> Email became Gmail, usenet became reddit, blog replies became facebook and Medium, pingbacks became twitter, squid became Cloudflare, even gnutella became The Pirate Bay
How is that even remotely related to creating a new domain name service?
Does the author really believe in good faith that the centralization of platforms would somehow be reduced or disappear entirely by introducing a new domain name service?
This will literally not change anything. It's not because Facebook started owning facebook.com that they magically became a dominant platform.
It is worth pointing out the distributed systems tend towards centralization over time.
Keeping things decentralized is always going to be an active effort. Fundamentally decentralized vs centralized is also robustness vs efficiency. Anybody with a short returns horizon that hasn't been burned yet prefers efficiency.
The over specification of use case should be a big red flag. Any self-sustaining open and decentralized network capable of hosting a name service will be capable of pushing and storing arbitrary data around - the fact that data can have an owner is core to blockchain, so it's extremely dubious even without digging very deep that Handshake offers something you can't find in a more general platform.
Particularly for any use case where it is important that any user in all circumstances has access to data, it is really important to avoid centralizing forces present in Bitcoin and Ethereum - they were designed to secure blocks, not to secure open access, as plainly evident by their consensus mechanisms which do nothing explicit to reward the routing of data into the network.
This results in sub-optimal outcomes for data routing, but optimal outcomes for producing hash power or collecting large staking pools. If you are seriously interested in a platform which incentivizes and is based around open access and leverages that to gain better security guarantees (time-stamping, public key cryptography, exchange of value) at scale than Bitcoin or Ethereum, read about Saito and its economic foundations.
Out of the gate from [0], as soon as one tries to install it, they are met with this:
Notice: GNUnet is still undergoing major development. It is largely not yet ready for usage beyond developers.
On top of the Linux-focused attitude to this project (GNUnet, GNS, etc) which that is already limiting its usefulness and user friendliness to the average joe, if it is not available on other systems like Windows or macOS how does one even begin to use it?
At the very least it should be accessible via a browser. For Handshake that is accessible with the Beacon Browser. [1] Ethereum Name Service (ENS) domains are accessible via Brave Browser, and Beacon Browser [1]. That gives the impression to general users that it actually works.
I think name servers is one of the best applications for a decentralized ledger. It _can_ work without a central party, and I think it might be better without one. Something like .org controversy might not have happened without a central party.
After watching what happened with cryptocurrencies, NFTs, etc... what gives you hope that building on a blockchain will go any better for name servers?
Frankly, considering how critical the name server infrastructure is, I think it's been remarkably reliable and well run. The .org controversy was a big deal, but for the thirty years I've been online those types of problems stand out because they are so rare.
From a technical perspective it can. But how would you take down domains, resolve disputes like when your domain is taken over by attackers or a lookalike domain is defrauding users that are trying to get to your site. It isn't commercially viable without an authority everyone accepts for name revocation.
God why is this blockchain? If I want to decentralize naming then I want to get away from IANA as the exclusive authority top down, but what it means is I want a reputation/selective trust system not some PoW trash.
i.e. "are you my bank?" It's a question I want answered specifically, in a cryptographically secure fashion by my local government well-known authority, and then my bank.
"Are you the local resistance leaders?" is a question I want answered by a chain of signed pseudonyms with set of revocations being published frequently through anonymous channels.
In both cases, details like "how are TLDs assigned?" should ultimately be in my control, with a convention to establish "normal" practice.
One of those use cases shouldn't be wasting my money running GPU miners, and one of them can't.
Application-level protocols should not be attempting to secure their own consensus mechanisms - it ties the security of the application to the base token.
If you are seeking decentralized naming and certificate authorities you can look at Ethereum and ENS. Besides the eventual transition to Proof-of-Stake, building an application on top of an existing consensus mechanism means that your application will inherit the security of that blockchain.
If you think your scheme will result in a large return on investment you can spend a gigantic amount of money on a domain name and have it make sense. It’s how you have companies parading around with names like “crypto.com” and buying superbowl advertising.
If I could change one thing about root replacement, it would be for a more efficient use of the hierarchical structure of the DNS. The attempt to cram everything into a namespace that is mostly flat is, in my opinion, essentially intractable.
Handshake does use hierarchy like DNS (you can have any levels of subdomains behind the TLD), except it grants you access to the TLD level at affordable price, that is their main selling point. Whereas today you can only be under a TLD like .com or .us for an affordable price.
