Naming could be RAD

DAOs and the future of internet naming

Jan 20, 2022

I’m a researcher at the UC Berkeley Center for Long-Term Cybersecurity where I direct the Daylight Lab. I’m interested in structural risks to the global internet.

Stability. What attacks threaten to disrupt internet service globally?
Power. Where are the internet’s key points of global control?
Equity. Who controls them? Who decides who controls them?

This newsletter is my work as I do it: more than half-baked, less than peer-reviewed.

Today, I’m writing about names.

Mutable names

Mutable names are the key to a usable web. They allow us to access dynamic content using memorable addresses. Consider:

nytimes.com

The content changes, the name remains.

Names also signify provenance. Anyone can download the New York Times’ HTML, make a copy, and insert their own stories. (I did this as a kid to impress my dad). Which New York Times is the real one? The one that controls the name nytimes.com.

Names are a way to access content and a broker of trust.

Names today

Today’s domain names come in the form:

members.parliament.uk

We interpret this name hierarchically: names are separated with a “.”, each contained “within” the name that follows it. In this example .uk is the highest name in the hierarchy.

But who owns .uk? These top-level domains belong to the DNS Root Zone. Thirteen servers describe all the valid top-level domains in the world.

And who runs those servers? Until 2016, the answer was ICANN, a U.S. based nonprofit whose monopoly over internet naming has repeatedly landed it in court, and whose shape-shifting relationship with the U.S. federal government has shielded it from antitrust.

Now, an organization called IANA administers it. Who runs IANA? It’s hard to tell. The institution—its membership, its financials—is difficult to inspect.

Names… tomorrow?

In response to ICANN’s shortcomings (real and perceived), several “decentralized” naming systems have popped up. ENS on Ethereum, for one. In so many words, they replace the root DNS with a blockchain.

These projects address some long-standing security issues in DNS, and make the organizations that provision naming inspectable (if inflexible).

But the big problem with naming remains. The big problem with naming is that there is no popular governance over how it works. The real problem is to design an institution that’s more fair than this one.

What existing projects fail to imagine is: what’s the new institution? Forget the implementation details. Whatever the new system is, who will run it, and how?

Who should run a naming system?

One way to think about this question: whom does a global naming system affect?

Today’s DNS system affects almost everyone. A Western system, the DNS was designed around the Roman alphabet. So-called “international domains” (i.e., ones with non-Western characters in them) were tacked on later.

The tension: the benefits of a global system weighed against the world’s diverse governance needs. Different people accept different rules as legitimate. How do we create a global system without creating a colonial system?

This is the wisdom of the domain—the fiefdom within which you get to make rules. A global domain naming system should be as agnostic about what goes on inside domains as possible. It should neither erase difference nor make particular differences canonical. It is a system by which domains can coexist.

Running the Root

Let’s say we all have our names in my new naming system. We all have our fiefdoms, within which names and routes can be anything. How do we govern the system that governs our fiefdoms? Who should sit at that table?

At the very minimum, people who own a name should get a vote.

But it can’t be an anarchy of name-holders, not entirely. Some sort of “ministry for the future” should advocate for everyone who will have a name, and the world’s other stakeholders, present and future. It should advocate, in other words, for the long-term social good.

The relative voting power of this politburo is tricky, as is its makeup, but suffice to say there are better and worse ways to structure it. Gender, ethnic, and linguistic diversity comes to mind. We’ll return to these problems in a moment.

My proposal: RAD DNS

My proposal is a RAD (recursive, agnostic, decentralized) DNS.

From a thousand feet, here’s how it works. A Root DAO mints NFTs, which describe unique names. That DAO can sell, transfer, or revoke names.

All the Root DAO’s smart contract does is map names to contract addresses. Holding the NFT for a name permits you to update the contract address to which it resolves.

That’s the whole system.

Say you and your friends come to this DAO and register the name coffee. You can now run the same system “inside” of your name. Now people can come to you and register coffee/alchemy-collective, coffee/haus-coffee, and so on. The system is recursive.

