ZkDNS
A privacy preserving multi-chain domain resolver that uses ZkProofs. Tokenized domains, expedited queries, enhanced security for DNS lookups. Bridging Web2 and Web3 through DNS and ENS systems.
ZkDNS
Created At
Winner of
Envio - Best Overall Project
Chainlink - Connect the World with Chainlink
Tableland - Best use of Basin (object storage) Runner ups
Sign Protocol - Sign Everything Pool Prize
Prize Pool
Avail - Build with Avail
Prize Pool
Avail - Best use of any rollup SDK with AvailDA 1st place
Project Description
ZkDNS is a privacy-preserving compute protocol for DNS lookups, leveraging zero-knowledge proofs. It addresses critical security vulnerabilities in traditional DNS systems by providing a decentralized, on-chain DNS registry with enhanced privacy features. ZkDNS allows users to securely manage their DNS records, mint Soul Bound Tokens (SBTs) for domain ownership, and perform encrypted DNS queries - all while maintaining user privacy and preventing common attack vectors like DDoS. ZkDNS offers a robust, future-proof solution for domain management and resolution. Imagine ZkDNS as a middleware protocol between the client and the traditional DNS resolvers
How it's Made
ZkDNS was developed as a comprehensive solution to address the security and privacy challenges in DNS systems while bridging Web2 and Web3 technologies.
- Integrations and work:
- Zero-Knowledge Proofs: The foundation of ZkDNS's privacy features, enabling secure and private DNS queries and record management. I have used circomlib, zkSnarks and groth to generate and verify zkproofs
- Integrating traditional DNS lookups for querying source IPv4 with tweaks: Developed for domain registration, record management, and ZK-SBT (Zero-Knowledge Soul Bound Token) minting and finally getting the source IP of the searched domain.
- ERC5192 compatible DNS Record token is minted after adding the DNS Record on any desired chain.
Milestones that were set by me for myself:
- Custom FHE Implementation: I extended Fhenix's FHE capabilities to support string encryption, enabling secure storage of domain names and other string data on-chain. This involved developing a novel hashing mechanism to convert strings to unique integers compatible with FHE operations.
- Multi-chainDNS Resolution and aggregation of data: Implemented a system for resolving DNS queries across multiple blockchain networks, ensuring high availability and resilience against network-specific issues. Envio's hypersync helps in aggregating metrics from different sources for each blocks on different networks.
- ZK-SBT Minting: Developed a unique process for minting Soul Bound Tokens with embedded zero-knowledge proofs, representing verifiable yet private domain ownership.
- AI-Assisted Support Integration: Leveraged Galadriel Devnet to host an AI agent, providing user support without compromising the decentralized nature of the system. This allows new users of web3 or web2 to query in natural language about zero knowledge proofs, DNS servers, DNS querying architecture, etc
