Zooko's triangle

---

title: "Zooko's triangle" type: doc version: 1 created: 2026-02-28 author: "Wikipedia contributors" status: active scope: public tags: ["secure-communication", "decentralization"] description: "Trilemma in computer science concerning network naming schemes" topic_path: "general/secure-communication" source: "https://en.wikipedia.org/wiki/Zooko's_triangle" license: "CC BY-SA 4.0" wikipedia_page_id: 0 wikipedia_revision_id: 0

::summary Trilemma in computer science concerning network naming schemes ::

::figure[src="https://upload.wikimedia.org/wikipedia/commons/5/5c/Zooko's_Triangle.svg" caption="Zooko's triangle defines three traits of a network protocol identifier as ''Human-meaningful'', ''Decentralized'' and ''Secure''."] ::

Zooko's triangle is a trilemma of three properties that some people consider desirable for names of participants in a network protocol:

• Human-meaningful: Meaningful and memorable (low-entropy) names are provided to the users.
• Secure: The amount of damage a malicious entity can inflict on the system should be as low as possible.
• Decentralized: Names correctly resolve to their respective entities without the use of a central authority or service.

Overview

Zooko Wilcox-O'Hearn conjectured that no single kind of name can achieve more than two. For example: DNSSec offers a human-meaningful, secure naming scheme, but is not decentralized as it relies on trusted root-servers; .onion addresses and bitcoin addresses are secure and decentralized but not human-meaningful; and I2P uses name translation services which are secure (as they run locally) and provide human-meaningful names – but fail to provide unique entities when used globally in a decentralised network without authorities.

Solutions

Several systems that exhibit all three properties of Zooko's triangle include:

• Computer scientist Nick Szabo's paper "Secure Property Titles with Owner Authority" illustrated that all three properties can be achieved up to the limits of Byzantine fault tolerance.
• Activist Aaron Swartz described a naming system based on Bitcoin employing Bitcoin's distributed blockchain as a proof-of-work to establish consensus of domain name ownership. These systems remain vulnerable to Sybil attack, but are secure under Byzantine assumptions.
• Far-right political blogger Curtis Yarvin implemented a decentralized version of IP addresses in Urbit that hash to four-syllable, human-readable names. Several platforms implement refutations of Zooko's conjecture, including: Twister (which use Swartz' system with a bitcoin-like system), Blockstack (separate blockchain), Namecoin (separate blockchain), LBRY (separate blockchain – content discovery, ownership, and peer-to-peer file-sharing), Monero, OpenAlias, Ethereum Name Service, and the Handshake Protocol.

Notes

References

References

1. Zooko Wilcox-O'Hearn. "Names: Decentralized, Secure, Human-Meaningful: Choose Two".
2. [[Nick Szabo]], [http://nakamotoinstitute.org/secure-property-titles/ Secure Property Titles] {{Webarchive. link. (24 November 2017 , 1998)
3. Aaron Swartz, [http://www.aaronsw.com/weblog/squarezooko Squaring the Triangle: Secure, Decentralized, Human-Readable Names] {{Webarchive. link. (15 January 2011 , Aaron Swartz, 6 January 2011)
4. Dan Kaminsky, [http://dankaminsky.com/2011/01/13/spelunk-tri/ Spelunking the Triangle: Exploring Aaron Swartz’s Take On Zooko’s Triangle] {{Webarchive. link. (16 January 2013 , 13 January 2011)
5. "Curtis Yarvin: Urbit- A Clean Slate Functional Operating Stack – λC 2016".
6. Monero core team. (2014-09-19). "OpenAlias".
7. Director of The Handshake Project. (2021-07-12). "Handshake".

::callout[type=info title="Wikipedia Source"] This article was imported from Wikipedia and is available under the Creative Commons Attribution-ShareAlike 4.0 License. Content has been adapted to SurfDoc format. Original contributors can be found on the article history page. ::