Traditional DNS servers are entirely centralised and operated by a single entity (ICANN), while EXIP DNS servers would be held and hosted by the public. Anyone can run their nodes by downloading the EXIP node running software package. Users who run nodes will be incentivised with EXIP tokens. In terms of security, EXIP avoids conventional DNS server attacks and hacks, as a single point of attack on a decentralised server will fail. The community will host DNS servers as nodes, which can address decentralised domain names locally or in the cloud, acting as a standard DNS server. When a user types a domain name into the search bar, the code looks up the requested name in the EXIP DNS resolvers first, then in the standard DNS server if it isn’t identified.
What EXIP aims to provide as security features are of the following:
● DNS Spoofing
● DNS Hijacking
● DNS Flood
● Domain Hijacking
● Censorship resistance etc.
Once the user, either from a web client or mobile client, requests for a website, the EXIP browser or browser extension immediately looks up the Content identifier(CID) for the domain name in the local registry. If available, it will return the CID, and on request from the browser, the webserver would return the HTML files, and the browser would render the website. If a CID is not found in the local registry, the browser will request the CID from the DNS server. The server resolves the CID, and in response, the browser would cache the CID in the local registry and request the HTML files from the webserver.
The nodes that run by the community will act as a decentralised ledger with the set of domain names to be resolved.
