What is the base layer for the decentralized internet?

VeradiVerdict - Issue #72

A16Z, Sequoia, Greylock, Founders Fund, Pantera Capital, Polychain, and others invested into Handshake, a decentralized domain name system. Read more about why this project is so compelling to top investors and how you can get your domain now:

  • The infamous Domain Name System (DNS) is a protocol that maps domain names (e.g. “google.com”) to the servers and resources that users intend to access at that domain name (e.g. the Google Search Engine). This mapping is currently maintained by the Internet Corporation for Assigned Names and Numbers (ICANN); cites are certified (that green lock you see) by 12 “Certificate Authorities” (CAs) who essentially provide certificates to the owners of the top-level domains.

  • ICANN and CAs are immensely susceptible to problems of cybersecurity, censorship, and corruption. In the past, bad certificate allocation has led to incorrect domain lookups, compromising the security of the Internet. Being run by a finite number of companies, certificates also allow for content filtering and domain redirection in ways that are tantamount to censorship, restricting the abilities of smaller users of the Internet. CAs also often provide identities of those who own certain domain names, which creates possibilities for attacks like DDoS.

  • Handshake is a decentralized protocol that aims to revitalize the way that domains are registered on the DNS root. Handshake essentially allows users to bid for domain names via HNS tokens; once users claim a domain, their registration lasts for one year and they have a cryptographic key that privately and securely confirms that they own a given domain name.

  • HNS is provisioned via proof-of-work mining, which ensures an equitable access to domain names and also prevents against cyberattacks like Sybil attacks, which prior Certificate Authorities were hugely susceptible too.

  • The Handshake mainnet launched this past Monday with ~100,000 of the top-level domains on alexa.com registered. The project is led by some of the biggest figures in decentralization, including Joseph Poon (co-creator of the Lightning Network) and Purse CEO Andrew Lee.

  • Handshake is a critical step forward in decentralizing the Internet. Domain name ownership is the crux of Internet architecture and how users are able to identify what they are accessing when they go to a certain website; decentralizing its access not only promotes fairness and security, but also sets a precedent for the way that other resources on the Internet are managed and accessed as well.

The Centralized Internet

The Internet is one of the most useful and complex inventions of recent history; it’s enabled incredible growth of knowledge, products, and connections between people all around the world. 

The backbone of the Internet’s infrastructure is the Domain Name System, or DNS. In simplistic terms, DNS is basically the framework that helps track where content on the Internet is located; for example, it ensures that when you go to “google.com” you can access the Google search engine. Each “domain name” (in layman terms, basically a website name) maps to a server in IP space that carries out the functions of that website; “google.com” maps to addresses in IP space that host the servers that carry out the Google search engine. Domain names are currently managed by a single trust root via a non-profit called the Internet Corporation for Assigned Names and Numbers (ICANN). Private companies called Certificate Authorities (CAs) also provide “certificates” (think of the green lock you see when you access websites in the URL bar) that certify that an owner owns a certain domain.

The primary function of Certificate Authorities to ensure the security of the Internet by ensuring that domain names are correctly owned by the users that register them and that domain names correctly map to their intended resource (like a landing page, an e-commerce site, a social network, a search engine, etc.). Certificate Authorities are the reason why you can go to “google.com” and see a trusted search engine run by Google, not malware hosted by some individual user that was able to access the Google domain name.

So seems like ICANN & CAs are pretty important. What’s the problem with them?

The problem that they exist to solve is pretty important –– but, they don’t necessarily do it in the best, most secure, or fairest way. They constitute a super centralized system; there’s twelve CAs and one ICANN, meaning the mapping and ownership of the Internet is managed by a few select users.

Oftentimes, they issue bad certificates or coordinate espionage / unauthorized collection of user data on behalf of third parties. Incidents like these compromise the fundamental security of the Internet, because users don’t have perfect guarantees that they will always get what they expect when they access a certain domain name and that their interactions with a domain name are private and unmoderated. 

There’s two main internet security problems that these centralized authorities cause:

First, ICANN has huge issues with censorship and access. ICANN allows for content filtering & domain redirecting, meaning massive corporations and governments can preserve their presence at the expense of smaller-scale users and also moderate the content that other users can post on the web. In the past, ICANN literally sold .org registries for $1.1 billion –– there’s no clear rationale for why a random non-profit ought to make billions from selling .org domains.

Second, CAs are hugely susceptible to and often complicit in cyberattacks. They map domain names to specific users via certificate ownership; this lends those users to in-person attacks (i.e. users can be attacked because others don’t like their site’s content) and also lends the sites to cyberattacks like DDoS (distributed denial of-service). Certificate Authorities have in the past allowed foreign governments like Iran to coordinate man-in-the-middle attacks on popular domains like Gmail, raising huge doubts about their intentions and the fairness of the Internet.

So, what can we do about it?

That’s where Handshake comes in. Handshake is a decentralized naming protocol where every user on the network is responsible for managing and validating the root DNS naming zone (essentially maps domains to their owners). The fundamental idea behind Handshake is that domain registration ought not to be controlled by twelve private companies, but rather by the breadth of users that access the Internet every single day. In hopes of creating a decentralized web and network in the future, Handshake provides the first step in decentralizing the mapping of the Internet and web resources.

How does it work?

