Blockchain Domain Name System: Decentralizing The Web
The present state of blockchain and cryptocurrencies is much like the early-days of the Internet, that is Web 1.0. While there’s an immense potential to change the world, these innovations presently lack the ease-of-use that average users demand. This is a major deterrent to large-scale adoptions of blockchain and cryptocurrencies. Although many are investing in cryptocurrencies, a majority of its existing users don’t have the technical prowess to indulge in the more expansive use-cases of blockchain technology.
Among other factors, the difficulty of identifying and locating resources on the blockchain is a major cause for the aforementioned problems. In Web 1.0, websites and other resources had to be accessed using their exact IP addresses. Similarly, an ordinary address on the blockchain is not easy to remember.
The ordinary blockchain-cryptocurrency naming system fosters the risks of wrong inputs, loss of funds, low access, etc. Identifying these issues, there’s a growing demand for human-readable blockchain-cryptocurrency addresses, similar to the present-day domain names on the internet.
In this article, we discuss the structure and shortcomings of the existing Domain Name System (DNS) that facilitates the World Wide Web. Thereafter, we will discuss blockchain domains as a solution to these problems, while outlining how RIF Name System (RNS) is an alternative that enables the decentralized Web 3.0.
Index
Domain Name System (DNS): The Gateway to the Internet
The Implications of a Centralized DNS Architecture
- Censorship & De-platforming
- Espionage & Privacy Breach
- DNS Attacks & Security Concerns
The Problem of Indecipherable Blockchain Addresses
Blockchain Domain Names and the Pillars of a Decentralized Internet
- Decentralized Websites & Web Apps
- Integrated Decentralized Payments
The Advantages of Decentralized Blockchain Domains
- Censorship Resistance
- Privacy & Ownership
- Unified Cryptocurrency Transfers
- Financial Inclusion
The RIF Directory: IOV Lab’s Innovation in Blockchain Domain Name
The RDP Design & Implementation
Domain Acquisition
- Blind Auctions
- Delegation
- Decentralized Domain Resolution
The Road Ahead for RDP
Conclusion
Domain Name System (DNS): The Gateway to the Internet
Instead of the IP address, you can simply type “www.rsk.co” to visit RSK’s website. Similarly, you can access any other resource hosted on the internet. These names assigned to resources on the WWW are called domain names.
Established in 1983, the Domain Name System or DNS is a public directory of the domain names and IP addresses of resources hosted on the web. DNS Servers are a crucial element of this system and serve the purpose of linking human-readable addresses to computer-readable IP addresses. The process by which the server interprets requests and returns the relevant data is known as DNS Resolution.
In terms of its functioning, the DNS is comparable to a telephone directory. When the user inputs a domain name in the address bar, say www.rsk.co, the browser sends a request to the DNS server asking for the site’s IP address. Upon receiving a reply, the browser again sends an HTTP request to the server hosting this IP address, requesting for the site’s content.
As such, the process occurs in a matter of seconds from the end-user’s perspective and thus offers a seamless experience. However, the existing, centralized model of the DNS architecture has some negative implications for users.
The Implications of a Centralized DNS Architecture
A major factor supporting the centralized web is the centralized DNS architecture. Although the DNS itself is fundamentally a public registry that anybody can access, it is governed by The Internet Corporation for Assigned Names and Numbers (ICANN). The ICANN also oversees permission to Domain Registrars or the bodies that register domain names for the end-user. Consequently, the DNS becomes a central point of failure and control on the internet.
Given the aforementioned process of DNS request and resolution, browsers cannot access any web-based resource unless it successfully receives the relevant information from DNS servers. Traditionally, most DNS servers are centralized data repositories. Thus, in order to control the user’s access to any website, it’s enough to control the primary connection (browser request) with the DNS server. This has several consequences, both for users and website owners.
Censorship & De-platforming
Around the world, resources are being increasingly censored or taken down from the internet. For instance, journalistic websites that speak up against existing regimes are ‘banned’ in several countries. Similarly, several users are denied access to social media, entertainment platforms, and so on, all at the whims of the governing authorities.
