Web3 DNS Provider Could Lose Its Domain. The Only Person Who Can Renew It is In Jail

"When members of the ENS DAO community go to its eth.link website, all they'll see now is an empty page with a green domain expiration notice banner at the top," reports CoinDesk.

"That's because the only person with the authority to renew the domain, Virgil Griffith, is serving a 63-month prison sentence for helping North Koreans use cryptocurrencies to circumvent sanctions and has been unable to renew the domain from prison." According to a notice domain registrar GoDaddy published on its website late Friday, eth.link expired on July 26 and is set to return to a domain registry on Sept. 5, where it will be up for grabs for anyone who is able to take it.

ENS DAO is a decentralized autonomous organization (DAO) that governs the Ethereum Name Service protocol, a Web3 version of a Domain Name Service provider. ENS is the protocol behind the numerous .eth names that have popped up throughout the Ethereum community. Users have bought .eth names as a way to own their own domains. ENS names can then be tied to your wallet address, making it easier for users to send and receive crypto (instead of having to type out a long, complex Ethereum address).... The DAO relied on the eth.link site to provide access to information about all ENS names.

ENS DAO is already advising its users to switch over to eth.limo, another community operated domain.

Never put all your eggs in one basket

[SciCom Luke]

Because if the basket breaks, the eggs are lost.

Re:

[Z00L00K]

I'm staying away from cryptocurrencies totally - so I'm not impacted.

You wish

[Anonymous Coward]

Don't remember when microsoft put their multiply-redundant DNS servers serving all of microsofts domains ever everywhere all in the same subnet, then the router died?

Or the time they forgot to renew passport.com so a random nobody registered it and pointed it to their servers so their SSO thing would work again?

This is not limited to cryptocurrencies. It happens time and again that Johhny-come-latelies build "solutions" that are full of holes and single points of failure, and so on. Even big multinational milliardaire-owned Johnny-come-latelies.

Though the whole NFT zoo [moxie.org] is more than usually full of oopsies and oversights resulting in the whole ecosystem ending up having been built on quicksand.

So it's no surprise that their "DNS replacement" depends on DNS and there is only a single person with the authority to renew the domain and he's incapacitated. That it's because he's in jail is just the cherry on top.

As already noted, the proper fix for that is an attorney with the power.

Doesn't change that the whole thing is not worth much as an idea going forward. The telling thing is that despite a clear IN YOUR FACE, BITCH message with all the trappings, whistles, bells, flashing lights and warning flags, they're still doing little more than scratching their heads and sticking their dick in a different hole, er, using another DNS-domain from a different newTLD. But just the one: Another SPOF. This is called gluttony for punishment.

Bitcoin was designed to be resilient. This is the opposite of resilient. It's also the opposite of sensible.

Re:

[luvirini]

Yes, in general any infrastructure things should have a plan for when a key person is not available..

Re:

[fermion]

This is why transparency is important. Right now the push at work is to, put everything in accessible places so if we get run over or put in jail others can do our work.

Re:

[phantomfive]

Good thing web3 is decentralized so you never have all your eggs in one basket. /s

Seriously this is just one more symptom of the problem rampant in the crypto space: not thinking things through. Decentralization is a good goal, but you can't achieve it without systematically thinking through all your potential points of failure. There isn't a lot of systematic thinking being done. (See also: US elections.)

Re:

[quonset]

Decentralization is a good goal, but you can't achieve it without systematically thinking through all your potential points of failure.

It's almost as if they should have decentralized who has access to their domain registration rather than work with dictators.

Re: Never put all your eggs in one basket

[PPH]

Even evil dictators have a fallback plan [insider.com].

Re:

[sjames]

It's really two. The first as you said, the other is that the reason this single point has failed is that he's in jail for violating international sanctions against North Korea for trying to show them how to evade trade sanctions.

Sure, any business can have a few people out for a while for DUI, getting in a bar fight, or even writing bad checks, but violating international trade sanctions?!? Surely more is expected of a key person who is a single point of failure.

Re:

[ceoyoyo]

But, it's decentralized! It's right there in the name!

Re:

[ThePawArmy]

But is it webscale like mongo?

Re:

[ceoyoyo]

I assumed a "decentralized autonomous organization (DAO)" was, but you're right, it's not in the name. I guess I'll have to go to the inspirational "About" section on their cookie cutter Wordpress website to find out.

Re:

[luvirini]

Yes, that sounds very weird choice. I mean, sure you can have things like documentation or whatnot on a domain(as long as you have backups), but the actual functionality should be without.

Re:

[DrMrLordX]

It seems to be particular to the ENS DAO, not Ethereum itself.

How is it

[bferrell]

That his lawyer can't do this?

