For a long time, the internet has relied on domain name services (DNS) to translate random numerical IP addresses into simpler, readable website names as is commonly used by internet users. These are critical pieces of infrastructure that connect the world of machines (which manage the internet via numbers representing IP addresses) and humans (who can remember words more easily than a random string of numbers), enabling human internet users to more simply surf the web.
However, this arrangement also has some significant drawbacks.
These problems have led developers to find ways to circumvent the need for DNS and create an alternative, more efficient solution. In this blog, we’ll explore these DNS drawbacks and explain how the use of blockchain technology for decentralized identity management can potentially solve these problems.
DNS is a complex technology that is also vulnerable to attack. These instances have had major implications for businesses and users. We’ll focus on two major examples.
-
DNS censorship
DNS is a centralized registry that pairs IP addresses with legible words. In many cases, the extensions of domains are under the control of countries that use their centralized authority to block sites according to their interests.
For example, a popular website based in one jurisdiction with a global following can be shut down by authorities in another jurisdiction based on their assessments. This process can hinder users in that jurisdiction from accessing that website regardless of its legality in other jurisdictions. The process and reasoning behind shutting down a popular website can also be opaque and be a unilateral decision that doesn’t take into account the opinions of users.
Related reading:
- What you need to know about decentralized identity
- Here are some business use cases for decentralized identity
- What is Cardano Connect?
Any person or organization that operates a website using a DNS can potentially be targeted by countries outside their jurisdictions without much recourse to appeals.
-
DNS outages
DNS services can also potentially suffer from outages and stop converting domain names into IP addresses. This can be a serious problem as the result is that websites can become inaccessible without being the fault of those maintaining the site and users cannot access website services.
There have been instances of popular global websites that have gone through a DNS outage and inconvenienced their users in the process. Furthermore, these days, many related services are connected through a central platform or website that users might sign up on. A DNS outage of the central platform service could render all those related services unusable. This can create a cascading effect that takes out portions of the internet due to a configuration error with their DNS protocols.
Decentralized identifiers (DIDs) are a technology that can replace the traditional DNS and is used in a decentralized identity solution that leverages decentralized blockchain technology. A DID often refers to a document where data is logged and can be proved to be correct. A DID can provide:
- a timestamp of when it was created
- a cryptographic proof that the DID document is valid
- a list of cryptographic public keys
- a list of ways that the DID can be used to authenticate
- a list of services where the DID can be used
- any number of externally defined extensions
The relation between a domain name and an IP address can be recorded in this DID. The record is kept in a decentralized blockchain ledger that later can be used as an archive of all the DIDs created. Additionally, an NFT can be used to represent a DID and this token would be required every time someone wants to edit the information contained in the record.
In this way, by anchoring the edits of a DID to a distributed ledger such as Cardano, a user can provide the history of edits made to the document the DID references. This creates a decentralized archive that can preserve the integrity of data without a central authority.
The domain also would not be hosted on any centralized registry. A third party could not block one of these domains under the pressure of a foreign actor. The resolvers that change a website’s name to an IP address would also work on top of the blockchain, meaning errors can be quickly solved.
DIDs dramatically change the architecture of the internet. It has the potential to transform it into something more akin to a network of communications that is not under the control of any central actor.
Through DIDs, users can be potentially less vulnerable to DNS censorship and outages.
CNS aims to provide this type of decentralized identity solution on Cardano, first for social interactions and transactions involving Cardano decentralized applications. It manages the domain names using Cardano NFTs, providing a decentralized way of proving and managing one’s identity within the Cardano dApp ecosystem. These are recorded on Cardano’s distributed ledger and their access and sale are controlled via the NFT.
CNS also has a resolver that can take the information on the NFT’s metadata and translate it. This means that access to the domains is also decentralized, unlike the current DNS model.
Ultimately, a user with a personalized CNS is not vulnerable to a DNS outage or censorship by a third party. The chosen CNS is attached and under the control of the user and stored through the NFT that can be managed through their self-custodial Cardano wallet. This means that a Cardano user with a CNS can use this readable address to send to others for transactions and manage their reputations in the Cardano ecosystem, all on their own via the Cardano NFT which stores their information.
Follow EMURGO on X to receive weekly ecosystem updates including Cardano blockchain education courses, events and workshops, funding opportunities, and more Cardano-related news.
About EMURGO
- Official Homepage: emurgo.io
- X (Global): @EMURGO_io
- YouTube: EMURGO channel
- Facebook: @EMURGO.io
- Instagram: @EMURGO_io
- LinkedIn: @EMURGO_io
Disclaimer
You should not construe any such information or other material as legal, tax, investment, financial, or other advice. Nothing contained herein shall constitute a solicitation, recommendation, endorsement, or offer by EMURGO to invest.
