[Lightning-dev] Idea: Using DANE to store node data

Thu Dec 17 20:13:29 UTC 2015

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hello. I wanted to throw an idea out into the open and see if anybody
had any thoughts.

Earlier this year, I worked on an effort to attach payment data to
DNSSEC via DANE[1]. This included working on an RFC draft[2] that
explained the concept. The idea was to use the DNSSEC system as a
database of sorts that could get trusted payment info out to users. If
you wanted to pay Top Quality Widgets for their goods, you could look
them up on the DNS system and be reasonably certain that you were
actually paying them. The setup was designed to allow for all manner
of payment methods, with ACH and Bitcoin being the first two to be
supported.

(Note that the effort eventually fell by the wayside before a
much-improved second RFC draft could get out the door; the first draft
barely touches Bitcoin at all. If anybody's interested, I can provide
a basic outline of what was going to be in it, at least on the Bitcoin
side.)

I'm wondering what others think of this idea, and how it could apply
to Lightning. The main hangup out the gate would be that the payment
info has to be attached to a domain (e.g., topqualitywidgets.com) that
supports the scheme. This would, in all likelihood, mean custom
domains would be needed where support for the scheme was explicitly
included. This could be tricky.

Despite that hangup, I think this is an interesting scheme that may be
worth exploring, perhaps in a modified form. We had the scheme set up
where, on the Bitcoin side, the keys were really flexible and could
support things like per-user payment addresses (i.e., static addresses
weren't mandatory). I thought it was pretty slick, but hey, I'm biased.
:)

One related-but-separate thing to keep in mind is that, if there is
any sort of ID at host scheme deployed in Lightning, it really ought to
support internationalization. [3] suggests taking the ID and hashing
it with SHA-256.

Any thoughts? I really like the idea of having some sort of
quasi-permanent method for storing data without having to rely on a
complicated scheme to find other nodes in the network. It should be
optional, of course, and should work alongside any mandatory schemes
to find other users on the network.

Thanks.

[1]
https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities
[2] https://tools.ietf.org/html/draft-wiley-paymentassoc-00
[3] https://tools.ietf.org/html/draft-ietf-dane-smime-09

- -- 
- ---
Douglas Roark
Cryptocurrency, network security, travel, and art.
https://onename.com/droark
joroark at vt.edu
PGP key ID: 26623924
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJWcxdpAAoJEEOBHRomYjkkdDAP/1eCph6RSQJoUAWo4AONWQEp
nF9C55nRhNdtoMZI52cTN1gU75PS3HNnEfmE0oejZdlt31E+A3V7ibyzOQaHAPzm
ZyVD5/Ke29k+IxPhuk++AMLDJsCbdW/U284NMf3d6yWLZGYCDxaNVEIgs96jHuLN
c1Ot827Wcl19D18SZjYSXeCXrYkXEZs5MQuGjw1sPOo/z8UdWHBAY9J8y8+bhS48
4/ZHQMq+XVawrl+p65vIKwhrQvaq0PgtWjHSyG/5lTQEKQMphDppPXQRyyMdbzX8
JO7Agrjp4MVcwccvsW6oCID+o49l3qeLY+A6sBqcgjCRIgcP3pEbsBb8zCWTNMH/
/lTkywMisEGctbdO3IKHXGXlmOLMb96jiwY1UJBr7yws0IxPM5F/Lw7PufojrcPQ
uPe/kQ1RSMQaDDQnxGRiY796g9OImNImhZu0WcyRoR91Mu4stJkOABHdwu2voZA8
DrJRGJ+BbP0xV8dSGn1dqpnlAMIqKhWfUc67GPoLdgsPd021VbzlctXfLlQe8cWG
qvLwsgnzvpzPn4MmCPrGyGg+cCOgH0XWBUeFPnPUZIFP5bosTGvXUPrsaJw+qkd+
fiYxQlm9QuhNtdmhIMAapbfsSoiRgxhPb8PsKb6tkj/blk4QI8m5p2GRVY+2BBOr
LPHm5WXTCn1XgdCXOZM8
=3chy
-----END PGP SIGNATURE-----