Enable Root and Registrar Security Controllers
AI summary
This proposal aims to enhance the security of the ENS (Ethereum Name Service) system by introducing two new 'break-glass' security controllers. These controllers, `RootSecurityController` and `RegistrarSecurityController`, would allow the ENS Security Council to quickly disable compromised top-level domains (TLDs) or problematic .eth registrar controllers in emergency situations. This is designed to reduce the time an attacker could exploit a vulnerability, which currently requires a lengthy DAO vote.
If this proposal passes, the ENS Security Council will gain expanded powers to act swiftly in security emergencies, potentially preventing widespread damage from attacks. This benefits the entire ENS ecosystem by making it more resilient to exploits. The DAO retains ultimate control as it can reverse any changes made by the council or remove their powers, but the council's authority is increased.
Voting results
🐳 Whale votes
0 votes > 5% VPFull proposal
Enable Root and Registrar Security Controllers
Abstract
This proposal enables two break-glass security controllers:
RootSecurityController, which can disable a TLD by taking ownership and clearing its resolver.RegistrarSecurityController, which can disable a .eth registrar controller.
Motivation
At present, remediating a compromise or security vulnerability in critical parts of the ENS contracts requires a DAO vote, which takes a minimum of 9 days. This provides a significant window during which an attacker could take advantage of a vulnerability with no way to stop it. Th…