||This article includes a list of references, but its sources remain unclear because it has insufficient inline citations. (September 2010)|
Zooko's triangle is a diagram named after Zooko Wilcox-O'Hearn which sets out suspected tradeoffs for a system for giving names to participants in a network protocol. At the vertices of the triangle are three properties that are generally considered desirable for such names:
- Secure: The quality that there is one, unique and specific entity to which the name maps. For instance, domain names are unique because there is just one party able to prove that they are the owner of each domain name.
- Decentralized: The lack of a centralized authority for determining the meaning of a name. Instead, measures such as a Web of trust are used.
- Human-meaningful: The quality of meaningfulness and memorability to the users of the naming system. Domain names and nicknaming are naming systems that are highly memorable.
Of these three properties, proponents of Zooko's triangle argue that no single kind of name can achieve more than two. So the edges of the triangles represent the three possible choices for a naming scheme:
- Decentralized and human-meaningful: This is true of nicknames people choose for themselves.
- Secure and human-meaningful: This is the property that domain names and URLs aim for.
- Secure and decentralized: This is a property of OpenPGP public key fingerprints.
The contribution of Zooko's triangle is not that the triangle presents an unsolvable problem, but that a systems designer must compromise in some way. Although no one kind of name can have all three properties, a system can be built that provides the three features with a combination of techniques, and with chosen compromises.
For example, Petname systems demonstrate that one can build a naming system by dynamically translating between different possible kinds of names. Computer scientist Nick Szabo argues that all three properties can be achieved up to the limits of Byzantine fault tolerance.
The internet activist Aaron Swartz described a naming system based on Bitcoin which tries to square Zooko's triangle by employing Bitcoin's distributed blockchain as a proof-of-work to establish consensus of domain name ownership. Dan Kaminsky questioned the security guarantees of such a system due to propagation delays and sybil attacks. A few months after the proposal, Namecoin was released which implements the concept.
Zooko's triangle is not a proof, but rather a suspicion; as Zooko puts it, "I didn't prove that it is impossible to have all three features, I only said that I doubted that your namespace will have all three.".
- Wilcox-O'Hearn, Zooko, Names: Decentralized, Secure, Human-Meaningful: Choose Two, retrieved 21 January 2009
- Mark Steigler, Zooko, An Introduction to Petname Systems, Feb 2005
- Nick Szabo, Secure Property Titles, 1998
- Aaron Swartz, Squaring the Triangle: Secure, Decentralized, Human-Readable Names, Aaron Swartz, January 6, 2011
- Dan Kaminsky, Spelunking the Triangle: Exploring Aaron Swartz’s Take On Zooko’s Triangle, January 13, 2011
- Zooko Wilcox-O'Hearn, Names: Decentralized, Secure, Human-Meaningful: Choose Two – the essay highlighting this difficulty
- Mark Steigler, An Introduction to Petname Systems – a clear introduction
- Nick Szabo, Secure Property Titles – argues that all three properties can be achieved up to the limits of Byzantine fault tolerance.
- Bob Wyman, The Persistence of Identity: Updating Zooko's Pyramid
- Paul Crowley, Squaring Zooko's Triangle
- Aaron Swartz, Squaring the Triangle using a technique from Bitcoin