Registry Lock

Registry Lock is a premium security service offered by a registry that places a domain into a state where no modification — including nameserver changes, transfers, or deletions — can be processed through the normal automated EPP channel. Instead, any change requires a manual, out-of-band verification process involving phone calls, cryptographic tokens, or in-person identity checks between the registrar and the registry. This is distinct from the more common transfer lock, which the registrar controls and can toggle through its own systems; registry lock escalates the protection to the registry tier, making unauthorized changes extremely difficult even if an attacker gains full access to the registrar account. It is most commonly used by financial institutions, large brands, and critical-infrastructure operators to protect high-value domains against domain hijacking. For tokenized domains on Namefi, registry lock represents an important consideration: while on-chain transfers can happen at blockchain speed, the underlying DNS record is only updated after the registry-level controls are satisfied, ensuring the same rigorous safeguards apply regardless of how ownership is represented. Source: ICANN EPP Status Codes reference.