I mean, sure, the lawyer may now know the tech in and outs BUT if he's given "the keys" (whatever they may be) identifying a suitable techie should be a no brainer...

Unless this is a move to create an outcry that putting him in jail for 5+ years (arguably for boarder line treason. North Korea?! ) is "being mean to him".

Re:

[jmccue]

For my domain, all I need is the ID/password to renew it. But if the feds took his systems, he may not know his keys or his IDs to renew it. Without that, he cannot give the info to his Lawyer.

Re:How is it

[bferrell]

Godaddy does.

And we're back to the lawyer. With proper documentation, s/he/they CAN "recover" the account and renew it.

It looks like a press stunt

Re:How is it

[GrumpySteen]

Or, you know, Godaddy might have thought through the PR issues of renewing a cryptocurrency domain for someone who was put in jail for helping North Korea avoid sanctions using cryptocurrency and decided "Fuck that" because they didn't want the headache.

Re:

[mysidia]

With normal registrars, at least: they could just submit a 3rd party renewal. Simple renewal is something that don't need "authorization"; long as the domain remains in the original owner's account (you aren't gaining any control over it by renewing).

I wonder what's up with GoDaddy then.. Perhaps they don't like the idea of one-off payments for some reason.

Re: How is it

[PPH]

I wonder what's up with GoDaddy then.. Perhaps they don't like the idea of one-off payments for some reason.

Perhaps they have a policy against straw purchases. And they can't tell the difference between a one-time third party renewal and an effective (but off the books) transfer of control.

Re:

[luvirini]

Well, it is bag planning in any case, as there should be a backup plan for any key infrastructure, but in general you can also things the hard way if you have a lawyer and a judge involved. That is a lawyer draft the document and a judge orders it be done..

Re: How is it

[jddj]

Very, very bag planning. And pool sperring arse whale.

Re: How is it

[backslashdot]

I assume he might do it if he could get some kind of good behavior credit. I am not sure it is good behavior to do something only because you will be rewarded for it, but that is the bar nowadays .. not actively being a jerk for no reason, even when it costs you to be a jerk, is considered good behavior.

Stefon

[Anonymous Coward]

"This story has everything, needless protocols that have a single point of failure, conspiracy convictions involving North Korea, crypto being so silly that it ends up needing the same centralized systems every other thing does and everyone defining insanity by seeing this happen and saying "it definitely won't happen with this next one", Dan Cortez..."

Re:

[luvirini]

Yes, a very good guide in "how NOT to do things"

Re:

[93 Escort Wagon]

It pretty much demonstrates, in a nutshell, the level of thinking behind this whole "web3" scam...

Re:

[phantomfive]

"This story has everything, needless protocols that have a single point of failure

The best part is that the entire point of the protocol is to not have a single point of failure.

Apart from all the VC types and crypto hypers...

[greytree]

No-one gives a shit about their "Web3" nonsense.

Re:

[comodoro]

Well, that's untrue. I do and I'm neither.

Maybe it deserves to die?

[OzPeter]

I have no clue about the company/domain in question, but you don't end up with a 63 month term in prison without a fair bit of warning. So there would have been ample time to increase the bus factor from 1 to something much higher.

Re:

[crunchygranola]

What will really happen is that a different scammer will take over the domain and run his/her own flavor of cryptoscam using the same domain.

web3=web2+1=web2+web1

[Big Hairy Gorilla]

web1=personal homepages with animated gifs web2= surveillance. Complete goldmine. Make money from...nothing? Turns out anger is monetizable at ~5x more than pictures of fluffy kittens, or even full grown pussies, surpisingly.

Re:

[phantomfive]

Turns out anger is monetizable at ~5x more than pictures of fluffy kittens

I can't wait until we're over that.

Why can't anyone just pay to have it renewed?

[WaffleMonster]

I've done this in the past renewing a domain I didn't own by simply paying for it.

Re:

[crunchygranola]

Microsoft once let once of its major domains expire and a guy who needed to access it simply paid for its renewal. [whoapi.com]

Can I register my custom domain?

[jddj]

ScammyMcScamFace.eth ?

Haha you said Web3

[Fly Swatter]

Web3: An undefined solution that doesn't exist looking for a problem that also doesn't exist.

Why do financial services need regulation?

[gweihir]

Well, one thing is that a regulator will jump on any moron that has a single-person-dependency for anything important. Do away with regulation, get all the abysmally stupid mistakes.

Web3

[jd]

The only way to implement Web3 is with Nielson's Xanadu design. And Web3 isn't based on that concept.

Web3 is going great!

[leptons]

https://web3isgoinggreat.com/ [web3isgoinggreat.com]