Get your catchy domain at

domains Unauthorized Blockchain Domain Names: What's a Brand to Do?



Just when you thought you had a handle on domain name enforcement, blockchain technology has given rise to blockchain domain names, which bring novel and complex challenges. There are currently millions of blockchain domain names, with extensions such as “.crypto” and “.eth.” These domain names may be used as an address for a website (typically on the decentralized web), as well as for other purposes, such as an identifier or nickname for a crypto wallet. Some blockchain domain names mimic brand or celebrity names and are being offered for sale on NFT marketplaces for the cryptocurrency equivalent of $100,000 or much more. This advisory provides a summary background regarding blockchain domain names and some suggestions for rights owners to navigate the new challenges they present with respect to enforcement.

read more


Established Member
The Lanham Act’s Anti-Cybersquatting Consumer Protection Act[7] (“ACCPA”) provides in rem jurisdiction over domain names themselves in certain circumstances where there is no personal jurisdiction over the defendant who owns the domain name.[8] However, this is only possible in judicial districts where the registrar or other domain name registry or authority that issued the domain name is located. To the extent that there is an identifiable legal entity associated with blockchain naming companies, most[9] are not located in the United States and do not utilize centrally located servers that might give rise to location in one place.

I read the article and skimmed the act. In cases where something like a 2nd level Handshake domain is violating a trademark it seems like the registrar would be the obvious target of a complaint. I always wondered why Namecheap and Porkbun would open themselves up to being the first hop into the regulated world for Handshake and now I know. They have legal safe harbor from any kind of significant liability.

A modern version of legislation could lay out a hierarchy of responsibility in terms of disconnecting infringing domains that are trying to use the blockchain to remain judgement proof. Roughly I'd say:

Registry -> Registrar -> DNS Provider -> Hosting Provider -> ISP

The way IP is protected in the current ICANN based system is well thought out. It's pragmatic to have safe harbor for almost all service / hosting providers because enforcing at the registry makes the most sense anyway. If you take away the registries and turn them into judgement proof blockchain entities, then I think it might be worth revisiting some of the safe harbor that's been granted to service / hosting providers.

At the very least, blockchain domains are, in my opinion, encouraging a system where DNS hosts and web hosts are going to need to be subjected to some type of KYC requirements. If they're the first hop into the regulated world, they need to be responsible for ensuring they aren't dealing with bad actors.

In the ICANN system, a domain used by a bad actor can simply be assigned to an IP owner and that's the end of it. In a world where the blockchain can be used to escape that kind of judgement, a bad actor can simply move from web host to web host, so considerably more burden needs to be put on the DNS hosts and web hosts to make sure that doesn't happen.

As a thought exercise, Cloudflare runs Who should be the most liable if I register a trademarked ENS domain and use a combination of an IPFS host plus Cloudflare to damage the trademark holder by promoting an address? I bet I could buy IPFS hosting with a prepaid credit card and I don't think I even need to do anything on the Cloudflare side. Since Cloudflare provides the gateway, I'd assume they're the best target for enforcement, but that still leaves the underlying .eth site on IPFS.

The whole blockchain domain thing is an absolute disaster. The TLD naming collisions and lack of IP enforcement alone make it a net negative for the web in my opinion.
Top down