All: this is quite an interesting article. It deserves much better than the tedious flamewar that this topic has routinely been converging to, so let's give it a go.
If you're going to comment, please focus on specific, interesting things in the article that you're curious about.
Please don't post generic, shallow, obvious, indignant, and/or dismissive comments—those are repetitive and predictable, we've had more than enough of them, they're tedious, not what this site is for, and we don't need more.
This is a really well-thought-out, nuanced take. I really appreciate mixture of "but there are still servers", not being able to stop a gold rush, and (refreshingly) the technical take on the implementation details.
It stands in such stark contrast to other content. For example, a web3 chat app announcement I saw yesterday [1]. I even joined the Discord to learn more and just found...hype.
I found this parenthetical to be amusing:
> (visualizing this financial structure would resemble something similar to a pyramid shape)
The centralization of apis (infura, opensea and ethscan used by metamask) is the biggest problem. I could be wrong, but I don't think we've seen that fast consolidation in other early tech. I remember in the late 90s there were a number of search engines but no one really owned the space. Only 20 years later did Google emerge as the winner and is (IMO) by far the best in terms of relevant results. But that didn't happen overnight, and there wasn't a search engine dominating 90% of the market within a few years of the beginning of mainstream acceptance.
How hard is it to create a competitor to infura? MetaMask should be incentivized to do this as they're core offering is controlled by one party.
[edit] Never mind, metamask and infura are owned by the same company (ConsenSys). It's even worse than it appears...
Tally is a community-owned, open-source fork of MetaMask. From first impressions it looks like it will also solve some of the issues brought up in Moxie's (excellent) blog post, i.e decentralizing the node-> NFT->wallet Metadata routes.
Regarding the immutability of NFT image pointers:
Some emerging solutions to this issue are:
Use ERC2477 (DRAFT). This allows you to have some control over the metadata to ensure the name is as you want it. Note that this will require you to implement a zero-knowledge proof or a JSON parser on-chain which validates the new metadata.
Use 0xcert Framework. The 0xcert framework is specifically designed to provide metadata integrity for ERC-721 tokens, it uses a different hashing technique (Merkle tree). But it requires you to use the same schema across metadata versions.
Ceramic Network is doing some interesting work on schema coordination amongst other things.
> How hard is it to create a competitor to infura?
Infura is merely hosting nodes for you and exposing their JSON RPC endpoints. They did not _create_ the API.
There's already plenty of competitors in that space. QuickNode and GetBlock for instance, if you want mutualised/managed nodes. You can also host your own node yourself, or use e.g. AWS Blockchain to host it for you, or even use the public free hosted nodes that most blockchain project provide. It's just a Metter of trade-off between cost, time and security.
If you are using JSON RPC APIs (which most people do) there is nothing that locks you to Infura or any other provider.
When you open metamask there's a dropdown in the top right. It lets you choose which network you're using, and defaults to "Ethereum Mainnet". If you hit the "Add Network" button you can configure which server your metamask talks to.
How many more switched it to Google from Bing from Microsoft Edge? Google having 91% market share is an effect, not a cause; they have it because their product is the best and does what I want it to 91% of the time.
If Google’s market share was only a result of a superior product then they wouldn’t feel compelled to pay Apple billions of dollars to be the default search engine on iPhones. Defaults matter.
As other comments mentioned, you can change your endpoint in metamask.
Also, metamask is not the only wallet there is... Some dApps only accept Metamask buts it's becoming rare. Most dApps implement multiple alternatives, like WalletConnect, which is more of a dapp/wallet protocol, which allows you to use any wallet software.
> I don't think we've seen that fast consolidation in other early tech
I actually struggled with this point throughout the article. I'm not sure I see this as a parallel trend toward centralization like we saw with web2 - but rather that this is how software is built today and this is what we're comfortable with. It doesn't seem unnatural or problematic to me that we will start with something that approximates the world around us today and move toward the decentralized end state that apologists are hoping for.
>and move toward the decentralized end state that apologists are hoping for.
Is there any evidence that this is actually happening? It seems rather backwards! Is the maximalist argument here that these companies are going to build out all this infrastructure, move the global financial system onto it, and then rip it apart and rewrite it to be entirely distributed afterwards? Why? If the point is to be distributed, wouldn't they want it to be distributed first?
Where are the blockchains with full-fat clients that can actually run on normal mobile devices? And if they actually exist, does anybody use them? Like, for normal, actual uses, not "shilling this app makes my portfolio go up 300% before I dump it on some clueless bagholder, to the moon rocket emoji rocket emoji".
The crux of the article is that the front-ends are all routing calls through centralized APIs to get their message included on the blockchain. Infura and Alchemy don't do much. They just pass a JSON-RPC message to an Ethereum node running on their servers. There is some additional indexing services they provide, but there are many open, decentralized alternatives for that such as TheGraph Protocol. And it's not unfeasible for an application to run its own Postgres instance to index data from the ETH blockchain.
As for full-fat clients on normal mobile devices, the main issue is the data requirements. Running a full node can take hundreds of gigabytes. It is possible on light hardware. People are running Beacon chain nodes on Raspberry Pis. But you do need the storage and that tends to be scarce on mobile.
Meanwhile, the Ethereum core devs are aware of this issue and are actively working towards it. They shipped the Altair hard fork this year that has adds sync committees which make it possible to do without needing the whole chain history (using merkle trees): https://github.com/ethereum/annotated-spec/blob/master/altai...
It's almost as if there's only the bare minimum decentralization needed to avoid regulation and taxation and the rest is good old fashioned centralized web apps.
So "decentralized" doesn't necessarily mean "no servers" it means "the servers don't matter". If Infura went down tomorrow, nothing would be lost, because Infura was just hosting something anyone could have hosted. You want to be the next Infura? You just download the same code they did and run it: Infura isn't holding any state. If Facebook goes down tomorrow, everyone's accounts and all of their data is destroyed.
“Goes down” could be substituted for a lot of things, for example, “becomes evil”, “disables API access”, “arbitrarily bans you”.
Lots of developers including myself have had things break when Twitter decided to abandon its liberal approach to APIs. There was no alternative endpoint I could just point my app at.
> “Goes down” could be substituted for a lot of things
For clarity, you are now arguing a tangential point.
> Twitter decided to abandon its liberal approach to APIs
I just don’t understand the comparison between Twitter/FB to a blockchain.
Are crypto maximalists arguing that social networks are only about the database itself and access to it?
> There was no alternative endpoint I could just point my app at.
The article already has a great example about this not working as intended - opensea removing his NFT from their API despite it existing on-chain. And every NFT viewer using the opensea view of things than the chain’s view.
> For clarity, you are now arguing a tangential point.
I don’t think I am; all these fall under GP’s first sentence; I took “goes down” in the next sentence as one example, WLOG.
> Are crypto maximalists arguing that social networks are only about the database itself and access to it?
I can’t speak for crypto maximalists (I’m probably as skeptical of this stuff as you are), but I think the best argument is that the existence of a viable off-ramp forces the centralized player to be a good actor. Similar to how many open source projects are very centralized, but the possibility of a fork (like mariadb) is enough of an incentive that it’s rare for a project to screw up so badly that a fork can gain steam.
FWIW, you aren't (arguing a tangential point to me): I didn't say "one of Facebook's servers goes down", I said "Facebook goes down". Companies go out of business or simply get tired of operating product lines constantly. I can sort of appreciate the idea "well maybe by goes down I just meant temporarily", but then I think one needs apply that to the entire sentence: if it goes down permanently, the accounts are no longer usable permanently (aka, "destroyed"); and, if it goes down temporarily, the accounts and data are no longer usable temporarily.
> Is the maximalist argument here that these companies are going to build out all this infrastructure, move the global financial system onto it, and then rip it apart and rewrite it to be entirely distributed afterwards
I haven't heard anyone articulate this as their vision lol. I would think they distribute the systems somewhere between trading monkey JPEGs and actually moving the global financial system onto it.
As to why start with it centralized, it's easier to get a POC working with the systems and conventions we have in place today than alongside rethinking all of the infrastructure at the same time. Work on the UI, trade some stupid goods that finance the development of these distributed systems, etc. I just don't understand the argument that this whole thing will or should be binary. Huge migrations like that fall over all the time. Gradual rollouts take longer but are generally safer and in this case probably the only option.
"You should check out my new car company, ThreeWheel. We're completely revolutionizing the business of getting around. The key innovation is that our cars have three wheels. This reduces tire cost, improves aerodynamics, and reduces rolling friction. Our three wheeled cars are the future of all wheeled transport!"
"Okay."
"But our prototype has four wheels, as a temporary prototype to test out the technology."
"That doesn't seem like it tests the technology very well."
"I don't see why you're quibbling about the details. We've sold thousands of ThreeWheels to people who are very enthusiastic about living in a three wheeled future!"
"You've sold four wheeled cars to people who want three wheeled cars?"
"They then resell them for tens of thousands of dollars more than they paid! They're ecstatically happy! Nobody is bigger fans of the three wheel car future than our customers."
"Even though these cars, the cars they purchased, have four wheels."
"Well, they could remove one wheel later, if they wanted."
"Would that work?"
"Oh no, absolutely not. You couldn't drive it at all, then. It would be much worse than a regular car. A lot of work remains to be done to gradually transition current ThreeWheels to a three wheeled form. We plan to send robots to each customer's garage to cut sections from the frame and re-weld them together. Then we need to swap out the steering rack, re-route the driveshaft, change suspension components, brakes..."
"That sounds hard."
"Yes, we think it will take hundreds of changes over years to move current generation ThreeWheels to a three wheeled mode."
"Instead of just building three wheeled cars today?"
"Wow John Cena bought a ThreeWheel and posted it on his instragram! My collection of ThreeWheels is going to explode in value! I love my job!"
Not GP but I have to say I love getting 50mpg in the city and having the same range as any gas powered car. So I don't quite see how Prius is a better example than the awesome analogy made above.
This example is not good. Hardware has a much different release cycle than software. Once you sell a car, you can't simply release a hardware update.
99.999% of internet software is built iteratively. Even programming languages and operating systems have versions. This argument about needing everything to be decentralized from the beginning is exposing bias because it's not a logical conclusion unless you're bent on antagonizing web3.
Even most DAOs start out centralized and slowly become decentralized. This is expected. You don't want to go full decentralized until everything is stable.
> Even most DAOs start out centralized and slowly become decentralized
This is also how democratic governance works. A core group of “trusted” leaders makes decisions that are ratified by elected representatives. It is then disseminated through the various layers of governance and implemented in a distributed fashion.
If key financial institutions had more trust in a blockchain than in the Federal Reserve, and the European Central Bank, and the Bank of England, and maybe the Central Bank of Japan to hold an account of their assets.
Do we have any reason to think that would be the case, or they’d enrich the early adopters of one of the existing blockchains by using it rather than creating their own? Central banking doesn’t need to pay the overhead for trustless anonymity since all of the participants are known and have ongoing working relationships.
Surely development of the full fat clients will lead to the required innovations to provide light, mobile clients for blockchains that are properly distributed.
I agree there are many scams but we really are in more of a research period with regards to the tech. The research will continue through the hype cycles.
But why would it do that though? I’d like to hear a falsifiable theory of how that would happen, because as of right now it’s not happening, and no one seems able to explain what big thing is going to change. If the biggest part of the change (using the blockchain) isn’t causing the dynamic to shift, what future change will?
To me the argument here is because it's easy. Even if the interaction layer is centralized the underlying tech is decentralized so everything can easily be validated and that's the key difference.
I think he touched on that in the article. The masses are trusting the centralized API, not the blockchain. His NFT exists in the chain, but not the API, so it effectively doesn't exist in the eyes of the market.
That feels like an argument that could be applied to web2 too though, and it falls apart there too: It’s never been easier to spin up some servers and whip up a basic social media site or search engine or online store, but it’d still be hard to displace Facebook, Google or Amazon. The problem isn’t with the ease of starting a competitor, it’s the psychological and social forces that cause people to prefer having one default place where they can go for a certain thing.
But as noted in the article, that's not the case. OpenSea stores data that then isn't on any blockchain, like royalties. That's done as just a regular web2 feature, a database on OpenSea's backend.
So no, it can't be validated, and it can't be migrated.
Royalties is a funny example because a) they’re being standardized, see eips.ethereum.org/EIPS/eip-2981 and b) royalties are entirely opt-in. You can happily transfer NFTs without having to pay royalties if you forgo an exchange that respects them.
That’s literally one of the most salient points of TFA: protocols move dog slow and provide too little too late, platforms iterate fast and give people what they want right now.
But there will be other features over time, that would not be standardized. As per article centralized platforms progress faster than decentralized standardization. Switching cost will grow.
Why would we ever move toward decentralization? It is almost always easier to have at least some central point of control in any distributed system, even the Internet (IANA, RIRs, etc.). It is also very difficult to remove a centralized control point after a system is already deployed, especially if the system supports heterogenous clients (as it is likely that some clients will be slow to switch to the new design, and many will make bad assumptions about the system architecture).
There is a point to be made here that is an important difference between web2 and web3+centralized apis. On the latter companies do not have lock-in of the data, which provides a big incentive to not be evil. the moment someone can make a case for bad play they have the advantage to shift the market to a different platform. Unfortunately this is not so easy on web2 because of the data that locks users on those platforms.
> There is a point to be made here that is an important difference between web2 and web3+centralized apis. On the latter companies do not have lock-in of the data
This is only true of the data stored on the blockchain itself. As described in the article, that isn’t anywhere near enough to replace the centralized systems being billed as “web3”, and it’s completely unworkable for data which can’t be public, which is updated frequently, or which needs to be deleted. Combined with blockchains being unavoidably quite expensive and slow, and the challenges of standardizing protocols while the competition is shipping it seems quite unlikely that this will change.
It doesn’t reduce lock-in meaningfully if Google were to continue to store and process all of your data but now you’re using an outside authentication system. I’m sure they would love, however, the way “web3” makes their job of tracking users so much easier.
Deletion and/or non-public is an interesting problem. Obviously, you can store it encrypted and delete the key, but advances in compute and algorithms might render that encryption breakable.
For data that needs to be updated, all you need is an override mechanism, which sounds simple enough.
Storing it encrypted also means you have to ask what happens if the key is leaked — for example, if I tried to sell movies that way rightsholders would be unlikely to accept a system where you could pay $10 and then give the decryption key to all of your friends, leaving me no way to revoke it.
For updates, you can definitely replace things but that's expensive if you have to pay a transaction fee regularly and it could quickly get to non-trivial storage sizes if you have to store obsolete versions in perpetuity, especially with non-trivial metadata overhead.
Distributed storage does not make any difference for lock-in with a centralized API. For example, imagine a system for storing photos on some distributed system and a popular, centralized web front-end for users. Now what I will do with the centralized front-end is to give users a "value-add" by encrypting their photos, thus protecting their privacy, and better still I will use my proprietary key management technology to relieve end users of the various problems with losing private keys. Lock-in achieved, and all you accomplished with distributed storage was to outsource the maintenance of the storage infrastructure.
We already see this with blockchain payments. The vast majority of merchants who accept cryptocurrency payment do so through a service that manages their wallet and typically offers some kind of value-added features to lock them in. There is no reason to believe the same will not happen with Web3, if it is not happening already.
for all of the reasons that web3 apologists are excited about decentralization. I'm not really one of them, so I'm not going to advocate on their behalf, but lots of people are very excited about this.
> It is almost always easier to have at least some central point of control
I don't think anyone is going to argue that decentralization is the easiest solution.
I agree that it's hard to remove this point of centralization once it's there. My guess would be that, if this goes the way many are hoping, new places emerge over time with increasing levels of independence from these central providers.
This discussion would benefit from a Ramsey, graph, random matrix person to expound on "random" graphs as seen in nature. Nodes with n edges in, 1 out are around but not without some centralization. Surely not robust?
decentralization in the blockchain world is really to provide security and interoperability by emulating centralized services. So essentially it looks like a centralized service, but it's more secure than a centralized service.
From a cryptographic perspective, centralized and decentralised services are equally secure. From a user perspective, blockchains are less secure as there is no authority you can approach for chargebacks
The point of blockchain was removing trust from a single person and spreading it around over a network
> From a user perspective, blockchains are less secure as there is no authority you can approach for chargebacks
This actually proves the point that security is relative. There are instances when I would feel more secure when an outside party can refund my money, say when the seller never ships the product I ordered. There are also times when I would feel less secure with chargebacks, like when I sell something on eBay and the buyer files a complaint with PayPal after taking delivery of exactly what they ordered.
Security wasn't an original goal of bitcoin. Privacy, anonymity, and immutability were, though the first to were lost a decade ago and immutibly is pretty well solved but also the primary cause for so much wasted resource consumption.
It sounds like you did understand my two examples, not sure how they could have made no sense. The two scenarios point to competing ideas of what "secure" would mean, and my point was that security can't be a goal because its relative
Oh it doesn't, I haven't found any value in web3 yet. I may just be missing something, but I still don't get what problem web3 can solve that isn't solved easier with web1 or web2 technologies.
I would argue consolidation and centralized elements are inevitable, the promise of true decentralization is like socialism: a promising theory but failed application.
As someone who has run nodes, no it is hard and expensive. Every time a geth node dies it has to resync and no persistent volume mounts and stateful sets are not solutions. They are problems. If you need to scale horizontally you get strange consistency issues with the API. All of this makes for a very unpleasant experience. It's built for TLC on a beefy box not a herd.
And that's the rub. The new node doesn't have the same state as the old one. So clients making requests assuming that latest is the same start having problems. If you haven't seen them you just haven't been running a production quality service.
But one of the main points of article is that people don't want to run servers, developers included. Even being easy, letting someone else do it will always be easier.
