Add BIP 353: DNS Payment Instructions #1551

User behavior has clearly indicated a strong demand for the resolution of human-readable names into payment instructions. This BIP defines a protocol to do so using only the DNS, providing for the ability to query such resolutions privately, while utilizing DNSSEC to provide compact and simple to verify proofs of mappings.

I'd like to hereby request a BIP number assignment. What is the current approach to do so - since the mailing list has died, is a post on delving bitcoin the appropriate place to publish BIP drafts?

I like this! It's implicit in the example, but maybe say explicitly that the combination of USER + DOMAIN should be rendered as an email address, i.e., USER@DOMAIN.

What is the current approach to do so - since the mailing list has died, is a post on delving bitcoin the appropriate place to publish BIP drafts?

This was just announced yesterday, but looks like https://groups.google.com/group/bitcoindev will be the new mailing list hosting (?)

IMO a .well-known path would be better. Among things that use internet identifiers, Mastodon, Nostr, and Lightning all use .well-known paths. Only email and Bluesky use DNS records. Resolving DNS records has a higher barrier in most environments, and is nearly impossible to resolve in client-side JS without relying on a third-party service.

IMO a .well-known path would be better. Among things that use internet identifiers, Mastodon, Nostr, and Lightning all use .well-known paths. Only email and Bluesky use DNS records. Resolving DNS records has a higher barrier in most environments, and is nearly impossible to resolve in client-side JS without relying on a third-party service. @alexgleason the draft BIP addresses this directly with its own concerns in the opposite direction: "(a) lacking succinct proofs of namespace to public key mappings, (b) revealing sender IP addresses to recipients or other intermediaries as a side-effect of payment, (c) relying on the bloated TLS Certificate Authority infrastructure".

I'm not actually sure I understand (a), but (b) and (c) seem like really strong points to me.

(b) revealing sender IP addresses to recipients or other intermediaries as a side-effect of payment, (c) relying on the bloated TLS Certificate Authority infrastructure

You could allow HTTP .well-known with .onion / .i2p, then these two problems disappear (but other problems arises, of course, for example, Tor is often not reliable on phones, etc).

Probably both DNS TXT and HTTP(S) .well-known methods could be standardized.

I'm not actually sure I understand (a), but (b) and (c) seem like really strong points to me.

It means that just because you can upload a file to a .well-known path, doesn't mean you actually own the domain.

As for (c), the "bloated TLS stack" is pretty convenient to deal with in most languages. You are likely doing HTTP stuff anyway, but for DNS you'll need to add a new library and learn how to use it. It's less developer friendly.

The privacy concern of (b) is understandable. But IMO it's the wrong trade-off, because it's inconvenient while not even being fool-proof. You can track requests either way if you run a DNS server.

Also, importantly, if you're building a system to expose many addresses (not just one-offs), it becomes impractical to update DNS records for every new user. You HAVE to use a .well-known path. Any custodial service would need to do it like that.

@alexgleason

for DNS you'll need to add a new library and learn how to use it. It's less developer friendly.

Sure. I think it's a tradeoff between that and the other disadvantages listed in the BIP. I think it'd be nice to have better privacy (at least in some cases) and not to tie Bitcoin standards to TLS.

if you're building a system to expose many addresses (not just one-offs), it becomes impractical to update DNS records for every new user. You HAVE to use a .well-known path. Any custodial service would need to do it like that.

Or they could just run their own DNS server connected to their database.

(a) lacking succinct proofs of namespace to public key mappings

This one is quite important. If you want to have a hardware wallet (which is not online and does not have a TCP stack in it), you really want to be able to hand it a succinct cryptographic proof that the given name matches the given address. You cannot do this with TLS, but DNSSEC makes this trivial (I implemented a validation library http://http-dns-prover.as397444.net/)

Regarding HTTP "being simpler", I strongly disagree, actually. If you have a domain, adding a single TXT record to your DNS is generally incredibly simple. Sure, if you already have an HTTP server adding a file to it isn't that much work, but even then it's probably as much or more work than just going to your DNS control panel and adding a single record.

