| Internet-Draft | UTXO-DNS Protocol | March 2026 |
| Tian | Expires 28 September 2026 | [Page] |
This document defines the UTXO Domain Name System (UTXO-DNS), a distributed domain name system based on the blockchain Unspent Transaction Output (UTXO) model. UTXO-DNS provides a decentralized domain name resolution mechanism supporting the registration, resolution, and management of both global and region-specific domain names. The system adopts a hierarchical naming structure compatible with the existing DNS while ensuring domain name ownership proof and tamper-proof characteristics through blockchain technology.¶
This protocol extends the traditional DNS protocol by introducing a blockchain-based domain name ownership verification mechanism, supporting internationalized domain names, digital currency address records, and decentralized identity records, among other new features.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 2 September 2026.¶
Copyright (c) 2026 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document.¶
With the development of distributed systems and blockchain technology, the traditional centralized domain name system faces challenges in ownership transparency, censorship resistance, and decentralized control. The existing DNS system has the following limitations:¶
Centralized control: the management of top-level domains is concentrated in ICANN and a few registries.¶
Non-transparent ownership: domain name ownership records are opaque and vulnerable to single points of failure.¶
Security dependencies: relies on centralized roots of trust and certificate authorities.¶
Limited internationalization: support for internationalized domain names is limited.¶
UTXO-DNS aims to provide an alternative solution based on the UTXO model, combining the naming hierarchy of DNS with the immutability of blockchain to achieve a truly decentralized domain name system.¶
UTXO-DNS follows these core design principles:¶
Backward Compatibility: maintain compatibility with existing DNS protocols (RFC 1034, RFC 1035) as much as possible.¶
Decentralization: eliminate single points of failure and single points of control, enabling distributed governance.¶
Verifiability: all domain name records are verifiable on-chain, providing cryptographic proofs.¶
Internationalization: full support for internationalized domain names (IDN) in accordance with RFC 5890.¶
Extensibility: support for multiple record types and extended features, including digital currency addresses and decentralized identities.¶
Privacy Protection: built-in privacy protection mechanisms supporting selective disclosure.¶
This document uses the following key terms:¶
| Term | Definition |
|---|---|
| UTXO | Unspent Transaction Output, representing ownership of assets on a blockchain. |
| Domain NFT | Non-Fungible Token representing ownership of a domain name. |
| Resolver Contract | Smart contract responsible for mapping domain names to resource records. |
| JUPC | JMBC Unified Communication Protocol. |
| Character Byte | UTF-8 encoded byte sequence with a maximum length of 16 bytes. |
| JMBC | JMBC digital currency based on the UTXO model. |
| CBDC | Central Bank Digital Currency. |
This protocol uses the following ABNF syntax to define domain name formats:¶
domain-label = 1*16(ALPHA / DIGIT / UTF8-char)
domain-name = domain-label *("." domain-label)
utxo-domain = domain-name ".utxo"
regional-domain = domain-name ".utxo" "." region-code
region-code = 2ALPHA ; ISO 3166-1 alpha-2
¶
Where UTF8-char refers to UTF-8 encoded characters conforming to RFC 3629.¶
UTXO-DNS adopts a layered architecture as shown below:¶
+----------------------------+
| Application Layer |
| (JMBC/CBDC Integration)|
+---------------------------------+
|
+------------------------------+
| Web3 Client Layer |
| (Resolver/Registrar) |
+---------------------------+
|
+-------------------------------------+
| UTXO-DNS Protocol Layer |
| (Message Format/Verification)|
+-------------------------------------+
|
+----------------------------------+
| JUPC Routing Layer |
| (Network Communication) |
+-------------------------------------+
|
+---------------------------------+
| Blockchain Layer |
| (UTXO/NFT Storage) |
+----------------------------------+
The UTXO-DNS protocol stack is as follows:¶
Application: HTTP/HTTPS, SMTP, other application protocols
|
UTXO-DNS: Domain Name Resolution Protocol
|
Transport: JUPC/TCP, JUPC/UDP
|
Network: JUPC/IP
|
Data Link: Ethernet, Wi-Fi, 5G, etc.
