What is Zooko's triangle?
Zooko's triangle is a trilemma of three properties that are generally considered desirable for names of participants in a network protocol:Source: Wikipedia
- Human-meaningful: Meaningful and memorable (low-entropy) names are provided to the users.
- Secure: The amount of damage a malicious entity can inflict on the system should be as low as possible.
- Decentralized: Names correctly resolve to their respective entities without the use of a central authority or service.
Which creteria does the DNS in I2P fulfill?
For this, one should clarify which aspect of the DNS one is
looking at more closely in I2P.
Local addressbook:
Once there is a local address book. The domain names with
the corresponding destinations are stored in this. Once this
model is looked at without further configuration.
DNS:
Depending on the configuration, the domain names with the
corresponding destinations are taken from several
registries. This means that you always have an up-to-date list
of domains, but also that name collisions can occur. For example,
registrar A can have a different destination for a domain than
registrar B. This configuration is considered under the generic
term "DNS".
b32:
And once there is like in Tor with .onion addresses in I2P
.b32.i2p addresses. These are derived from a public key. As
far as cryptography is secure (assumed here), no two .b32.i2p
addresses can exist with different destinations.
Local addressbook
Human-meaningful: Names are stored in the address book in a way that is comprehensible to the user. These are freely selectable.Secure: In the local address book, each domain name can have only one destination. Name collision is thus excluded.
Decentralized: The local address book is stored on the user's computer. It is therefore central.
DNS
Human-meaningful: Unless a domain with the same name is registered, the domain names are freely selectable at the registries. Therefore, it is also possible to choose human-meaningful names.Secure: Depending on how far the registries "exchange" and depending on the configuration of the user it is possible that name collision occurs. Thus, a domain can have two or more destinations.
Decentralized: Anyone can open and operate a registry. (There is also no master implementation) There are currently several. The registries are not under the control of a central authority.
b32
Human-meaningful: The .b32.i2p addresses are derived from keys. These keys are created randomly. Therefore, the .b32.i2p addresses are also random. Thus they also have no special meaning for humans.Note: There are also brute-force generated keys, which are partially human-meaningful.
It is possible to generate new keys until a part of the key is human-meaningful. However, this is very laborious. Furthermore, it is almost impossible to create a whole .b32.i2p which is human-understandable. Even with some effort only the first characters of the .b32.i2p are human-meaningful.Secure: Since .b32.i2p addresses are derived from cryptographic keys, it is virtually impossible to generate two identical .b32.i2p addresses with different destinations.
Decentralized: Anyone can generate new keys. A simple computer program is sufficient for this. It is therefore not possible for a central authority to have control over key generation.