Calls: Send in your ideas. Deadline April 1, 2024
logo
hex
Resources
Source code :
https://github.com/namecoin
Talk
Matrix
Internet Relay Chat (IRC)
Wikipedia
Wikipedia
Website
More info available :
https://namecoin.org
Grant
Theme fund: NGI0 Discovery
Start: 2020-10
End: 2022-10

Namecoin: ZeroNet and Packaging

Make ZeroNet work with Namecoin

Namecoin provides a decentralized naming system and trust anchor. Its flagship use-case is a decentralized top-level domain (TLD) which is the cornerstone of a domain name system that is resistant to hijacking and censorship. Among other things, this provides a decentralized trust anchor for Public Key Infrastructure that does not require third party trust. It operates independent from the DNSSEC root trust chain, and can thus offer additional security under some circumstances. ZeroNet is a decentralized web-like network of peer-to-peer users, which provides an alternative to TOR hidden services. In the project, Zeronet will be adapted to support a local Namecoin client, and provide additional assurances such as a Host Header-like mechanism to protect users from spoofing. Namecoin will be used as a human-readable naming layer for Tor onion services and ZeroNet sites. This eliminates the user problem of pseudorandom, unmemorable website addresses for onion services and ZeroNet sites, which can facilitate phishing attacks.

Why does this actually matter to end users?

If you want to look something up online, send an email to a friend or read the morning news, your computer panics and starts asking for help. How does it know where to retrieve or send anything? Luckily, it is connected to the domain name system. This naming system has been translating names users can remember (like ngi.eu or NLnet.nl) into numbers (or with a fancy word: addresses). Your computer has such a unique number itself, but it needs the numbers of the other computers you want to interact with to connect. You probably use domain names every day, whether you type in the address of a website, listen to a podcast or send an email.

It is called a domain name system for a reason, because it comprises more than just a naming convention. Getting a domain name involves talking to a lot of different computers. Your computer or phone basically doesn't know much about the world. One thing it does know, is how to ask that question to other, specialised computers. These computers actually also probably don't know themselves, unless they have recently answered the same question for another user. Names can change really fast for good reasons, so you would need to refresh this data a lot - otherwise users could end up on the wrong computer. The computers you sent your question to, thus pass the question on to other computers - and so forth. After just a few steps, some of the computers that were consulted get parts of the answer we were looking for. And at some point in time, the domain name system will have the entire answer. The magic happens so fast, most people are not even aware how complex this is. For them it "just works". One disadvantage: many other computers have learned something about us, about who we interact with and about our interests - in an neatly labeled way. Someone is connecting to derspiegel.de or globaleaks.com. The more unique your question, the deeper the digging inside the DNS - and the more it stands out.

Domain names are at present a critical component for users, and so also a critical point of failure and a choke point. Without functioning DNS, most people will have a hard time finding basically anything on the network of networks. There have been cases where for instance a Spanish company got their domain name taken away, even though what they did inside Europe for European citizens was legitimate here. But not in the USA. And since the organisations that handle the .org, .com and .net domain names are based in the USA, these could be forced to remove these names from the DNS.

When DNS was designed, neither security nor resilience was that much of a concern for most users. The internet in its early days was not yet 'open to the public'. This of course has changed dramatically. The massive use of the internet and thereby our dependency on DNS has highlighted very important privacy and security issues with the design of DNS. At present, it is is not always capable of preventing misleading users nor can it prevent some leakage of what users do, who they talk to and where they go.

To solve these recurring issues with domain names, we could switch from the trust-based setup of stakeholders and decision making organizations to a trustless space. No central points of authority that get to decide who does what with a domain name and whether they are, by their standards, trustworthy enough to be reachable. Instead Namecoin uses blockchain technology to provide a decentralized DNS which already offers a decentralized top-level domain (.bit) that is resistant to hijacking and censorship. This project will use these unique properties for ZeroNet, network of peer-to-peer users that are not identified by a public IP address, but by their public key, specifically a bitcoin address. As these addresses are not readable, just like Tor onion services are not readable (think of www.expyuzz4wqqyqhjn.onion for torproject.org) this raises issues of accessibility and misuse. Namecoin can add a human-readable layer to make these anonymity networks more usable and protecting against phishing attacks.

Run by The Namecoin Project

Logo NLnet: abstract logo of four people seen from above Logo NGI Zero: letterlogo shaped like a tag

This project was funded through the NGI0 Discovery Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 825322.