Introduction

In today’s digital landscape, a robust, secure, and user-friendly Domain Name System (DNS) is not merely a convenience—it’s a necessity. DNS has often been described as the “phonebook of the internet”. In a phonebook, you look up someone’s name to find their telephone number; DNS works in a similar way but for websites and internet services.

When you type a human-readable web address (like www.google.com) into your browser, DNS translates that into an IP address that computers can understand. This IP address is required to locate the server where the website’s content is stored. Without DNS, you’d have to remember complex IP addresses like 172.217.22.14 instead of simply typing “google.com.”

It has long been a centralized system, subject to censorship, security vulnerabilities, and monopolistic control. However, the landscape of DNS solutions is undergoing a dramatic shift with the advent of decentralized DNS platforms that leverage blockchain technology. This article aims to delve deep into the nuances of five major players in this burgeoning space: 3DNS, Ethereum Name Service (ENS), Unstoppable Domains, Handshake, and Decentralized Domain 3 (D3). By comparing their unique features, security measures, and potentials, we’ll shed light on the future of DNS management.

Decentralized DNS: The New Paradigm

In today’s digital landscape marked by growing concerns over internet surveillance, censorship, and cyber-attacks, the move towards decentralized DNS is not just a technological evolution but a significant leap forward for internet freedom and security. Unlike traditional DNS systems, which are centralized and therefore vulnerable to a range of cyber threats such as DDoS attacks and DNS spoofing, decentralized DNS platforms leverage the power of blockchain technology. This decentralized architecture distributes domain information across multiple nodes, enhancing security and ensuring better uptime and accessibility.

The advantages of this approach are manifold. First and foremost, decentralized DNS systems are inherently resistant to censorship. Secondly, the use of blockchain’s immutable record-keeping enhances DNS security substantially, mitigating risks associated with common DNS attacks like DNS hijacking. Furthermore, these systems introduce the concept of domain liquidity. Domains are tokenized into Non-Fungible Tokens (NFTs) that can be traded, sold, or purchased, just like any other digital asset, enabling a fluid and robust marketplace for domain names.

These platforms also offer a range of functionalities thanks to the transparent and programmable nature of blockchain protocols. This includes but is not limited to, interoperability with other decentralized applications and assets. As a result, users gain more control and ownership over their domains, further bolstering trust in the system.

3DNS: The First Onchain Web Domain Registrar

3DNS proudly stands as the first onchain web domain registrar, supporting the purchase or import of TLDs like .com, .xyz, .io, and .box. 3DNS is the only decentralized domain provider to function with ICANN, The Internet Corporation for Assigned Names and Numbers - a nonprofit organization responsible for coordinating the maintenance and procedures of root TLD’s on the web. ICANN is like the rule-maker for how we find websites on the internet. You know how your home has an address so people can find it? Websites have addresses too, and ICANN helps make sure each one is unique and works correctly, so when you type the domain in your browser, you go to the right place.

Once the domain is brought into 3DNS’s offchain ICANN registrar, the user will receive an NFT from the onchain registrar, which becomes the default ownership/management record for the domain. The offchain registrar can only be updated via an update to the onchain registrar and the onchain registrar can only be updated by the wallet possessing the specific domain NFT.

How 3DNS Works:

1. Account Setup: Connect your crypto wallet to create your 3DNS account.
2. Register or Transfer a Domain: You have the option to transfer an existing domain from another registrar or register a new one with 3DNS.
3. Manage Your Domain: All name records are stored onchain, requiring access to the wallet where the NFT domain for any updates.
4. Sell Your Domain: Domains can be instantly transferred, without unnecessary broker fees or escrow.

Unique Features:

1. Reduced DNS Hijacking Risk: Unlike centralized registrars that can be compromised via customer support, 3DNS is smart contract based, meaning a hacker needs access to your private key to steal your domain.
2. Instant Domain Liquidity: Because each domain is minted as an NFT, it enables instant transfers and creates robust financial markets for domains.
3. Decentralized Domain Access: While following ICANN rules, 3DNS domains are resolved via browser extensions.
4. Domains as DID Profiles: 3DNS domains can be linked with the ENS core registry contracts and used as DID profiles.

By integrating these features, 3DNS not only offers a higher level of DNS security but also domain liquidity not found on centralized providers.

Ethereum Name Service (ENS)

The Ethereum Name Service (ENS) is a decentralized naming system built on the Ethereum blockchain. At its core, ENS maps human-readable names to machine-readable identifiers, like Ethereum addresses, other blockchain addresses, content hashes, and more.

The architecture is designed around a set of smart contracts deployed on the Ethereum blockchain. The central contract is the ENS Registry, which maintains a list of all domain names and their corresponding Resolvers and Owners. Domain ownership is an Ethereum address, which means that domain control is as secure as the cryptographic primitives of the Ethereum network itself.

Resolvers are smart contracts that implement a standard interface, allowing them to translate names into addresses. They are set on a per-name basis and can be customized to support a wide array of functionalities, like reverse lookups and multicoin support. They also allow for text records, enabling additional metadata to be associated with a domain name, like email or URL.

The name registration process is often facilitated by the .eth Registrar, another smart contract that governs how names under the “.eth” TLD can be claimed. This often involves an auction or a rent model, although this can vary and is subject to change.

