We all know how wonderful federation is for using easy to remember IDs instead of long and cryptic blobs of chars, that's not debatable, the thing is that federation in Stellar right now is not secure and it is extremely important to have a trustable federation protocol. This proposal will try to solve the problem.
We will start by saying that federation should be stored on the blockchain, and finish saying that Stellar should adopt any protocol whichever it is and work on that implementation for the Stellar Platform as soon as possible, that would be a huge differentiator in the crowded and competitive market of cryptos.
So how should we store federation on the blockchain? Just like tokens, create a federation service public or private (trust required/revocable) and allow people to trust that service sending their ids with a predefined fee so the service can check for uniqueness, store it on the blockchain and take the fee, or reject it. Then wallets, apps and services can easily check for any johndoe@FED234 address, being FED234 the last 6 chars of the issuing address which at the same time would cost 100 XLM to start and the same protocol would check for uniqueness. That gives us one billion federation services available on the blockchain and 100 billion in fees to keep it healthy and stop abuse. Federation providers should keep a base reserve (to be determined) for every thousand vanities stored to cover usage costs.
The Stellar Foundation reserves the right to use the simplest federation without suffix for their own purposes and even some cool suffixes like @LUMENS or whatever they decide before going live. For shorter suffixes like @ME or @IBM the address will be internally right padded with As so @ME would convert to an issuer ending in ...MEAAAA. The Stellar Foundation reserves the right to verify provider identity in order to avoid impersonation or trademark infringement for cases like @IBM, @APPLE etc having the power to revoque and terminate the federation service without any retribution to the offending party. Whatever each federation provider charges for their service is up to them and users are free to join at will. Lowercase suffixes are acceptable to simplify user input, will be converted to uppercase internally.
Operations that should be added to the SDKs, or just make it a service accesible on the Labs:
- federationService(issuer, fee, flags) // starts a federation service for that issuer
- federationRegister(issuer, account, vanityId, fee) // users add their own vanity id to fed service, reject for not unique, malformed or insufficient fees
- federationAddress(vanityId) // returns the accountID for that vanityid@FED234
or simply http:\horizon.stellar.org/federation/vanity returning the accountID or 404 if not found
Tables will be added to Postgres database memcached and indexed by issuer, address and vanity for quick lookups. If stellar will be processing thousands of transactions per second then the federation protocol should be able to handle as many as well.
No need for external federation servers susceptible to hacks or downtime since federation would now be part of the consensus protocol that powers the Stellar Network.
Opinions?
