
Decentralized DNS with the Handshake Naming System - rasengan
https://www.privateinternetaccess.com/blog/2019/08/private-internet-access-users-can-now-resolve-internet-names-with-the-handshake-naming-system-hns/
======
danShumway
The article and Namebase faq go into some details, but just so I understand,
what are the practical effects of this beyond decentralization?

\- If I buy a TLD, will I own it in perpetuity, even after I die?

\- If we're encouraging people to register their own TLDs, won't we run into
the same limited-name/squatter problems as normal domains? I get that names
are being released at a trickle, but that seems like it would just put off the
problem a bit.

\- Is this going to have the same environmental problems as Bitcoin, or will
having fewer transactions mean that's less of an issue?

\- Is Brave the only browser looking into this, or are we also seeing buy-in
from browsers like Firefox and Chrome?

I'll read through whitepaper and learn the details, but if possible I'd like
to know if it's worth my time to do so.

I'm not necessarily feeling great about the idea of having separate TLDs for
every site, but I'll admit there is something attractive about being able to
register 1 TLD as a namespace, one time, and then using subdomains for every
other site I ever make. It's just not clear to me how that system would scale.

~~~
troquerre
I work at Namebase.The other comments address most of your questions, but just
to add on: the 52 week rollout will help significantly with preventing
squatters. Handshake has designed some other mechanisms that prevent
squatting. The first is that the Alexa top 100k domains have been pre-
registered (only facebook.com can register .facebook on Handshake). This
ensures that existing domain stakeholders can transition to Handshake without
worrying about their name being squatted on.

Second, Handshake is airdropping 70% of the mainnet coins to open-source
developers. If you have over 15 followers on GitHub, you can claim around
$400-800 of Handshake coins (HNS) with no strings attached. Not only will this
give developers an incentive to check Handshake out, but also this ensures
that the bidding power is spread out at launch. Without this mechanism, a
whale could spend $10mm on HNS at launch and outbid everyone.

~~~
LyndsySimon
> If you have over 15 followers on GitHub, you can claim around $400-800 of
> Handshake coins (HNS) with no strings attached.

How will one go about this? I'm interested, if only for the purpose of
claiming a few domains that I have a personal interest in.

~~~
troquerre
You can use [https://github.com/handshake-org/hs-
airdrop](https://github.com/handshake-org/hs-airdrop) to claim your coins on
the testnet. You’ll have to repeat the process once the mainnet launches.

If you want an easier way to claim and use your coins I can also add you to
our private beta for Namebase.io. Just ping me at tieshun at namebase.io.

~~~
xur17
There was a post on HN about a year ago announcing Handshake, with an option
to signup for the airdrop with your github account, irc account, etc.

Do you know if these users will still receive the tokens they signed up for?
Should these tokens show up on testnet?

~~~
troquerre
You should have received a seed phrase as part of that airdrop. You'll be able
to use that seed phrase to claim your tokens on the testnet and mainnet. Ping
me at tieshun at namebase.io if you want to try things out on testnet — I'm
happy to walk you through it.

------
mugsie
Yeah, because I want to have to mine a token every time I update my DNS
settings. -_-

I get the "global, transparent, append only log" appeal, but for the reality
of most people, I don't want to rely on a blockchain converging, or processing
my update in a certain amount of time.

And that doesn't even cover companies (I don't agree with this, but it is a
reality), that consider DNS entries private, and don't want to expose an
easily scannable list of DNS entries .

~~~
deweller
If this gains traction, you will be able to pay a service provider a fee to
update DNS entries for you. This is like the current system used by
registrars. You don't need to care if it is powered by a blockchain in the
background if you don't want to.