A very big security problem with current domain certificates is that browsers accept any certificate for any domain, as long as they trust the issuer. There is no concept or notion of who is supposed to have issued the certificate.
How would that work? Add another DNS record? It would have to be out of band as the server cannot be trusted (see HPKP), and DNS itself could just as easily be MITMed as an HTTPS request, often even moreso.
For root replacement the biggest thing I would want is better use of the hierarchical nature of DNS. Trying to squeeze everything into mostly flat namespace is imho fundamentally intractable
The problem they'll have is more and more TLDs are colluding with ICANN's, and Handshake chose to sell "TLDs", plus it is a proof of work blockchain.
Dappy has a .d scoping at the top to avoid collisions, POS blockchain behind it, a co-resolution system (IP addresses and root certificates are always co-resolved), and it allows multi-ownership of names.
Uh, no thanks. If you insist on using a blockchain at least don't make it proof-of-work. It's 2022, and there are plenty of production-ready non-PoW chains out there already. Please stop killing the planet.
PoW makes sense from a first principles approach [1]. I don't see Handshake growing into a trillion dollar network, so the security budget won't be that big, therefore I don't think it will be very energy intensive. Furthermore, if you calculate the economic impact of DNS hacks, the net impact of a decentralised PoW DNS implementation could even be positive.
Wrt to non-PoW system, so far governance for those chains looks closer to a federation (where a few agents control the majority of the network) than to a really decentralised network. In that sense, a proof-of-stake DNS network wouldn't be that different from the current implementation. If such network ever takes off, I wouldn't be surprised if major ISPs, Cloudfare, Google, and a few other players end up owning the majority of the tokens.
[1] Adam Back's 1997 Hashcash, designed to fight email spam and DDOS attacks was based on PoW.
> It's 2022, and there are plenty of production-ready non-PoW chains out there already.
Yeah. Like Solana, Polygon, Helium, Celo, etc? Which they went down. Why would something that operates like a CA, DNS or TLDs be suitable on those 'production-ready' chains? PoW makes sense for this use case.
> Please stop killing the planet.
I agree. I'd rather have something useful burning the planet and is an improvement than something that is burning the planet for the benefit of more surveillance, censorship and spyware (Deep Learning, Machine Learning systems on user data) or something that is not useful at all to the current system. (Bitcoin)
So perhaps we also should look at stopping running broken machine learning / deep learning models continuously on many data centers for 10+ years which that is also incinerating the planet.
If I remember correctly, Handshake came into life somewhere around 2016, and was forked from Bitcoin, hence the reliance on PoW. Seems unlikely to change at this point.
If you'd rather want to use something with PoS, then Ethereum Name Service (https://ens.domains/) is probably your best bet as Ethereum is moving to PoS shortly and is a widely used chain.
Sadly namecheap bought into this, so it’s being forced down the throats of people who don’t quite realize that the domains they can buy on the service can not, and will not ever be usable. It’s pretty obvious to even the most casual of observers that this is just yet another cryptocurrency scheme designed to fleece as many people as possible.
> themselves into ownership of freenode is closely associated
Wonderful. Using a guilt by association to discredit a project due to someone else's involvement rather than critiquing the technology and its goals.
Facebook have been involved with allowing the spread of misinformation, hate crimes, etc and have built systems that use Rust to aid this and are also a platinum member (Amongst other surveillance big tech companies like Microsoft, Google, Amazon, etc) involved with funding the Rust Foundation.
Given that deep association, does that mean you should stop learning and using Rust?
> Email became Gmail, usenet became reddit, blog replies became facebook and Medium, pingbacks became twitter, squid became Cloudflare, even gnutella became The Pirate Bay
While not even accurate, these centralized services became popular and synonymous with their underlyings due to convenience and benefits (eg gmail offering massive storage when it first rolled out; FB deploying its newsfeed which other social media platforms didn’t have at the time; etc)
> True decentralization, no official singular Foundation, Committee, Corporation, or entities in permanent unitary control of the protocol.
And what happens when something inevitably goes wrong without any kind of oversight? Who can course-correct if it has succumbed to say a 51% attack
> Economic incentives enable decentralized agreements to form via a transparent name auction process.
And so beholden to the same hyperfinancialization principles we see now—bid higher to get your blocks mined quicker. Not to mention the 700% spike in fees we saw not long ago.
