Why ENS will be superior to DNS in every way

Anyone who knows me well enough knows that I have a tendancy to buy domains names without second though (shout out to gotballs.org…).

So naturally, I have a few issues with the domain name registrar industry as a whole:

  1. Premium Domains are an absolute scam. Registrars can choose to markup domain names for profit as they see fit even though they don’t own the domain.
  2. ICANN is essentially shaking down users for profit and owns a monopoly on the creation of new TLDs
  3. Domain ownership requires private information to be provided during registration and you would then need to pay for WhoisGuard on top of that to prevent spammers from retrieving it.

Now, the current industry exists as a natural byproduct of the technology that existed at the time it was required. A central trusted authority was needed to maintain a ledger of who owned what domain and which server had its data. A necessary evil, per se.

Blockchain did not exist to serve as a trustless middleman to coordinate this information.

But now it does.

What is ENS?

So ENS – Ethereum Name Service – is a smart contract built on the Ethereum network that acts as a trustless, decentralized mechanism for registering and managing domain names.

For example, through ENS I have registered jameswmontgomery.eth by sending an arbitrary amount of ether to the smart contract. It then marks my address down as the owner for X number of years and will expire unless I reregister.

Most notably, the ether I sent does not go to some corporation – it literally gets burned.

The first thing you’ll notice, though, is that you cannot simply visit jameswmontgomery.eth as you would jameswmontgomery.com – at least not on major browsers (yet). We’ll revisit this in a bit.

Primarily – at this point – ENS’s main value is acting as a shortcut for Ethereum addresses (and other cryptocurrencies).

Specifically, instead of sending ether to my address 0xcDbB43A1BacB5Fe29ff895C7f79dC9dD0d536F71, you would send it to jameswmontgomery.eth from a supported wallet like Meta Mask or MyEtherWallet.

The ENS smart contract would then automatically route the payment to the correct address; it’s even smart enough to route payments to the different token addresses automatically like Ethereum, Bitcoin, BCash, Ripple, and others.

It doesn’t sound like DNS though.

Payment routing is just the beginning.

They’re also rolling out support for registering existing TLDs like .com and have already established a proof-of-concept with the .xyz TLD.

This allows existing TLD registrants (you can’t just buy google.com, sorry) to claim their domains on the ENS network and enable three key features:

  1. Accept payments from any crypto wallets directly to jameswmontgomery.com without an intermediary like PayPal.
  2. Join Web 3.0 by serving site content through Swarm and IPFS.
  3. Store meta data like email, Twitter username, and others as structured data for easy reference on apps.

It can’t be far from thought for the architects to want to support core DNS features like A Records, CNAME, etc as well, but these features are currently not supported.

TL;DR

When ENS does support these key DNS features, it will ultimately be the superior choice for the future of the internet because:

  1. It does not rely on a central authority to maintain a ledger of ownership
  2. It does not arbitrarily establish “premium” domain names and jack up prices (though, it does have simple character count scaled price to ward off domain piracy).
  3. It is an open source protocol that can ultimately be governed by a DAO instead of a corporation.
  4. It is inherently censorship resistant and governments cannot shut down ENS addresses.
  5. DNS’s core function as a distributed ledger with TTL is handled by default on Ethereum.

Thoughts?

Star Wars meets Blockchain: The Mandalorian and Interplanetary Chain Code

Recently, Disney+ launched a new series to build on the Star Wars universe called The Mandalorian. It follows a Mandalorian bounty hunter (think Boba Fett) on his adventures tracking down various characters for their bounties.

During a meeting with his handler in trying to acquire new bounties, the Mandalorian makes mention of “chain code” in the terms of taking on a vague underworld contract.

Chain code has never been discussed or defined in the Star Wars universe and the show doesn’t explain it at all, but I firmly believe that they are referring to blockchain (and you will too).

Chain code is code run on the blockchain

That’s the literal name of it IRL.

Also called Smart Contracts or dApps, chain code refers to any code that lives on a blockchain and does stuff automatically.

A great example of this would be to, say, put bounty money in escrow that would automatically be released when the subject is captured and returned.

It allows the bounty hunter to feel secure that payment would come through when terms are met.

Blockchain is the solution for interplanetary transactions

If I make a deal on Coruscant to deliver a prisoner to Naboo, I wouldn’t want to wait or rely on intergalactic transmissions to ensure payment. It would make more sense to confirm against a node (computer) on Naboo that has a copy of the chain code.

