Blockchain DNS: Is Blockchain The Future of Domain Names?

December 03, 2021 - 12 min read

Blockchain Can Offer Superior Availability, Integrity, and Privacy for Domains

The DNS, or Domain Name System, acts like a phonebook for the internet, ensuring that web traffic is routed to the correct IP address.

The DNS or, The Domain Name System, acts like a phonebook for the internet, translating easy-to-understand domain names, like google.com, into a specific Internet Protocol (IP Address). This allows web browsers, like Google’s Chrome and Microsoft’s Internet Explorer, to locate the correct website for the user. 

The DNS system has been operating continuously since 1983 and is continuously evolving to suit the needs of an ever-growing internet. For the DNS to operate correctly, it must provide constant availability to users, must maintain data integrity to prevent data corruption, and needs to implement a certain degree of privacy to make it harder for the public to analyze the browsing history of individual users. 

In general, DNS packets are unencrypted, so when users send requests to a DNS server, both the DNS server and all other parties on the route (including your internet provider and anyone else on your WiFi) know exactly what websites you are visiting. 

Currently, the DNS system is fully centralized and is organized by ICAAN (The Internet Corporation for Assigned Names and Numbers), a non-profit organization based in the United States. DNS data is distributed worldwide but is managed by different organizations hierarchically, via a first-level, the root level, managed by registries, and a second-level system, which is operated by registrars. 

Right now, giants like Cloudflare, GoDaddy, Amazon, Google, and Namecheap, among others, dominate the domain registration space, registering and renting domain names to users in a centralized manner that is neither private, democratized, or particularly secure. These services can, at any time, delete or remove a customer’s domain, and are also vulnerable to hacking. 

All of this means that, while the DNS system is essential to our modern internet, it has a wide variety of vulnerabilities– vulnerabilities that could potentially be solved by the integration of blockchain technology into the current DNS system. 

In this article, we’ll discuss both the current shortcomings of the existing DNS system, as well as the advances in blockchain technology that are providing the next generation of internet users more secure, flexible, decentralized, and censorship-proof domains. 

DNS Hacks Demonstrate The Vulnerability of the Current DNS System

Currently, the DNS system is vulnerable to a wide variety of types of hacking and other methods of manipulation. One common attack is referred to as a DNS hijacking or redirection attack, which redirects a user from the expected web address to a different, typically malicious, website. This website may be intended to look like the real website, leading a user to enter personal information or to accidentally download a virus or malware onto their computer. 

DDOS or Distributed Denial of Service attacks are another major vulnerability of the current DNS system. DDOS attacks work by overwhelming the target with a massive amount of internet traffic. DDOS attacks are often carried out by “bot farms,” or large networks of computers that have been compromised and are now controlled by a hacker.  

DDOS attacks on one website are one thing, but a DDOS attack on the servers of a major registrar, or even ICANN itself, could take down a large portion of the internet, leading to economic losses and even political chaos. 

Another type of DNS attack is DNS tunneling, which transmits additional information through the DNS protocol that typically resolves network addresses. Instead of only transmitting necessary data, DNS tunneling injects more data into the DNS pathway, and can often bypass firewalls and other security measures. DNS tunneling can allow a hacker to take control of the domain in question, and can also be used to steal large amounts of domain data. This method has been notoriously used by Iranian hackers to sabotage corporate and government websites in other countries, such as the U.S. and Israel. 

A Decentralized, Blockchain DNS Could Increase Security of Domains, Internet Users

Blockchain DNS systems work via distributed networks, with many providing individual nodes equal voting authority over changes to the distributed ledger.

Modern blockchain technology involves the creation of a distributed network, via which a distributed ledger records transactions that are replicated on a series of independent, distributed nodes. Transactions are clustered into blocks, which must be validated by a substantial amount of nodes to be permanently added to the ledger. 

Unlike some blockchain systems, in most cases, blockchain DNS providers provide each node with the same voting authority. In general, all nodes must participate in “voting” to approve new changes to the DNS system. While the system isn’t perfect, it helps prevent “whales,” or powerful groups of nodes, from dominating the system and making potentially harmful changes. 

By decentralizing and distributing the DNS network, it could make it significantly more difficult for hackers to disrupt the system. It could also prevent DNS issues caused by natural disasters that could take servers offline at major registrars. 

Since data on a blockchain ledger cannot be changed or modified after the fact, it would reduce or eliminate the need for current DNS security measures, such as the DNSSEC, or Domain Name System Security Extensions. Currently, this system requires a significant amount of maintenance and necessitates the re-signing of a DNS root zone’s public key information every three months as a security measure. 

Blockchain DNS Can Reduce Censorship But Can Be Utilized By Cybercriminals

Another benefit of the decentralized nature of blockchain domain names is the fact that they are very difficult, if not impossible, to take down by government and corporate entities. This could be a massive benefit for journalists and activists, who constantly face the threat of content removal or “content moderation.” This issue is particularly salient in countries with limited or non-existent freedom of the press and significant online censorship, such as Russia, China, Vietnam, Saudi Arabia, and many countries in Africa. 

However, the decentralized nature of blockchain domain names can be a double-edged sword. Since they are difficult or impossible to remove, blockchain domains are ideal for cybercriminals. This is particularly the case for cybercriminals who wish to sell illegal items to consumers– and it’s especially concerning for those criminals trafficking in stolen consumer data. 

For example, in 2017, Joker’s Stash, a popular website utilized to purchase stolen payment card details, started using blockchain DNS to make it easier for customers to buy stolen data without needing to download a “dark web” browser such as Tor. Of course, there are downsides for criminals to use decentralized blockchain marketplaces since the fact that data is immutably stored on the blockchain could make it easier to track these criminals down. 

The Current Status of Blockchain Domains 

Blockchain domains currently exist, but they are somewhat more difficult to access than ordinary domains, as they generally require a specific browser extension or browser to access. Currently, blockchain domains are created via smart contracts, which create an easy-to-read web address. Usually, they must use unique extensions, such as .eth or .coin. 

Owners of domains will register these on the blockchain and will receive a private key. By using the key, they can fully control the domain and do not need to be approved or registered with outside, centralized organizations. These domains act like (and are effectively the same as) blockchain wallets, as they allow users to send cryptocurrency payments directly to the address. 

Currently, Ethereum, Alibaba, Handshake, Aloaha blockchain DNS, Luxe, and NEM are among some of the most popular blockchain domain providers on the market. However, blockchain domains are far from being a significant portion of existing domains, as more than 99% of domains are currently registered with ICANN in the traditional fashion. 

Common Browser Extensions for Blockchain DNS/Domain Access 

Three of the most common browser extensions used to access blockchain domains are: 

  • FriGate: Designed for the Google Chrome browser, FriGate fully supports EmerDNS zones. EmerDNS, which we will mention later, is one of the largest decentralized DNS systems on the market today. 
  • Blockchain DNS: Designed for Firefox, Blockchain DNS is another versatile plugin that allows ordinary users to access blockchain domain names. 
  • PeerName: Available for Chrome, Firefox, and Opera, PeerName is an extension that also allows users to register .coin, .lib, .emc, and .bazar, and domain names via a user-friendly web interface.

Top Blockchain DNS Domain Providers 

If you want a blockchain domain, there are a wide variety of providers you can use. Some of the top blockchain domain providers currently include: 

  • EmerCoin: Emercoin provides a decentralized DNS referred to as EMCDNS EMCSSL. Unlike some blockchain DNS providers, Emercoin utilizes a hybrid proof of ownership, proof of stake (PoS), and proof of work (PoW) system to reach consensus and secure decentralized blockchain domains. They have a variety of other services, as well, including EmerSSL, which provides encrypted, highly-secure access to websites and logins without utilizing a password via decentralized SSL certificates. 
  • NameCoin: The first blockchain DNS system, NameCoin allows users to register .bit domains using a specialized browser extension. Interestingly, NameCoin was also the first fork of the bitcoin blockchain itself. 
  • Stack: Stack’s DNS service creates a decentralized domain on a Bitcoin blockchain by merging DNS with a Public Key Infrastructure (PKI), eliminating the need for third-party ID systems, servers, and databases. 
  • Ethereum Name Service: Ethereum Name Service allows users to combine the benefits of blockchain domains with old-school DNS services. This allows owners of regular domains, like .com or .net, to transfer their domains to ENS, provided they have the DNSSEC registration to prove it. Their domain name service integrates blockchain-based DNS with the traditional DNS system. Thus it allows you to combine the benefits of both. ENS conducts auctions for .eth domains, as well as allowing users to create domains with .pid, .luxe. .xzy, and .kred extensions. 
  • Handshake: Handshake utilizes its own bespoke blockchain to allow for decentralized domain registration, allowing individual network participants to act as nodes to approve changes to the blockchain. New domain orders are provided an encrypted key that can be utilized to write ordered records.
  • Unstoppable Domains: Unstoppable Domains allows the creation of an NFT domain stored in a user’s blockchain wallet. These domains are searchable without any extension on the browsers Opera and Brave and with an extension on major browsers like Chrome and Firefox. Unstoppable Domains is supported by Coinbase wallet, OpenSea, and MyEtherWallet, among many other wallets and services. 