But the question was how hard is it to run a competitor to Infura. And the answer is trivially easy. Infura is just an Ethereum node API that's publicly exposed. Building an Infura competitor literally is nothing more than $100/month it costs to run a Geth node on AWS.
This is true today. But the standard approach in this industry is to start by offering access to an open service and then quickly build in value-add services that aren’t available in the open service. So for example, the smart move would be for Infura to offer a proprietary chain or rollup that gets widely used but isn’t available outside of Infura. If they can pull that off, competition could get much harder.
> People don't usually run Postgres themselves (e.g. set up Postgres in a docker container), but it's not very hard to do.
It's easy to do a basic install.
It's quite hard to do it right, at scale, with workload-appropriate configuration, replication, backup etc.
My point... neither Postures nor Indira, or any other blockchain solution are easy to install and maintain in a fully scaled-up, fault-tolerant, multi-node deployment
How many (large) companies, governments, etc... run their own email servers? If there's a strong enough need, people will run their own servers even if they'd rather not. "people don't want to run servers" arguably could be rephrased as "people don't have a reason (today) to run their own servers". I'd argue this is a key difference between web1 and cryto centralization and the web2 centralization. If Google announced tomorrow that anyone can buy the gmail contents of any gmail address, you'd bet a lot more individuals would either switch to alternatives or start running their own severs.
> How many (large) companies, governments, etc... run their own email servers?
Office 365 financials alone suggest that the answer is "very few, and rapidly decreasing". I work for a ~30k employee technology company that doesn't run it's own email servers.
Don't get me wrong its good that the option is there, but short of coding and operating your own full node Metamask will still be trusting a centralized third party
I'm not sure I understand, running a full node requires some consumer hardware and a few days. And most infura usage doesn't even need a full node, so it's easier to run.
The API is the same, swapping out for another node is just a config change
> running a full node requires some consumer hardware and a few days
There are monthly utilities and regular maintenance as well. Networking could also be a problem, you'd really want a static IP and an unlimited high-speed network which isn't always supported by many home ISPs
> And most infura usage doesn't even need a full node, so it's easier to run
I don't know as much about the protocol details of infura. Have they found a way to verify transactions with a partial node? That'd be huge if they have, regardless of what happens to the current NFT platforms!
Many projects have chased pruning, but it always seems to get stuck when people realize that means adding trust into Tue system since you can't trace back to the genesis block
If the goal is to remove trust in a third party you would either need to code or verify the software before running it. Short of that and you still have to trust whoever coded it and all the distribution infrastructure that let you download it.
More options is good for sure, but doesn't solve centralization or trust concerns
The level of centralization is a spectrum and I don't mean to fall into the trap of describing it as all or nothing. The question is how close to decentralization web3 is or can be, and my concern with regards to picking your own API endpoint is just how similarly it is to the original point Moxie was making with regards to there only really being two API hosts in use
There are voices within the space that have been talking about this issue for many years. There is at least one project which aims to use economic incentives within the design of the protocol to mitigate. Check out Saito.
> The centralization of apis (infura, opensea and ethscan used by metamask) is the biggest problem. I could be wrong, but I don't think we've seen that fast consolidation in other early tech. I remember in the late 90s there were a number of search engines but no one really owned the space. Only 20 years later did Google emerge as the winner and is (IMO) by far the best in terms of relevant results. But that didn't happen overnight, and there wasn't a search engine dominating 90% of the market within a few years of the beginning of mainstream acceptance.
> How hard is it to create a competitor to infura? MetaMask should be incentivized to do this as they're core offering is controlled by one party.
> [edit] Never mind, metamask and infura are owned by the same company (ConsenSys). It's even worse than it appears...
Currently working in the space (graduated from doing systems-level . My hot take is what is considered a "full node" can potentially use significantly less resources. The base word size is 256-bit (size of SHA256), most is either 1s or 0s, the entire raw Ethereum blockchain is roughly 350 GiB uncompressed, probably can be much better with zstd compression on multi-core. Let's just quietly ignore that most is not using an assembly-level optimized implentations of uint256 arithmetic operations. Also all the current clients (a) afaik run transactions single-threaded, and (b) no on-disk compression, (c) at best use mmap relying on OS level paging even though you're going to have 32-byte random reads invalidating entire 4K or 16K pages out of ~3TiB of read/write space. I'm more than certain execution can be ran speculatively using STM (software transaction memory). I seriously doubt that most Ethereum transactions within a single block have that much r/w contention if you were to execute them in arbitrary order in parallel. Basically application level speculative execution (except you know the ending hash ahead of time, so you know of the ending state is valid or not). Anyhow...
What is your point? Sounds to me you're just regurgitating technical mambo jambo that doesn't realy have any relation whatsoever to any of the points quoted!
Are you trying to say that by optimizing a node's software, people will be able to run a full node on their devices?? That's patently false currently, even more if the technology actually goes viral one day (small system-level optimisations simply won't scale to compensate for the fast increase in the blockchain size).
The fundamental problem with decentralisation is that it will always be less efficient than a centralised solution due to the overhead necessary for coordinating the system. This means increased costs of some nature. In order to justify those costs, the decentralised system has to add a sufficient amount of value compared to the centralised solution. And not only is that usually not the case, but, as Moxie points out, it is usually the opposite, because a centralised system can iterate more quickly.
And that is also true for the crypto/web3 world: Outside of some niches, it does not add any value. Almost anything it can do, existing centralised technologies can do better. The only reason they haven't so far is that most of these things are not terribly useful to begin with.
This is the exact argument for authoritarianism over democracy. Centralization is easier and often cheaper, but you have to trust the group in charge completely. Even then, the collective loses out on innovation and new ideas because only a small subset of the population is in a position to change anything.
Centralization is often a short term win, decentralization is a long play. Unfortunately, we almost always seem to chose immediate gratification which is why we see decentralization abandoned early, and why we see democratic freedoms being replaced by authoritarian control.
This is what representative democracy with an executive function is for. The government / executive acts without the need of democratic micromanagement, but is subject to popular oversight through a number of mechanisms.
Even in the case of democracy, you have to put trust in the sovereign.
And whenever the sovereign enforces a law, the person facing the enforcement will consider it tyranny. It’s a known paradox of the power we, the people, grant to the sovereign.
A thousand times no. A true democracy earns trust through the integrity of its institutions: executive, legislative and judicial, and the respectfully balanced and constitutionally limited powers they share.
My point wasn't to draw a direct line between democracy and a decentralized network. I just thought it was important to point out the risks and potentially short sidedness of giving up on decentralization because its slower and more difficult. That line of thought leads to more authoritarian control, and that's never worked out well for the average person in the long run.
I don't recall that argument in practice. In Kazakhstan just now for the leader has recently used the argument "Those who don't surrender will be eliminated" which seem more common than "centralization is easier and often cheaper" as far as I can tell in such situations.
I was speaking generally not to any one authoritarian. I can't imagine many, if any, authoritarian leaders would be using the "it's easier and cheaper" argument when grabbing more power, but its a very common argument used in more general and philosophical debates.
Look into any of the writings that led to the USSR and you'll find it all over. The goal was total government control would be the best way to optimize resource allocation. They were making the case that Soviet communism would win out against fascism because they could make everything faster and cheaper.
I might be crazy, but reading this I imagine a blockchain based temporary democracy: full proof-of-whatever correct voting scheme choosing a temporary centralized “government” with measurable goals to move the system to eventual decentralization.
This is actually one of the few uses I know of that I have a lot of hope for. I worked on a digital voting system in college a decade ago, we were researching accessibility concerns mainly related to visually impaired voters. The voting industry in the US is just as much of a tire fire now as it was then but it could easily be improved.
A blockchain based voting system with each state acting as a PoW validator could actually work. The main challenge is how to centralize key distribution in a way that is accessible to everyone without compromising anonymity. If anyone knows your public key they know exactly who you voted for in every election.
The fundamental problem is that problems with centralized platforms are attributed to centralization, and thus decentralization is seen as the answer. This is entirely false. Centralization and decentralization are just words that have an objective definition. Neither is inherently better than the other and choosing either as a solution to your problem is entirely context dependent. Anyone that has a stake in crypto / web 3 conveniently leaves this crucial piece of information. E.g. it's a different solution to the same problem, not a _better_ solution the same problem. Having options by itself can be a valuable use case, but I'm afraid the gold rush is not driven by the excitement for having options, but rather for the excitement of becoming rich quick.
Only looming at financial and corporate systems is a seriously limited pool of data. There are non profits, collectives, employee owned businesses, etc that are not a hierarchical structure but I don't think they would fall into the pool of financial or corporate structures.
fwiw I follow a lot of crypto people on Twitter and 0 of them are following this message app, it has 700 followers and you decide to jump into the discord? To me that’s like getting a random email about a product and saying “yes tell me more” I’m not sure what you are expecting.
>When you think about it, OpenSea would actually be much “better” in the immediate sense if all the web3 parts were gone. It would be faster, cheaper for everyone, and easier to use.
That sums up the situation for me. Having a marketplace for purely digital goods might be a concept with a future. Having standard ways to interoperate between different platforms and query and update these goods might make sense (although I still think it goes opposite to the general trend of walled gardens vs. decentralized web, I don't see why the IP owners would play ball and accept the loss of control).
The thing is that in most case those NFTs wouldn't be trustless. I see people putting forward that a use case would be an NFT that proves that your Rolex is real, or for Fortnite skins, or for the ownership of your house. But in all these situations, there's a very clear authority (Rolex, Epic Games and the municipal authorities, respectively). These authorities will be allowed to mint new NFTs at will (because who else?) and as such have to be trusted. That opens up interesting questions btw, like "who is Rolex exactly?" which creates a chain of custody of trusted authority involving trademark management among other things. But I digress.
But then as soon as an authority is identified, why bother with the extreme overhead (it terms of resources and costs) of blockchain tech? Couldn't Rolex issue a PGP signed CSV of all valid Rolex serial numbers once a month on IPFS and you'd get the exact same security and trust profile without having to involve any "web3" feature?
Like cryptocurrencies, the subset of problems that can only be solved using NFTs is incredibly tiny and speculators rush to make up use cases that, if you think about it for five minutes, clearly make no sense and could be better solved using good old centralized tech.
As the article points out, many NFTs are implemented by storing a URL in the blockchain; the digital artwork sits on some server and is reachable by that link. Fine, you can prove that you own the URL. But what that URL points to can change out from under you, so there's no way to make that trustless. If you own the domain and the server that it points to, the registrar can take the domain away from you and give it to someone else.
In a sense, NFTs are a lot like those schemes we used to see where some company will promise to name a star after you, even though no one recognizes their authority to do this. Fine, that URL is "yours". You just own a sequence of bytes, the ones in the URL, not the ones that the URL (temporarily) points to.
So, this has a really easy fix. The NFT points to a content hash, and the content is uploaded to the Internet Archive (and they're compensated for the storage) as part of the NFT minting process.
Your ownership is now on a distributed ledger, with a cryptographic hash of the content, paired with long term storage of said digital artwork. The Internet Archive's costs are ~$2/GB to store content in perpetuity, which seems insanely cheap to carve off as part of a transaction (Eth gas fees aside).
But then it’s just back to trust based web2, you’re trusting internet archive. That’s his point: this isn’t leading to trust less decentralization in practice. To do that, you’d have to store the NFT data on chain, which is prohibitively expensive
This is where it falls apart for me too, people are paying huge sums for artificially scarce links to someone else’s server? I keep feeling like I’m missing something.
You are missing something - a huge position in crypto. Like the article points out, your existing investment would benefit from all the hype that a slew of crypto-oriented services and products could give. Irrespective of whether those same services could be implemented "better" using standard centralized tech. And - amusingly - irrespective of whether those services offer products that you would ever in a million years have paid for without the novelty of crypto sprinkled on top - e.g. paying big bucks for receipts for jpgs.
Yes, well, the fundamental reason is not what any individual owns, it's that (as the article brilliantly points out) these positions make it a gold rush.
No, they are paying huge sums for a digital certificate of ownership of the content on some else’s server; the link is just the description of what they are certified to own, like the address on a deed.
(There's all kinds of problems with it, sure, but they aren't paying for the link.)
The value of a deed is that it's recognized by a legal system, which is backed by a police force, who you can call if some guy shows up claiming that your house actually belongs to him.
With an NFT, you don't get that. It's equivalent to your county clerk's deed registry, including the $100 filing fee, and excluding the legal machinery which gives the deed registry its value.
> The value of a deed is that it's recognized by a legal system
Sure, I’m not saying an NFT is substantively like a deed, I’m saying the link in an NFT serves a broadly similar purpose to the address in a deed.
An NFT is perhaps more akin to a certificate from one of those star name registry outfits that were popular for a while, but with less specificity as to what you supposedly bought with respect to thing it describes.
On the other hand that same legal system can decide you are no longer entitled to said property and that same police force can come and drag you out of it. That physically (as far as we know) can't happen on a cryptographic blockchain. They can some how convince you that giving up ownership of your NFT is a good idea, but it still has to be of your own volition.
His example of his NFT that gets shut down is showing that because of this layer of centralization, anything that can happen to normal assets can happen to blockchain. Governments can force OpenSea to take your NFTs, OpenSea can delete your ownership at their discretion, etc. All he is left with is a meaningless string of data on chain, while the NFT visual is gone. It’s not immune and protected like people think
Forcing a transfer does not require consent. They’ll seize the hardware that holds your private key.
If you’re worried about the government forcing you out of your home at gunpoint, what makes you think they can’t seize a private key or force a few keystrokes?
Hardware wallets usually have a password enabled, in addition to other security mechanisms. Like I said, not sure the difference matters, but there is a difference.
But what's the difference of just authority making your NFT URL invalid and moving the item under a different URL? That would be equivalent of forcing you out of your home, they cannot force you to give them keys, but they can change the lock.
If they really want they can analyze the memory on your desktop or install a keylogger. There’s so many ways to extract a private key barring a deadman switch and a cyanide tooth capsule.
Again, you’re seriously arguing that it’s harder for the government to take your house rather than give up your password?
Houses also have locks and yet presumably the police can and will bypass that security measure in this scenario. The point is that nothing will protect you in the face of overwhelming force.
Depends on who you are — Gitmo comes to mind – but at least in the United States you can substitute being beaten by agents of the government with being imprisoned where the other prisoners and possibly agents of the government will beat you until you give up the password.
Why not? If NFT ownership ever became meaningful, the people with the guns can simply keep a list of ownership amendments separate from the blockchain.
It kind of sounds like you're arguing that since the blockchain can just be ignored it's somehow less meaningful. But I'll bite:
Then the people with guns now have to expend resources to maintain and enforce those amendments. If they are not somehow just discarding the entire blockchain subsequent to their amendment, they're maintaining an every increasingly complex set of merges. Furthermore their amendment (very probably) isn't a cryptographic blockchain, so it's subject to all the problems that the actual blockchain list are not (forgery for example).
What makes blockchains unique is that they are the first example of these various records (ledgers, titles, etc) that physically cannot be manipulated in certain ways.
> Furthermore their amendment (very probably) isn't a cryptographic blockchain, so it's subject to all the problems that the actual blockchain list are not (forgery for example).
Their amendments are theirs. This is like saying that keeping your own accounting is worse for you than putting it on a blockchain, since someone might forge your own accounting books - it just makes no sense.
"They" can do just about anything they want. They can make their amendment. They can declare the blockchain null and void. They can hold a gun to your head and tell you to sell your NFT. They can even pull the trigger, in an attempt to make an example out of you for the next fool that tries to defy their authority. But the one thing they cannot do is seize your NFT without your volition. Not without breaking some of the fundamental mathematical ideas behind encryption.
Is there value in that in present day society? Maybe not. But there is undeniably something special about it.
> But the one thing they cannot do is seize your NFT without your volition
That’s not true.
I mean, even if the access to the NFT relies solely on material in your head, there are pharmacological approaches, among others, that while not necessary reliable, can cause you to give up information without meaningfully willing it.
And private information will probably one day no longer exist. Imagine some kind of device that can scan the neurons in your brain along with the electrical/chemical state and somehow extract information from that (such as a memorized cryptographic private key). Let's just throw our hands up and give up on cryptography altogether.
Even a pharmacological approach is a side channel attack which no one seems to care to distinguish between attacks on or flaws with the underlying idea. When discussing the merits of blockchain technology we are allowed to take for granted its very obvious underlying assumptions. Namely that there exists private information held by a user of the system.
"the link is just the description of what they are certified to own"
No a link isn't a description of its content, just like the article demonstrated the content can change to anything, anytime, in many ways. Even if the URL contains the hash of the content like with IPFS URLs it's not a description of the content but one step better because you can check if it's pointing to the content it supposed to be.
More importantly, they don't own the original item. An unofficial version of a deed registry says they own the link to the item. That's not the same as actually transferring the copyright or anything.
As I understand, most NFTs don't confer any copyrights. So unlike a deed, it's not a certificate of ownership of the content at all. Some other entity still owns the content in the legal sense.
> As I understand, most NFTs don't confer any copyrights.
Yes, one of the “all kinds of problems” I mentioned upthread (this one isn't an inherent problem with NFTs, but seems to be a practical one with many current NFTs) is that while NFTs certify ownership of something with regard to the linked content, exactly what that is (beyond the certificate that is the NFT itself) is often not clear, even, AFAICT, to the purchasers.
But they don't even get the ownership of the content. The original creator still owns the copyright, and as a the buyer you don't even get a license to use the work in the NFT. The copyright is the only meaningful way you can own digital art.
I think it's worse than that since, as described in the article, NFTs don't include a hash of what the link points to. So you own a certificate that describes the content of a link in the very literal sense of describing the characters in the link URL and not really anything more.
> ok so you own a certificate that describes the content of a link
More precisely you have a certificate that says you own something (often ambiguous, though this could be precise; ambiguity is a choice in the minting of an NFT rather than a fundamental issue with the technology) relating to the content described by means of a link (the NFT may or may not include additional description of the content via metadata.)
