[FEATURE REQUEST]: Prevent renewal of unauthenticated ENS domains once DNS exists

Hi there,

I represent a large news publisher who is interested in registering our DNS on ENS.

Whilst running our legal team through the process, they were displeased to see that our domain had already been registered to a “.eth” address on ENS - quoting that ICANN and Nominet exist in .com and .co.uk instance to remove domains we own the rights of the brand for.

I’m aware that we cannot remove the license once held in the wallet, however ENS could prevent extension of the squatter contract if it mismatches from our DNS authenticated address.

Worked example:
mynewssite.com; wallet=xyz (authenticated via DNSSEC txt)
mynewssite.eth; wallet=abc (unauthenticated)

At point of expiration/renewal, only wallet xyz is able to complete the contract for mynewssite.eth; this is a notably simpler check than what exists with the DNSSEC check as I see it. Alternatively, you could use the DNSSEC process to validate .eth domain at point of renewal.

This ask exists because someone is squatting our domain for close to 1k ETH. It’s the opinion of our legal team that the average consumer may not appropriately understand the difference between the .com and .eth domains on ENS when looking to authenticate our wallet.

Please do not hesitate to reach out to me with any questions.

Cheers,
Adam

Hey Adam,

Let me try to address that. I think there is some confusion with respect to way ENS system is built.

ENS itself which runs .eth domains is a smart contract which is deployed on top of Ethereum. Core team of ENS developer has no technical means to amend this ledger. You can have a look at this thread if you want to understand more what exactly does that mean -

https://mobile.twitter.com/nicksdjohnson/status/1398060120714747904

in plain terms they burned all keys controlling that smart contract, so there is no admin panel to change anything.

Now that smart contract itself is what you would call “decentralised autonomous entity” as such anyone is free to interact with it in any way they want to. In practice what that means is that anyone can build FRONT END, to interact with ENS smart contract, that includes all sorts of functionality - registration of names, renewal of names, resolving names and so on.

Right at the end of 2021 there were c.420 integrations and this number is growing very rapidly.

So first of all what you are asking is not possible technically, simply because anyone can interact with smart contract and they will be free to renew that .eth name.

My second argument is more on the soft side, is that there is very strong community which exists now around ENS, which firmly believes in freedom of speech and censorship resistance technologies. Limiting anyone to what they can do with their .eth name would be identical to introduction of censorship to the system, which defeats the purpose of ENS in the first place and community is going to oppose any proposal of that sort.

Once you limit one party in what they can do, then you introduce further restrictions and suddenly its not censorship resistant anymore.

All of that being said, there were a lot of precedents in the past, whereby .eth name was simply released to the “rightful owner” so to say. @brantlymillegan can help with that, as a trusted person in community he could facilitate safe transfer, but thats provided of course that owner is willing to release that name you are looking for.

Why would owner release it in your particular case? Many reasons! People believe that ENS is the foundational stone for Web3, and releasing domain helps grow adoption for example, some are being altruistic. Best way to reach Brantly is on his twitter https://twitter.com/BrantlyMillegan

I hope that adds a bit more clarity to the situation.

Yeah, so amend the smart contract so only the authenticated DNS wallet is whitelisted to mint any domain derivative on ENS; as is the case with the current DNS workflow using DNSSEC txt - I don’t understand why this is not technically possible.

I.e. anyone cannot mint the .com domain unless authenticated through the DNSSEC txt entry at present - I’m asking for that functionality to be extended to all mints where some domain has been authenticated, i.e. “.eth” contracts also.

To confirm, this would prevent squatters from renewing - which would phase them out over time (in theory).

Best,
Adam

I think it would be correct to say that this discussion is revolving around two things - one is the notion of source of truth, and the other one is consideration of ENS design as protocol serving its purpose as intended.

In case of DNS, the source of truth is your ledger run by centralised DNS service provider.

In case of .eth name your source of truth is effectively your private key.

So in that sense its not the same as your DNS workflow.

As far as protocol design considerations are concerned - the whole point of having that “key burn” to which I’m referring above is to technically disallow completely introduction of any arbitrary restrictions to .eth names ledger on Ethereum. The whole philosophy of ENS is built around the idea, that once you own that name, it’s yours forever no matter what (provided you pay renewal fee of course).

