Microsoft calls blockchain domains ‘the next big threat’ and you might want to listen

3d illustration. Data storage service. Server room. Blockchain technology. Grid and lines. Hosting domain.
(Image credit: Shutterstock/Dmitriy Rybin)

Matthew Gould, founder and chief executive of Unstoppable Domains, started the company because “for too long, companies have controlled people’s digital identities and it’s time for people to own their identity on the internet.” 

As far as mission statements go, it’s quite powerful –but it’s also deeply rooted in the reality of the current moment: Unstoppable Domains is a blockchain naming service with over 2.5 million registered domains, and it just hit unicorn status with a $1 billion valuation at the end of July.

If you add to this that the number of .com sales for the whole of 2021 was 126,770, and the number of .eth (Ethereum Name Service) registrations in just the last month was 378,000, it all paints quite the picture of what the future of the internet will look like. 

It doesn’t surprise me at all that big companies like Microsoft are scared of what that might mean.

Warning for blockchain domains

In its October 2021 Digital Defense Report, Microsoft calls blockchain domains “an emerging threat outside of regulation.” Of course, as the report goes on to explain, it is referring to the “threat actors on the internet (that) have started utilizing blockchain domains as part of their (...) cybercriminal infrastructure and operations,” which is a common complaint aimed at blockchain-related activities and products like cryptocurrencies. 

Whether it’s true or not that decentralized finance facilitates fraud, or malware, more than traditional finance does, remains to be seen. 

A few paragraphs earlier, however, the report reads: “blockchain domains work differently (from) traditional domains that are purchased through internet registrars operating through the ICANN-regulated DNS system (...) and pose challenges from both a utilization and disruption standpoint.” That, we can all agree, is true. 

Blockchain domains do present a challenge for companies who, in the words of Matthew Gould, for too long have controlled people’s digital identities – and they do present a uniquely timed opportunity for disruption. 

Understanding blockchain domains

By virtue of their completely decentralized nature, domains built on blockchain technology are immutable, tamper-proof, and they give users more ownership over their online spaces and identities. Besides having no recurring web hosting or domain renewal fees, as is the case with most blockchain name services, the technology is resistant to censorship, regulations, or even attempts at blocking it. 

When you take into account the 2019 IDC survey figures, which saw 82% of companies experiencing a domain name system (DNS) attack in the last year and 63% of companies suffering application downtime, each one costing an average of $1.07M, the security benefits seem to majorly outweigh the disadvantages. 

Additionally, we could look at the Freedom House’s 2022 Freedom in the World report, aptly titled ‘The Global Expansion of Authoritarian Rule,’ which states that “autocracy is making gains against democracy and encouraging more leaders to abandon the democratic path to security and prosperity,” with a net two to one increase in countries suffering from democratic declines over the past year compared to those that improved. This, too, would point to the need for online protection from authoritarian states, which could come in the form of blockchain technology and outweigh seemingly any potential downside. 

Differently from traditional top level domains, which only function as an “internet phone book” to match domain names with numerical, and hard to remember, IP addresses, blockchain domains can be used for much more than just decentralized website hosting on IPFS (Inter-Planetary File System). They can essentially be considered NFTS: the domain’s ownership is stored just like any transaction in the ledger, which anyone can track and refer to, and they can be sold, and bought, exactly in the same way that a Bored Ape collectible would be. 

Because of the nature of smart contracts, this process is always simple and secure. And since wallets are self-custodial, it’s up to everyone individually to keep their login information and seed phrases safe and secure, because platforms or name services can’t help in the recovery process. This, however, means that if you keep your information private, and safe, you have absolute control over who, how, and if anyone else can access your account. There is simply no viable way to hack a crypto wallet, or a Web3 ID on the blockchain, which makes information 100% foolproof and hacker-proof.