¶
UTXO-DNS domain names follow this ABNF syntax:¶
UTXO-DNS-name = global-domain / regional-domain
global-domain = label *("." label) ".utxo"
regional-domain = label *("." label) ".utxo" "." region-label
region-label = 2*63(ALPHA)
label = let-dig [*61(let-dig-hyp) let-dig]
let-dig = ALPHA / DIGIT
let-dig-hyp = ALPHA / DIGIT / "-"
¶
Each label's UTF-8 encoding must not exceed 16 bytes, and the total domain name length (including separators) must not exceed 253 bytes.¶
Internationalized domain names follow the IDNA2008 standards (RFC 5890-5894):¶
idn-label = *(ALPHA / DIGIT / other-utf8) other-utf8 = UTF8-char ; Unicode characters conforming to IDNA2008¶
The processing flow is as follows:¶
The format for global top-level domains is:¶
Example: jmbc.user.utxo Structure: [organization].[namespace].utxo¶
Characteristics: universally applicable, no geographical restrictions, governed by a common set of rules.¶
The format for regional domains is:¶
Example: jmbc.user.utxo.hk Structure: [organization].[namespace].utxo.[region-code] Region code: follows ISO 3166-1 alpha-2 standard¶
Characteristics: subject to region-specific regulations and must comply with local requirements.¶
All UTXO-DNS messages share the following header structure:¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Protocol | Version | Type | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Message ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Timestamp | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Nonce | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Signature Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + Signature + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Field | Description |
|---|---|
| Protocol | Protocol identifier, fixed to 0x5544 ('UD') |
| Version | Protocol version, currently 1 |
| Type | Message type (1=Query, 2=Response, 3=Update, 4=Notification) |
| Message ID | Message identifier, used for request-response matching |
| Timestamp | Unix timestamp, second precision |
| Nonce | Random number to prevent replay attacks |
| Signature Length | Length of the signature in bytes |
| Signature | Sender's signature over the message content |
The domain name resolution query message format is as follows:¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | UTXO-DNS Header | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | QType | QClass | Flags | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Domain Name Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + Domain Name (variable) + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Field | Description |
|---|---|
| QType | Query type (1=A, 28=AAAA, 5=CNAME, 16=TXT, 257=JMBC, 258=CBDC) |
| QClass | Query class (1=IN, 255=ANY) |
| Flags | Flags - Bit 0: Recursion Desired (RD) - Bit 1: Checking Disabled (CD) - Bit 2: Authentic Data requested (AD) - Bits 3-15: Reserved |
| Domain Name Length | Length of the domain name in bytes |
| Domain Name | Domain name being queried, using DNS name compression format |
The domain name resolution response message format is as follows:¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | UTXO-DNS Header | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | RCode | Flags | Answer Count | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Authority Count | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Additional Count | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + Answer Records + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + Authority Records + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + Additional Records + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Proof Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + Merkle Proof + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Field | Description |
|---|---|
| RCode | Response code (0=NOERROR, 3=NXDOMAIN, etc.) |
| Flags | Response flags - Bit 0: Authoritative Answer (AA) - Bit 1: Truncation (TC) - Bit 2: Recursion Available (RA) - Bit 3: Authentic Data (AD) - Bit 4: Checking Disabled (CD) - Bits 5-15: Reserved |
| Answer Count | Number of resource records in the answer section |
| Authority Count | Number of resource records in the authority section |
| Additional Count | Number of resource records in the additional section |
| Answer Records | Resource records for the answer section |
| Authority Records | Resource records for the authority section |
| Additional Records | Resource records for the additional section |
| Proof Length | Length of the proof data in bytes |
| Merkle Proof | Merkle proof used to verify the validity of the record |
The UTXO-DNS resource record format is as follows:¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Name (variable) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Class | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | TTL | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data Length | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Data (variable) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type value: 1¶
Data format: 32-bit IPv4 address in network byte order¶