You could allow HTTP .well-known with .onion / .i2p, then these two problems disappear

Not at all, that's a lot of work for everyone trying to implement this. DNS you get this for free! You don't have to do a ton of work to integrate Tor everywhere (which has spotty success at best), you have a proxy already pre-configured on ~every internet-connected machine on the planet!

Also, importantly, if you're building a system to expose many addresses (not just one-offs), it becomes impractical to update DNS records for every new user.

I believe you missed Bastien's original ML post or https://github.com/lightning/blips/pull/32 - a custodial provider only needs to add one wildcard record for all users in the lightning context!

for DNS you'll need to add a new library and learn how to use it. It's less developer friendly.

Is probably worth pointing out that I went ahead and implemented all the required work, with a nice little library with only a few functions exposed. It's really not a lot of work to call one function, I promise :p

than just going to your DNS control panel and adding a single record.

Which is a manual task. Sure you could automate it somehow via a deployment, but it would involve using an orchestration tool (e.g. terraform) that works with the cloud provider you use to host your DNS records, which then would involve some kind of secret token use in your CI pipeline in case you use that as a deployment (and in this case, a CI pipeline would need to normally be triggered by a git push of a tag or some sort of manual trigger, like workflow_dispatch in GitHubActions).

However, pushing/updating a file in your server (or the server being used for your website) is usually a task that is so much easier to automate. For example, if you're using github pages, just do a git push (not even a git tag push), and done.

Which is a manual task.

Indeed, which seems perfectly reasonable for something you do once and never have to touch again!

I like this! It's implicit in the example, but maybe say explicitly that the combination of USER + DOMAIN should be rendered as an email address, i.e., USER@DOMAIN.

I'm actually kind of torn on this. I'm no UX expert, but I've seen some legitimate points raised around how this is a bit confusing given users actually confuse them for email addresses. Other systems have gone another way (eg mastodon with @user@domain or bluesky with just user.domain) seemingly for this reason.

The nice thing about USER@DOMAIN is that its compatible with existing LNURL (senders can just query DNS and fall back to LNURL when it fails and recipients can thus upgrade as they see fit), but we could also do other things which are subtly compatible but provide UX distinction, eg $user@domain (which is still compatible with LNURL though the $ is very US-centric).

This was just announced yesterday, but looks like https://groups.google.com/group/bitcoindev will be the new mailing list hosting (?)

Indeed, just seems like given the lack of subscribers there that may or may not meet the BIP criteria of posting to the bitcoin-dev ML as a formal part of the BIP proposal process.

DNS is great, but its "censorship resistance" can be improved upon (reach the highest possible level) with minimal overhead, by using Mainline DHT as the Root server, and public keys as the TLDs, all of which is already implemented and stress tested to a degree.

If this bip gains traction, it wouldn't be too much extra work to ask clients to recognize these sovereign TLDs.

Why not just use OpenAlias, which is already supported in Electrum?

From a logical stand point DNS should be preferable, it was invented for this after all, however there are some reasons for which i believe .well-known in reality is a much superior choice:

• DNS cannot be queried from webapps or extensions: this would force webapps to proxy resolutions to a server
• DNS doesn't give you the absolute control on record caching: you can hint a TTL, but it is not guaranteed to be respected (the infamous up to 24 hours for propagation...)
• HTTPS is supported by virtually every device that needs to connect to the internet, encrypted DNS is not or not always enabled by default. If encrypted DNS is not enabled, your isp can know your payment intentions, contrary to only the ip hosting the .well-known path.

If this needs to be a standard that is future proof and flexible, the .well-known approach can be integrated in all existing environments in a secure and decentralized manner and it can update in realtime.

DNS cannot be queried from webapps or extensions: this would force webapps to proxy resolutions to a server

Wrong. DoH exists and is encouraged.

