Skip to content

fabcotech/dhttps

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits

.github/workflows

.github/workflows

 
 

.vscode

.vscode

 
 

assets

assets

 
 

src

src

 
 

workflows

workflows

 
 

.eslintignore

.eslintignore

 
 

.eslintrc.json

.eslintrc.json

 
 

.gitignore

.gitignore

 
 

.npmignore

.npmignore

 
 

.prettierrc

.prettierrc

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

api-extractor.json

api-extractor.json

 
 

package-lock.json

package-lock.json

 
 

package.json

package.json

 
 

rollup.config.js

rollup.config.js

 
 

tsconfig.build.json

tsconfig.build.json

 
 

tsconfig.json

tsconfig.json

 
 

Repository files navigation

dhttps large image

dhttps allows nodeJS developers to rapidly and seamlessly use .d domains (dappy) in their programs. It has the exact same interface as NodeJS's https.

dappy is a new domain name technology, domains are scopped under .d TLD and do not collide with any ICANN domain. Dappy was built for critical web applications, and with special care for developer experience and automation (management is JSON + CLI based).

How exactly is it more secure ?

The DNS + CA system imposes reliance on many unique agents : a resolver ran by Google or Cloudflare, Verisign for .com domains, and also imposes to trust hundreds of CAs independently. This creates major trust issues, frictions and possibilities of hacking or spying.

Service discovery for .d domains is based on co-resolution, multiple companies or foundations constitute the dappy network and share a state by being part of the same ledger/blockchain-like network. The requests hit multiple independent companies, and consensus is performed on the answers at client level (no single resolver). One company cannot fool the client.

Co-resolution is performed for IP addresses and TLS certificates that are also stored in the dappy name system. Certificates are self-signed, no need to have them signed by an authority, or renewed.

In short : a 100x simpler, more secure and trustless service discovery, leading to highly private and secure HTTPS connections.

How to use

npm i @fabcotech/dhttps

dhttps uses the dappy name system exclusively : .d and .gamma domains. You must own a domain in the dappy name system first : purchase a .d domain, get a free .gamma domain, documentation for setting up zone and TLS certificates.

dhttps has two modes, the soft mode does not override or touch node's https, and the hard mode that overrides nodejs's https.

Soft mode

The soft mode does not override any behavior of nodeJS, it just exposes dhttps and an interface similar to https: dhttps.get and dhttps.request.

import dhttps from '@fabcotech/dhttps';

dhttps.get('https://dappy.d', (res) => {
  res.on('data', (c: any) => {
    console.log(c.toString('utf8'));
  });
});

Hard mode (override)

The hard mode overrides nodeJS's https

import dhttps from '@fabcotech/dhttps';
import https from 'https';

dhttps.overrideNodeHttps();

const req1 = https.get('https://dappy.d', (res) => {
  res.on('data', (c: any) => {
    console.log(c.toString('utf8'));
  });
});
req1.on('error', console.log);

const req2 = https.request(
  {
    method: 'post',
    host: 'dappy.d',
    path: '/',
  },
  (res) => {
    console.log(res.statusCode);
  },
);
req2.on('error', console.log);
req2.end();

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages