The triangle names three properties that a system of identifiers can have.
- Human-meaningful. A name a person can read, remember, and type. "alice" or "havenmessenger.com" rather than a 56-character string.
- Secure. The name reliably maps to the intended entity and cannot be hijacked or spoofed by an attacker. When you type the name, you reach the real holder, not an impostor.
- Decentralized. No single trusted authority decides who owns a name. There is no central registrar to compromise, coerce, or take offline.
Zooko's original framing held that you could comfortably get two of the three, but not all three at once. The systems we actually use bear this out, and looking at where each one sacrifices is the fastest way to understand the whole problem space.
The Classic Two-of-Three Corners
| System | Has | Gives up |
|---|---|---|
| DNS | Human-meaningful and secure | Decentralized: ICANN and registrars are central authorities |
| Tor onion v3 addresses | Secure and decentralized | Human-meaningful: the address is a hash of a public key |
| Nicknames in a chat room | Human-meaningful and decentralized | Secure: anyone can pick the name "alice" |
Consider Tor onion addresses. A v3 onion address is the encoding of an Ed25519 public key, which is why it is an unreadable 56-character string. That ugliness is not a mistake. It is the price of having a name that is self-authenticating (you provably reach the holder of that key) and that requires no registry. The address is the key, so there is nothing to look up and nothing to spoof. The cost is that no human will ever remember it.
DNS sits at the opposite corner. The name havenmessenger.com is readable and, with DNSSEC and TLS certificates, securely bound to a server. But that security flows from a hierarchy of authorities: the root zone, the registry for .com, your registrar, and the certificate authorities. Each is a point that can be compelled by a court or compromised by an attacker. DNS trades decentralization for readability.
The reason onion addresses and public-key fingerprints are secure-and-decentralized is that the name carries its own proof. There is nothing to ask a third party. The downside is baked in: a name that proves itself cryptographically cannot also be short and memorable, because memorable strings do not contain enough entropy to be a key.
Attempts to Square the Triangle
Since 2001, several systems have claimed to achieve all three corners. The interesting question is always: what assumption did they add to get there?
Namecoin was the first serious attempt. It uses a blockchain as a decentralized registry, so names like example.bit are human-meaningful, securely owned by whoever holds the key, and recorded without a central authority. It genuinely reaches all three corners, but it does so by adding a new cost: you have to run or trust a node that holds the entire naming ledger, and the security depends on the blockchain's consensus not being captured. The triangle is not so much broken as relaxed by introducing a global append-only log that everyone agrees on.
Key transparency takes a subtler path and is the one most relevant to messaging. Systems like those described in our key transparency explainer keep a human-meaningful name (a username or phone number) mapped to a public key, with the mapping published in an auditable Merkle-tree log. The directory operator is still central, which looks like the DNS compromise, but the log makes any lie detectable: if the operator ever maps your name to the wrong key, the tamper-evident structure lets anyone catch it. You get human-meaningful and secure, and you partially recover the third corner by making the central party verifiable rather than merely trusted.
Most modern resolutions of the triangle do not break it. They add a new ingredient, a blockchain or a transparency log, and trade the impossibility for a different, more tolerable assumption.
Petnames: The Oldest Answer
There is one resolution that predates the triangle and is worth more attention than it gets: petname systems. The idea, formalized by Mark Miller, is to separate the global from the local. A globally unique, secure, unmemorable identifier (a public key) is paired with a local nickname that only you choose and only you see. Your phone already does this. Your contacts list maps "Mom" to a phone number; the number is the secure global identifier, "Mom" is your private petname for it.
Petnames sidestep the triangle by admitting that "human-meaningful" does not need to be global. Names that humans use can be local and personal, while the names that machines verify can be cryptographic. The system as a whole gets all three properties because it stops insisting that one string do all three jobs.
Why This Matters for Secure Messaging
Every encrypted messenger has to answer the triangle, usually without telling you. When you add a contact by username, you are relying on the service to bind that readable name to the right key. If the binding is purely trusted, the operator could perform a key-swap and read your messages. This is the gap that trust-on-first-use and manual safety-number verification exist to close, and the gap that key transparency aims to close more automatically.
The practical takeaway for anyone evaluating a private messenger is to ask the triangle question directly. When I add someone by a readable name, what guarantees that name points to their real key, and can I verify it without trusting the operator's word? A service that has thought hard about identity will have a concrete answer: a safety number you can compare out of band, a transparency log you can audit, or a key fingerprint you can check. A service that waves the question away is quietly sitting at the DNS corner and hoping you do not notice.
Haven's design treats verifiable identity as part of the threat model rather than an afterthought, which is the same reason we write openly about how key transparency and key verification work. The triangle is not solved so much as managed, and the systems worth trusting are the ones that tell you exactly which corner they stand on and what they do about the corner they gave up.