You claim here that there is a cost to creating the domain but rule out Ens because it has a cost? You can't make both claims. You can generate Ethereum and buy domains with it much in the same way you do here.

You rule out DNS as it doesn't have a standard registration but IRC doesn't have a standard way to register channels nickserv isn't on all IRC and they have different implementations.

IRC is not distributed it's owned by a centralised provider who has complete control, they can trivially take over any domain they want.

IRC has no consensus mechanisms a netsplit would make it trivial to create duplicate channels on the same IRC network.

You check channel availability then register, this by definition isn't atomic, it's a race condition between check and register. You need a way to wrap this in a transaction to prevent the race condition. IRC provides no way to do transactions. Even registering a channel on a network is not atomic because of the potential of netsplits, which is stated in the rfc.

How are networks choosen and distributed? You picked 11 random servers that meet your requirements. If I pick 11 random servers how are their ips shared? Traditionally this is done with DNS but since you are trying to replace this requiring it is odd, how do you stop some one just hijacking your DNS once that problem is solved your scheme becomes pointless.

If you expect everyone to use the same 11 servers this isn't distributed, it's centralised to 11 servers you can't trust.

I think you are under the impression that IRC is distributed and so if you build a secure system on top of it, then the system as a whole will be secure and distributed. The problem is that IRC isn't secure or distributed it's centralised with no Byzantine fault tolerance.

I understand you check multiple channels/networks in an attempt to provide this protection but the underlying servers can do anything they want and there is nothing you can do about that. Finally getting to the point of being on IRC and checking a channel has a lot of attack points none of which are accounted for.

The difficult part of any distributed bysentain tolerant system is the distributed bysentain problem IRC doesn't solve this problem and your scheme outsources it to IRC.

Charcircuit is just telling you the truth you don't want to accept.

> You claim here that there is a cost to creating the domain but rule out Ens because it has a cost? You can't make both claims

It's HN, they don't understand how blinded they are by their bias against blockchain. I see these contradictions all the time and have learned it's pointless to reply.

I see what you're saying but your whole argument seems extremely black and white. It's like: you're saying that because there's a theoretical scenario where every server can over-take a name then the system as a whole isn't valid which just isn't true. A consensus system doesn't need to provide every property of a blockchain for it to be valid. Just good enough security for the problems that it solves.

>You claim here that there is a cost to creating the domain but rule out Ens because it has a cost? You can't make both claims. You can generate Ethereum and buy domains with it much in the same way you do here.

While technically true, your statements about Ethereum are misleading because as you know -- it is impractical for any random person to 'just generate Ethereum' with their computers and use it to pay for transactions. It's like you tried to make a technical argument but over-simplified it too much and left out key details for it to be meaningful.

>IRC is not distributed it's owned by a centralised provider who has complete control, >IRC has no consensus mechanisms a netsplit would make it trivial to create duplicate channels on the same IRC network.

This is true, but my design uses multiple servers. Netsplits only effect one IRC network. I am using multiple discrete networks. For the purposes of consensus it doesn't effect the software.

>You check channel availability then register, this by definition isn't atomic, it's a race condition between check and register. You need a way to wrap this in a transaction to prevent the race condition.

This is true but its also irrelevant. Either the register function manages to register enough names to meet the minimum threshold for success or it doesn't and the user can choose a different name. The design of the system minimizes such a scenario as unique TLDs, names, and passwords mitigate the potential for conflicts.

>Traditionally this is done with DNS but since you are trying to replace this requiring it is odd, how do you stop some one just hijacking your DNS once that problem is solved your scheme becomes pointless.

Every peer-to-peer application has the same issue including Bitcoin and Ethereum. It's not an issue with DNS. It's that there needs to be an initial way to know details about the network. This is called 'bootstrapping.' For now -- this is done by having a list of server IPs stored inside the software which is uploaded to a few places. Github and Pypi.

>it's centralised to 11 servers you can't trust.

This feel like you're just playing word games that mean nothing. Decentralization refers to network topologies and governmental designs wherein a single authority cannot control a system. Such a property is true about the system I've built by requiring a threshold of servers for agreement. A server doesn't individually have the power to control a name. So no it's not 'centralized.'

>I understand you check multiple channels/networks in an attempt to provide this protection but the underlying servers can do anything they want and there is nothing you can do about that

I think you've managed to miss the point of this design. It does provide a simple consensus mechanism across servers. It is mentioned in the fourth section titled 'How it should work.' I think most of your post is based on the misunderstanding that this system is simply load-balanced and doesn't include a consensus mechanism.

