Internet naming is no longer just a matter of DNS. As 2026 approaches, Web3 players are multiplying cryptoTLDs to the point where the same extension could lead to different destinations. The .wallet episode has already shown that what is called the “collision risk” is very real. At the same time, the first Web2 x Web3 bundles are emerging, pairing a DNS domain with its blockchain twin.
For brands, this is both an opportunity and a risk: identity, payments, and reputation on the one hand; fragmentation, heterogeneous governance, and uneven remedies on the other. This article sets the stage (centralization versus decentralization), maps the current race for top level domains (TLDs) and twinTLDs, and then offers a simple roadmap to prioritize, monitor, and anticipate.
1. Centralization and decentralization
Centralization. The DNS (Domain Name System) is a global tree structure built on centralization. At the very top sits the single root, represented by “.,” coordinated by ICANN (Internet Corporation for Assigned Names and Numbers) and IANA (Internet Assigned Numbers Authority). Below this root are the TLDs such as .com, .org, or .fr, each operated by a registry that maintains the corresponding “zone”. Registrars (domain name retailers) allow registrants to reserve second-level names (for example, brand.com), which then point to name servers. When a user enters an address, a resolver[1] queries the chain from the top down (root, TLD, and then the specific name) to obtain the IP address. This centralization and the existence of a single root ensure that a given suffix has the same meaning worldwide and prevent collisions between namespaces. Above all, each DNS domain name is unique: there cannot be two identical names. In addition, the DNS is supported by a system of registrant identification through the RDDS/WHOIS service (with possible gated access to data when privacy services are in place) and by rights-protection mechanisms in case of abuse, notably the UDRP (Uniform Domain-Name Dispute-Resolution Policy) and the URS (Uniform Rapid Suspension), without excluding traditional court actions.
Decentralization. In the Web3 universe, naming is instead based on decentralization. Instead of a single root as in the DNS, multiple independent projects each create their own namespace on a blockchain. Systems such as ENS, Handshake, or Unstoppable Domains publish “cryptoTLDs” managed by smart contracts and controlled through private keys. This architecture offers concrete advantages, including censorship resistance and the ability to use the same identifier as both a payment address and an on-chain profile. However, it also brings significant side effects: without a central coordinating body, the same suffix (and therefore the same domain name) can exist across multiple namespaces, resolution may depend on the software used, registrant identification is often burdensome, and available remedies (when they exist) are far less clear.
2. Fragmentation and Interoperability
Fragmentation. Fragmentation occurs when multiple namespaces coexist without coordination. In practice, the same suffix can be created in different systems and lead to distinct resources depending on the browser, extension, or resolver being used. Two users type the same name and end up in different places. This kind of collision undermines the universality of links, complicates abuse detection, and reduces the effectiveness of established procedures. This is not a value judgment on decentralization but rather an interoperability finding: without common rules or reliable bridges, we end up with isolated silos that do not communicate with each other, resulting in user confusion, higher support costs, and greater legal exposure for rights holders.
Interoperability. In this context, interoperability means that the same name consistently resolves to the same result, regardless of the software, browser, or network being used. Concretely, this requires common resolution rules, technical proofs of trust that flow in both directions, and stable bridges between DNS and blockchain. Several initiatives are currently underway.
ENS–DNS Bridge. On the Ethereum Name Service (ENS) side, coupling with the DNS is advancing, notably through “gasless” [2] DNSSEC and mechanisms such as CCIP-Read[3], which make it possible to prove off-chain that a DNS name effectively controls an ENS record. This has led to practical integrations, including the recently announced partnership with GoDaddy[4]. Gateways to Web3. Resolvers and gateways are also trying to bridge Web2 and Web3. This includes browsers that natively recognize certain blockchain domains, or IPFS[5] gateways that expose decentralized content through traditional URLs. A concrete example: a brand publishes a static microsite on IPFS and links the CID to mymark.eth via ENS. In Brave, when the user types mymark.eth, the browser queries the built-in ENS resolver, reads the content record, contacts an IPFS node, and displays the site. In Chrome, without an extension, the same address will not resolve directly. Access then occurs either via an IPFS gateway in the form of a standard URL, or by installing an extension capable of querying ENS. The same logic applies with Unstoppable Domains. A name like mymark.crypto may open natively in Opera, but in other browsers it will require either an extension or a gateway. Depending on the environment, the same name may work immediately, require an add-on, or fail to resolve at all, illustrating the need for interoperability.
