Jump to: navigation, search

Namecoin Lite Resolver

Lightweight client for Namecoin is known as a Namecoin Lite Resolver (NLR). These clients are based on Bitcoin SPV and UTXO clients, but adapted for Namecoin's specific use cases. For example, a Namecoin client typically wants to only resolve current names and is often only interested in a specific namespace.

Introduction

A Namecoin Lite Resolver (NLR) is a limited client that is only concerned with name transactions. This allows us to make optimizations that significantly reduce the amount of storage space required by removing the ability to verify payments made in NMC (Namecoin’s built in currency). In Namecoin, names expire after 36000 blocks (they may be renewed by “spending” them in a new transaction), so an NLR may prune block headers older than that since no non-expired name will reference them. We estimate the upper bound of storage required for this mode to be at most a few hundred MB, but in practice it should require much less than that.

Assuming we have the headers of the last 36000 blocks, we have a few possible modes of operation: minimal mode, hybrid mode, and full name mode.

Minimal Mode

The NLR looks up name data and receives block headers by consulting a server. The server is responsible for providing the chain of name transactions starting with one at least 12 blocks old (the NAME_NEW, NAME_FIRSTUPDATE wait time) up to and including the most recent update (often this chain will consist only of the latest transaction on the Name).

The integrity properties of this mode surpass that of standard DNS; the privacy properties are comparable to standard DNS and less than DNSCrypt.

Attacks

  • The server is able to falsely claim a name does not exist or present old data as the most current. To reduce this risk multiple servers should be consulted and the bootstrapping nodes should be authenticated.
  • An attacker controlling more than 50% of the network for at least 12 blocks could mine bogus transactions hijacking existing names and pass these blocks off to any minimal mode NLRs in the network, but full nodes would reject them.

Hybrid Mode

In addition to the block headers, the NLR receives all name transactions and stores those satisfying some criteria (e.g. d/ only, names matching a bloom filter of popular names, those with well-formed data, etc). Transactions are kept on FIFO basis, discarding the oldest whenever there are more than two stored transactions that are at least 12 blocks old. The stored transactions are used to validate new blocks/transactions as well as acting as a fast, local data source. Lookups in non-whitelisted namespaces can be handled as in Minimal Mode.

Attacks

  • For non-whitelisted namespaces, the Minimal Mode attacks apply.
  • If all nodes the NLR is connected to collude, it may be prevented from learning of new names and updates to existing ones. This can be prevented by receiving blocks in full rather than headers + name transactions only.
  • An attacker controlling more than 50% of the network and mined 12 blocks could mine bogus transactions registering new names or updating their own existing names without paying for them. This attack is totally infeasible because paying for names and updates is several orders of magnitude cheaper than the sacrificed block reward (full nodes would not accept these blocks).

Full Name Mode

This mode is like Hybrid mode in that it only stores names from the prior 36000 blocks, but it stores all names regardless of the namespace and receives full blocks, preventing all but the last attack on Hybrid Mode

Full Name Mode should be feasible to run even on smartphones in most cases.

Our worst case assumption for block size is ~10KB on average (blocks produced by Eligius have much larger than normal headers, but in general they should be ~1KB). This would mean an initial bootstrap of 36000 block headers would be at most around 360MB plus around 1.5MB per day passed since the bootstrap data was produced. Similarly when restarting a Minimal Mode NLR, it’ll have 1.5MB of catchup data to download per day it spent offline before it is fully ready.

Notes

The 12 block attacks are based on the premise that being able to mine 12 blocks in a row already gives the ability to steal freshly registered names.