ZkResolution

Securing DNS resolution through zero-knowledge geometry - where privacy meets proximity. Leveraging Telemetry tools in web2 with tokenized domains and verifying them using zkproofs

Comment 1

Inspiration

  • Traditional DNS resolution systems lack privacy guarantees and geographical awareness, exposing users to potential security vulnerabilities and inefficient routing. Current systems fail to provide verifiable proof of domain ownership while maintaining location privacy, limiting the potential for secure, geography-aware name resolution.
  • Annually DNS companies loose on an average of 5 billion$ to DNS attacks
  • One DNS attack on an average results in 924k$ loss
  • DNS attack results in loss of audience, bad UX and data breaches and phishing
  • 68% of the total DNS attacks is DNS Amplification attack which results in Denial of service
  • Sensitive credentials such as Locations, IPv4, address resolver, etc of Users and DNS servers don't have to be exchanged which can cause data breaches.

What it does

  • A privacy preserving multi-chain domain resolver that uses ZkProofs. Tokenized domains, expedited queries, enhanced security for DNS lookups. Bridging Web2 and Web3 through DNS and ENS systems.

  • ZkResolution is a revolutionary protocol that combines zero-knowledge proofs with Proof of Internet Geometry to create a secure, privacy-preserving DNS resolution system. It implements a novel token-based domain ownership mechanism with cross-chain compatibility between EVM and Cosmos ecosystems.

  • Tokenized domains, expedited Queries, Secure DNS lookups by leveraging Proof of Location and ZkProofs

How we built it

The protocol implements a multi-layered architecture:

  • Zero-Knowledge Layer: Utilizes ZK proofs for location verification without revealing actual coordinates
  • Custom built Nexus Layer: Off-chain verification system for proof validation and delay measurements
  • Token Layer: Implements SBT-based domain ownership with staking mechanisms
  • Cross-Chain Bridge: Facilitates IBC transfers between EVM and Cosmos chains using Zkproofs and IBC

  • Monitoring of IBC

  • Domain Registration: Domain owners stake tokens as collateral Mint Soul Bound Tokens with embedded location parameters Define delay time thresholds for verification

  • Resolution Process: Users generate ZK proofs of their location Nexus layer verifies proofs and performs delay measurements DNS resolution occurs only when both location and delay criteria are met

  • Cross-Chain Operations: SBT burning on EVM chain ZK proof generation for transfer verification IBC protocol handling for cross-chain token movement

Challenges we ran into

  • Domains owners initially didn't have to stake token before tokenization of IP. This can lead to adding malicious DNS record on-chain. This was fixed using a staking mechanism for which the users can slashed if they try to add a malicious transaction on-chain. This slashing is done if the domain name is not mapped the actual IPv4 in the traditional web2 system.
  • Proof of proximity. The issue was to set boundaries to DNS servers on-chain and the user should not be able to query DNS if he is outside the location of the DNS even if he uses VPN, this is done using ping response time and calculating the internet delay time.

Accomplishments that we're proud of

  • Handling Zkproofs for IBC transfers, Zkproofs for proving location
  • Staking mechanism that can act as a Unified Liquidity pool for different DEX protocols
  • Multi-chain DNS Resolution and aggregation of data: Implemented a system for resolving DNS queries across multiple blockchain networks, ensuring high availability and resilience against network-specific issues.
  • ZK-SBT Minting: Developed a unique process for minting Soul Bound Tokens with embedded zero-knowledge proofs, representing verifiable yet private domain ownership.

What we learned

  • How zkproofs can be used to prove proximity within regions
  • Staking mechanism
  • Traditional DNS system's working
  • Relaying services for IBC transfers

What's next for ZkResolution

Use case for extensions:

1.) ZkCDN: Zero knowledge content delivery network

  • Serve contents from decentralized nodes without revealing your location or sensitive information
  • Disrupting ZkTLS(Transport Layer security)
  • Onboarding web2 users onto web3

2.) Unified Liquidity Pool and Security Relaying platform

  • All appchains and Dapps could integrate their apps with Nexus layer for MPC and Zk verification and supporting IBC Transfers across different chains

  • Domain owners stake can be used as liquidity by dex protocols

  • Market Differentiation: First-to-market ZK-based DNS resolution system Novel implementation of Proof of Internet Geometry Cross-chain compatibility opening new market segments

  • Revenue Streams: Domain registration fees Staking rewards Cross-chain transfer fees B2B SaaS model for DNS companies Domain exchange marketplace with secure proof of Ownership

  • Competitive Advantages: Enhanced privacy features Geographic optimization Cross-chain capabilities Stake-based security model

Built With

Share this project:

Updates