In case this principle doesn’t hold, then ENS is no more, that is why developers of ENS made this conscious decision to “lock” the registar.

There was this case very recently - Instagram User @Metaverse Says Account Deactivated After Facebook Rebrand

whereby user’s name was taken by Facebook, simply because they could and she was unlucky enough to have account named “metaverse”. She was completely innocent user, running small business with that account.

Moreover by design anyone can renew .eth name, it doesn’t even have to be that very specific owner. The reasoning behind this design is much wider than simple convenience, because it accounts for more complicated situations.

For example there is SAMPLE.eth, which has considerable of amount of subdomains attached to it. This could be due to the fact, that SAMPLE is a DAO, or some company, or just a group of people united by the same goal. Imagine, that for any reason private key for SAMPLE.eth is lost, then it expires, and all those people loose those subdomains which might’ve been important to them. If SAMPLE.eth private key is lost, then anyone from SAMPLE can renew that .eth name and continue using subdomain.

For many years in development this philosophy was at the core of ENS development, and only recently it was technically implemented following principle “can’t be bad > won’t be bad”.

The reason I’m telling you all this, is because I’m trying to give as much clarification as possible regarding what ENS really is, and why such design exists in place.

Buy or register mynewssite📰.eth or mynewssite🗞.eth or another domain with emoji flair and have the company flaunt it and their 1k eth price for mynewssite.eth becomes essentially worthless, then wait them out and make lower offers until they accept one that youre happy with

You own it for the period you agree to at point of minting, right? So, I’m suggesting subsequent mints operate under a different contract not that current live contracts are edited.

The view being proposed is a rather romanticised version of what is actually occurring, which is that one address is buying a lot of addresses for legitimate businesses then listing them to sell immediately for their own profit. The address is not using the owned domains for any operations outside of selling the domains they’ve purchased according to my review on Etherscan.

It can be bad if we do start operations from our address and then the squatter sells an address similar to ours to a nefarious party and consumers are unable to effectively differentiate between our legitimate operations and the operations from an address almost identical to ours.

I believe this change is required to remove bad actors from this space and to allow greater adoption across a larger count of businesses - I foresee this being an issue for many legitimate businesses trying to enter the space.

Best,
Adam

Yeah mate, I thought taking the .com DNS may also cause the squatter to lose interest also but my legal team weren’t happy with it existing at all because it could be seen as confusing to the average consumer.

It’s very likely that a much lower offer will be accepted by this person. They’ve probably had it for a while and need liquidity and there’s really only one buyer that it would be most useful to imo, which is the company @ARL

What you are describing is technically possible and in my book sounds very much like fork of existing set of contracts with different rules tailored toward interests of specific agent. The idea was that ENS would avoid this kind of situations entirely.

Romanticised or not, but this is the very philosophy behind .eth names, and the reason they are becoming so popular.

I totally understand your concern, I think it’s fair to say that this problem by now been discussed not even for hours, but for days in a row. In my view in any situation its always cost / benefit analysis: cost here is difficulties, which businesses may have, however the benefits for global community far outweighs it.

Not a day goes by, when I don’t see in the news that businesses, regions, or parts of infrastructure are being shutdown because some corrupt DNS provider decided to pull the switch. Like so https://www.coindesk.com/tech/2021/11/26/multiple-mining-pools-are-facing-connectivity-issues/.

Please understand what ENS is trying to do here. Fixing such issues will be such a monumental progress.

But getting back to your situation, why don’t you just ask nicely? sometimes that’s all it takes. https://twitter.com/BrantlyMillegan/status/1472847183699488776 - here is Brantly passing NBA.eth to NBA rep.

If I recall correctly, there used to be a list of .eth names with anonymized contacts, if you find your name in the list, it might be possible to get it.

Brantly worked for 3 years now for ENS and is one of core team members, you can absolutely trust him with that situation. He is a very well known public person and will be happy to help you.

I really don’t want to get your hopes up, but solution, just might be much closer than you can imagine. Please do get in touch with him.

