Among the made in France projects exhibited at CES 2023 is dappy. What is this alternative to the current domain name management system?
It could be blockchain, but it’s not. Or rather, it isn’t anymore. This is Dappy’s reality.
The project, led by a start-up in the Toulouse region, is part of the French delegation at CES. In development since 2018, it has recently entered production. Its nature: a protocol open-source for managing domain names.
dappy is an alternative to the current system in two main respects. On the one hand, by integrating the public key infrastructure (certificate authority mechanism) with DNS. On the other hand, by decentralizing the latter, from the assignment to the resolution of domain names.
The first point is inspired by the DANE (DNS-Based Authentication of Named Entities) protocol. This notably allows domain name owners to enforce their source of trust on browsers (and thus to evade certificate authorities).
In the second part, dappy originally ran the platform for smart contracts RCain… ceased development in August 2022. Moved to a PostgreSQL database.
The latter serves as the basis for “distributing trust” within dappy networks. Stores domain names and TLS identities.
A DNS request (possibly over HTTPS; dappy is compatible with the DoH protocol) made by clients is successful only after a certain number of members have validated it.
Under this principle, the network becomes potentially all the more secure as it gains members. And it eliminates the risks inherent in the “traditional” DNS design, such as cache poisoning, log hijacking, or certificate authority mismanagement.
dappy, without blockchain but not without permissions
The functioning of the DNS system played on the decision not to opt for a blockchain. In this type of system, some resources never actually interact. For example, an operation that would modify the TLS record of domain x should not be strictly ordered against another transaction that adds an A record (IP address binding) to domain y.
This paradigm allows you to parallelize processing; which is easier to achieve without blockchain, especially for “thin” customers. As for the choice of a system with permissions, it is linked in particular to the functioning of browsers, which need a “finite” list of trusted roots. On dappy networks, each member effectively has the same “weight”.
As a result, the system does not use tokens. This eliminates gas costs for all domain name transactions. The economic model is elsewhere: the incentive to participate in the networks comes from the – fair – distribution of the booking costs of domain names.
For the moment, only one payment option: in fiat, by credit card. Not that a gateway based on a stable currency it is unthinkable, but it is not on the agenda for the moment, for a question of ease of use. This implies a certain degree of centralization, members of a network are led to trust one of them as the issuer of domain names (but does not possess the associated private keys).
Due to its differences with the current system, dappy chose a specific TLD (.d). This should make it easier to integrate the protocol into browsers. The project proposes its own, based on Chromium and usable in white label.
Main illustration © Duc Dao – Shutterstock