Introducing Tezos Domains
Previously, we have published the following articles discussing ideas and design choices that we felt needed to be explored for a successful name service on Tezos:
- Part 1: Introduction
- Part 2: Namespace and Structure
- Part 3: Name Distribution and Pricing
- Part 4: Validation, Normalization, Encoding
- Part 5: Retaining Trademarks
Now we offer our first proposal for smart contract design and we give reasons for some of the design decisions.
After discussing this among ourselves and community members (naming things is one of the two hardest problems in computer science after all), we decided on Tezos Domains. Very special thanks go to Jonas Lamis (Tezos Capital & StakerDAO) who offered to donate the
tezos.domains DNS domain.
Smart Contract Design Proposal
The current proposal is available at docs.tezos.domains. Please keep in mind it’s an early draft and it’s likely to change quite a bit.
Design Decision Rationale
Why auctions and not just First-In-First-Serve registration?
FIFS registration would be certainly easier to implement, but the service would risk “land rush” at launch or at expiration times. We intend to use the FIFS model for domains that have had no buyers previously.
Why open auction and not Vickrey auction?
Blind auctions like Vickrey auction have drawbacks that make them less suitable:
- If bids are to be sealed, every bidder has to take two actions: transfer funds with a bid hash and (days later) reveal matching bid data. Not only it makes for confusing user experience, but the bid data (containing a user secret) have to be stored securely for longer periods. For browser-based dApps it means a technical problem with no easy solution.
- Sealed bids are not “really really” sealed. Because the bidding phase requires sending your funds, the users are essentially revealing their bid amounts. While, in theory, a user can post fake bids to confuse competitors, there is no clear advantage of faking larger amounts than the real bid. The main feature of a Vickrey auction - truthful bidding as the dominant strategy - seems doubtful if there are strong clues about competing bids.
- Blind auction is not a good price discovery mechanism - users are more likely to under- or over-pay for their domains, potentially making the market less effective.
Why proxy contract(s)?
A proxy contract is needed as an upgrade mechanism - both in case of a serious defect or when a new version (with new functionality) is deployed. We understand that amendable contracts are controversial, but it has been shown many times that they are extremely practical in real life (see The DAO on Ethereum or the ENS Migration for examples).
Why administrative multisig?
It is a short-term solution that allows upgrades and data corrections in case of a catastrophe. Starting with a multisig allows us to move fast in getting the service to mainnet. The long-term plan is to create a DAO that will exclusively oversee the administration of the service.
What about Unicode and look-alike attacks?
Many community members have expressed concerns about supporting Unicode character space in the context of look-alike attacks. The consensus is that, in this case, the security features of the service are more important than usability, and we tend to agree.
That being said, we still want to support Unicode names in the future, as long as the risks are mitigated sufficiently. The current plan is to launch the service supporting Latin (pure ASCII) names ending with the
.tez top-level domain. One additional top-level domain exclusively for a chosen Unicode script can be launched as a proof-of-concept (allowing names in Cyrillic under
.тез has been suggested). Limiting TLDs to certain Unicode scripts means that neither whole-script and mixed-script confusable names can be created in one namespace. We hope this will prove to be a useful strategy.
We would like to thank Tezos Foundation for supporting the project and making it possible.
Our thanks also go to the many community members that have given their feedback and valuable advice:
- Alex Eichhorn (TzStats from Blockwatch Data)
- Arthur Breitman
- Andreas and Pascal (Airgap, Beacon, TezBlock from Papers)
- Carlo van Driesten (BMW AG & vDL Digital Ventures GmbH)
- Gabriel Alfour (Ligo)
- Igor Tkach, Eugene Mishura, Jacob Arluck, Charlie Wiser and Julien Hamilton (TQ Tezos)
- James and Tyler (Dexter, Magma Wallet from camlCase)
- Johann Tanzer (TulipTools)
- Jonas Lamis (Tezos Capital & StakerDAO)
- Michael Zaikin (Baking Bad, TzKt, Atomex, Better Call Dev)
- Mike Radin and Vishakh (Galleon, Conseil, Nautilus Cloud from Cryptonomics)
- Nicolas and Steve (Cortez from Nomadic Labs)
The work on the design of the smart contracts will continue for the near future. All comments and suggestions are very welcome as we polish the overall architecture. We plan to deploy a first testnet prototype in the coming weeks.
We will also start working on two projects that tie into the big picture of Tezos Domains:
- A lightweight indexer that offers querying capabilities specifically for Tezos Domains. The API will allow accessing data that is not available through direct RPC calls to a Tezos node: listing domains according to certain criteria, accessing purchase history, and so on.
- A prototype of a browser-based dApp that provides lookup functionality, gives details about any domain and it’s subdomains, and allows owners to manage their domains. It will also provide a UI for buying domains using the FIFS model and eventually allow participation in auctions.
Join the Conversation
As always, we want to invite everyone to join the discussion. Do you have a comment on the current proposal? Did we miss something? Let’s share ideas!
And if you want to chat, come join the Tezos Domains Group on Telegram!