Chinese government entity files U.S. patent application for blockchain-based DNS.
The Chinese government wants a U.S. patent for a decentralized, blockchain-based DNS that could compete with the existing domain name system overseen by ICANN.
The China Internet Network Information Center (CNNIC), the internet division under China’s Ministry of Industry and Information Technology, filed a U.S. patent application (pdf) for Blockchain multi-party shared-governance-based system for maintaining domain name information.
In the application, CNNIC explains what it believes is troublesome with the current system:
However, at present, the domain name root service system is centrally managed and maintained by ICANN and related agencies thereof, which leads to inefficient and inconvenient domain name application, maintenance and use to some extent. In addition, the hierarchical central management mode of the DNS system presents deficiencies in fairness and stability, as well as the most important issue, that is security risks, such as DDoS and DNS cache pollution. Since all data is stored centrally on the central server, it is very likely that the domain name holder or even the entire system will suffer losses due to operational errors or attacks on the domain name information without the assistance or regulation of a second equivalent agency. In the process of implementing the embodiments of the present application, the inventor has found that in the traditional DNS service system adopting a centralized maintenance method, the normal operation of the entire system will be affected and the system has low stability and security once the central server is attacked or operated incorrectly.
CNNIC’s solution is:
a Root blockchain, formed by first network nodes where top-level domain registries are located;
collecting, by each authoritative node among the first network nodes, domain name operation information from each first network node, and packing the collected domain name operation information to obtain first block information;
broadcasting, by a first authoritative node, the first block information to each second authoritative node, receiving verification result on the first block information sent by each second authoritative node, and broadcasting the first block information to each first network node to execute the domain name operation information in the first block information at each first network node in the Root blockchain when the number of authoritative nodes by which the verification of the first block information passes exceeds a first preset threshold;
wherein, each authoritative node among the first network nodes is reviewed and determined by a preset review mechanism, and the authoritative nodes in the Root blockchain includes a first authoritative node and a plurality of second authoritative nodes.
The application explains the benefits of this approach:
…Through such a decentralized method for maintaining domain name information, the final state will not be affected by a mistake or an attack on one network node, resulting in higher security and better stability of the entire system compared to the centralized maintenance method. Furthermore, all the domain name operation information is stored in each first network node in the Root blockchain to prevent malicious tampering, and a reliable data source is provided for update of domain name.
Most proponents of decentralized domain name systems promote that they make it difficult to censor domains and their associated websites. That is likely counter to CNNIC’s goals.
CNNIC filed the application in December, claiming priority to a patent it filed in China in 2019.