DNS doesn't give you the absolute control on record caching: you can hint a TTL, but it is not guaranteed to be respected (the infamous up to 24 hours for propagation...)

You can't control HTTP caching either if you want the same distributed nature of DNS caching. If you want strong consistency, clients can always choose to query the Authoritative DNS server directly disregarding caching. This is not a valid point.

HTTPS is supported by virtually every device that needs to connect to the internet, encrypted DNS is not or not always enabled by default. If encrypted DNS is not enabled, your resolver can know your payment intentions, contrary to only the ip hosting the .well-known path.

See DoH

If this needs to be a standard that is future proof and flexible, the .well-known approach can be integrated in all existing environments in a secure and decentralized manner and it can update in realtime.

DNS will outlast every adhoc protocol/format you build on top of .well-known. DNS is natively supported in every OS, DoH is just as supported in browsers as .well-known, and DNS is distributed by nature unlike web servers, and realtime updates (consistency) is possible through ignoring caching and querying the authoritative server directly.

Wrong. DoH exists and is encouraged.

this would force webapps to proxy resolutions to a server

The DoH provider is your proxy server. If you don't use the ISP/locally provided dns resolver, it means you need to hardcode a resolver in your webapp (dns over http standard or anything else, doesn't make a difference), actually you need a resolver that exports cors headers, meaning probably cloudflare or google and few others... not so decentralized i'd say

You can't control HTTP caching either if you want the same distributed nature of DNS caching.

This is false, you actually can tell the client how long the cache should be considered valid and check for changes, using the access control headers and etag, you can also cache until a new version is available. The key point here is that you can instruct the client to adapt to your use case, this is not possible with DNS.

choose to query the Authoritative DNS server directly disregarding caching

The authoritative DNS servers that support DoH?

Why not just use OpenAlias, which is already supported in Electrum?

First of all i wasn't aware of it until today :). However, while it seems to be conceptually similar in many ways (as far as I can tell the only concrete difference is it's looking up a different name?), this is a more concrete and extensible format for bitcoin payment instructions for wallets which already support and have logic for handling BIP 21 URIs (basically all wallets). AFAICT you could define "Bitcoin payment instructions" as encoding bitcoin: URIs in the openalias names specifically and thus "use OpenAlias", but (a) you'd still need a BIP like this defining the format and (b) the OpenAlias names clutter the existing domain records, which is undesirable compared to using a clearly Bitcoin-specific name. For example, getting someone to "add TXT record "random gibberish" to their domain is fairly normal to verify a domain name for some service, but one which includes "_bitcoin-payment" in the name less so :). Ultimately I'm not sure what difference "supporting OpenAlias" would bring here, aside from an extra "oa1:" in the TXT record itself and a slightly less descriptive query name.

Please don't bother commenting any further here that "this should use HTTP". If that's your take please read the text of the BIP which clearly explains why HTTP is horribly unsuited to this goal, and if you still disagree go quite your own spec instead. That's not changing here.

Ultimately I'm not sure what difference "supporting OpenAlias" would bring here, aside from an extra "oa1:" in the TXT record itself and a slightly less descriptive query name.

There's a working group (#openalias on Libera) seeking to define an OA v2 standard to solve some of the points you raise, as well as adding pathing (eg. if you're sending USDT then these are the chain priorities I want for receiving it). I think my only thinking here is that pushing for OpenAlias (via a BIP or otherwise) is beneficial for five reasons:

1. It is extensible enough to support BTC L2s, LN, Ark, etc.
2. XKCD standards comic🤭
3. It already has wallet support in Electrum, which is good groundwork
4. OpenAlias has some fundamental support for DNSCrypt lookups, which are good from a privacy perspective
5. We've done the heavy lifting in terms of figuring out how the UX should react to a DNSSEC failure / unavailability

Either way, I'll support this as a Bitcoin-only mechanism and/or a BIP that aligns with a hypothetical, improved OA v2.