The aforementioned censorship that traditional DNS enables is a major threat to freedom of speech and expression. In this system, the people are rendered almost powerless. If and when a website is taken down, users or owners usually don’t have much substantial ways of getting justice. From a users’ perspective, such instances of censorship are also an attack on our right to information.
Espionage & Privacy Breach
By tapping and analyzing the user’s interactions with DNS servers, authorities or service providers can monitor their browsing activities and data. In other words, to keep an eye on what you are doing online, it’s enough to follow your browser’s DNS requests. This involves everything, from breaching personal data to publicly posted opinions.
DNS Attacks & Security Concerns
Even in the absence of authoritative, prying entities as mentioned above, the traditional DNS architecture is prone to hacks and attacks. Despite using firewalls and similar programs that promise “optimal security”, most internet users of the centralized web are exposed to several attack vectors.
Denial of Service (DoS) is a common DNS attack where the attackers flood the network with malicious traffic, thus making the DNS server incapable of catering to actual requests. In turn, this blocks the user from accessing web resources on the said network. DoS attacks can be of several types, including NXDOMAIN attacks, TCP SYNC Floods, and so on.
Another common attack is DNS Poisoning or DNS Spoofing. In these, attackers duplicate a website’s nameserver and feed this information to the DNS server. Consequently, users are directed to a fake website instead of the real one. This could lead to massive losses in user data, money, identity, etc.
The Problem of Indecipherable Blockchain Addresses
By now, we have a clear understanding of how the centralized DNS architecture is problematic for end-users. However, before discussing how blockchain domains solve these issues, there’s another aspect that demands a discussion.
06f1b66ffe49df7fce684df16c62f59dc9adbd3 is an ordinary address on the RSK blockchain. Similarly, the location of assets hosted on any other blockchain platform is represented in the form of indecipherable hashes. This includes cryptocurrencies, tokens, wallets and every other blockchain-based asset.
Presently, if someone has to send cryptocurrencies to their friend, they have to know their 40-character wallet address. Similarly, the receiver has to share this information in order to receive the funds. First, the process is too complicated for most people. Second, the slightest mistake in copying, scanning or entering the address could lead to a permanent loss of the assets being transferred.
On the other hand, if someone wants to find any application deployed on the blockchain network or wants to audit the contract, they need to use similar addresses. Together, these factors significantly hamper the accessibility of blockchain-based systems for average users. In the process, they also open up the space for centralized exchanges and other similar platforms. Although these platforms are driving the overall adoptions of cryptocurrencies and other tokenized assets, they are a fundamental challenge to the principles of decentralization.
Having said that, making blockchain addresses commonly usable is of utmost importance if we are to enable the foundations of a truly decentralized web.
Blockchain Domain Names and the Pillars of a Decentralized Internet
Instead of the traditional .com, .net, or .org extension, blockchain domain names use .crypto, .eth, .bit, and so on. In terms of functioning, they have some basic similarities with traditional DNS as they map individual blockchain addresses to human-readable domain names. However, rather than pointing to centrally located servers, blockchain domains use globally distributed computer networks.
As such, decentralized domains are represented as tokenized assets (usually Non-Fungible Tokens) on the blockchain. In turn, they are mapped to other addresses on the network to which users are directed depending upon their request. Apart from making addresses more accessible, blockchain domains also unify them.
Decentralized Websites & Web Apps
In general, websites and web apps give a tangible, usable form to the Internet. From online search to storing documents on the cloud, end-users inevitably use some website or the other. Thus, in order to have a decentralized internet, it’s imperative to have decentralized websites. In turn, to have truly decentralized websites, we need decentralized domains and decentralized storage systems.
At a structural level, websites are nothing but documents that are interlinked with one another and displayed in a specific order. In addition, we have web applications that allow users to take varied actions on these websites, from filling up forms to watching videos. While interacting with websites, users perform multiple downloading and uploading interactions.
For decentralized websites, the relevant content can be stored securely on the blockchain’s distributed ledger, controlled by the owner using their private keys. In turn, these files can be mapped to a human-readable blockchain domain. When the user pings this domain, they can access the associated website.
