I am reading one of BSD now tutorials
http://www.bsdnow.tv/tutorials/openbsd-router
As probably most of you my typical work/home DNS set up consists of local Unbound DNS resolver with DNSSEC validation turned on. However above tutorial advocates the use of dnscrypt-proxy. My understanding is that dnscrypt-proxy is useful in the case local resolver is forwarding requests to another resolver like OpenDNS (no U.S. resolver should be used IMHO if the privacy is of any concern). In my case my understanding is that each uncashed request will go to a top domain. Ideally one would be able to encrypt such traffic with DNSCurve but I am not aware that Matthew Dempsky finished that code and removed those explicit dependencies on Linux kernel system calls.
My question is: Is dnscrypt-proxy at all useful for people who run their own Unbound resolver (for example on my laptop) and don't forward DNS request to any server? Could anybody please explain me how dnscrypt-proxy actually works (RTFM with the link is OK too).