Background

In Web3 world, we often need to use various types of addresses, such as Bitcoin addresses, Ethereum addresses, personal addresses, friend addresses, company addresses, and so on. These addresses are often very long and difficult to distinguish. In different scenarios, we often encounter similar problems: Whose address is this? Is it correct? Is it valid? These issues exist for scenarios such as transactions, blockchain browsers, personal pages, game leaderboards, etc.

We wonder: What if we could convert these addresses into human-readable names?

Based on this idea, we introduced the feature of .bit Alias.

What is .bit Alias?

.bit Alias is the ability to associate a blockchain address to a .bit account. With this feature, you can set a globally unique alias for any blockchain address.

For example, you can set an alias “myeth.bit” for your ETH address “0x1D6...485f”. This way, when developers display the address, they can also display the alias of ”myeth.bit” to make it easier for other users to see the owner of the address.

.bit Alias is also sometimes referred to as Reverse Resolution because its initial idea originated from Reverse DNS lookup in DNS, which is used to query a domain name associated with an IP address.

The Difference between .bit Alias and .bit Lookup:

Although both .bit Lookup and .bit Alias involve address substitution, they differ in their input and output.

For .bit Lookup, we see a .bit account and want to know which blockchain address it corresponds to, such as ”satoshi.bit” => “0xabc...def”.

For .bit Alias, we see a blockchain address and want to know which .bit account it belongs to, such as “0x123...456” => “satoshi.bit”.

This leads to different usage scenarios:

.bit Lookup is more commonly used on personal pages, social platforms, and other scenarios where names are more directly involved.

.bit Alias is more commonly used in the scenario of entering addresses during transactions to improve transaction security, as well as in Dapps where addresses are replaced with names to improve user experience.

Usage Scenarios

In the world of Web3, .bit Alias has many use cases, and here are some typical examples:

Avoiding errors when transferring assets through additional verification.

In the blockchain world, tragedies often occur due to the loss of a large amount of assets caused by an error in the transaction address. Here is a common example: When we use a wallet to do multiple transactions, we copy different addresses multiple times and then transfer the corresponding tokens. For example, we transfer 100 USDT to our external partner's address “0x123...456” for the first time and transfer 100 ETH to our colleague Satoshi's address “0xabc...def” for the second time.

However, if the second copy fails, we will paste the result of the last copy into the input box. At this time, we cannot realize that we are transferring to the wrong person. Since addresses are difficult to distinguish by the naked eye, we cannot get reasonable prompts either. The result is that we transferred 100 ETH to the partner “0x123...456” in the end. At this point, if the other party is not a decent person, then our assets will be at risk of loss. However, if we can see that the recipient is “satoshi.bit” at this time, such tragedies will not happen.

Furthermore, for particularly large amounts of asset transactions, wallets/exchanges can even display only a portion of a .bit Alias, requiring the sender to complete it before being able to send the assets. This additional verification mechanism enhances user confidence in asset transfers and actually improves the security of the asset transfer operation.

Behind this is the use of the .bit alias feature, which allows wallets to prompt you with the .bit account associated with the address you are interacting with. This can greatly enhance the security of transfers.

Prevent hacker attacks during transfer

In addition, if a hacker hijacks a user's clipboard (which is a common attack vector), the hacker can easily replace the content you copied and pasted, leading to an attack. However, by using .bit Alias, we can effectively prevent this type of attack.

Check out this real-life clipboard attack case.

Two-Step Authentication

To enable .bit alias, users need to perform two steps:

1. Add the address they want to set an alias for to their .bit data container, or ensure that the owner or manager address of their .bit account is their own address.

2. Open the .bit alias settings page, log in to the address they want to set an alias for, and set the alias to one of their .bit accounts.

