Bitcoin Forum
October 26, 2020, 11:28:12 AM *
News: Latest Bitcoin Core release: 0.20.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 [4] 5 6 7 »  All
  Print  
Author Topic: Namecoin was stillborn, I had to switch off life-support  (Read 45898 times)
snailbrain
Legendary
*
Offline Offline

Activity: 1800
Merit: 1009



View Profile
October 15, 2013, 06:16:04 PM
 #61


there are also some other bugs as pm'd by libcoin.. please wait before updating.. there will be an official announcement eventually/soon

also namecoin-qt is NOT the official repo

1603711692
Hero Member
*
Offline Offline

Posts: 1603711692

View Profile Personal Message (Offline)

Ignore
1603711692
Reply with quote  #2

1603711692
Report to moderator
The forum strives to allow free discussion of any ideas. All policies are built around this principle. This doesn't mean you can post garbage, though: posts should actually contain ideas, and these ideas should be argued reasonably.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
becoin
Legendary
*
Offline Offline

Activity: 2730
Merit: 1083



View Profile
October 15, 2013, 06:24:21 PM
 #62

I agree with theymos on this: the next namecoin should be implemented on top of the bitcoin blockchain.
I disagree. If bitcoin fails everything based on bitcoin blockchain will also fail. Diversity in alt blockchains is the best chance for success.
snailbrain
Legendary
*
Offline Offline

Activity: 1800
Merit: 1009



View Profile
October 15, 2013, 06:36:30 PM
 #63

old post.. obviously was a long time ago and things have probably changed

https://bitcointalk.org/index.php?topic=1790.msg28696#msg28696

justusranvier
Legendary
*
Offline Offline

Activity: 1400
Merit: 1006



View Profile
October 15, 2013, 06:45:55 PM
 #64

I disagree. If bitcoin fails everything based on bitcoin blockchain will also fail. Diversity in alt blockchains is the best chance for success.
Diversity in blockchains weakens all of them.

If your threat model included nation-state level attackers, your only chance of success is to have the highest possible hash rate protecting it. Splitting the processing power over a bunch of diverse blockchains increases the probability that each one will fall in succession because none of them have enough hashing power to survive the attack.
Peter Todd
Legendary
*
Offline Offline

Activity: 1106
Merit: 1051


View Profile
October 15, 2013, 06:57:56 PM
Merited by Foxpup (2)
 #65

If your threat model included nation-state level attackers, your only chance of success is to have the highest possible hash rate protecting it. Splitting the processing power over a bunch of diverse blockchains increases the probability that each one will fall in succession because none of them have enough hashing power to survive the attack.

Note that Namecoin is merge-mined, so splitting hashing power isn't directly a valid criticism. Rather the criticism is that Namecoin miners don't benefit from mining namecoin as directly as Bitcoin miners, screwing up the incentives, and because merge-mining is pretty much free for the miner so there isn't the incentive to mine properly. Both problems lead to Namecoin being less secure than it would be had it been designed to work on top of the Bitcoin blockchain.

justusranvier
Legendary
*
Offline Offline

Activity: 1400
Merit: 1006



View Profile
October 15, 2013, 07:00:38 PM
 #66

Note that Namecoin is merge-mined, so splitting hashing power isn't directly a valid criticism.
I was speaking in general, not specifically Namecoin. I don't think merge mining is what people mean when they talk about blockchain diversity anyway.
becoin
Legendary
*
Offline Offline

Activity: 2730
Merit: 1083



View Profile
October 15, 2013, 07:04:15 PM
 #67

Splitting the processing power over a bunch of diverse blockchains increases the probability that each one will fall in succession because none of them have enough hashing power to survive the attack.
If only they use the same hash algo. Fortunately, alt coins are using totally different or heavily modified hash algos and this is why they are alts not clones.
justusranvier
Legendary
*
Offline Offline

Activity: 1400
Merit: 1006



View Profile
October 15, 2013, 07:06:31 PM
 #68

If only they use the same hash algo. Fortunately, alt coins are using totally different or heavily modified hash algos and this is why they are alts not clones.
That's exactly what causes the vulnerability.
amincd
Hero Member
*****
Offline Offline

Activity: 772
Merit: 500


View Profile
October 15, 2013, 07:12:04 PM
 #69

Thank you for finding this bug OP. It appears to be confirmed in the Namecoin forum.


If only they use the same hash algo. Fortunately, alt coins are using totally different or heavily modified hash algos and this is why they are alts not clones.

A >50% attack is an economic attack. If you have the economic resources of honest miners split among different blockchains, an attack can focus on one at a time to take them out, and need fewer resources to successfully execute, as each network would have a lower hashrate than a single, non-fragmented network would have.

Combining all efforts in one blockchain (or several merge-mined blockchains) means that the threshold for a successful attack is higher, reducing the number of organizations that have the resources to be capable of executing it. In the case of POW security, scale is a major advantage.

