We are looking to make a SAFE-network compatible/interoperable network, which can augment the eventual SAFE network with our own infrastructure.
However we have slightly different goals and one of them is smooth accessibility for existing web clients. So we thought about using DNS as an alternative gateway to the Kademlia DHT.
I figured it would be great to ask here. How would you see DNS providing a compatible gateway to the existing SAFE network, so regular web users can take advantage of it? I am talking A/AAAA records with custom ports etc.
So far the designs thrown around were along the following lines:
Have a domain like cloud.com or top-level domain like .cloud
Then $HASH.cloud would resolve to some IP address which is actually running an HTTPS gateway to the SAFE network. This IP address may change periodically after TTL has expired.
Presumably the DNS can route to ANY computer running an https server serving as a gateway to SAFE network.
This server is analogous to a ClientManager on the SAFE network. It can also serve as a PUSH server using websokets etc.
Has anyone developed such an https gateway server for SAFE and if not, what would be the problem?
It seems that, once developed, any SAFE node could theoretically run such a server as long as its https port wasn’t blocked. And of course nation-states could shut down IPs they find through such DNS queries so this layer may be shut down ultimately, but the rest of the SAFE network would be unaffected.
The great thing about such a proxy gateway is that, by hsing standard https, we become compatible with the entire Web and all the myriad resources that have been hosted on it. You can then move a site to something like https://abcbwndjebekjdjejehdjejsjdj.cloud and have regular browsers load it, while SAFE network clients could interpret it differently and route it directly through SAFE.
Another nice thing is that we can build our implementation on Layer 7 of the OSI stack, eg using something like the MutableData API to implement chatrooms and so on, and later swap in the SAFE backend, “snapping together” both sides and providing lots of apps that work natively with SAFE containers instead of these $HASH domains.
Any downsides or showstoppers?