351 lines
20 KiB
Markdown
351 lines
20 KiB
Markdown
|
---
|
|||
|
title: Name System
|
|||
|
...
|
|||
|
We intend to establish a system of globally unique wallet names, to resolve
|
|||
|
the security hole that is the domain name systm, though not all wallets will
|
|||
|
have globally unique names, and many wallets will have many names.
|
|||
|
|
|||
|
Associated with each globally unique name is set of name servers. When one’s
|
|||
|
wallet starts up, then if your wallet has globally unique name, it logs in
|
|||
|
to its name server, which will henceforth direct people to that wallet. If
|
|||
|
the wallet has a network accessible tcp and/or UDP address it directs people
|
|||
|
to that address (one port only, protocol negotiation will occur once the
|
|||
|
connection is established, rather than protocols being defined by the port
|
|||
|
number). If not, will direct them to a UDT4 rendevous server, probably itself.
|
|||
|
|
|||
|
We probably need to support [uTP for the background download of bulk data].
|
|||
|
This also supports rendevous routing, though perhaps in a different and
|
|||
|
incompatible way, excessively married to the bittorrent protocol.We might
|
|||
|
find it easier to construct our own throttling mechanism in QUIC,
|
|||
|
accumulating the round trip time and square of the round trip time excluding
|
|||
|
outliers, to form a short term and long term average and variance of the
|
|||
|
round trip time, and throttling lower priority bulk downloads and big
|
|||
|
downloads when the short term average rises above the long term average by
|
|||
|
more than the long term variance. The long term data is zeroed when the IP
|
|||
|
address of the default gateway(router) is acquired, and is timed out over a
|
|||
|
few days. It is also ceilinged at a couple of seconds.
|
|||
|
|
|||
|
[uTP for the background download of bulk data]: https://github.com/bittorrent/libutp
|
|||
|
|
|||
|
In this day and age, a program that lives only on one machine really is not
|
|||
|
much of a program, and the typical user interaction is a user driving a gui
|
|||
|
on one machine which is a gui to program that lives on a machine a thousand
|
|||
|
miles away.
|
|||
|
|
|||
|
We have a problem with the name system, the system for obtaining network
|
|||
|
addresses, in that the name system is subject to centralized state control,
|
|||
|
and the TCP-SSL system is screwed by the state, which is currently seizing
|
|||
|
crimethink domain names, and will eventually seize untraceable crypto
|
|||
|
currency domain names.
|
|||
|
|
|||
|
In today’s environment, it is impossible to speak the truth under one’s true
|
|||
|
name, and dangerous to speak the truth even under any durable and widely used
|
|||
|
identity. Therefore, people who post under names tend to be unreliable.
|
|||
|
Hence the term “namefag”. If someone posts under his true name, he is a
|
|||
|
“namefag” – probably unreliable and lying. Even someone who posts under a
|
|||
|
durable pseudonym is apt show excessive restraint on many topics.
|
|||
|
|
|||
|
The aids virus does not itself kill you. The aids virus “wants” to stick
|
|||
|
around to give itself lots of opportunities to infect other people, so wants
|
|||
|
to disable the immune system for obvious reasons. Then, without a immune
|
|||
|
system, something else is likely to kill you.
|
|||
|
|
|||
|
When I say “wants”, of course the aids virus is not conscious, does not
|
|||
|
literally want anything at all. Rather, natural selection means that a virus
|
|||
|
that disables the immune system will have opportunities to spread, while a
|
|||
|
virus that fails to disable the immune system only has a short window of
|
|||
|
opportunity to spread before the immune system kills it, unless it is so
|
|||
|
virulent that it likely kills its host before it has the opportunity to
|
|||
|
spread.
|
|||
|
|
|||
|
Similarly, a successful memetic disease that spreads through state power,
|
|||
|
through the state system for propagation of official truth “wants” to disable
|
|||
|
truth speaking and truth telling – hence the replication crisis, peer
|
|||
|
review, and the death of science. We are now in the peculiar situation that
|
|||
|
truth is best obtained from anonymous sources, which is seriously suboptimal.
|
|||
|
Namefags always lie. The drug companies are abandoning drug development,
|
|||
|
because science just does not work any more. No one believes their research,
|
|||
|
and they do not believe anyone else’s research.
|
|||
|
|
|||
|
It used to be that there were a small number of sensitive topics, and if you
|
|||
|
stayed away from those, you could speak the truth on everything else, but now
|
|||
|
it is near enough to all of them that it might as well be all of them, hence
|
|||
|
the replication crisis. Similarly, the aids virus tends to wind up totally
|
|||
|
suppressing the immune system, even though more selective shutdown would
|
|||
|
serve its interests more effectively, and indeed the aids virus starts by
|
|||
|
shutting down the immune system in a more selective fashion, but in the end
|
|||
|
cannot help itself from shutting down the immune system totally.
|
|||
|
|
|||
|
The memetic disease, the demon, does not “want” to shut down truth telling
|
|||
|
wholesale. It “wants” to shut down truth telling selectively, but inevitably,
|
|||
|
there is collateral damage, so it winds up shutting down truth telling
|
|||
|
wholesale.
|
|||
|
|
|||
|
To exorcise the demon, we need a prophet, and since the demon occupies the
|
|||
|
role of the official state church, we need a true king. Since there is a
|
|||
|
persistent shortage of true Kings, I here speaking as engineer rather than a
|
|||
|
prophet, so here I am discussing the anarcho agorist solution to anarcho
|
|||
|
tyranny, the technological solution, not the true king solution.
|
|||
|
|
|||
|
Because of the namefag problem and the state snatching domain names, we need,
|
|||
|
in order to operate an untraceable blockchain based currency not only a
|
|||
|
decentralized system capable of generating consensus on who owns what cash,
|
|||
|
we need a system capable of generating consensus on who who owns which human
|
|||
|
readable globally unique names, and the mapping between human readable names,
|
|||
|
Zooko triangle names (which correspond to encryption public keys), and
|
|||
|
network addresses, a name system resistant to the state’s attempts to link
|
|||
|
names to jobs, careers, and warm bodies that can be beaten up or imprisoned,
|
|||
|
to link names to property, to property that can be confiscated or destroyed.
|
|||
|
|
|||
|
A transaction output can hold an amount of currency, or a minimum amount of
|
|||
|
currency and a name. Part of the current state, which every block contains,
|
|||
|
is unused transaction outputs sorted by name.
|
|||
|
|
|||
|
If we make unused transaction outputs sorted by name available, might as well
|
|||
|
make them available sorted by key.
|
|||
|
|
|||
|
In the hello world system, we will have a local database mapping names to
|
|||
|
keys and to network addresses. In the minimum viable product, a global
|
|||
|
consensus database. We will, however, urgently need a rendezvous system that
|
|||
|
allows people to set up wallets and peers without opening ports on stable
|
|||
|
network address to the internet. Arguably, the minimum viable product will
|
|||
|
have a global database mapping between keys and names, but also a nameserver
|
|||
|
system, wherein a host without a stable network address can login to a host
|
|||
|
with a stable network address, enabling rendezvous. When one identity has its
|
|||
|
name servers registered in the global consensus database, it always tries to
|
|||
|
login to those and keep the connection alive with a ping that starts out
|
|||
|
frequent, and then slows down on the Fibonacci sequence, to one ping every
|
|||
|
1024 secondsplus a random number modulo 1024 seconds. At each ping, tells the
|
|||
|
server when the next ping coming, and if the server does not get the
|
|||
|
expected ping, server sends a nack. If the server gets no ack, logs the
|
|||
|
client out. If the client gets no ack, retries, if still no ack, tries to
|
|||
|
login to the next server.
|
|||
|
|
|||
|
In the minimum viable product, we will require everyone operating a peer
|
|||
|
wallet to have a static IP address and port forwarding for most functionality
|
|||
|
to work, which will be unacceptable or impossible for the vast majority of
|
|||
|
users, though necessarily we will need them to be able to receive money
|
|||
|
without port forwarding, a static IP, or a globally identified human readable
|
|||
|
name, by hosting their client wallet on a particular peer. Otherwise no one
|
|||
|
could get crypto currency they would need to set up a peer.
|
|||
|
|
|||
|
Because static IP is a pain, we should also support nameserver on the state
|
|||
|
run domain name system, as well as nameserver on our peer network, but that
|
|||
|
can wait a while. And in the end, when we grow so big that every peer is
|
|||
|
itself a huge server farm, when we have millions of users and a thousand or
|
|||
|
so peers, the natural state of affairs is for each peer to have a static IP.
|
|||
|
|
|||
|
Eventually we want people to be able to do without static IPs and
|
|||
|
portforwarding, which is going to require a UDP layer. One the other hand, we
|
|||
|
only intend to have a thousand or so full peers, even if we take over and
|
|||
|
replace the US dollar as the world monetary system. Our client wallets are
|
|||
|
going to be the primary beneficiaries of rendevous UDT4.8 routing over UDP.
|
|||
|
|
|||
|
We also need names that you can send money to, and name under which you can
|
|||
|
receives. The current cryptocash system involves sending money to
|
|||
|
cryptographic identifiers, which is a pain. We would like to be able to send
|
|||
|
and receive money without relying on identifiers that look like line noise.
|
|||
|
|
|||
|
So we need a system similar to namecoin, but namecoin relies on proof of
|
|||
|
work, rather than proof of stake, and the state’s computers can easily mount
|
|||
|
a fifty one percent attack on proof of work. We need a namecoin like system
|
|||
|
but based on proof of stake, rather than proof of work, so that for the state
|
|||
|
to take it over, it would need to pay off fifty one percent of the
|
|||
|
stakeholders – and thus pay off the people who are hiding behind the name
|
|||
|
system to perform untraceable crypto currency transactions and to speak the
|
|||
|
unspeakable.
|
|||
|
|
|||
|
For anyone to get started, we are going to have to enable them to operate a
|
|||
|
client wallet without IP and port forwarding, by logging on to a peer wallet.
|
|||
|
The minimum viable product will not be viable without a client wallet that
|
|||
|
you can use like any networked program. A client wallet logged onto a peer
|
|||
|
wallet automatically gets the name `username.peername`. The peer could give
|
|||
|
the name to someone else though error, malice or equipment failure, but the
|
|||
|
money will remain in the client’s wallet, and will be spendable when he
|
|||
|
creates another username with another peer. Money is connected to wallet
|
|||
|
master secret, which should never be revealed to anyone, not with the
|
|||
|
username. So you can receive money with a name associated an evil nazi
|
|||
|
identity as one username on one peer, and spend it with a username associated
|
|||
|
with a social justice warrior on another peer. No one can tell that both
|
|||
|
names are controlled by the same master secret. You send money to a username,
|
|||
|
but it is held by the wallet, in effect by the master secret, not by the
|
|||
|
user name. That people have usernames, that money goes from one username to
|
|||
|
another, makes transferring money easy, but by default the money goes through
|
|||
|
the username to the master secret behind the quite discardable username,
|
|||
|
thus becomes anonymous, not merely pseudonymous after being received. Once
|
|||
|
you have received the money, you can lose the username, throw it away, or
|
|||
|
suffer it being confiscated by the peer, and you, not the username, still
|
|||
|
have the money. You only lose the money if someone else gets the master
|
|||
|
secret.
|
|||
|
|
|||
|
You can leave the money in the username, in which case the peer hosting your
|
|||
|
username can steal it, but for a hacker to steal it he needs to get your
|
|||
|
master secret and logon password, or you transfer it to the master secret on
|
|||
|
your computer, in which case a hacker can steal it, but the peer cannot, and
|
|||
|
also you can spend it from a completely different username. Since most people
|
|||
|
using this system are likely to be keen on privacy, and have no good reason
|
|||
|
to trust the peer, the default will be for the money to go from the username
|
|||
|
to the master secret.
|
|||
|
|
|||
|
Transfers of money go from one username to another username, and this is
|
|||
|
visible to the person who sent it and the person who received it, but if the
|
|||
|
transfer is to the wallet and the master secret behind the username, rather
|
|||
|
than to the username, this is not visible to the hosts. Money is associated
|
|||
|
with a host and this association is visible, but it does not need to be the
|
|||
|
same host as your username. By default, money is associated with the host
|
|||
|
hosting the username that receives it, which is apt to give a hint to which
|
|||
|
username received it, but you can change this default. If you are receiving
|
|||
|
crypto currency under one username, and spending it under another username on
|
|||
|
another host, it is apt to be a good idea to change this default to the host
|
|||
|
that is hosting the username that you use for spending, because then spends
|
|||
|
will clear more quickly. Or if both the usernames and both the hosts might
|
|||
|
get investigated by hostile people, change the default to a host that is
|
|||
|
hosting your respectable username that you do not use much.
|
|||
|
|
|||
|
We also need a state religion that makes pretty lies low status, but that is
|
|||
|
another post.
|
|||
|
|
|||
|
# Mapping between globally unique human readable names and public keys
|
|||
|
|
|||
|
The blockchain provides a Merkle-patricia dac of human readable names. Each
|
|||
|
human readable name links to a list of signatures transferring ownership form
|
|||
|
one public key to the next, terminating in an initial assignment of the name
|
|||
|
by a previous block chain consensus. A client typically keeps a few leaves
|
|||
|
of this tree. A host keeps the entire tree, and provides portions of the tree
|
|||
|
to each client.
|
|||
|
|
|||
|
When two clients link up by human readable name, they make sure that they are
|
|||
|
working off the same early consensus, the same initial grant of user name by
|
|||
|
an old blockchain consensus, and also off the same more recent consensus,
|
|||
|
for possible changes in the public key that has rightful ownership of that
|
|||
|
name. If they see different Merkle hashes at the root of their trees, the
|
|||
|
connection fails. Thus the blockchain they are working from has to be the
|
|||
|
same originally, and also the same more recently.
|
|||
|
|
|||
|
This system ensures we know and agree what the public key associated with a
|
|||
|
name is, but how do we find the network address?
|
|||
|
|
|||
|
# Mapping between public keys and nework addresses
|
|||
|
|
|||
|
## The Nameserver System
|
|||
|
|
|||
|
Typically someone is logged in to a host with an identity that looks like an
|
|||
|
email address, `paf.foo.bar`, where`bar` is the name of a host that is
|
|||
|
reliably up, and reliably on the network, and relatively easy to find
|
|||
|
|
|||
|
You can ask the host `bar` for the public key and *the network address* of
|
|||
|
`foo.bar`, or conversely the login name and network address associated with
|
|||
|
this public key. Of course these values are completely subject to the caprice
|
|||
|
of the owner of `bar`. And, having obtained the network address of `foo.bar`,
|
|||
|
you can then get the network address of `paf.foo.bar`
|
|||
|
|
|||
|
Suppose someone owns the name `paf`, and you can find the global consensus as
|
|||
|
to what public key controls `paf`, but he does not have a stable network
|
|||
|
address. He can instead provide a nameserver – another entity that will
|
|||
|
provide a rendevous. If `paf` is generally logged in to `foo`, you can
|
|||
|
contact `foo`, to get rendevous data for `bar.foo`, which is, supposing `foo`
|
|||
|
to be well behaved, rendevous data for `bar`
|
|||
|
|
|||
|
Starting from a local list of commonly used name server names, keys, and
|
|||
|
network addresses, you eventually get a live connection to the owner of that
|
|||
|
public key, who tells you that at the time he received your message, the
|
|||
|
information is up to date, and, for any globally unique human readable names
|
|||
|
involved in setting up the connection, he is using the same blockchain as you
|
|||
|
are using.
|
|||
|
|
|||
|
Your local list of network addresses may well rapidly become out of date.
|
|||
|
Information about network addresses flood fills through the system in the
|
|||
|
form of signed assertions about network addresses by owners of public keys,
|
|||
|
with timeouts on those assertions, and where to find more up to date
|
|||
|
information if the assertion has timed out, but we do not attempt to create a
|
|||
|
global consensus on network addresses. Rather, the authoritative source of
|
|||
|
information about a network address of a public key comes from successfully
|
|||
|
performing a live connection to the owner of that public key. You can, and
|
|||
|
probably should, choose some host as the decider on the current tree of
|
|||
|
network addresses, but we don’t need to agree on the host. People can work
|
|||
|
off slightly different mappings about network addresses with no global and
|
|||
|
complete consensus. Mappings are always incomplete, out of date, and usually
|
|||
|
incomplete and out of date in a multitude of slightly different ways.
|
|||
|
|
|||
|
We need a global consensus, a single hash of the entire blockchain, on what
|
|||
|
public keys own what crypto currency and what human readable names. We do not
|
|||
|
need a global consensus on the mapping between public keys and network
|
|||
|
addresses.
|
|||
|
|
|||
|
What you would like to get is an assertion that `paf.foo.bar` has public key
|
|||
|
such and such, and whatever you need to make network connection to
|
|||
|
`paf.foo.bar`, but likely `paf.foo.bar` has transient public key, because his
|
|||
|
identity is merely a username and login at `foo.bar`, and transient network
|
|||
|
address, because he is behind nat translation. So you ask `bar` about
|
|||
|
`foo.bar`, and `foo.bar` about `paf.foo.bar`, and when you actually contact
|
|||
|
`paf.foo.bar`, then, and only then, you know you have reliable information.