Well I imagine opensea at least prevents url collisions on their own service, but yes as the article demonstrates someone could sell the same url on several services while changing what that url points to whenever they like. I think most of the time the url points to the marketplace itself though?
So I suppose it is more accurate to say they own that particular citation of the url embedded in the blockchain, for certain values of own.
> But then it’s just back to trust based web2, you’re trusting internet archive.
Correct, because it's clear storing the content in web2 Internet Archive is superior ("you’d have to store the NFT data on chain, which is prohibitively expensive"). They will persist regardless of web3 shenanigans, and hash addressing ensures content integrity. You could even use a torrent to store and serve the content (again, which uses hashes to identify and preserve integrity of content).
Why would one trust a distributed ledger over a centralized archive run by folks whose primary focus is on preservation of the bits they're storing? The economic benefit of running storage nodes of encrypted content is unlikely to ever be sufficient to provide the same economic incentives a corporation or non profit realizes by offering the durability a centralized service provides (due to scale).
EDIT: @Ragnarork It seems like web3 is making some promises it can't keep?
I'm not sure it's even necessary to use Internet Archive or a torrent? If I own an NFT whose hash is stored on-chain, I can just ensure the availability of the preimage by storing it myself.
Then when I want to interact with a centralized NFT marketplace, I can upload the preimage to their server. They'd verify the hash and store the image. I'd continue storing it myself though, so if that marketplace goes away, I can follow the same process with another one.
If the NFT contained the content hash, your and the creators public keys, a signed timestamp, and the signature of those parts by the content creator, then the content could be stored elsewhere no?
Obviously you'd want to keep a copy yourself, but at least you could then prove to others the file you have really is the one the creator sold, no?
No expert at these crypto things, in either sense, am I missing something?
Say you add all that information to the transaction, to verify it in the future you still need to run the original file through the same hash function to prove they match.
Its common for image files to be modified, many times even automatically by the hosting service. They might compress it, remove unnecessary metadata, or add metadata for themselves. Any of that would break the hash, so you'd need to make sure any host you use to store the original absolutely never changes the file.
Then what? Well the image exists and you can verify it wasn't changed off-chain since the transaction finalized, so that's good. There's now an image publicly available online BUT a specific block chain says you own it, so that's also cool.
But wait, that hash isn't guaranteed to be unique so really anyone could make another NFT pointing to the same URL and file hash, now they also own it? And anyone could just download the file, so they own it to? And there are no legal protections for NFTs, so what was the benefit of paying to have one block chain transaction say you own it in the first place?
> so you'd need to make sure any host you use to store the original absolutely never changes the file
Which is trivial, just download the file. The place where you bought the NFT would ideally have some facility where they guarantee you can download the correct file, otherwise why buy from them?
> But wait, that hash isn't guaranteed to be unique so really anyone could make another NFT pointing to the same URL and file hash, now they also own it? And anyone could just download the file, so they own it to?
Preimage attacks are quite hard to accomplish from what I understand against modern, secure hashes. If the hash used is later broken and a preimage attack is possible then yeah you're screwed. That's a risk you take.
As for exclusive ownership, I forgot in my initial reply to add another aspect I thought about which was the license. That is, some well-defined licenses should be specified, similar to the Creative Commons stuff, and the NFS should specify one of them. Then you know if you get copyright or not etc.
Enforcement of the license would of course be similar to other digital assets, ie hard to do unless you're big, that's just the nature of digital things.
Now, just to be clear, please don't take this to mean I'm advocating NFTs. I just think the way they're currently used seems to make them completely worthless, while in theory it might be possible to make them not quite worthless.
What's the benefit of having the URL permanently stored on the blockchain in that case? If I have to download the original file as soon as the transaction completes to make sure they don't change the photo on me, why bother?
And then what am I spelling later? A transaction immortalized in a block chain with nothing more than a broken URL and, at best, a hash of the original file?
Edit: I realize I sound a bit dickish in how I'm replying. Don't take it that way, I'm really confused at how NFTs solve anything but really appreciate the conversations here and am glad to hear differing opinions!
> What's the benefit of having the URL permanently stored on the blockchain in that case?
Not much as far as I can tell. I mean it would kinda be like a signature on a painting, in that it's a visual indication of who made it. But the proof would be in the digital, cryptographic signature.
> I'm really confused at how NFTs solve anything
I'm in the same boat. I'm just trying to figure out how they might be useful if they implemented them differently.
I don't even know if I like this idea, but it'd be a different ball game if NFTs held legal status. That goes pretty counter to many of the usual benefits claimed of crypto projects,but if an NFT was treated as legally binding ownership that could make them really useful
I thought we were talking about the problem of someone pulling the rug out from under you by changing the content at a URL. The hash solves the problem, but what you are talking about is an entirely different subject, and a problem which all NFTs suffer. Or not a problem, but just a general property of NFTs and crypto as well. The network effect is extremely important with blockchains. You could also fork BTC right now and claim you own everything on the chain. Doesn't mean people will honor it.
A hash doesn't really solve the core of the rug pull problem. If the hash doesn't match you know the file at that URL changed, but how was it changed? Was it just a metadata that didn't really change the artwork, or is it a totally different file?
And what does it mean for the transaction on the block chain if both the URL and the hash no longer match? Is it worthless now and unsellable? Or do you sell it with a note that says ignore the URL, ignore the hash, or both?
I did point out other issues and that may have been unnecessary, but a hash doesn't solve the rug pull problem if the art isn't part of the encrypted and (mostly) immutable transaction block.
Not really. The hash would prevent someone to pull the rug unnoticed, but it wouldn't prevent rug pulling in the first place.
With a hash, you would be able to prove that what's currently at that url isn't what you bought, but (since hashes are by definition non-reversible) you wouldn't be able to show or see what it was you bought (unless you stored it somewhere else yourself).
No you're not - it could be stored in multiple places. It's, a hash, not a URL, and if it's a properly constructed hash it would hard or impossible to fake. The content on server other than internet archive would have the same hash.
It’ll scale like S3, et al.: replicated storage requires ongoing payments because sysadmins need to be paid, storage needs to be bought & replaced, network bandwidth is metered, etc.
It could be cheaper if someone can finally make a P2P network which becomes and stays popular[1] but it’ll always require more than a one-time payment. That could be donor funded (Internet Archive) but I’d be leery of assuming anything long-term unless you’re paying for it.
1. Abuse is the hard problem here: if I host a node, when the police download something illicit my IP is the one they see and I have to prove that it was done without my knowledge. This is why nobody does this except for known sources.
> It’ll scale like S3, et al.: replicated storage requires ongoing payments because sysadmins need to be paid, storage needs to be bought & replaced, network bandwidth is metered, etc.
That's what they are trying to solve with their tokenomics model.
The value of token will appreciate over time whereas the price of storage will keep getting cheaper.
It's simpler than s3 in many aspects so I'm not sure you would need a system administrator. Everyone can run a node and things are replicated many times over. The failover model is to look for the next node. There are no API, security, access, etc consideration to be maintained at the node level.
Data itself is public by default.
> Abuse is the hard problem here: if I host a node, when the police download something illicit my IP is the one they see and I have to prove that it was done without my knowledge. This is why nobody does this except for known sources
> The value of token will appreciate over time whereas the price of storage will keep getting cheaper.
That's not a given, however, and it's not just raw storage but also network bandwidth and operator time which all require regular ongoing payments. Expecting newcomers to pay for the early adopters' storage in perpetuity is tricky because you need high demand for an otherwise useless token but there's a limit on the price for most users in the form of all of the competing options, which are currently faster and more reliable.
> It's simpler than s3 in many aspects so I'm not sure you would need a system administrator. Everyone can run a node and things are replicated many times over. The failover model is to look for the next node. There are no API, security, access, etc consideration to be maintained at the node level.
It's not that simple: anyone running much storage will need to spend time replacing failed drives, managing their bandwidth relative to demand, etc. That time needs to be paid for. Massive replication is necessary to deal with the reduced node reliability but that means the network needs to pay for considerably more storage in total than, say, Amazon does and adds significant scaling issues managing all of those extra nodes with more frequent status changes.
This has been tried a number of times before and it always founders due to being slower and less reliable, with considerably more complicated software required to deal with all of those issues which the competitors don't have. It's possible that this will be more successful but I think it's really important to look at how the market pressures have consistently gone in the other direction. Amazon didn't end up with exabytes of storage in S3 because it started there — people migrated their data there because it was faster, cheaper, and easier to have it there — and that is a competitive challenge for a replacement trying to build on nodes which aren't maintained with comparable levels of service.
Thanks — I’m trying to keep an open mind here but it often feels like there’s a lot of history which people could benefit from. I’m not terribly old but I’ve seen a few iterations of these ideas crash on the {freeloader,abuse} rocks so I’ve been reconsidering whether my earlier enthusiasm was more a mirage than practical.
Why's there a need to trust internet archive in this situation? If the content hash is no the ETH blockchain, then it's immutable. You can make as many copies of the underlying image as you want so that sticks around permanently.
IPFS is famously slow/unreliable, not widely used, and you still need to pay for hosting of anything you don’t want to lose because storage, bandwidth, and operator time aren’t free and someone needs to get paid to deal with abuse.
They can delete the content. That's the only "change" they can do. It's like your watch analogy, except you can easily back up an image, but cannot back up a watch.
I see no reason they couldn’t change the content rather than just delete it. In fact the article shows an example of exactly that in practice.
Sure you can back up an image, but the backup is worth the same as a copy of the NFT: zip. You now own a pointer on the blockchain to nothing and a jpeg on your disk. I’ve got a lot of that going on already with zero expenditure.
The article was about the NFT containing a name. This thread is about "NFT points to a content hash", to quote toomuchtodo. You can't change the content and keep the same hash.
Similarly, you can prove to others that the version on your disk the version pointed to by the blockchain by having people check the hash.
Or even just include a content hash along with the URL in the NFT payload. Just a way to verify the referent of the URL hasn't changed since the NFT was minted. Where you can find the content with that hash if not the URL can be left arbitrary or out-of-band, but it's at least capturing a fingerprint of the content, not just an address.
It seems like this would be absolutely trivial to implement, right? Just... add a separator token (say `#`) and a content hash (say with `sha1:` prefix, urn-style) to the end of the URL that's already in NFTs.
I don't really understand why NFT's don't already do this. I don't understand why they didn't do it from the start. It seems an obvious choice to me in designing such a thing. Like, it's so easy, and such a step up in making NFT's do something closer to what people think they do... it leaves me thinking that the design of NFT's just wasn't done seriously, and nobody using it really cares.
Despite the various claims about how the worlds smartest most talented developers are working on web3… that’s not true. It was a significant oversight and I think technical leadership in the space is lacking. You have people who know lots and lots about crypto stuff but they are focused like a laser.
It’s like that crypto thought-leader on Twitter who didn’t know his NFT’d pfp was being served to various web clients over http.
It’s also why web3 startups are throwing huge cash at engineers from “web2” companies because, while they may not be crypto experts, they know how to build scalable systems, how web tech works etc. That knowledge is sorely lacking in the crypto space.
There was an "interesting" thread yesterday by some people who were surprised that static analyzing a contract and a once-over code review weren't enough to prevent the author from instantly stealing all their money.
I don't know for sure, but I'd guess they don't do file hashes because image hosts so often change the file you uploaded. They might compress it, remove unnecessary metadata, or add their own metadata. All of that would change the file contents, breaking the hash.
A permenantly verifiable has still doesn't really solve it though. Someone can still change or remove the file later, even if you downloaded the original before you now have a transaction with a bad URL but a good hash. You can't update the transaction to change the URL, so what would that mean for anyone wanting to buy the NFT from you?
There's also the much bigger issue - say we solve the above problem as well. There are no legal protections for NFT ownership and there is nothing stopping people from just copying the artwork you own. What's the point of paying so much money for the right to kind of own a piece of art that anyone can legally copy and use?
> What's the point of paying so much money for the right to kind of own a piece of art that anyone can legally copy and use?
I don't fully understand the "collector" mindset. But let's assume there are people, similar to whales in free-to-play games, that are willing to pay ridiculous large sums for what the majority would not be willing to pay anything for.
Now, think of those collectors as being willing to pay for ownership over original artwork.
The Mona Lisa itself has many replicas, you can buy prints of it, and you could probably easily find paintings of it for much cheaper. Those are all copies as well, but their monetary value is much lower, because people know they are not the original.
Now, think of photography, there are people collecting prints, sometimes of digital photography. Similarly, the 1st print is worth a lot more. Think of Vinyl records, or CD/cassette tapes for music, the worth of the 1st pressed record is a lot more, and collectors are willing to pay a lot for them.
Now think of complete digital art, that which is not even printed. Which is the "original"? Unless you were to own the HDD or the RAM stick where it was first recorded, all instances are perfect copies of the same bits. So instead, the "original" is the first person the artist publicly acknowledged as the owner of the "original". It is like the artist signing the print. This is recorded in a public ledger, that people trust and believe to be very hard to manipulate or fake. That is what an NFT is.
You might find it absurd, but is it anymore absurd than paying lots of money for the 1st print of a photo? Or the first pressed vinyl? Or the first book as signed by the artist?
The value is in people's head and emotional attachment. Someone was given by the artist themselves recognition of the piece signed in a public ledger. That's now the "original" and people assign it value.
You can think of it a bit how a lot of collectors offer public showing of their collection, the fact others can "see" the artwork for themselves isn't what make it valuable, it's the emotional knowledge around it, that of having it handed directly by the artist itself.
This is what I've understood of it at least.
Edit: Now the article still makes good point, that as it stands, some NFTs are ambiguous as to what artwork they even relate too or if they were truly created by the "artist".
That's a good explanation and it looks like people do value NFTs for those reasons. But it still doesn't compare to the Mona Lisa which if I possessed it I would know that only those physical brush strokes came from Leonardo's hand. The vinyl example is better. But even then the vinyl is physically old and unique. I can take it out and know that it was pressed in 1972. The NFT is just pixels on my screen that are a copy of a copy of.. and will be destroyed when I close the viewer.
> But it still doesn't compare to the Mona Lisa which if I possessed it I would know that only those physical brush strokes came from Leonardo's hand.
I think the idea of NFTs is that you know that the original artist (Beeple or whoever) issued the NFT, they clicked the buttons and saw the same hash you see on your screen.
Like if Leonardo da Vinci sent you a cryptographically signed email with something in it indicating that you specifically owned it, you'd probably find that valuable even though it's "just pixels" and the email can be copied - the ownership is embedded in the signed email (your name or public key, let's say) and can't be copied.
I think that's the point, anyway, I still don't think I really get it...
> But it still doesn't compare to the Mona Lisa which if I possessed it I would know that only those physical brush strokes came from Leonardo's hand
There's probably a whole industry around recognizing a true or a fake painting. I'd say if you possessed the Mona Lisa, you might still doubt its authenticity, or find yourself in a big debate with others who claim to also possess the "true" Mona Lisa. In a way, NFTs don't (or could be made not to) have this problem. I think this is actually something that people in the market of art collecting and trading actually value. I think especially in private collections, you can claim to have sold me the original bible of Pope Pius XII for 10 million and hand me a bible that is a fake, I believe to now have the real one. And then I can go and resell it to someone else for 11 million, while you also go and sell the real one you still have for 20 million to another person, and now three people believe to all have the real one. The NFTs being in a global ledger, it would be clear who owns it truly, even if three people have a copy of the same PDF.
> But even then the vinyl is physically old and unique. I can take it out and know that it was pressed in 1972.
That's because you value the artifact. But I'd say in this case the NFT IS the artifact. The NFT is what will live on, because in 2125 (assuming the chain still exists), someone will have this token tied to their own wallet. They can know that it was minted in 2021 with the same certainty (and possibly even more certain) that it was truly minted in 2021 by the artist himself (or at least the person whose key society believes was the true artist).
Finally, if the NFT contains say an IPFS URL, or some other content describing attribute, its even more clear. You know you own the first "copy" if you want.
Let me put it some other way. I create some JPEG drawing. I then hash it and have a hash of its content. I then register my art (the JPEG) on some chain by creating an NFT for it which contains said hash (maybe in the form of an IPFS URL). At this point, the world through the public blockchain ledger knows about my JPEG art, and as the first in the chain, I prove to be the creator, or it is known that I am the creator through some other means, like posting it to my blog.
I own the NFT for my own JPEG art at this point. I can host it myself on IPFS, or maybe I just post it on my blog, or even keep it secret on my computer. Now you want to buy it from me. At that point you pay me money and I transfer the NFT to you, the ledger now says that the token started from me and was transferred to you. You now own the token that says that the IPFS hash URL or the hash of my JPEG art belongs to you and was given to you by me, the artist. I also give you a copy of the JPEG itself through whatever means, maybe you download it from my IPFS hosting, or I send it to you by email, or you download it from my blog, etc.
In the digital world, it is all copies, but only you have the token.
Ya, if the token doesn't include the content description like a hash, it's a bit fuzzy and a lot crappier, because while it would show you got some token from me the artist, its not clear which of my artwork would be the one you have, assuming in 100 years the URLs were to no longer exist for example, or to point to something else. But I think this will become the norm eventually to have the hash or use IPFS.
I agree with you, I still would prefer a physical artifact, something that you can see the wear and tear, something from an old era, maybe it doesn't even look the same, maybe bits of it are gone and forgotten. But that's just me and what I'm willing to value. If people are willing to value a digital good the same, knowing the token traces back to the original artist, and they see the value in that, then it can be worth just as much.
If your solution is to trust the Internet Archive, why not just skip the blockchain part?
Any hash can match virtually unlimited number of different turd images.
And even if you trust the hash function to never be broken or brute forced with future technology, it can only verify the image, not prevent it from being deleted or altered, rendering the NFT broken and useless. Verifiably broken and useless, but still...
