NoRegistry.

An address tied to your key. No registrar. No authority. Nothing to seize.

PKDNS is a naming system where your address is derived from a cryptographic key. There is no registry to contact, no domain to register, and no authority that can take it down. It runs over the same distributed network that BitTorrent has operated reliably for over 20 years.

Try it now → Learn more
This page lives on noregistry.com — a domain we paid $15 to register with a company that can take it away. The PKDNS address below cannot be seized by anyone. Ever. pk:cqwmibxsfx33fgs4ix1kqhuapuxbty9t33jsk5o4nzwzy9kqhuro
25M+
DHT Nodes
20yr
Network uptime
0
Registrars
Illustrative — PKDNS is anonymous by design. No nodes are tracked.

DNS is a kill switch.

Every domain name on the internet has an owner who can be pressured. A registrar who can be seized. A government who can issue a takedown. The kill switch still exists — it is just held by a different hand.

SEIZED_DOMAINS.LOG
Domain What it was Seized by Year Status
sci-hub.org Academic paper repository US & UK court orders 2021 ☠ Seized
libgen.org Book & paper library US court order 2015 ☠ Seized
z-lib.org Book library US Dept. of Justice 2022 ☠ Seized
tornadocash.eth Privacy protocol frontend OFAC sanctions 2022 ☠ Seized
kat.cr Torrent index US Dept. of Justice 2016 ☠ Seized
megaupload.com File sharing platform FBI / DOJ 2012 ☠ Seized
These domains no longer belong to the people who built them.

IPFS tried to solve this. It didn't.

In 2015, Protocol Labs launched IPFS with the right idea: address content by what it is, not where it is. Brave, Opera, and Cloudflare all shipped IPFS support. Protocol Labs raised hundreds of millions.

But IPFS built its own DHT from scratch — and that DHT never matched the scale or reliability of the Mainline DHT BitTorrent already operated. Content was frequently unavailable. Resolution was slow. The naming problem was never solved.

Most IPFS access today goes through Cloudflare's gateway. The decentralised web, routed through a centralised company. Again.

"The vision was right. The infrastructure was wrong."
2005

Mainline DHT launches

BitTorrent's distributed hash table goes live. Designed for scale from day one.

2015

IPFS launches

New DHT, new network, new protocol. Builds in isolation from existing infrastructure.

2018

Cloudflare IPFS gateway

Cloudflare steps in to make IPFS usable. Centralisation creeps back in.

2022

Tornado Cash precedent

IPFS gateways remove content under legal pressure. The failure point is confirmed.

2025

Mainline DHT: still running

25M+ nodes. No company. No authority. No seizable domain. Still works.

What actually works.

PKDNS addresses are derived from your public key — not a registrar, not a company. Records are published directly to Mainline DHT, the same network BitTorrent has run on since 2005: 25 million nodes, no single operator, nothing to seize.

No registration. No renewal. No permission required. Written in Rust, runs on a Raspberry Pi, drops in alongside Pi-hole in under 10 minutes.

  • Address is your public key — mathematically impossible to seize
  • Records published to Mainline DHT — 25M+ nodes, no single operator
  • No new network to trust — built on 20 years of proven infrastructure
  • Zero registration — no account, no fee, no renewal
  • No permission required to publish or resolve
  • Lightweight Rust binary — runs on a Pi, in Docker, or natively
  • Drop-in resolver — works alongside Pi-hole and AdGuard Home
COMPARISON_TABLE
Traditional DNS IPFS PKDNS
Address tied to Domain registrar Content hash Public key
Can be seized Yes Gateway can be No
Infrastructure Centralised Custom DHT (fragile) Mainline DHT (25M+ nodes)
Reliable in practice Yes Often not Yes
Zero config to use Yes No Yes
Running since 1985 2015 Built on DHT from 2005
Central authority ICANN / Registrars Protocol Labs / Gateways None

Try it. Right now.

No install needed. Point your DNS to our public resolver and resolve a PKDNS address in 30 seconds.

STEP 1 — SET YOUR DNS

Point your device or router's DNS to our public resolver:

DNS server
46.225.159.225

STEP 2 — RESOLVE A PKDNS ADDRESS

Then run this in your terminal:

bash
dig pk:cqwmibxsfx33fgs4ix1kqhuapuxbty9t33jsk5o4nzwzy9kqhuro

It resolves to noregistry.com — no registrar involved.

Training wheels, not the destination. The public resolver is a centralised point — it can be taken down. That contradicts everything this project stands for. Use it to experience PKDNS in 30 seconds, then run your own. That's the whole point.

Run your own. In minutes.

Two ways to install. Pick one.

Downloads and installs the pkdns CLI to ~/.pkdns/bin and adds it to your PATH.

01

Install pkdns-cli

bash
curl -fsSL https://raw.githubusercontent.com/thisispav/no-registry/main/packages/cli/install.sh | sh

Then open a new terminal (or run source ~/.zshrc) so pkdns is on your PATH.

02

Download the pkdns binary

bash
pkdns install
03

Configure

bash
pkdns init
04

Start & verify

bash
pkdns start
pkdns test

No install step. Use bunx (Bun) or npx (Node) to run pkdns-cli directly.

01

Run pkdns-cli

bash — Bun
bunx pkdns-cli --help
bash — Node
npx pkdns-cli --help

Replace pkdns with bunx pkdns-cli in every command below.

02

Download the pkdns binary

bash
bunx pkdns-cli install
03

Configure

bash
bunx pkdns-cli init
04

Start & verify

bash
bunx pkdns-cli start
bunx pkdns-cli test

What gets unlocked.

Once your resolver is running, here is what becomes possible.

[KEY]

Addresses no registrar can seize

Resolve names tied to cryptographic keys. No ICANN. No court order applies. No registrar to pressure.

[NET]

Access Pubky homeservers

Reach Pubky applications and homeservers via their public key address. No gateway required.

[DHT]

Strengthen the network

Every resolver you run is another node participating in the DHT. More installs means a more resilient network for everyone.

[DEV]

Build on it

Build applications where the endpoint is the key — payments, identity, services. No registrar in the dependency chain.

Try to take this down.

Here is the standard playbook for removing a website. Here is why none of it works on a PKDNS address.

Works on traditional DNS
  • Contact the domain registrar and file a complaint
  • Obtain a court order forcing the registrar to suspend the domain
  • File a DMCA takedown with the hosting provider
  • Issue OFAC sanctions — pressure registrar and host to comply
  • Contact the CDN (Cloudflare) and request removal from their network
Doesn't work on PKDNS
  • No registrar exists — the address is derived from a cryptographic key
  • No court can compel a registrar that does not exist
  • No hosting provider controls the record — it lives in the DHT
  • No company to sanction — the network has no owner or operator
  • No CDN middleman — records are resolved peer-to-peer across 25M+ nodes