It is extensible enough to support BTC L2s, LN, Ark, etc.

So is this, by reusing logic any wallets already have.

XKCD standards comic🤭 It already has wallet support in Electrum, which is good groundwork

Fair, but you're suggesting a to-be-defined v2 spec, which is incompatible anyway, so not sure defining a new one is bad :).

OpenAlias has some fundamental support for DNSCrypt lookups, which are good from a privacy perspective

So does any DNS proposal?

We've done the heavy lifting in terms of figuring out how the UX should react to a DNSSEC failure / unavailability

I mean I'm not sure what heavy lifting there is to do here? The answer is "payment fails" :).

Either way, I'll support this as a Bitcoin-only mechanism and/or a BIP that aligns with a hypothetical, improved OA v2.

Fair enough, and I'm happy to provide input on a OA v2, it'd be cool if it kinda codified basically this, with different URIs for other non-bitcoin protocols. Also happy to tweak the paths here slightly if it makes sense to be compatible and don't introduce other drawbacks, but IMO this should still stand on its own to define bitcoin-specific logic.

Wrong. DoH exists and is encouraged.

What would be the benefit if DoH has to be used? You could just do LNURL-pay then.

What would be the benefit if DoH has to be used? You could just do LNURL-pay then.

LNURL-pay must be called for every payment. With BOLT 12 offers, DoH is only called once to fetch the offer. All subsequent payments avoid this thus improved censorship resistance and privacy. (and security, as the invoice isn't being served by the LNURL server).

Fair enough, and I'm happy to provide input on a OA v2, it'd be cool if it kinda codified basically this, with different URIs for other non-bitcoin protocols. Also happy to tweak the paths here slightly if it makes sense to be compatible and don't introduce other drawbacks, but IMO this should still stand on its own to define bitcoin-specific logic.

I agree with this - if we could come up with a BIP that aligns with OA v2 that would be amazing, then it really harmonizes things for anything built on top of Bitcoin / sidechains / alt-layers, including tokens like USDT.

What would be the benefit if DoH has to be used? You could just do LNURL-pay then.

Please read the BIP text, specifically drawbacks (a), (b), and (c). Note that (b) applies as clients can select a DoH provider who commits to not log individual queries but with direct connection that doesn't exist. Further, a DoH provider is substantially less likely to geoblock whereas LNURL-pay providers already do.

Another thought: the parsing of USER@DOMAIN is pretty trivial, but how to do it should be mentioned.

Another thought: the parsing of USER@DOMAIN is pretty trivial, but how to do it should be mentioned.

Agreed, I'd like to add a section on displaying this info, but not sure if you saw my comment at #1551 (comment) - I'd like to discuss whether we want specifically USER@DOMAIN for a bit first. Do you have any opinion on that?

I believe you missed Bastien's original ML post or lightning/blips#32 - a custodial provider only needs to add one wildcard record for all users in the lightning context!

I've been trying very hard to understand this. How could a wildcard record solve the problem? Where would names be stored so they can be associated with keys, and how can a wildcard record get us there (eg what would its value be)?

I've been trying very hard to understand this. How could a wildcard record solve the problem? Where would names be stored so they can be associated with keys, and how can a wildcard record get us there (eg what would its value be)?

Lets take this discussion to https://github.com/lightning/blips/pull/32 since its lightning- (or other payment protocols) specific. The doc there explains how it works for LN, but other payment protocols that want to support this will need some mechanism to flag a payment as for a given user inline as a part of the payment.

Maybe look into Namecoin and Raven for code inspiration, then close this pull request, then make a new pull request with code examples from the before mentioned platforms that can be migrated to Bitcoin?

From there, devs can review and help turn what you want into a reality.

That being said, implementation would probably be best done at a layer two due to security and efficiency concerns.

Concept ACK :rocket: , thanks for going through the effort of writing this down in BLIP format!

Great idea. @alexgleason asks:

a custodial provider only needs to add one wildcard record for all users in the lightning context!