Add in proof of work and you’ve now got potentially very long waiting times as well, further incentivizing the pay for speed mentality
Mostly just shows that open systems require more resources to develop at as rapid a pace as closed systems.
Email/Usenet were fossilised the day they were born pretty much, we're still living with stupid fixed width lines of text in 2022, people just gave up on replying correctly, and no one could fix usenet spam.
Web apps have instant new version deployment, but are centralised, automatically updating docker containers are probably a half decent solution to a federated network.
The most popular website creation system is Wordpress though, that's mostly open and decentralised
noname120|3 years ago
How is that even remotely related to creating a new domain name service?
Does the author really believe in good faith that the centralization of platforms would somehow be reduced or disappear entirely by introducing a new domain name service?
This will literally not change anything. It's not because Facebook started owning facebook.com that they magically became a dominant platform.
blamestross|3 years ago
Keeping things decentralized is always going to be an active effort. Fundamentally decentralized vs centralized is also robustness vs efficiency. Anybody with a short returns horizon that hasn't been burned yet prefers efficiency.
heywoodlh|3 years ago
(Just kidding, I totally agree with your point)
mattwilsonn888|3 years ago
It is also worth noting that the coins behind this project have been mined since February 2020. https://e.hnsfans.com/blocks?page=6517
Particularly for any use case where it is important that any user in all circumstances has access to data, it is really important to avoid centralizing forces present in Bitcoin and Ethereum - they were designed to secure blocks, not to secure open access, as plainly evident by their consensus mechanisms which do nothing explicit to reward the routing of data into the network.
This results in sub-optimal outcomes for data routing, but optimal outcomes for producing hash power or collecting large staking pools. If you are seriously interested in a platform which incentivizes and is based around open access and leverages that to gain better security guarantees (time-stamping, public key cryptography, exchange of value) at scale than Bitcoin or Ethereum, read about Saito and its economic foundations.
p4bl0|3 years ago
rvz|3 years ago
At the very least it should be accessible via a browser. For Handshake that is accessible with the Beacon Browser. [1] Ethereum Name Service (ENS) domains are accessible via Brave Browser, and Beacon Browser [1]. That gives the impression to general users that it actually works.
[0] https://www.gnunet.org/en/install.html
[1] https://impervious.com/beacon
tux2bsd|3 years ago
https://www.gnunet.org/en/install.html
> It is largely not yet ready for usage beyond developers.
Still in development, not ready for average joe.
lekevicius|3 years ago
criddell|3 years ago
Frankly, considering how critical the name server infrastructure is, I think it's been remarkably reliable and well run. The .org controversy was a big deal, but for the thirty years I've been online those types of problems stand out because they are so rare.
badrabbit|3 years ago
XorNot|3 years ago
i.e. "are you my bank?" It's a question I want answered specifically, in a cryptographically secure fashion by my local government well-known authority, and then my bank.
"Are you the local resistance leaders?" is a question I want answered by a chain of signed pseudonyms with set of revocations being published frequently through anonymous channels.
In both cases, details like "how are TLDs assigned?" should ultimately be in my control, with a convention to establish "normal" practice.
One of those use cases shouldn't be wasting my money running GPU miners, and one of them can't.
rvz|3 years ago
It's very interesting to see Namecheap, Gateway.io, Encirca, etc use it and its very surprising to see some ICANN TLDs being claimed on Handshake.
[0] https://news.ycombinator.com/item?id=21611677
noname120|3 years ago
I'm not very convinced about the upside-downside ratio of this implementation though
But it has the merit of being a blockchain use that isn't complete non-sense.
substation13|3 years ago
whatisweb3|3 years ago
If you are seeking decentralized naming and certificate authorities you can look at Ethereum and ENS. Besides the eventual transition to Proof-of-Stake, building an application on top of an existing consensus mechanism means that your application will inherit the security of that blockchain.
easrng|3 years ago
formerly_proven|3 years ago
tiborsaas|3 years ago
My guess would be it was in the $3-8k range.
tnzk|3 years ago
RL_Quine|3 years ago
lionkor|3 years ago
AndrianV|3 years ago
fabco|3 years ago
andrew-jack|3 years ago
lizardactivist|3 years ago
rhyselsmore|3 years ago
CAA records provide some extra defence (https://en.m.wikipedia.org/wiki/DNS_Certification_Authority_...).
