5 features making EmerDNS the only truly decentralized DNS
In this article we’ll see how EmerDNS took Namecoin’s ingenious idea and brought it further to create a much more powerful decentralized domain name system.
We love Namecoin. Actually, we created our main asset, the Name-Value Storage, from the source code powering Namecoin’s domain name system. But we took the idea a bit further, making the NVS a database for all kinds of data and thus a variety of distributed services.
One of the first of such services was EmerDNS, a full-fledged distributed domain name system. With attacks on conventional domain name systems becoming increasingly frequent, the Internet needed something to protect them from criminals and overly curious authorities alike — and we came to the rescue.
EmerDNS made it possible to create reliable and stable private data networks with decentralized management — safe from service denials or spoofing. In EmerDNS, only the owner can manage or remove a domain record, or any other NVS record held in their wallet.
As the record is located in the blockchain, its copies are available to each Emer node. Thus, users can search for records locally without querying external servers. This makes domain name resolution faster and more reliable. And more secure as well: Neither your ISP nor anyone else will know which sites you visit — especially if you use HTTPS.
For those of you who are already familiar with Namecoin and its .bit domain, here are the top 5 reasons to switch to EmerDNS:
1 — Several domain zones instead of one
While Namecoin only covers the .bit domain, EmerDNS supports multiple domains, with new added through a config-file record. Thus, you can create your own private data networks that will be only identified by respectively configured Emer nodes. At the moment, the system covers four public domain zones that are available through OpenNIC servers:
- *.coin — main domain, primarily related to cryptocoins and other money matters;
- *.emc — for EmerCoin-related services;
- *.lib — for content libraries;
- *.bazar — for trading platforms.
2 — Configurable lease duration
While Namecoin limits each lease to around 200 days, after which it must be extended, NVS allows you to configure the lease duration at your own discretion. Longer leases will cost you more, but much more. You get simpler administration and avoid losing your record to someone else after it expires.
3 — Deleting records
Unlike Namecoin, EmerDNS allows you to delete unexpired records, after which the same name can be taken by anyone else.
4 — Built-in RFC 1035 DNS server
Namecoin can only store DNS but not extract or transfer them to client software in the standard DNS format. To do this, you have to dump the entire domain name database and pass it to a conventional DNS server. It will then use its own search and reply in the RFC 1035 format.
Each EmerCoin wallet, on the other hand, has a built-in DNS server. It processes standard RFC 1035 queries and replies in the same format. Thus, the domain system is truly decentralized, with DNS server functionality present in each wallet and not just dedicated gateway servers. The standardization also makes EmerDNS easier to integrate with other subsystems.
5 — Managing subdomains
This feature is extremely important in a flat domain network without a tree of servers covering different domain zones.
Consider a subdomain hijacking attack.
Suppose that we have a server at victim.emc, and have no subdomain protection/management mechanism. The domain owner creates another name, www.victim.emc, and assigns it to the same server. But a hacker then creates www1.victim.emc and assigns it to their malicious server. These names are technically unrelated, but someone who is used to the traditional DNS paradigm may trust that www1.victim.emc is legitimate and, for example, disclose their password to the hacker.
Namecoin has no subdomain management mechanism. So a website must maintain its own name server to manage subdomains. All third-level domains are simply ignored.
EmerDNS introduces two simple rules:
1. All queries to a subdomain are by default resolved to the second-level domain name. So unless the victim.emc record contains specific exceptions, all subdomain queries — such as www1.victim.emc orgive.me.the.victim.emc — will be resolved as queries to victim.emc.
2. The SD tag in value specifies the exceptions for that domain name. For example, here’s the Flibusta library’s EmerDNS record:
“name” : “dns:flibusta.lib”,“value” : “A=81.17.19.227|SD=static,cn|TXT=Flibusta Library”,
SD=static, cn means that static.flibusta.lib and cn.flibusta.lib will be resolved in full and not just reduced to flibusta.lib. Second-level name records can also contain the SD tag, enabling trusted domain names of any level, while untrusted records will still be reduced to the second-level domain name.
But the main strength of EmerDNS is that it is part of a much more extensive ecosystem that comes with Emercoin and its Name-Value Storage. You can read more about it here and see if it fits you.
You can use EmerDNS either via OpenNIC or using the Fri-Gate, and PeerName, or BDNS browser plugins.
To get more technical info and get started, see the detailed manual:
https://emercoin.com/en/documentation/blockchain-services/emernvs