Since blockchains are immutable, append-only ledgers that are distributed identically across the galaxy, I can rest assured knowing that I will get payed for my bounty from the chain code and that my handler will be notified of the hand off.

If I were using standard centralized servers, I couldn’t guarantee that my handler didn’t delete or alter the contract – or that the government didn’t seize the assets and shut it all down.

And on top of all that, intergalactic communication take a while even at the speed of light. This distance requires asynchronous systems to have any type of reliability; otherwise I’d be waiting hours for communications to confirm.

In short, chain code via blockchain is the only reasonable solution for bounty hunting baby yodas.

DAI: An Actually Decentralized Stablecoin

Quite possibly the biggest concern that non-crypto folks have with cryptocurrency (read as Bitcoin) is the extreme volatility and the prospect of “going to zero”.

Now, I have deep faith that the value of Bitcoin, Ethereum (and a handful of others) will prevail, but the true on-ramp of the masses will not be speculative assets, but rather stable assets – those designed to maintain a specific static value over time.

Stablecoins remove volatility from the equation and are designed to prevent the value of your coins from moving with the rest of the market.

As with Tether, USDC, and others, DAI is a cryptocurrency that is designed to be pegged against the US Dollar.

1 DAI = 1 USD

The usual method for pegging stablecoins against a value is to back them up with that physical asset. For coins like Tether (USDT), reserves of cash are banked away in the same way that the FDIC would insure accounts: for every USDT issued, a physical USD sits behind it to cover liquidity in the case of a “run on the bank.”

DAI, however, is not backed by a bank account. It’s backed by economics (more below).

You might think this is a bad thing, but I’d like the chance to argue that this method is superior.

Issues with USD-backed stablecoins

The biggest flaw I find with USD or other currency backed stablecoins is that this creates a single point of failure for the system.

  1. It’s a single company in charge of the currency
  2. It’s a single bank in charge of that account
  3. It’s a single country’s government that regulates that bank

If that government decides to make cryptocurrency illegal or seizes the assets for reasons, what fate would befall these bank accounts and companies?

If a CEO goes rogue or is coerced into distributing funds, what trust can we have in the stability?

If companies refuse to agree to 3rd party audits, how can we know that these stablecoins are even backed at all?

In order to trust in FIAT-based stablecoins, we must trust in corporations, banks, and governments to get it right. I personally would like to trust them less.

DAI isn’t backed by USD

.. and that’s a good thing. So, how can DAI peg against the dollar?

Simply put: supply and demand. Here’s how it works:

How DAI get’s created

Unlike other stablecoins that are issued by a central issuer, DAI can only be created by staking collateral. (there’s a lot here, but we’ll cover that in another post)

Practically, in order to create DAI, I need to lock up some other valuables as collateral like ether into a vault (and can only retrieve that collateral once I pay back the DAI that was created).

Now, let’s say I create 10,000 DAI with some amount of ether. The worth of this is $10,000.

If the market value of DAI grows to $1.01, I would be incentivized to sell my DAI because it is worth $10,100; earning me $100.

This increases supply of DAI in the market, driving price downward.

But, I still need 10,000 DAI in order to unlock the ether that I put in.

So, if I see that the price of DAI has fallen to $0.99, I can buy 10,000 on the market for $9900; effectively earning me another $100.

This increases demand for DAI in the market, driving price upward.

Now that I can redeem (burn) the 10,000 DAI to unlock my ether, I pocket $200 extra (minus fees) and repeat the process.

In fact, I can specifically create new DAI when the price is above $1 with the express intent to sell it high and buy it back when it returns to $1 or below.

This both increases supply of DAI in the market, driving price downward, and increases demand for undervalued DAI as the collateralized ether will need to be unlocked, driving price upward.

Pretty neat and done completely without a bank.

In short, economics, profit, and the market combined with how DAI is collateralized drives the price to $1 – and has effectively done so since Dec 2017.

Combined with the new release of multi-collateral DAI (ETH, BAT, and other ERC20 tokens on the horizon) and the release of the DAI Savings Rate for hodlers, DAI is a pretty great stablecoin.

More Reading

We’re only scratching the surface here. DAI is a part of the Maker DAO ecosystem and there’s a ton more to explore around the economics of DAI and it’s relationship with Maker.

