Zooko's triangle

A diagram of Zooko's triangle, labelled (counter-clockwise from lower left): Secure, global (decentralized) and memorable (human-meaningful).

Zooko's triangle is a diagram named after Zooko Wilcox-O'Hearn which sets out suspected tradeoffs for a system for giving names to participants in a network protocol. At the vertices of the triangle are three properties that are generally considered desirable for such names:^[1]

• Secure: The quality that there is one, unique and specific entity to which the name maps. For instance, domain names are unique because there is just one party able to prove that they are the owner of each domain name.
• Decentralized: The lack of a centralised authority for determining the meaning of a name. Instead, measures such as a Web of trust are used.
• Human-meaningful: The quality of meaningfulness and memorability to the users of the naming system. Domain names and nicknaming are naming systems that are highly memorable.

Of these three properties, proponents of Zooko's triangle argue that no single kind of name can achieve more than two. So the edges of the triangles represent the three possible choices for a naming scheme:

• Decentralized and human-meaningful: this is true of nicknames people choose for themselves
• Secure and human-meaningful: this is the property that domain names and URLs aim for
• Secure and decentralized: this is a property of OpenPGP key fingerprints

Solutions

The contribution of Zooko's triangle is not that the triangle presents an unsolvable problem, but that a systems designer must compromise in some way. Although no one kind of name can have all three properties, a system can be built that provides the three features with a combination of techniques, and with chosen compromises.

For example, Petname systems demonstrate that one can build a naming system by dynamically translating between different possible kinds of names.^[2] Szabo argues that all three properties can be achieved up to the limits of Byzantine fault tolerance.^[3] By studying different designs, the designer can better make those compromises and achieve a design better suited for the local purpose.

The internet activist Aaron Swartz has described a naming system based on Bitcoin which tries to square Zooko's triangle by using a distributed ledger (called scroll).^[4] Dan Kaminsky questioned the security guarantees of such a system due to propagation delays and sybil attacks.^[5] A few months later Namecoin was released which uses a concept similar to Swartz's proposal.

Zooko's triangle is not a proof, just a suspicion; as Zooko puts it, "I didn't prove that it is impossible to have all three features, I only said that I doubted that your namespace will have all three.".

See also

• Petname

References

1. Wilcox-O'Hearn, Zooko, Names: Decentralized, Secure, Human-Meaningful: Choose Two, retrieved 21 January 2009
2. Mark Steigler, Zooko, An Introduction to Petname Systems, Feb 2005
3. Nick Szabo, Secure Property Titles, 1998
4. Aaron Swartz, Squaring the Triangle: Secure, Decentralized, Human-Readable Names, Aaron Swartz, January 6, 2011
5. Dan Kaminsky, Spelunking the Triangle: Exploring Aaron Swartz’s Take On Zooko’s Triangle, January 13, 2011

External links

• Zooko Wilcox-O'Hearn, Names: Decentralized, Secure, Human-Meaningful: Choose Two – the essay highlighting this difficulty
• Mark Steigler, An Introduction to Petname Systems – a clear introduction
• Nick Szabo, Secure Property Titles argues that all three properties can be achieved up to the limits of Byzantine fault tolerance.
• Bob Wyman, The Persistence of Identity: Updating Zooko's Pyramid
• Paul Crowley, Squaring Zooko's Triangle
• Aaron Swartz, Squaring the Triangle using a technique from Bitcoin