Integrated Decentralized Payments
Since blockchain domains are themselves autonomous assets, they can be mapped with cryptocurrency wallets associated with a web platform. In other words, decentralized websites can have their independent, publicly-auditable payment networks. Thus, they can securely process payments from end-users without involving traditional, third-party payment gateways.
These systems can also be used to incentivize micro-tasks on the platform, thus motivating users to generate more traffic for these websites. In this sense, websites can become fully autonomous, self-sustaining ecosystems and offer an enhanced experience for both visitors and platform owners.
The Advantages of Decentralized Blockchain Domains
As discussed in earlier sections, a majority of the problems with the traditional DNS is due to its centralized architecture. On the contrary, blockchain domains are not only decentralized but also secured using cryptographic encryption. This has several advantages, both for the asset owners and their users.
Censorship Resistance
Whereas traditional DNS points browsers to central servers, blockchain domains point to a distributed registry. In this approach, users can retrieve a site’s data from peer devices on the network who are also accessing the same site. For example, if 10 people are visiting the same site, it’s enough for the first few to directly access the blockchain location for the files. The rest can access the data from the peer devices.
Although this isn’t a comprehensive explanation of how blockchain domains work, it serves the present purpose of understanding the benefits. Since there is no central data location or communication pathway, it’s almost impossible to censor blockchain-based domains.
As tokenized assets, blockchain domains are stored in the owner’s wallet, protected by their private key. Thus, only the website owner can take down or deny access to this domain. On the other hand, authorities can censor such domains only through the process of hacking into the owner’s wallet.
Lastly, public blockchain networks don’t have centralized governance by definition. In this sense, there isn’t any internal authority that can enforce censorship on blockchain domain names. It could only be possible if the entire blockchain network is under attack, which is a different issue altogether and is not specific to domains names.
Privacy & Ownership
In the same way as they resist censorship, blockchain domains also enhance the privacy for both domain owners and their visitors. On the one hand, espionage is theoretically impossible with blockchain domains since interactions are P2P and encrypted. Moreover, by holding the private keys to the domain, the owner has complete control over how their site can be accessed and used.
In the above sense, blockchain domains imply groundbreaking advances in the field of intellectual rights and their protection. Since all content is immutably registered on the blockchain and mapped to the domain, duplicacy, piracy and similar actions are ruled out. This is ensured using tamper-proof time stamps and private-key encryption. In turn, this solves certain pertinent ownership concerns relating to resources hosted online.
Unified Cryptocurrency Transfers
Presently, cryptocurrency users have to manage multiple wallets based on the underlying protocols of their tokens. Usually, this involves interacting with and managing multiple addresses as well. Understandably, this is not only cumbersome but also implies several risks. Addresses can be misplaced, lost, misinformed, and so on, each leading to losses for the user. Moreover, users can presently interact with blockchain-based systems only if they have a compatible wallet, thus hindering interoperability.
Using blockchain domains, such issues can be resolved. Each of the crypto wallets that the user owns can be mapped to a single domain. That way, whoever wants to send money can simply use the domain, instead of the specific wallet address. Moreover, this also eliminates the risks of permanent loss of funds due to mistaken addresses. Unlike when sending to wallet addresses, the transaction would simply fail if the given recipient address isn’t mapped to the domain.
As a whole, blockchain domains make cryptocurrency usage much more practical, thus significantly boosting their adoptions. With blockchain domains, we can indeed begin using cryptos for a range of unprecedented purposes and use-cases.
Financial Inclusion
Blockchain domains not only make cryptocurrencies more accessible but also a range of other DeFi applications. In doing so, it paves the path towards greater financial inclusion around the globe, as promised by the Decentralized Finance movement.
Presently, a substantial section of the global population is denied access to financial services as they don’t have the required bank accounts. On the contrary, DeFi systems don’t rely upon intermediaries like banks and are often permissionless environments where anybody can join. Indeed, the individual requires some resources such as internet-enabled devices. Nonetheless, the overall barriers to entry are drastically minimized.