How could a wildcard record solve the problem?

I had the same question. If I understand correctly, wildcard resolutions return the same record for any subdomain, for a central service this would point to the general centralized service's node. You're correct in that you'd then need a secondary lookup mechanism.

If you look through the proposed BLIP/BOLTs that are linked in this document, @TheBlueMatt has further defined an onion message protocol that allows you to request a custom offer for a specified user using onion messages.

The BLIP proposal states the following:

Alternatively, for recipients which do not wish to publish a unique offer for all possible payees,
a wildcard record may be provisioned as *.user._bitcoin-payment.`domain` with the contents
`bitcoin:?omlookup=hex_encoded_blinded_path`. The node receiving onion messages at the given
blinded path is then expected to respond to `offer_request`-containing onion messages with
`offer_response`-containing onion messages.

The BOLT proposal for adding an offer_request and offer_response can currently be found here:

https://github.com/lightning/bolts/pull/1136/commits/5809dfd1fce7fe1233812acb25bd37b908318968

Correct me if I'm wrong but it may be useful for responding apps to provide any-amount BOLT12s as a response, such that wallets/requesting apps can cache these for future payments?

I love this push forward. <3 though I am in favor of openalias and what @fluffypony says. OpenAlias has been around for years. It works. It is extendable and apps just have to agree on a bunch of key/value pairs. I am wondering if a bitcoin specific spec is helpful here. For example OpenAlias can also be used for a Nostr identifier along with resolving payment information. So to me this problem is somewhat unrelated to the underlaying payment protocol.

LGTM :)

Hi! Just FYI, I helped with a similar document ~10 years ago. It was an IETF draft. It's here if you think it could be useful. A second draft was worked on with a lot more detail, including integrating BIP 32-style functionality, was written but not published for various reasons.

MUST take precautions to prevent homograph attacks

This clause is vague. The specific precautions that must be taken should be specified, or this should be changed to MAY to allow for different interpretations of this clause.

Agreed, I'd like to add a section on displaying this info, but not sure if you saw my comment at #1551 (comment) - I'd like to discuss whether we want specifically USER@DOMAIN for a bit first. Do you have any opinion on that?

Whoops, missed that!

I think I'd need to understand the potential issues with USER@DOMAIN better. Just off the top of my head:

1. A user might post a payment address, USER@DOMAIN, and then someone sees it and sends mail to it.
2. A user might post an email address, USER@DOMAIN, and then someone sees it and tries to send bitcoin to it.
3. A user posts a payment address, USER@DOMAIN, and people don't realize they can send bitcoin to it, because it looks like an email address.
4. A domain supports both mail and payments, but the mail usernames aren't the same as the payment usernames, so the recipients of mail and bitcoin sent to USER@DOMAIN are different.

4 seems pretty crazy. If a domain supports both but with different mapping of usernames to users, they should probably just not do that.

Assuming 4 isn't happening, than 1 and 2 don't seem like big issues. Mail to a non-existent address will be answered with a bounce messages, and making a payment to USER@DOMAIN, where USER either doesn't exist or DOMAIN doesn't support payment looks should also generate a good error message.

3 seems like not a huge problem. Users will probably be saying something like "please send me bitcoin at USER@DOMAIN", and there will probably be other contextual cues for whether it's a payment address or a mail address.

I personally like USER@DOMAIN much better than USER.DOMAIN or other weird formats, like @USER@DOMAIN.

A couple random thoughts:

• When trying to get payment instructions for USER@DOMAIN, it would probably be good if the client could distinguish between USER being misspelled and DOMAIN not being configured to accept payments at all, so it can show the user a better error message.

Thus, those wishing to avoid such enumeration should carefully ensure all DNS names return valid payment instructions.

It should probably be noted that this is super dangerous, since this could lead to bitcoin not going to the intended recipient if you misspell the username.

