Wednesday, May 14, 2025

Owning the Internet: How Handshake Is Building a Censorship-Resistant Web

Allen Boothroyd May 14, 2025

 

The Invisible Chokepoint of the Internet

Every time you access a website, you're relying on a system so fundamental to the internet that it's practically invisible: the Domain Name System (DNS). This critical infrastructure translates the human-readable domains we type into our browsers (like "medium.com") into the machine-readable IP addresses (like 104.16.51.111) that computers need to locate websites.

What most internet users don't realize is that this system has a single point of control—and therefore, a single point of failure.

The Internet Corporation for Assigned Names and Numbers (ICANN), a Los Angeles-based nonprofit, controls the DNS root zone—effectively the master address book of the internet. This centralized control creates a vulnerability that governments and powerful entities can exploit to censor content, surveil users, or restrict access to information. It's a chokepoint that undermines the internet's promise as an open, global commons.

Enter Handshake: a blockchain-based protocol that aims to decentralize domain name ownership by replacing ICANN's root zone with a permissionless, censorship-resistant alternative. While its approach may seem radical, it addresses a fundamental imbalance in how the internet currently operates—and offers a glimpse of what a truly decentralized web might look like.

The Centralized Internet's Achilles Heel

To understand why Handshake matters, we need to examine the current DNS hierarchy and its vulnerabilities.

How DNS Currently Works

The DNS operates as a hierarchical system with multiple layers:

  1. Root Zone: Controlled by ICANN, this is the highest level of the DNS hierarchy
  2. Top-Level Domains (TLDs): Extensions like .com, .org, and country codes like .uk
  3. Second-Level Domains: The main part of web addresses (e.g., "medium" in medium.com)
  4. Subdomains: Additional prefixes like "blog" in blog.medium.com

ICANN leases TLDs to registry operators, who in turn work with registrars (companies like GoDaddy or Namecheap) to sell domain registrations to end users. This system creates a chain of control where multiple entities can interfere with domain ownership or access.

The Problems with Centralization

This centralized structure leads to several significant issues:

1. Censorship Vulnerability

Governments can pressure ICANN, registries, or registrars to block, seize, or de-list domains they find objectionable. Examples abound:

  • In 2019, Russia enacted its "sovereign internet" law, allowing the government to isolate the Russian internet from the global network
  • Turkey has repeatedly blocked access to Wikipedia, Twitter, and other platforms
  • China's Great Firewall blocks countless domains deemed politically sensitive
  • Even in the US, the government has seized domains related to file-sharing and other activities

2. Prohibitive Costs and Barriers

ICANN's process for creating new TLDs is expensive and restrictive. During its last application round in 2012, applicants had to pay a $185,000 evaluation fee, plus operational costs. This effectively excludes individuals and small organizations from owning TLDs, reserving them for large corporations and wealthy entities.

3. Privacy and Surveillance Concerns

Domain registration requires personal information through the WHOIS system, creating privacy risks. While there are privacy protection services, they're inconsistent and often cost extra. This exposes domain owners to potential harassment, doxxing, or surveillance.

4. Security Vulnerabilities

The centralized system of Certificate Authorities (CAs) that authenticate websites creates security risks. If a CA is compromised, attackers can issue fraudulent certificates, enabling man-in-the-middle attacks against otherwise secure websites.

Handshake's Alternative: A Decentralized Root Zone

Handshake tackles these problems by fundamentally reimagining how domain names should work. Instead of replacing the entire DNS system, Handshake specifically targets the root zone—the most centralized and vulnerable part of the internet's naming infrastructure.

How Handshake Works

At its core, Handshake is a blockchain-based, decentralized naming protocol with several key components:

1. Blockchain-Based Root Zone

Handshake creates a public, permissionless blockchain that stores top-level domain (TLD) ownership. Instead of ICANN controlling which TLDs can exist, anyone can register and own a TLD through Handshake. The blockchain serves as an immutable record of who owns what, removing the need for a central authority.

2. Proof-of-Work Consensus

Handshake uses a Bitcoin-like proof-of-work consensus mechanism. Miners validate transactions and secure the network by solving computational puzzles, receiving HNS tokens (Handshake's native cryptocurrency) as rewards. Each block produces 2,000 HNS, with block times averaging 10 minutes.

3. Vickrey Auctions

To fairly distribute domain names and prevent mass squatting, Handshake uses Vickrey auctions (second-price sealed-bid auctions) for TLD registration. In this system, the highest bidder wins but pays the second-highest bid price, encouraging participants to bid their true valuation.

4. Cryptographic Ownership

Domain owners receive a cryptographic key pair, allowing them to sign DNS records without relying on certificate authorities. This replaces the centralized security model with one based on public-key cryptography, similar to how cryptocurrencies manage ownership.

