We want to start with a question that most people never ask, because the system is designed so that you never have to ask it.

Who actually owns your address on the internet?

Not the content you put there. Not the business you’ve built there. Not the community you’ve gathered there. The address itself — the string of letters that points the world to you — who owns that, and what happens to it when the company holding it changes its mind, changes its owners, runs out of money, or simply decides your use case no longer fits its business model?

The answer, if you dig into it, is uncomfortable. And it’s the reason we built Queensland Foundation the way we did.

The Infrastructure You Think You Own

When someone registers a domain name, they’re not buying anything in the way most people understand buying. They’re licensing the right to use a name — from a registrar, which operates under accreditation from a centralised governance body, which sits inside a system of policies and contracts that none of the people using those domain names helped write and none of them can meaningfully vote on.

The registrar can be acquired. The registry can change its pricing. The policies can shift. The body overseeing it all can be lobbied by governments and corporations with interests very different from the small business, the community group, or the individual family that just wants a stable address on the internet.

Every year, that address has to be renewed. If you forget to renew — if your credit card expires, if you’re in hospital, if you’re managing a business crisis — the domain enters a grace period, then a redemption period, then it gets released. The address you built your reputation around, that your customers have memorised, that’s printed on years of marketing material, becomes available for anyone to grab. Including domain squatters who will ransom it back to you at multiples of its original cost.

This is not a fringe scenario. It happens constantly. Organisations lose their digital presence not because they wanted to, but because the infrastructure model they were using was never actually designed around their long-term interests. It was designed around a recurring billing cycle.

We’re not saying this to be dramatic. We’re saying it because we think about it a lot, and because Queensland Foundation was built in direct response to it.

What “Control” Actually Means

There’s a difference between operating a service and controlling infrastructure. The companies that sell domain names are not neutral utilities. They’re private enterprises with shareholder interests, merger and acquisition strategies, and terms of service they can revise at any time.

When a registrar gets acquired by a larger company, the customers of the original registrar don’t have much say in what happens next. The acquiring company might migrate everyone smoothly. Or it might change the pricing. Or it might discontinue certain domain extensions. Or it might change the terms of service in ways that are technically disclosed in a legal notice buried inside an email that most people never read.

When one company acquires another, customers are typically migrated to the acquiring company’s infrastructure — and this can bring forced platform changes, feature downgrades, and data loss during migration. If your domain is registered with a company that goes down, you may lose access to your domain, which is potentially worse than losing website files: files can be rebuilt, but a domain’s brand recognition cannot.

That’s the kind of risk you absorb every time you trust critical infrastructure to a company whose interests aren’t necessarily aligned with yours.

Even in more benign cases, a registrar going down doesn’t necessarily mean your domain is deleted — but it may cause service interruption if the registrar fails to renew your domains in the registry or modifies settings without consultation. In other words, even the best-case scenario from a failing registrar involves uncertainty, disruption, and a scramble to recover something that should have been yours to hold without condition.

And then there’s a harder question, one most people in digital infrastructure don’t like to sit with: what happens when a company doesn’t fail, but simply decides your use case isn’t worth serving anymore?

The Policy Risk Nobody Talks About

The companies that control domain infrastructure don’t just face financial risk. They face political risk, competitive risk, and the risk of being squeezed between governments with different and often conflicting demands. A registrar operating globally must navigate the laws of dozens of jurisdictions simultaneously. What’s legal and acceptable in one country may trigger a government request to suppress it in another.

Historically, whether inside or outside governance structures, governments — including major democracies — have proven repeatedly that they would like to leverage control of top-level domains and registrars to regulate the content of websites.

That’s not a conspiracy theory. That’s documented institutional behaviour. Governments apply pressure. Companies respond to that pressure. Users absorb the consequences.

There’s also the subtler version of this risk: the policy change that isn’t driven by any government at all, but simply by a company’s evolving sense of what business it wants to be in.

A concrete example of this dynamic played out when a private equity firm attempted to acquire the nonprofit that runs the .ORG domain — one of the most widely used domain extensions for nonprofits worldwide. A coalition of nonprofits and users spoke out, governments expressed alarm, and questions arose about censorship for profit.