Developers, on the other hand, need to follow the following two steps when verifying:

3. Call the .bit alias interface based on the address provided by the user to obtain the corresponding .bit alias.

4. Use the obtained .bit alias to call the .bit resolution interface, then obtain the corresponding .bit account information and resolution records, and see if the address provided by the user exists in the resolution records of the account owner and manager. and check whether the resolution records of the account owner If it does, the alias of the address is considered to correspond to the .bit account; otherwise, the address is deemed to have no valid alias.

Why is two-step verification necessary?

You may wonder why users need to go through two steps to set up .bit alias, and why developers need to follow two steps to query them.

This is because if we only do one .bit alias query, for example, “0x123...456 => satoshi.bit”, a potential attacker could set the alias of their address to someone else's .bit account.

For example, let's say your address is “0xabc...def”, your .bit account is “satoshi.bit”, and the attacker's address is “0x123...456”. The attacker then sets the alias of their address to your account, “satoshi.bit”.

If we only do a simple .bit alias query, other users in the relevant application will see the attacker's address displaying your name, “satoshi.bit”. Your friends might think, "Oh, this is Satoshi's address, let me send him some money." However, in reality, they are sending money to the attacker's address.

To avoid this behavior, we require two steps. After setting up the .bit alias, to make the alias effective, the corresponding address must be in the resolution record of the .bit data container (or the address is the owner and manager of the account).

This ensures that the alias you set is definitely set by you, not by someone else.

Compatible with any address

While applications like ENS also provide similar capabilities (known as Primary Record) to map Ethereum addresses to an ENS domain name, ENS is limited to supporting only Ethereum applications, and other blockchains like BNB, Tron, and Dogecoin cannot enjoy the convenience and security benefits of this feature. Furthermore, due to the constraints of the ENS contract, ENS can only have one Primary Record, so if a user has multiple Ethereum addresses, they cannot have multiple addresses pointing to the same ENS domain name.

However, .bit alias is different. With the open cryptography technology of .bit, any blockchain address can have a .bit alias. Therefore, you can set a .bit alias for any blockchain address, such as your Ethereum address or Tron address. You can even set an alias for Bitcoin and Dogecoin.

This is very useful in practical scenarios!

In fact, due to the powerful compatibility and scalability of .bit, .bit alias can be applied to any public-private key pair, just like any public-private key can have and manage a .bit account. This also means that .bit alias can not only bring us a more secure and user-friendly experience in blockchain, but also play a role in other Web3 scenarios that we have not yet imagined. Imagine that one day in the future, you can set an alias for your SSH public key or OpenPGP public key. Then, when your friends and colleagues see the public key, they can immediately know that it is your account, without worrying about getting the wrong account.

Completely Free

In previous versions of .bit Alias, we charged a storage fee of 201 CKB for each alias. We believe this hindered the adoption and promotion of .bit alias, which in turn was detrimental to improving the security of the entire Web3 world.

Therefore, we are introducing a brand new .bit alias! From now on, you can set an alias for any address without paying any fees!

Go set up now

Developer Guide

If developers need to resolve .bit alias, they can simply use the corresponding SDK or API.

• JS SDK: dotbit.js

• HTTP API: das-account-indexer

If using the API directly, please remember to call the records interface for verification after calling the .bit alias interface. For more details, please refer to: Two-Step Verification.

Looking Forward

.bit is currently the only DID naming system in the industry that can provide alias services for all blockchain addresses. We hope that this feature can provide better user experience and higher security for the entire industry.

In the future, we will support alias services for more public chains. If you have any questions, discussions, or support you would like to offer, please feel free to contact us.

Let's work together to make a greater contribution to the security of Web3!

Now, go ahead and set up your .bit alias to protect your assets: Set up a .bit alias.

About .bit

.bit is the only cross-chain unified DID protocol that can verify signatures using various asymmetric cryptographic algorithms. This unique ability allows .bit to extend its services to a wider range of users, reaching beyond just the Web3 community.

.bit 's mission is to Empower every community and individual to explore new possibilities through sovereign identity.

Contact us for any inquiry: jeff@d.id