This will serve a base for an early-stage Speech.is implementation and hopefully many other projects. CouchDB's HTTP protocol give us really great for scaling and it provides a full-featured REST API for free. CouchDB's full replication model avoids the master/slave/sharding model of centralized servers, making each database a full-blown peer. As a developer, this is great because you can easily embed the .bit database in any application and it will just be kept up to date.
Using the API
There are robust libraries for virtually every language and there are native, embeddable CouchDB-compliant databases for iOS, Android, IE, Firefox, Chrome, Safari, NodeJS, and there is even an experimental Python port!
Documentation
You can access it at the URL below (it auto-detects content type for the headers, so plain-text for web-browsers, JSON for JS requests, etc.). You can learn more about the full CouchDB API here.
Code: Select all
https://indolering.cloudant.com/bit/name
- CORS
Unfortunately, Cloudant doesn't yet have wildcard support for CORS but just reply to this thread and I will add your domain to the CORS whitelist. I've also add http://localhost.dev so you can use this work-around.
- CouchDB
If you are using this in production you need to create your own CouchDB mirror. This requirement will probably go away soon (I have friends with lots of bandwidth) but this is really easy and you can use map/reduce to handle a lot of preprocessing tasks.
-- SAAS: 10 minutes
Create a Cloudant or IrisCouch
account, add a new 'bit' database, and turn on continuous replication from https://indolering.cloudant.com/bit.
-- Self-hosted: X min server setup + 30 minutes config.
CouchDB is in every major distro's package repository carries CouchDB. There are also docker images, VM images, and even AWS appliances and plenty of vagrant/puppet/chef scripts too. After that, add a new 'bit' database, and turn on continuous replication from https://indolering.cloudant.com/bit. As the connection is "outgoing" you probably don't even need to open additional ports.
- Running your own namecoind and CouchDB instances
Alternatively you can setup a namecoind and CouchDB instances on your own server, git clone node-namecoin, and setup a cron job. This is not for the faint of heart as the script which scrapes the Namecoin database consists of bubblegum and duct tape. Pull requests (AKA a total rewrite of dump.js) are welcome, however, after the rebase we will likely switch to subscribing to changes from the LevelDB database directly.
Security
Do not trust the security of this data feed until the service enters beta!. There is some sort of bug with the SSL and the data feed to Cloudant is not encrypted at the moment, so an ISP could insert it's own evil entries. I'm working on fixing this, but I am slammed and I have other projects which have been waiting on this so messing with the server is not a top priority. Unless someone familiar with Wheezy is willing to help my trouble shoot on IRC, this probably won't get fixed until late April.
Long term, however, this will be a very secure setup, I have all sorts of crypto-nerd daydreams about how I want it to work long-term. Whatever the final config, it will recieve a full security audit by other team members before it's allowed to beta status and move to the api.namecoin.info URL.
I've made some inquiries to the CouchDB mailing list about signing the JSON values and I'm hopeful we can get signed documents baked into CouchDB itself. I've also sketched out to to accomplish validation using CouchDB's version of schemas so verification will be part of the database itself. So as long as long as you are using CouchDB the database just won't accept insecure records. Since this will be based on the new JSON web signature standard (which already has multiple implementations) it will be simple to validate the document signatures manually as well.