By: Chloe, IOSG Ventures
Original text: "IOSG Weekly Brief | Decentralized Web: Building a permissionless DWeb from the bottom to the front end #143"
This article is the original content of IOSG, which is only used for industry learning and communication, and does not constitute any investment reference. If you need to cite, please indicate the source. For reprinting, please contact the IOSG team for authorization and reprinting instructions.
Foreword
On August 8, the U.S. Department of the Treasury announced sanctions on Tornado Cash, a currency mixing protocol. The sanctions affected many Ethereum addresses, and even the official website of Tornado Cash was doomed and banned. The U.S. government’s action has sparked many controversies in the crypto community, including questions about the “decentralized” vision of Web 3.0. If all the front-end websites where encrypted projects directly interact with users can be so easily banned, how much meaning is there to the advantages of "no permission" and "censorship resistance" brought about by the decentralization of the underlying infrastructure? Coincidentally, two days after the Tornado Cash incident, the decentralized trading platform Curve Finance suffered a domain name attack and $570,000 was stolen. Curve said the problem mainly came from name servers, where hackers redirected users or their transactions to another malicious website, causing the loss of funds. Vulnerability on the web has once again stirred nerves in the crypto community. In fact, the discussion of the Decentralized Web has been around for a long time. People imagine a decentralized system of interconnected private computers to provide private, secure, censorship-resistant access to information and services.
So what are the limitations of the existing Centralized Web, how is the Decentralized Web constructed, and how far are we from the Dweb? This article will introduce the readers one by one.
Cweb
HTTP and Client-server model
Before discussing the Centralized Web, let's briefly understand the interaction model of the Internet. I believe that everyone has heard of TCP/IP and HTTP protocols. They are both widely used basic protocols on the Internet today and are closely related to our lives. TCP/IP is the transport layer protocol, which is responsible for packaging and addressing data, transferring data from one computer to another. HTTP is an application layer protocol carried on TCP/IP, which specifies the format in which each piece of data is expressed in order to be understood by another computer. Computers under HTTP have different roles, mainly divided into two types: server and client. The hosts that provide services in the Internet are called servers, such as major portal websites, social platforms, etc.; the hosts that obtain useful information by accessing the servers are called clients, such as various home computers and smart phones.
Today, most of the centralized web pages adopt this server-client master-slave architecture. For example, when we want to query the currency price on coinmarketcap, our computer and web browser are the client, and the computer, database and application of coinmarketcap are the server.
When our browser requests access to coinmarketcap, the server of coinmarketcap will find out the web page information from the database, combine it into a web page, and finally return it to our browser. It can be seen that this master-slave architecture is highly dependent on the server, and the server needs to be responsible for the main data processing and store the user's access data and user information. The advantages of this structure are straightforward, simple and fast deployment and low maintenance costs, so it is widely cited and has contributed greatly to the prosperity of the Internet today. However, its defects are also very obvious, the probability of a single point of failure or single-point attack is high, and the security is relatively low.
Domain Names and DNS
As mentioned earlier, the Internet is built on the TCP/IP protocol, so we need to address servers through IP addresses. The IPv4 address is a 32-bit binary number, which is usually divided into 4 8-bit binary numbers. For example, the IP address of the coinmarketcap webpage is 108.160.165.139, and we need to send requests to the server through this IP address. However, this string of numbers is too difficult to remember. If you want to remember the IP addresses of all the web pages we frequently visit, it is as difficult as memorizing an entire address book. Therefore, the concept of domain name (Domain Name) came into being. A domain name provides a human-readable address for any available web server on the Internet. Just as we can't remember a friend's phone number, but we can't forget a friend's name. With the domain name, we do not need to enter the IP address to access coinmarketcap, but directly enter coinmarketcap.com in the browser.
Therefore, DNS (Domain Name Service) is like an address book queryer, and its main function is to convert the host domain name into an IP address. When people want to build their own website, the first thing they often do is buy a domain name to make it easier for other computers to contact you. Seeing this, many readers may be curious, domain names sound like a public good rather than a commodity, so who is the money we pay when we buy a domain name? Before answering this question, we can first understand the governing body behind the domain name. The organization responsible for managing the operation of the domain name system is called ICANN, which is the highest management organization for domain names in the world. ICANN will hand over different suffixes to different regions, countries, and operators for operation and maintenance.
For example, the suffix of cn is given to CNNIC, the suffix of com is given to Verisign, and the operation and ownership of mo is owned by the Macao Registration Office. The suffix is ​​generally priced according to the operator's cost plus a reasonable profit. The suffixes such as cn, jp, and hk are priced by themselves in each region. Part of the fees paid by users to purchase domain names is given to ICANN, and the other part is given to service providers. Headquartered in California, ICANN was originally a non-profit organization affiliated with the U.S. Department of Commerce. So the claim that the U.S. government controls the world's domain names isn't unfounded. In 2016, the U.S. government announced that ICANN was no longer affiliated with the Department of Commerce, but instead became a self-governing independent agency. But it is obvious that the US government still has absolute influence over it. This goes back to the topic at the beginning of the article. Why can the US government block the official website of Tornadao Cash? The easiest way is to block the domain name so that ordinary people cannot access the website through the domain name. The hackers who attacked Curve also tampered with domain names to direct visitors to malicious websites.