Three Practical Tips for NOT Killing Your House Plants

Yep! I blog about tech and plants 🙂

So, you seem to “kill every plant you own,” huh?

Somehow, the magic balance between sunlight and water eludes you and you end up with toasted leaves or wilted stems.

Fear not, comrade! In just a few paragraphs you’ll have a better understanding of how to take care of your house plants.

Let’s dive right in.

Tip One: Drainage.

Most of the time, when people water their plants, they don’t have proper drainage.

This means that water will sit inside the pot and drown the plant when watered (instead of dispersing into the ground like in nature) and leads to overwatering which can cause rotting and other issues.

Check out these signs of bad drainage and overwatering:

  • Leaves dropping off the plant while green
  • Soft spots or rot on trunks & stems
  • Buds not opening

To be fair, most plants are sold in a piece of junk planter with no drainage. This immediately sets the new plant-parent up for failure.

Typically, you’ll want to have a planter with holes in the bottom along with a planter saucer beneath it to collect the drainage water. This allows you to remove waste water and lets the plant breath.

Photo by rawpixel.com from Pexels

This is the fundamental step to watering your plants because most plants should soak for a short time. The trick is being able to drain the plants after they are done soaking.

Without drainage in your planters (and a saucer to allow for water removal), you will not be able to properly water your plants and might be killing them.

Tip Two: Soaking.

The second trick to watering plants is to give them an appropriate amount of time to drink water. This comes in two steps.

First, check if the plant is dry. For some plants, this will be easy to tell with the top layer of soil. Other plants will need a bit more dryness, so you’ll need to check deeper. A good rule of thumb is probably “halfway deep is dry”. Over time, you’ll be able to better time this.

Pro tip: this timing changes during seasons as air becomes hot/cold and dry/humid.

Then, once you detect that the plant needs water, continue to water your plants until you see water fill up the drainage basin. Sometimes this occurs quickly – you’ll get the timing.

It’s important to note that during soaking the plant may consume that overflow water.

Over the next hour, check in on your plants to make sure that they continue to soak. This means refilling water if they have consumed their reservoir.

Once the hour is over, discard the waste water.

Tip Three: Sunlight.

Depending on your plant, it will require more or less sunlight. Be sure to look up the general needs of your plant for this information.

But, in general, more sunlight is not a bad thing.

Here are some common symptoms of a plant that needs more light:

  • Light/yellowing leaves from chlorophyll disuse
  • Wilting / weak stems from insufficient photosythentic energy
  • Intense leaning from plants searching for more natural light
  • Wide space between leaves as the stems grow longer for the search

For example, I have a Philodendron that doesn’t require a whole ton of light to survive. Typically, I house it in a north-facing room away from the window. This was fine in the summertime, but the winter lighting was impacting its health – leaves were dying off and the plant was looking very weak.

So, I pulled it out from the darker room to my bright east-facing window. This led to immediate response and results: tons of new growth and 100% perkier!

However, the extended light seems to be over-illuminating it now that the summer light has returned, so I might pull it slightly around the corner from the window to reduce direct sunlight or possibly back to the north room.

Try different positions with your plants over the next few weeks to see if more or less sunlight impacts their perkiness.

Good luck!

And that’s it! With good drainage, proper soaking, and enough sunlight, your plants will live thrive!

Most house plants will only require attention once or twice a week.

Get into the habit of feeling the soil’s dryness. This will be the key to ensuring proper water consumption.

Good luck!

Let me know how your plants are doing in the comments below!

AMA: What affordable hosting do you recommend?

Morgan E. asks: “I need to switch hosts because mine is super slow and support isn’t helpful, who do you use?”

Hey Morgan this is a super common question I get asked all the time.

The bottom line is there is no one-size-fits-all, permanent solution for this problem. In fact, most hosts change over time. Some improve; some decay.

For example, GoDaddy (in my opinion) had a remarkably bad hosting service when I worked with them a few years ago, but has really improved their hosting and support game lately. Meanwhile, BlueHost has fallen off.

On top of that, each host may be good at one thing while bad at others. Between speed, support, account management, pricing, limitations, and product offering, each host has many opportunities to fail you.

I’ve tried HostGator, 1and1, and A Small Orange as well – each recommended one time or another and none impress me or have my business any longer.

