This proposal can be thought of as a variation of this idea: Boundary Nodes as Censors
This proposal may be technically difficult or impractical to achieve, but if implementation is possible then I think it may be better than the Boundary Nodes as Censors proposal, all things considered.
The Boundary Nodes as Censors proposal leaves a bit to be desired. For example, boundary nodes lose plausible deniability, automatic scaling, fault-tolerance, and other benefits that being a more integrated part of the IC protocols might provide. Though allowing anyone to run a boundary node will lead to more decentralization than otherwise, boundary nodes will not be “maximally” decentralized.
The idea of DNS as Censor it to force censorship of content on the IC into the Domain Name System, maintaining plausible deniability for the rest of the system. DNS being one of the outermost protocols which provide access to blockchain applications, and considering its centralized and compliant nature, it is a natural place for censorship to occur. This would free up everything beneath DNS on the IC (e.g. boundary nodes and replica nodes and the protocols that control them) to be as decentralized and censorship-resistant as possible.
For this to work, all access to canisters would be forced through registered domain names. Anyone would be able to register a domain name that connects to any canister. If that’s not appropriate, perhaps we could build into canisters a way to authorize only certain domain names. I’m not sure we’ve figured out an elegant way to allow custom domains to map to canister ids, but I imagine DNS records would work here, such as a TXT record. Boundary nodes would forward on all traffic from properly configured domain names.
This proposal builds on the assumption that most legal complaints would first go to the registrant of the lowest subdomain, and then work up the domain hierarchy. For example, if
illegal.piracy.org were hosting infringing content belonging to
Innocent NFT Artists LLC, then the legal complaints would first be served to the registrant of
.illegal.piracy.org, and if corrective action weren’t taken then to
.piracy.org, and if necessary finally to
This would place legal accountability on the domain name registrant, and allow the already-operating DNS to maintain legal compliance as it’s been doing for years. DNS becomes the interface between the centralized and decentralized worlds. And we might even be able to improve that interface as the Internet Computer gains more DNS capabilities (DNS server as canister, x.509 certificates, stuff like that).
Like I said, the technical implementation of this could be tricky (DNS records/SSL certificates/etc), but this solution feels cleaner than the Boundary Nodes as Censors proposal. We force domain name registrants to be accountable for access to canisters, and leave boundary and replica node operators out of murky waters as far as possible.
Considering the increased complexity of this solution, I think we should still move forward with Boundary Nodes as Censors. It will be much easier to open source and allow individual entities to run boundary node instances than it will be to create a maximally decentralized boundary node system. There’s also a lot about DNS and the IC that hasn’t been figured out yet.
Boundary Nodes as Censors can be a stepping stone towards this proposal.