Example: 192.0.2.1¶
Type value: 28¶
Data format: 128-bit IPv6 address in network byte order¶
Example: 2001:0db8:85a3:0000:0000:8a2e:0370:7334¶
Type value: 5¶
Data format: Canonical domain name using DNS name compression¶
Example: www.jmbc.user.utxo¶
Type value: 16¶
Data format: One or more character strings, each up to 255 characters¶
Example: "v=spf1 include:_spf.jmbc.utxo ~all"¶
Type value: 257 (experimental)¶
Data format:¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Version(1) | Address Type | Address Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + JMBC Address (variable) + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Field | Description |
|---|---|
| Version | Address format version, currently 1 |
| Address Type | Address type (1=P2PKH, 2=P2SH, 3=Bech32) |
| Address Length | Length of the address data in bytes |
| JMBC Address | JMBC digital currency address |
Type value: 258 (experimental)¶
Data format:¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Version(1) | CBDC Type | Country Code | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Address Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + CBDC Address (variable) + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Field | Description |
|---|---|
| Version | Address format version, currently 1 |
| CBDC Type | CBDC type (1=retail, 2=wholesale) |
| Country Code | ISO 3166-1 numeric country code |
| Address Length | Length of the address data in bytes |
| CBDC Address | Central Bank Digital Currency address |
Domain name registration follows this flow:¶
Client Resolver Contract Blockchain |----------Registration Request----->| | | |-------Check Availability------------------>| | |<------Domain Available--------------------| | | | |-------Payment Transaction (JMBC)-->| | | |-------Verify Payment---------------------->| | | | |<-----Registration Success Receipt--| | | |------Create UTXO Record---------------->|¶
The client sends a domain registration request to the resolver contract, containing the desired domain name and registration period.¶
The resolver contract checks whether the domain name is available (not registered and not on the reserved list).¶
If available, the resolver contract returns the registration fee and payment address.¶
The client sends a transaction containing JMBC payment to the specified address.¶
After verifying the payment, the resolver contract creates a domain UTXO record on the blockchain.¶
The client receives the transaction hash of the successful registration as a receipt.¶
The recursive resolution flow is as follows:¶
Client Recursive Resolver Authoritative Resolver |----------Query Request------->| | | |-------On-chain Query------------------------------------->| | |<-----Resolution+Proof-------------------------------------| |<-----Response+Proof-----------| | | | |-----Verify Proof (optional)--->| |¶
The iterative resolution flow is as follows:¶
Client Local Resolver Root Resolver Authoritative Resolver |--------Query Request------->| | | | |--------Query Root Resolver------->| | | |<-----Return Auth Resolver Addr | | | |--------Query Auth Resolver------->|------------------------------------------------>| | |<-----Resolution+Proof--------------|<------------------------------------------------| |<-----Response+Proof---------| | |¶
The domain name update flow is as follows:¶
Domain Owner Resolver Contract Blockchain |-------Update Request+Signature->| | | |-------Verify Ownership------------------------->| | |<-----Verification Passed--------------------------| | |-------Update Records---------------------------->| | | | |<-----Update Transaction Hash----| |¶
Domain updates include the following operations:¶
UTXO-DNS faces the following types of attacks:¶
Domain Hijacking: an attacker attempts to illegitimately gain control of a domain.¶
Cache Poisoning: polluting resolver caches to return false records.¶
Man?in?the?Middle Attacks: intercepting and modifying DNS queries/responses.¶
DDoS Attacks: denial?of?service attacks against resolution services.¶
Sybil Attacks: creating many fake nodes to influence the network.¶
Private Key Leakage: theft of a domain owner?s private key leading to domain theft.¶
Smart Contract Vulnerabilities: security flaws in resolver contracts.¶
UTXO-DNS employs the following cryptographic mechanisms:¶
Digital Signatures: all domain operations require the owner?s signature, using ECDSA (secp256k1) or EdDSA (Ed25519).¶
Merkle Proofs: on?chain proofs of record existence and validity.¶
Zero?Knowledge Proofs: optional identity privacy protection using zk?SNARKs or zk?STARKs.¶
Post?Quantum Algorithms: support for migration to post?quantum cryptography (PQC), including lattice?based signature schemes.¶
Operational security mechanisms include:¶
Timelocks: delays for sensitive operations (e.g., ownership transfer), default 24 hours.¶
Multi?signature: important domains can be configured with multi?sig control, requiring m?of?n signatures.¶
Emergency Recovery: recovery mechanism for lost private keys via social recovery or custodial services.¶
