Why Leo Finance should consider migrating away from GoDaddy

0 75
Avatar for ircrp1
Written by
2 years ago

As a user of platform I care and use almost on daily basis I would like to feel that its security is reviewed on regular basis. While not in doubt that we are having some amazing development team formed around Leo Finance which is constantly stepping up the game in various areas, sometimes we need to step up as users and help drive some changes for our own and future users benefits.

One of the areas which I would personally like to see looked into, coming out of the 2020 November DNS hijacking of popular crypto domains and followed by the most recent Pancake Swap and Cream Finance DNS takeovers is the DNS registrar of leofinance.io and cubdefi.com which according to lookup.icann.org/lookup appears to be the infamous GoDaddy

The reason I would like to see Leo Finance look into this matter is because of the recent multiple reported mishandlings of GoDaddy when it comes to social engineering attack vectors on its employees which reportedly lead to domains being transferred over to malicious actors.

I would ideally like to see this being taken as an opportunity to step up the security and perhaps take the platform into more resilient, accessible and decentralized setup to protect as many users as possible when an issue arises.

Not to suggest any directions as I am not an expert by any means, however would like to think the solution Uniswap has set up may be one to look up to, with their setup heavily driven by IPFS (InterPlanetary File System) with its primary gateway being available through Cloudflare and a few standby IPFS gateways being available

One of the problems highlighted by the recent Pancake Swap DNS hijacking is that even if the affected project's team is quick to react which in the above case took around 2 hours to regain the access to DNS and point it back to their own servers, the damage lasts for much longer due to various aspects like DNS propagation. With that, many users were facing the taken over version of the domain for much longer than just several hours and some projects have taken decisions to postpone their listing because they've deemed that their users would be still at risk.

Source: https://twitter.com/B21Official/status/1371836082778693639

Related Reading


Accumulate Crypto daily

$ 0.35
$ 0.25 from @lerkfrend
$ 0.10 from @TheRandomRewarder
Avatar for ircrp1
Written by
2 years ago