And why are NFT links so common, because they just seem short sighted to me and borderline dumb considering how volatile everything in the crypto space is?
Nothing about NFT's seems long term viable as they are now.
So long as "number go up", nobody cares. The moment number start going down, there'll be a magic new buzzword (ICO, token, smart contract, enterprise blockchain, DeFi) for people to speculate on and distract from the fundamental problems.
Is there any market pressure that will demand a change to the cryptographic hash? Is any of the current speculation concerned in any way about the content hosted at the URL, or just the current value of the NFT and what you can sell it for.
There is. Not from the entire space, but there's a bit of street cred you get by being entirely 'on-chain', as they say.
Within the smart contracts themselves is a read function for that content uri that provides all the data needed (from what I've seen, a hashed string) to generate an .svg file. But it obviously taxes the system and costs a lot more in gas fees (not to read it, that doesn't cost gas fees, but to deploy the contracts and mint), especially the more complex those are, which is why you mostly see it with 8-bit or very low-res artwork.
Cryptopunks being the most well-known (and also the most valuable) NFT project is all on-chain, and Anonymice being the most open and forked project that does this. EtherOrcs does it a little differently but is also on-chain and has completely open contracts you can refer to as well.
There's quite a few more besides this, but I don't know what percent it is, probably pretty small. Some people won't buy anything that's not entirely on-chain. But you're right that most people don't really care, they just care about the price or the image.
I've been digging through the Anonymice and EtherOrcs contracts to get a better understanding of the different approaches they took (and I still wouldn't say I completely understand it yet). It's pretty interesting, though.
EDIT: Sorry, you only said cryptographic hash. Cryptopunks started by providing that, but then moved to entirely on-chain (so above and beyond that), where you could query and get a full SVG file or stream of pixels for any given image directly from the contract.
This gives me an idea: Internet Archive could sell Internet Tokens™ that function exactly like NFTs (but stored on the Archive instead of blockchain). Holders would be incentivised to make sure that the Archive continues to exist via donations. It's a win win for everyone
I think they mean you keep the URL and the content stays in the Internet Archive.
But it could also mean that the Internet Archive creates a special page, say, "Owned URLs", where they list a username owner for each URL that someone has payed for. If you wanted to trade your URL, the IA would get a small cut to modify the contents of that page with the new owner.
This is 1:1 equivalent to the proposed scheme, but cuts out the inefficient "mint NFT on Ethereum blockchain" step, replacing it with a simple database on the IA side.
We can add the hash of the content but what happens if the URL goes 404 or the web server disappears? I'll be the owner of a useless pair of URL and hash.
Or those NFT contents (and the URL domain!) are guaranteed not to disappear unless many web 1.0 and 2.0 services people was paying for and went out of business?
I’m not terribly up to date with IPFS (so feel free to correct me), but if I’ve understood it correctly, it’s not dissimilar to Bittorent where files are seeded by interested parties and if no one happens to be seeding any longer, the file is essentially dead?
It’s almost like you want some centralised entity to preserve copies of the images these NFTs link to.
I wonder how many IPFS-backed NFTs are only being seeded on nodes run by the big players like OpenSea?
I guess at least if you keep a copy of your NFT you can start serving it over IPFS yourself if whoever is hosting it can't be bothered anymore, or pay a service to on your behalf. It's sort of the ideal use-case for content-based addressing, I would think, since you're trying to prove some sort of connection with/ownership of/patronage over a piece of content. And it should be more long term resilient than a centralized solution as long as the NFT owners themselves don't lose their own files. At least the incentives are aligned (if you own the NFT you will want to keep at least one copy, if only so you can show it to potential buyers!)
It seems a substantially less silly idea than pointing a token at a url that you don't control. I guess I'm surprised that NFTs aren't all hosted on IPFS or something like it, if only as a backup. Like, have these people not heard of linkrot?
But I guess as long as the buyers don't realize yet that their immutable ledger entry can become a dangling pointer in a puff of smoke, it doesn't matter.
> But I guess as long as the buyers don't realize yet that their immutable ledger entry can become a dangling pointer in a puff of smoke, it doesn't matter.
I was surprised too, but only for a moment. In the end it's basically just a record that you "own" a small amount of data (url, ipfs hash, 'coin'). Unless my ownership gets me some utility (like exclusive access to the jpeg, maybe? Ability to transfer the ownership to El Salvadorian govt to pay my taxes?), I don't see how it has value
Yes, not dissimilar from torrents. Instead of being name-addressed and requiring the name owner to provide the infrastructure to serve the data (as with HTTPS), data are content-addressed so that anyone can serve the data.
Many NFTs are hosted by NFT platforms, and also by services such as https://nft.storage/ (backed by IPFS & Filecoin). It's quite trivial though to take the IPFS CID and pin it somewhere else (local computer, a pinning service like Pinata, etc.), and anyone can do it at any time. If all you want to do is be able to prove ownership at some point in the future, you don't really need to host the content indefinitely on IPFS...just host it when you need to.
Arweave nodes can choose not to store data (and will likely drop data that's not profitable over time also), so I'm not sure that it's really a solution.
Individual nodes can choose not to store it, but your data is sharded amongst many nodes. Usually it's something like 64/96 redundancy - it's sharded across 96 nodes and at least 64 must be online to retrieve the data. It gets re-distributed if some nodes are offline for a while (not sure on specific numbers)
This was insanely surprising to me - I actually always thought the jpeg/art was stored as a kind of ‘blob’ on the blockchain that it was authenticated against the owners wallet/private key.
Some NFTs are stored this way (e.g. Blitmaps, Terraforms, Corruption(*s), &c); it's a more restrictive artistic medium since storage costs are high and technical limits feel like a trip back to the 80s. If you can fit nice art into the constraints then it can become quite popular/valuable since fully on-chain NFTs are actually decentralized (rather than the more common practice of linking to an external image).
We need a version of Freenet, where the network _guarantees_ that your content is always highly available. Well, at least as long as the tech/network itself is still alive.
Every user of the network has to provide some storage for the network itself. If there's not enough storage to safely store your new content on the network as highly available, the network would just say sorry, can't do right now, please wait on the line while we get new storage (users).
Sure, it would need some massive network effect to work at scale, but we have now, what, billions of devices connected to Internet? That ought to be enough.
I never really understood this current "decentralized" tech. Decentralized hashes with centralized gate keepers, and mixed with "old school SPOF tech", e.x. the VPS's that store the actual content. wat.
> Sure, it would need some massive network effect to work at scale
And nobody wants to participate. These projects are doomed to be extremely niche. As TFA points out, even nerds do not want to run their own servers at this point.
It could have worked in the days of casual piracy (kazaa, napster, certain private torrent sites etc had a shitton of users) if you managed to sell it as a way to do exactly that..
But getting people to install apps today to donate their bandwidth and disk space for.. what cause? Let alone when they figure out that gasp your storage may then be used for illegal material. Nah, it just doesn't work.
>your storage may then be used for illegal material
Then forget about the anonymization features of Freenet, and build something that ties to your Google Auth, Facebook ID, Government ID, whatever.
And let LEA access all of the content and seize/prosecute illegal content. Really not that different than storing your content on any of the cloud storage providers. With the exception that your data would be always guaranteed to be highly available, and not on just one or two centralized cloud storages.
>But getting people to install apps today to donate their bandwidth and disk space
> And let LEA access all of the content and seize/prosecute illegal content. Really not that different than storing your content on any of the cloud storage providers. With the exception that your data would be always guaranteed to be highly available, and not on just one or two centralized cloud storages.
It’s not that simple: if you host anyone’s content, you’re taking on personal risk (do you want to have to convince law enforcement that the pirated Disney movie or child pornography served from your home IP was served entirely without your knowledge?), giving up your resources (“Netflix is slow, turn off the mirror and see if it gets better!”), and getting slower performance/reliability (e.g. why OpenSea uses GCP instead of IPFS) immediately in the hopes that it will at some point in the future become worthwhile.
Note also that cloud storage is centralized administratively but distributed for reliability. I would give very long odds that you’re more likely to lose data through random IPFS nodes disappearing / dropping your data than on S3, and if you have to run your own geographically replicated nodes it’ll cost more in your time until you have a very large amount of data.
Statistically nobody does that, and because P2P networks need to significantly over-provision to compensate for unreliable nodes it’s hard to get anywhere close to competitive. The Linux world has the freedom ethos, no concerns about copyright/malware/etc., and still few people torrent ISOs because it’s usually slower.
No, we don't. IPFS guarantees that the owner can host their own NFT forever (there are multiple pinning services if they don't want to run a server). This is the best possible model. If even the owner doesn't give a shit, why should anybody else?
It's true that most NFT buyers have zero idea how this works. In 2 years multiple shitty NFTs are going to turn into 404. This is fine - people will learn to only buy images that use ipfs.
Your response is different from what I posted. You can always pin the image on your ipfs node and it's going to resolve to the same, unique, hash (well, unless preimage resistance of sha2 is broken...) allowing everyone in the world to download it. That doesn't mean it guarantees availability - nothing does - someone has to host it.
Ultimately, the owner has to host it, or pay someone to host it, or hope someone else hosts it. Although nfts are small enough that any semi-popular ones may stay alive potentially forever as long as someone, somewhere, hosts it on an ipfs node. Potentially long forgotten by literally everyone alive.
Well the image could also be embedded in the data of the blockchain and/or a irreversible (currently) hash made for the image sitting on the server. Now will a court enforce that digital contract as a legal contract if the person takes down the server or puts up a different image? shrug I doubt it under current law.
I definitely agree that most people/projects/etc gloss over that fact that there still needs be a 'start of authority' to be trusted with NFTS. I think a major upside of doing the digital transactions on a Blockchain (as opposed to the system you described) is that the start authority does not need to be present or keep track of any future transactions. In your Rolex example, I believe that there would be no way of person A selling their Rolex (and digital rights of the Rolex) without notifying Rolex and Rolex having to keep track of transaction. With a Blockchain, the people could agree that the 'start of authority' matches the public address that is associated with Rolex and then proceed with the transaction with no need for any middle party.
I played a decent amount of Runescape growing up, so when I first heard of NFT's I naturally thought of that game. I would definitely find intrinsic value in truly owning an NFT of some of the rare in game items. And knowing that even if Jagex (parent company) disappears that I still have ownership over the items definitely adds a lot of value.
But see, this is where I get lost in this concept.
Should Jagex fold and the game become unplayable, what do you own? An entry in a database that says that you once had this item but you can't do anything with it? Why is that valuable?
I can sort of see the argument if other game developers allow for these items to be reused in other environments, and that's something pushed by NFT enthusiasts, but I don't see how that makes economical sense.
For one thing that puts a lot of work on the table of other game developers. If every NFT of every game needs to be usable in other games, can you imagine the headache? It's a combinatorial nightmare.
Besides devs want to make money selling their own NFTs, not adding items made by others for free, so what incentive is there for adding support for your rare Runescape item in some other game? Seems like devs would rather sell you a special "Runescape retro item set pack, only $9.99!"
And then we haven't even touched on IP issues. If you have an NFT of Lara Croft, can the devs of another game just clone the model in order to let you import her?
I feel like all of these issues by far dwarf whatever convenience NFTs bring to the table. The problems I outline above are the ones that need solving, and if you find a way around those you could very easily achieve what you want without "web3" tech (see Steam trading cards and Nintendo's Amiibos for instance).
>Should Jagex fold and the game become unplayable, what do you own? An entry in a database that says that you once had this item but you can't do anything with it? Why is that valuable?
Sometimes just ownership of something is valuable in itself. That's the whole idea of collectibles, it's not always tied to its original utility. Think having an original SNES versus an emulator on a computer or an original Picasso vs a digital jpeg copy.
>For one thing that puts a lot of work on the table of other game developers. If every NFT of every game needs to be usable in other games, can you imagine the headache? It's a combinatorial nightmare.
Every NFT of every game doesn't have to be usable in other games, but the option to easily access the in-game ownership records of another game can allow for some asset sharing.
>And then we haven't even touched on IP issues. If you have an NFT of Lara Croft, can the devs of another game just clone the model in order to let you import her?
No but maybe I can give a Croft-esque outfit to an in-game character if the player has the Lara Croft NFT. It could be a selling point to some players to be able to play with assets inspired by another game they love. It could also add some unrelated mechanic to a game in which case the NFT is just used as a marketing ploy to advertise to a certain demographic. Re-using NFTs could also be completely unrelated to 3rd parties and can allow developers to allow easy migration of old assets from old games to new ones without having to maintain teh records themselves.
>I feel like all of these issues by far dwarf whatever convenience NFTs bring to the table. The problems I outline above are the ones that need solving, and if you find a way around those you could very easily achieve what you want without "web3" tech (see Steam trading cards and Nintendo's Amiibos for instance).
Again, the idea is to have a digital asset that can be traded (in terms of ownership) like a physical asset would -- without the need for a centralized mediator. Just because certain applications typically act as centralized gateways doesn't mean the blockchain itself is centralized. The hope is for the blockchain to be used as a reliable source of information for decades to come with the ability for anyone to participate if given the very accessible minimum resource requirements.
> Sometimes just ownership of something is valuable in itself. That's the whole idea of collectibles, it's not always tied to its original utility. Think having an original SNES versus an emulator on a computer or an original Picasso vs a digital jpeg copy.
But with a Picasso the scarcity is inherent in its physicality: there is only one in existence. With digital data, it is infinitely reproducible and fungible. If I replaced a JPG with a bit-for-bit copy, no one would notice nor care. Not so with a Picasso. So, NFTs are supposed to come in a make a record of your purchase of this JPG, but unlike the Picasso, this JPG does not physically exist. It must be stored somewhere and, unlike the Picasso, this has an ongoing cost. You don’t need to pay to store the Picasso (although most collectors certainly don’t just keep it in their house, they could). But you do need to pay someone - whether a company or a decentralized network - to keep storing your JPG and once you stop, it’s gone forever. It seems like it would be more future proof if Jagex just mailed you a physical print of the JPG and a certificate of authenticity.
I think saying "an original Picasso vs a high quality knockoff" would better clarify my point. I would also like to add that scarcity is not inherent in physicality, especially when a physical copy of said physical item can be made. I would argue the recorded ownership and verifiable provenance of the item make an original Picasso valuable. People don't care about just having the art because the art can be easily replicated, physically or digitally.
And yes there may be an ongoing cost associated with storing a digital image, but you could also download it on your computer, print out the image, or try one of the decentralized solutions. Ideally the metadata and image would be stored on something like Arweave (which only requires a one-time payment) since reliability through decentralization is one of the goals of the web3 movement.
>It seems like it would be more future proof if Jagex just mailed you a physical print of the JPG and a certificate of authenticity.
If the hosting of the image goes down then you still have the attestation of owning the asset on the blockchain (signed by a private key that has been associated with Jagex on creation of the NFT). As for the physical print option, I'd say since physical things can be destroyed much easier than digital items, I'd prefer it if the certificate of authenticity was just an NFT (trying to enforce an NFT to belong to the same owner of a physical asset is a losing battle).
All in all I'd say NFTs bring value to asset collection by providing stronger attestations of ownership, public provenance, and resilient record-keeping.
> No but maybe I can give a Croft-esque outfit to an in-game character if the player has the Lara Croft NFT. It could be a selling point to some players to be able to play with assets inspired by another game they love
Why would a company do this? They spend a load of dev time to create a valuable in-game asset linked to a non-fungible token created by a third party which only one person can possess at a time and then... hope the NFT owner pays $34.99 for a retail copy of the game, otherwise the asset goes unused?
That doesn't sound like a scalable marketing strategy.
Typically people don't build features around individual NFTs but NFT collections. If 20k Lara Croft NFTs were minted in a special Tomb Raider NFT collection, then the access to the new skin would be available to any of the owners of the 20k Lara Croft NFTs in the collection. I think the misunderstanding here is that an individual NFT gives unique access to an in-game asset, sometimes NFT collections give unique ownership to a copy of the same game asset.
That doesn’t really change the question, though: the Tomb Raider developers don’t need an NFT to do that, and any other company isn’t going to spend much of their money giving something for free to a handful of someone else’s customers. Why spend time on that instead of, say, charging $10 for the homage DLC which gives them actual revenue and from a much larger number of people?
For example, how many of those NFTs would have been lost or stolen — and do you want to tell potential buyers “sorry, nothing we can do about it - blockchains mean no margin for error!”
Fair enough, creating an asset which 20k people with access to a collection theoretically might use is more attractive than creating a unique asset for a unique token. It does seem strange that the supposed "killer app" for NFTs in exchangeable game stuff wouldn't have any use for their core feature (uniqueness on the blockchain) though.
If a developer wanted to market games by offering inducements to players of other games in the form of unique content it seem like a lot of other solutions would be more attractive than the blockchain. Partnership with other developers or platforms like Steam gives you an actual marketing channel to hype the special add on for Tomb Raider players, and to a lot more than 20k people. The only case where I can see them preferring to attract small numbers of players of a third party game who paid that developer for NFTs rather than every player of that game is if their game is pure pay-to-win bullshit and there's no point in targeting the sort of player who doesn't buy NFTs...
Indeed. What's more, even if publishers wanted this, it's all possible without a blockchain. If game publishers decided to coordinate on respecting shared digital assets they could just agree on a common "digital item" spec where a connected client could prove item ownership using public key cryptography and digital signatures, similar to how JWTs let a client prove claims about another system. The same spec could allow users to trade digital assets in a peer to peer manner by signing a record of transfer to another user's public key - it'd then be up to the buyer (i.e. the software they use to verify the signing) to register the updated signature chain with the relevant game vendors.
> In your Rolex example, I believe that there would be no way of person A selling their Rolex (and digital rights of the Rolex) without notifying Rolex and Rolex having to keep track of transaction.
