"dot eth" pseudo-domains about to go offline because domain owner is in prison

Web3 is going just great:

If you've seen people with usernames ending in .eth, that's an ENS address. The problem is that .eth is not a functional top-level domain, and so many services relied on eth.link to surface these DNS records to other services. [...]

The domain's owner, Virgil Griffith, is "unavailable". By this, they mean that he is currently serving his first of five years in prison for helping North Korea evade sanctions. With Griffith "unavailable", the project has found itself at the mercy of GoDaddy. Welcome to the decentralized web3 we've all been promised! [...]

"If the name expires and is acquired by someone with ill intent, the damage they could do via phishing is substantial," they wrote.

Previously, previously, previously, previously, previously, previously, previously.

Tags: , , , , ,

17 Responses:

  1. dorukayhan says:

    If the name expires and is acquired by someone with ill intent...

    I can think of six different inline templates from English Wikipedia that apply to the word "ill".

  2. CSL3 says:

    Compared to what's happening in El Salvador (how it started, how it's going), the above is actually a nice piece of Schadenfreude.

  3. Nik says:

    Turtles all the way up - that website is itself down at the moment.

  4. Alan Ralph says:

    That last paragraph, I suspect, is more a case of 'when' rather than 'if'.

  5. Doctor Memory says:

    Everyone observes (correctly) that watching the bitcoin bros speed-run the last 200 years of financial disasters and consequent regulation frameworks is hilarious -- and it fucking is -- but let's not sleep on the joy of watching these idiots attempt to reinvent core internet services from first principles.  "How hard could it be to create a globally distributed, largely-consistent, low-latency database and use it as a name service?"  Actually pretty fucking hard, mate and that rustling sound you can hear in the distance is Paul Mockapetris, Paul Vixie and Dan Bernstein all laughing at you.

    • グレェ「grey」 says:

      So, I'll be the first to admit that I'm not an average user, nor even an average superuser. Of those names you dropped, I know djb personally and have worked with Vixie's nephew. I know at least one admin of one of the root name servers personally too. I had the stressful "privilege" of helping test a patch for CVE-2013-4854 while it was still under embargo and most of my coworkers were looking over my shoulder nervously as I used patch with yet another diff successfully. Heck, years ago I laughed along at some twit taking umbrage at Vixie's take on DOH, when the twit didn't even realize who Vixie was.

      Maybe, I've administered too many DNS servers? It doesn't seem intrinsically hard these days, but that may be my experience showing as bias? The source for BIND, unbound, djbdns and more are all extant. O'Reilly's nearly textbook reference DNS & BIND has gone through multiple editions and reprintings and there are many other useful resources for n00bs.

      I've also administered corporate DNS systems which had proprietary internal TLDs, and I know such a practice is widespread at some other organizations too (alphabet/Google even seem to display such things prominently on things posted on walls back when I was at least invited to have meals in their cafeterias on occasion).

      I guess, what I don't understand are cryptocurrencies. Not for lack of trying, and failing. But really, why would they be needed or useful for DNS? Back before ICANN, DNS was free. You wanna do something weird with DNS? It still can be free, really.

      Surak (the handle of one of my colleagues in the 1980s and 1990s who yes, derived that moniker from the, at the time, mostly apocryphal Star Trek Vulcan originator of logic) believed, I think correctly, that charging money for string declarations in a distributed database was a bad idea but mostly was ignored. I seem to recall, way back in the 1990s some alternatives to the commercial ICANN root name servers being run in defiance, but I couldn't tell you what became of them even though I do seem to remember using some, much like some might use something akin to AdGuard or OpenDNS these days to try to cut down on spam. If I wanted to create an alternative to today's paradigms, that's probably still the sanest approach.

      If I am interpreting this correctly, the .eth d00d instead went full Ferengi and embraced cryptocurrency or gold-pressed latinum or whatever to make their "alternative" function? Has anyone created a Weird Al "we don't need no web 3.0" to the tune of Pink Floyd's "Another Brick in the Wall" yet?

