- Abuse contact: abuse@ton.vet — in SOA record
- 24h SLA: malware, phishing, botnet, pharming
- Blocklists: Spamhaus, SURBL, PhishTank, URLhaus
- Suspension within 72h of confirmed abuse (Art. 3.4)
- Annual compliance report filed with ICANN
- Full wire-format compliance (application/dns-message)
- Endpoint: https://doh.ton.vet/dns-query (GET + POST)
- DNSSEC validation pass-through
- No persistent query logging — discarded in 30s
- TLS 1.3 mandatory, HSTS preload enabled
- No IP stored. No cookies. No tracking.
- Privacy by design & default — GDPR Art. 25
- Legal basis: legitimate interest (Art. 6(1)(f))
- Data subject requests within 30 days (Art. 15–22)
- DPO: dpo@ton.vet
- Registered gateway per foundation.ton v2.1
- Resolution via TON DNS root smart contract
- Operator identity verified on-chain
- No modification of on-chain results
- Critical incidents → security@ton.org within 4h
Effective: 2024-01-01 · Reviewed: 2025-01-01 · Law: EU / Estonia
The ton.vet service including the DoH resolver at doh.ton.vet, all API endpoints, and web interface operated by TON.VET Operations ("Operator").
Any natural person, legal entity, software client, or automated system making DNS queries or accessing content through the Gateway.
Technical abuse of the DNS for harmful conduct: malware, botnet C&C, phishing, pharming, and spam per ICANN DNS Abuse Framework 2024.
Decentralised name system on The Open Network blockchain resolving .ton names to addresses via smart contracts managed by foundation.ton.
- Resolving .ton domain names via standard DNS queries
- Integrating the RFC 8484 DoH endpoint into wallets, browsers, or apps
- Automated DNS resolution at reasonable rates (see §2.1)
- Research and educational use with non-abusive query patterns
- Verification of TON DNS records for dApp development
- Unauthenticated: 100 queries / minute per IP
- Registered integrations: 1,000 queries / minute — ops@ton.vet
- Exceeding limits: 429 response; persistent abuse → permanent block
- Using Gateway as infrastructure for malware, phishing, pharming, or botnet C&C
- Circumventing or probing security and rate-limit controls
- Generating synthetic traffic for DDoS amplification or reflection
- Reselling or white-labelling without written agreement
- Attempting to harvest or correlate user query data
- Hosting illegal content through .ton domains resolved by this Gateway
Email abuse@ton.vet with: (a) .ton domain or ADNL address, (b) nature of abuse, (c) evidence, (d) your contact details.
- Acknowledgement: ≤ 4 hours
- Triage & verification: ≤ 24 hours
- Confirmed abuse suspension: ≤ 72 hours (CMDA Art. 3.4)
- Definitive domain suspension executed by foundation.ton (registrar)
- Feeds: Spamhaus DBL, SURBL, PhishTank, URLhaus, Google Safe Browsing
- Suspicious patterns → auto throttle + NOC alert
- Blocklist updates applied within 15 minutes
- No IP address storage — not even truncated or hashed
- No cookies, no fingerprinting, no analytics pixels
- In-flight logs for abuse detection discarded within 30 seconds
- Aggregate anonymised statistics for operational use only
Since no personal data is stored, most rights are satisfied by design. For any DSR contact dpo@ton.vet.
No personal data transferred outside EEA without SCCs per GDPR Chapter V.
- Gateway is a neutral technical intermediary — does not host or endorse .ton content
- .ton site content is solely the responsibility of domain operators
- No warranties of uptime, accuracy, or fitness for any purpose
- Aggregate liability ≤ EUR 100 per user per 12-month period
- Rate throttling or temporary IP block (reversible)
- Permanent CIDR-block for repeated or serious abuse
- DNS-level blocking of a .ton domain at gateway layer
- Escalation to foundation.ton for on-chain suspension
- Referral to law enforcement where required
Email appeals@ton.vet within 14 days. Include a detailed explanation. Response within 10 business days.
- Abuse: abuse@ton.vet
- DPO: dpo@ton.vet
- Legal / Appeals: legal@ton.vet
- Operations: ops@ton.vet
- Security (urgent): security@ton.vet
TON.VET Operations OÜ
Harju maakond, Tallinn, 10111, Estonia
GDPR supervisory authority: Andmekaitse Inspektsioon (AKI)
This gateway provides access to decentralized websites on the TON blockchain. We do not host, control, moderate, or endorse any content on these external sites.
Users access external content at their own risk. Illegal or harmful content is the sole responsibility of site operators. Report to abuse@ton.vet.
By using this service you acknowledge and accept these terms.