What does "digital rights of the Rolex" mean? Also, why is it harder to notify Rolex of this transaction than it is to notify some blockchain?
> Couldn't Rolex issue a PGP signed CSV of all valid Rolex serial numbers once a month on IPFS and you'd get the exact same security and trust profile without having to involve any "web3" feature?
A serial number can be copied and engraved onto a forged watch, so not really.
A more analogous scenario would be if Rolex embedded an NFC hardware chip with a private key inside the watch, such that anyone could wave their phone over their watch and verify that the chip’s cert was indeed signed by Rolex.
Well sure but that's the "analog gap" problem. NFTs don't fix that, do they? In the end there'll have to be something that will tie a given NFT to a given watch, and one way or the other it'll be the same issue as tying my CSV to a given watch.
I agree, one can’t easily tie an NFT to a physical object. Nothing guarantees that the watch and NFT change ownership in tandem.
All I’m saying is that a serial number doesn’t really prove anything because it’s trivial to copy. A private key inextricable from the object would be better, because it could generate timestamped signatures as proof.
Yes. I regret not being more clear in my original comment, because the scheme I alluded to is an application of public key cryptography, such as Certificate Authorities, and is not about cryptocurrencies specifically.
The point of a signed timestamp (and/or challenge string) is that it demonstrates the signature is freshly generated, proof that the device is authentic right then and there. An old copied signature would not have this property.
This is sort of true.
In the case of the watch, if you read the blockchain for the serial-number on the Rolex, you could engrave that too? The storage medium of the data wouldn't make a difference.
The same could be said for the NFC chip. Those are copied all the time. Just purchase a blank and overwrite it with an original.
> NFC hardware chip with a private key inside the watch, such that anyone could wave their phone over their watch and verify that the chip’s cert was indeed signed by Rolex.
This is an excellent idea and I am now wondering why luxury brands haven't started doing this. It would be super hot. One would do it and suddenly they would all be doing it. Watches, handbags, shoes, whatever
This is one of the few usecases of crypto that kinda make sense. If those certs were on a blockchain, Rolex could fold and people in the future might still be able to check for authenticity.
There's more steps involved that I'm not sure could be solved, like, who controls the authenticity Oracle? Is it an API that gets pinged? Do you have to pay a gas or network fee to check authenticity? Could a smart contract be made to automate the work? Maybe it could work like credit card chips, which give out a one-time code to the retailer, who then gets it checked by an online service... except somehow replace the web API with a smart contract.
For larger scale operations, tagging individual items with NFC chips might be cost prohibitive.
So the idea would be to create a giant file of every Rolex transaction made in the future. And then search through that file for a given NFC tag to determine authenticity. Doing all of this in case Rolex goes out of business and can no longer maintain a hypothetical authenticity server?
Couldn't agree more. Supply chain verification is inherently authority-based... if only at some point in the creation of the internet we had invented a system for verifying authoritative claims on things ;) Not to mention that with certificates... Rolex can totally disappear into the wind, yet you can still verify the certificate provided you know Rolex's root. And all this for <$300M year in mining fees!
>Rolex could fold and people in the future might still be able to check for authenticity.
That's why I mentioned distributing the file over IPFS so that it could be easily backuped by anybody forever. If eventually there's no longer any interest in this database it could be lost to bitrot of course, but this is also true of blockchains.
> Rolex could fold and people in the future might still be able to check for authenticity.
Well, what if Rolex folds and sells their private keys, and an unscrupulous buyer then starts minting Rolex NFTs for fake watches? What if this happens surreptitiously, and not out in the open?
Further, it's far more likely at the moment that Rolex will exist 50 years from now than that Ethereum or Bitcoin will.
The problem with traditional authority models is that the authority may disappear or be subverted. In regions with unstable governments you cannot rely on the government to keep saying that your house is your house.
This is why I think the really valuable and underserved use case of the blockchain is decentralized identity. You can prove you are who you say, you’ve studied where you claim, you’ve worked at the places on your resume, and do this in ways that cannot be subverted or lost. This would be invaluable for refugees who often struggle for months or years with proving they are who they are.
For people that live in stable countries with reliable governments and strong enforcement of contracts this does not provide much value however, and I think this is why this subdomain of web3 remains underserved.
> This is why I think the really valuable and underserved use case of the blockchain is decentralized identity. You can prove you are who you say, you’ve studied where you claim, you’ve worked at the places on your resume, and do this in ways that cannot be subverted or lost. This would be invaluable for refugees who often struggle for months or years with proving they are who they are.
That's a very interesting use case, but it's hard for me to see exactly how this can be made to work.
Suppose you study at the National University of Unstabilia, which is located in a disaster-prone and conflict-riven environment. You complete your B.A. there, and you get the NUU to record this fact on a public blockchain.
A few years later, things are really bad in Unstabilia, so you move to Belgium. After you arrive there, you tell someone (maybe a prospective employer?) "hey, I'm Joeri, I'm a refugee from Unstabilia, and I have a B.A. degree!". For some reason this person is skeptical, so you say "it's OK, just look up the blockchain record with the following hash!".
Sure enough, the public blockchain contains an entry reflecting that someone named Joeri did, indeed, earn a B.A. at NUU a few years back. This is great, because maybe
* Unstabilia City was mostly destroyed in an earthquake, making it hard to contact people there, and many of the people who would have known you during your studies have likely died or become refugees themselves; and
* Lately, the new NUU administration really hates your ethnic group, so much so that it prefers to deny that people of your ethnicity were just recently widely represented among its student body; and
* Many of NUU's records were previously lost in a fire; and
* Before that, someone reputedly hacked NUU's computer systems and stole all of their records, and probably all of their cryptographic keys.
But thanks to the blockchain records, your new Belgian friends can still confirm that you actually studied at NUU, right?
But, how do they know that that record is really from NUU? How do they know that NUU really exists? How do they know what its signing keys were, and how long they remained under the university administration's control? How do they know whether it's a legitimate university? And, maybe most significantly, how do they know that you're the same Joeri who earned that degree back in the day, as opposed to some other Joeri? Are these records including some kind of digitally signed biometrics?
> But, how do they know that that record is really from NUU? How do they know that NUU really exists? How do they know what its signing keys were, and how long they remained under the university administration's control? How do they know whether it's a legitimate university? And, maybe most significantly, how do they know that you're the same Joeri who earned that degree back in the day, as opposed to some other Joeri? Are these records including some kind of digitally signed biometrics?
Asking blockchain to solve those problems is a bit ridiculous. Those are problems that need to be solved in any system, and are solved enough in many today. For starters, its not hard to archive your signing keys somewhere safe and public, especially on the blockchain - the group of Universities and employers who care about that validity will have some central organization in identifying that archive.
The issue being discussed is putting college degrees on the blockchain such that viewers can be sure they are genuine and robustly hosted without tampering - no revocation.
The blockchain solves the last two, but if your conception of them is as a magical technology that can solve every issue by virtue of hosting data then you're going to be a dissapointed simpleton.
Your core issue is that colleges are a centralized institution which decide who gets rewarded - that's what it boils down to when you say "all the value" is in trusted authorities issuing things. For starters that's a ridiculous assumption that trust is still necessary for value, but more importantly stating that blockchains are useless because they cannot replace colleges is disingenuous.
My problem with blockchains as the proposed solution here is that they solve none of the hard problems, introduce some new problems, (and no they are not an irrevocable record (as if that were even desirable), look up the DAO Hack or Bitcoin Cash fork and they certainly aren't proven to be permanent or reliable) and removing them would make the solution simpler and cheaper - the essential problem here is trust, not recording and sharing data.
You have not demonstrated any added value, and the straw-man insults sprinkled with spelling mistakes do not help persuade.
Yes I am straw-manning when you've built your original critique off a single niche use case (I believe the progenitor even used the phrase 'what if') and cite failing projects at least attempting to innovate as evidence of the uselessness of a technology which has achieved its original goal and continues on.
Well the example clearly stated an issue of redundancy. Things which can be done off chain which as little trust should be done off chain - that doesn't mean a distributed file storage protocol which runs off some chain and uses economic and cryptographic incentives isn't the solution.
None of that requires a blockchain. The same level of investment in digitization to get all of this info on to a blockchain could be used to publish it to the cloud, secured and authenticated by cryptography.
The blockchain gets you exchange, with completely transparent meditation, in the form of the smart contract / script code.
> In regions with unstable governments you cannot rely on the government to keep saying that your house is your house.
You can say it's your house all you want, but if the new regime sends soldiers to evict you, no amount of evidence that it belongs to you is going to help you.
Do you propose that "all" authorities provide digital certificates, in preparation for the region becoming unstable? If yes, paper certificates already exist, and seem to go missing -- why would it be harder for digital certificates to go missing? Or for the thing that ties one person to their digital certificates?
Or do you propose that authorities in unstable regions provide digital certificates? If yes, how can you trust them, given the unstable nature?
I value thinking about these things, but somehow I still struggle to see where the proposed extra value comes in. Maybe I'm thinking too much in extremes, and the value breaks down in extreme cases.
> I don't see why the IP owners would play ball and accept the loss of control).
The main reason would be if they could make more money on their digital goods by floating them in a large, open, heterogeneous market rather than in their smaller walled-garden. That's what traditional capital markets are good for, and the name of the game here is figuring out how to recreate those benefits in decentralized digital markets.
I am only interested by money aspect of crypto and especially on ability to fund companies easily via labor (actually that worked well in Communism). Will see if central bank currencies will allow for the same. That could be big boost to economy and big hit to VCs so I expect this to come from EU.
All those creator economy apps show that there's a need to democratise economy. I am again tempted to quote hustlers here.
>>Rolex issue a PGP signed CSV of all valid Rolex serial numbers once a month on IPFS and you'd get the exact same security and trust profile without having to involve any "web3" feature?
This doesn't enable real-time transfers of NFTs.
Ideally, the blockchain allows the NFTs to be traded without Rolex relying on another company acting as a trusted third party platform keeping track of ownership, or Rolex itself running its own transaction database. The blockchain is a common open platform for transactions, and that's useful.
> Couldn't Rolex issue a PGP signed CSV of all valid Rolex serial numbers once a month on IPFS and you'd get the exact same security and trust profile without having to involve any "web3" feature?
They totally could. But what’s interesting about NFTs is they standardize this process across all kinds of assets and issuers. Instead of a CSV for Rolex, a Twitter history for an artist, a deed for a house, a rental agreement for an Airbnb, it’s all just one format.
In the past, there’s been tremendous value that’s come out of standardizing stuff, allowing infrastructure and new kinds of businesses to be built on top.
It would be easy to create standards for Digital Asset and Identity so that producers could represent ownership on their servers and allow for trade. The only thing NFTs give you is hosting for this in a logically centralized network. Hypothetically, this allows for operations on different contracts to be composible, but I don't think this happens much in practice.
While it's refreshing to hear critique from someone who actually built something on web3, there are a couple of points where I'd dare to disagree, somewhat.
Particularly, regarding "early days". It really is, still, early days, because there is a lot of complexity in getting all the pieces built. It took years to get overall blockchain going. Then, to understand the need of programmability (smart contracts). Other pieces too: more efficient consensus mechanisms and clever ways to express commitments, decentralized storage, etc. And the space is so far from being done.
Particulary, about servers being clients. This is true today, but it would be wrong to say that nobody cares about it. Ethereum developers spend considerable effort on pushing the idea of light clients, going as far as re-architecturing the way whole blockchain state is stored, so that browsers could actually become fully valid clients, and services such as Infura would become a lot less necessary. This requires cryptographic innovations (verkle trees), client implementations, consensus between participants, etc. It is likely to require 2+ years to get there. Early days.
Another moment I would critique is the clever NFT, that displays different things. Yes, ERC-721 allows any URL as metadata file, so you can put traditional DNS-resolved URL there. But I would struggle to find any "respected" NFT collection that actually does that. Almost every high quality NFT project (Art Blocks, BAYC, so on) has IPFS as metadata URL, and goes as far as to freeze metadata, so it couldn't ever be changed.
Lastly, his discussion about value of decentralization is very valid. Yes, Ethereum developers spend a lot of effort on light clients. Will anyone care to use them? Yes, best NFT collections freeze metadata pointed to IPFT... does anyone care? Success of OpenSea and Binance Smart Chain shows that for many, idealistic goals are irrelevant, as long as money can be made. That's fine. But there are some of us who actually care. Majority has uninteresting goals (money). There are still amazing gems to be found.
Re "early days," servers as clients, etc: There are a lot of very real problems with crypto, and the solution always lies in new technologies. Slow settlement and high gas fees? L2 networks. Limited global TPS? More L2 networks or alternative L1 chains. Wasteful energy use? Proof-of-stake. No connection to real world data? Oracles. Relying on centralized APIs? Light clients are in the works. Can't trust that you'll get an untampered version of the dapp? I don't even know the solution for this but I saw a very complicated flowchart about it, so I assume there is one.
Every layer adding more complexity and more fingers in the pie.
All the while, nothing ever actually seems to get fixed. Like, high gas fees has been a conversation for years and clever people have made dozens of solutions, but everybody seems to still use vanilla Ethereum.
And these problems don't seem to be the usual problems of new technologies dealing with limited feature sets and primitive tooling, these problems fundamentally undermine the whole point of blockchain. It's not like you can only make simple distributed apps and more advance stuff will arrive as the space matures, you literally can't make a practical, truly distributed app at the moment.
The more I learn about web3 the more it seems like vaporware, and the end result will be a bunch of web3-in-name-only, VC cash-grab apps.
I'm sorry, it's difficult for me to find a truly charitable interpretation of this response. But I'll do my best.
Blockchains started very simply. Famously, Bitcoin's whitepaper is just a couple of pages long. Simple systems are nice, but they can't solve every problem. As problems were discovered, solutions were proposed. Most solutions were themselves the simplest solutions to a given problem, so naturally, as new problems are found, new solutions almost always introduce complexity. This is not unique to crypto - see, for example, HTTP, or HDMI…
I can't see a world where this wouldn't happen. Ideas usually start small and simple. Additional capabilities introduce complexity. That is not a bad thing.
Also not a bad thing: people taking different approaches to identified problems. Ethereum saw congested L1 and didn't want to sacrifice decentralization, so they focused their effort on L2. Other developers thought differently, and adopted faster, less decentralized L1s. Great!
> you literally can't make a practical, truly distributed app at the moment
Another issue is that the goalpost is ever-shifting. We have truly distributed apps. Because they were successful, they got used, and on one particular L1 that meant expensive competition for block space. Does that make the achievement invalid? Or does the fact that most popular browsers currently don't have built-in integration with ENS and IPFS, allowing for decentralized frontends, also make the effort invalid?
Again, I struggle with truly charitable interpretation of your argument.
> This is not unique to crypto - see, for example, HTTP, or HDMI…
HTTP and HDMI provided actually useful things to regular people despite their shortcomings. Crypto has been solving technical problem after technical problem for over a decade but has yet to offer anything useful to a non-enthusiast.
> Another issue is that the goalpost is ever-shifting. We have truly distributed apps.
And the only thing they are useful for is moving crypto around between enthusiasts. "Make something useful for regular people" should not be difficult goalpost for something that claims to be world changing.
>Crypto has been solving technical problem after technical problem for over a decade but has yet to offer anything useful to a non-enthusiast.
This is too dismissive of Crypto. I’m not a crypto bro but Bitcoin did actually solve a real problem: a completely digital decentralized immutable record. I hesitate to call it a currency, but it created something that was digitally scarce . The economic value it created can be seen in the Silk Road or in ransomware.
At one point the internet was also a problem looking for a solution too so I don’t think it’s a fair criticism of the technology.
> Bitcoin did actually solve a real problem: a completely digital decentralized immutable record.
That doesn't describe a problem though, it describes a technical solution.
> I hesitate to call it a currency, but it created something that was digitally scarce.
My comment was about web3 really and the associated hype, not so much cryptocurrencies themselves. I agree there's something there, though not entirely convinced it won't always be illegal sales or scams.
> At one point the internet was also a problem looking for a solution too so I don’t think it’s a fair criticism of the technology.
I see this repeated a lot but it's just not accurate. E-mail was invented within like 2 years of the internet and immediately allowed universities to exchange messages with one another. It doesn't take a networking enthusiast to see the value in sending a textual message instantly across the globe. Meanwhile I've never seen even a description of a web3 product that doesn't rely on architecture or politics to explain why it's useful.
As a non-enthusiast I agree with your points. I’ve heard a lot about cryptocurrencies since 2010 and I’ve never had a need to use them. Paying for goods or services on a black market might be a valid use case, but I, like vast majority of people, have never needed to do that. Smart contracts sound like an interesting concept, but again, I don’t really have anything in my life that could use them in the foreseeable future.
> That doesn't describe a problem though, it describes a technical solution.
I'll present a problem that that solution solves. That cryptographically backed record establishes a closer approximation to the abstract idea of "ownership" than anything has before.
I was a pretty naïve first-time home owner in that I was surprised to learn about something called "property tax". "property rent" would be a better description, since its not a one time fee (like most taxes) but something you have to pay to a government entity in perpetuity. Don't feel like paying it? You get booted off "your" "property".
Title theft and fraud are also a thing, and we even have "title insurance" to help mitigate falling victim to it.
Neither of these things is possible on a cryptographic blockchain (eviction or theft). Ownership of the NFT cannot physically be altered without the owner's volition. Establishing a link between the NFT and the underlying asset is certainly a problem, but it's not one that blockchains are attempting to solve.
I'm sorry, I still don't get it. What is the problem with a house ownership that crypto would solve? Would it eliminate the property tax? Would it eliminate an eviction if I don't pay the property tax? Would it eliminate one type of ownership fraud without introducing a new type of ownership fraud?
