UPDATE February 10, 2020: Migration is complete! All names are safe, existing records were migrated, and registrations/renewals have been re-enabled.
Today we’re announcing we’re working with the ENS root key holders to replace the ENS registry contract. This fixes an unexploited bug as well as adds some new functionality.
No immediate action is required for most users. All names are safe, and if you’re an average user you can continue using ENS as normal.
Wallets, dapps, subdomain registrars, libraries, and any other services that use ENS need to upgrade to the new registry contract. In the meantime, services using the old registry contract will still function, though they will soon start to return stale results. We recommend all services upgrade right away. When you do, please notify us at firstname.lastname@example.org so we can make sure everyone upgrades.
Here’s a guide explaining exactly what services need to do: Guide for DApp Developers
We were made aware of some unexpected behavior of the current ENS registry contract by Sam Sun. We will be posting a full post-mortem at a later date.
In short, if a person transferred an ENS name in a specific way, they would be capable of later claiming it back away from the new owner. This would not have worked if a person transferred a name in the normal way. In other words, to make use of this bug, the person doing the transferring had to have been intentionally setting themselves up from the beginning to claim it back. You can read a more technical description here.
As far as we can tell, this has never been exploited. This new registry contract removes the possibility.
The new registry implementation has been audited by Sam Sun, as well as reviewed by ConsenSys Diligence. No issues were found by either auditor.
We’re taking advantage of this upgrade to introduce some new functionality to streamline ENS. New features include the abilities to:
- Configure the owner and resolver of a name in a single transaction
- Create a subdomain and set a resolver for it in a single transaction
- Authorize contracts or other accounts to make changes to domains (change their resolver and owner) on their behalf, similar to ERC721’s ‘authorization’ functionality
The new ENS registry has already been deployed, and services using ENS should upgrade to it in their code as soon as possible. It has a fallback function to the old registry, so the new registry should work right away.
We plan on migrating .ETH names from the old registry to the new one between February 3rd and 5th, after which if you your service is still using the old registry it will start returning stale results.