How does Blockstack secure its search?


@noureddine asked me in Slack how Blockstack secures the search lookups. How does the client know the validity of the results the search provider tells it. Or is this an issue of trusting the provider or alternatively using an own search index?


Looking up a name’s profile can be done securely if you have a locally-running node. The Blockstack node indexes the blockchain to find the name’s associated zone file hash, and participates in the Atlas network to preemptively fetch each name’s associated zone file (which hashes to the on-chain hash). Using the zone file, the client doing the lookup fetches the off-chain profile and verifies its signature against the public key in the zone file (if the zone file does not have a public key, the on-chain owner address is attempted instead). If @noureddine does not trust a 3rd party resolver like Onename, then the correct thing to do is run a local node and issue blockstack lookup requests to it instead of

If you instead need to search through the off-chain name profiles, the correct thing to do is run a search server. The search server implementation simply walks through the set of profiles by iteratively scanning through the set of names, fetching their profiles, and indexing their contents. You can run your own if you’d like, but otherwise you’d be trusting the remote search server to report complete results.


Thanks for the clarification.