Preventing Collisions, Preserving Uniqueness. On the governance side, in Web3, the Web3 Domain Alliance[6] is a voluntary coalition of cryptodomain operators that claims to promote best practices, alignment with intellectual property rights, and, above all, the prevention of “naming collisions”. Indeed, its launch announcement explicitly emphasized this objective of limiting collisions and thereby strengthening user trust. On the DNS side, the course remains steady: the uniqueness of the root is to be preserved as a fundamental technical principle.
Toward “twinTLDs”: Bridging Web2 and Web3. Emerging approaches known as “twinTLDs” aim to create coordinated pairs between a traditional DNS TLD (Web2) and its equivalent in the blockchain environment (Web3). This strategy is designed to reassure brand owners and users by ensuring continuity of digital identity, regardless of the navigation space. Holders of these pairs can harmonize their naming policies, prevent the risk of collisions, and strengthen their brand visibility across both ecosystems. This duplication logic could play a key role in the adoption of cryptodomains by providing a tangible bridge between the Web2 and Web3 universes[7].
Interoperability and Patents. To illustrate the interoperability effort in concrete terms, the following table summarizes recent patents that demonstrate an industrialization process in this area. For legal and technical teams, these intellectual property rights may shape future standards, licensing models, and ultimately the cost of Web2–Web3 integration.
Owner | Title | Patent # | Abstract |
Verisign | Domain name blockchain user addresses | “DNS domain name registered to a registrant as a blockchain user address in a blockchain network are presented. The techniques can include providing. by a DNS registry. a public key and a computer executable registry signature verification program configured to use the public key to validate signatures made using the private key for addition to a block in a blockchain of the blockchain network. The techniques can also include receiving a request for a proof of registrar of record. and providing a proof of registration message. such that the registry signature verification program validates the signature using the public key. and the blockchain network receives and stores in the blockchain an association between the domain name and an existing blockchain user address for the registrant”. | |
Verisign | Proving top level domain name control on a blockchain | “Systems, methods, and computer products for associating a top level network identifier with a blockchain address on a blockchain enable operations that may include: obtaining, from a root network segment file, an identification of a server that stores network infrastructure records associating network identifiers under the top level network identifier with network addresses and a signature on the identification of the server; obtaining, based on a first network infrastructure record, an association of the top level network identifier with the blockchain address; obtaining information sufficient to validate a trust chain, wherein the trust chain extends from a trusted authority to the association; and sending the association and the information sufficient to validate the trust chain to an executable program on the blockchain. The trust chain may be validatable by the executable program, and the association may be storable on the blockchain by the executable program”. | |
Unstoppable Domains | Resolving blockchain domains | “A request to resolve a name of a domain of an identifier of web content is received. It is automatically determined that the name of the domain is to be resolved using a blockchain. A request is sent to a smart contract of the blockchain to obtain one or more resolution records for the domain. The one or more resolution records of the domain are received. The received one or more resolution records are utilized to resolve the name of the domain”. | |
3DNS, Inc. | Blockchain-based domain name registrar and management system | “A nameserver receives a request to access a webpage from a client device. The nameserver generates a blockchain query based on the request for querying a domain registrar blockchain storing domain name registration data in smart contracts. The nameserver sends the first blockchain query to the domain registrar blockchain. In response to receiving a nameserver identifier from the domain registrar blockchain, the nameserver retrieves a DNS record for the webpage using the received nameserver identifier. The nameserver then provides information from the retrieved DNS record to the client device to allow the client device to access the webpage”. |
These efforts make the systems more compatible on a day-to-day basis, but they do not replace global coordination. As long as namespaces remain separate and lack common rules, the same suffix may lead to different results—so the risk of divergence and collision persists.