Think about what that episode revealed. Millions of organisations had built their digital identities on a domain extension that was, at that moment, potentially about to come under the control of a private equity firm with no particular obligation to those organisations’ missions, or their continued existence on the internet, or their ability to afford whatever the new ownership decided the annual fee should be.

The organisations that had built on .ORG weren’t consulted. They didn’t get a vote. Their ability to remain at their addresses was contingent on a negotiation happening above them, between institutions they had no relationship with, about an asset they believed they were using but didn’t actually own.

We found this deeply clarifying when we were thinking through what Queensland Foundation should be.

The Renewal Trap

Let’s go back to something basic, because it deserves more attention than it usually gets: the annual renewal model.

This model exists because it makes business sense for registrars. Recurring revenue is more predictable and more valuable than one-time sales. It creates customer stickiness through mild dependency. And it generates a constant low-level anxiety in domain owners — the background hum of something important that must be maintained or it disappears.

Never letting your domain expire is crucial advice in the traditional system — because if you do, you may lose it forever. Many companies intercept expired and deleted domains in order to later try to resell them for a profit or use them for their own purposes.

Failure to pay the annual renewal fee on a domain name can be costly. Sometimes domains are lost unexpectedly — perhaps an automatic-renewal option was set up but credit card information wasn’t kept current. This simple mistake can quickly result in the domain name expiring and being purchased by someone else.

We’ve seen what happens at scale. Large and sophisticated organisations — ones with entire technology departments — have lost their domains because of administrative oversights. The renewal model creates a category of permanent fragility. It means your digital address is never fully yours. It is always on loan, always subject to the next billing cycle, always one administrative failure away from becoming someone else’s property.

We refused to accept this as a foundation for what we were building.

A Queenslander who registers a name under .queensland or .qld or .brisbane pays once. There is no second payment. There is no renewal. There is no expiry date. The address is theirs. It doesn’t matter if they forget about it for a decade. It doesn’t matter if they change email addresses and miss a reminder. It doesn’t matter if they go through a period of illness, or grief, or simply have better things to think about than infrastructure maintenance. The address waits for them, immutably, permanently, on chain.

That’s what we mean by ownership.

What Happens When the Company Fails

It’s worth thinking through what failure actually looks like in the traditional domain model, because it illuminates why the architecture matters so much.

RegisterFly was a domain registrar with around two million domain names and 900,000 customers. Founded in 2000, it became an accredited domain registrar before stopping operations in 2007, amid serious complaints and ultimately a legal dispute between co-owners over misused company funds.

Almost a million customers. Two million domain names. And the ability of those people to maintain their addresses on the internet became contingent on the resolution of a business dispute between two individuals. That’s the nature of the dependency the traditional model creates.

During this period, the governance body overseeing registrar accreditation had to begin procedures to end the registrar’s accreditation amid charges and lawsuits involving fraud.

Even in cases where governance bodies step in and manage the transition, there is disruption. There is uncertainty. There are businesses that go dark while the administration is sorted out. There are individuals who don’t know whether their address still exists, who it’s being managed by, or whether the settings they relied on are still intact.

This is a structural vulnerability, not an edge case. And the answer the industry settled on — better backups, more reminders, transfer your domain to a dedicated registrar and keep it separate from your hosting — is not a solution to the problem. It’s an adaptation to the problem. It accepts the underlying fragility and asks users to manage around it.

We wanted to eliminate the fragility rather than manage around it.

The Concentration of Power Problem

There’s a pattern in the history of internet infrastructure that’s worth naming clearly. Power concentrates. The internet was designed with distribution in mind, and many of its original architects genuinely believed it would resist centralisation. What actually happened is that market forces, network effects, and the economics of infrastructure naturally pull toward consolidation.

A small number of very large companies now sit beneath enormous amounts of the internet’s daily operation. Cloud providers host most of the web. A small number of registrars control the majority of registered domains. Domain extensions are licensed by a handful of registry operators with significant market power.

These companies control levers to vast online infrastructure and have complete discretion to pull those levers as they see fit — which means they can decide which websites live or die.