4, sadly, is happening currently on getalby.com :(. There's some further discussion on display at https://discord.com/channels/903125802726596648/1083667569355014144 and on https://github.com/BitcoinDesign/Meta/issues/638

As pointed out here (https://github.com/BitcoinDesign/Meta/issues/638#issuecomment-1947454275), spam is a very different beast for email vs. money. No one wants spam email. Anyone would be happy to receive money from random people. By combining the two, users will be hesitant to publicize their email thus limiting their ability to publicize their money address.

As pointed out here (BitcoinDesign/Meta#638 (comment)), spam is a very different beast for email vs. money. No one wants spam email. Anyone would be happy to receive money from random people. By combining the two, users will be hesitant to publicize their email thus limiting their ability to publicize their money address.

In that case, they could have a payment address at a different domain, so if their email address is foo@bar.com, their payment address could be foo@baz.com, and they can share their payment address freely without worrying about spam. I don't think how things are formatted makes a difference, since if they have the username foo and domain bar.com for both mail and payments, you could still guess the email address from the payment address, regardless of how the payment address is formatted.

Related: Lightspark recently introduced Universal Money Address - $USER@DOMAIN (USER$DOMAIN might be tempting, but apparently used by XRP Paystrings). (How aboutUSER₿DOMAIN? - gotta milk that ₿ Unicode symbol and avoid $! :) )

(How aboutUSER₿DOMAIN? - gotta milk that ₿ Unicode symbol and avoid $! :) )

Choosing a symbol that is not present on most keyboards would be a mistake, IMO.

Related: Lightspark recently introduced Universal Money Address - $USER@DOMAIN

Is there any chance that we can have either OpenAlias or UMA end up being BIPs themselves?

I think this a reasonable proposal but also the authors should consider what OpenAlias has to offer as existing groundwork. As someone who has worked on a blockchain based naming system with succinct namespace proof, I definitely appreciate the awareness of hardware wallets, and being able to offer tiny proofs to limited systems.

My biggest concerns are:

• Centralization of DNSSEC: ICANN (root), companies like Verisign (.com) and CentralNic (hosts TLDs and does all their DNSSEC signing) are central points of failure or address-swapping. That being said, posting your bitcoin address on a HTTPS website has exactly the same risks, plus more. BIP70 comes to mind...

• Developers are afraid of DNS. Joe Average App Developer certainly knows how to make https requests, but retrieving and validating a DNSSEC chain might be out of their scope.

• Address reuse. I'd love to see this protocol restricted to BOLT12 / LN keysend and Silent Payments (BIP352). That might be unreasonable. Recommending a short TTL is good, but only if you are running a nameserver with an xpub or table of static addresses (which I have sortof implemented before, and would happy to write a BIP-xxxx nameserver)

All this being said, I agree there is a clear demand and despite my concerns, this proposal is probably the quickest way to get something useful deployed. Be sure you answer my 10-year-old stack exchange question too :-)

https://bitcoin.stackexchange.com/questions/11390/is-anyone-developing-a-dns-like-system-for-bitcoin-addresses

Centralization of DNSSEC: ICANN (root), companies like Verisign (.com) and CentralNic (hosts TLDs and does all their DNSSEC signing) are central points of failure or address-swapping. That being said, posting your bitcoin address on a HTTPS website has exactly the same risks, plus more. BIP70 comes to mind...

Indeed, ultimately any human-readable-name -> bitcoin payment instructions protocol is going to either (a) require some blockchain-based solution (which is a reasonable candidate, but the BIP addresses this in a general sense, noting that the lack of adoption of these solutions outside their vertical, and that requiring bitcoin wallets rely on these protocols is not yet, IMO, a reasonable candidate).

Luckily there's lots of diversity in terms of TLD operators to choose from, and while the root centralization is concerning, resolvers can AXFR the root zone manually (in fact most recursive resolvers have built-in support for this now!) and do it only infrequently if they wish.