3. The Race for TLDs
The race for extensions is now unfolding on several fronts. On the DNS side, the calendar is long and institutionalized, structured around widely spaced application rounds. In contrast, blockchain initiatives are experiencing rapid growth, multiplying cryptoTLDs outside any centralized framework. Between these two approaches, a third path is emerging: that of twinTLDs, where the same extension could exist simultaneously in the DNS and on a blockchain. This multi-speed dynamic is already shaping the strategies of stakeholders and setting the stage for ICANN’s upcoming 2026 round.
3.1. The Race for DNS TLDs
From .com to 2026. Historically, the DNS emerged in the mid-1980s with the very first generic gTLDs, notably .com, .net, and .org, which became the pillars of public addressing. The framework stabilized in the 1990s, and ICANN was created in 1998 to coordinate the public root. In 2012, ICANN launched the “New gTLD Program”: 1,930 applications were filed and, over the following years, more than 1,200 new extensions were delegated. The process included technical and financial evaluations, avenues for objections, and the management of string contention, sometimes resolved through auctions. After this major opening, the next application window for new gTLDs is scheduled for April 2026, reigniting the strategic interest of stakeholders.
3.2. The Race for cryptoTLDs
Handshake: A Proliferation of Blockchain Extensions. Players in the crypto world are accelerating the creation of blockchain extensions. In a particularly short span of time, Handshake created hundreds of cryptoTLDs, including .1, .aboutme, .amigo, .amor, .arbitrator, .assurances, .biometric, .blogging, .brand, .c0m, .causes, .client, .clients, .comic, .comics, .commerce, .creator, .creations, .croatia, .cuba, .cyprus, .defi, .econmics, .economy, .elite, .event, .foot, .haiti, .hell, .hire, .information, .italy, .job, .joker, .jugar, .lausanne, .lawoffice, .logo, .mediator, .mission, .napavalley, .nearme, .neo, .nom, .premium, .rh, .solution, .sos, .startup, .tao, .teenager, .token, .wave, .webdesigner, .yummy, .zen. It should be noted that some of these cryptoTLDs reproduce the names of public law institutions, which is not always appreciated by the institutions concerned[8].
Unstoppable Domains: The Pace of Launches. Similarly, within roughly a single year (between 2024 and 2025), Unstoppable Domains launched a series of thematic cryptoTLDs, including .agi, .bay, .boomer, .calicoin, .collect, .crypto, .digibyte, .donut, .dream, .ethermail, .go, .grow, .her, .hi, .kingdom, .kryptic, .learn, .ltc, .metropolis, .miku, .ministry, .moon, .mumu, .nft, .npc, .onchain, .pack, .pilot, .podcast, .pog, .privacy, .quantum, .robot, .secret, .sonic, .south, .tea, .u, .ubu, .wifi, .xec, .xmr, and .zano.
Two Speeds: Blockchain vs. ICANN. It is clear that the pace of blockchain activity contrasts sharply with ICANN’s institutional slowness. Indeed, the last round for the allocation of top-level extensions in the DNS system took place in 2012, and the next one will not occur until 2026.