Since you don't use IRC for anything more than an unreliable and easily spoofable key value store, why bother with implementing an IRC client? You could easily write a client server on UDP 58 client sends the key and server replies the value. Create a list of 13 IP we just trust and run your dnssec on top of that? Ez

>why do you say that?

Because the information needed to lookup a name is equivalent to the information needed to register the name.

>Registered names aren't visible, only their hashes.

But domains are public information. Imagine if in normal DNS anyone could register google.com at any time. Claiming that its not insecure because people don't know google.com exists doesn't make sense.

>names can be registered atomically across IRC servers without revealing what they are directly.

But if someone learns the name they can register it themself. Two people can both claim to be google.com. If a new IRC server is added anyone can create a channel for an existing domain. If your answer to the problem of the same domain being registered by multiple people is that a domain should be both a name and an encrypted nonce you run into the problem where it might be more convienent to just pass over the public key.

>But your usage of the term here is confusing

That is my fault, I assumed this was a permissionless system where any IRC server was permitted to be used instead of a permissioned one.

>Currently there are no such blockchains that have zero transaction fees to use them.

Some cost near $0. A fork of one could be made to do so.

The channel names are unique per server. Knowing the channel name isn't enough to infer what name it represents so you can't just go and register the name on other servers after observing channel names. The only way to know what a channel name represents is to do a lengthy computation for a possible name, tld, password (optional), and server. Depending on uniqueness -- this might not be practical.

The idea of having masked names was only to prevent race conditions in the initial registration process. After the channel names are registered they are unavailable for other attackers to register and since a verifiable delay has to be done on the name to compute it -- there is adequate time to register the name across multiple servers.

A malicious server can reuse a channel name and have it hijacked by an operator. But the system also ties in ECDSA signatures with a basic threshold consensus algorithm across servers. So having a few servers (or even many) wouldn't allow a malicious third-party to compromise a name.

>The channel names are unique per server.

But there is not a limit for how many channels can exist for a single domain.

>After the channel names are registered they are unavailable for other attackers to register

Yes, but an attacker can use a different channel name for the same domain.

>So having a few servers (or even many) wouldn't allow a malicious third-party to compromise a name.

An attacker could associate their own key with that domain any number of times across any number of servers.

I'm not sure I understand what you mean. One channel is registered per server, for one name. Successful registrations require a super majority of those registrations to succeed. Lookups can be limited to a sub-set as long as the result number is at least greater than the minimum failure threshold for a successful registration.

>Yes, but an attacker can use a different channel name for the same domain. >An attacker could associate their own key with that domain any number of times

How?

>How?

You literally just register the name again. In the rare chance you conflict just reroll the random nonce and try again.

The nonce isnt random. It's deterministic.

The time lock is pointless then. This is what I meant by random crypto making it hard to understand.

This blog post would be simpler to understand if you started out without any crypto. If I were to write it I would start with the case of a single IRC server. Then explain a channel is a key and the topic is the value. The first person to register a key on a server can control the value. Then to expand this approach to multiple severs you introduce the idea of using a kdf of the key concatenated with the irc server's identity.

The time-lock acts as a way to ensure names aren't revealed the moment channels are registered which would create a race condition where attackers could hijack names by registering them on other servers.

The channel name is something like time_lock(name_meta_data, server_details) -> deterministic channel name based on the parameters passed to the function (output is unique per server.) Just like if you used a hash function you get the same output for the same input. Since the time lock needs a certain amount of compute to elapse (and a certain amount of time to do it) -- it allows time for the name owner to register the appropriate channels on other servers.

OK, so, one thing isn't clear to me:

    1. Alice registers example.tld
    2. Bob registers example.tld
    3. Bob reveals example.tld
    4. Alice reveals example.tld

It seems there is now two rooms corresponding to the same name. Who controls example.tld? I'm missing uniqueness and it still seems vaguely racey.

Both Alice and Bob check if a name is already registered beforehand. Lets say that both of them see that a name is available and go to register it at the same time. Either both will fail (due to taking X names each) or one will succeed (per the consensus requirements.) The software will indicate the results by checking the channel owner after registration for each server. So you know whether to try register a different name or not. So conflicts can still happen here but they're reduced by having unique TLDs + names, requiring small computations, and checking availability beforehand.