I think it is great to have an alternative DNS system that is more censorship
resistant.

~~~
mugsie
> you will be able to pay a service provider a fee to update DNS entries for
> you.

So every time I add a new LB, or cycle out an environment I have to pay
someone? And then wait for them to process the chain to publish the result?

Remind me, what did etherium get to for transactons to clear? 20 something
hours? That is not something I want when I am trying to redirect traffic from
either a set of NS records that are broken, or if I host the full zone in the
chain, a broken AWS / Azure region.

Combine the time to wait for caches to refresh on the internets (better these
days, but still longer than people would like), with waiting for a blockchain
to publish my new records, and you have ops people in pain.

DNS is already one of the largest fault tolerant, eventually consistent,
cachable, federated, and globally distributed key value databases ever to
exist - we don't need to add blockchain to the mix.

~~~
tynes
Handshake is for top level domains. You can do quick updates using traditional
DNS infrastructure at a domain underneath a Handshake top level domain. The
benefit is that you have a cryptographic asset representing the top level
domain, the root of trust comes from you, value can accrue in the asset
itself, its tradable with non interactive atomic swaps and is censorship
resistant.

------
crediblewitness
This is another Handshake protocol FAQ targeted at technical folks
[https://github.com/handshake-org/handshake-
org.github.io/blo...](https://github.com/handshake-org/handshake-
org.github.io/blob/0a3659f574d618295ecef4bab590419fbb99da49/src/guides/protocol.md)
(FYI this is a file currently staged in a pull request to the handshake docs
repo on github)

------
troquerre
As an FYI for HN, many of y'all are probably eligible for $400-800 of
Handshake coins (HNS). Handshake is airdropping coins to open-source
developers to incentivize them to check out the project. If you have over 15
followers on GitHub you can use this tool to claim coins. This is a no-
strings-attached giveaway so if you want to you can also sell your coins but
it'd be worth it to bid on your name before you do. You can also reach out to
me at tieshun at namebase.io if you have questions about the airdrop or
Handshake itself.

[https://github.com/handshake-org/hs-airdrop](https://github.com/handshake-
org/hs-airdrop)

~~~
YCuN4M00v33odS
Where do I get this bech32 address?

~~~
troquerre
You can generate one with a Handshake client. If you’d like help with the
process and an easy way to use your coins ping me at Tieshun at Namebase.io

[https://github.com/handshake-org/hsd](https://github.com/handshake-org/hsd)

------
ryandvm
Kind of unrelated, but if there was ever a viable use case for blockchain
beyond anarchist payment systems, it seems like it would be DNS.

~~~
T1glober
The closest thing there is right now would be ENS - the E stands for Ethereum.

ENS domain names can mainly be used for payment for now, so I'd be sending
crypto to [domain].eth where the advantage is having a readable address
instead of a random-looking string.

You can also host web pages on it (which I believe is helped by their IPFS)
but that has seen limited use as of yet.

~~~
troquerre
I work at Namebase. Handshake is compatible with ENS actually because
Handshake has reserved .eth for ENS names. Since Handshake decentralizes the
top-level namespace, Handshake can serve as a gateway to other naming systems
like ENS and Namecoin.

~~~
justinmchase
Um, please tell me more :)

It can do that or it does do that? Also, ENS doesn't typically resolve to an
IP but instead a swarm hash or a block address, what would end up resolving in
those cases?

~~~
tynes
The way the the ENS integration would work is the DNS request for vitalik.eth
would end up at a Handshake Authoritative Name Server and then there are
certain blacklisted top level domains (.onion, .tor, .i2p, .bit and a few
others) where a client for that protocol is instantiated and then a request is
sent out to the appropriate system and then the response would be formatted
into a DNS query by the Handshake Name Server and sent back to the client.

Not implemented yet, but this is where one would implement it
[https://github.com/handshake-
org/hsd/blob/master/lib/dns/ser...](https://github.com/handshake-
org/hsd/blob/master/lib/dns/server.js#L52) [https://github.com/handshake-
org/hnsd/blob/master/src/ns.c#L...](https://github.com/handshake-
org/hnsd/blob/master/src/ns.c#L323)

------
ryacko
If something is worth stealing, then it would be. The majority of code isn’t
infrastructure quality (equivalent to setting cement and leaving it there for
a hundred years with minor maintenance). Until then, the technical flaws must
be balanced with collective governance.

