What Is a Decentralized Domain Name System?

The domain name system (DNS) is a part of the internet’s plumbing users may not often think about unless it stops working. It’s a different story for web hosting providers and site owners; they deal with DNS directly because they depend on it to translate human-friendly web addresses into machine-friendly IP addresses.

Every website has a domain name registered with a domain name registrar. The registrars work with registry operators, which manage registries—databases of domain and registrant information— and top-level DNS servers. At the root of the tree is IANA, the Internet Assigned Numbers Authority. IANA is administered by ICANN, the Internet Corporation for Assigned Names and Numbers. It maintains the root zone files and delegates domain name management of top-level domains like .com to registry operators.

It’s a complicated hierarchy, and for the most part, it works well. There are, however, weaknesses with this system, which was invented in 1983, almost a decade before Tim Berners-Lee published the first website. When top-level DNS servers go down, so do large chunks of the web, which happens with alarming regularity. The system depends on the trustworthiness of registrars and registry operators, and it’s a weak point criminals and censorious governments can attack.

A decentralized domain name system is a possible solution, and blockchain-based DNS looks like the most promising candidate in 2021. Decentralized DNS isn’t in a position to take over from the centralized DNS we’re all familiar with just yet. But it’s worth understanding how it works and the role it could play in bringing resilience and independence to one of the most centralized and hierarchical aspects of the internet’s infrastructure.

How Do Decentralized Domain Name Systems Work?

Decentralized domain name projects aim to remove DNS’s dependence on ICANN and the registries. Blockchains, the technology Bitcoin is based on, are one way to achieve this. A blockchain is a distributed public ledger—a database duplicated across many computers. Blockchains are organized into sequential blocks of data where each block is connected to the previous and subsequent blocks.

In the case of Bitcoin, the blockchain acts as a decentralized record of transactions, but it’s easy to see how this could replace some DNS functionality. Instead of registering a domain name with a registrar, you would register it on a blockchain. Because blocks are ordered and the blockchain is distributed, no one can register a name twice, just as they can’t spend the same bitcoin twice.

Decentralized DNS systems don’t aim to replace every part of the domain name system. Instead, they act as alternate roots. Much of DNS is already decentralized. Anyone can use cPanel & WHM to set up an authoritative domain name server for their own domains. However, the registries are centralized, and one organization manages the root zone file. That’s why you have to register domain names with a registrar; they’re agents of the central authority. It’s also why you pay regular renewal fees. A centralized global naming system is expensive to run.

We’re in the early days of decentralized DNS, and there are several active projects with similar aims. Namecoin was one of the first. It was released in 2011 but hasn’t seen widespread adoption. Unstoppable Domains is another entry in the field. Handshake is an interesting new contender which bills itself as a “decentralized naming and certificate authority.”

Like the other decentralized naming systems, Handshake is a blockchain-based root zone alternative with an interesting solution to a problem that plagued earlier efforts—domain squatting. It was easy to register any domain, so squatters gobbled up tens of thousands they never intended to use. Handshake, in contrast, uses an auction to allocate domains. Like Bitcoin, the Handshake blockchain uses a proof-of-work “mining” system to add new blocks, generating a coin called HNS. HNS coins are used to bid in Vickery auctions for top-level domains. For the same reason, Handshake-registered domains do have associated renewal fees.

What’s The Point of Decentralized Domain Names

Decentralization is the primary motivation behind blockchain-based domains, but there are other potential benefits.

  • Anonymous — Just as Bitcoin transactions are anonymous, so are blockchain-registered domains.
  • Censorship resistant — A centralized DNS system is vulnerable to censorship. The operating authority could be influenced to remove registered domains from the registry. Blockchains are distributed, and no single entity controls them, making censorship much harder.
  • Secure — You might have noticed that Handbrake also calls itself a “decentralized certificate authority.” Today, we rely on centralized certificate authorities and SSL certificates to verify the identity of sites we connect to. Because they are practically tamper-proof, blockchains can perform the same function. Additionally, CAs can be hacked or subverted, something that’s much harder to achieve on a distributed blockchain.

By this point, you might be wondering if you can use a decentralized domain name instead of your website’s current domain. In 2021, not really, especially for business websites. In a problem faced by any newcomer that wants to replace an entrenched system, you’d have to convince users to adopt the new system.

Browsers don’t support blockchain DNS unless users add custom DNS servers or resolvers, and nor do email clients and other internet-based applications. As we said at the beginning of this article, users don’t think about DNS until it goes wrong, and most people don’t know what it is. They have little incentive to adopt a new and confusing system.

Nevertheless, you can use decentralized domain names alongside the standard system. You can use Namebase to register Handbrake domains and configure DNS records. Unstoppable Domains, which charges for registration but not renewal, can be used with Chrome and other modern browsers.As always, if you have any feedback or comments, please let us know. We are here to help in the best ways we can. You’ll find us on Discord, the cPanel forums, and Reddit. Be sure to also follow us on Facebook, Instagram, and Twitter.