The protocol is fairly technically complex, but the big idea behind its workflow is simple. Essentially, Handshake offers a coin (HNS) that users can use to purchase name registration. When users wish to register a name on the DNS root, they purchase that registration with HNS coins. Users receive a cryptographic key that is public, but non-identifiable proof that a name registration belongs to that user – this ensures that everyone on the network that verify that a user owns a given resource or namespace. 

For transfer of domain names, users simply sell HNS tokens between one another that correspond to different domain names. All events involving HNS are recorded on the public blockchain, so the entire set of users has the ability to verify domain name ownership; the security of the system is maintained via proof-of-work consensus.

HNS is provisioned via proof-of-work mining. This ensures that users contribute to the security and the validity of the network, since it is the primary mechanism for them to acquire the tokens necessary to bid for domain names. Additionally, it prevents against Sybil attacks; because mining requires computational power, it prevents users from spinning up virtual instances to maximize their chances of winning auctions.

How does one secure a domain name on the platform?

Users first check that the domain name they want is open for registration on the platform. The first user to request a domain name creates an “open transaction” that initiates the auction. Then, users submit bids for the domain name; the bids are valued in terms of HNS. No user knows the value of any other users bid; the entire process is hidden. After a certain period of time, the auction closes and the users with the highest bid wins the domain –– but they pay the value of the second highest bid, just like in a classic auction. Names are registered for one year at a time. 

The command-line interface to launch bids is described here

As part of its mission to decentralize the Internet, Handshake is providing around 67% of its initial supply of 1.36 billion HNS tokens to FLOSS (free/libre open-source software) developers and non-profits and universities, who they argue are responsible for much of the development and innovation of the Internet. This was funded via 10.2 million USD from project sponsors.

 How is it getting started?

Prior to launch, Handshake held a 90-day sunrise period for current rights-holders to claim trademarked names on the Internet, ensuring a seamless transition from the current system to a decentralized one. They’ve also pre-reserved the top ~100,000 domains on alexa.com to provide in their initial launch, which was this past Monday.

Who is the team?

The project’s leadership includes Joseph Poon, the co-creator of the BTC Lightning Network, Purse CEO Andrew Lee, and Private Internet Access Founder Andrew Lee, and Purse CTO Chris Jeffrey. It’s some of the smartest folks in the space of decentralization and blockchain who have the unique insight and experience to bring the concept to a heavily centralized space.

Ultimate Thoughts

With the billions of people that access the Internet, the need for a secure, decentralized protocol to manage domain name registration is more pressing than ever. Centralized authorities have been susceptible to cyberattacks, corruption, and censorship for far too long –– restricting Internet access and sustainability to the hands of the few.

Handshake provides a unique solution to the problem of domain registration that integrates each and every user. By using a proof-of-work consensus and mining protocol, Handshake fairly distributes access to domain names via its HNS token and ensures conflict resolution and domain ownership through cryptography and its blockchain. It completely redesigns the way that the root DNS zone is provisioned –– completely removing the need for an imperfect, attackable third party like Certificate Authorities. Adoption of HNS as the root DNS zone removes the roles of CAs entirely. 

The launch of Handshake’s protocol signals an important step in the development of the decentralized web; domain names are the bread and butter of how we interact with the Internet –– decentralizing them sets an important precedent for the way that other computational resources are provisioned, validated, and owned. 


DIGESTS

Vitalik Buterin talks Ethereum 2.0, DeFi, and community at ETHDenver

Vitalik Buterin shared his views on decentralized finance, the development of Ethereum 2.0, and the Ethereum community as a whole.


NEWS

Zaki Manian of Cosmos resigns, but will continue to work on the project

Manian, however, will continue to work on Cosmos, Decrypt reported Tuesday. “The best way to get the work done was for me to leave,” he said.

Bitcoin Lender BlockFi Raises $30M in Series B Led by Peter Thiel’s Valar Ventures

Fresh on the heels of an $18.3 million Series A funding round last August, crypto lending startup BlockFi has secured a $30 million Series B.


IN THE TWEETS


REGULATIONS

Treasury to Roll Out Cryptocurrency Rules

The rules will improve transparency in hopes of stopping money laundering.

US Presidential Contender Michael Bloomberg Proposes ‘Clear Regulatory Framework’ for Crypto

Presidential candidate Michael Bloomberg proposed creating a regulatory framework for cryptocurrencies in a new financial regulation plan.


NEW PRODUCTS AND HOT DEALS

Crypto custodian Copper raises $8M Series A to expand globally 

Copper looks to expand its commercial team and launch new products for institutional clients

Crypto Finance Startup Amber Raises $28M in Series A Led By Pantera, Paradigm

Amber Group, a Hong Kong-based startup offering a range of cryptocurrency finance services, has raised $28 million in a Series A round.


MEET WITH ME

Toronto, February 26-28

Los Angeles, March 6-9

Seoul, March 17-20

Future Blockchain Summit, Dubai, April 7-10


ADDITIONAL INFO

Hi, I’m Paul Veradittakit, a Partner at Pantera Capital, one of the oldest and largest institutional investors focused on investing in blockchain companies and cryptocurrencies. The firm invests in equity, pre-sales/IEO rounds, and cryptocurrencies on the secondary markets. I focus on early-stage investments and share my thoughts on what’s going on in the industry in this weekly newsletter.

👋 Working on building new technologies? I’d love to hear about it, shoot me an email

🙏 I’d appreciate it if you forwarded this email to someone who would benefit from it

💡If you have any content you want to share on this newsletter, please send it to me and we can make it happen

Please click here to help me improve this newsletter and your experience by filling out this NEW survey!