ENS · closed proposal

[Executable] Replace DNSSEC oracle algorithms

0xb8c2…67d5·ended 57y ago·● HIGH RISK

Voters

222

ENS voted

1439291702118360.00B

≈$6764670999956293.00B

Token price

$4.70

AI summary

This proposal aims to upgrade the ENS DNSSEC oracle by replacing three cryptographic algorithm contracts. The primary motivation is to fix a critical security vulnerability that could allow fraudulent claiming of domain names under .cc and .name TLDs due to a flaw in RSA signature validation. Additionally, it includes an optimization to reduce gas costs for P-256 signature verification by leveraging a new Ethereum precompile.

Impact

If this proposal passes, the critical security vulnerability affecting .cc and .name domains will be patched, preventing potential fraudulent registrations. Users interacting with P-256 signatures will benefit from significantly lower gas fees, reducing transaction costs. If it fails, the security vulnerability will persist, leaving .cc and .name domains susceptible to unauthorized claims.

Read full proposal on Tally ↗

Voting results

For1439291702118360.00B (100.0%)

Against0 (0.0%)

Abstain0 (0.0%)

1439291702118360.00B ENS · ≈$6764670999956293.00B · 222 votersblock 2026-02-25T16:04:23Z

🐳 Whale votes

0 votes > 5% VP

No whale votes on this proposal.

Full proposal

Original markdown · ENS

[Executable] Replace DNSSEC oracle algorithms

Abstract

This proposal replaces three DNSSEC oracle algorithms with newly deployed contracts to address the following two issues:

[Executable] Replace DNSSEC oracle algorithms

AI summary

Voting results

🐳 Whale votes

Full proposal

[Executable] Replace DNSSEC oracle algorithms

Abstract

Motivation

RSA Signature Forgery (Critical)

📚 Similar past proposals