Handshake decentralizes the root DNS zone and improves the security of the internet
Handshake is a naming protocol that’s backwards compatible with the existing DNS system. It does not replace the DNS protocol, but instead decentralizes the root zone file where TLD ownership information is stored by adding a distributed and decentralized blockchain-based system that no one controls and anyone can use. This allows for a root zone that is uncensorable, permissionless, and free of gatekeepers such as ICANN.
Every peer in the Handshake network cryptographically validates and manages the root zone, which completely removes the need for the Certificate Authority system (CAs). Names are logged on the Handshake blockchain, which is essentially one big distributed zone file to which anyone can add an entry.
True name ownership
In the existing internet infrastructure, no one actually owns their name. Namespaces are controlled by centralized organizations such as ICANN, Verisign, Facebook, Twitter, and Google, who can delete and take away your domain, name, account, and/or identity at will.
Current domain registrars have built their businesses on leasing models, charging website owners an annual fee to rent a subdomain from the registrars’ top-level domains. These fees are subject to price hikes and recently ICANN was in the spotlight for approving a deal that would have removed price caps from protected TLDs like .org. Furthermore, if a website is deemed to be harmful, even wrongly, internet service providers can block it, and domain registrars can seize its domain.
Handshake name owners have complete control over their data and can use their TLDs as they wish — from simply hosting a website to becoming a registrar that sells subdomains to others. Only name owners can update or transfer their names. As long as name owners control their private keys, because the DNS records are on the decentralized Handshake blockchain, their names cannot be seized or tampered with. And because governance on Handshake is truly decentralized, no one person or entity can make a governance decision that would impact domain owners or the network the same way the ICANN deal would have for .org domain owners.
Handshake domain names provide true ownership, which means there are no yearly rental fees. Handshake TLD owners need only submit a biennial “heartbeat transaction” (a mining fee) to prove they still have access to their name. In the event a TLD owner loses access to their name and are unable to submit the RENEW transaction, said name will revert to the “auction-able names” pile.
Unstoppable and private
Although the entire world relies on DNS infrastructure, only a few organizations at the top of the hierarchy control it. The centralized nature of internet names makes it trivial for governments and institutions to censor websites and content through DNS filtering and redirection. Turkish citizens were banned from Wikipedia for almost four years and are still blocked from the encrypted email provider ProtonMail. Iran recently censored Facebook and Twitter before shutting off their Internet entirely, and the services blocked in China are legion, including Facebook, Twitter, and Google.
The current centralized nature of internet names also results in privacy loss. Even if your domain registrar offers WHOIS protections, your ownership information is stored in centralized databases which can be subpoenaed from a domain registrar. This makes it difficult for people to create politically sensitive websites without compromising their safety. Malicious actors can spy on and tamper with your browsing activity, and DNS providers, including ISPs, can collect and sell your web browsing history. As a workaround, people resort to VPNs and centralized resolvers like Cloudflare’s 18.104.22.168 which can be shut down at any time (and still require trusting the VPNs and resolvers themselves).
Handshake ensures DNS records can be modified only by the name’s owner, which prevents Handshake domains from being censored or maliciously redirected. Handshake DNS data is distributed across all the nodes in its blockchain network instead of being housed on a single centralized server. As long as you can connect to any node in the distributed network, you’ll be able to resolve Handshake names, making Handshake names virtually impossible to censor.
Your privacy is protected when you register a Handshake domain because no personal information is required. Ownership of names is determined by public-key cryptography, so it’s easy to verify name owners by having them sign a message with their private key. Privacy is a core feature of Handshake names; there is no WHOIS lookup or any other public database where ownership or contact information can be accessed.