3.3. The Race for twinTLDs
Unstoppable and ICANN 2026: Toward twinTLDs. Unstoppable Domains is considering applying in ICANN’s 2026 DNS round for some of the extensions it has created, sometimes in partnership with third parties, namely:
TLD | Function | Partnership | Reference |
.agi | AI and AGI Community, Identities, and Projects Related to Artificial Intelligence | 0G Foundation | |
.anime | The Culture and Industry of Anime | Kintsugi | |
.blockchain | Generic Space for the Blockchain Ecosystem and Web3 Players | Blockchain.com | |
.clay | The Clay Nation Brand & Community | Clay Nation | Unstoppable and Clay Nation Launch.Clay, Unstoppabledomains.com, 16 avril 2024 |
.farms | Agri-Food Traceability and Farmer Identities | Farmsent | Grow Your Future With.Farms, Unstoppabledomains.com, 13 August 2024 |
.manga | The Culture and Industry of Manga | Kintsugi | |
.onchain | On-Chain Identities with DNS Twins | Onchain | |
.podcast | Creators and Audio Media, Podcaster Identity | The Edge Of Company | |
.pog | Gaming Community and POG Collectibles | POG Digital | Unstoppable and POG Digital Launch.POG, Unstoppabledomains.com, 3 April 2024v |
.pudgy | Pudgy Penguins Brand and Community | Pudgy Penguins | |
.raiin | Raiinmaker Identities for the Mobile AI Creator Economy | Raiinmaker Network | Unstoppable and Raiinmaker Launch.RAIIN, Unstoppabledomains.com, 2 July 2024. |
Create First, Claim Later. From a legal-naming perspective, this pattern of successive creations may be understood as an anticipatory strategy of field occupation: establishing a presence first, then asserting a claim. Such an approach enables Unstoppable Domains and its partners to experiment with the market, consolidate a user community, and generate indicia that may later support the demonstration of legitimate commercial interest. That said, no presumption of entitlement exists within the DNS framework. ICANN remains responsible for assessing applications and adjudicating potential conflicts. Yet, in practice, factual priority may influence the evaluation, providing applicants with a form of de facto advantage even absent formal rights.
4. The Collision Challenge
When Two Streets Share the Same Name: The .wallet Case. As early as 2022, ICANN raised a risk worth considering: if two different systems use the same extension name, the computer will no longer know which one to choose[9]. Put simply, it is as if two streets in the same city had exactly the same name, a situation that would clearly be undesirable. In theory, this risk, known as “collision,” could involve either a DNS extension and a cryptoTLD, or two cryptoTLDs. (A collision between two DNS suffixes is inconceivable.) Yet this risk has not remained theoretical: it materialized with the highly promising and much-coveted .wallet, which at one point was offered both by Unstoppable Domains and Handshake. The conflict escalated into litigation in the United States[10], though no substantive decision was issued. Still, Handshake reportedly stopped offering .wallet cryptodomains, while Unstoppable Domains continues their commercialization[11]. In short, this episode illustrates in concrete terms that two competing roots can lead to the same suffix in different namespaces—resulting in technical uncertainty and legal friction. And the more cryptoTLDs proliferate, the greater the likelihood that this scenario will repeat.
The Risk of Preemptive Torpedoing. One can easily imagine a bad-faith actor who, anticipating a DNS application for 2026, rushes to “preempt” the suffix by hastily creating an identical cryptoTLD. The asymmetry of timing works in their favor. On the blockchain side, everything can be done in a matter of days: minting the TLD, launching initial registrations, aggressive marketing, superficial partnerships, and the rhetoric of “we were first.” On the DNS side, by contrast, the calendar is lengthy and procedural, involving applications, comment periods, objections, and clarifications. Thus, without creating any enforceable right within the ICANN framework, such a cryptoTLD can still blur reference points, sow user confusion, generate media noise, and complicate the life of the DNS applicant during the public phase. It may even be invoked as an argument against the suitability of the suffix, even though ICANN to date grants no priority or presumption of seniority to uses outside the root. In short, blockchain time is not DNS time, and this gap can be exploited to torpedo a DNS application without creating any real or serious preferential right in legal terms.
5. TLDs : First come, first served ?
DNS: A Framed First-Come, First-Served. In the DNS, this principle is tempered by an institutional framework. TLD operators must be accredited, sign a Registry Agreement[12], meet technical and financial requirements, and provide continuity mechanisms. In the event of a serious failure, ICANN can activate the so-called Emergency Back-End Registry Operator (EBERO) [13] procedure to maintain critical functions while a more permanent solution is sought. This is precisely what happened with .WED, the first new gTLD program extension to be placed under EBERO at the end of 2017. The .wed TLD, once operated by Atgron, Inc., encountered severe financial and operational difficulties. In May 2017, ICANN triggered the EBERO procedure[14] and temporarily entrusted the technical management of the TLD to Nominet[15] in order to maintain critical services (DNS resolution, WHOIS, DNSSEC)[16]. Lacking a buyer, the registry agreement was eventually terminated, and the .wed TLD was removed from the root in 2019[17]. The outcome was unfortunate in this case. Nevertheless, the importance of having such a safety mechanism in place cannot be overstated.
