Pantera Partners: Understanding Handshake and the Foundation of a Decentralized Internet
Written by: Paul Veradittakit, Partner at Pantera Capital
Compiled by: Chain News
Handshake is a decentralized domain name system that raised $10.2 million from 67 institutions and individuals in August 2018, achieving a valuation of $136 million, with notable venture capital firms such as A16Z, Sequoia Capital, Greylock, Founders Fund, Pantera Capital, and Polychain among its backers.
What makes this project attract the attention of these well-known investment institutions? Previously, Chain News published an article titled "Understanding Blockchain Domain Resolution Services, Popular Projects Handshake and ENS," which introduced the core features of decentralized domain resolution services and the key players in this field.
Recently, Handshake has successfully launched its mainnet. On the occasion of Handshake's official mainnet launch, Paul Veradittakit, a partner at the renowned blockchain investment firm Pantera Capital, wrote an article explaining the underlying logic of investing in the Handshake project.
Paul Veradittakit pointed out that the greatest value of Handshake lies in the fact that it is the foundational layer of a decentralized network, one of the core building blocks, and a crucial step towards a decentralized internet.
Here is Paul Veradittakit's analysis and introduction to Handshake:
In fact, the traditional domain name system (DNS) is not well-received. As an internet protocol, the domain name system maps domain names (like "google.com") to the servers and resources that users intend to use (for example, Google's search engine server). Currently, this mapping relationship is maintained by the Internet Corporation for Assigned Names and Numbers (ICANN) and certified through 12 "Certificate Authorities" (CAs) (you can see the green lock symbol in your browser), whose work essentially involves providing certificates to top-level domain owners, and nothing more.
The Internet Corporation for Assigned Names and Numbers and Certificate Authorities are very susceptible to issues such as cybersecurity, censorship, and corruption. In the past, there have been errors in certificate allocation, leading to inaccurate domain name lookups, which in turn undermined internet security. Due to the limited number of companies operating certificates, there can also be content filtering and domain redirection, which restrict the capabilities of a small portion of internet users, akin to censorship. Additionally, Certificate Authorities often provide identity information of users who own certain domain names, creating possibilities for attacks like DDoS.
Handshake is a decentralized protocol designed to optimize the registration of domain names on the DNS root. In fact, Handshake allows users to bid for domain names using HNS tokens: once a user applies for a domain name, their registration can be valid for a year. At the same time, users receive an encryption key to support the privacy and secure confirmation of their custom domain ownership.
HNS tokens support a proof-of-work (PoW) mining algorithm, ensuring fair access to domain names and preventing network attacks like Sybil (which past Certificate Authorities were easily susceptible to).
On February 10, 2020, Handshake's mainnet went live, registering approximately 100,000 top-level domains on alexa.com. The project leaders are mostly "big names" in the decentralized field, such as Joseph Poon, co-founder of the Lightning Network, and Andrew Lee, CEO of Purse.
Handshake is a crucial step towards a decentralized internet because domain ownership is central to the internet's architecture and is key for users to access specific websites and identify the content they are visiting; decentralized website access not only promotes fairness and security but also paves the way for managing and accessing other resources on the internet.
Centralized Internet
The internet is one of the most useful and complex inventions in modern history, enabling explosive growth in knowledge, products, and interpersonal relationships worldwide.
The backbone of internet infrastructure is the domain name system (DNS). Simply put, the DNS is a framework that tracks the location of internet content. For example, the DNS ensures that when you enter "google.com," you accurately access Google's search engine; each "domain name" (to put it simply, it's basically the name of a website) maps to a corresponding server in the IP space, where various functions of the website can be executed; "google.com" maps to the address of Google's server in the IP space, which hosts the Google search engine server. Currently, all domain names are managed by a single trust root owned by a non-profit organization, the Internet Corporation for Assigned Names and Numbers (ICANN). Additionally, some private companies known as Certificate Authorities (CAs) provide "certificates" (you see the green lock icon in the URL bar when visiting a website) to prove that the respective owner owns the domain name.
The main job of Certificate Authorities is to ensure that domain names are correctly owned by users registered with that authority, ensuring that visitors can accurately map to the intended resources (such as landing pages, e-commerce sites, social networks, search engines, etc.), thereby maintaining internet security. When you visit "google.com," the Certificate Authority ensures that you are accessing a trusted search engine operated by Google, not some malicious software hosted privately that can access that domain.
It seems that the Internet Corporation for Assigned Names and Numbers and Certificate Authorities are important, but what problems do they have?
Indeed, the Internet Corporation for Assigned Names and Numbers and Certificate Authorities can address internet domain issues and are two very important institutions—however, they do not solve problems in the best, safest, and fairest way. Both institutions operate under an extremely centralized system, with currently 12 Certificate Authorities and 1 Internet Corporation for Assigned Names and Numbers, meaning that the privacy of internet domain names and domain ownership is entirely controlled by a select few users.
Sometimes, they issue bad certificates, allowing third parties to engage in espionage or unauthorized data collection. Such incidents undermine the fundamental security of the internet, failing to ensure that users can always obtain what they expect when accessing a domain, and cannot guarantee that interactions with domain names are private and unrestricted.
