Reply inline:
On 2021-12-24 14:38, Raphaël Fabre wrote:
We are the only name system in the world that does co-resolution, that's the way we found to maintain a consistent name system, and also avoid censorship and phishing.
Our system has the following properties:
- blockchain-based name system: it simply means that mapping is
globally consistent, name management is distributed in the sense that a blockchain handles it, the resolver just connect to this blockchain.
1) What is the purpose of trusting a "network of independant companies"? 2) What if these companies collude to censor you? 3) If you can trust them, why do you need a blockchain? For trusted groups, there's much simpler K-of-M systems to just distribute a SQL database.
- Systematic co-resolution (not rotation): lookup request are always
addressed to a network of independant agents: there are many instead of a single one.
4) How does this compare to existing systems? 5) By your definition, do other blockchain-based systems fail to support "co-resolution"? By my understanding, Electrum for Bitcoin uses a similar algorithm, but with better security guarantees.
And then there is consensus at browser level. This prevents 90% of attacks or attempt of censorship/phishing.
6) What is "consensus as browser level"? 7) How can the same system prevent both censorship and phishing? Phishing consists in having a domain which is subjectively "wrong" by human standards (e.g. "goggle.com" instead of "google.com"), whereas censorship consists in blocking a domain that people voluntarily want to access. It seems to me that whatever system is used to implement the former can also be misused to achieve the latter. 8) What is meant by "90% of attacks," and what are the remaining 10%?
- Anonymous registrations
9) Are these registrations anonymous (e.g. Monero), or merely psuedonymous (e.g. Bitcoin)? Are two "anonymous" registrations by the same entity linkable? 10) Is there a mechanism to anonymously obtain the crypto-token used for registering the name?
- Load-balancing of names: you can attach 20 IP addresses to your
name, dappy browser will try each one of them until it gets a response.
11) How does this differ from existing systems, such as the DNS?
- 100% encrypted/https
12) Is this a feature of the naming system?
Censorship cannot happen, neither at the storage location (blockchain) or on-the-fly at resolution time (co-resolution)
I am also curious about the following passages from your website:
Re: "The companies that secure the dappy name system" (https://dappy.tech/)
13) Does this imply that I need trust "pathrocknetwork" et al to be a good, honest, etc service provider? If so, what reason do I have for doing so, and what reason does the system have for requiring me to do so?
Re: "You don’t need to trust us, the trust is distributed in a network of independant companies" (ibid)
14) One of the companies listed under the previous heading is "FABCO". Are they independent? 15) Do the other two companies received any financial compensation from anyone in consideration of their participation? If so, does this affect their impartiality or independence?
Re: "Please read the license file. It is based on Metatask extension license and limits commercial/for-profit usage to 5.000 users." (https://github.com/fabcotech/dappy)
16) Is this an open-source license?
Re: https://github.com/fabcotech/dappy-lookup/blob/master/src/dappyNetworks.ts
17) There appears to be only one hardcoded resolver for each network in this file. What's going on here?
Re: "This page focuses on the ideas that make dappy different from current legacy systems as well as blockchain-based competitors." (https://dappy.tech/ideas-and-breakthroughs/)
18) To which blockchain-based competitors are you comparing? I believe that all of these except "CSP at the name system level" have been done before by various projects.
Re: "By doing a multi-request instead of a unique client-server request, a client is able to read from a public database that he does not have locally (the state of a blockchain), without having to trust any single entity." (https://fabco.gitbook.io/dappy-spec/glossary/multi-request)
19) How does this compare to existing solutions, such as Merkle tree inclusion checks, which can trustlessly give verifiable answers in a single query given the latest block hash? 20) If all the nodes queried collude to lie, can this be detected?
Re: "Partial token offering, and whitepaper release (January 2022)"
21) Where can I find the whitepaper?
Re: "The general documentation consists in two document, the protocol overview page on dappy.tech that can be seen as a light white paper, and the general documentation on gitbook, that is technically more concrete."
22) Where is the protocol overview page? 23) Where is the concrete documentation on gitbook? The "Dappy protocol" page (https://fabco.gitbook.io/dappy-spec/glossary/dappy-protocol) says: "The Dappy protocol is right now a very generic term because it has not been standardized in any way."
In conclusion, I am very bothered by this, because it is much too vague for me to be able to analyze it properly. The provided documentation fails to answer the most obvious questions that come to mind:
- Who decides who owns a name? - How much does it cost to register a name? - Once registered, for how long does it last until you have to renew it? - If you own a name, can it be taken from you? - Is it possible to change these rules, and if so, by whose consent? - How does this compare to previous efforts, in terms of quality of implementation and in terms of what trade-offs and design decisions are made?
It saddens me, because, from reading your website, it appears as if you have a financial incentive in promoting this project ("To fund the growth of the team dappy is releasing 20% of the Utility Tokens that will govern the platform"). It seems like the existence of such incentives would also be a powerful motivator to re-invent wheels, while denying that any prior art has ever existed in the past.
This leads to an unfortunate situation where, as Drew DeVault put it (https://drewdevault.com/2021/04/26/Cryptocurrency-is-a-disaster.html), "developers are no longer trying to convince you to use their software because it’s good, but because they think that if they can convince you it will make them rich".
The proliferation of such projects reduces overall trust in society, with the end result that people stop engaging with new ideas that are presented to them, in much the same way as how telemarketing has resulted in a decrease in the willingness to answer phone calls from strangers.
(This is, of course, only true if the ideas are bad.)
Best, Yanmaani
P.S.:
Happy to chat Merry Christmas
Raphaël Fabre
Better late than never, but it's unfortunate that the message took so long to be delivered. I think it causes problems in terms of maintaining a discussion if the delay is months long, but it might just be a problem on my end.