{"id":15025204,"url":"https://github.com/okturtles/dnschain","last_synced_at":"2025-05-15T14:02:27.743Z","repository":{"id":13551666,"uuid":"16243703","full_name":"okTurtles/dnschain","owner":"okTurtles","description":"A blockchain-based DNS + HTTP server that fixes HTTPS security, and more!","archived":false,"fork":false,"pushed_at":"2017-04-22T03:52:26.000Z","size":1874,"stargazers_count":1728,"open_issues_count":44,"forks_count":170,"subscribers_count":135,"default_branch":"master","last_synced_at":"2025-04-15T02:16:43.281Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://okturtles.com","language":"CoffeeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/okTurtles.png","metadata":{"files":{"readme":"README.md","changelog":"HISTORY.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"docs/Security-Model.md","support":null}},"created_at":"2014-01-26T00:53:46.000Z","updated_at":"2025-04-10T08:56:21.000Z","dependencies_parsed_at":"2022-08-29T23:50:40.177Z","dependency_job_id":null,"html_url":"https://github.com/okTurtles/dnschain","commit_stats":null,"previous_names":[],"tags_count":14,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/okTurtles%2Fdnschain","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/okTurtles%2Fdnschain/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/okTurtles%2Fdnschain/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/okTurtles%2Fdnschain/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/okTurtles","download_url":"https://codeload.github.com/okTurtles/dnschain/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248991561,"owners_count":21194894,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-09-24T20:01:43.882Z","updated_at":"2025-04-15T02:16:51.002Z","avatar_url":"https://github.com/okTurtles.png","language":"CoffeeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# DNSChain\n\n[![npm version](https://badge.fury.io/js/dnschain.svg)](https://npmjs.org/package/dnschain) [![Build Status](https://img.shields.io/travis/okTurtles/dnschain/master.svg?label=build%20(master))](https://travis-ci.org/okTurtles/dnschain) [![Build Status](https://img.shields.io/travis/okTurtles/dnschain/dev.svg?label=build%20(dev))](https://travis-ci.org/okTurtles/dnschain) [![Gitter](https://img.shields.io/badge/GITTER-JOIN%20CHAT%20%E2%86%92-brightgreen.svg)](https://gitter.im/okTurtles/dnschain)\n\nThere is a problem with how the Internet works today:\n\n- HTTPS [is not secure](http://okturtles.com/#not-secure). Like most \"secure\" communications protocols,\n  it is susceptible to undetectable public-key substitution MITM-attacks (example: [Apple iMessages](https://www.taoeffect.com/blog/2014/11/update-on-imessages-security/)).\n- Netizens do not own their online identities. We either borrow them from\n  companies like twitter, or rent then from organizations like ICANN.\n\nThese problems arise out of two core Internet protocols:\n[DNS](https://en.wikipedia.org/wiki/Domain_Name_System) and [X.509](https://en.wikipedia.org/wiki/X.509).\n\nDNSChain offers a free and secure decentralized alternative while remaining backwards compatible\nwith traditional DNS.\n\nIt compares favorably to [the alternatives](docs/Comparison.md), and provides the following features:\n︎\n\u003c!-- This extra line is necessary for table to render properly. --\u003e\n|                                                                          | DNSChain           | X.509 PKI with [Certificate Transparency][ct] |\n|:-------------------------------------------------------------------------|:-------------------|:----------------------------------------------|\n| __MITM-proof'ed [Internet connections][mitm]__                           | :white_check_mark: | :x:                                           |\n| __Secure and simple [GPG key distribution][gpg]__                        | :white_check_mark: | :x:                                           |\n| __MITM-proof RESTful [API to blockchain][api]__                          | :white_check_mark: | :x:                                           |\n| __Free and [actually-secure][free] SSL certificates__                    | :white_check_mark: | :x:                                           |\n| __Stops many [denial-of-service attacks][dos]__                          | :white_check_mark: | :x:                                           |\n| __Certificate revocation [that actually works][rev]__                    | :white_check_mark: | :x:                                           |\n| __DNS-based [censorship circumvention][cens]__                           | :white_check_mark: | :x:                                           |\n| __Prevents [domain theft][theft] (\"seizures\")__                          | :white_check_mark: | :x:                                           |\n| __Access blockchain [domains like `.bit`, `.p2p`, `.nxt`, `.eth`][use]__ | :white_check_mark: | :x:                                           |\n| __Certificate transparency (publicly auditable log of certs)__           | :white_check_mark: | :white_check_mark: ([maybe][ct])              |\n\n[ct]: https://blog.okturtles.com/2015/03/certificate-transparency-on-blockchains/\n[mitm]: docs/What-is-it.md#MITMProof\n[gpg]: docs/What-is-it.md#GPG\n[free]: docs/What-is-it.md#Free\n[dos]: docs/What-is-it.md#DDoS\n[rev]: docs/What-is-it.md#Revocation\n[cens]: docs/What-is-it.md#Censorship\n[theft]: https://www.techdirt.com/articles/20141006/02561228743/5000-domains-seized-based-sealed-court-filing-confused-domain-owners-have-no-idea-why.shtml\n[use]: docs/How-do-I-use-it.md\n[api]: docs/What-is-it.md#API\n\n**:star: See Also: [Comparison](docs/Comparison.md) and [Security Model](docs/Security-Model.md)**\n\n**:star: April 21, 2017: Comparison of [DPKI](https://github.com/okTurtles/dnschain/issues/180#issuecomment-255641398) to [CONIKS, Key Transparency, Certificate Transparency](https://blog.okturtles.com/2017/02/coniks-vs-key-transparency-vs-certificate-transparency-vs-blockchains/)**\n\n## Documentation\n\n### [:book: What is it?](docs/What-is-it.md)\n\n- DNSChain replaces X.509 PKI with the blockchain\n- MITM-proof authentication\n- Simple and secure GPG key distribution\n- Secure, MITM-proof RESTful API to blockchains\n- Free SSL certificates become possible\n- Prevents DDoS attacks\n- Certificate revocation that actually works\n- DNS-based censorship circumvention\n- Other features: testing suite, rate-limiting, and caching\n\n### [:book: Using DNSChain](docs/How-do-I-use-it.md)\n\n- Free public DNSChain servers\n- Access blockchain domains like `okturtles.bit`\n- Registering blockchain domains and identities\n- Encrypt communications end-to-end without relying on untrustworthy third-parties\n- Unblock censored websites *(coming soon!)*\n- And more!\n\n### [:book: Running your own DNSChain server](docs/How-do-I-run-my-own.md)\n\n- Requirements\n- Getting Started\n- Configuration\n- Guide: Setting up a DNSChain server with Namecoin and PowerDNS\n- *Coming Soon: securing HTTPS websites with DNSChain.*\n\n### [:book: Developers](docs/Developers.md)\n\n- Securing Your Apps With DNSChain\n- Contributing to DNSChain development\n- Adding support for your favorite blockchain\n- Running Tests\n\n## Community\n\n- [Forums](https://forums.okturtles.com)\n- [@DNSChain](https://twitter.com/dnschain) + [@okTurtles](https://twitter.com/okTurtles)\n- [![Gitter](https://badges.gitter.im/Join Chat.svg)](https://gitter.im/okTurtles/dnschain)\n\n## Other Resources\n\n__:tv: Watch__\n\n- [okTurtles + DNSChain Demo at SOUPS 2014 EFF CUP](https://www.youtube.com/watch?v=7QLaKW8ABy4)\n- [Blockchain University lecture on DNSChain](https://www.youtube.com/watch?v=GJd5uECEkSs) (2h+, but you will [know kung-fu](https://www.youtube.com/watch?v=6vMO3XmNXe4) afterward!)