It doesn't need to do much else to be obviously beneficial. Keep in mind that once upon a time the entire internet functioned without https. I have no doubt many of the same arguments against crypto(currency, tokens) were also made against cryto(graphy) not long ago. A vast majority of users of cryptography still subject themselves to side channel attacks (stupid passwords, phishing) and yet somehow still benefit from the existence of https without even realizing it.
Since a lot of people still get hung up on the need for a link between an NFT and an underlying asset, consider that we somehow establish the exact same kind of link between a fancy piece of paper (a title) and a plot of land. If you forewent some of the (imo misled) notions that blockchains need to be 100% "trustless" and decentralized, and you JUST upgraded your county's title database with a blockchain, and you accepted that various forms of government are going to have to enforce a lot of it, hopefully it is evident how (1) (2) and (3) above now go away or at least change significantly.
Only if the authorities ceded their power to the blockchain, in which case this situation is unlikely to arise. If the sovereign power in the area says you don’t own it, a record on someone else’s computer doesn’t matter much.
By replacing it with electronic fraud, which is much easier to do at scale and harder to disprove. If a good phish / zero-day gets you a house’s worth of money, even more people will try it.
It only solves the question of transfers, possibly but currently not at lower expense than your local government. It doesn’t solve the analog problems which are the most important reason to have title insurance, such as surveying errors, and you also have new problems like the possibility of someone claiming a malicious transaction years ago.
> Only if the authorities ceded their power to the blockchain, in which case this situation is unlikely to arise.
Great! Let's do it. It might take a few thousand years but this doesn't represent a problem with blockchain technology. The authority can and should still be around to enforce the blockchain, but they should still have to respect it.
>By replacing it with electronic fraud, which is much easier to do at scale and harder to disprove. If a good phish / zero-day gets you a house’s worth of money, even more people will try it.
This is an argument against electronic records, not blockchain specifically. They are side channel attacks.
> and you also have new problems like the possibility of someone claiming a malicious transaction years ago.
What do you mean by this? Maybe an example would help.
> This is an argument against electronic records, not blockchain specifically. They are side channel attacks.
What makes it a blockchain problem is removing the safeguards. If you are saying the blockchain is an immutable record controlled by individual private keys, you are saying that any mistake is permanent. If you allow corrections, you don’t need the expense of a blockchain.
> > and you also have new problems like the possibility of someone claiming a malicious transaction years ago.
> What do you mean by this? Maybe an example would help.
I go to buy your house. You show me the chain saying you own it. A month later, someone says you phished their grandfather who was in hospice (or that the transaction was made by a spouse without approval, etc.) and now there’s a dispute about whether the transaction was authorized. Traditionally this is handled with third parties who can confirm that, say, they had everyone in the same room and checked ID. Moving to a model where access to a private key is all that matters requires similar solutions before you can say it removes the need for title insurance.
> What makes it a blockchain problem is removing the safeguards. If you are saying the blockchain is an immutable record controlled by individual private keys, you are saying that any mistake is permanent. If you allow corrections, you don’t need the expense of a blockchain.
That makes sense. I think the need to correct mistakes, and mistakes I concede will definitely happen, is debatable. There are benefits to some for correcting mistakes and costs to some for it as well. Figuring out whether the benefit exceeds the cost is way out of my scope.
> Moving to a model where access to a private key is all that matters requires similar solutions before you can say it removes the need for title insurance.
You're right, and I was careful not to say "all" of the needs for title insurance.
I think its worth considering the possibility that not being able to correct even that emotionally charged dying grandfather case, and instead seeking recompense between the two parties most directly involved in the crime (the grandfather and me in your example) is OK. For example, I'm now required to purchase a newly minted and desirably worthless "restitution" NFT from the grandfather for the price I sold the house (or the market value, or w/e is fair), or I go to jail. If we try to backtrack the whole transaction, you are now probably being harmed as well. Is that really better? What if we figure this out 10 years after the initial sale, and the property has changed hands 5 times already. Good luck rolling that back.
Edit: I have just started reading the bitcoin whitepaper and at least half of the introduction is about the possible benefits of the irreversibility of transactions. https://bitcoin.org/bitcoin.pdf
Looking at this thread it's not clear if any one of the 3 examples you provided (civil forfeiture, title fraud, need for title insurance) would benefit from crypto technology today, and it's not clear if they would ever benefit from it (3 thousand years from now is not a good argument).
I hope you realize how unconvincing all this sounds to a non-enthusiast. Without a killer application (like email for the internet) I'm afraid crypto isn't very useful, and it's been 13 years without a killer application.
What exactly isn't clear? How cryptography works / benefits people? How applying cryptography to ledgers and ownership databases works? Or how it's all going to be enforced?
By the way I'm not pro crypto in that I'm not trying to convince people to put money into it. I think the energy costs of all crypto token systems are prohibitively high right now. That, and the deflation problem I personally think are the biggest unsolved problems in Bitcoin right now.. But somehow I can't even get past what a cryptographic ledger is and how it's beneficial on this forum, of all forums. Yikes.
I've been patiently explaining my understanding of the ideas behind crypto. 3Blue1Brown seems to be favorably received on this forum, so maybe this will help educate you: https://www.youtube.com/watch?v=bBC-nXj3Ng4 NFTs are a natural extension of a cryptographic ledger as it's explained in that video. It's just adding non fungible tokens to the otherwise fungible bitcoin tokens being exchanged on the blockchain, and we'd like those non fungible tokens to represent real world objects, rather than just USD.
Aside: I feel like we're in the dark age of cryptocurrencies right now. People are just incredibly unimaginable. I imagine 7,000 years ago there was a guy named Bob who wanted to trade his apples for some oranges. A girl named Alice wanted some apples but didn't have any oranges so instead she offers a piece of gold jewelry. Most of the Bob's on this forum would tell her to ** off. But there was some Bob who accepted the gold jewelry realizing he could then exchange that jewelry for Tom's oranges. Suddenly we went from a barter society to one that uses a currency.
Eventually we stopped using gold as a currency and started using slips of paper with lots of fancy counterfeit protection mechanisms like blue and red threads and fancy inks. Along comes cryptocurrency with mathematically provable counterfeit protection mechanisms, and no one sees the benefit. I just don't get it.
It's very clear how cryptography benefits people. We are not discussing that, we are discussing cryptocurrencies and blockchains and cryptographic ledgers. And we are not looking to explain how all that works, because first we need to identify real world problems which would be solved by those technologies, and yes, somehow you can't get past how they are beneficial. You have provided three examples, but others have questioned whether crypto would solve them, and I don't believe you have provided adequate arguments to defend your position. It was fairly easy for me to understand the motivation behind cloud computing, or stock market, or credit cards. Blockchains originally sounded like it might be something as significant. Yet many years later nothing particular useful has materialized. And it's not even clear if it ever will.
> and I don't believe you have provided adequate arguments to defend your position.
We'll have to agree to disagree then. Maybe a more relatable and simpler problem would help, this one exclusively with cryptocurrency (no NFTs):
I can print a piece of cotton/paper that looks like a US dollar bill, manipulate it and with enough effort make it look convincing enough to fool someone in to thinking its a real dollar, then go to the store and exchange it for some good. I simply cannot do that with a Bitcoin.
If you want to debate whether or not fabricating a dollar bill out of something significantly less valuable than a dollar bill is a problem that needs solving, find someone else.
If you want to debate whether or not you can fabricate a Bitcoin out of nothing, you're now entering the realm of theoretical mathematics. I am not an expert in that, but the crypotgraphy and cryptology classes I took as an undergrad ~15 years ago were good enough for me to trust it.
If you want to debate whether that singular problem is worth a system like Bitcoin, you're probably on to something but it seems like we haven't gotten to that point yet.
> I can print a piece of cotton/paper that looks like a US dollar bill, manipulate it and with enough effort make it look convincing enough to fool someone in to thinking its a real dollar, then go to the store and exchange it for some good. I simply cannot do that with a Bitcoin.
This is true but rare because it’s harder to do than it might seem and the U.S. Secret Service is quite good at shutting down counterfeiters. This costs less as a fraction of the economy than operating the Bitcoin network does, and it still provides true anonymity.
Thank you. All I was looking to do was convince someone that crypto does indeed provide a theoretical benefit, so that the conversation could evolve from "crypto SUCKS, and it doesn't do ANYTHING GOOD, and its a SCAM (read: I lost money speculating), and I DON'T LIKE IT", to: are the problems that crypto solves worth the costs.
Other problems/solutions aside, there is probably some gas fee that would make crypto worth it just for anti-counterfeiting. Do you have any sources for a numeric estimate on what counterfeiting costs the US economy?
Yes, counterfeiting is a problem. But just to clarify, to solve it - are you proposing we replace US dollar with bitcoin? If you are, have you thought this through? Has anyone? Do you think this will happen in the foreseeable future?
Thinking this through is exactly what I want the conversation to be about. I'll help you out:
[2006] "Counterfeiting of the currency of the United States is widely attempted. According to the United States Department of Treasury, an estimated $70 million in counterfeit bills are in circulation, or approximately 1 note in counterfeits for every 10,000 in genuine currency, with an upper bound of $200 million counterfeit, or 1 counterfeit per 4,000 genuine notes.[1][2] However, these numbers are based on annual seizure rates on counterfeiting, and the actual stock of counterfeit money is uncertain because some counterfeit notes successfully circulate for a few transactions."
(source: https://www.treasury.gov/about/organizational-structure/offi...)
I think Bitcoin representing the totality of USD is infeasible, but there may be some adjustments or optimizations to the transaction costs associated with it that make a new currency seem more reasonable (no less scary, certainly, but fright is an emotion and economics is mathematical).
(edited quote to be more relevant to cryptocurrency specifically)
> That makes sense. I think the need to correct mistakes, and mistakes I concede will definitely happen, is debatable. There are benefits to some for correcting mistakes and costs to some for it as well. Figuring out whether the benefit exceeds the cost is way out of my scope.
> This reminds me of another problem that I've I haven't seen mentioned yet. https://www.newyorker.com/magazine/2021/12/13/half-a-billion... In a fixed supply cryptocurrency like bitcoin these kind of losses will inevitably lead to deflation.
This to me is the big question: you could solve a lot of these by introducing trusted third parties but once you've done that it really raises the question of whether you need the full blockchain level of processing overhead or some kind of distributed ledger. Lots of people have been in situations where they were mugged, an elderly and/or impaired family member made a mistake or was taken advantage of, etc. and they were able to recover by proving this to a bank or similar institution. It can be painful but it's an important option to have for most people and I think that's going to be a key impediment to people trusting a system. I do this professionally and I'm not sure I'd want to commit to something where someone who gets my private key with a zero-day can do whatever they want.
> The authority can and should still be around to enforce the blockchain, but they should still have to respect it.
Why?
I’m serious, by the way. This seems like the same sort of thinking I see in supporters of various anarcho-x-isms, where whichever x is substituted in, it is somehow retained despite the anarchy.
You might like the shiny new thing, but anyone whose job it is to enforce the things shiny does, can do that at much lower cost by using the current mechanisms instead of the shiny.
Because that cost is, at least theoretically, offset by additional benefits. I'm not arguing in favor of reduced authority. People seem to conflate decentralization with anarchy.
I'd like to know that when I sell something on Craigslist, the currency I'm receiving for my good isn't counterfeit.
I'd like to know that when I receive $50 on Venmo/Paypal out of the blue:(https://www.reddit.com/r/personalfinance/comments/q60vnv/ven...) I don't have to wonder whether that $50 is legitimate, or about to vanish when Venmo realizes they got scammed. Better hope you didn't send the $50 back to the scammer, because somehow your transaction is more "authentic" than the scammer's, and Venmo's still going to disappear $50 from your account.
Oh and if someone writes me a fraudulent check and I cash it out, I'd better have some lawyers ready.
> People seem to conflate decentralization with anarchy.
Heh, I’m sorry I guess I phrased that badly. I’m saying there is an authority in all anarcho-x-isms, one which proponents ignore.
My intention was to suggest an analogy of that hidden authority in blockchains, in that everything blockchain can do, can also be done cheaper by having a trusted party do the conventional stuff, and in some cases — such as legal disputes, where you have to bring in a trusted mediator — you end up with all the weaknesses of both the conventional approach and blockchain.
We all would, but blockchains don’t prevent that. If anything it makes the problem more likely, because the current status quo is reversible in a court when sufficient evidence is supplied, but in the blockchain, possession of the private key is ownership.
Private keys get lost and stolen all the time even for relatively trivial things; in the case of property ownership, even if the private key is permanently offline — e.g. existing only in the form of a QR code on a sheet of paper in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying “Beware of the Leopard” — for something as valuable as property, you can bet it would be stolen.
> I'd like to know that when I receive $50 on Venmo/Paypal out of the blue:
To which the direct counterpart is: what happens on a blockchain if you get scammed and want your money back? Do you really want the authorities to do what the blockchain says, or do you want your money back?
>To which the direct counterpart is: what happens on a blockchain if you get scammed and want your money back? Do you really want the authorities to do what the blockchain says, or do you want your money back?
I think you're misunderstanding this particular example. If someone sends me ~$50 BTC out of the blue and then somehow contacts me to say "oops can I have that back?". There are only two options with a block chain: (1) I send it back or (2) I'm up $50. With Venmo, and this has happened to people, there's (3) I send the $50 back, but the original $50 was from a pending deposit that was fraudulent, so Venmo decides I owe Venmo $50, and now I'm down $50, the thief is up $50, and Venmo is square.
This will probably come as a tremendous shock to a lot of people in this forum but Venmo is going to look out for itself before it looks out for you. There are many cooperative scams (of multiple people vs Venmo) and it is not always easy for Venmo to determine exactly what is going on or who is scamming who.
Replace "Venmo" with "Coinbase" and you could have the exact same scenario in the future. "Oops, sorry we messed up, the fraudster's transaction got rejected and he didn't actually send you $50 in BTC like we said he did. What, you already initiated a payment of $50? Tough luck".
This is a Venmo problem, not a "fiat currency" problem.
I agree that it is a "Venmo problem", but more broadly it is a "human controlled/authority financial system problem". I do think something analogous could happen with Coinbase, particularly because your interactions with Coinbase require the use of centralized financial systems (bank account info or credit card info). I also think Coinbase holds and can access your private key. Correct me if that's wrong.
What's more important is that you aren't required to use Coinbase, or even anything like it, to use cryptocurrency. In fact sites like Coinbase defeat at least some of the point.
> you aren't required to use Coinbase or even anything like it, to use cryptocurrency
That's a purely academic argument; It's like saying that "you aren't required to have a Visa or Mastercard card in order to make purchases online". Technically speaking that statement may be true, and you may even find hermits that don't have a card... but, in any practical sense, everybody does, and that's how they do their online purchases.
> you may even find hermits that don't have a card... but, in any practical sense, everybody does, and that's how they do their online purchases.
It never stops. :( A person's tiny subset of experience is rarely indicative of anything but that, a subset. I conduct every transaction I can via credit card for two reasons: cash back and protection via the ability to revert fraudulent transactions. But I also have known rational, "techy" (SWE) people who refuse to use them. And I know way better than to attempt to project my experience on "everybody".
I mentioned "in every practical sense" - I'd bet that those that don't have credit cards don't do online purchases either, in the vast majority of cases (>95%). But indeed, that's true in the western world - I might be worng for Africa and Asia/China where mobile-only payments are more prevalent.
France is an example of a western country with < 50% prevalence according to that site. I think you might still be biasing your estimates (the 95%) due to your own experience.
Amazon.com, for example, accepts checking accounts and retail purchased gift cards for US residents.
It’s not a misunderstanding per se, rather I’m saying there are other scams besides the one you’ve listed, specifically ones which have basically the same effect, but if you follow the blockchain as word-of-God you they’re not fixable, and if they’re fixable you’re not following the blockchain.
The reason I started listing problems that I think crypto solves is because it seemed like many people were either not aware of or not acknowledging the existence of them. This was leading to lots of misinformed discussion. I'll summarize what I think are my least controversial conclusions, primarily for my own sanity.
Cryptocurrencies have the following benefits:
- No one (authority or otherwise) can seize assets that exist and belong to you on the blockchain, from the blockchain, without knowing your private key. People can seize your assets only outside the blockchain. People can lay claim to your assets inside the block chain, and attempt to coerce or induce you to transfer them, but they can't do it themselves. How useful can that be in practice? I don't know and am not discussing it. It's a discussion worth having, but only if people truly understand and acknowledge the prior statements.
- Some subset of all scams, namely those involving reverted and repeated transactions, become impossible. Because by definition blockchain transactions are "non-reversible" and prevent "double-spending". (control F either quoted term: https://bitcoin.org/bitcoin.pdf)
- Counterfeit is impossible (ex: you cannot fabricate a bitcoin out of nothing).
Cryptocurrencies have the following drawbacks:
- Immense energy consumption.
- Increased complexity over almost every existing financial system.
- A propensity to attract scammers that build scams on top of or around blockchain technology (but with a few notable exceptions, not IN it).
- Mistakes can't be fixed by an authority. They have to be fixed through the cooperation of all those involved.
>In the digital world, everything can be copied. There is no ownership.
Actually I think you've got it backwards. In the physical world, molecules are fungible. I can take one carbon atom out of the Mona Lisa painting, replace it with some different carbon atom, and most people would call it the exact same Mona Lisa. Maybe one day an atom-level reproduction of the Mona Lisa will be possible. The whole point of the Non Fungible in NFTs is that they are mathematically not interchangeable.
I'm getting philosophical now but I'd argue ownership in the physical world is inherently flawed, to the point that "ownership" is a meaningless ideal. You are extremely limited in your ability to affect various forms of matter in the universe. This includes affecting matter in a way that most people would think represents "ownership", for example transporting some good from one location to another location that we'd say puts it in your "possession". Some individual can come rob you. A government can seize your assets. A meteor can annihilate the planet. And there is next to nothing you can do about it.
