Hello everyone, I’m looking through the protocol code at the moment (there is a lot of it) and I have a question about the specifics of how pre-orders work.
So I understand the process works something like this at the moment:
- Commit to the name you want to register: hash(NS_suffix, script_pub, name_you_are_registering)
- Then reveal the pre-image to register the name to prevent passive attackers stealing a name during the registration process.
Now what would happen if an attacker committed to a bunch of probable domains by going through step 1 and then waiting until a client does step 2 (indicating their interest) to hijack the name?
How do you decide who wins then? For example, you now have two competing transactions to try claim a registration operation for the same address. Now how does the client handle that? If its random and based on whoever confirms first then you have a race condition. If the consensus layer awards the registration to the earliest person to commit then you can still be attacked via squatters.
In any case, the client needs to be able to detect this change during the consensus phase between step 1 -> step 2. So if this isn’t being anticipated the client can receive unexpected results. If anyone can tell me more about this I’d appreciate it. I am still looking through the code myself.