Nostr Web Client

Introducing my new open source #nostr freedom project - DNSPub

The key idea is that any DNS domain owner, with minimal changes, can enable any to npub be part of the domain name system, using signed DNS records published to relays.

For example, [npub].example.com would resolve to an IP address, and pass all the CA root program tests so that https://[npub].example.com could be a valid website in the browser.

Thanks to nostr:npub1s0veng2gvfwr62acrxhnqexq76sj6ldg3a5t935jy8e6w3shr5vsnwrmq5 and nostr:npub1hw6amg8p24ne08c9gdq8hhpqx0t0pwanpae9z25crn7m9uy7yarse465gr for the idea!

#dnspub

https://github.com/trbouma/dnspub

Reply to this note

Please Login to reply.

Discussion

Jeroen Ubbink 3mo ago

Nice work! That is all.

Marc 3mo ago

👀

royster⚡️ 3mo ago

⚡️👀⚡️

Tim Bouma 3mo ago

The MVP is working. The next step is to enable multi-domain support so anyone can set up a couple of DNS records to enable.

Deleted Account 3mo ago

So the benefit here is that if my domain was blocked or banned this would allow the website to resolve no matter what? I'm not sure I understand 🙃

Tim Bouma 3mo ago

The basic idea is that if you are a domain owner of say, example.com, with a couple of record entries you could make npub.example.com as a public root for any npub.

If you go down, someone else, or many, can be a public root.

ImportantVideos 3mo ago

Hi sorry guys! please check out my Geyser 🙏🏻 it’s for my son 🙏🏻 thanks so much

nostr:nevent1qqsv5rd33pl0rk0yqs495r2xct9m8a5uar0ktn6yf8vlrv0dam0eg7qpz3mhxue69uhhyetvv9ujuerpd46hxtnfdu86egfz

vinney...axkl 3mo ago

i finally have the perfect use case for my notwebsite.com domain

Tim Bouma 3mo ago

I am working on multi-domain support - in a week or so, I should be able to tell you what records to add to your registrar and it should be enabled.

vinney...axkl 3mo ago

Hell yes.

Just so I understand, there would still be the sole service running that answers those DNS queries (your service), right? The additional domain "mirrors" would provide backup domains, but not be providing an additional resolver service.

Down the line I'd like to be running another resolver, as well.

Tim Bouma 3mo ago

The DNS system is incredibly resilient and secure. I am actually leveraging DNSSEC which validates your domain name, then at the last moment I make a jump to an “insecure” (not really) subdomain “nub” where all the npubs hang off. Your subdomain can point to multiple redundant name servers, so if any of them go down, it just keeps on ticking. In the end, I’m just leveraging the security of DNS and IP, the way it was designed to be. I just wrote a DNS server that resolves records from signed events, instead of zone files. The simple idea - is that any npub can have its own DNS records and be a first class citizen of DNS.

shaun 3mo ago

I have always thought nip 05 would be better if you just put npubs in txt records.

Tim Bouma 3mo ago

Yup. Already thinking about that with service record.

RFC 2782 (1999) — SRV Records

• Defines the format _service._proto.name.

• Example: _sip._tcp.example.com points to the host/port handling SIP over TCP.

• This is the canonical RFC that legitimized underscores in DNS labels for service discovery.