Understanding the Collision Risks: Where Blockchain Identifiers Meet Domain Names

Blockchain-based identifiers are emerging as an alternative to assigning human-readable names to web services, wallets, and Web3 applications.

Though their adoption is still limited, with millions of registrations compared to the hundreds of millions in the DNS, these identifiers introduce new risks to the DNS.

But not all blockchain identifiers pose the same level of concern. Some are parked and unused, making them unlikely to cause conflicts. Browser support is still limited, further reducing the likelihood of widespread collisions. Blockchain Identifiers that actively serve content and emulate DNS use are more likely to pose greater risk, while other forms of use (such as mapping to wallets) may be less consequential.

With the support of Afnic, Oxford Information Labs developed a risk assessment framework to explore how blockchain identifiers are being used and which pose the greatest risks to the DNS.

This research builds on our earlier work tracking blockchain domain uptake and providers' ecosystem, and offers a structured view of the risks that arise when blockchain identifiers intersect with DNS.

The Dataset

For this study, we analysed blockchain identifier data provided by Freename, covering multiple providers:

• Unstoppable Domains
• Ethereum Name Service
• Zelliqa Name Service
• Handshake
• Freename
• DecentraName
• NameWrapper

In total, the dataset included 11.3 million blockchain identifier records:

• 4.7M Top Level Records
• 6.4M Second Level Records
• 220K Third level Records

Our analysis focused on the 6.4 million second-level records, comparing them directly against second-level DNS domains. Handshake records were excluded from this phase as only top-level data was available.

Six Dimensions of Risk for Blockchain Domains

To evaluate the potential risks that blockchain identifiers may pose to the DNS, we assessed them across six key areas:

Abuse Potential: Evaluates whether the blockchain identifier has a history of abuse in the DNS or other online ecosystems.

Usage: Assesses whether the identifier enables similar services to those of domain names, primarily hosting content.

Brand Infringement: Identifies blockchain identifiers that contain or mimic top global brands, highlighting potential trademark conflicts.

Browser Compatibility: Measures whether the identifier can be resolved and used across major browsers, including Opera, Brave, Firefox, Safari, and Chrome, with or without an add-on.

DNS Integration: Considers whether the identifier supports DNS integration, including DNS-to-Web3 mapping and features such as synchronisation, lifecycle validation, and DNSSEC.

Dispute Resolution: Evaluates the availability of dispute mechanisms to challenge potential infringements on blockchain identifiers.

Findings on usage, integration, and browser compatibility were covered in our previous blog: Mapping Blockchain Domain Providers: 10 Key Findings. This blog focuses on three areas most relevant to DNS stakeholders: abuse potential, brand infringement, and dispute resolution.

Abuse Potential

Abuse risk arises when a blockchain identifier matches a DNS domain already associated with malicious activity, such as phishing or malware. If a blockchain identifier replicates a domain previously flagged for abuse, it is more likely to be connected to similar misuse.

To conduct this analysis, we considered threat signals on the Global Signal Exchange (GSE). We compared second-level blockchain identifiers against threat signals reported to the GSE. For example, if [my-phishing-domain].com had been reported to the GSE as a phishing site, and [my-phishing-domain].blockchain existed as a second level registration on the blockchain, we counted it as a match.

Out of 6.4 million second-level blockchain identifiers, we found 10,5% of the registrations matched reported abuse signals on the GSE:

• 358,491 Confirmed Report Matches
• 315,280 Predictive Matches (based on AI and pattern recognition)

This indicates that a significant portion of blockchain identifiers overlap with domains known or suspected to be malicious in the DNS. For DNS stakeholders, these identifiers are naturally considered higher risk, as they may facilitate phishing, malware, or other abuse.

Brand Infringement

The DNS industry plays a critical role in helping brands establish and protect their online presence. The appearance of well-known brand names—or close imitations—in blockchain identifiers represents a clear risk, potentially leading to trademark conflicts, user confusion, and reputational damage.

Using the top 100 global brands list, we scanned for identifiers that appeared to target brands. Roughly 1% of identifiers (66,718) contained potential brand references:

• 62,928 contained brand keywords eg. [my-apple].blockchain
• 3,583 used look-alike strings eg. [4pple].blockchain
• 207 were exact matches of brand keywords eg. [apple].blockchain

Top brands most frequently appearing in blockchain identifiers included Audi, Ford, SAP, 3M, Apple, Tesla, Amazon, Kia, Jordan, and Nike.

Some providers (such as Ethereum and Unstoppable) block some trademarks during registration, which helps explain why exact matches were relatively rare.

While wallet ownership data is visible, the true identity of the registrant is often unclear—meaning that some exact matches could represent legitimate registrations by the brand holder.

Dispute Resolution

In the domain name ecosystem, brand holders have recourse through the UDRP (Uniform Domain-Name Dispute-Resolution Policy) to reclaim infringing names or alternative dispute resolution system No equivalent process currently exists across the blockchain providers we examined, leaving trademark holders with limited options when conflicts arise.

Our analysis identified 1,456 blockchain identifiers whose second-level strings had already been the subject of a successful UDRP case in the DNS For example, huaweipay.com in the DNS was transferred as a result of a UDRP; our analysis found a matching string,

huaweipay.eth, registered as a blockchain domain.

Brands with the highest number of overlapping UDRP cases included Google, Amazon, Lego, Instagram, SAP, Disney, Gucci, Facebook, Ford, and Nike.

Why It Matters

Blockchain identifiers remain a relatively small part of the overall naming ecosystem, but their presence introduces a range of risks that warrant attention.

These findings underline the growing collision space between domain names and blockchain identifiers. While many blockchain identifiers might be harmless, a meaningful subset could raise concerns for DNS operators, trademark holders, and the security community.

Without clear mechanisms for dispute resolution or integration safeguards, the risk of confusion, abuse, and brand conflict is likely to increase.

Moreover, monitoring adds a new overhead in being able to detect possible threats from disparate blockchain identifiers systems on both underlying tech and governance.

By systematically analysing these risks, stakeholders can better anticipate challenges, identify areas needing governance or technical safeguards, and collaborate to reduce exposure. While uptake is currently modest, the findings underscore the importance of proactive monitoring and engagement as blockchain identifiers continue to evolve.