Sybil Attack Mitigation: registration limits and staking requirements; new registrations must stake JMBC.¶
Rate Limiting: rate limiting on frequent operations to prevent abuse.¶
Privacy threats in UTXO-DNS include:¶
Query Monitoring: attackers monitoring DNS queries to analyze user behaviour.¶
Ownership Correlation: linking real identities to users via domain ownership.¶
Transaction Graph Analysis: analysing blockchain transaction graphs to infer user relationships.¶
Metadata Leakage: metadata exposed during resolution leaking user information.¶
UTXO-DNS adopts the following privacy?enhancing technologies:¶
Encrypted Queries: support for Oblivious DNS over JUPC (ODoJ) using HPKE for end?to?end encryption.¶
Differential Privacy: adding Laplace noise to query statistics to protect aggregate privacy.¶
Ephemeral Identifiers: support for short?lived domains with automatic expiration for privacy.¶
Anonymous Credentials: anonymous proof of domain ownership using CL signatures or BBS+ signatures.¶
CoinJoin Techniques: transactions using CoinJoin or similar techniques to enhance privacy.¶
This specification requests IANA to assign new values in the following registries:¶
Assign the following values in the "Resource Record (RR) TYPEs" sub?registry of the "DNS Parameters" registry:¶
| Type Value | Mnemonic | Description | Reference |
|---|---|---|---|
| 257 | JMBC | JMBC digital currency address | [This document] |
| 258 | CBDC | Central Bank Digital Currency address | [This document] |
| 259 | DID | Decentralized Identifier document | [This document] |
Assign the following ports in the "Service Name and Transport Protocol Port Number" registry:¶
| Port | Protocol | Description | Status |
|---|---|---|---|
| 5353 | tcp/udp | UTXO-DNS service port | Suggested |
| 5354 | tcp/udp | UTXO-DNS over TLS service port | Suggested |
This specification requests IANA to create the following new registries:¶
Create a "UTXO-DNS Error Codes" registry with the following initial values:¶
| Code | Name | Description |
|---|---|---|
| 100 | BLOCKCHAIN_ERROR | Blockchain interaction error |
| 101 | PROOF_INVALID | Proof is invalid |
| 102 | DOMAIN_EXPIRED | Domain name has expired |
| 103 | INSUFFICIENT_FUNDS | Insufficient funds |
| 104 | SIGNATURE_INVALID | Signature is invalid |
| 105 | CONTRACT_ERROR | Smart contract error |
The registration policy for this registry shall be "Standards Action".¶
Create a "UTXO-DNS Flags" registry to record flag definitions in UTXO-DNS messages.¶
The registration policy for this registry shall be "Expert Review".¶
This specification follows the IETF patent policy[RFC8179].¶
According to RFC 8179, all entities participating in the development of this standard must:¶
The CoCa. Foundation hereby declares that:¶
For any patented technology essential to the implementation of this specification, the CoCa. Foundation commits to grant royalty?free licenses to all implementers, with licensing terms conforming to the IETF RAND principles.¶
UTXO-DNS is designed with compatibility with legacy DNS in mind:¶
Protocol Compatibility: uses a query?response model similar to traditional DNS.¶
Record Type Compatibility: supports traditional DNS record types (A, AAAA, CNAME, TXT, etc.).¶
Extension Mechanism: uses EDNS(0) extension mechanisms for compatibility.¶
Proxy Gateway: provides a proxy gateway from legacy DNS to UTXO-DNS.¶
Differences between UTXO-DNS and the Ethereum Name Service (ENS):¶
| Feature | UTXO-DNS | ENS |
|---|---|---|
| Base Model | UTXO/NFT model | Account model |
| Naming Hierarchy | Fixed .utxo TLD | Arbitrary TLDs |
| Regional Support | Built?in regional domains | No built?in support |
| Payment Integration | Native JMBC/CBDC | ETH/ERC-20 |
UTXO-DNS plans to provide a bidirectional bridge with ENS, allowing domain migration between the two systems.¶
UTXO-DNS adopts the following strategies to mitigate blockchain performance limitations:¶
Layered Storage: only ownership proofs and critical metadata are stored on?chain; resolution records are stored off?chain.¶
State Channels: high?frequency updates are handled via state channels and settled periodically on the main chain.¶
Batch Processing: multiple operations are packed into a single transaction to reduce on?chain load.¶
Cache Optimisation: extensive use of caching to reduce on?chain queries.¶
Sidechain Scaling: sidechains handle resolution queries while the main chain handles ownership transfers.¶
Domain name resolution performance optimisations:¶
The UTXO-DNS standardisation plan consists of four phases:¶
| Phase | Name | Timing | Main Objective |
|---|---|---|---|
| Phase 1 | Experimental Draft | 2024 Q4 | Publish initial Internet?Draft, establish test network |
| Phase 2 | Proposed Standard | 2025 Q2 | Complete interoperability testing, request IANA assignments |
| Phase 3 | Draft Standard | 2026 Q1 | Stable version, at least two independent implementations |
| Phase 4 | Internet Standard | 2027 Q1 | IESG approval, published as RFC |
UTXO-DNS standardisation follows the IETF standards process:¶
Initial Draft ? IETF Review ? Working Group Formation ? Working Group Draft ?
