IPs as part of a signed (and timestamped) record, which can change over time. Once you've found one node, you can query it for information about its peers. Because connection information ("dialinfo") is signed, it can be re-shared with other peers.
There's also support for nodes that don't have public IPs at all, which connect to the network via some other node acting as a relay. In this case, they report the relay's node ID.
I really don’t understand the “why” here. As a toy project it’s interesting but the actual justification to actually use IRC seems to come after the implementation.
This isn’t derived from the stability of IRC itself but the network operators as there are many holes not accounted for.
You’re not guaranteed a channel on IRC networks. A network owner may decide to remove it or, if using Services, transfer ownership if someone requests. Same for nicks and other things.
I’d also be willing to bet the network operators did not sign up to host a database for free for some stranger online either.
Neat, its always good to see people experimenting on a better DNS system. As others have mentioned, there are alternative systems to IRC, and I think you should consider them and what system of incentives are created by what choices you make.
You are using someone elses infrastructure, and even if you have done everything possible to minimize their overhead, you are still planning to use them for free. I think the other suggestions made here regarding options all have merits that I am not qualified to speak on; but I do know that decentralized/federated DNS is something highly sought after in bitcoin circles like on stackernews and nostr. You could use nostr very similarly to how you use it with your current implementation; I would very much love to use it to make remote access to services on my home network more accessible, and to allow others to use those services as well. There is a built in userbase of people that would like to host everything from cloud backups to online marketplaces to browser games, but using a centralized DNS is simply not an answer for them.
There is 0 security in this. It is also hard to understand because it uses random crypto that doesn't really accomplish anything.
Nothing stops someone from registering your domain. Nothing stops someone from doing a Sybil attack and just always returning an attacker's account public key.
The author would be benefit greatly by taking another look at blockchains for this problem. They typically are much better thought out distributed systems than what the author was able to come up with.
>There is 0 security in this. It is also hard to understand because it uses random crypto that doesn't really accomplish anything.
There is zero security if you dismiss every such measure to accomplish a level of security by saying that its just 'random crypto' that doesn't accomplish anything (why do you say that?)
>Nothing stops someone from registering your domain. Nothing stops someone from doing a Sybil attack and just always returning an attacker's account public key.
I think there may be some confusion in your understanding of the system. Registered names aren't visible, only their hashes. The design masks names through a verifiable delay function which forces registering parties to do lengthy computations to construct the lookup function. Since computations can be stored in bulk - names can be registered atomically across IRC servers without revealing what they are directly.
>Nothing stops someone from doing a Sybil attack and just always returning an attacker's account public key.
In the context of networking 'sybils' refer to being able to create multiple identities, machines, or so on controlled by the same person. But your usage of the term here is confusing because (1) users don't control third-party servers (2) users can't see names directly (3) there is a cost to creating names (4) and a threshold system is used to do consensus over name lookups and registrations (which was designed to solve the problem you're talking about.)
>The author would be benefit greatly by taking another look at blockchains for this problem. They typically are much better thought out distributed systems than what the author was able to come up with.
I would love to use a blockchain for this. There's only one problem. Currently there are no such blockchains that have zero transaction fees to use them. I think that such a system would be very useful. But it seems that no one wants to do it -- and working at blockchain startups for more than a decade has taught me that bolting forced monetization and funky tokens onto everything can make a system worse (or even unusable) for its intended purpose.
I think if you re-read the post you will see how I've addressed the problems you raised.
You claim here that there is a cost to creating the domain but rule out Ens because it has a cost? You can't make both claims. You can generate Ethereum and buy domains with it much in the same way you do here.
You rule out DNS as it doesn't have a standard registration but IRC doesn't have a standard way to register channels nickserv isn't on all IRC and they have different implementations.
IRC is not distributed it's owned by a centralised provider who has complete control, they can trivially take over any domain they want.
IRC has no consensus mechanisms a netsplit would make it trivial to create duplicate channels on the same IRC network.
You check channel availability then register, this by definition isn't atomic, it's a race condition between check and register. You need a way to wrap this in a transaction to prevent the race condition. IRC provides no way to do transactions. Even registering a channel on a network is not atomic because of the potential of netsplits, which is stated in the rfc.
