- Decentralized apps ("dapps") are built atop the web runtime, using HTML/CSS/JS.
- The IPFS network distributes content using P2P swarms à la BitTorrent. It is robust to censorship, and functions as a built-in CDN.
In terms of architecture, these are the following layers:
- A naming system: unlike DNS, ENS is a universal username. An ENS name can refer to content (IPFS), payment addresses (ETH, BTC) and social profiles (twitter, etc.). Developers can publish content to ENS names, and users can configure their ENS name with rich information useful in applications.
- A hypermedia protocol. IPFS is a protocol that uses content-addressing (
hash(content) -> content), which is more robust than location-addressing (
IP -> content) used in HTTP. No more broken links.
- A content distribution network. IPFS is a P2P protocol that distributes content like BitTorrent. It is in essence, a globally-functioning P2P CDN.
- A web browser. Web browsers provide us the application platform to run apps, using HTML, CSS and JS.
- 2.Generate an IPNS (IPFS Naming System) keypair. This is your keypair you use to publish.e.g.
- 3.Set the content hash for your domain to your IPNS keypair.
- 4.Publish content to your IPNS.
Dappnet is composed of multiple pieces:
- a browser extension.
- a SOCKS5 proxy.
- a local gateway.
- an optimized IPFS node for speed of access.
- a .eth certificate authority.
Compatible with Chrome/Firefox. Proxies .eth requests in-browser to a local SOCKS5 proxy server.
Proxies requests to the local gateway.
The gateway provides for both HTTP and HTTPS connections. Port 10422 serves HTTP, port 10424 serves HTTPS.
The SOCKS5 proxy rewrites the network requests automatically:
# proxy rewrite schema
localhost:80 -> localhost:10422
localhost:443 -> localhost:10424
The proxy is hosted on
- Resolves .eth content hashes. Supports resolution of IPNS and IPFS hashes.
- Streams content from the local IPFS node.
- Provides HTTPS connections to .eth dapps. HTTPS is needed, otherwise dapps can't use libraries that use web sockets over TLS (wss://) due to mixed content policies of the browser. Wildcard certificates are not available for non-standard TLD's like .eth. So the gateway dynamically generates HTTPS certificates for all .eth domains, on-demand.
- Caches DNSLink, ENS, and IPNS resolutions for the best UX possible.
- Bundles 3 different services:
- local gateway
- an IPFS node
- All automatically started and stopped.
- Comes with a slick UI for accessing different dapps.
Automatically configured to peer with Cloudflare for optimum performance.
The node operates in the
lowpowerprofile, which does not contribute resources to the IPFS network. This is because during testing we found the default IPFS consumes >20% CPU at peak, and some at idle due to its gossipping protocol. For this reason, we are building out integration for BitTorrent as a more decentralized and lightweight alternative. An article on this R&D will come soon.
A local certificate the user must install as the .eth root of trust. The CA private keys are generated during installation and never leave the device.