Multiple Reviews ? Working Group Last Call ? IESG Review ? RFC Publication
¶
A request for working group formation is expected to be submitted to the IETF in Q1 2025.¶
| Code | Name | Description |
|---|---|---|
| 0 | NOERROR | Successful completion |
| 1 | FORMERR | Format error |
| 2 | SERVFAIL | Server failure |
| 3 | NXDOMAIN | Domain name does not exist |
| 4 | NOTIMP | Function not implemented |
| 5 | REFUSED | Query refused |
| 6 | YXDOMAIN | Domain name already exists |
| 7 | YXRRSET | Resource record set already exists |
| 8 | NXRRSET | Resource record set does not exist |
| 9 | NOTAUTH | Server not authoritative |
| 10 | NOTZONE | Domain name not in zone |
| 100 | BLOCKCHAIN_ERROR | Blockchain interaction error |
| 101 | PROOF_INVALID | Proof invalid |
| 102 | DOMAIN_EXPIRED | Domain name expired |
| 103 | INSUFFICIENT_FUNDS | Insufficient funds |
| 104 | SIGNATURE_INVALID | Signature invalid |
| 105 | CONTRACT_ERROR | Smart contract error |
Query for the A record of jmbc.user.utxo:¶
Raw message (hexadecimal):
5544 01 01 00000001 00000000 00000001 00000000
00000048 3045022100... 00 01 0001 0B 6A6D6263
2E757365722E7574786F 0001 0001
Decoded:
- Protocol: UTXO-DNS (0x5544)
- Version: 1
- Type: Query (1)
- Message ID: 1
- Timestamp: 0
- Nonce: 1
- Signature length: 72 bytes
- Signature: 3045022100...
- QType: A (1)
- QClass: IN (1)
- Domain name length: 11 bytes
- Domain name: "jmbc.user.utxo"
¶
Response containing A record 192.0.2.1:¶
Raw message (hexadecimal):
5544 01 02 00000001 00000000 00000001 00000000
00000048 3045022100... 00 0001 0001 0000 0000
00000020 0B6A6D62632E757365722E7574786F 0001
0001 0000012C 0004 C0000201 00000020 010203...
Decoded:
- Protocol: UTXO-DNS (0x5544)
- Version: 1
- Type: Response (2)
- RCode: NOERROR (0)
- Flags: Authoritative Answer (0x0001)
- Answer count: 1
- Authority count: 0
- Additional count: 0
- Proof length: 32 bytes
- Domain name: "jmbc.user.utxo"
- Type: A (1)
- Class: IN (1)
- TTL: 300 seconds
- Data length: 4 bytes
- Data: 192.0.2.1
- Proof: Merkle proof data
¶
Example UTXO-DNS resolver configuration file (YAML format):¶
# utxo-dns-resolver.yaml
version: 1.0
network:
chain_id: "jmbc-mainnet-1"
rpc_endpoints:
- "https://rpc.jmbc.utxo:8545"
- "https://rpc2.jmbc.utxo:8545"
ws_endpoints:
- "wss://ws.jmbc.utxo:8546"
resolver:
cache_size: 10000
cache_ttl: 300
max_recursion: 10
enable_dnssec: true
enable_privacy: true
security:
require_proof: true
proof_expiry: 3600
allowed_algorithms:
- "secp256k1"
- "ed25519"
- "sr25519"
logging:
level: "info"
format: "json"
output: "/var/log/utxo-dns/resolver.log"
¶
Example UTXO-DNS client configuration file (JSON format):¶
{
"version": "1.0",
"resolvers": [
"https://dns1.jmbc.utxo:5353",
"https://dns2.jmbc.utxo:5353"
],
"fallback_resolvers": [
"8.8.8.8",
"1.1.1.1"
],
"prefer_utxo": true,
"enable_cache": true,
"cache_size": 1000,
"privacy": {
"enable_encryption": true,
"enable_oblivious": false,
"query_minimization": true
},
"debug": false
}
¶