What do you mean by “our domain”? Why would you think that you have any claim whatsoever over a name? I am assuming you are relying on a trademark registration in a particular class in a particular country? Or are you simply relying on the fact that you have a domain name registered? Owning an ENS name, even one that is identical to an existing trademark or domain name is not trademark infringement. Trademark infringement requires an infringing action by the owner of the name — simply owning a name is not an infringing action.

ENS is a completely decentralized protocol. The maintainers of the protocol will never do anything to provide preferential treatment to anyone during the registration or renewal process. Even if they did, there is also the obvious problem of deciding who has the stronger claim to a name. Is it the person or company that owns the .com or should it be the .org? What happens when there are conflicting names in different countries? Should a .co.uk have a stronger claim than a .com.au? ENS is not going to turn into ICANN.

If you have a strong claim to the name, as you seem to think you do, get in contact with Opensea and request the name be removed from the website. Short of buying the name from the current owner, this is the best course of action here. Without Opensea there is very little chance that the name ends up in the hands of anyone else.

While technically possible, I don’t think you’ve thought about the consequences something like this would have. Anyone who wants a .eth name for themselves could go register the .com (or .net or .xyz or .sexy or whatever) domain, and thus for the price of $5 ensure they have the right to take the .eth domain off its current owner when it is next due to expire.

Further, with literally hundreds of DNS TLDs, there’d be no clear way to adjudicate between owners of the same name on different TLDs as to who should get the .eth.

I think that was rude and inappropriate. Here is this person / company, comes into ENS community seeking solution, and instead of talking through situation with him you make him even more angry.

Is it possible to initiate all sorts of litigations against ENS team, or against Opensea as marketplace for example, or any other parties involved in this process?
→ The answer is “absolutely yes”

Are they going to win this hypothetical process?
→ I don’t know, they might or they might not

Irrespectively of the fact whether the process is successful or not, are there any real winners in this situation?
→ I don’t think so. They will pay money to compensate solicitors, ENS will incur legal cost, it will harm ENS as protocol, because it will shake user’s confidence in the product.

And only you @Louie I presume will simply walk away with clean hands, because you have nothing at stake and watch it from sidelines eating popcorn.

@ARL I would like to kindly ask you to consider all of my arguments / explanations and actually contact Brantly, see if solution to your situation can be found in some peaceful respectful manner

I think that a simple reversal of the question illustrates the issue quite well:
Should owners of ENS names be allowed to petition ICANN to refuse .com owners to renew a name that’s identical to their ENS name, even when the .com owner registered first?

That doesn’t make a lot of sense and it would have the same repercussions as what you propose.

Nearly every name would be blocked from registration because someone leased it on a different service, on a different protocol.

That would drive away nearly every user of the service that’s negatively affected and all that would be left are blocked names for companies that doesn’t intend to use them, but just wants to prevent others from using them.

It’s worth paying attention to what @SpikeWatanabe.eth writes about contacting the owner to see if the name can be handed over, and brantly.eth has facilitated such transfers in the past. For example, the owner of nba.eth relinquished it to the NBA for free.

Sorry, I just thought I would provide some insight based on my extensive experience as a lawyer dealing with intellectual property disputes. I didn’t find your answers useful in any way, so I decided to step in. Happy to not be involved though

Not sure why any of the other points you raised are relevant because you clearly have no experience dealing with this area of law. I don’t know how to respond to nonsensical arguments.

I will be sure to enjoy my popcorn.

You have to appreciate that in the court of law ANYTHING is possible, even some outcome which is completely insane

Here is example of how Amazon.com won custody over .amazon TLD, which used to belong to some countries in Latin America.

Sounds completely crazy and insane to me, but nevertheless here it is. According to this article, the process itself took 7 years. Do we want someone like Arl to pursue 7 years litigation against ENS? I don’t think so. Can he do it? Maybe.

Let’s say there is this worse case scenario, the owner of “his” .eth name does not want to release it to him for free, he doesn’t want to sell at some reasonable price, he insists on prohibitively high price effectively blocking the domain in limbo. Like absolutely worst case scenario, the owner is just stubborn.

Is it wise in that scenario to taunt and aggravate someone Arl even further like @Louie is doing?