But you do not need to run the same system inside. You can run your fiefdom however you want—the system is agnostic. Just remember: the Root DAO can take away your name.

Finally, the system is distributed. It is, after all a DAO. Tokens give their holder a voting share. Some proportion of the tokens should be held in the Root DAO’s treasury, giving it a vote of its own, and making the DAO itself a “ministry.”

Which bring us to the real question.

A ministry for the future

Distribution is less about ledgers and more about institutions. The owners of domains are an important stakeholder, and must get a vote. But neither they nor the “free” market should have the run of the show. There must be a countervailing force. An institution at the table that works in the interest of—for want of a better term—the people.

The “classic” internet bodies—ICANN, IANA, IETF—are effectively politburos. They practice a democratic centralism. The complaints about these institutions are primarily that they aren’t good ones. They fail to act as meaningfully civic organizations.

They fail to respond to the needs of people on the ground.

What would be better? A good Root DAO would feature diversity along every dimension, coming together in a consensus mechanism that, whenever possible, expands rather than occludes possibilities in design. It should justify its wide-ranging perspective to establish long-term societal externalities. It should use its “stick”—its ability to revoke names—to draw clear lines around human rights.

Who should be in this body? How do we reach them, and how do we get them on board?

Compared to these questions, building the system is the easy part.

Acknowledgments

Jake Hartnell, Ando Shah, Wesley Evans, Zeke Medley, the-frey.

Check out (de)NS, a project built on Juno.

Thank you for reading. This post is public, so feel free to share it.

I can hear you are screaming: “but the CA system!” First, users don’t know what to make of CA errors. See Clark 2012, p. 8. Second, CAs can issue valid certificates for any site. A sufficiently well-resourced attacker can poison the DNS with a replacement record and issue a valid certificate for the replacement.

While ICANN’s longstanding relationship to the U.S. government has shielded it from rigorous antitrust action in the U.S., the E.U. has been less than pleased with the situation.

Don’t get me wrong: the technical security issues with DNS are serious, and the Root DNS is one thing blockchain could actually help. The root zone is an application state achieved through byzantine fault-tolerant consensus. The one thing blockchains do well.

ENS, the supposed successor to (and the one putting the most effort into co-existing with) the DNS Root Zone, is a four-of-seven multisig. That means seven people would control the new system—and only four of them would need to agree to change it. That’s not governance.

The classic web3 critique applies: these projects focus on the decentralized nature of the technical infrastructure, and forgets about designing the institutions in which those technologies are applied.

Meanwhile, more naming systems could be terrible. We want one global naming system—name collisions (two names meaning different things) would be endlessly confusing for end-users, as would multiple naming systems. The transparency and security that web3 implementations may improve today’s DNS, but at the expense of increased fragmentation.

Currently, if you own a domain name (say babiesarepsychic.net), you don’t get a say over how .net is run, let alone how the system above it works.

How can we be distributed and agnostic? The answer is an internet classic: rough consensus and running code.

The Root DAO can make a particular client-side querying logic canonical. This “soft power” can encourage (without enforcing) particular norms around naming. Owners of domains could always ship users their own application-specific clients when it benefits them (e.g., to speed up queries or providing application-specific features).

For more specific implementation details, see my GitHub comment in the-frey’s whoami repository.

See: Cath, Corinne. “The technology we choose to create: Human rights advocacy in the Internet Engineering Task Force.” Telecommunications Policy 45.6 (2021): 102144.

Multiple parties are dissatisfied enough with the status quo that fragmentation in naming appears inevitable. I did a Twitter poll recently—very unscientific poll.

Nick Merrill @_elsehow

INTERNET FOLKS: a speculative question for you. currently, almost all internet users share the same DNS, providing global consensus on naming (which names are valid, what they map to, etc). for how much longer will that be the case?

A majority of my followers—72%!—are pessimistic that we’ll stave off fragmentation more than 20 years. 54% think we won’t make it another ten.