TLD Oracle
Claim TLDs in ENS using DNSSEC proofs. DNS registries can register their TLDs by proving ownership through their _ens.nic.{tld} TXT record.
ℹ
Testnet Deployment: This is deployed on Sepolia with a 15-minute timelock for testing. In production, the timelock will be 10 days to allow DAO review.
Claim TLD
How it works: Anyone can submit a claim (acting as a gas relayer), but the TLD is always minted to the owner address specified in the
_ens.nic.{tld} TXT record — which only the DNS registry can set.Note: In production, only the TLD owner will be able to initiate claims to ensure explicit intent.
⚠ Proof Freshness: The contract requires proofs ≤14 days old to prevent replay attacks. Registry must re-sign.
.
1
Check TLD Availability
Verify TLD is not already claimed or pending
2
Fetch DNSSEC Proofs
Query _ens.nic.{tld} TXT record
3
Submit Claim
Send transaction to TLDMinter contract
Valid TLDs
P-256TLDs using Algorithm 13 (ECDSA-P256) for lower gas costs. Verisign migrated .com/.net/.edu to P-256 in 2023, signaling industry-wide adoption.
Claim Status:
Available Pending Ready Claimed Vetoed
Proof Freshness:
Fresh = Proof ≤ 14 days oldStale = Proof > 14 days (cannot claim)
Contract requires proofs ≤14 days old to prevent replay attacks. Registry must re-sign.
Governance
Connect wallet to view governance controls
How It Works
1
Setup DNS Record
DNS registry publishes a=0x... in _ens.nic.{tld}
2
Submit Claim
Fetch DNSSEC proofs and submit claim to TLDMinter contract
3
Wait for Timelock
15 minutes (testnet) or 10 days (mainnet) for DAO review and potential veto
4
Execute Claim
After timelock expires, execute to mint the TLD in ENS
Contract Addresses (Sepolia)
DNSSEC Oracle:0x31D1acba033d8A4Ab3f6334355289034d32cFD89