Blockchain domains can be matched to a crypto wallet address in the same way that the DNS system can match an IP address to a .com url, and be used to receive and transfer blockchain-based assets like NFTs and cryptocurrencies, which eliminates the need for long numerical addresses that might be prone to errors and miscommunication in the trading process. This way, if you need to send $1 million, instead of asking for someone’s crypto wallet address and going over it again and again to make sure you haven’t got a single number wrong (which would be a disaster, as any decentralized transaction is always non-mutable and non-refundable), you could simply send it to johnsmith.crypto, 1234.eth, lars.ccd, or even 0.ccd, as CNS domains, unlike all others, can be as short as one letter or number.

People who are buying early blockchain domains are snapping up extremely valuable digital real estate, and they know it. 

Decentralized domains

In a way – at least for brands who need to maintain tone and presence across all platforms – domains are equivalent to social media handles, but with one crucial difference: in the case of Instagram and Twitter, brands could appeal to the platform to gain control over a “branded account from someone not associated with the brand,” aka whoever registered the username @JimmyFallon or @Puma and then attempted to extort the real Jimmy Fallon (who actually owns fallon.eth) or Puma (ditto, at puma.eth) for ridiculous amounts of money. In the blockchain-verse, however, that is not the case and will never be. 

Transactions are final and immutable, and while you can choose to rent subdomains under your main blockchain domain, no one can force you to relinquish control over the domain you secured and are legally the owner of. 

And while blockchain domains have been around for a few years, since 2011, they are currently exploding in value. Which means that the longer people, and brands, wait, the more they’ll have to pay to be a part of Web3 – and this is not a new reality. In 1993, a professor of computer and information science at the University of Pennsylvania named Matt Blaze had the unique foresight to buy the top level domain, and then sold it in 2018 for $12 million.

Perhaps, who knows, someone might be snapping up microsoft.ccd right this moment. 

Is there a real threat?

Eventually, they will come to replace email addresses, bank accounts, and much more, once they can be safely used to store personal information. In the case of Self-Sovereign ID blockchains, like Concordium, they can be indirectly connected to real identities and be utilized to login to anything and anywhere with a single click. They can also be used to build apps and software, through the use of specific blockchain-dedicated platforms and frameworks.

Of course, blockchain domains are still not widely used and most of these use cases will only come to be a part of our everyday reality in the near future, once the promise of Web3 is fully realized and perhaps even Mark Zuckerberg’s Metaverse starts to feel less like a Matrix concept and more like a substantial, practical, truth. Issues like the need for browser plug-ins or proxy resolution services, as well as limited SEO visibility, are still being smoothed out. 

However, the potential for disruption is already quite clear. 

As mentioned above, the number of .eth registrations in just the last month was 378,000. On July 3rd, someone paid 300 ETH ($495,063.96) for the 000.eth domain, and last October, paradigm.eth was sold for 420 ETH ($1.5 million), at a time when, for contrast, blockchain domains have not even reached 1% adoption rate. And this is not just about the ones on the Ethereum Name Service, but think of how many different blockchain name services will start to compete with them: the CNS name service by Bictory Finance, a decentralized naming system built on the self-sovereign ID professional blockchain Concordium, is launching this month. 

How long will it take before blockchain domains take over top level domains, and we collectively tip over into mass adoption? Ten years? Two? Six months? Time will tell, but if we know one thing when it comes to crypto, it’s that it’s best to be first and move fast. 

My guess is that the question of “how much can we get out of blockchain technology” will only get clearer as we move in the direction of a decentralized Web3. Very much in the same way we have already begun: with the cryptocurrency boom of recent years, with the proliferation and meteoric rise in popularity of NFTs, and Facebook’s rebranding as Meta signaling we are about to enter the kind of digital future we cannot even imagine yet. 

To some - like in the case of Microsoft - that sounds pretty terrifying. 

But once you truly take the time to understand what blockchain technology could do, and how it could shape the future of humanity, fear gives in to excitement. The thrill of innovation, of novelty. The joy of expansion. How stimulating, how fascinating. What’s threatening about that?

 Lars Seier Christensen is chairman of the Concordium Foundation and founder of Saxo Bank