How are networks choosen and distributed? You picked 11 random servers that meet your requirements. If I pick 11 random servers how are their ips shared? Traditionally this is done with DNS but since you are trying to replace this requiring it is odd, how do you stop some one just hijacking your DNS once that problem is solved your scheme becomes pointless.
If you expect everyone to use the same 11 servers this isn't distributed, it's centralised to 11 servers you can't trust.
I think you are under the impression that IRC is distributed and so if you build a secure system on top of it, then the system as a whole will be secure and distributed. The problem is that IRC isn't secure or distributed it's centralised with no Byzantine fault tolerance.
I understand you check multiple channels/networks in an attempt to provide this protection but the underlying servers can do anything they want and there is nothing you can do about that. Finally getting to the point of being on IRC and checking a channel has a lot of attack points none of which are accounted for.
The difficult part of any distributed bysentain tolerant system is the distributed bysentain problem IRC doesn't solve this problem and your scheme outsources it to IRC.
Charcircuit is just telling you the truth you don't want to accept.
> You claim here that there is a cost to creating the domain but rule out Ens because it has a cost? You can't make both claims
It's HN, they don't understand how blinded they are by their bias against blockchain. I see these contradictions all the time and have learned it's pointless to reply.
I see what you're saying but your whole argument seems extremely black and white. It's like: you're saying that because there's a theoretical scenario where every server can over-take a name then the system as a whole isn't valid which just isn't true. A consensus system doesn't need to provide every property of a blockchain for it to be valid. Just good enough security for the problems that it solves.
>You claim here that there is a cost to creating the domain but rule out Ens because it has a cost? You can't make both claims. You can generate Ethereum and buy domains with it much in the same way you do here.
While technically true, your statements about Ethereum are misleading because as you know -- it is impractical for any random person to 'just generate Ethereum' with their computers and use it to pay for transactions. It's like you tried to make a technical argument but over-simplified it too much and left out key details for it to be meaningful.
>IRC is not distributed it's owned by a centralised provider who has complete control,
>IRC has no consensus mechanisms a netsplit would make it trivial to create duplicate channels on the same IRC network.
This is true, but my design uses multiple servers. Netsplits only effect one IRC network. I am using multiple discrete networks. For the purposes of consensus it doesn't effect the software.
>You check channel availability then register, this by definition isn't atomic, it's a race condition between check and register. You need a way to wrap this in a transaction to prevent the race condition.
This is true but its also irrelevant. Either the register function manages to register enough names to meet the minimum threshold for success or it doesn't and the user can choose a different name. The design of the system minimizes such a scenario as unique TLDs, names, and passwords mitigate the potential for conflicts.
>Traditionally this is done with DNS but since you are trying to replace this requiring it is odd, how do you stop some one just hijacking your DNS once that problem is solved your scheme becomes pointless.
Every peer-to-peer application has the same issue including Bitcoin and Ethereum. It's not an issue with DNS. It's that there needs to be an initial way to know details about the network. This is called 'bootstrapping.' For now -- this is done by having a list of server IPs stored inside the software which is uploaded to a few places. Github and Pypi.
>it's centralised to 11 servers you can't trust.
This feel like you're just playing word games that mean nothing. Decentralization refers to network topologies and governmental designs wherein a single authority cannot control a system. Such a property is true about the system I've built by requiring a threshold of servers for agreement. A server doesn't individually have the power to control a name. So no it's not 'centralized.'
>I understand you check multiple channels/networks in an attempt to provide this protection but the underlying servers can do anything they want and there is nothing you can do about that
I think you've managed to miss the point of this design. It does provide a simple consensus mechanism across servers. It is mentioned in the fourth section titled 'How it should work.' I think most of your post is based on the misunderstanding that this system is simply load-balanced and doesn't include a consensus mechanism.
