At dappy, we invented co-resolution 😉🎉 !!! But sadly as of 2023, no one is using it 😞. It’s fine, in this short article we’ll try to explain what co-resolution is and what problem it solves for the security and privacy of HTTPS connections.

Trusting a company for private and onerous data

Let’s say you go on holidays in Switzerland for two months. You own a street-facing shop or consulting firm, and you’re afraid that something wrong occurs while you are not there, like a fire, or rats taking control of the office. You need to lend your keys to someone you trust, or even a professional company. The thing is that your store contains very critical folders with private business informations that are worth millions, some are displayed for your customers, and the people passing by to see (just like a website displays data).

You’re not comfortable giving your key to this company for that long, they may just take pictures of your files, sell them to competitor businesses, invite some other people in a sneaky fashion, change what’s displayed in the vitrine that faces the street. Of course we’re running through a metaphore, a critical B2B SaaS or portal is similar to the shop we’re describing, clients connect to from all around the world, do high value operations and consult critical documents. Many web portals and SaaS deal with millions dollars worth of operations every day.

Isn’t there a better way than to give full control to a single company with a single chain of command ? What if you give the key of the entrance door to twelve companies instead of one ? Now twelve companies can enter your house and do the same, not the best idea.

Single responsibility, shared and limited power

What if you install twelve different locks on your entrance door, with twelve independent keys, and give one key to each security company ?

This is getting better, now the companies can only intervene together, all of them have to come to your house, and unlock one lock for the door to open. You may also build the locks system so that only 8 or 10 out of 12 unlockings are needed for the door to open, this way you are also protected in case a company becomes evil, looses its key or goes brankrupt.

Co-resolution is the action of resolving a resource (IP address, encryption certificate, or really any remote data) by addressing a network instead of a single authority, and applying a simple consensus or reconciliation to the answers received. This is how all .d domains are resolved, in the context of dappy, co-resolution is used for service discovery (DNS lookup).

Web browsers and programs need an IP address and TLS certificate to connect to a web server, by plugin to a name system that is powered by co-resolution, web services are avoid against a wide range of attacks, unilateral decisions, malicious behaviour and configuration failure. As an example DeFi service was attacked through DNS just few weeks ago, also last year Mozilla removed a HTTPS certificate authority from its root CA list as the company was highly suspected of indirect malware distribution.

We hope you enjoyed this article and it helped you understand what we’re developping better. If you’re interested to know more, and eventually to participate in the dappy network through your company, feel free reaching out to us.