"Even though only data record hashes are stored in blockchain transactions, we can use them to verify the authenticity and integrity of the data itself once we get it. For example, you can host your data in S3, and other peers can verify your data by first obtaining the hash from Blockstack DNS and then checking it against your data's hash."
So functionally what this is solving is (I'm asking here):
- Nobody can take your domain away b/c they don't have the keys, so stuff like domain sniping, ISP interference, Government seizure, etc. are less likely (notwithstanding https://xkcd.com/538/)
- Every piece of data is checksummed so you can (and maybe this is what the Blockstack browsers are doing) verify that it hasn't been tampered with ala MITM.
But even with that, I'm still unclear on just what's the right way to think about this. Like if I setup a new web site on a domain, would I also enter in every file on the page as a separate 'data record hash'?
in my view, this is where all the blockchain ideas break down. once you require a central party holding the data for the service, its no longer decentralized. theres a reason the bitcoin blockchain is slow, expensive and hard to use. All of its weaknesses are sacrifices the users make in order to obtain decentralized uncensored internet money.
No. The data record hash is only about your zone file. The zone file is just like DNS. It can point to different things. So say you point 'profile' to 'mywebsite.com/myprofile.json', and then in your profile you can update things about yourself independently. Just make sure to always attach a signature to it, so people can verify that you actually did that.
We have a decentralized storage system, called Gaia, and you publish the files there. This gives you performance and reliability comparable to cloud computing.
Only the domain registrations hit the blockchain and it's a one-time operation (just like buying a domain name for your website or app).
https://blockstack.org/docs/how-blockstack-works
This is DNS on top of the blockchain right?
Though where it deviates some is:
"Even though only data record hashes are stored in blockchain transactions, we can use them to verify the authenticity and integrity of the data itself once we get it. For example, you can host your data in S3, and other peers can verify your data by first obtaining the hash from Blockstack DNS and then checking it against your data's hash."
So functionally what this is solving is (I'm asking here):
- Nobody can take your domain away b/c they don't have the keys, so stuff like domain sniping, ISP interference, Government seizure, etc. are less likely (notwithstanding https://xkcd.com/538/)
- Every piece of data is checksummed so you can (and maybe this is what the Blockstack browsers are doing) verify that it hasn't been tampered with ala MITM.
But even with that, I'm still unclear on just what's the right way to think about this. Like if I setup a new web site on a domain, would I also enter in every file on the page as a separate 'data record hash'?