But you have supreme power to affect the data that is associated with your wallet on a cryptographic ledger (subject to another person/wallet that you are engaging in transactions with), as long as your private key is truly private, and as long as cryptography is mathematically sound. I think that's kind of cool.
This strikes me as a very strange argument. If physical ownership is moot because we don't have ultimate control over physical reality (at least, not to the point of bossing giant meteors around), why does that not also apply to the physical interface to the systems that allow a more "pure" form of ownership?
You have supreme power "as long as your private key is truly private", but that is obviously impossible. At minimum, your key must be known to at least one device that you did not design and don't fully control - the one signing transactions on your behalf.
Let's suppose that you completely eliminate all supply chain issues by building your own hardware wallet from a box of scraps in a cave or something. Congratulations! You have now embedded your "supreme power" in a physical object, and your ability to exercise control depends entirely on the model of physical possession and ownership that you have declared unsound. Hooray?
> why does that not also apply to the physical interface to the systems that allow a more "pure" form of ownership?
Maybe it does. My argument is that the best we can possibly do wrt "ownership" is this mathematical ideal. Maybe a more natural conclusion from this argument is that ownership of any form is moot. The optimistic interpretation of this is that one day we'll end up in some kind of star-trek-esque universe where no one wants for anything. The pessimistic interpretation is that we are all ultimately slaves to the powers that be.
> at least, not to the point of bossing giant meteors around
Completely aside, I realize you are just using my own example here, but this made me chuckle because after I wrote what you are replying to I learned of https://www.nasa.gov/planetarydefense/dart
> Ownership of the NFT cannot physically be altered without the owner's volition.
Yes it can, if something nefarious happens - phishing, an account hack, etc. As soon as the account changing the record is compromised (e.g. NFT owner account), the NFTs are gone with no central authority to get them back. E.g. https://www.vice.com/en/article/qjb4nq/investor-says-bored-a...
The real estate example is interesting, how does changing a record work? Does the home owner do it, or some central authority?
Finally an interesting problem. Off the top of my head I'd guess you'd issue a new token to executor of the estate and establish that token as representative of the underlying asset rather than the original token.
If that can be done, can it be done through other processes? Like eminent domain? failure to pay property taxes? divorce settlements? property lien?
If a title-token on the blockchain can be changed through external systems that don't involve the transfer the title-token itself - saying that the old token is no longer valid, this new one is the valid one, how does the blockchain protect against title theft or fraud?
If there is the ability to mint a new title-token for a given property, what's the point of it and what advantages does it have over the existing records?
I suppose it could work a little bit like freezing your credit report. There is a school of thought that a credit report should be frozen by default (to deter identity theft) and only unfrozen for certain major events.
So with crypto, you could get benefits analogous to a default-frozen credit report, plus the ability to do some transactions, and would only "unfreeze" (ie give up the protection of crypto) for these rare, ultra catastrophic events such as loss of life, loss or compromise of private key.
> If that can be done, can it be done through other processes? Like eminent domain? failure to pay property taxes? divorce settlements? property lien?
So no it wouldn't be done for any other processes. You can still attempt to induce transfer of assets (there is still a legal and punitive system). But "ownership" now has a stronger meaning.
There absolutely could be rent/tax as well. Say you had to interact with a smart contract to do things with your title. That contract as well as having fees to execute at all can also take a cut. This is quite common already.
I used the example of property tax to challenge the idea that I had (and assume a lot of people have) of "ownership".
With blockchains, you own an NFT. Period.
With literally every other form of ownership in this world: You own things subject to your adherence to laws and rules, and your trust in the person or entity at the other end of your transactions, and various other people/entities involved in the transaction.
The difference is actually quite subtle, but still important.
What you say of NFTs isn't true. You could absolutely be legally compelled to transfer an NFT. All the blockchain makes trustless is the transaction. You know that the person sending you tokens in exchange for your NFT can't pull a fast one mid-transaction. Outside of that your ownership is still only as firm as your ability to defend it. As we see from everything from rug-pulls, NFTs being stolen and markets (with by far the most significant volume) banning them.
Being compelled to do something legally (do this or go to jail) and having it spontaneously happen to you without your consent or knowledge (a government entity gains access to your checking account and you lose access to it) is still a distinction worth making in my opinion.
I thought the idea underlying all of crypto[currency/graphy/whatever] is that as long as you have exclusive access to your private key, you control what happens to your information.
> I see this repeated a lot but it's just not accurate. E-mail was invented within like 2 years of the internet and immediately allowed universities to exchange messages with one another.
But it is true. It is pretty clear that "Internet" in this context means "ARPANET", built in 1969. First email was sent over ARPANET in 1971.
ARPANET was built to solve a very real and clearly defined problem - connecting computers over a shared network. Here's the original problem statement:
For each of these three terminals, I had three different sets of user commands. So if I was talking online with someone at S.D.C. and I wanted to talk to someone I knew at Berkeley or M.I.T. about this, I had to get up from the S.D.C. terminal, go over and log into the other terminal and get in touch with them.... I said, oh man, it's obvious what to do: If you have these three terminals, there ought to be one terminal that goes anywhere you want to go where you have interactive computing. That idea is the ARPAnet.
But still, the point is that even ARPANET solved real problems: instant message exchange in text form, without the need for specialized telegraph operators, is a real problem with real value for anyone who can afford it - even at the scale of ARPANET.
>> Bitcoin did actually solve a real problem: a completely digital decentralized immutable record.
> That doesn't describe a problem though, it describes a technical solution.
The problem is that we can't seem to form consensus in a world inundated with technology. Bitcoin and other chains have shown that you can create a state that reaches consensus under specified rules that are enforceable by computation and not violence.
Yes it has many problems, and the consensus is limited to the blockchain "world", but I envision a future where block chains can be valuable "truth" layers to the computation stack that society operates on.
>1. The internet was a solution to a very specific problem. Go and educate yourself on what ARPA was doing, will you?
In the same way the original Bitcoin paper was a solution to a very specific problem. I was referring to the amount of useless companies that were created during the original dotcom.
>2. Crypto peddlers keep equating cryptocurrencies to the internet. And never ever equating it to Juicero or Enron even if all signs point to that.
Not sure what this has to do with my comment. My comment was specifically there is a decentralized solution to do commerce that is powered by crypto. To pretend that this doesn't exist is absurd. NFTs, and Defi are literally just asset speculation but at the very least there was a platform that transacted billions of dollars on top of Bitcoin (Silk Road). I can't say that Juicero ever created a million dollars of value for its customers.
> I was referring to the amount of useless companies that were created during the original dotcom.
No, you weren't. You literally said this: "At one point the internet was also a problem looking for a solution too"
At no point was the internet a problem looking for a solution.
> >2. Crypto peddlers keep equating cryptocurrencies to the internet. And never ever equating it to Juicero or Enron even if all signs point to that.
> Not sure what this has to do with my comment.
It has everything to do with your comment. Under an article criticising web3 you immediate response was to draw comparisons with the internet. All cryptopeddlers always draw comparisons between crypto and the internet. Or crypto and cars. Or crypto and some other world-changing invention.
And never ever do they draw comparisons between crypto and Juicero, crypto and Enron etc.
> My comment was specifically there is a decentralized solution to do commerce that is powered by crypto.
There is no such solution.
> at the very least there was a platform that transacted billions of dollars on top of Bitcoin (Silk Road).
1. I very highly doubt there were billions of dollars traded on SilkRoad
2. SilkRoad relied on a very centralised reputation system even as merchants there accepted bitcoin
3. All bitcoin "solved" was moving money for illegal activities, but not "commerce". Because actual commerce requires institutions of trust (even SilkRoad had a reputation system). And for legal activities it also needs reversebility of transactions and enforcement of rules.
Juicero was something nobody wanted – clearly not true of crypto.
Enron was a deliberate fraud where things were faked – certainly true of many (most?) crypto projects, but not true of the underlying technologies (Bitcoin, Ethereum, etc) and therefore not even close to being true for all projects in the space.
Equating crypto to Enron is like equating Enron to the stock market – "the stock market allowed Enron make money off their fraud, therefore we should get rid of the stock market".
People thought other people wanted Juicero enough to invest $120M into it, but they were wrong. People actually want crypto, for various reasons.
You're not going to get many people agreeing with you on the removal of stock markets, and therefore I think that conversation is outside the scope of this conversation about crypto.
"Successful" is an ambiguous descriptor. What do you have in mind when you say that? From where I sit, ENS and IPFS are unambiguous failures. Do you disagree?
> it's difficult for me to find a truly charitable interpretation of this response
> I struggle with truly charitable interpretation of your argument.
It’s the same for everyone when they come across a comment they don’t like. No need to tell us, just make your reply and everyone else can determine for themselves whether the response was charitable.
"All the while, nothing ever actually seems to get fixed."
Meanwhile, Bitcoin just works, and it is fairly easy to understand.
Every once in a while I try to get excited about Ethereum. They really do seem to think about a lot of interesting things and try to address them. But at the end of the day, it all just seems way too complex.
As for NFTs, I think they could just be colored coins on the Bitcoin Blockchain, which would also be easy to understand.
I’m sorry but to clarify a few points here, Bitcoin “works” technically, and it works as a speculation and black market vehicle. It has not replaced the US dollar. I don’t see people having a need to use it when shopping groceries, paying for concert tickets, etc even when the option to do so is there.
The comment I was replying to was about technical problems, like high gas fees.
You can use fiat for speculation and black markets.
It would be weird to define "crypto works" as "people have to use it for shopping". It would be nice to be able to use it with more shops, but that is another matter. I know people who keep their savings in crypto and pay with credit cards that are backed by crypto.
Whether you "need" for example becomes an ideological question. If you agree with governments monetary politics, I guess you don't need it.
I don't buy the early part either, but "3 years into the internet we had emails and tcp" is the wrong way to critique it IMO. The "Internet" meaning IP was already the 3rd or 4th (or more) attempt at trying to create a computer networking standard. Predecessors to the internet include: ARPANET, Usenet, FidoNet, BBSes, and CYCLADES, if not more. By the way, Email existed on _all_ of these platforms before TCP or even IP. Usenet used UUCP to transfer Internet Messages (the format used by Email later on). FidoNet had EchoMail. BBSes had their own custom mail message like standards. The Internet also had a direct competitor in the form of France's MiniTel.
In hindsight, it seems like "3 years into the internet we already had emails and TCP", but the seeds for these things had been in the works for a decade plus. It's a testament to the massive success of the internet that we _think_ in hindsight that "3 years into the internet we had emails and tcp".
"3 years into the internet we already had emails and TCP", but the seeds for these things had been in the works for a decade plus
I'm not sure what you mean. Nothing has been in the works for a decade plus in 1971 when the first email was sent - it just two years after the very first internet connection was made. In contrast, it's been 13 years since bitcoins appeared, and aside from a potentially easier way to pay for illegal goods, I don't see any useful applications of crypto technology.
In your other post to my comment you mentioned that "the internet" was referring to ARPANET so I'll use that version of your argument. Electronic mail [1] was already being used on private networks to mainframes 1962. Before that, data messages were being sent over Teletext, so these private networks were just trying to do away with requiring a Teletext printer. Before Teletext, you had telegraphs being sent.
ARPANET was built with the idea to allow remote access to expensive computing resources, mainframes, at universities and government research institutions. This is far from the idea that "the computers of the world should be connected", which is roughly the idea behind the internet. Electronic mail was reimplemented in parallel on multiple different networks. But for a long time, the internet was indeed a solution looking for a problem. Why do Joe and Anu's computers have to be connected together, who cares when they can call each other on the phone or meet in person? I mean, can Joe or Anu even afford a private computer?? Private networks for research or commercial purposes were already in regular use.
> I don't see any useful applications of crypto technology.
I think in your anti-crypto zeal, you're assuming a position I don't have. I don't actually think it's valid to say "cryptocurrency is early". The early computer networks were created at a time when huge monopolies, state-run or corporatist, owned most telecoms networks around the world. It was bound to take time when entrenched interests had interest in maintaining the status quo. I also think that comparing blockchains to the Internet is silly; the Internet is the Internet, blockchains are blockchains. My point here is simply that "we had emails and TCP in 3 years" is plain factually incorrect. The internet as we know it now (a system of networks connected via L2 links that are then bridged using IP/L3 on an IP virtual address space) actually took a long time to be developed. If you're looking for an analogy to show that 13 years is too long for usable innovation, then the Web would be a better one, as the Web legitimately was used within a mere couple years of its inception. I still think making analogy between the Web and blockchains is silly for the same reason I think making the analogy between the Internet and blockchains is silly.
OK, you have a point, I agree that comparing blockchains to internet is not very useful. And I'm not actually anti-crypto, simply because I don't know enough about it or its potential. What do you think, where is this technology going? Clearly a lot of smart people are trying to build something. What are they building?
> What do you think, where is this technology going?
I think the technology is "early" but that is also a risk. If the problems can't be worked out before the space develops a reputation for fraud and malarky, then few people are going to be excited to transact in that space. I think there's potential if crypto can figure out how to switch from PoW to a less hungry algorithm (like PoS) and if crypto can make development easier (deploying and testing smart contracts on Eth is a gigantic PITA which is why there's so many security vulnerabilities in smart contracts), if crypto can address Moxie's criticisms, and if chain fees can go back down to ~ 2016 BTC levels. There's chains like Algorand that show potential but I'm not sure if it's too little too late. Maybe with the amount of investment capital lying around, they can weather the storm, but plenty of otherwise perfectly good technologies have tanked due to too slow execution.
When writing code for a blockchain today, even on an Ethereum L2, you're in a very resource-constrained environment where you end up using bitpacking tricks and the like. That's how it was for early computers, too, of course — they may serve as a better analogy. Programmable computers have taken decades to develop, beginning in ~1950, and I expect that decentralized computation will follow a similar path.
There simply are numerous hard problems to solve to make this all work at greater scale. In a healthy ecosystem like Ethereum's, there are frequent research discoveries (discovery of the concept of data availability, the application of BLS signature aggregation, proposer-builder separation, zkevm, data availability sampling, ...). The software engineering effort required to implement such research is colossal as well. Eventually we'll even see e.g. specialized hardware for efficiently producing or verifying zero-knowledge proofs.
It would be easy to look at the very early computers, which were perhaps not all that useful, and shrug — but that take wouldn't have extended well into the future as the technology scaled.
There simply are numerous hard problems to solve to make this all work at greater scale. In a healthy ecosystem like Ethereum's, there are frequent research discoveries (discovery of the concept of data availability, the application of BLS signature aggregation, proposer-builder separation, zkevm, data availability sampling, ...). The software engineering effort required to implement such research is colossal as well.
Ok, so there is a massive amount of effort to be put forth to
get something out of this, and even then it is still kind of up in the
air what that "something" actually is.
Would it not be prudent to have at least some sort of roughly sketched
map of what all this effort is supposed to bring about? other than
Lambos...
Or maybe ask if we would be better served if all that effort was put
forth in some other direction? Man hours are not a limitless resource.
In the limit, all this effort brings about an artifact that could be thought of as a "magic" computer where:
- Everyone trusts that the computer operates to spec,
- Anyone (or any user interface) can type whatever they want into the terminal and press "enter",
- Anyone (or any other computer program) can read state out,
- The computer has immense amounts of storage and compute,
- Anyone who wants to change the computer's state in some way that cannot be achieved by using the terminal can freely make a copy of the computer with whatever changes they want, and encourage others to use their version instead.
What, one might wonder, would the use be? There are many, many potential uses — it almost boggles the mind — it's kind of like trying to imagine the uses of the internet when it was first invented.
To name one example: you could use this magic computer to operate a VR metaverse, instead of relying on a centralized Facebook one. Failing to do that would lock meaningful sections of our lives into a single vendor whose motivation is profit. Using the magic computer instead would mean that the metaverse would operate according to its predefined rules (which could leave plenty of space for human elections or other forms of collective decision-making), and that if things went awry anyone could try to set us back on track by making a modified copy of the machine and raising awareness about using it instead.
Just like regular computers, this magic computer could also have plenty of negative consequences. It depends on how people opt to use it. I think we'll probably have more luck adopting technology and trying to drive it in the right direction, though — the alternative is widespread Luddism, which might actually be a good idea, but I don't see a realistic path to achieving it.
A lot of folks who are very skeptical of web3 due to its dark sides are probably people who probably have great values and, if they adopted web3, could probably do a lot to improve its trajectory.
> It would be easy to look at the very early computers, which were perhaps not all that useful, and shrug — but that take wouldn't have extended well into the future as the technology scaled.
Early computers solved problems they were designed to solve. So they were plenty useful. Your statement is nonsensical.
Early blockchains have also solved the problems they were designed to solve. For example:
- Bitcoin offers a transferrable store of value which cannot be inflated by governments,
- Stablecoins, thanks to being cross-border, are often used in e.g. Argentina where the local currency is unstable and it's not legal to buy dollars,
- Proof of Humanity + universal basic income has provided extra income to Argentinian people (e.g. heard of someone who was able to purchase a ticket to visit their family for Christmas thanks to crypto UBI),
- Crypto has been used to send remittances to economically unstable places (Lebanon, Turkey, Venezuela)
- Gitcoin has provided public goods funding and advanced our conception of mechanism design,
- Helium has created a new 5G network that people can actually roam onto,
- NFTs have provided a new funding model for artists (who create public goods),
- Zcash and Monero have allowed for fully private digital transfers,
So, the thing is, all of these things fall into two categories.
Either purely technical solutions, or previously solved problems.
For example, IoT scale global 5G networks you can roan into? That's a solved issue already. Same for programming bounties, proof of humanity, UBI, transferrable assets (though Bitcoin is in some ways more transferable) etc...
