Feb 15, 2020 - updated

Tutorial 1: What is Handshake and HNS

Everything you need to know about the Handshake protocol and the utility of (HNS)

Tieshun Roquerre's profile picture
Tieshun Roquerre

This blog post marks the official start of our educational series. The best way to get started on Namebase is to first learn about HandshakeDNS and its token, HNS. 

To understand Handshake, let’s start with the basics. 

Current DNS architecture 

DNS is one of the oldest components of internet architecture. It was invented nearly 40 years ago in 1983 and hasn’t changed much since to address threats to freedom and safety on the Internet.

In the current DNS hierarchy, at the top is the root zone which is managed by the ICANN. ICANN determines who gets what TLD. Who in this case means governments, non-profits, and for-profit corporations like Verisign which owns .COM. TLD owners get to issue second-level domains like google.com.

DNS hierarchy. Source cloudflare.com
DNS hierarchy. Source cloudflare.com

The problem with the current systems

Top level domains are limited

ICANN, the centralized entity that manages the root zone today, determines what top-level domains (TLDs) — like .com, .net, .org — are allowed. ICANN requires a $185,000 USD application fee to request a new TLD, and applications for new TLDs are currently closed.

This artificially limits the availability of good domains for website owners and developers. 

Prone to censorship and loss of privacy

The current centralized nature of internet names results in a potential loss of privacy and censorship. Even if your domain registrar offers WHOIS protections, your information can still be subpoenaed from a domain registrar. Governments and ISPs commonly use DNS filtering and redirection to censor domains. ISPs on the other hand often monetize personal DNS data by selling your web browsing history

The certificate authority system is inherently flawed

Browsers trust certificate authorities to prove that websites are who they say they are. However, certificate authorities have sometimes compromised the security of SSL by issuing bad certificates or cooperating with governments to spy on and censor traffic. Insecure websites put everyone at risk. You can read more about this in our earlier blog here

Don’t provide true domain ownership 

Current domain registrar have built their business on a leasing model, charging domain owners an annual recurring leasing fee to maintain ownership of the domain. These fees are subject to price hikes for most TLDs. However recently, ICANN was in the spotlight for approving a deal that would remove price caps from protected TLDs like .org. Handshake on the other hand provides true domain ownership with no renewal fees, and complete control over your data. Since governance on Handshake is truly decentralized, no one person or entity can make a governance decision that would impact domain owners or the network the same way in which the ICANN deal could for .org domain owners.  

What is Handshake? 

Handshake is a naming protocol that’s backwards compatible with the existing DNS. It does not replace the DNS protocol, but it replaces the root zone file (where TLD ownership is stored) and the root servers with a blockchain-based system that anyone can use. This allows the root zone to be uncensorable, permissionless, and free of gatekeepers like the ICANN which manages the root zone today.

Every peer in the network cryptographically validates and manages the root zone, which also removes the need for the Certificate Authority system (CAs) entirely. Names are logged on the Handshake blockchain — essentially one big distributed zone file that anyone has the right to add an entry in.

Existing TLDs will be blacklisted from being registered on the network and Handshake resolvers will use traditional TLDs as the source of truth when you visit a traditional domain like namebase.io. Naturally, the Handshake resolvers will use the Handshake blockchain as the source of truth when you visit a Handshake domain like namebase/.

So, how does Handshake solve current DNS challenges

Endless Top-Level Domains (TLDS)

Handshake domains are Top-Level Domains that anyone can register, not just ICANN. They can be used like a traditional TLD — i.e satoshi.nakamoto/ — or by themselves — i.e satoshi/ — as a standalone name.

Much more secure and private

Handshake ensures DNS records can only be modified by a domain’s owner. This ensures Handshake domains can’t be censored or maliciously redirected. Registering a Handshake domain respects the privacy of the owner by requiring no personal data during registration. Ownership of names are determined by public-key cryptography, so it’s easy to verify name owners by having them sign a message with their private key.

A safer alternative to Certificate Authorities

Handshake shifts requiring trust in domain ownership from centralized, potentially insecure Certificate Authorities to a public commons that anyone can use for secure name resolution and certificate ownership.

You can do more with owned domains

Handshake domain owners can use TLD for anything. It can be used to host a website or early adopters of Handshake names can effectively become a registrar that sells domains — i.e adam.creator or john.creator — to other users.

 By now, you should have a foundational understanding of the current DNS challenges and how Handshake is looking to solve them. So let’s move on to the last section of this blog. 

What is a Handshake coin or HNS?

The Handshake coin (HNS) is used by participants to transfer, register, and update domain names. The coin is necessary to prevent spam on the peer-to-peer network. The vast majority of the initial coin supply will be granted freely to the Free and Open Source Software community — the majority will go to individual FOSS contributors. For all non-developers, the coin will be made available for buy/sell through Namebase after our launch. Users on our platform will be able to use HNS to bid on names or buy it for trading with other assets like BTC. The main utility of HNS on Namebase will always be to facilitate an easy, and private bidding experience to enable access to the new, free Internet. 

This wraps up our first educational tutorial. Heads up, look out for the next series in the coming days which will focus on “what is Namebase and how does it work?”. 

Upcoming topics 

    • What is Handshake and HNS (now available)

    • How to mine HNS

    • Difference between handshake domains and traditional domains 

    • How to get HNS on Namebase

    • What is Namebase and how does it work?

    • Buying a Handshake domain on Namebase (registrar overview)

    • How Handshake domains are released for bidding

    • How to register a domain and publish content while staying anonymous

    • Ways to run a resolver OR visit a Handshake domain

    • What use cases will Handshake and Namebase solve?

    • Can Handshake names be seized?

Thanks for reading!

Namebase Education and Customer Onboarding

picture of Tieshun Roquerre
Tieshun Roquerre
CEO at Namebase |
Tieshun is a Thiel Fellow who studied Math and Computer Science at MIT before starting Namebase. Previously at the age of 16 he became a fullstack engineer at Teespring, and at the age of 17 he founded StrongIntro which was funded by Y Combinator and Greg Brockman (founder of OpenAI). Tieshun's mission is to improve the security of the Internet by giving an unstoppable name to everyone in the world.
Subscribe for the latest