\n- [SF Bitcoin Meetup: Securing online communications with the blockchain](https://www.youtube.com/watch?v=Qy1x3Ud8LCI)\n- [SF Bitcoin Developers Meetup: Deep Dive into Namecoin and DNSChain](https://www.youtube.com/watch?v=wUiMIy9urTA)\n\n__:speaker: Listen__\n\n- [P2P Connects Us Podcast on DNSChain](http://letstalkbitcoin.com/blog/post/p2p-connects-us-episode-four)\n- [Frontier Podcast on DNSChain, DNSCrypt, MITM attacks, \u0026 more](http://reelsense.tv/frontier/101)\n- [Beyond Bitcoin Hangouts with Bitshares crew on DNSChain](https://soundcloud.com/beyond-bitcoin-hangouts/beyond-bitcoin-hangout-greg-slepak-dnschain-2014-10-24)\n- [Katherine Albrecht's privacy-focused radio show](http://www.katherinealbrecht.com/show-archives/2014/06/19/)\n\n__:page_facing_up: Read__\n\n- Engadget: [New web service prevents spies from easily intercepting your data](http://www.engadget.com/2014/09/29/okturtles/)\n- Let's Talk Bitcoin: [Security in Decentralized Domain Name Systems](http://letstalkbitcoin.com/blog/post/security-in-decentralized-domain-name-systems)\n- ProgrammableWeb: [Can the blockchain replace ~~SSL~~ X.509?](https://www.programmableweb.com/news/can-blockchain-replace-ssl/analysis/2015/03/17)\n- [An intro to DNSChain: Low-trust access to definitive data sources](http://simondlr.com/post/94988956673/an-intro-to-dnschain-low-trust-access-to)\n- [How to setup a blockchain DNS server with DNSChain](docs/setting-up-dnschain-namecoin-powerdns-server.md)\n- [The Trouble with Certificate Transparency](https://blog.okturtles.com/2014/09/the-trouble-with-certificate-transparency/)\n- [Introducing the dotDNS metaTLD](https://blog.okturtles.com/2014/02/introducing-the-dotdns-metatld/)\n- [DNSChain versus...](docs/Comparison.md)\n\n_Have a link? [Let us know](https://twitter.com/dnschain)!_\n\n## Contributors\n\n_Approximate chronological order._\n\n- [Greg Slepak](https://twitter.com/taoeffect) (Original author and current maintainer)\n- [Simon Grondin](https://github.com/SGrondin) (Unblock feature: DNS-based censorship circumvention)\n- [Matthieu Rakotojaona](https://otokar.looc2011.eu/) (DANE/TLSA contributions and misc. fixes)\n- [TJ Fontaine](https://github.com/tjfontaine) (For `native-dns`, `native-dns-packet` modules and related projects)\n- [Za Wilgustus](https://twitter.com/ZancasDeArana) (For [pydnschain](https://github.com/okTurtles/pydnschain) contributions)\n- [Cayman Nava](https://github.com/WeMeetAgain) (Ethereum support, api.icann.dns, and core developer)\n- [Vignesh Anand](https://github.com/vegetableman) (Front-end + back-end for DNSChain admin interface)\n- [Mike Ward](https://twitter.com/bocamike) (Documentation)\n- [Dionysis Zindros](https://github.com/dionyziz) ([pydnschain](https://github.com/okTurtles/pydnschain) work)\n- [Chara Podimata](https://www.linkedin.com/in/charapodimata) ([pydnschain](https://github.com/okTurtles/pydnschain) work)\n- [Konstantinos Lolos](https://www.linkedin.com/in/kostislolos) ([pydnschain](https://github.com/okTurtles/pydnschain) work)\n- [Anton Wilhelm](https://github.com/toenu23) (Support for [Nxt](http://nxt.org) cryptocurrency)\n- [Tim Uy](https://github.com/tofutim) (Ubuntu tutorial)\n- [Michael Bumann](https://twitter.com/bumi) (optional CORS support)\n- *Your name \u0026 link of choice here!*\n\n## Release History\n\n__[Blog post for 0.5 release.](https://blog.okturtles.com/2015/03/dnschain-0-5-released-https-openname-resolver-api-more/)__\n\n###### 0.5.3 - September 5, 2015\n\n- __New Features:__\n    + Optional CORS support from [Michael Bumann](https://twitter.com/bumi) (thanks!).\n- __Improvements:__\n    + Bumped `hiredis` to 0.4.1 for latest iojs compat.\n\n###### 0.5.2 - March 11, 2015\n\n- __Improvements:__\n    + Includes tests for verifying NXT support\n    + Added [`superagent`](https://github.com/visionmedia/superagent) for simpler HTTP requests\n    + Moved `dnsHandler` into `blockchain.coffee` template class\n    + Prevent `favicon.ico` requests from filling logs\n    + Improved `Comparisons.md` documentation\n    + Misc. code and logging improvements\n- __Fixes:__\n    + #138: Nxt resolver not working\n    + #140: Prevent non-json values in Namecoin from returning \"Not found\"\n    + #141: Allow arbitrary namecoin keys, but enforce ICANN domain rules for for `d/`\n    + #142 + #120: Make it less likely Travis will fail\n\n###### [:book: Older version notes](HISTORY.md)\n\nCopyright (c) okTurtles Foundation. Licensed under [MPL-2.0 license](http://mozilla.org/MPL/2.0/).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fokturtles%2Fdnschain","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fokturtles%2Fdnschain","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fokturtles%2Fdnschain/lists"}