CryptoTLDs: An Unframed “First Come, First Served”. In blockchain-based namespaces, there is no equivalent of ICANN to accredit operators, verify their stability, or organize continuity of service. The W3DA does not play a role comparable to ICANN[18]. As a result, the first-come, first-served principle applies without a safety net: no Registry Agreement, no EBERO. In the event of an operator’s failure, the survival of a cryptodomain depends solely on technical design. If the model is truly non-custodial[19] and the smart contract is immutable, registrations may persist on-chain, but usage can degrade significantly if the administration interface, resolution gateways, or renewal mechanisms disappear. Conversely, in more centralized or hybrid models, the shutdown of the back end can make the name difficult to resolve, non-transferable, or simply invisible to most users. In other words, whereas the DNS benefits from an institutional safety net in times of crisis, cryptoTLDs rely almost entirely on the robustness of their code, the redundancy of their resolvers, and the economic viability of their operator.
6. A Strategic Roadmap for Brand Owners
Cryptosquatting and Collisions: The Risks of Web3. For brand owners, Web3 is no longer just an experimental playground. The coexistence of multiple namespaces (primarily the DNS and blockchain-based spaces), the absence of safeguards comparable to those of the DNS, and the prospect of twinTLDs create both opportunities and tangible risks. Three risks dominate today: identity hijacking through on-chain addresses or profiles resembling the brand (cryptosquatting); suffix collisions that may confuse users; and technical dependency on private cryptoTLD operators without any continuity mechanism equivalent to EBERO.
Prioritizing. To best mitigate such risks, priority should be given first to ecosystems where the brand already enjoys some visibility, followed by those gaining interoperability with the DNS. More concretely, ENS holds a central place for Ethereum use cases and benefits from growing DNS bridges, while Unstoppable Domains promotes a portfolio approach of extensions and partnerships, and Handshake emerges as a space for creativity but also potential collisions. It is also important to consider the relevance of the TLD in question, the risk of homonymy, and the likelihood that a “DNS twin” may appear in the future.
Integrating Cryptodomains into Brand Protection Policy. In this context, it may be useful to recommend the establishment of a naming strategy that seriously incorporates blockchain-related issues: identifying signs to be protected; adopting defensive registration rules; defining criteria for the use of blocking mechanisms (where available); and developing a specialized monitoring strategy for cryptodomains and NFT marketplaces[20]. On the governance side, it would also be advisable to structure key management rigorously, notably by requiring multi-signature for sensitive operations and maintaining an internal registry of holders and proofs of control.
Anticipating Web2 × Web3 Hybridization. “Twin domain” bundles mean that a single purchase can result in two distinct objects: a traditional DNS domain and its blockchain counterpart. This new paradigm has immediate consequences for brand owners. On the blocking side, if such hybrid TLDs are included in a service like GlobalBlock[21], a single measure could neutralize both the Web2 and Web3 versions of a name, shifting the balance between blocking and defensive registrations. On the monitoring side, alerts generated by Web2 tools will need to be supplemented with checks in relevant Web3 environments, particularly NFT marketplaces and associated wallet addresses. In other words, hybridization does not eliminate the usual tasks but adds new checkpoints and, depending on GlobalBlock coverage, may reduce the volume of defensive registrations required[22].
Conclusion
Two-Speed Naming. Naming is entering a two-speed phase. The DNS remains a unique and coordinated tree. CryptoTLDs bring new uses but introduce multiple roots and therefore a risk of collision. The ICANN 2026 window and the arrival of twinTLDs could intensify these tensions while also opening useful options.
