Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Optionally mapping names to OpenBazaar GUIDs using Namecoin & DNSChain.

User-friendly names that map to GUIDs have several benefits in the development of a web-of-trust for reputation based in commerce (as put forth by Dionysis: https://gist.github.com/dionyziz/e3b296861175e0ebea4b#pseudonymity). For example, to access specific stores, users send around their GUIDs (as can be seen here: http://www.reddit.com/r/BazaarMarkets/comments/2fjui8/selling_google_glass/). It's easier to remember reputable stores by their user-friendly names.

Here's a proposal to implement such a user-friendly system in OpenBazaar that is acceptably (debatable) decentralized using the Namecoin blockchain (http://namecoin.info/) & DNSChain (https://github.com/okTurtles/dnschain) model & server tools.

Namecoin + DNSChain + OpenBazaar GUIDs.

Namecoin

Namecoin is a decentralized key-value store using blockchain technology. It's been used to map decentralized domains (using .bit) & identities (using namespaces such id or u: https://github.com/opennamesystem/openspecs) amongst other uses. It is the most widely used blockchain for storing uncensorable, decentralized information.

In the case of OpenBazaar, using either some of the existing namespace specifications (such as id or u) or a new namespace specifically to map names to GUIDs are possible. Advantages & Disadvantages of using an existing namespace vs a new namespace is outline later on.

In other words, in the Namecoin blockchain there will be an entry that states: "id/shoestore" and have key value of "{'openbazaar': }". If the correct connecting infrastructure is set up, then within OpenBazaar querying a store with the user-friendly name will pull up the correct store based on the GUID.

To do this in the most secure manner would probably consist of expecting each node to run Namecoin themselves and query it locally. However, this is overkill and cumbersome. An alternative is to use a system such as DNSChain.

DNSChain

DNSChain is a blockchain-based DNS + HTTP server that "makes it possible to be certain that you're communicating with who you want to communicate with, and connecting to the sites that you want to connect to, without anyone secretly listening in on your conversations in between." Here is another short into to it: http://simondlr.com/post/94988956673/an-intro-to-dnschain-low-trust-access-to-definitive

In short, it works by specifying a DNSChain server you trust (from whatever software you choose). When querying say a .bit domain, the software then queries the DNSChain server, asks for the IP address, and then returns it. Additionally, DNSChain servers sign requests to protect against MITM attacks (not yet implemented, but coming soon).

The benefits of DNSChain is such that users don't need to run their own Namecoin instance. They only need to point to a DNSChain server they trust. Additionally, along with published keys, the information that the DNSChain server sends back can be verified.

OpenBazaar Implementation

There are several ways to implement this in OpenBazaar which has to be given thought. A potential idea is to have each store who has set their own DNSChain be propagated through the network so a list of DNSChain servers are available to query. If a user has set their own DNSChain, then it will query that one (as that is the one you trust), but if it is not available, it will find DNSChain servers in the web-of-trust first. If there aren't any available from that, it will use DNSChain servers by querying the network (not entirely sure if this is possible). Those with proof-of-burn is more trust-able.

The great thing about DNSChain within OpenBazaar is that because a web-of-trust exists, if there is any malicious DNSChain server (serving wrong information), it can always be checked from additional sources to up the probability of it matching the correct GUID as set within the Namecoin blockchain.

These are my initial thoughts. I'll have to delve deeper into the code to understand if this possible. Initially, to enable user-friendly names (without having to find DNSChain server in the web-of-trust) would be to simple disable it, and ask users to add their own DNSChain reference?

@taoeffect

This comment has been minimized.

Copy link

@taoeffect taoeffect commented Sep 9, 2014

Yes, aspects of this proposal (at least to make use of DNSChain for nym resolution) seems to have been embraced by the OpenBazaar devs (based on conversations via IRC, the fact that Namecoin is explicitly used, and an existing open issue to use DNSChain).

For my general thoughts on OpenBazaar, how it relates to DNSChain, Namecoin, and other notes, see my review of @dionyziz's paper, starting with this comment:

https://gist.github.com/dionyziz/e3b296861175e0ebea4b#comment-1296163

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment