NEM DNS
This blog post will demonstrate how the NEM blockchain can be used for a smart, decentralized and reliable DNS service for internet services, for example the translation of domain names to IP addresses. The project include
- MIT licensed GitHub code
- Translation of domain names to IP addresses
- Domain name lookup of associated information
- Demonstration of easy updatable records for the .nem domain owner
What is DNS
The Domain Name System (DNS) is a hierarchical naming system for computers, services, or other resources connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. Most prominently, it translates more readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. By providing a worldwide, distributed directory service, the Domain Name System is an essential component of the functionality on the Internet, that has been in use since 1985.
Why do we need a blockchain DNS
The classic DNS system despite its high performance, has many weaknesses. The classic DNS system is vulnerable for attacks. For instance, an attacker can hack it and then forward your traffic to fake websites by hijacking DNS responses for intermediate caching servers. In many parts of the world, authorities are censoring and blocking domains for more or less righteous reasons. The price for owning / maintaining a domain name can be costly and the speed of updating domain records is slow.
NEM is a peer-to-peer network that has no domain registrars, domain zone owners, or intermediate caches. The NEM blockchain has proven to be one of the most secure blockchains and information cannot be tampered with. Each NIS has a validated copy of the entire blockchain , the complete database of domain names, messages and transactions. Data reliability is based on the fact that the database is the same for all NIS ensured by the blockchain technology itself and a public consensus mechanism. No one, except the owner of each private key, can change or cancel any record in the chain after it has been submitted and validated.
Controlling a namespace
The owner of a NEM namespace can use the NEM DNS in a few easy steps. The DNS is built around the namespace platform in the NEM ecosystem and an associated pointer address (PA). The namespace owner needs to send a transaction to the namespace pointer address including a non-encrypted message in json format with information related to the namespace. The message can include relevant information such as IP address, ownership info, physical address, contact info and much more. To update the record the owner can simply send a new transaction with the new information.
Example of JSON object:
{"dns":"yes","ip1":"your ip", "email": "your email"}
// the "dns" = "yes" key will signal that the massage contains DNS info
// the "ip1" key is the primary IP related to your .nem domain
The pointer address (PA) is found sha256 hashing the namespace name and deriving a NEM public address.
Example of finding PA:
function getPointerAccount(namespace){
passphrase = nem.crypto.js.SHA256(namespace);
var privateKey = nem.crypto.helpers.derivePassSha(passphrase, 1).priv;
var keyPair = nem.crypto.keyPair.create(privateKey);
var publicKey = keyPair.publicKey.toString();
var address = nem.model.address.toAddress(publicKey, nem.model.network.data.testnet.id);
return address;
}
pointerAdd = getPointerAccount('helloworld');
//getPointerAccount for the namespace 'helloworld' will return TCGD57YKW5TFEY5TWTN7XBJXEZBGGURYXJ54FLDE
Searching the DNS
Searching the DNS can be done using a the NanoWallet.When requesting a search for the .nem domain name the algorithm will do two NIS requests, the first one will establish ownership of the domain.
Example:
http://104.128.226.60:7890/namespace?namespace=helloworld
Example of returned JSON object:
{"owner":"TCFSDG3XDH2SXWPVJ2Q4LV2SLS57TFJUATT2UJSZ","fqn":"helloworld","height":1387671}
When ownership of the domain is established the algorithm will do a second request related to the pointer address. This request will look for incoming transactions from the owner account. Looping thought the transactions searching for the newest DNS transaction with DNS information.
Example:
var stop =0;
$.each(data['data'], function( index, value ) {
if ( nem.model.address.toAddress(value['transaction']['signer']...
, nem.model.network.data.testnet.id)== ownerAdd){
var payload = convertFromHex(value['transaction']['message']['payload']);
var objPayload = jQuery.parseJSON( payload );
if (objPayload['dns']=='yes' && stop==0){
stop =1;
if(typeRe==1){window.location ='http://'+objPayload['ip1']};
if(typeRe==2){alert(payload);};
}
}
});
Code from this project is available via GitHub under MIT license. The project and website demo can be downloaded from GitHub or you can try the implementation in the nem NanoWallet.