Blockchain for website domains? All about Handshake (HNS)

Published on 23 juni 2022

The first big question, what is Handshake (HNS)?

Handshake self report; Handshake is a decentralized, naming protocol where each peer validates and manages the root DNS naming zone with the goal of creating an alternative to existing certification authorities and naming systems. Names on the Internet (top-level domains, social networking handles, etc.) ultimately depend on centralized actors with full control over a system, which is vulnerable to hacking, censorship and corruption. Handshake aims to experiment with new ways in which the internet can be safer, more resilient and socially useful with a peer-to-peer system validated by the participants in the network themselves.

In short: Handshake is an experiment that seeks to explore new ways in which the necessary tools can be used to build a more decentralized Internet.

Services on the Internet have become more centralized since the 1990s, but they do not conform to the original decentralized vision of the Internet. Email became Gmail, usenet became reddit, blog became Facebook and Medium, pingbacks became twitter, squid became Cloudflare, even gnutella became The Pirate Bay.

Ok and now simple; what is it?

Handshake domain names are an "experimental peer-to-peer root naming system". In order to explain HNS, I will first have to uncover the DNS architecture.

DNS stands for Domain Name System . _

This system includes a worldwide database of domain names that are structured hierarchically. These domain names are linked to an IP address. (IP address = Unique address in the form of numbers/numbers, with which an (internet) computer or server can be identified.)

DNS therefore consists of several (hierarchical) servers.
First, we have a resolver, a recursive name server that acts as a catalyst.
Here you send your question for the IP address. The resolver checks whether it has this IP address in its cache. If not, it forwards the query to the other name servers.

If we create a hierarchical schema of these name servers, we get an inverted tree:

.com .org .info .io .nl .de .ca .在线 .عرب .संगठन


Step 1: The root server has the highest authority here. This serves the root zone. The root zone contains the records for the Top-Level-Domain (TLD) servers.

Step 2: The TLD servers in turn serve the data for the Second-Level-Domain (SLD) servers.

Step 3: The SLD servers have the authoritative zone file for the SLD (the file where all the records for the SLD are placed), or forward you to the name server that has it.

As mentioned above, the root zone contains the TLD name servers. This root zone is currently managed by ICANN. To create a new TLD (eg .skikk instead of .nl) you would have to request it from ICANN. This application costs an average of $185,000 and takes 1 - 2 years. In addition, ICANN has closed the applications indefinitely.

With the advent of blockchain technology, some smart people saw a great application of these technologies by combining them.

They designed a new blockchain, just like bitcoin, but with some changes to the protocol. These adjustments ensure that interference between HNS and BTC, or other blockchains or name systems could never arise. They called this protocol handshake.

A fair ICANN alternative

Handshake inherits ICANN's highest authoritarian layer, the root zone and the root servers. This means that the root zone no longer falls under the management of 1 organization (ICANN), but under a global consensus.

This also means that the root servers that served the root zone will be replaced by the nodes of the handshake blockchain.

Instead of requesting a new TLD from ICANN, you can now send the request to the blockchain. To ensure fair distribution and pricing of the TLDs, handshake's designers have opted for an open auction mechanism. You will not immediately receive the TLD upon request,
but an auction will be opened for the relevant TLD. This way everyone gets the chance to make an offer, and the value of the name is determined by the users themselves.

When this auction is over, the highest bidder will own the TLD. However, before the winner gets their TLD, this trade must be confirmed often enough. This is called the "reveal period".

When this is over you will receive the name in your hns wallet. You can then manage your name on the blockchain via this wallet.

For example, a handshake protocol wallet is: bobwallet ( There are also other roads. For example, you can create an account on namebase ( A wallet is integrated with this account.

HNS is backwards compatible with the current DNS. The current TLDs such as .com, .info and eg 100,000 alexa domains, are not possible to create via HNS, to avoid name collisions.

Is Handshake (HNS) safe?

HNS is DANE capable. So a secure (ssl) connection can be created.

To clarify the role of Namecheap, Namecheap has the same role in this story as everyone else. They have mined a number of SLDs (.orb .p .saas etc) via a wallet. For these SLDs they have set up their own name server in the root zone. This gives the possibility to sell SLDs to third parties, and to register them on their own name server.

Visiting a handshake (HNS) domain name

Handshake names live on the Handshake blockchain, which most browsers do not yet support natively. While we wait for browsers to catch up, below are numerous ways you can already access Handshake names in your browser.

HNS.TO is a proxy gateway that you can use to access Handshake domains without installing anything or changing your DNS settings. Try entering "skikk"

Puma is a mobile browser that currently uses for resolving Handshake domains. Install the Puma browser app on your phone to open Handshake names in the search bar.

Bob Extension is a Chrome extension that currently uses to resolve Handshake names right in your Chrome browser's search bar - try using it to search for "skikk" "NextDNS protects you from all kinds of security threats, blocks ads and trackers on websites and apps, and provides a safe and controlled internet for kids - on all devices and on all networks."

1. Go to and click on "Try it now"

2. Scroll down to the Setup Guide and choose one of the given options (eg Private DNS, App, Ipv4) for your device, and follow the relevant NextDNS guide.

3. Once your device is connected to NextDNS (confirm with the green button at the top of the settings page), go to the "Settings" tab on the NextDNS website and enable "Resolve Handshake Domains"

4. Visit us at /skikk


Here are a few more sources for more information:

Namebase learning center:


ICANN paper on alternative names (dated April 27):