This blog is about my musings and thoughts. I hope you find it useful, at most, and entertaining, at least.
Tags: dns p2p dnsp2p crypto
This is a introductory proposal for a P2P DNS based on the existing Bitcoin and Bittorrent networks.
The main goals of this project are:
Let’s assume that I would like to register
% echo -n "example.dnsp2p" | genwallet -a - # Outputs the address 1G2zt786BsvKJXAvTamW3Bds64e6pcQBMx
Let’s also assume I have bitcoin addresses
15R7CsLej8fmyfnPXwJAeQoZoNb5L7sroB with Ƀ1 and
Since the smallest output can be 0.00005430 BTC, we’ll send that much to the address created from the domain name.
Generate a zone file, sign it in cleartext format, and create a .torrent file for the zone. An additional address, J, is created from the info_hash of the .torrent file.
So, the bitcoin transaction would be (note the input and output order):
TxIn: Input1: Address: (Starting Address or Previous Output3) TxOut: Output1: Address: (Address created from domain name) Amount: 0.00005430 Output2: Address: (Address built from info_hash) Amount: 0.00005430 Output3: Address: (New Address) Amount: (Input1's value - tx fee - 2*0.00005430)
TxIn: Input1: Address: 15R7CsLej8fmyfnPXwJAeQoZoNb5L7sroB (from above. Has Ƀ1) TxOut: Output1: Address: 1G2zt786BsvKJXAvTamW3Bds64e6pcQBMx (from domain) Amount: 0.00005430 Output2: Address: 1GS8X5vZTQwMLQQjKkrXM9KPUJQwYji4jL (from sha1 of 'test') Amount: 0.00005430 Output3: Address: 1FZL9EBsFHgaz8ur1nHn9C7fxk7jDkUmVp (from above) Amount: 0.9994914
The transaction fee should be 4 times that of the mintxfee of the reference client (currently 0.0001 BTC). Clients should not accept a transaction as valid without the appropriate transaction fee. mintxfee updated will be published as part of the DNSP2P protocol and referenced back to a block id.
To issue an update to the zone file, the address referenced in Output3 must be used as Input1.
It is also encouraged that you retrieve the BTC from Output1 after submitting the transaction. Output2 has no corresponding private key and hence cannot be retrieved.
Once the transaction has been confirmed, push the zonefile and torrent into the Bittorrent network.
There are 6 steps required to do a lookup. However, once a lookup is done, the zonefile can be cached for up to the shorted TTL in the zonefile.
Using the power of Magnets it’s possible to just grab the info_hash from Output3 and download the torrent file to download signed zone file. The format of the signed zone file is that of a traditional zone file encased in an ASCII-Armored/Cleartext Signature (joking aside: clearsigned documents). The key used to sign is the private key of Input1’s Address (the address being the public key used to authenticate the signature).
The TLSA RR from RFC 6698 is recommended to serve TLS Certificates to clients.
genwallet, is part of the pycoin python package (github pycoin repo).
NB: Any DHT implementation, such as PPSP, would work. I’m using Bittorrent since it’s widely adopted and supported by services such as S3.