Since you don't use IRC for anything more than an unreliable and easily spoofable key value store, why bother with implementing an IRC client? You could easily write a client server on UDP 58 client sends the key and server replies the value. Create a list of 13 IP we just trust and run your dnssec on top of that? Ez
Because the information needed to lookup a name is equivalent to the information needed to register the name.
>Registered names aren't visible, only their hashes.
But domains are public information. Imagine if in normal DNS anyone could register google.com at any time. Claiming that its not insecure because people don't know google.com exists doesn't make sense.
>names can be registered atomically across IRC servers without revealing what they are directly.
But if someone learns the name they can register it themself. Two people can both claim to be google.com. If a new IRC server is added anyone can create a channel for an existing domain. If your answer to the problem of the same domain being registered by multiple people is that a domain should be both a name and an encrypted nonce you run into the problem where it might be more convienent to just pass over the public key.
>But your usage of the term here is confusing
That is my fault, I assumed this was a permissionless system where any IRC server was permitted to be used instead of a permissioned one.
>Currently there are no such blockchains that have zero transaction fees to use them.
Some cost near $0. A fork of one could be made to do so.
The channel names are unique per server. Knowing the channel name isn't enough to infer what name it represents so you can't just go and register the name on other servers after observing channel names. The only way to know what a channel name represents is to do a lengthy computation for a possible name, tld, password (optional), and server. Depending on uniqueness -- this might not be practical.
The idea of having masked names was only to prevent race conditions in the initial registration process. After the channel names are registered they are unavailable for other attackers to register and since a verifiable delay has to be done on the name to compute it -- there is adequate time to register the name across multiple servers.
A malicious server can reuse a channel name and have it hijacked by an operator. But the system also ties in ECDSA signatures with a basic threshold consensus algorithm across servers. So having a few servers (or even many) wouldn't allow a malicious third-party to compromise a name.
I'm not sure I understand what you mean. One channel is registered per server, for one name. Successful registrations require a super majority of those registrations to succeed. Lookups can be limited to a sub-set as long as the result number is at least greater than the minimum failure threshold for a successful registration.
>Yes, but an attacker can use a different channel name for the same domain.
>An attacker could associate their own key with that domain any number of times
The time lock is pointless then. This is what I meant by random crypto making it hard to understand.
This blog post would be simpler to understand if you started out without any crypto. If I were to write it I would start with the case of a single IRC server. Then explain a channel is a key and the topic is the value. The first person to register a key on a server can control the value. Then to expand this approach to multiple severs you introduce the idea of using a kdf of the key concatenated with the irc server's identity.
The time-lock acts as a way to ensure names aren't revealed the moment channels are registered which would create a race condition where attackers could hijack names by registering them on other servers.
The channel name is something like time_lock(name_meta_data, server_details) -> deterministic channel name based on the parameters passed to the function (output is unique per server.) Just like if you used a hash function you get the same output for the same input. Since the time lock needs a certain amount of compute to elapse (and a certain amount of time to do it) -- it allows time for the name owner to register the appropriate channels on other servers.
Both Alice and Bob check if a name is already registered beforehand. Lets say that both of them see that a name is available and go to register it at the same time. Either both will fail (due to taking X names each) or one will succeed (per the consensus requirements.) The software will indicate the results by checking the channel owner after registration for each server. So you know whether to try register a different name or not. So conflicts can still happen here but they're reduced by having unique TLDs + names, requiring small computations, and checking availability beforehand.
This is a really interesting project! I'm very inclined to get my hands on it and try to use it for something, mainly as a way to circumvent WebRTC traversal. I really have trouble with the TURN server scheme as a way to connect obfuscated machines. That part makes WebRTC feel "decentralized, UNTIL...", whereas your scheme seems more "decentralized, IF NECESSARY...", which feels less like a potential roadblock and more like a potential emergency use-case.
I get why people are concerned about using other people's infra for this kind of thing. But I do see a use-case for that as a backup. I don't think I'd ever implement something like this without running my own server as the enforced source instance for my apps so long as my server was running. If every other IRC server wanted to prevent this kind of scheme from working on their machines, I certainly wouldn't hold it against them. But I imagine that if other people wanted to run a P2P app, they might have their own IRC instances and would be accommodating of my downtime, as I feel like I would be accommodating of theirs. Different strokes, and all, but I definitely see how this would be pretty analogous to regular IRC usage, as far as administration and data, so I don't have any particular grudge against it - at least not without looking at what kind of traffic tsunami it could eventually cause.
