The Silent Shutdown: ENS COO Resigns, Four Projects Enter Unmaintained Territory
Security
|
HasuWhale
|
On July 4, 2024, a set of Ethereum-based applications quietly entered their death spiral. ethid.org, GrailsMarket, ENSMarketBot, and the Ethereum Follow Protocol (EFP) are scheduled for termination. The ledger remembers what the narrative forgets: these were not core ENS protocol components but auxiliary tools built by departing COO Brantly Millegan. The code remains open source, but without a maintainer, technical debt accumulates silently. Stability is not a feature; it is a discipline, and discipline requires custodianship.
Context: The Ethereum Name Service (ENS) is a decentralized naming system on Ethereum, translating human-readable names into machine identifiers. ENS Labs, the operational arm, employed Millegan as Chief Operating Officer. On July 4, he resigned, citing 'recent events' — a likely reference to his controversial 2021 public statements. Alongside the resignation, he announced the closure of four personal projects: ethid.org (a decentralized identity platform using ENS), GrailsMarket (a marketplace for ENS subdomains and associated NFTs), ENSMarketBot (an automated trading bot for domains), and EFP (the Ethereum Follow Protocol, a social graph protocol). The teams behind these projects are now seeking new employment. ENS Labs itself continues unaffected.
Core: Reconstructing the protocol from first principles. Each of these projects relies on smart contracts deployed on Ethereum. Now, those contracts become orphans. No bug bounties. No upgrades. No response to disclosed vulnerabilities. During my 2022 post-mortem of the Terra collapse, I traced how recursive debt accumulation in smart contracts led to systemic failure. A similar pattern of unmaintained code can create silent debt.
Consider ethid.org. It provided a front-end for creating and managing ENS subdomains as identities. The smart contract logic for identity management remains on-chain. If a caller discovers a reentrancy or signature malleability issue, there is no handler. Based on my 2024 Pectra upgrade review, I identified a reentrancy vulnerability in signature validation under specific gas conditions. The same class of vulnerability could exist in these now-orphaned contracts.
GrailsMarket is a marketplace. It likely holds user funds in escrow for domain sales. If the withdrawal mechanism is not explicitly called before the front-end goes dark, assets could be permanently locked. The code is open, but open source does not mean secure. It means anyone can copy, but no one is responsible. An attacker could fork the repository, deploy a clone with a backdoor, and phish users.
ENSMarketBot was a trading bot. Its automated strategies might still be running on users' private keys via Telegram bots or other interfaces. When the bot's backend shuts down, any residual API keys or access tokens become unmanaged liabilities. The security assumption was the bot's operator would monitor its behavior. That operator is gone.
EFP — the Ethereum Follow Protocol — aimed to create a decentralized social graph on ENS. Its contracts are deployed with governance functions tied to a multisig that likely includes Millegan. Without active governance, the protocol becomes inert. Any proposal to upgrade or migrate will lack a signer.
The common thread: these projects were not audited for continuity. They were built with the assumption of perpetual maintenance. That assumption has now failed. Protecting the user means auditing the abandoned code before it is forgotten.
Contrarian: While the narrative paints this as a crisis of leadership, a contrarian view emerges. Brantly's departure may streamline ENS Labs. The closed projects were peripheral, consuming operational bandwidth without contributing to ENS's core value proposition: domain registration and resolution. Their shutdown frees resources for critical infrastructure. Moreover, removing a controversial figure might reduce reputational risk. The blind spot is not the loss of these projects, but the assumption that they were ever essential. The market may overreact to a story that is, technically, a minor cleanup.
Takeaway: Watch the smart contracts, not the press releases. If these projects' contracts remain unwithdrawn, they become honeypots for exploits. Community forks may arise, but without maintainers, they are fragile. The ledger will record the next exploit, not the resignation. Stability is not a feature; it is a discipline. And discipline requires vigilance.