A Permissioned Blockchain-Based Secure DNS Governance System Using Hyperledger Fabric

The Domain Name System (DNS) is a foundational component of internet infrastructure, mapping human-readable domain names to machine-routable IP addresses. However, traditional DNS management models rely heavily on centralized administrative control, making them vulnerable to unauthorized updates, spoofing attacks, and insufficient audit transparency. A compromised administrative account can result in unilateral, undetected malicious routing changes. To address these limitations, this paper proposes a permissioned blockchain-based DNS governance platform engineered using Hyperledger Fabric 2.2. The system introduces a multi-organization governance framework in which critical DNS operations—such as domain onboarding, IP modifications, and malicious domain blacklisting - are executed through structured, on-chain smart contracts. Each domain record transitions through a strictly controlled lifecycle (PENDING, ACTIVE, BLACKLISTED) and requires a mathematical consensus of at least two independent organizations to authorize network changes. Implemented via a three-tier architecture comprising a Go-based chaincode layer, a Node.js REST API integrated with external threat intelligence, and a React.js frontend, the platform provides immutable auditability and real-time observability via Server-Sent Events (SSE). Experimental deployment demonstrates that the proposed system effectively eliminates the Single Point of Failure (SPOF) in DNS management, ensuring tamper-resistant record integrity and strengthening cross-organizational trust.