Blockchain Can Solve Many DNS Issues But Is Still In Its Infancy 

As we mentioned at the beginning of this article, three of the major essential components of an effective DNS system are availability, integrity, and confidentiality. Blockchain DNS protocols are poised to address each of these issues. The immutable and distributed nature of blockchain ledgers prevents availability problems caused by hackers or natural disasters; it also helps ensure data integrity. 

By providing superior encryption via the issuance of a private key for each domain, these systems also help improve confidentiality for internet users and site creators, even though certain activities of site creators post-site creation may actually become more public. 

Despite the great potential for blockchain technology to disrupt and improve how domains operate, the blockchain DNS industry is still in its infancy, with 0.1% or less of all domains currently on blockchains. Blockchain domain access and creation also rely on the use of special web extensions and small domain providers, a hurdle that could turn off ordinary web users.

In the future, it’s conceivable that blockchain domain access could be fully integrated into regular web browsers without additional software. Major domain providers, such as GoDaddy and Namecheap, may also begin to offer blockchain domains, expanding their exposure and popularity with typical consumers. 

It’s also likely that it will be possible to easily register traditional domains, such as .com or .net, on blockchains, though this may involve more coordination between traditional registrars (or even ICANN) and blockchain domain providers. Further in the future, organizations like ICANN may even themselves transition to utilizing blockchain protocols, ushering in a new era of security for domains, and perhaps, the internet itself. 

The Importance of Oracles for Blockchain Domains 

By their nature, blockchains are closed systems, which means they face challenges when integrating outside, real-world information into the smart contracts that power blockchains themselves. Oracles, third-party services that provide off-chain data to blockchains, have become an essential part of the blockchain and DeFi ecosystem over the last few years. 

Like other blockchain products and services, effective blockchain DNS/domain name provider services and the websites they host will often have to access outside information. Blockchain DNS services may store domains on the blockchain, but they are still businesses that need to interact with the outside world, meaning that they require powerful oracles to operate. 

While blockchain domains and blockchain hosting are different, they are both parts of the push for decentralization in the Web 3.0 ecosystem. External data is also particularly important for websites hosted on blockchain platforms, which may need to pull information from a variety of outside sources, including financial information, news info, and weather and environmental data. As both blockchain DNS and hosting services evolve, this need for external data is only likely to increase. 

SupraOracles is Positioned to Provide Secure, Accurate Data for Blockchain DNS Providers and Other Elements of the New Web 3.0 Ecosystem

Blockchain technology is poised to change the structure of the internet forever, and nothing is more core to the internet than the domains that websites are hosted on. Some of the changes that blockchain will provide to domains will be visible to the average internet user. 

These may come in the form of the ability to use new domain extensions like .eth and send money directly to web addresses themselves. However, other changes will be less visible, including the potential replacement of ICANN and other organizations with decentralized DNS providers. 

If blockchain DNS providers and the blockchain domains they provide are to deliver on their full potential, they’ll need a fast, secure data infrastructure, and SupraOracles is in an excellent position to provide that. 

SupraOracles can provide blockchain DNS providers, blockchain hosting services, and other services in the internet domain and hosting space the secure, fast, and accurate information they need. With cross-chain interoperability, powerful decentralized consensus mechanisms,  lightning-fast finality, and ultra-secure parallel processing cryptography, SupraOracles can help providers create and secure the next generation of internet domains. 

References

  1. What is DNS?. Amazon Web Services.
  2. Taylor, Rebekah (2021, Aug.). Four major DNS attack types and how to mitigate them. Bluecat Networks. 
  3. Amado, R. (2018, Jun.) How Cybercriminals Are Using Blockchain DNS: From The Market To The .Bazar. Digital Shadows. 
  4. FriGate VPN. Google Chrome. 
  5. Blockchain DNS. Mozilla. 
  6. Decentralized Blockchain-Based Domains. PeerName. 
  7. (2021, Nov.) Top 13 BEST Blockchain DNS Software [UPDATED LIST]. Software Testing Help. 
  8. Offical website of Emercoin. Emercoin. 
  9. Namecoin. Namecoin. 
  10. ENS: Ethereum Name Service. Ethereum Name Service. 
  11. Stack. Stack. 
  12. Decentralized naming and certificate authority. Handshake. 
  13. NFT Domains: No Renewal Fees Ever. Unstoppable Domains.

Related Articles

Learn More

twitterlinkedinfacebookmail

RECENT POSTS

Получайте новости, инсайты и многое другое

Подпишитесь на новостную рассылку Supra, чтобы получать новости, обновления, аналитические материалы об индустрии и многое другое.