ENS also integrates with the DNS namespace, allowing for existing DNS domain owners to claim their corresponding .eth names, thereby making ENS more extensible and capable of serving as a bridge between the traditional DNS system and the blockchain-based naming systems. However, because ENS isn’t compatible with ICANN, if you bridge your .com domain and wrap it in an NFT and sell it, it doesn’t reflect on ICANN and the new owner doesn’t actually own the new domain and .eth holders cant resolve their websites in browsers. It’s only by updating the .eth domain’s content hash on the ENS registry can the .eth domain be resolved in the browser. This is enabled through cloudflare’s .link and eth.limo’s .limo extensions, and works currently with static websites hosted on IPFS (i.e. https://app.ens.eth.limo/).  See a tutorial for how to setup your ENS name with our friends at Fleek. Domains purchased on ENS are functionally leased, you can only set the time period that you lease your domain for.

The ENS architecture is designed to be upgradable and extensible, so it can adapt to new requirements and technologies over time. It’s an essential piece of Ethereum’s Web3 stack, increasing usability while preserving the decentralized, censorship-resistant properties of blockchain networks.

Key Features:

Resolver Contracts: ENS uses resolver contracts to manage domains.

NFT Domain Ownership: Like 3DNS, ENS also mints domains as NFTs.

Unstoppable Domains:

Unstoppable Domains operates similarly to ENS. The biggest difference is buying domains through Unstoppable Domains is a one time payment, not a recurring payment like on ENS. Though, the platform is limited in its TLDs and does not match the DNS security levels provided by 3DNS. Similar to ENS, unstoppable domains also acts way to replace complex Ethereum addresses with human-readable names. You can also use unstoppable domains to resolve your website hosted on IPFS, see their tutorial here.

Key Features:

Payment Gateways: Unstoppable Domains simplifies nft domain purchases

One time payment: One payment and the domain is yours forever.

ENS and Unstoppable Domains ELI5

Imagine you have a magic book of addresses where you can write down the names of all your friends’ houses. Instead of complicated directions like “Turn left at the big tree, then go three blocks,” you can simply write “Billy’s House.” Now, whenever you want to visit Billy, you just say, “Magic book, take me to Billy’s House!” and poof, you’re there!

ENS & Unstoppable Domains are like that magic book, but for the crypto. It lets you have a special name for a wallet where you keep your digital money. So instead of typing a long, confusing address like “0x1234567891011234,” you can just type something easy like “BillysWebsite.eth” or “BillysWallet.crypto.” It’s a lot easier to remember, right?

The best part is, once you pick a name and write it in your magic book (which is really just a computer program), nobody else can use that name. On Unstoppable Domains, it is yours forever! On ENS, it’s ‘leased’ for the time period you choose. And because it’s like a magic book, no one can take it away from you or tell you how to use it. You can even sell your special name to someone else at any point, if you want.

So, ENS and Unstoppable Domains help make crypto easier and safer for everyone to use.

Handshake: The Auction-Based TLD DNS Blockchain

Handshake is a decentralized, permissionless naming protocol where every peer in the network validates and manages the root Domain Name System (DNS). Unlike traditional DNS, which relies on a hierarchical, centralized system of domain registrars and root servers, Handshake places control directly into the hands of the users through its blockchain-based architecture.

In Handshake, domain name registration occurs via a Vickrey auction, a sealed-bid auction where bidders submit hidden bids. Winning the auction secures you the top-level domain (TLD), but the amount you pay is the second-highest bid. This mechanism aims to find the true market value of a domain name.

The Handshake protocol uses a modified version of the Bitcoin consensus algorithm, proof-of-work, to validate transactions and add new blocks to the blockchain. Each block contains domain name registrations, renewals, and transfers. The blockchain serves as the root zone file, containing the authoritative record for each domain.

One of the most deeply technical components is the Merkle Tree integration for data verification. This data structure allows any participant in the network to verify the authenticity of the domain records without needing the entire blockchain. This is crucial for scalability and performance, as DNS queries need to be fast.

Handshake also aims to replace the traditional system of Certificate Authorities (CAs) with a decentralized system of trust. By using cryptographic proofs, it ensures that a given domain name belongs to its rightful owner, thus eliminating the need for third-party verification. This has significant implications for web security, reducing the risks associated with centralized CAs like certificate mis-issuance and authority compromise.

Handshake is meant to replace the root zone file, not DNS. Browsing the web with human readable names is what Internet users have gotten acclimated to. Handshake allows for a seamless transition between a centralized name root zone file controlled by private parties to a decentralized root zone file controlled by actual Internet users. Handshake domains are registered for two years at a time. When looking to sell your domain, it takes 288 blocks, or about 2 days, before the name owner can send a FINALIZE transaction when selling a domain.

In summary, Handshake attempts to revolutionize the foundational DNS infrastructure by decentralizing control, enhancing security through cryptography, and offering a more transparent and fair domain name registration system for root domains.

Key Features:

Distributed Certificates: Eliminates centralized certificate authorities

Auction System: For new TLDs created in the root DNS, they first have to apply for the top-level domain, win an auction for it, and await approval.

Decentralized Domain 3 (D3)

D3 incorporates a unique domain system for Web3, enabling seamless domain usage across various browsers, email services, and wallets without requiring additional tools like SDKs or APIs. Their patent-pending technology facilitates domain trades, ensuring compatibility with both Web2 and Web3 environments. D3 aims to acquire new Top Level Domains (TLDs) through ICANN, enhancing user identities’ utility and security on the internet. They provide a unified digital access platform, allowing for various applications like blockchain and fiat wallet IDs, decentralized email, and more, all while preserving user privacy and safety through native browser and email support.