The ENS Dynamic Kit: Breathing Life into Static Web3 Identities
Merlini5 min read·Just now--
For years, the Ethereum Name Service (ENS) has been the gold standard for decentralized identity, yet it has faced a persistent limitation: it is static. Traditionally, every update to a text record, avatar, or content hash requires a manual wallet transaction, incurring gas costs and waiting for block confirmations. This makes ENS impractical for live portfolios, real-time dapp states, or automatic profile updates.
The ens-dynamic-kit (dinamic.eth) introduces a shift in this paradigm, transforming ENS from a frozen record into a programmable configuration layer.
The Engine: CCIP Read and Trustless Offchain Resolution
The core of this framework is EIP-3668, also known as CCIP Read. Instead of storing every data point on-chain, the resolver contract acts as a secure pointer. When a wallet or browser attempts to resolve a name, the contract “reverts” with an OffchainLookup error, directing the client to a specific gateway URL.
This 7-step resolution flow ensures security without the gas:
- Request: The client calls
resolve(name)on the ENS Registry. - Redirect: The OffchainResolver contract provides the gateway URL.
- Fetch: The client makes an HTTP GET request to the gateway.
- Sign: The gateway fetches data from a local SQLite database and signs it with a private key.
- Verify: The client returns to the contract with the signed proof.
- Finalize: The contract verifies the ECDSA signature against a registered signer key and returns the data.
Because the contract only accepts responses signed by the authorized key, the gateway remains trust-minimized — it cannot provide false data without being detected.
ENS-KIT/1: The Spec for Dynamic User Interfaces
To make this dynamic data useful for frontends, the kit introduces the ENS-KIT/1 Text Record Extension Spec. This convention allows standard ENS text records to drive complex UI behaviors instantly and without redeployment.
- Media Keys: Use
videofor looping backgrounds,galleryfor scrollable media strips, andcard_bgfor custom profile card aesthetics. - Action Keys: Define primary and secondary Call-to-Action (CTA) buttons with
pfp_buttonandpfp_button_2, or enable financial interactions viatipanddonaterecords. - Appearance: Overrides like
theme(gradient/light/dark) andlayoutvariants allow a brand's visual identity to carry across all its subdomains.
KYA: Know Your Agent and ERC-8004
As we enter the age of autonomous AI agents, identity becomes the new bottleneck. The ens-dynamic-kit implements the ERC-8004 standard, allowing NFT holders to bridge their collections into trustless on-chain agent identities.
Through ENSIP-25, these agents are bidirectionally linked to human-readable ENS names (e.g., agent.yourname.eth). This provides a foundational layer for KYA (Know Your Agent): cryptographic credentials that link an autonomous agent to its human principal, its constraints, and its liability.
The framework even includes an agentic chat runtime where agents can use Model Context Protocol (MCP) tool loops to execute tasks, such as performing on-chain swaps, only after receiving an owner’s signature via an inline Approval Gate.
The Hybrid Approach: Solving the Browser Problem
A significant challenge in the ENS ecosystem is that native browsers like Brave and Opera often call contenthash directly and do not yet follow the CCIP Read protocol.
To solve this, the kit utilizes a two-tier architecture:
- Off-chain Tier: CCIP Read handles dynamic, instant updates for compatible clients (MetaMask, ENS App).
- On-chain Tier (The “Brave Fix”): The admin UI allows users to set an IPFS content hash on-chain once. This ensures that browsers resolving natively still see a functional, synchronized version of the site, even if it lacks the real-time speed of the off-chain layer
Operational Security: Lessons from the Field
Building dynamic infrastructure on Ethereum requires rigorous security. The project documentation highlights critical lessons learned from production:
- Key Isolation: Never use your deployer wallet for signing gateway responses. If the gateway signing key is compromised, it should not grant control over the ENS name or the resolver contract.
- Persistence: In Docker environments, always use volume mounts for the SQLite database. Without them, every container restart wipes your records.
- Rescue Strategies: In cases of wallet compromise by “sweeper bots,” the kit recommends using Flashbots atomic bundles to recover ENS names by bypassing the public mempool.
Conclusion: A Living Identity
The ens-dynamic-kit moves us closer to a Web3 where identity is not a static business card, but a living, breathing digital presence. Whether it’s through gasless profile updates, “subdomain-as-identity” for entire communities, or verifiable identities for AI agents, the future of ENS is dynamic.
Ready to start? You can claim your own dynamic subdomain at claim.dinamic.eth and join the evolution of decentralized identity.
https://dinamic.eth.limo // https://x.com/goblinarinos // https://x.com/gobswap