(Incidentally, cement with such long lifespans were widely used during the
Roman Empire)

------
DeepYogurt
The title is a bit misleading. This is not an alteration to the DNS system,
but rather a brand new naming system.

~~~
rasengan
> This is not an alteration to the DNS system, but rather a brand new naming
> system.

The existing TLDs will continue to be held by the existing TLD holders. So, as
an example, news.ycombinator.com will still work!

This is truly a drop-in replacement of the DNS ROOT giving power back to the
people.

------
tittysprinkles
This all looks and sounds really great but I have one big question. If this
requires a proof of work chain, why not just build it on top of Bitcoin?

Then you wouldn't have to convince people to spin up a new node for a separate
chain. This seems like an obvious choice to take advantage of Bitcoin's
network effects and inherent chain security.

You could even lock up some bitcoin and issue bitcoin-backed Handshake tokens
and continue operations as normal.

------
linsomniac
Namecoin seemed like an interesting idea for decentralized registration, has
it gone anywhere in the years I haven't been following it?

~~~
SkyMarshal
Not really. One problem is most of the good names got taken by squatters right
out of the gate, like hundreds of thousands of them - irl trademarks, all the
nouns in the dictionary bought by one guy, etc. Mainstream business will never
adopt it for that reason, so its growth is inherently capped and most crypto
natives ignore it.

~~~
troquerre
I work at Namebase, which is a domain registrar and on-ramp for Handshake.
That’s what makes Handshake so compelling imo. There are a lot of mechanisms
that prevent squatting: bids are locked up until auctions finish, so squatters
need to pick and choose where they allocate coins. Furthermore, names are
rolled out over a 52 week period (hash of the name mod 52), which means that
there will still be a lot of good names available 6 months into launch. And
the Alexa top 100k domains have been pre-registered, in addition to the
blacklisted ICANN TLDs, so that only facebook.com can register .facebook.
Finally, 70% of the coins are being airdropped to developers so the bidding
power will be evenly distributed from the start — it’ll be difficult for a
whale to buy up $10mm of Handshake coins and outbid everyone.

------
justinmchase
Thats cool.

Also ENS (Ethereum Name Service) on the ethereum block chain is really cool,
though its more for resolving to swarm hashes or block addresses... which are
for decentralized documents and apps.

[https://manager.ens.domains/](https://manager.ens.domains/)

------
briatx
DNS has always been decentralized. I mean, first sentence on wikipedia:

> The Domain Name System (DNS) is a hierarchical and decentralized naming
> system for computers, services, or other resources connected to the Internet
> or a private network.

~~~
deweller
From the article:

> While DNS is already fairly decentralized, the centralization exists because
> of ICANN’s gatekeeper control .... ICANN ultimately has control over what
> internet names are acceptable – and serves as a singular point of failure.

~~~
jude-
Nothing stops you or anyone from running your own DNS root. The "hard part" of
making a global DNS deployment operational isn't developing the technology;
it's getting everyone to agree on all the particulars of the deployment.

~~~
concert-gilled
> Nothing stops you or anyone from running your own DNS root

That is what this is doing.

> Handshake is a decentralized, permissionless naming protocol compatible with
> DNS where every peer is validating and in charge of managing the root zone
> with the goal of creating an alternative to existing Certificate
> Authorities. Its purpose is not to replace the DNS protocol, but to replace
> the root zone file and the root servers with a public commons.

\- [https://handshake.org/](https://handshake.org/)

------
dang
Related from last year:
[https://news.ycombinator.com/item?id=17673922](https://news.ycombinator.com/item?id=17673922)

------
skrowl
Sounds like BitTorrent DHT, but for DNS. Is that the right take?

~~~
pinhead26
Not really, the DNS data is stored in a new data structure called an "Urkel
Tree" that offers small proofs and fast lookup times. Full nodes (that archive
and process the entire blockchain) can serve these proofs to light clients
that use the data to recursively resolve DNS.