5. Lightweight Resolvers

To resolve Handshake domains, users can run lightweight recursive DNS resolvers that require minimal resources (about 10MB of memory). These resolvers verify the blockchain and translate Handshake domain names to IP addresses without trusting third parties.

What Makes Handshake Different

Unlike other blockchain domain projects, Handshake focuses specifically on top-level domains rather than second-level domains. For comparison:

  • Ethereum Name Service (ENS) operates solely under the .eth TLD, allowing users to register names like "alice.eth"
  • Unstoppable Domains offers several TLDs like .crypto and .nft, but operates as a commercial entity
  • Handshake lets users own actual TLDs like .satoshi or .freedom, giving them complete control over all subdomains

This approach is more ambitious, as it directly challenges ICANN's role rather than creating a parallel system within the existing framework.

Censorship Resistance in Practice

The theoretical benefits of decentralization are compelling, but how does Handshake's censorship resistance work in practice?

Immutable Ownership

Once you register a Handshake TLD, it's yours permanently—not leased. As long as you control the private keys, no entity can seize or delete your domain. This contrasts sharply with traditional domains, where registrars or authorities can suspend or transfer domains under various pretexts.

For journalists, activists, or organizations facing political pressure, this provides unprecedented protection. A news site registered on a Handshake TLD can't be taken down through domain seizure, even if a government demands it.

Practical Examples

Several notable examples demonstrate Handshake's potential for censorship resistance:

  1. Sci-Hub: The controversial scientific paper repository, frequently targeted by domain seizures, has established a presence on Handshake (sci-hub.hns), providing a more resilient access point.

  2. Decentralized Media: Independent media outlets in regions with press restrictions can use Handshake domains to maintain their online presence even when their traditional domains are blocked.

  3. Permanent Archives: Content that might be removed from the traditional web due to legal threats or political pressure can be preserved on Handshake domains, ensuring historical records remain accessible.

Pseudonymous Registration

Unlike traditional domain registration, which typically requires personal information, Handshake allows pseudonymous ownership. This protects domain owners from harassment, legal threats, or persecution based on their online content.

The Web3 Connection: Enhancing Digital Sovereignty

Handshake aligns with the broader Web3 movement, which aims to create a more decentralized, user-sovereign internet. By giving individuals direct ownership of digital assets—in this case, domain names—Handshake contributes to the Web3 vision in several ways:

Democratizing Domain Ownership

Traditional TLDs are effectively reserved for corporations and wealthy organizations due to ICANN's prohibitive application fees. Handshake dramatically lowers this barrier, with some TLDs available for as little as $100 in HNS tokens.

This democratization enables:

  • Individuals to own personal TLDs (like .smith or .creator)
  • Communities to establish shared namespaces (like .bitcoin or .activist)
  • Small businesses to create branded online environments without enormous costs

Simplified Web3 Identities

Blockchain addresses like 0x742d35Cc6634C0532925a3b844Bc454e4438f44e are notoriously user-unfriendly. Handshake domains can serve as human-readable aliases for these addresses, similar to how ENS uses .eth domains.

Unlike ENS, however, Handshake allows for custom TLDs, enabling more personalized and meaningful Web3 identities. A creator could use their name as a TLD (like .alice) rather than being limited to a shared namespace.

Integrated Web3 Infrastructure

Handshake domains naturally integrate with other Web3 technologies:

  • IPFS and Filecoin: For decentralized content storage
  • Ethereum and other blockchains: For smart contract functionality
  • Decentralized hosting solutions: To create fully censorship-resistant websites

This integration creates the foundation for truly decentralized applications and services that can't be easily shut down or censored.

Challenges and Limitations

Despite its promise, Handshake faces significant hurdles to mainstream adoption:

Technical Barriers

The most immediate challenge is browser compatibility. Most mainstream browsers like Chrome, Firefox, and Safari don't natively resolve Handshake domains. Users must either:

  1. Configure their DNS settings to use a Handshake-compatible resolver
  2. Install browser extensions or specialized browsers like HandyBrowser
  3. Use public resolvers that support Handshake (like NextDNS)

This friction significantly impedes adoption, as most internet users won't change their DNS settings or install new software without compelling reasons.

Namespace Conflicts

Handshake's parallel naming system creates potential conflicts with ICANN's traditional DNS:

  1. Collisions with existing TLDs: Handshake reserves the top 100,000 domains and existing ICANN TLDs to prevent conflicts, but future ICANN TLDs could still clash with Handshake names.

  2. Cross-system confusion: As multiple decentralized naming systems emerge (Handshake, ENS, Unstoppable Domains), users may encounter inconsistent resolutions depending on their setup.

