Feature: ACME like domain verification

[poelzi]

This proposal is design do bridge the world wide DNS system to validated Sui objects.

Having on chain Domain objects will allow novel use cases to verify ownership of domains and prevent scams.

• Serve Walrus sites under own domain
• Verified URLs in package descriptions
• Allow profile links to be verified
• ...

ACME like verification

NS daemon

• SuiNS daemon is responsible for verifying requests in a distributed way
• Each instance requires a stake of NS token to become active

public struct Domain {
    /// domain name
    name: String,
    /// Date when the Domain validation expires
    valid_until: Date,
   ...
}

Verification process

1. Initiating

• User calls new_domain(name: String, method: VerificationMethod, cost: Coin<NS>) -> Domain
• Renewal renew_domain(domain: &mut Domain, method: VerificationMethod, cost: Coin<NS>)

2. SuiNS daemons with enough stake verifies the requested domain through the verification method and signs the result
   • The SuiNS daemon instance earns NS tokens for the verification process
3. Once enough stake positively signs the query result, the Domainvalid_until timestamp is extended by 3 months.

Validation Methods

• HTTP: return a /.well-known/suins/[uuid]challange
• DNS: resolve a _suins_[uuid] TXT domain challange