38C3 Summary
As was previously announced, several developers represented Namecoin at 38C3 in Leipzig, Germany. You know the drill by now: we had a lot of conversations with other attendees, and we won’t be publicly disclosing the content of those conversations, because I want people to be able to talk to us at conferences without worrying that off-the-cuff comments will be broadcast to the public. That said, a practical result of one of those conversations should be getting its own announcement in the next day or two.
There were multiple Namecoin-related talks at the Critical Decentralization Cluster (CDC). We’re still waiting for the official recordings to be published, but in the meantime, live-stream archives are provided below where available.
Lightning Talk: Intro to Namecoin
Speaker: Yanmaani
- Pretalx page
- Was not live-streamed; recording coming soon.
Lightning Talk: Intro to Sibermerdeka
Speaker: Rose Turing
- Pretalx page
- Was not live-streamed; recording coming soon.
A lost art: forgotten primitives for a decentralized web
Speaker: Yanmaani
There were many projects around the new millennium seeking to create decentralized/anonymous networks. Most failed, but they had some good ideas that died along with them. This talk will cover some “lost gems” from that era.
Most development within anonymous overlay networks the past 20 years has centered around low-latency networks (like Tor or I2P); networks that allow you to use conventional web applications and protocols. (like IRC, or whatever web applications you want)
High-latency networks don’t allow you to do this. They require you to re-build everything from the ground up. That’s why they never took off, but it also required clever people to spend a lot of time building interesting things.
This short talk will cover the primitives that were used to build things like decentralized web sites, search engines, identity systems, and even bulletin boards. While of little practical use today, the techniques in some ways exceed our current technology and ought to be remembered.
- Pretalx page
- Was not live-streamed; recording coming soon.
Not Your Keys, Not Your Name
Speaker: Adam Joseph
This talk will explain the benefits of decentralized protocols which use public keys directly as identities, and encourage this approach for newly-designed protocols.
The example familiar to the most CCC attendees is Tor onion names. At least 20 other protocols use this strategy as well. This talk will briefly survey those examples and explain the benefits of this approach for autonomy, decentralization, and ability to resist surveillance.
The main alternative to public keys is names controlled by some globally trusted party, such as US-ICANN, the DNSSEC root key, or the browser-vendors’ WebPKI appointees. This talk will explain the drawbacks of centralized alternatives.
If a protocol uses public keys as identities, it should allow users to keep their permanent private key offline. Private keys in online “secure elements” are not offline. Because an online device requires a network connection its physical location cannot be hidden; this means it can be seized or stolen and the keys extracted using a vulnerability like the one recently discovered in all Yubikeys and Infineon TPMs. Only a small number of protocols support offline identity keys. This support cannot be added to a protocol “after the fact”; it must be included from the very beginning. This talk will encourage protocol designers to include this feature from the very beginning, and will give concrete advice (“copy SSH or Tor”) on how to do it.
More details can be found here: https://codeberg.org/amjoseph/not-your-keys-not-your-name.
Self-Authenticating TLS Certificates for Tor Onion Services
Speaker: Jeremy Rand
TLS (the security layer behind HTTPS) and Tor onion services (anonymously hosted TCP services) are both excellent protocols. Wouldn’t it be nice if we could use them together? In this talk, I’ll cover a working implementation of combining TLS with onion services, without compromising on the security properties that each provides.
Topics to be covered include:
- Why would you want to combine TLS with onion services? Why isn’t onion service encryption good enough?
- Why isn’t unauthenticated TLS (e.g. self-signed certificates) good enough for onion services?
- How can we authenticate a TLS certificate for a
.onion
domain without relying on public CA’s like Let’s Encrypt or any other trusted third parties? (No we’re not using a blockchain.) - How can we teach standard (unmodified) web browsers like Firefox to apply different certificate validation logic for
.onion
certificates? - How can we teach standard (unmodified) web browsers like Firefox to validate certificates using typically-unsupported elliptic curves like Ed25519 (which Tor uses)?
-
How is teaching standard (unmodified) web browsers like Firefox to validate
.onion
certificates similar to Namecoin.bit
certificates? How is it different? - Pretalx page
- Live-stream archive on YouTube
Scaling Namecoin
Speaker: Robert Nganga
The DNS has an inherent scalability advantage over Namecoin. But that doesn’t mean we’re not going to optimize Namecoin as best we can. In this talk, I’ll cover several tactics we’re using to reduce the on-chain data stored by Namecoin — while minimizing the UX impact.
Topics to be covered include:
- Why is the Namecoin value size only 520 bytes?
- How can security improvements like cold storage support allow storing more data?
- How did we avoid putting TLS public keys in the blockchain?
- How are we compressing the data that goes into the blockchain?
- How are we shrinking the on-chain overhead of registrations of new names?
There may be bit of bonus content covering other Namecoin development.
Protecting Namecoin Users from Their Mistakes: Namecoin Wallet UX
Speaker: Rose Turing
If user mistakes cause their website to go down, that’s already bad — but not nearly as bad as if user mistakes make them permanently lose control of their website or get doxed and arrested. This talk is about how we’re helping Namecoin wallet users avoid mistakes before they cause irreversible consequences.
People are generally way more careless than we give them credit for, and all it takes for a full on security breach is one mistake, anywhere in the worst of cases. Our job in Namecoin is to prevent such incidents from occurring, and this means designing our UX in such a way that mistakes can be avoided by end-users. In this talk we discuss the consequences of mistakes on the user’s end as well as mitigations that have or will be implemented in Namecoin.
Topics to be covered include:
- Warning about likely-invalid domain configurations.
-
Preventing accidental expiration disasters.
- Pretalx page
- Live-stream archive on YouTube
Thanks
Huge thank you to The Critical Decentralization Cluster for facilitating our participation. We’re looking forward to 39C3 in December 2025!
This work was funded by NLnet Foundation’s Internet Hardening Fund, NLnet Foundation’s Next Generation Internet Zero Core Fund, and Cyphrs.