Anyway, IMHO, Namecoin, while perhaps not perfect, has been running for a couple of years, already has a large community (relatively speaking) involved in it, and, for these reasons, is the best shot we have at a decentralized DNS. This bug is critical but fixable from what I've gathered.
becoin
Legendary
*
Offline Offline

Activity: 2730
Merit: 1083



View Profile
October 15, 2013, 07:15:08 PM
 #70

If only they use the same hash algo. Fortunately, alt coins are using totally different or heavily modified hash algos and this is why they are alts not clones.
That's exactly what causes the vulnerability.
What do you mean? Bitcoin's hash algo is the best one and must be kept unchanged forever?!
becoin
Legendary
*
Offline Offline

Activity: 2730
Merit: 1083



View Profile
October 15, 2013, 07:27:45 PM
 #71

Combining all efforts in one blockchain (or several merge-mined blockchains) means that the threshold for a successful attack is higher, reducing the number of organizations that have the resources to be capable of attacking it.
Same higher threshold that leads bitcoin mining into absolute centralization?

This is not the way life survived on planet Earth. The key to a successful ecosystem is diversity not uniformity!
iddo
Sr. Member
****
Offline Offline

Activity: 360
Merit: 250


View Profile
October 15, 2013, 07:35:24 PM
 #72

Anyway, IMHO, Namecoin, while perhaps not perfect, has been running for a couple of years, already has a large community (relatively speaking) involved in it, and, for these reasons, is the best shot we have at a decentralized DNS. This bug is critical but fixable from what I've gathered.

If Namecoin is the best shot we have at a decentralized DNS then that's bad news, because the Namecoin protocol wasn't well thought through and therefore it doesn't really enable a decentralized DNS, see here:
https://bitcointalk.org/index.php?topic=233997.msg2534114#msg2534114
https://en.bitcoin.it/wiki/User:Gmaxwell/namecoin_that_sucks_less
Rassah
Legendary
*
Offline Offline

Activity: 1680
Merit: 1032



View Profile WWW
October 15, 2013, 08:06:25 PM
 #73

If Namecoin is the best shot we have at a decentralized DNS then that's bad news, because the Namecoin protocol wasn't well thought through and therefore it doesn't really enable a decentralized DNS, see here:
https://bitcointalk.org/index.php?topic=233997.msg2534114#msg2534114
https://en.bitcoin.it/wiki/User:Gmaxwell/namecoin_that_sucks_less

Is there such a thing as a thin client DNS server? I can't think of any way to store an entire database on IPs and domain names in a thin client...

Peter Todd
Legendary
*
Offline Offline

Activity: 1106
Merit: 1051


View Profile
October 15, 2013, 08:49:34 PM
 #74

Is there such a thing as a thin client DNS server? I can't think of any way to store an entire database on IPs and domain names in a thin client...

Yes - you make it possible for someone else to store it and provide you a cryptographic proof that what they gave you was correct. This lets you distribute the actual data with any number of solutions.

Namecoin doesn't do this, so unless you have the full namecoin database you have no idea if a given DNS name->ip mapping was correct.

d'aniel
Sr. Member
****
Offline Offline

Activity: 461
Merit: 250


View Profile
October 15, 2013, 09:03:19 PM
Last edit: October 15, 2013, 09:13:36 PM by d'aniel
 #75

I might as well pile on too while we're all at it Smiley  Just some thoughts I've been having about this problem I wanted to share.

Using namecoin strings alone as identities is clearly crazy - they're first come first serve, and anyone can come and register one after you whose typesetting only very subtly different, opening the door for phishing.  So you need a PKI built on top, which is much more difficult to do than namecoin itself.  Not to mention, as retep did earler ITT, it can't do lightweight clients without trust.  Even with the complex UTXO commitments he mentioned, you have to trust that miners won't rewrite history (because lightweight clients won't be able to check a UTXO proof for every block for every name they're interested in).

If we slightly temper our expectations of a secure, decentralized naming system, then we can solve these problems very easily (or define them away, depending on how you look at it).  And the result is Good Enough IMHO.  Essentially, if we give up on names being meaningful (but still keep them short, pronounceable and memorable) then they can be used alone securely as identities - no PKI needed.  The idea is that there are a relatively small number of transactions in the Bitcoin blockchain (< 2^25 currently), so you don't need very many bits to encode a transaction's location in the blockchain uniquely.  You then run these encodings through an universally agreed upon cipher to make them dissimilar, and encode the result into some phonemic base.  By encoding a pubkey fingerprint in a transaction, you have a secure name to pubkey mapping.  This can build directly off of Jeff Garzik's identity protocol: https://en.bitcoin.it/wiki/Identity_protocol_v1.

For example, with a large set of CVC phonemes (consonant - vowel - consonant), you only need three to describe a 32 bit name: ~reb-mizvig.  Wisely selecting a smaller set of phonemes may make for more readable names in general at the expense of needing another phoneme: ~bitlyr-worwyd.  Might be worth it.  And you could have lots of different "languages" for different styles of names.  Or different alphabets even.  The guys working on Urbit are currently developing some of these phonemic bases and said we can just copy what they come up with if we like.

