# Domain System (.kyk)

The KayakNet Naming System (KNS) provides decentralized domain registration for `.kyk` domains.

## Overview

* **Decentralized** - No ICANN, no central authority
* **Anonymous** - Register without identity
* **Permanent** - No annual renewal fees
* **Cryptographic** - Ownership proven by keys

## How It Works

```
┌─────────────┐     ┌─────────┐     ┌─────────────┐
│   Browser   │────▶│ KayakNet│────▶│   .kyk      │
│             │     │  Proxy  │     │  Resolver   │
└─────────────┘     └─────────┘     └─────────────┘
   home.kyk            DNS              Content
                     Lookup             Delivery
```

1. User enters `example.kyk`
2. KayakNet proxy intercepts request
3. Looks up domain in DHT
4. Routes to registered content
5. Displays in browser

## Registering a Domain

### Via Web Interface

1. Go to `http://domains.kyk`
2. Search for available domain
3. Click **"REGISTER"**
4. Set resolution target:
   * Node ID (serves from your node)
   * IP address (external server)
   * Content hash (static content)
5. Sign with your node key
6. Domain is yours!

### Via API

```bash
curl -X POST http://127.0.0.1:8080/api/domains/register \
  -d "domain=mysite.kyk" \
  -d "target=node_id:abc123..."
```

## Resolution Types

### 1. Node-Based

Domain resolves to your KayakNet node:

```
mysite.kyk → Your Node ID
```

* Serves content from your node
* Must keep node running
* Good for dynamic content

### 2. IP-Based

Domain resolves to an IP address:

```
mysite.kyk → 192.168.1.100:8080
```

* External server hosts content
* Works even if node offline
* Less anonymous

### 3. Content-Addressed

Domain resolves to content hash:

```
mysite.kyk → hash:abc123...
```

* Static content stored in DHT
* Always available
* Immutable

## Reserved Domains

These domains are reserved by the network:

| Domain            | Purpose             |
| ----------------- | ------------------- |
| `home.kyk`        | Homepage            |
| `chat.kyk`        | Chat interface      |
| `market.kyk`      | Marketplace         |
| `marketplace.kyk` | Marketplace (alias) |
| `domains.kyk`     | Domain registration |
| `network.kyk`     | Network stats       |

## Domain Rules

### Naming Rules

* Length: 3-63 characters
* Characters: `a-z`, `0-9`, `-`
* Cannot start/end with `-`
* Case insensitive (`MyDomain` = `mydomain`)

### Ownership

* First come, first served
* No expiration (permanent)
* Transferable via key exchange
* Cannot be revoked by network

### Updates

Update resolution at any time:

```bash
curl -X POST http://127.0.0.1:8080/api/domains/update \
  -d "domain=mysite.kyk" \
  -d "target=new_target"
```

Signed with your node key.

## Hosting Content

### Static Website

1. Create HTML files
2. Upload to your node
3. Register domain pointing to your node
4. Access via `yoursite.kyk`

### Dynamic Service

1. Run service on your node
2. Expose via internal port
3. Register domain
4. KayakNet routes requests to your service

## DNS vs KNS

| Feature      | Traditional DNS | KayakNet KNS  |
| ------------ | --------------- | ------------- |
| Authority    | ICANN           | None          |
| Registration | Requires ID     | Anonymous     |
| Cost         | Annual fee      | Free          |
| Takedown     | Possible        | Impossible    |
| Censorship   | Vulnerable      | Resistant     |
| Resolution   | Global          | KayakNet only |

## Technical Details

### Registration Record

```json
{
  "domain": "example.kyk",
  "owner": "node_public_key",
  "target": {
    "type": "node",
    "value": "node_id"
  },
  "registered_at": 1234567890,
  "signature": "ed25519_sig"
}
```

### Storage

Domain records stored in DHT:

* Key: `kns:example.kyk`
* Value: Registration record
* TTL: Permanent (refreshed by lookups)

### Resolution

1. Lookup `kns:example.kyk` in DHT
2. Verify signature matches owner
3. Extract target
4. Route request to target

## Subdomain Support

Subdomains work automatically:

```
blog.mysite.kyk → mysite.kyk handles routing
```

Your node can route subdomains however you want.

## Security

### Ownership Proof

* Only private key holder can update
* Signatures prevent forgery
* DHT replication prevents tampering

### Squatting Protection

None currently - first come, first served.

### Dispute Resolution

None - no authority to arbitrate.

## API Reference

### Register Domain

```
POST /api/domains/register
{
  "domain": "example.kyk",
  "target": "node_id:abc123"
}
```

### Lookup Domain

```
GET /api/domains/lookup?domain=example.kyk
```

### Update Domain

```
POST /api/domains/update
{
  "domain": "example.kyk",
  "target": "new_target"
}
```

### Transfer Domain

```
POST /api/domains/transfer
{
  "domain": "example.kyk",
  "new_owner": "new_public_key"
}
```

### List My Domains

```
GET /api/domains/mine
```

## Best Practices

1. **Secure your keys** - Losing keys = losing domains
2. **Use descriptive names** - Easy to remember
3. **Consider subdomains** - `shop.brand.kyk`, `blog.brand.kyk`
4. **Keep node running** - For node-based resolution
5. **Backup registrations** - Store proof of ownership

## Future Enhancements

* **Decentralized Marketplace** - Trade domains
* **Renewal Mechanism** - Optional periodic renewal
* **Multi-Signature** - Shared domain ownership
* **DNS Compatibility** - Bridge to traditional DNS