  3. Trademark disputes: With no central authority to enforce trademark rights, Handshake could enable a new wave of cybersquatting, creating legal challenges for brand owners.

Governance Challenges

Decentralized systems face unique governance challenges:

  1. Addressing abuse: Traditional DNS has processes for dealing with malicious domains (like phishing sites). Handshake's decentralized nature makes similar protections more difficult to implement.

  2. Protocol upgrades: Changes to the Handshake protocol require community consensus, which can be slow and contentious compared to centralized decision-making.

  3. Incentive alignment: Ensuring that miners, developers, and users have aligned incentives is crucial for long-term sustainability but difficult to maintain.

The Path to Adoption

Despite these challenges, several developments suggest a potential path forward for Handshake:

Namecheap Integration

In 2022, Namecheap—one of the world's largest domain registrars—acquired Namebase, a popular Handshake marketplace and registrar. This acquisition brings Handshake closer to mainstream users by potentially integrating it with Namecheap's user-friendly interface and large customer base.

Browser Extensions and Tools

The development of user-friendly tools like:

  • Bob Wallet: A dedicated wallet for managing Handshake domains
  • HandyBrowser: A specialized browser that resolves Handshake domains natively
  • Fingertip: A browser extension that enables Handshake resolution in Chrome

These tools reduce the technical barriers to using Handshake, making it more accessible to non-technical users.

Public Resolver Adoption

Services like NextDNS now offer Handshake resolution as an option, allowing users to access Handshake domains without changing their entire DNS setup. As more public resolvers add support, the friction of accessing Handshake domains decreases.

Web3 Developer Interest

As Web3 development accelerates, interest in truly decentralized infrastructure grows. Developers building decentralized applications increasingly recognize the value of censorship-resistant domains, creating a natural audience for Handshake.

Strategies for Future Growth

For Handshake to realize its potential, several strategic priorities emerge:

1. Improving User Experience

The technical complexity of using Handshake must be reduced through:

  • Browser partnerships: Working with major browsers to add native Handshake resolution
  • Simplified onboarding: Creating one-click solutions for accessing the Handshake ecosystem
  • User-friendly interfaces: Developing intuitive tools for managing Handshake domains

2. Building Practical Use Cases

Beyond censorship resistance, Handshake needs compelling everyday use cases:

  • Web3 identity hubs: Positioning Handshake domains as central identifiers in the Web3 ecosystem
  • Developer resources: Creating documentation and tools that make building on Handshake straightforward
  • Business applications: Demonstrating concrete benefits for businesses using Handshake domains

3. Addressing Governance Challenges

Developing community governance mechanisms that:

  • Mitigate abuse: Create community-driven processes to address malicious use
  • Resolve disputes: Establish fair procedures for handling name disputes
  • Guide protocol evolution: Enable transparent decision-making for upgrades

4. Fostering Education and Awareness

Expanding knowledge about Handshake through:

  • Educational content: Creating accessible materials explaining Handshake's benefits
  • Developer outreach: Engaging the Web3 developer community
  • Use case demonstrations: Showcasing real-world applications of censorship-resistant domains

Conclusion: The Future of Internet Naming

Handshake represents more than just another blockchain project—it challenges the fundamental power structure of the internet. By decentralizing the DNS root zone, Handshake directly addresses one of the internet's most significant centralization points.

Will Handshake replace ICANN and the traditional DNS? Probably not entirely. The established system's network effects, institutional backing, and user familiarity create significant inertia. However, Handshake doesn't need to completely replace the existing system to succeed.

Instead, Handshake is creating an alternative path—one that provides censorship resistance, user sovereignty, and open access where these qualities matter most. For journalists facing censorship, activists opposing authoritarian regimes, or developers building truly decentralized applications, Handshake offers a critical tool for preserving internet freedom.

As Web3 continues to evolve, the value of decentralized infrastructure becomes increasingly apparent. Handshake's approach to domain name ownership aligns perfectly with the broader movement toward digital sovereignty and user control. By giving individuals direct ownership of their online identities, Handshake contributes to a more open, accessible, and resilient internet.

The road ahead contains technical challenges, governance questions, and adoption hurdles. Yet the fundamental vision—an internet where naming is permissionless, censorship-resistant, and user-controlled—remains as powerful as ever. In a world where digital freedom faces growing threats, Handshake offers a glimpse of what a truly decentralized web might look like: an internet owned by everyone rather than controlled by a few.

About the Author

Allen Boothroyd / Financial & Blockchain Market Analyst

Unraveling market dynamics, decoding blockchain trends, and delivering data-driven insights for the future of finance.

Subscribe to: Post Comments (Atom)