pull down to refresh
120 sats \ 8 replies \ @lightcoin 13 Jan \ on: The Inherent Flaw: Why Decentralized Domain Naming Systems are Doomed to Fail bitcoin
I don't see how these attacks are any worse for DDNS than the equivalent attacks would be for bitcoin:
no different than bitcoin malware on the user's computer that can steal their private key or swap out the destination addresses, etc
no different than a phishing attack on any website that accepts bitcoin, tricking the user into sending BTC to the wrong place
what is a "fraudulent name"? and why should I care if "offensive" names are registered?
what DDNS system enables users to hijack names by "outspending legitimate owners"?
no different than miners "censoring" any other type of time-sensitive bitcoin transaction
can do a simple find and replace here:
do you see why this critique falls flat?
I have my own reservations with DDNS and have a preferred alternative, namely I think that the squatter problem and the phishing problem (perhaps what you are referring to as "fraudulent names") make pet names better than DDNS. But if we are going to critique DDNS then the arguments should be strong, and if those arguments can be just as strongly applied to bitcoin then perhaps they point to areas of improvement for bitcoin as well.
Re DDNS vs Bitcoin, My point is about the scale.
Yes malware can steal keys, but it cannot effect the integrity of other peoples UTXOs.
Its isolated.
In DDNS one malicious name effects each and every user of the namespace. I feel I addressed the difference between the scope of attack in the essay.
Fraudulent name implies registering a malicious name under fraud, so the phishing context, but also just faking the real name. So more than just phishing, just any name based fraud. I think we generally agree here.
I dont agree about your replace -- Bitcoin does not link an on-chain address to an off-chain entity. This is the fundamental difference about application of Blockchain integrity for Store of Value vs other human constructs. And the point of the essay.
reply
In DDNS one malicious name effects each and every user of the namespace.
I don't see how that is the case, any more than it is for centralized DNS -- I can use DNS just fine even if someone else gets scammed by a phisher or someone else has their domain hijacked. Yes those attacks worry me but only because I am aware of them, most people are not and go about their day just fine even with various attacks happening all the time.
Bitcoin does not link an on-chain address to an off-chain entity
It does, or intends to, a bitcoin address represents "the place to send BTC if you want to send BTC to this off-chain entity". If you have a secure way to pass someone your address so that they do not send money to the wrong place, then you also have a secure way to pass someone a DDNS name so that they don't go to the wrong website.
reply
No sir, that is not how Bitcoin works at all. Not in the slightest. You may be missing the nuance here.
There is nothing about 'off chain entities' in the Bitcoin protocol. There is ScriptPubKey and ScriptSigs (and Witnesses). The protocol does not specify how addresses are relayed in the real world. Its not part of the protocol. How humans exchange "bitcoin addresses" is not part of the protocol. There used to be an pay-to-IP component in the protocol, but this is now deprecated.
The point is that discussing how humans exchange human readable addresses between each other is the layer above this problem, and that is the layer in which the DDNS problem exists.
So we are discussing very different things here.
Clarification:
Bitcoin does not let me transmit an invalid tx, because it is self contained and must consume an existing output, and send to a new output. The input ScriptSig must be correct as per the bitcoin protocol.
DDNS lets me submit any invalid names, be it fake, fraud, phishing, squatting, just plain wrong. There is no way to validate it it in protocol.
This is the fundamental difference.
reply
The point is that discussing how humans exchange human readable addresses between each other is the layer above this problem, and that is the layer in which the DDNS problem exists. So we are discussing very different things here.
No they are not different, it's the same problem. Again:
If you have a secure way to pass someone your address so that they do not send money to the wrong place, then you also have a secure way to pass someone a DDNS name so that they don't go to the wrong website.
Bitcoin does not let me transmit an invalid tx, because it is self contained and must consume an existing output, and send to a new output. The input ScriptSig must be correct as per the bitcoin protocol. DDNS lets me submit any invalid names, be it fake, fraud, phishing, squatting, just plain wrong. There is no way to validate it it in protocol. This is the fundamental difference.
"submitting an invalid name" ("incorrect" is a better term than "invalid" here) is no different than "submitting an incorrect bitcoin address", which the bitcoin protocol will let you do. Address replacement is a well-known attack. See e.g.
reply
You are missing what I am saying here. The address substitution is occurring at the layer above bitcoin, eg: before it is signed by the user with wallet. This is meat space.
Bitcoin protocol does not allow an attacker to modify a bitcoin transaction when signed. A node cannot interpret a tx as anything but how it was signed. (eg: tx mutability).
As long as the meatspace signing part worked (and we have to assume it did, because Bitcoin cannot effect meatspace).
Everything about DDNS is a problem in the meatspace. You cannot solve it with Bitcoin, which cannot effect meatspace.
reply
As long as the meatspace signing part worked
this is the central caveat which makes it the same problem
you cannot assume this part works in either scenario
reply
Which is the fundamental thesis of my essay, that it cannot solve this problem.
I'm glad you agree with me.
reply
I think it is I who should be thanking you for agreeing with me, since it seems that you no longer feel this way:
I dont agree about your replace -- Bitcoin does not link an on-chain address to an off-chain entity.