Proposal for Advertising Lightning Nodes via DNS Records
tyzbit made a proposal last week that would allow Ligntning node operators to advertise their nodes using DNS (Domain Name System). Quote:
A challenge end-users face is connecting to nodes with enough liquidity to pay every merchant, and failing that, finding the merchant node in a reasonably sane way to open a channel to them for payments.
As it is now, people find nodes in other people’s visualizers, and pass node aliases around via word of mouth which is very prone to inaccuracy and MITM attacks. A current alternative is attempting to make a payment, decoding the payment request, finding the node on your graph and attempting to open a channel to the merchant. This is only possible if the destination is advertising addresses.
He proposed using SRV DNS records on subdomains to advertise nodes:
A domain will advertise one or more nodes by responding to a DNS query of type SRV to _lightning._tcp.example.com with one or more records of nodes to connect to.
This can be to connect and gossip with the node, and/or to open a channel to the node for the purposes of future payments.
After some feedback and concerns raised by Christian Decker and ZmnSCPxj regarding user privacy and potential risks for public and private nodes belonging to the same economic entity, tyzbit pulled its support of the proposal. Quote:
To summarize the primary issue with this proposed BOLT: DNS in its current form cannot be trusted as part of the Lightning spec, plain and simple.
While I’ve rescinded my support, I don’t discourage thoughtful implementation of functionality like this, but I do caution any implementation to properly inform the user as to the inherent risk in trusting DNS, and only use DNS records as a way to increase confidence, not make guarantees, that a node is associated to the domain it says it is.
I will continue to approach the problem of securely advertising human-understandable node names, and I hope someday soon I will have a solution Lightning can use that retains the open, decentralized properties of the technology and the underlying blockchains.
Support us and the authors of this article by donating to the following address:39wGRqU2R7xRDD6vc5xWyrkQJRhXFhRRhV