Note that all a lightweight client needs to resolve a name to a pubkey fingerprint is the block headers and a merkle path, which encodes the transaction's location via the ordering of hashes.  Also, names done this way would be very dissimilar, so you could safely use them alone as your identity.  This is probably best for identities that live purely online; if people know you only by this name, then key verification comes for free.

Regarding transfer of names, I wonder if that really makes sense.  I can wholeheartedly vouch for a person, but can I really sell your trust in me to to them?  The names are sufficiently throwaway, so I say don't bother with this.  System's much simpler without it.

Of course this all glosses over the need for good key management.  Maybe devices like Trezor could be useful here.  Some random thoughts on a distributed key revocation blockchain:
- Identity protocol's miner sacrifices makes this hard to spam.
- Authenticated prefix trees instead of merkle trees could make it so you only have to pay attention to small subsets of each block containing (or not containing) names you care about.
- We only care about unjammability, so we can pay attention to, say, the 5 longest branches to make it more difficult for miners to suppress revocations.

Thoughts?  Is this all crazy/expecting too much of people?  Am I misunderstanding the problem?
gmaxwell
Staff
Legendary
*
Offline Offline

Activity: 3220
Merit: 4405



View Profile
October 15, 2013, 09:04:16 PM
Merited by Foxpup (2)
 #76

My my, thats unfortunate.  Had this been fixed before being exploited it would have been a trivial soft forking adjustment.  Even a simple temporary softforking adjustment to deny all transactions while it would have fixed would have prevented basically all the harm.
axilla
Full Member
***
Offline Offline

Activity: 217
Merit: 100



View Profile WWW
October 15, 2013, 09:18:46 PM
 #77

decentralized DNS should in now way rely on the blockchain.. PERIOD..  It's madness to continue to build things into the blockchain that have in no way what so ever a relationship to bitcoin.  Anyone who says otherwise please show me with FACTS where a decentralized DNS would be better suited crammed into an already bloated block chain instead of its own entity that uses bitcoins in some way...  It's extremely lazy in my opinion and there are far better ways to do it. 


Growth-O-Matic Grow your business, and increase brand awareness | While everyone else delivers your news to the wire, hoping it gets picked up, we put your press release in front of the eyes of the top bloggers, writers, and decision makers in your industry.
snailbrain
Legendary
*
Offline Offline

Activity: 1800
Merit: 1009



View Profile
October 15, 2013, 09:27:51 PM
 #78

please check "fix"

http://dot-bit.org/forum/viewtopic.php?f=2&t=1297

theymos
Administrator
Legendary
*
Offline Offline

Activity: 3920
Merit: 7952


View Profile
October 15, 2013, 09:46:25 PM
Merited by Foxpup (2)
 #79

One issue I could see with implementing NMC on top of BTC is future scalability. Specifically, when BTC blockchain gets huge, it would mean that the datacenters that store bitcoin blockchain information would have to also double as DNS providers. I think a NMC blockchain would be much much smaller in size compared to bitcoin, since transactions on namecoin are much less frequest, even if they may hold more data. So keeping the two separate would allow for many more smaller, independent DNS providers, instead of limiting it to just the few bitcoin providers we'll likely end up with in the future.

That's one area where Namecoin was very weak. Its blockchain may have started out smaller, but its scalability is no better than Bitcoin's, and it'll eventually have the same problems (like all Bitcoin-based altcoins). But if your decentralized DNS doesn't include a currency, then old data about domain ownership can be more easily forgotten. For example, if you require that registrants renew their domains weekly, then resolvers only need the last few weeks of full blockchain data (plus headers to verify the chain). There may also be better ways of doing this that don't require frequent renewal. (You can also do this sort of renewal thing with BTC in order to reduce download requirements, but it'd be really unpopular.)

Running a resolver on a well-designed DNS system will always be pretty cheap unless Bitcoin's network requirements become huge.

Could DNS be implemented as smart property on top of something like Mastercoin?

Probably, but I'm not a huge fan of smart property or Mastercoin.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
killerstorm
Legendary
*
Offline Offline

Activity: 1022
Merit: 1000



View Profile
October 15, 2013, 10:31:01 PM
 #80

Essentially, if we give up on names being meaningful (but still keep them short, pronounceable and memorable) then they can be used alone securely as identities - no PKI needed.  The idea is that there are a relatively small number of transactions in the Bitcoin blockchain (< 2^25 currently), so you don't need very many bits to encode a transaction's location in the blockchain uniquely.

FWIW I had pretty much the same idea about a half year ago.

https://bitcointalk.org/index.php?topic=138000.msg1471978#msg1471978

Although I thought about using words rather than phonemes: four words are enough.

E.g. somebody can register a name like "cranky corporate classic company".

Chromia: a better dapp platform
Pages: « 1 2 3 [4] 5 6 7 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!