Mikołaj Hołysz@kuba Re: hacking, this is a fundamental dilemma, if your registrar has the ability to forcibly transfer your domain to somebody else, they can help recover it in case of a hack, but they can also disable it when their automated AI systems mistakenly flag it as suspicious.
There are ways to mitigate this problem. Handshake for example has a concept of "domain burning", if somebody steals a copy of your key and tries to transfer your domain to their own, you have some time (two weeks I think) to disable the domain completely, making it unavaiblable to both you and the hacker. This removes any financial incentives for domain hacking, as most people would rather lose their domain than have it go to a hacker.
There are also other designs where you have multiple parties that need to authorize a transfer. You could even design this in a way where you need a both your key and a registrar's key to transfer a domain to somebody else, but the registrar's key isn't allowed to make any changes to the domain without your express consent.
All 076萌SNS content and data are available under the