It’s not perfect, but it’s getting better.
dotancohen|3 years ago
zokier|3 years ago
globalreset|3 years ago
fabco|3 years ago
Dappy has a .d scoping at the top to avoid collisions, POS blockchain behind it, a co-resolution system (IP addresses and root certificates are always co-resolved), and it allows multi-ownership of names.
Worth checking out https://dappy.tech/
jedimind|3 years ago
daenney|3 years ago
kouteiheika|3 years ago
Uh, no thanks. If you insist on using a blockchain at least don't make it proof-of-work. It's 2022, and there are plenty of production-ready non-PoW chains out there already. Please stop killing the planet.
josu|3 years ago
Wrt to non-PoW system, so far governance for those chains looks closer to a federation (where a few agents control the majority of the network) than to a really decentralised network. In that sense, a proof-of-stake DNS network wouldn't be that different from the current implementation. If such network ever takes off, I wouldn't be surprised if major ISPs, Cloudfare, Google, and a few other players end up owning the majority of the tokens.
[1] Adam Back's 1997 Hashcash, designed to fight email spam and DDOS attacks was based on PoW.
rvz|3 years ago
Yeah. Like Solana, Polygon, Helium, Celo, etc? Which they went down. Why would something that operates like a CA, DNS or TLDs be suitable on those 'production-ready' chains? PoW makes sense for this use case.
> Please stop killing the planet.
I agree. I'd rather have something useful burning the planet and is an improvement than something that is burning the planet for the benefit of more surveillance, censorship and spyware (Deep Learning, Machine Learning systems on user data) or something that is not useful at all to the current system. (Bitcoin)
So perhaps we also should look at stopping running broken machine learning / deep learning models continuously on many data centers for 10+ years which that is also incinerating the planet.
pjc50|3 years ago
lfkdev|3 years ago
intothemild|3 years ago
unknown|3 years ago
[deleted]
capableweb|3 years ago
If you'd rather want to use something with PoS, then Ethereum Name Service (https://ens.domains/) is probably your best bet as Ethereum is moving to PoS shortly and is a widely used chain.
daenney|3 years ago
> The full node daemon, hsd, is written in Javascript and is a fork of bcoin.
Personally, not the future I’m looking for.
RL_Quine|3 years ago
unknown|3 years ago
[deleted]
eptcyka|3 years ago
oarsinsync|3 years ago
badrabbit|3 years ago
rvz|3 years ago
Wonderful. Using a guilt by association to discredit a project due to someone else's involvement rather than critiquing the technology and its goals.
Facebook have been involved with allowing the spread of misinformation, hate crimes, etc and have built systems that use Rust to aid this and are also a platinum member (Amongst other surveillance big tech companies like Microsoft, Google, Amazon, etc) involved with funding the Rust Foundation.
Given that deep association, does that mean you should stop learning and using Rust?
unknown|3 years ago
[deleted]
rasengan|3 years ago
[deleted]
rajman187|3 years ago
https://www.crunchbase.com/organization/handshake-2
Meanwhile, the claims on this website:
> Email became Gmail, usenet became reddit, blog replies became facebook and Medium, pingbacks became twitter, squid became Cloudflare, even gnutella became The Pirate Bay
While not even accurate, these centralized services became popular and synonymous with their underlyings due to convenience and benefits (eg gmail offering massive storage when it first rolled out; FB deploying its newsfeed which other social media platforms didn’t have at the time; etc)
> True decentralization, no official singular Foundation, Committee, Corporation, or entities in permanent unitary control of the protocol.
And what happens when something inevitably goes wrong without any kind of oversight? Who can course-correct if it has succumbed to say a 51% attack
> Economic incentives enable decentralized agreements to form via a transparent name auction process.
And so beholden to the same hyperfinancialization principles we see now—bid higher to get your blocks mined quicker. Not to mention the 700% spike in fees we saw not long ago.
Add in proof of work and you’ve now got potentially very long waiting times as well, further incentivizing the pay for speed mentality
mavhc|3 years ago
Email/Usenet were fossilised the day they were born pretty much, we're still living with stupid fixed width lines of text in 2022, people just gave up on replying correctly, and no one could fix usenet spam.
Web apps have instant new version deployment, but are centralised, automatically updating docker containers are probably a half decent solution to a federated network.
The most popular website creation system is Wordpress though, that's mostly open and decentralised
unknown|3 years ago
[deleted]
felixbennett|3 years ago