|
|||
|
But you don’t know how long it is likely to remain reliable, though
|
|||
|
`paf.foo.bar` will tell you (and no other source of information is
|
|||
|
authoritative, or as likely to be accurate).
|
|||
|
|
|||
|
Information about the mapping between public keys and network addresses that
|
|||
|
is likely to be durable flood fills through the network of nameservers.
|
|||
|
|
|||
|
# logon identity
|
|||
|
|
|||
|
Often, indeed typically, `ann.foo` contacts `bob.bar`, and `bob.bar` needs
|
|||
|
continuity information, needs to know that this is truly the same `ann.foo`
|
|||
|
as contacted him last time – which is what we currently do with usernames and
|
|||
|
passwords.
|
|||
|
|
|||
|
The name `foo` is rooted in a chain of signatures of public keys and requires
|
|||
|
a global consensus on that chain. But the name `ann.foo` is rooted in logon
|
|||
|
on `foo`. So `bob.bar` needs to know that `ann.foo` can log on with `foo`,
|
|||
|
which `ann.foo` does by providing `bob.bar` with a public key signed by `foo`,
|
|||
|
which might be a transient public key generated the last time she logged
|
|||
|
on, which will disappear the moment her session on her computer shuts down,
|
|||
|
or might be a durable public key. But if it is a durable public key, this
|
|||
|
does not give her any added security, since `foo` can always make up a new
|
|||
|
public key for anyone he decides to call `ann.foo` and sign it, so he might
|
|||
|
as well put a timeout on the key, and `ann.foo` might as well discard it when
|
|||
|
her computer turns off or goes into sleep mode. So, it is in everyone’s
|
|||
|
interests (except that of attackers) that only root keys are durable.
|
|||
|
|
|||
|
`foo`’s key is durable, and information about it is published.`ann.foo`’s
|
|||
|
key is transient, and information about it always obtained directly from
|
|||
|
`ann.foo` as a result of `ann.foo` logging in with someone, or as a result of
|
|||
|
someone contacting `foo` with the intent of logging in to `ann.foo`.
|
|||
|
|
|||
|
But suppose, as is likely, the network address of `foo` is not actually all
|
|||
|
that durable, is perhaps behind a NAT. In that case, it may well be that to
|
|||
|
contact `foo`, you need to contact `bar`.
|
|||
|
|
|||
|
So, `foo!bar` is `foo` logged in on `bar`, but not by a username and
|
|||
|
password, but rather logged on by his durable public key, attested by the
|
|||
|
blockchain consensus. So, you get an assertion, flood filled through the
|
|||
|
nameservers, that the network address of the public key that the blockchain
|
|||
|
asserts is the rightful controller of `foo`, is likely to be found at `foo!`
|
|||
|
(public key of `bar`), or likely to be found at `foo!bar`.
|
|||
|
|
|||
|
Logons by durable public key will work exactly like logons by username and
|
|||
|
password, or logons by derived name. It is just that the name of the entity
|
|||
|
logged on has a different form..
|
|||
|
|
|||
|
Just as openssh has logons by durable public key, logons by public key
|
|||
|
continuity, and logons by username and password, but once you are logged on,
|
|||
|
it is all the same, you will be able to logon to `bob.bar` as `ann.bob.bar`,
|
|||
|
meaning a username and password at `bob.bar`, as `ann.foo`, meaning `ann` has
|
|||
|
a single signon at `foo`, a username and password at `foo`, or as `ann`,
|
|||
|
meaning `ann` logs on to `bob.bar` with a public key attested by the
|
|||
|
blockchain consensus as belonging to `ann`.
|
|||
|
|
|||
|
And if `ann` is currently logged on to `bob.bar` with a public key attested
|
|||
|
by the blockchain consensus as belonging to `ann`, you can find the current
|
|||
|
network address of `ann` by asking `bob.bar` for the network address of
|
|||
|
`ann!bob.bar`
|
|||
|
|
|||
|
`ann.bob.bar` is whosoever `bob.bar` decides to call `ann.bob.bar`, but
|
|||
|
`ann!bob.bar` is an entity that controls the secret key of `ann`, who is at
|
|||
|
this moment logged onto `bob.bar`.
|
|||
|
|
|||
|
If `ann` asserts her current network address is likely to last a long time,
|
|||
|
and is accessible without going through
|
|||
|
|
|||
|
`bob.bar` then that network address information will flood fill through the
|
|||
|
network. Less useful network address information, however will not get far.
|