Jumping on the Web3 Train. For brand owners, the challenge is no longer to sit back and observe but to jump on board. The right strategy is pragmatic. First, test, document, adjust. Second, closely follow the work of ICANN, the IETF, and the Web3 Domain Alliance. Third, prepare for Web2 × Web3 bundles, which may simplify certain protections but still require vigilance.
Notes
[1] A resolver is like the phone book of the internet. It takes a name you can read, like iptwins.com, and finds the exact “number” the computers use, called the IP address. To do this, the resolver asks step by step: first the root servers, then the TLD servers (like .com), and finally the authoritative servers that hold the official records for the domain. The authoritative servers are the ones that give the final, correct answer. For example, the DNS servers listed in the NS records of iptwins.com are authoritative for that domain. Most people use the recursive resolver provided by their Internet Service Provider (ISP), which also saves (caches) answers to make the process faster next time.
[2] That is, a mechanism where verification takes place off-chain and does not require the user to pay any transaction fees.
[3] “CCIP-Read” corresponds to the Ethereum standard known as “EIP-3668,” which allows a smart contract to read off-chain data in a verifiable way and then use it on-chain.
[4] gregskril.eth, “Announcing Free DNS Domain Usage in ENS with GoDaddy”, ens.domains, 5 February 2024 ; “GoDaddy and Ethereum Name Service Simplify Connecting Domain Names and Crypto Wallets for Customers”, 5 February 2024.
[5] “IPFS,” short for “InterPlanetary File System,” is a peer-to-peer protocol and network for storing and sharing files using “content addressing” rather than “server addressing.” What are called “IPFS gateways” therefore refer to HTTP gateways that bridge the traditional Web and IPFS..
[6] https://www.web3domainalliance.com/.
[7] Cf. infra.
[8] See the “France.com” case. In this instance, reproducing the name of a city or a state in a top-level domain can create a risk of confusion for the user.
[9] Alain Durand, Challenges with Alternative Name Systems – OCTO-034 (ICANN, April 2022, pp. 13 et s. : icann.org).
[10] Unstoppable Domains Inc. v. Gateway Registry, Inc. (1:22-cv-00948) : courtlistener.com.
[11] Andrew Alleman, “Unstoppable Domains drops lawsuit against Handshake .wallet owner”, domainnamewire.com, 15 September 2023.
[12] Base Registry Agreement (21 January 2024) : icann.org.
[13] Article 2.13 du gTLD Base Registry Agreement (21 January 2024) : icann.org.
[14] ICANN, “.WED Placed in Emergency Back-End Registry Operator (EBERO) Program”, 8 December 2017 : icann.org.
[15] Registre du ccTLD .uk.
[17] ICANN, “.wed Registry Agreement – Terminated”, 5 October 2020 : icann.org.
[18] The Web3 Domain Alliance (W3DA) is a coalition of Web3 naming actors initiated by industry companies, including Unstoppable Domains. Its role is declarative and voluntary. Its functions are limited to promoting interoperability and best practices, publishing non-binding recommendations on collision management and third-party rights protection, facilitating technical exchanges among members, engaging in advocacy with browser publishers and DNS ecosystems, and encouraging voluntary commitments such as non-assertion pledges of certain intellectual property rights among members. The W3DA does not administer any root, does not accredit operators, does not delegate TLDs, does not manage a central registry, does not provide a dispute resolution procedure, and does not have any contingency mechanism comparable to EBERO. Its effectiveness relies on members’ adherence to and voluntary implementation of its principles.
[19] The user has sole control of their keys.
[20] In particular Opensea.io et Rarible.com (September 2025).
[21] GlobalBlock is a multi-extension blocking service (to which Unstoppable Domains has subscribed) that makes a brand label unavailable across participating cryptoTLDs in a single action. See. Arthur Fouré, “GlobalBlock: Introducing a new blocking mechanism in over 500 extensions”, iptwins.com, 8 February 2024.
[22] Simon Penchansky « Coup de projecteur sur la prochaine ronde : les packs de domaines Web2-Web3 », iptwins.com, 17 septembre 2025.