Dweb
It can be concluded that the centralization of the Centralized Web is reflected in the client-server master-slave structure under HTTP to a certain extent, and it is also reflected in the centralized management of domain names. Of course, the centralization of the Centralized Web is caused by many factors. This article will focus on two aspects: transmission protocol and domain name. In Web 3.0, we have seen some solutions to these two problems - IPFS and Decentralized Domain Names.
IPFS versus HTTP
IPFS was born out of Protocol Labs, a protocol laboratory founded by Stanford University computer master Juan Benet, a laboratory focused on the research, development and deployment of network protocols. Similar to HTTP, IPFS is also an application protocol based on TCP/IP. Unlike HTTP, IPFS is a p2p protocol based on content rather than addresses.
So what does the above difference mean when we use it? As mentioned earlier, the working principle of HTTP is to map content to IP addresses, and the IP addresses point to servers at specific locations, which contain the resources that visitors need. For example, if we want to play a video on YouTube, our browser will find the location where the video is stored among Google's many servers and return the video to us all the way. To speed up the process of this return, we have also established CDNs (Content Delivery Networks) that can "bring" servers closer to your physical distance. However, CDNs also have geographical limitations, and their role in developing countries with relatively backward infrastructure is limited.
Imagine that there are 100 students sitting in the classroom watching this YouTube video at the same time, each student's client sends a request to the YouTube server, and the above process needs to be repeated a hundred times. It will cause a lot of congestion and waste of resources. So how does IPFS solve this problem? The "address" of IPFS is actually a hash generated according to the content. When a student is watching a video, the student's computer does not query the IP address of a centralized server, but searches according to the content in the entire P2P network. If there are students in the classroom with the video stored on their computers, they will get it from each other, ensuring the data is from the most recent source.
It can be seen that IPFS is a content transmission protocol built on the P2P network. There is no hierarchical division of servers and clients in this network. Each node is both a client and a server. Obviously, IPFS has many advantages brought by "decentralization". First, IPFS avoids the problem of a single point of failure and enhances the scalability and flexibility of the network. At the same time, with higher performance, user requests can be processed faster. So why hasn't IPFS, which has many advantages, been applied on a large scale? This is a common problem faced by P2P networks, namely the extremely high cost of operation and maintenance. For example, there is a problem with the author's node, but the author is not able to solve it. The second is the problem of coordination. The nodes in the P2P network act independently and do not communicate with each other, so it is difficult to achieve the task of collective cooperation. Therefore, considering the cost/benefit combination, IPFS may not necessarily benefit all organizational structures.
Decentralized Domain Name Service
Compared with IP addresses, hashes for content retrieval are more complex, so we also need a decentralized DNS to translate hashes into human-readable names. How to understand the decentralization here? Let's also first understand how the existing DNS works centrally. Currently DNS operates in a tree structure, and there are only 13 Root DNS servers with the highest authority in the world. When the top DNS server of this hierarchical structure is paralyzed, the sub-servers belonging to this server will also be shut down, resulting in a large-scale paralysis of the network.
In this context, the concept of decentralized domain names is proposed, and blockchain-based DNS is the most promising solution at present. Combined with the organizational form and server architecture behind the DNS mentioned above. I can make two requirements for decentralized domain names: 1. The ownership/registration/usage rights of decentralized domain names should not be controlled by a centralized power. 2. The operation of the decentralized domain name should not depend on several centralized servers, but should be decentralized on the blockchain.
Although it is still early days for a decentralized domain name service, we have seen several projects building towards this goal. Namecoin, for example, was one of the first projects to be released back in 2011 but did not see widespread adoption. Handshake is another interesting project that is positioned as a "decentralized domain name naming and issuing authority". The two most vocal projects at this stage should be Unstoppable Domains and ENS. Their decentralized domain names have already had high sales, but they have not been put into use in large numbers (here mainly refers to mapping with the CID of IPFS), mainly stored in the wallet as an NFT symbolizing DID.
Epilogue
Technology itself is neutral, but the invention of a technology implies human conception and vision for a better future. Dweb has the characteristics of resistance to censorship, and it is difficult for centralized forces to deprive others of the right to exist and express on the Internet by blocking IP addresses or domain names. The author still has two thoughts on this: the infrastructure itself does not have a value orientation, so censorship resistance is a feature rather than an advantage. How to use Dweb’s censorship-resistant features determines whether this technology brings progress or disaster. If extreme content such as blood and violence cannot be well controlled, it will inevitably lead to conflicts of ethics and morality.
Secondly, we are still a long way from the maturity of Dweb, the maintenance and collaboration costs mentioned in the article have not been solved, and IPFS may not be able to become the basic protocol of Dweb. Although there is already a market for decentralized domain names, the underlying domain name service system has not yet been established. At the same time, the lack of web development tools like WordPress made building Dweb very difficult. Still, IOSG is full of hope for the future of Dweb.