That’s an extraordinary amount of power to be held by private entities with no obligation to the public interest.

We’re not making a political argument about whether markets are good or bad. We’re making an observation about structural risk. When your digital address depends on a concentrated set of private actors, you are exposed to their decisions, their financial health, their policy choices, and their relationships with governments and other powerful institutions. You have no real recourse when those decisions go against you.

The traditional response to this is contractual. You agree to terms of service. You have rights under consumer protection law. If a company wrongs you, you can complain to the relevant body.

But the practical reality for most individuals, small businesses, and community organisations is that they don’t have the legal resources to fight a large registrar. They don’t have the technical capacity to navigate a domain recovery process when a company fails. And they certainly can’t influence the policy decisions of a governance body they have no standing in.

The only genuine protection is removing the dependency in the first place.

Why Blockchain Infrastructure Changes the Equation

We want to be precise about this, because the blockchain space has accumulated a lot of noise and a lot of claims that don’t survive contact with reality. We’re not interested in the noise. We’re interested in what the technology actually does, and specifically what it does for the structural problem we’ve been describing.

Blockchain domains are decentralised domain names stored on blockchain networks rather than traditional DNS servers. The significance of this isn’t technical for its own sake. The significance is what it means for ownership.

In a traditional domain system, the record of who owns a domain name lives in a database controlled by a registry company. That company can be acquired, fail, change its policies, or be subject to external pressure. The record exists because the company maintains it. If the company stops maintaining it, or decides to change it, your ownership is only as secure as your relationship with that company.

In an onchain system, the record of ownership lives on a distributed ledger that no single company controls. When a user purchases and registers a domain on the blockchain, that record is written permanently on-chain, confirming the owner as the legitimate holder. It’s not held in trust by a company. It’s not subject to a billing cycle. It’s not contingent on the continued existence or goodwill of a registrar. It exists in the same way that other onchain records exist — transparently, verifiably, and without requiring anyone’s permission to remain valid.

Unlike traditional domains, which require ongoing fees and centralised registrars, onchain domains offer permanent ownership. Once claimed, they are stored in a wallet like any other digital asset and are fully controlled by the owner.

This is the shift in the ownership model that we believe matters for Queensland. Not as a technological experiment. Not as a speculative asset. As infrastructure designed to serve the people using it across decades, without expiry, and without private company control as a point of failure.

What We Were Actually Building For

When we secured the six TLDs — .queensland, .qld, .brisbane, .surfersparadise, .gold-coast, and .brisbane2032 — the question we kept coming back to wasn’t technical. It was about time.

We were thinking about a business that registers a .queensland address today. What does their relationship to that address look like in ten years? In thirty years? In the lifetime of their business? We were thinking about a family that wants a permanent digital home under a name that reflects where they’re from, something they can pass to their children the way you pass other things of lasting value. We were thinking about communities that want to build something enduring, that want to stake a claim to their corner of a Queensland-specific digital identity without worrying about whether the infrastructure holding that claim will still exist in a form they recognise.

Traditional domain infrastructure cannot make those promises. It can offer continuity so long as nothing goes wrong with the companies involved, the policies in place, and the annual renewals being kept current. That’s a fragile foundation for something you want to last.

We wanted to offer something different. A one-time payment. No renewals. No expiry. An address that belongs to the person who registers it and cannot be taken away by a company decision, a policy change, an acquisition, or an administrative failure.

The price starts at five dollars. Paid once. That’s it.

The Question of Trust

There’s a version of this conversation where someone says: but you also have to trust the infrastructure your onchain TLDs are built on. And that’s fair. It’s true. Every system has a foundation, and the question of where trust is placed is always legitimate.

Our answer is that the nature of the trust is different, and that difference is structural rather than cosmetic.

When you trust a registrar, you are trusting a private company. That company has a profit motive, a management team that can change, a board that can decide to sell the business, and a relationship with other powerful actors whose interests may not align with yours. The trust is personal and institutional. It can be withdrawn, revised, or made conditional at any time.

Where traditional TLDs are controlled by centralised organisations, onchain TLDs operate on blockchain technology — making them decentralised, more secure, and resistant to censorship.

