tomi Domains
tomi Domains
tomi Domainstomi Domains
tomi Domains
tomi Domainstomi Domains
  • Introduction
    • Domains
      • Terminology
      • Frequently Asked Questions
      • Domains Deployments
      • Registrar Frequently Asked Questions
      • DNS Registrar guide
      • Domains Improvement Proposals
      • DomainsIP-2: Initial Hash Registrar
      • DomainsIP-3: Reverse Resolution
      • DomainsIP-4: Support for contract ABIs
      • DomainsIP-5: Text Records
      • DomainsIP-6: DNS-in-Domains
      • DomainsIP-7: Interface Discovery
      • DomainsIP-8: Multichain Address Resolution
      • DomainsIP-9: Wildcard Resolution
      • DomainsIP-10: EVM compatible Chain Address Resolution
      • DomainsIP-11: Avatar Text Records
      • DomainsIP-12: SAFE Authentication for Domains
      • DomainsIP-13: On-chain Source Parameter
      • Dapp Developer Guide
      • Managing Names
      • Registering & Renewing Names
      • Domains Front-End Design Guidelines
      • Domains AS NFT
      • Domains Layer2 and offchain data support
      • Domains Data guide
      • Name Processing
      • Registry
      • ReverseRegistrar
      • TestRegistrar
      • PublicResolver
      • .tomi Permanent Registrar
        • Registrar
        • Controller
      • DNS Registrar
      • Subgraph
        • Query Examples
      • Resolving Names On-chain
      • Writing a Resolver
      • Writing a Registrar
      • Guide for DApp Developers
      • Technical Description
Powered by GitBook
On this page
  1. Introduction
  2. Domains

Name Processing

Describes how to normalise and hash Domains names.

In place of human-readable names, Domains works purely with fixed length 256-bit cryptographic hashes. In order to derive the hash from a name while still preserving its hierarchical properties, a process called Namehash is used. For example, the namehash of 'alice.tomi' is 0x787192fc5378cc32aa956ddfdedbf26b24e8d78e40109add0eea2c1a012c3dec; this is the representation of names that is used exclusively inside Domains.

Before being hashed with namehash, names are first normalised, using a process called UTS-46 normalisation. This ensures that upper- and lower-case names are treated equivalently, and that invalid characters are prohibited. Anything that hashes and resolves a name must first normalise it, to ensure that all users get a consistent view of Domains.

Normalising Names

Before a name can be converted to a node hash using Namehash, the name must first be normalised and checked for validity - for instance, converting fOO.tomi into foo.tomi, and prohibiting names containing forbidden characters such as underscores. It is crucial that all applications follow the same set of rules for normalisation and validation, as otherwise two users entering the same name on different systems may resolve the same human-readable name into two different Domains names.

Applications using Domains and processing human-readable names must follow UTS46 for normalisation and validation. Processing should be done with non-transitional rules, and with UseSTD3ASCIIRules=true.

Hashing Names

Namehash is a recursive process that can generate a unique hash for any valid domain name. Starting with the namehash of any domain - for example, 'alice.tomi' - it's possible to derive the namehash of any subdomain - for example 'iam.alice.tomi' - without having to know or handle the original human-readable name. It is this property that makes it possible for Domains to provide a hierarchical system, without having to deal with human-readable text strings internally.

Terminology

  • domain - The complete, human-readable form of a name; eg, iam.alice.tomi.

  • label - A single component of a domain - eg, iam, alice, or tomi.

  • label hash - the output of the keccak-256 function applied to a label; eg, keccak256('tomi') = 0x4f5b812789fc606be1b3b16908db13fc7a9adf7ca72641f84d75b47069d3d7f0

  • node - The output of the namehash function, used to uniquely identify a name in Domains.

Algorithm

First, a domain is divided into labels by splitting on periods (‘.’). So, ‘vitalik.wallet.tomi’ becomes the list [‘vitalik’, ‘wallet’, ‘tomi’].

The namehash function is then defined recursively as follows:

namehash([]) = 0x0000000000000000000000000000000000000000000000000000000000000000
namehash([label, ...]) = keccak256(namehash(...), keccak256(label))

A sample implementation in Python is provided below.

def namehash(name):
 if name == '':
   return '\0' * 32
 else:
   label, _, remainder = name.partition('.')
   return sha3(namehash(remainder) + sha3(label))

How do I find the labelhash/namehash of a name?

In some cases, you may need to know the hash of the name stored in Domains. labelhash means hash of the label of the domain (eg: makoto for makoto.tomi) and namehash is the hash which combines labelhashes. We are currently working to include this information in our Manager app. In the meantime, you can query the information via the following query.

{
 domains(where: {name:"vitalik.tomi"}) {
   id
   name
   labelName
   labelhash
 }
}

Handling of Ambiguous Names

Because of the large number of characters in unicode, and the wide variety of scripts represented, inevitably there are different Unicode characters that are similar or even identical when shown in common fonts. This can be abused to trick users into thinking they are visiting one site or resource, when in fact they are visiting another. This is known as a homoglyph attack.

User agents and other software that display names to users should take countermeasures against these attacks, such as by highlighting problematic characters, or showing warnings to users about mixed scripts. Chromium’s IDNA strategy may serve as a useful reference for user-agent behaviour around rendering IDNA names.

PreviousDomains Data guideNextRegistry

Last updated 6 months ago