Hey people, I wanted to say thanks for all the comments: positive and negative. I've probably written hundreds of thousands of lines of code for projects over the years that had no interest at all. I am fairly good at engineering but very bad at choosing problems to work on. You have no idea how motivating it is for me to even have a single comment on anything I'm working on or thinking about.
No one I know is that technical and I'm not part of any communities that would get a project like this. Most of the time when I share something there are zero comments and it just ends up being invisible. So thanks. This will motivate me to keep working on my main project (p2pd) to make it stable and start writing program that I can run on a daily basis ('dog fooding.')
Although interesting, have to also agree with others that this is bad idea regarding to potentially considered abuse to good-will run servers.
>Here sha3_256 is used again but this time inside hash160. The reason for this is stacking hash functions can help reduce the chances of finding collisions (you would need to find a collision in both functions.)
Don't you only need to find collision in the outer hash function?
Very interesting, thanks for posting. Although by using the Kademlia infrastructure, which is also used by the eMule network, it could be blocked by some ISPs.
Looks like an interesting project. When I was building my library I considered UDP hole punching but decided to focus exclusively on TCP because of how bad UDP is to work with. The issue with UDP is you're going to have to write a poorman's TCP stack on top of it.
The approach used by this library for NAT determination also seems to be an over-simplification of how NATs work in routers (which is the same problem that Libp2p has) and will result in having hole punching code that barely works. Some properties to consider:
- delta type -- this refers to how the NAT assigns external ports for mappings
- delta value -- this refers to any known patterns observed in the mapping
- nat type -- no NAT, UDP firewall, full cone nat, etc
There are special rules for how traversal can be accomplished depending on the variables above. It's quite complex. But supporting it all greatly increases the chance of punching success.
Another issue I see with this library (and this is personal preference) is the massive amounts of re-inventing the wheel (again -- Libp2p and Protocol Labs are notorious for this.) It seems like there are many custom protocols that you've built into your software but most of what you've built is already part of standard Internet protocols (e.g. STUN)
No offense but your table is kind of deceptive. Obviously you can route between anyone if your strategy is to fallback to using a proxy server. Libp2p do the same thing specifically for the same reason [simplistic code.] But the whole point of p2p networking is to not require one. The reason delta enumeration is important is because the information can allow you to support more restrictive NATs without needing a proxy server. It's more work to write the NAT code and more testing but it is worth it.
nope. it's not a fallback server, if you read our docs you'd see it's using another actual peer, but also many of the other cases are not routable in other libraries such as libp2p (which does fall back to servers in most cases).
This kind of thinking is a trap that I see many people fall into. Domains cost money because they have to cost money. Human-friendly names are a scarce resource (there can only be one google.com and one @johnsmith). They have value, and the market tends to reach equilibrium. If a scarce resource costs (or is given away for) less than some people are willing to pay for it, speculators will grab it and resell it for the "right" price. Free domains for everybody actually means free domains for an enterprising businessman who grabs all of them with a simple Python script in 24 hours, and then resells them for $10 a pop. We already see that with normal DNS, short and memorable domain names go for astronomical amounts, but because every registration costs money, registering more unusual domain names if you don't actually have a need for them is not a profitable strategy, and so good enough names can still be registered somewhat cheaply. You need to increase prices to make speculation unprofitable while still remaining affordable to end users. It's a balancing act.
If you don't create the barrier to entry yourself, the barrier to entry will be created for you, and not in a way you like or can control. Such a barrier doesn't have to be monetary, it can be (difficult) proof of work, centralized identity verification and abuse prevention policies, legal consequences for scalping, invitation / vouching requirements etc, but a barrier always exists, whether created by the system developers or the free market.
This only applies at large scales of course, if your system is used by 10 people and all of them trust each other, "grab any name you want for free" is totally fine.