When the record of your ownership exists on a decentralised blockchain, the trust is in a protocol and a consensus mechanism rather than in a company. Protocols don’t get acquired. They don’t have management teams that can decide your use case no longer fits the business model. They don’t have annual renewal fees that create a perpetual obligation. Data and assets on decentralised infrastructure can exist without intermediaries.

We’re not claiming the technology is perfect or that there are no risks. We’re claiming that the risk profile is categorically different from the risk profile of private company dependency — and that for the purposes of building digital infrastructure for Queensland, that difference is exactly what matters.

Identity at the Level That Lasts

There’s a thing that happens when physical communities have stable, durable markers of identity. Places accrue meaning. An address becomes a reference point. A name becomes something that means something beyond the words in it — it accumulates history, reputation, connection.

Digital addresses, so far, have mostly been too fragile to do this work. They expire. They get squatted. They get sold. They change hands when a business fails or pivots. The address that meant something last year might mean something entirely different this year, because the infrastructure holding it was never designed for permanence.

Queensland has a geography and a culture that is genuinely distinct. The names we hold — .queensland, .qld, .brisbane, .surfersparadise, .gold-coast, .brisbane2032 — are not generic strings. They are place names. They carry meaning that predates the internet and will outlast any particular technology platform. We think that meaning deserves to be anchored to infrastructure that is permanent.

A surf school in Surfers Paradise that builds under .surfersparadise isn’t just getting a domain name. They’re getting an address that is as permanent as any other address they hold. An address they own, not lease. An address that doesn’t require them to remember to pay a bill every year under threat of losing it. An address that places them in a specific, real, proud corner of the world.

That’s what we’re building toward. And the reason we can build toward it is that we chose infrastructure that makes permanent ownership possible — infrastructure that removes the private company control problem from the equation at the foundation level.

The Broader Principle

We’ve spent a lot of this post on the specific mechanics of domain infrastructure risk. But the principle is broader, and it’s worth stating plainly.

Critical infrastructure should not be held in a way that makes the people depending on it vulnerable to private company failure modes. This is true for utilities, for communications networks, and yes, for the addressing systems that people use to establish their digital presence and build their digital identity.

The internet was designed to be resilient and distributed. The domain name system, as it evolved, drifted toward centralisation and private control in ways that create real vulnerability for the people who depend on it.

We don’t think this is anyone’s specific fault. It’s what happens when infrastructure evolves through market competition and commercial incentives without a sustained commitment to the interests of end users. Companies optimise for what companies optimise for. Users get a functional system that works most of the time, except when the structural vulnerabilities are exposed — which is usually at the worst possible moment.

What we’re doing with Queensland Foundation is taking the position that for this particular piece of infrastructure, in this particular part of the world, the end users deserve better than “functional most of the time.” They deserve permanent, unconditional ownership of their digital addresses. They deserve infrastructure that doesn’t require them to maintain a relationship with a private company to keep what is theirs.

That position drove every design decision we made. The onchain architecture. The permanent ownership model. The one-time payment structure. The no-renewal, no-expiry commitment. None of those things are incidental features. They are the whole point.

What Permanent Means

We want to close by sitting with that word: permanent.

It’s not a word the technology industry uses much, for obvious reasons. Permanence is hard to deliver and easy to undermine. Most digital infrastructure exists under conditions that make genuine permanence impossible or very difficult to promise.

When we say permanent, we mean it in a specific and grounded way. We mean that the record of ownership lives on a blockchain where no single company can alter or delete it. We mean that once an address is registered, it doesn’t expire — not in one year, not in ten years, not in fifty years. We mean that the person who registers a .queensland or .brisbane address is not entering into a recurring dependency on any private entity to maintain that ownership.

We mean that a Queenslander can register an address today and give it to their grandchildren with reasonable confidence that it will still be theirs.

That’s what permanent means to us. And it’s the thing we kept coming back to, through every conversation about architecture and business model and technology choices, because it was always the core of what we were trying to do.

Not just an address. An address that lasts. One that belongs to Queensland people, under Queensland names, anchored to infrastructure that no private company can take away.