As mentioned earlier, the inaccessibility of blockchain addresses is a greater barrier to DeFi adoption than the lack of resources. Thus, blockchain domains can make decentralized financial applications (dApps) more practically usable, and more importantly, discoverable on blockchain networks. In other words, one could easily find blockchain-based applications as they can find traditional apps on Apple’s app store and the likes.
The RIF Directory: IOV Lab’s Innovation in Blockchain Domain Name
RIF Name Services (RNS), is a DNS-like, but decentralized, blockchain domain naming system. Coupled with other RIF services such as decentralized payments and storage protocols, RNS enables holistic distributed websites, as well as easier cryptocurrency usage.
Some prominent functions of such aliases include payment resolutions, internal fund and data transfers, donation address identification, and above all, of resource locators on the RSK blockchain. In the future, the RNS system can also propel superior blockchain interoperability, in combination with blockchain oracle services such as RIF Gateway.
In the following sections, we take a deeper dive into the crucial aspects of the RIF Directory Protocol (RDP) and the RIF Name Services (RNS).
The RDP Design & Implementation
In terms of designing a robust domain naming system, transparency is a crucial consideration. On one hand, users demand the ease-of-use comparable to traditional domain names, such as purchase, expiry tracking, renewal, and so on. On the other, blockchain domains should be optimally auditable and verifiable, without compromising the security and privacy of the owner, as well as users.
Moreover, the system demands mechanisms to preclude the possibility of name duplication, which could result in costly retribution procedures for the various parties involved. Above all, the RDP should be able to adequately ensure blockchain-cryptocurrency ideals, including censorship resistance, privacy, autonomy, security and control.
Domain Acquisition
Presently, RDP domains use the .rif extension for the Top Level Domains. User can acquire these domains in two ways.
Blind Auctions
The first way of acquiring RDP domains is through sealed-bid auctions or blind auctions, where participants place bids for a particular domain names, without knowing what other participants are bidding. As usual, the higher bidder gets the auctioned domain name, while paying the bid price of the second-highest bidder. In a way, this could be regarded as an added incentive for the winning bidder.
Delegation
The second way is by delegation. In general, this process is applicable for sub-domains, where the primary domain owner (say, for julia.rif) delegates a subdomain—marie.julia.rif—without involving an auction.
Essentially, domain acquisition by delegation involves a transfer of ownership between two consenting parties. It’s crucial to note that the process can occur without involving any overseer or third-party intermediary, since RDP domains are themselves represented as assets on the RSK-RIF network.
Decentralized Domain Resolution
To enable decentralized web and financial interactions, the RDP also includes a decentralized resolution mechanism for blockchain domains. The mechanism can be implemented within dApps and crypto wallets.
The Road Ahead for RDP
A fair protocol, optimal incentivization and abuse reduction are the principles upon which the RDP stands. Nevertheless, IOV Labs strongly believes in the potential for change and evolution. Going forward, a better, more reliable and more scalable solution can replace the existing RDP architecture. Having said that, there are certain avenues in which progress can be made.
Service providers on the network can release opt-in upgrades relating to functionalities, service terms, bug fixes, troubleshooting, and so on. To preserve the ownership of domains, such upgrades would necessarily be backwards compatible.
Traditional DNS users should be able to migrate onto RDP-based domains, through a process that will involve creating matching RDP domains. In the event of conflict with the ICANN, oracle-powered arbitrage mechanisms could be used for decentralized dispute resolution.
Apart from these, there may also be further innovations in protocols enabling encrypted anonymity for RDP users. This will meet the foreseeable demand for hiding payment addresses mapped to the public alias of a given user. Moreover, in the future, there will be a need for new top level domains for the RDP architecture, which can also be bought and sold.
Conclusion
The Domain Name System (DNS) is a foundational pillar of the World Wide Web. Without this system in place, users would have to retrieve web resources using IP addresses, which is an extremely complicated process. However, the traditional DNS is highly centralized.
Decentralized blockchain domain names offer a possible solution to these issues. They also solve another painpoint of the blockchain community, by making user addresses human-readable. Combining these factors, blockchain domains drive the cause for a decentralized web, where users have complete control and autonomy over their data.