What is the point this exercise? We don’t know who Arl is, maybe he is just some internet troll, or maybe he is board executive. So you want to drive him completely mad and lock him on conviction to win legal battle no matter the cost? How is this smart or makes any sense?

Or what were you trying to achieve @Louie ?

I was genuinely trying to provide useful information that you did not cover in your answers.

Where did I taunt him? I mirrored his tone and asked him a simple question.

The whole point of ENS is that it is a decentralized protocol that does not have a disputes resolution process that allow names to be confiscated from owners. If I had to guess, I suspect you are right—the DAO will be the subject of IP litigation in the near future. I hate to be the one to break this to you, but pretending to be nice to someone isn’t going to magically stop it from occurring.

I have no idea. I was trying to be helpful. You are the one who decided to criticize my answer for no reason. So you tell me, what are you trying to achieve @SpikeWatanabe.eth?

Well if you ever really saw any contract, then in case of disagreements your first call is “mediation”

He seemed frustrated by the situation, so I tried to mediate, by explaining in more detail what ENS is, what are implications of ENS’ protocol design and how his situation can be fixed with lowest cost possible.

… if there is a mediation clause in a contract that specifies this, yes, this is true. Mediation takes place between two parties, so I am not sure what you think you were mediating.

I must say, this has been a novel experience. I hope they keep you around. I am sure you will do wonders for inclusion in the DAO.

This is a very interesting issue that has been long foreseen and predicted. There is no certain outcome here to begin with. My quick two cents with some tangential experience in Law:

One can bring a legal suit against ENS (True Names LTD) as well as the owner of the desired .eth domain (if mediation fails) if and only if the claimant has a proof of international trademark registered before the date of registration of the .eth domain in question. Other than that, claimant stands little to no chance and the suit will be thrown out if anyone is crazy enough to take it on. If the international trademark registration criteria is fulfilled, then ENS may be in hot water for “allowing” trademark infringement and the .eth domain address owner for IP theft. Whether the hot water boils over and burn everyone depends entirely on how influential/chad/alpha the claimant is.

We’re an 100+ year old news brand with multiple trademarks in different countries, if there was a legitimate use case for this business or a trademark dispute this would be an easier pill to swallow (as we have some businesses where we don’t own the rights in the US as a business already existed with that name). I never stated it was just trademark infringement though (you did), could be brand damage or misrepresentation in a legal sense (I am not a lawyer but our legal team didn’t like it).

They already have through the .com DNS workflow. You cannot mint the .com without being the authenticated owner through DNSSEC.

This is a good point actually, and one which may require more discussion once ENS allows for minting on other domain types. I have restricted this current thinking to “.com” domain, which we own but as an example there is a domain we own for ONLY .co.uk and not .com. The difference here being that if our business was listed alongside another legitimate operating business that would be less of a concern.

As stated mate, we’re an 100+ year old brand with multiple registries so it would be difficult for a legitimate business to claim more of a stake to our core business. There are domains where it may be more complex due to geo specific elements but most of our domains and businesses are old enough that some blockchain based address would struggle to show as much of a claim to the name. As stated, this is not a legitimate usage, it’s just squatting so I’m not sure they would bother fighting it.

Yeah mate, fair - we’re an 100+ year old news brand; I don’t think we would expect ENS to police this as they have imperfect information of who owns what. However the solution being proposed, which is IF a business does authenticate via DNS “.com” workflow, then ENS would be better to disallow other unauthenticated people from minting (or renewal of) the .eth. I struggle to see a real world or legitimate scenario where this is impacting to a normal user, i.e. common sense would dictate if I try to buy amazon.sexy or amazon.xyz that Amazon will probably take issue with that?

The solution is not perfect as it only allows for .com domains; however it reflects the current DNS workflow capabilities and as a business who owns multiple .co.uk domains we would be open to discussing how this could be recognised for legitimate businesses in the process. Could be .uk.eth for .co.uk domains as an example.

Fair mate, it’s just awkward as I’m sure the guy is quite busy and doesn’t want to have to deal with our specific case. I’ll float the idea internally though.

Thanks for all your inputs btw.