Developers are afraid of DNS. Joe Average App Developer certainly knows how to make https requests, but retrieving and validating a DNSSEC chain might be out of their scope.

Sure, kinda. In terms of automating writing contents to the DNS that is largely true (though, frankly, IMO an indictment of Joe Average App Developer, since the DNS is genuinely an incredibly straightforward and simple system), but this spec addresses that in a few ways:

(a) on the receiving payments end, for average users its intended that users can simply add their own entry to their own zone. This is a one-time thing that is well-supported in most registrar/DNS host GUIs. (b) on the receiving end, for larger providers, at least on the lightning end, you can use BOLT12 to add a single record and receive payments for all users, seeing the user being paid via the invoice-request (linked the bLIP draft above). (c) on the receiving end, for larger providers not using lightning, I dunno, grow up, you're a large custodian, learn to take advantage of the technologies that exist or you shouldn't be a large custodian :shrug:.

On the sending end, I spent the time to implement a multi-tool to handle the querying/proof generation/validation, linked in the BIP. For lightning nodes, I wrote up a spec to allow fetching a proof from an arbitrary lightning node over onion messages, so the whole process never has to leave the lightning network! For others, the library linked handles querying against a DoH or TCP/53 server, and can run and do so from WASM or native code. If folks can't figure out how to make DNS requests with that much provided, not sure what to say :)

Address reuse. I'd love to see this protocol restricted to BOLT12 / LN keysend and Silent Payments (BIP352). That might be unreasonable. Recommending a short TTL is good, but only if you are running a nameserver with an xpub or table of static addresses (which I have sortof implemented before, and would happy to write a BIP-xxxx nameserver)

Yea, don't disagree, @rustyrussell pointed out that we should suggest rotation whenever a payment is received, which I think is sensible and may be somewhat doable for larger providers. For individuals adding their own records, sadly, I'm afraid address reuse would be somewhat common. That said, if we get BOLT12 and SP to be common-enough, even if a static address is in the record, most payments wont use it :)

Pushed a few small updates, plus changed the display format to ₿user@domain (that's a bitcoin symbol if you are missing good fonts). This makes a tradeoff between compatibility with lnurl (user@domain) and getting confused with email (by adding an explicit prefix). I consider this ~final at this point, absent some substantial issues or minor clerical mistakes.

Happy you're giving the optional ₿-prefix a chance! Typing out and risking misspelling the receiving address is not something one wants to encourage anyway, but you still allow dropping the prefix for those who insist on typing. (And one still has to have a valid DNS record, so misspelling only becomes an issue for domains with many users).

Looks mostly good to me, a couple nits/questions.

ACK https://github.com/bitcoin/bips/pull/1551/commits/d618202ed00b1481d4938bcbcd0d6b27753df6f5

I did a light review.

Beside the missing fields in the preamble, please include a license and add the mandatory Backwards Compatibility section, even if it is just to say that there are no conflicts.

Done!

Almost ready, I just noticed a few more minor issues:

• Please add the missing Copyright section (via BIP2: BIP Licensing: Specification):

  In all cases, details of the licensing terms must be provided in the Copyright section of the BIP.

and see the individual comments I left.

Changes look good to me. This document now fulfills the BIP formatting requirements.

Let’s call this BIP 353.

Please amend your document to use the number 353 and add the corresponding table entry to README.mediawiki.

Done

LGTM, except that you might want to fix the typo. ;)

:facepalm:

ACK 4f75edb2b85f55f5723e379584e52181f5f44269

Followup PR to clarify the ₿-prefix instructions: #1645

OpenAlias

The difference is not reinventing the wheel. There is no need for such a thing. The other reason, is, OpenAlias being supported and used by other ones means it can standardized. I can point you to donate.albassort.com, and there is an XMR and BTC address. Your solution would require multiple. Ok, heres my BTC subdomain, heres my XMR subdomain. Unless, it can parse OpenAlias, and ignore them, and skip to your thing, which makes no sense to do.