Namecoin is an experimental open-source technology which improves decentralization, security, censorship resistance, privacy, and speed of certain components of the Internet infrastructure such as DNS and identities.
(For the technically minded, Namecoin is a key/value pair registration and transfer system based on the Bitcoin technology.)
Bitcoin frees money – Namecoin frees DNS, identities, and other technologies.
What can Namecoin be used for?
- Protect free-speech rights online by making the web more resistant to censorship.
- Attach identity information such as GPG and OTR keys and email, Bitcoin, and Bitmessage addresses to an identity of your choice.
- Human-meaningful Tor .onion domains.
- Decentralized TLS (HTTPS) certificate validation, backed by blockchain consensus.
- Access websites using the .bit top-level domain.
- Proposed ideas such as file signatures, voting, bonds/stocks/shares, web of trust, notary services, and proof of existence. (To be implemented.)
What does Namecoin do under the hood?
- Securely record and transfer arbitrary names (keys).
- Attach a value (data) to the names (up to 520 bytes).
- Transact the digital currency namecoins (NMC).
- Like bitcoins, Namecoin names are difficult to censor or seize.
- Lookups do not generate network traffic (improves privacy).
Namecoin was the first fork of Bitcoin and still is one of the most innovative “altcoins”. It was first to implement merged mining and a decentralized DNS. Namecoin was also the first solution to Zooko’s Triangle, the long-standing problem of producing a naming system that is simultaneously secure, decentralized, and human-meaningful.
2018-04-19 We’ve released
cross_sign_name_constraint_tool v0.0.2 and
tlsrestrict_nss_tool v0.0.2. These implement the functionality described in my previous post on Integrating Cross-Signing with Name Constraints into NSS (and the earlier posts that that post links to).
2018-04-17 We’ve released ncdns v0.0.6. List of changes:
2018-04-03 Binaries of ConsensusJ-Namecoin (the Namecoin lightweight SPV lookup client) v0.2.7 are now released on the Beta Downloads page page. This is based on the source code that was released earlier. Notable new things in this release:
2018-03-26 At the end of my previous post about porting cross-signing with name constraints to Go, I mentioned that the next phase was to automate the procedure of applying the constraints to all root CA’s in NSS, instead of needing to manually dump CA’s one-by-one from NSS, run them through my Go tool (currently named
cross_sign_name_constraint_tool, because I’ve exhausted my witty software naming quota on another project), and import them back into NSS. I’m happy to report that this next phase is essentially complete, and in my testing I blacklisted certificates for the
.org TLD regardless of which built-in root CA they chained to (without any impact on other TLD’s).
2018-03-25 In my previous post about achieving negative certificate overrides using cross-signing and name constraints, I discussed how the technique could make Namecoin-authenticated TLS possible in any TLS application that uses p11-kit or NSS for its certificate storage. However, the proof-of-concept implementation I discussed in that post was definitely not a secure implementation (nor was the code sane to look at), due to the usage of OpenSSL’s command line utility (glued to itself with Bash) for performing the cross-signing. I’m happy to report that I’ve ported the OpenSSL+Bash-based code to Go.
2018-03-19 CCC and Chaos West have posted the videos of Namecoin’s 34C3 talks. I’ve also uploaded the corresponding slides.
2018-03-11 Fedora stores its TLS certificates via a highly interesting software package called p11-kit. p11-kit is designed to act as “glue” between various TLS libraries, so that (for example) Firefox, Chromium, and OpenSSL all see the same trust anchors. p11-kit is useful from Namecoin’s perspective, since it means that if we can implement Namecoin support for p11-kit, we get support for all the trust stores that p11-kit supports for free. I’ve just implemented a proof-of-concept of negative Namecoin overrides for p11-kit.
2018-02-20 Firefox stores its list of certificate overrides in a text file. While it’s not feasible to edit this text file while Firefox is running (Firefox only loads it on startup) I’ve experimentally found that it is completely feasible to create positive overrides if you shut off Firefox while the override is being created. But is this a reasonable expectation for Namecoin? Actually yes. Here’s how we’re doing it:
2018-02-18 NSS is the TLS implementation used by various applications, including Chromium on GNU/Linux and Firefox on all platforms. I’ve finished initial support for positive cert overrides in NSS, and have submitted a PR that is now awaiting review.
Official anouncements will also be made on this BitcoinTalk thread.
Help keep us strong. You can donate to the Namecoin project here.