Presently, I recommend Media Temple for your standard shared hosting needs. They have fair pricing, good reliability, good support, and their account center is extremely well organized.

Alternatively, WP Engine is the one consistent company for WordPress sites that I have seen. They are the only site I trust with the label “managed WordPress hosting” because there is a ton of false advertising out there. They can be pricey if you want to have multiple sites and aren’t suitable for hosting non-WordPress sites, though.

Lastly, if you’re a technical person like myself, Digital Ocean is the way to go. You’ll need to do all the leg work, but the pricing, flexibility, and speed are excellent.

But, at the end of the day, it’s all trial and error – and most likely you’ll need to switch over time.

Good luck!

How to change your password on every account you own

When I was a young warthog, I created my first Gmail account.

It was a time of AOL Instant Messenger, Koolaid Jammers, and learning how to bypass school internet blacklists with proxies to play flash games during comp sci.

As such, I did not create a timeless email address.

Instead, I opted for a juvenile one to befit my tremendously small ego: [email protected].

But that was my email address and slowly but surely I used it to create one account after another over more than 10 years.

Facebook, Amazon, MySpace, Soundcloud, Bank of America, WordPress, etc. The list goes on as you well know.

Some years later I wised up and created a sensible email address – only to slap on an email forwarder and continue to use my Gmail-of-youth.

I thought this blog post was about passwords?

Yeah, yeah, I’m getting there.

So, here I was using my old Gmail for all my accounts, when I started to pay attention to the news.

Yeah, data breaches made me fix my email address because, like 73% of people, I was using the same passwords across multiple accounts.

Let me reiterate: my email-password combo was the same for basically every account I own. So, if any of these accounts became compromised, the hacker would have my email-password for all of my accounts.

And I thought, well there are so many accounts out there, mine probably is safe. Nope.

I ran my amazing email address through the breach scanner (yes, it’s legit) and found I’d had my data exposed by Apollo, a company I had literally never heard of.

As the data breaches began to pile up, not only did I become more worried, but I learned quite how easy it is to access this breached data.

Literally, any Joe Schmoe can go and retrieve it from the published list – though, I’m not going to show you how to do that, sorry.

So, I freaked out and changed all my passwords

It’s understandable, really.

It would be foolish of me to continue to trust organizations to keep my data safe, so the least I can do is plan for them to lose it and mitigate the risk of my other accounts.

I resolved to take my security into my own hands by changing the passwords of every account that I owned to one that was unique and secure.

Now, I’m not a lunatic. I didn’t stay up for 48 hours straight trying to remember every account I owned and change its password.

Instead, I took one hour to do the following task list:

  1. Set up a password manager
  2. Change my password (and email) on the most important accounts I could think of.
  3. Set up two-factor authentication (2FA) when available

A password manager is absolutely key here.

Without one, you’d end up with a Google Sheet with all your accounts and passwords lined up – now that wouldn’t be very secure, would it?

Though you might be thinking “well then, wouldn’t all my passwords just be stored on the password manager’s servers and equally be at risk”, password managers have deep layers of security and encryption that hinge upon a master password – so even if the data breached, without the master password the information would be useless.

Protip: Master passwords should be long phrases that you can easily remember like “honestly, I still can’t believe it’s not butter” or “long live the flying spaghetti monster”.

Longer passphrases are far more effective than 0bscur3 pAsSw0rdZ! since it takes computers way longer to guess.

Personally, I use Last Password, but I hear excellent things about One Password as well.

Two factor is equally as important since it prevents unauthorized account access even if they have your password. Always choose to use an application like Authy or Google Authenticator, instead of SMS, when available. (SMS has been proven vulnerable, but it’s better than nothing).

Protip: *always* store your 2FA backup code within your password manager – if you lose your phone, you’ll be screwed without the backup code.

After that initial hour, I decided to just update the rest of my accounts as I went along.

In all honesty, I’m still in the process.

The end … of an era

Now, my key accounts

  • All have a unique, secure password stored safely (and handily) in my password manager
  • Have 2FA enabled with Authy (with backup codes also stored in my password manager)
  • No longer use my old Gmail address

On top of that, I added a forwarder from my old email to my new one and made sure to automatically label incoming emails from that account so I could be sure to address anything sent there.

I’ll never delete it though, it’s such a baller email address.