TY - GEN
T1 - Blockstack
T2 - 2016 USENIX Annual Technical Conference, USENIX ATC 2016
AU - Ali, Muneeb
AU - Nelson, Jude
AU - Shea, Ryan
AU - Freedman, Michael J.
PY - 2016/1/1
Y1 - 2016/1/1
N2 - Blockchains like Bitcoin and Namecoin and their respective P2P networks have seen significant adoption in the past few years and show promise as naming systems with no trusted parties. Users can register human meaningful names and securely associate data with them, and only the owner of the particular private keys that registered them can write or update the name-value pair. In theory, many decentralized systems can be built using these blockchain networks, such as new, decentralized versions of DNS and PKI. As the technology is relatively new and evolving rapidly, however, little production data or experience is available to guide design tradeoffs. In this paper, we describe our experiences operating a large deployment of a decentralized PKI service built on top of the Namecoin blockchain. We present various challenges pertaining to network reliability, throughput, and security that we needed to overcome while registering and updating over 33,000 entries and 200,000 transactions on the Namecoin blockchain. Further, we discuss how our experience informed the design of a new blockchain-based naming and storage system called Blockstack. We detail why we switched from the Namecoin network to the Bitcoin network for the new system, and present operational lessons from this migration. Blockstack is released as open source software and currently powers a production PKI system for 55,000 users.
AB - Blockchains like Bitcoin and Namecoin and their respective P2P networks have seen significant adoption in the past few years and show promise as naming systems with no trusted parties. Users can register human meaningful names and securely associate data with them, and only the owner of the particular private keys that registered them can write or update the name-value pair. In theory, many decentralized systems can be built using these blockchain networks, such as new, decentralized versions of DNS and PKI. As the technology is relatively new and evolving rapidly, however, little production data or experience is available to guide design tradeoffs. In this paper, we describe our experiences operating a large deployment of a decentralized PKI service built on top of the Namecoin blockchain. We present various challenges pertaining to network reliability, throughput, and security that we needed to overcome while registering and updating over 33,000 entries and 200,000 transactions on the Namecoin blockchain. Further, we discuss how our experience informed the design of a new blockchain-based naming and storage system called Blockstack. We detail why we switched from the Namecoin network to the Bitcoin network for the new system, and present operational lessons from this migration. Blockstack is released as open source software and currently powers a production PKI system for 55,000 users.
UR - http://www.scopus.com/inward/record.url?scp=85070217701&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85070217701&partnerID=8YFLogxK
M3 - Conference contribution
T3 - Proceedings of the 2016 USENIX Annual Technical Conference, USENIX ATC 2016
SP - 181
EP - 194
BT - Proceedings of the 2016 USENIX Annual Technical Conference, USENIX ATC 2016
PB - USENIX Association
Y2 - 22 June 2016 through 24 June 2016
ER -