In fact, centralized management institutions lead to two major internet security issues:
First, the Internet Corporation for Assigned Names and Numbers has significant problems with censorship and access. The Internet Corporation for Assigned Names and Numbers allows content filtering and domain redirection, meaning that large companies and governments can sacrifice the interests of small-scale users to preserve their own existence, and can even manage the content that other users can publish online. In the past, the Internet Corporation for Assigned Names and Numbers sold the .org suffix domain for $1.1 billion— as a non-profit organization, they did not even explain why they could do this.
Second, Certificate Authorities are highly susceptible to cyber attacks or can be exploited (or even colluded with) by attackers. Attackers can map domain names to specific users through certificate ownership, leading to direct attacks on users (for example, a website may be attacked simply because a user dislikes their content) or network attacks like DDoS (Distributed Denial of Service). Certificate Authorities also allow governments of countries like Iran to conduct man-in-the-middle attacks on Gmail, raising significant doubts about their intentions and the fairness of the internet.
So, what can we do?
This is where Handshake comes into play.
Handshake is a decentralized domain protocol where every user on the network can manage and verify the naming space of the root domain system (essentially mapping domain names to their owners). The fundamental idea behind Handshake is quite simple: domain name registration should not be controlled by 12 private companies, but should be controlled by the vast number of users who access the internet daily. To create a decentralized web and network in the future, Handshake has taken the first step towards providing decentralized internet and web resource mapping.
How does Handshake work?
The Handshake protocol is technically quite complex, but the underlying workflow idea is simple. Essentially, Handshake provides a token (HNS) that users can use to purchase domain name registrations. When a user wants to register a domain name on the DNS root, they can pay the registration fee using HNS tokens. Afterwards, the user receives a public encryption key, which serves as identifiable evidence that the domain registration belongs to that user, ensuring that all users on the network can verify who owns the given resource or domain space.
To transfer a domain name, one simply needs to sell the corresponding HNS tokens for different domain names to each other. All HNS token transactions are recorded on a public blockchain, allowing the entire user group to verify the ownership of the relevant domain names, with system security maintained through proof-of-work consensus.
HNS tokens can be obtained through proof-of-work mining, ensuring that users contribute to the security and effectiveness of the network, and serving as a primary mechanism for acquiring HNS tokens and using them to bid for domain names. Moreover, the Handshake protocol effectively prevents Sybil attacks, and since mining requires computational power, it also prevents users from being confused by virtual instances, maximizing their chances of winning domain auctions.
How to protect domain names on the platform?
First, users should check whether the desired domain name has already been registered by someone else on the platform. The first user to request a domain name can create a "public auction" to initiate the domain auction, after which subsequent users can submit bids for the domain name, with all bids priced in HNS tokens. During the bidding process, no user knows the bid amounts of other users; the entire process is hidden. The domain auction will end after a period of time, and the highest bidder will ultimately win the domain name. However, just like traditional auctions, domain auctions on the Handshake platform will be conducted on a "second-price auction" basis, and the winning domain must be registered annually.
If you want to learn about the command line interface for starting bidding on Handshake, you can click this link to view it.
As part of the mission to decentralize the internet, Handshake initially supplied 1.36 billion HNS tokens, of which 67% will be provided to developers of free/libre open-source software (FLOSS), as well as non-profit organizations and universities that have made significant contributions to the development and innovation of the internet, with the project sponsors providing $10.2 million in funding support.
How to get started?
Before the official launch, Handshake provided a 90-day sunrise period for current rights holders to claim trademark domain names on the internet, ensuring a seamless transition from the current system to a decentralized system. Handshake also reserved the first 100,000 top-level domains on alexa.com, which will be made available to users at the official launch of the project. (Note: At the time of writing, Handshake has already launched, with the launch date being February 10, 2020.)
Team Members
The project leaders are all "big names" in the decentralized and blockchain fields, possessing unique insights and industry experience, fully capable of bringing the concept of decentralization into the highly centralized domain space, including:
Joseph Poon, co-founder of the Lightning Network
Andrew Lee, CEO of Purse and founder of Private Internet Access
Chris Jeffrey, CTO of Purse
Ultimate Goal
Today, billions of people around the world access the internet, and the demand for using secure and decentralized protocols to manage domain registrations is more urgent than ever. For a long time, centralized domain management institutions have been plagued by issues such as cyber attacks, corruption, and censorship, limiting internet access rights and sustainable development to a select few.
By aggregating every user together, Handshake has found a unique solution to the domain registration problem. Utilizing proof-of-work consensus and mining protocols, Handshake can fairly distribute domain access rights through its HNS tokens, ensure effective resolution of conflicts, and clearly establish domain ownership using encryption and blockchain. Handshake completely redesigns the configuration of the root domain space, eliminating the need for flawed and attack-prone third parties (such as Certificate Authorities) in domain allocation, allowing the root domain industry using HNS tokens to completely eliminate the role of Certificate Authorities.
The launch of the Handshake protocol marks an important step in the development of decentralized networks, as domain names are the foundation of our interaction with the internet, and the success of decentralized domains sets a precedent for other solutions in resource allocation, verification, and ownership.