      If only d00d had embraced 23rd century post capitalistic SciFi idealism, like a lot of the original co-creators of these technologies did from the get go. The dot bomb era ruined a lot that was good by chasing after short term profits for a few rather than acknowledge the net benefits for the collective users. IMHO to reinvigorate the sort of Engelbart era idealism you need to go backwards to the 1960s at least when it comes to growing an ethical backbone. Not waste clock cycles on hash functions which reinforce people's false senses of financial security.

      This almost probably reads as if I am defending GoDaddy, which I most certainly don't want to do as I think they're one of the worst registrars. Nonetheless, .eth just seems terrible too, maybe this is one of those rare fire fought with fire cases that didn't lead to much unintended collateral damage of consequence?

      • elm says:

        If you have noticed that cryptocurrency doesn't solve any worthwhile problems, then you understand the topic better than the fans.

        Also, while it is possible to implement an alternative DNS system by building on the ground work done by real DNS, there's no reason to believe the people involved in this did that.

        It's far more likely that they attempted to re-implement it from scratch and didn't pay any attention to the lessons already learned.

        A guy who is in prison for trying to sell sanctions-dodging tech to North Korea may not have the sort of foresight and diligence you'd want for an alternative DNS.

  6. aestetix says:

    The strange thing here is that the domain name isn't actually expired, contrary to what the Godaddy press statement says.

    I could be naive, but I've never seen a domain name in the "expired" phase that still has a year left on it. I wonder how Godaddy will "free" the domain.

    ❯ whois eth.link | grep -i Exp
    Registry Expiry Date: 2023-07-26T19:31:41.508Z
    Name Server: ns2.expired.uniregistry-dns.com
    Name Server: ns1.expired.uniregistry-dns.com

    • jwz says:

      Maybe GoDaddy is doing some shenanigans like adding a year onto the registration so that it reverts to them if you don't pay, rather than being freed right away?

      • Nick Lamb says:

        The registrars get a nice deal which allows them to both give their customers a "grace period" and then (of course, capitalism) see if they can find a buyer, before they have to pay the registry for the name again. In principle, your registrar could pass this on to you directly, ie you buy 12 months registration and maybe you get 400 days or something normal service before it vanishes but of course nobody charging anything close to the "going price" would do that.

        So yeah, the expiry date in whois is not reality, but also you won't get this for $9.99 or whatever the price of such names was from your random registrar of choice by sniping it. If it really doesn't get renewed in the grace period, GoDaddy start an auction, timed to end just before they have to pay the registry, if the auction ends with no bidders, the domain expires and GoDaddy pay nothing, if the auction has a winner, that winner pays the auction price, GoDaddy pays the registry and the winner gets a domain transfer.

        If you (or more likely one or more readers) care, GoDaddy's domain auctions are public, it's like watching eBay. Why are idiots bidding hundreds of dollars for this broken 1986 Walkman? And why are idiots bidding hundreds of dollars for broke-nwalk-0man.example ? As you'd expect the asking prices for stupid coiner names are sky high, but actual sales are fewer and further between. I expect eth.link would sell at auction, but probably not for the millions of dollars ENS fans probably imagine.

        • aestetix says:

          This makes sense (and is evil), however: in this case the expiration date is July 26, 2023, but Godaddy's press release says "The registration for this domain expired on July 26, 2022."

          Are you suggesting that Godaddy can just  ignore someone who has renewed a domain name that is in the grade period, and sell it off to someone else, regardless of the fact they have paid for it?

          • jwz says:

            Presumably this means that the customer, Griffith, has paid GoDaddy their rent through July 26, 2022. The date in WHOIS is about when GoDaddy's rights to the domain expire. He's the renter, they are the landlord.

    • granville says:

      From what I understand, GoDaddy initially allowed someone other than the registrar to renew the domain, then reversed that decision:

      Although GoDaddy previously allowed another person to renew the domain on Griffith's behalf, they reversed that decision, and now say they intend to allow the domain to expire on September 5.

      That's what the super-sparse GoDaddy post references. 7/26 is when it originally expired, so I would guess the 2023 date is from the renewal GoDaddy intends to invalidate.

  • Previously