Others are fully technical problems, like fully private digital transfers.
Others yet are pretty much just temporary workaround. The fact that you can send remittances to Lebanon or Venezuela was never inherently problematic because of the instability of their currency, rather, it's because the government (in some cases other governments) decided to make it more difficult.
If a government wanted to, they could make sending remittances via crypto just as difficult as by any other way.
NFTs as a funding model is not inherently different from the existing comission and copyright system. What NFTs brought was hype, which made people who wouldn't previously comission artwork to now do so. Attesting ownership or transfering ownership of a piece of art with a contemporary author is not more difficult without than with NFTs. Especially because you still need to trust whoever minted the NFT.
There are few, actual, real world problems that have been solved by Web3 tech. I wish it wasn't the case, but it's true.
The fundamental issue is that Web3 tech can't fully replace centralised institutions. So we need to build centralised institutions anyways. If those fail, it can provide some palliation, as long as they don't fail so hard the government tries to fight it. So in the end, it doesn't truly solve any problem in the real world, though it can in some situations act as a Bandaid.
Sure, its useful, but that's temporary. There is no actual fundamental difference between sending crypto and sending fiat to Lebanon, Turkey or Venezuela, it's just a temporary workaround.
> - Crypto has been used to send remittances to economically unstable places (Lebanon, Turkey, Venezuela)
This would be cheaper if you didn't use the crypto part. The reason people use crypto is just that the governments have not yet noticed they're running an illegal money transmitter.
Sure, S3 is also cheaper than torrents. And HTTP/Telnet is cheaper than HTTPS/SSH. But some people do see value in math-based guarantees over those given by governments and courts. And others don't. We need both approaches to keep each other in check.
Isn’t S3 actually expensive because cloud computing platforms charge so much for outbound bandwidth? That’s how they stop you from moving across providers.
On what formula? Because if I have a 500 MB video file and I want to distribute to some tens of maybe even hundreds of people, I don't see S3 being cheaper. Just sending out 500 MB from S3 to the Internet 10 times costs between $0.25 and $0.45.
There's a reason why I didn't touch S3 when I had to transfer up to 1 TB of video content per day to clients.
"Cheaper" for a use-case like hosting static assets for your website/webapp. Torrents have high overhead which only becomes justifiable for big files and high latency being acceptable.
> P.S. the tone of your comment made me a little sad :(
Good. You're trying to hock snake pyramid schemes and claiming it's a revolution. Blockchains are slow and expensive databases. That is it. They have no authority over anything so the only
Cryptocurrencies are burning through the power usage of a small country for bullshit. The worthless shit being "created" is fueled by breathless hype of hucksters looking for the next sucker to trade actual useful money for their Geoffrey dollars.
You're part of a giant scam, or multiple scams. You're listing a bunch of shit which has existing prosaic solutions. You think the blockchain solutions are new and innovative because you never looked into the issues before. Someone came up with a wasteful "solution", slapped the word blockchain on it, and you've uncritically accepted it as some super great thing.
Your comment broke the site guidelines egregiously. Attacking another user like this will get you banned here, regardless of how right you are or feel you are. Perhaps you don't feel you owe people you disagree with better, but you owe this community much better if you're participating in it.
You've also been posting in the flamewar style in other comments too. Please stop doing that. It's not what this site is for, and it poisons what it is for. We want thoughtful, curious conversation here—not people smiting enemies and bashing each other.
It’s extremely disingenuous to say we have “nothing”. The EVM and smart contracts really are amazing technology that I hope any technical person could appreciate, even if they don’t see a practical application.
I think OP was implying something of real world value.
I can see the hypothetical value in decentralized computing/public database.
Certain types of data could in theory be stored publicly, and anybody could build APIs around them. In particular, it would be cool if there was some common protocol and storage format for something like tweets, such that anybody could build Twitter client. Common protocol would especially benefit social media IMO.
We've long collaborated on open source code, but this would be more akin to open source data.
But all that being said, why has nothing real world value oriented materialized yet?
The decentralized experience is worse, and there are privacy concerns around storing certain data publicly, I would guess. Can those problems be solved?
> But all that being said, why has nothing real world value oriented materialized yet?
Because Ethereum was founded by early Bitcoiners to raise bitcoin for themselves, and the technology always came second to the pursuit of self-enrichment. Software projects can never lose their soul. If the soul was rotten from the very beginning, as the saying goes: “garbage in, garbage out”.
I sincerely doubt if any of the inventors of the marketing phrase “web 3” ever thought it would come to this: where their investors are so desperate for yield that they begin taking the term seriously. Not that it matters to the founders of Ethereum, many of whom have long since become secretive Bitcoin billionaires.
The Ethereum project is best described as a series of cynical courtship displays designed purely to bootstrap the “network effect” for their newly created confidence game called ETH, which in 2014 they sold to — to borrow their own legal terminology — “philanthropists” in exchange for “donations”. A process they swore up and down bore no similarity at all to a securities offering.
People not privy to the way cryptocurrency works are shocked to find the various buzzwords hatched by the Ethereum people for their own self-enrichment in the described legacy era of ICOs turn out to be a whole lot of nothing. They shouldn’t be shocked, they should be embarassed for lowering themselves to investing in such a system, or angry if they did so in ignorance.
Well, I fully expect cryptos to implode akin to 2018 in the near future.
There's no tie to real world value... Everything is self referential and only implies value within world of crypto.
I do think there's potential behind the concept of standard protocols for "open source data", but blockchains have not delivered on the premise very well.
It's just one pyramid/ponzi scheme after the other, designed with self enrichment in mind first, as you say.
> The EVM and smart contracts really are amazing technology
Are they, though? What's amazing about them? The amount of overhead per unit of useful work is mind boggling. So much so that a single raspberry pi 4 is 5,000x more powerful than the entire EVM network. And the initial smart contract language Solidity is notoriously poorly designed for the job.
Truly honestly what is the technology here that we're supposed to be appreciating?
There is nothing amazing about being able to run a computer program. That's what computers do. EVM is also not a distributed computing service since every node has to run the same thing. It is slightly interesting watching people try to reinvent high-assurance computing from scratch without doing any research first, but it's not technically interesting.
Actually, the more "interesting" crypto projects are the more likely they are to be a scam using a "courtier's reply" defense.
I'd add that having a globally readable ledger encourages interoperability in ways we can't yet appreciate.
I believe that ERC-731 is valuable for the same reason that GIF89a is valuable.
I don't think anyone in 1989 could have predicted meme culture and the importance of the gif, but it happened because an enabling technology (communicate with animations) arrived and people started experimenting.
NFTs will probably become part of daily life in unexpected ways, because an enabling technology (cryptographic ownership of assets) has arrived and people are starting to experiment.
> I believe that ERC-731 is valuable for the same reason that GIF89a is valuable.
GIFs can be created, parsed, read, played, copied, deleted on commodity hardware for free. GIFs became popular because they were so easy to exchange because video formats were so heavy and patent encumbered at the time (less so than GIF was, anyway). The cultural phenomenon of reaction GIFs arose because of its accessibility.
Tell me how a child is supposed to safely do the following: easily create a wallet, somehow get some Ethereum, and starts minting and/or buying NFTs. None of that is even remotely comparable to ease of use of GIFs on the internet.
If you want to argue that "cryptographic ownership of assets" is going to be commonplace, that's fine, but only for strictly digital onchain assets. It's never going to apply to any asset in meatspace because humans have sticks and stones to get what they want and renders your claims irrelevant.
If you lose access to your wallet for whatever reason, be it fire, flood, social engineering, forgetting your password, death, solar flare, it's gone forever. If you depended on it for anything important, there's no recourse. Let's say there are cryptocoin insurance companies. How do you prove that you don't secretly still have access to your wallet?
>Another moment I would critique is the clever NFT, that displays different things. Yes, ERC-721 allows any URL as metadata file, so you can put traditional DNS-resolved URL there. But I would struggle to find any "respected" NFT collection that actually does that. Almost every high quality NFT project (Art Blocks, BAYC, so on) has IPFS as metadata URL, and goes as far as to freeze metadata, so it couldn't ever be changed.
The problem with digital art is that it is infinitely copyable (at no cost) and untraceable (with little effort, and a huge/impossible effort to trace backwards). There's nothing stopping an artist from selling a work of art as edition 1 of 1, and then a month later "minting" another copy or 10. Secondly, there's no way to prove the image uploaded is from the original owner. What happens if someone steals someone else's work, mints an NFT and sells it, and the buyer finds out the next day?
Thus, I cant be convinced a "respected" NFT collection / distributor can exist.
> There's nothing stopping an artist from selling a work of art as edition 1 of 1, and then a month later "minting" another copy or 10.
There is a social cost to making a promise and breaking it.
> What happens if someone steals someone else's work, mints an NFT and sells it, and the buyer finds out the next day?
Don't buy from random sources. You have similar problems with Pokemon cards, for example. Lots of fakes and it's often hard to tell a fake. However, people have found ways around the issue.
> You still have to verify that what you're buying is legitimate
That it is challenging to evaluate the legitimacy of a seller with a potentially obfuscated identity living who-knows-where is the reason middlemen are inevitable. Even with blockchains.
My understanding of IPFS is that there is some DNS-and-HTTP translation step that resolves content to IPFS locations. Is that correct, and is it immutable? How does that work?
There are many gateways that allow viewing IPFS content over HTTP (e.g. ipfs.io), but the "true" IPFS experience is not over HTTP, it's done via P2P and addressed using content hashes. For example, one of my NFTs has content hash of
QmTqkpmbKmciQgqhUWpML7dsJ59MBEjgQd7wH853n4ASZM
I keep a copy of it on my computer (+ backups). If for some reason it were to be unhosted by every IPFS participant, I could become one, and re-establish my NFT. Image content -> content hash, so everyone would agree about content re-establishing.
Content on IPFS is keyed by hash values. The data is immutable at least to the extent that it's impractical to find a hash collision with sha256 (today). The content will also only remain up so long as someone (either the initial submitter or others) has it pinned. Otherwise, the content will, eventually, disappear.
> It took years to get overall blockchain going. Then, to understand the need of programmability (smart contracts)
When was this need "understood"? When was it realized? How exactly?
I find it a bit paradoxical to say that "we understood the need for smart contracts right after the blockchain was invented". What problem did smart contracts solve when they were invented?
That's not quite right. The JS source code is committed on chain via a contract interaction and every minted token gets a token hash which, when run through the JS source, can recreate the art.
But...the execution environment is still your web browser and non-animated Art Blocks NFTs still have a "preview" stored off-chain like most other. Neither running the code in your browser or retrieving the preview is an on-chain operation.
it is pretty trivial to retrieve JS code and the hash from the ArtBlocks smart contracts, and save them into a HTML file to run it locally.
probably a more reasonable concern (rather than the on/off chain question) is one of dependencies (some depend on common libraries like p5) and possible incompatible changes to JS and/or browser spec in the future. At which point emulators may need to be created to continue to display this work.
Generally, the burden of maintenance for AB pieces is quite low and archivability quite accessible, relative to many other digital real-time artworks in museums and galleries today.
Agreed. I think the biggest "existential threat" to Art Blocks is that browsers change very quickly and different browser engines do things differently. In that respect, the art is truly just the code and not the visual product the code produces. If Art Blocks pieces are goin to live forever in "live view" it will probably be up to some digital archivists to make that happen.
Moxie makes so many good critiques (some are so subtle, it might be worth a second read). I got the sense he’s trying very hard to be even handed and constructive about a situation he feels pretty badly about, but his true feelings are bleeding through in some of the side points / parentheticals.
One point that I disagree with is his almost axiomatic premise that decentralization is an inherent good and the implication that the Internet went wrong because it failed to stay decentralized. To hint at great cryptography as the solution, as he does im his conclusion, is baked deep in his bones as an amazing cryptographer, but I think he’s prescribing the wrong cure. The problems with the Internet are fundamentally not about decentralization - they’re about trust. It’s a people problem, not a technology problem. Because of this, cryptography (I do not mean crypto) simply cannot be the answer - even the best cryptography is, like a great legal system, only capable of dramatically reducing the overhead costs and risk of operating in a given environment. When it comes to what great cryptography can achieve, I think HTTPS and maybe some E2E stuff that’s happening with Signal is as good as it can get (interestingly, HTTPS is good in large part thanks to Moxie) - it cannot bring us back to some golden Internet age.
It’s pretty interesting to consider the intersection between what counts as “people” and “technical” problems.
For example, concurrent version control systems (like perforce) were horrible. This can be thought of as a technical problem, but it was actually right at the intersection of something technical and a people thing. What git understood is that having a canonical repo was a people issue, and it correctly abandoned a central “source of truth”… basically no amount of technology can fix what is a people problem, so no repos are “special” or “the one” from a technical point of view. It then forced people to sort their shit out. However, because of this insight, git was able to get the technical aspects spot on. It correctly recognized that what was needed was the right data structure. Git is extremely simple software, that basically does two things really well: branch and merge, but it needed the right data structure.
I think talking about centralization (APIs and infrastructure) vs decentralization (protocols) as a people vs tech problem is exactly the same sort of thing, and to get the correct view on it you have to really mail in detail where the people/tech problems begin/end.
it's impossible to talk about trust without talking about cryptography.
from an implementation pov "trust" is a distraction where anyone can quickly derail any argument citing "Trusting Trust" or "the show me the root of trust" ...
So to avoid meta-discussions talking about cryptography instead of trust skips the noise and goes straight to the heart of the issue.
Consider this:
- Talking about cryptography is hard but it's unambiguous.
- Talking about trust is easy but ambiguous.
Cryptography forces us to look at the reality of implementation instead of a "meta-psychological concept" from meat space. Problem with talking about trust in engineering is that we like to lift things from meatspace and model it within the digital space.
But we forget trust isn't "a thing", it constantly changes, it's useful only as a tool to accept randomness/chaos of life. And so we'll perpetually fail when discussing trust in the digital space or try to pin it down in order to allow converting it into a spec or an implementation.
And I think Moxie understands this and so skips the noise by going straight to cryptography which is the only "tool" that is meaningful when we talk about the things we base trust assumptions on (cia triad).
we need to bring back "Clippy" but instead of a paperclip it's the ghost of Ken Thompson chasing your mouse pointer around and slapping it with a copy of "Trusting Trust".
To be fair, the vision of crypto isn't to revert the web back to when it was better, that is pretty much not possible. That doesn't mean it can't lead us somewhere forward, different from the past, that is also better.
> One point that I disagree with is his almost axiomatic premise that decentralization is an inherent good and the implication that the Internet went wrong because it failed to stay decentralized.
But isn't decentralization one of the points of crypto and Web3? It doesn't matter if Moxie agrees with decentralization or not. If the direction everyone is charging in is "decentralization", and it's not really decentralized, then it's a movement that isn't heading where it thinks (or where it claims). That's still true, regardless of what Moxie thinks the direction should be.
The golden internet age was innovation and community. You wanted your own X? Code it yourself. You looking for a certain subject? You may find a forum.
Web2 has been polluted by frameworks, modules, libraries and that the generic website now looks like the next. It hasn't gotten any easier its gotten harder. Where do you actually start if you want to create a new website or "app"?
My mother knows html, she has her own website. When it comes down to wanting a gallery to display her portfolio the easiest answer is to say "install wordpress". Which isn't easy in any shape or form.
And then if you wish to be part of Googles Search Engine you have to pay sponsorship.
The golden age was the innovation, the new, creativity, surprisingly freedom. Folk putting work in to developing a new platform.
Sadly we are now surrounded by walled gardens and one of the caveats are that if you want it on display, you have to pay.
Isn't the fundamental discussion we should be having if decentralization embodies trust? Is something decentralized automatically trustful? Or can trust only be established in a decentralized way? Which way is it?
The only thing I see people agreeing on is that centralized setups are never (infinitely) trustworthy.
This is insightful, but a bit depressing. How do you propose solving these problems if cryptography is not the answer? At least Moxie is suggesting that there is a viable path forward by focusing on solutions that decentralize the infrastructure.
We have centuries of data and precedent from human legal systems. How could human and machine governance be improved with the aid of modern technology, including but not limited to, revision control of legislation and public caselaw, graph databases for threat analytics across time/space/network, automated identification of gaps in machine governance which require human intervention, and yes, all the tools of web3/crypt0.
> revision control of legislation and public caselaw
Even in pseudo-democracies, even in many outright autocracies, the information needed to build such a thing exists and is public. I don't know if anyone's built a git repo for all US federal law, but the information is there if you want to do it and it'd probably be a really fun project.
A quick search suggests there are repos but not with all the history.
I wonder if anybody has tried modeling real-world legal systems in a DAO. Probably too complicated, but I think you could pretty much cover the US constitution just as a thought experiment.
"With the shift to mobile, we now live firmly in a world of clients and servers – with the former completely unable to act as the latter – and those questions seem more important to me than ever. Meanwhile, ethereum actually refers to servers as “clients,” so there’s not even a word for an actual untrusted client/server interface that will have to exist somewhere, and no acknowledgement that if successful there will ultimately be billions (!) more clients than servers."
Finally someone articulates the problem with crypto. People don't want to run their own servers, and they sure as shit don't want to run their own banks. So in theory you have a decentralised trustless web or financial system, but in practice, everyone is trusting someone to run a node for them. Which is exactly how the web and finance work now.
If people want banks, they can have them. At this point exchanges have become the banks of the cryptocurrency space. Lots of people just leave their coins in the exchanges, they even have savings accounts.
The ability to withdraw the money and use it directly with no third party involved is still important. Especially since governments are already implementing digital currencies that will be fully under their control.
How is withdrawing your crypto keys from an exchange functionally different from hiding jewellery around the house? At least the value of the jewellery is far less volatile, plus you can wear and enjoy it, which makes you less likely to lose it.
Yes yes you can memorise some encryption key, but that poses its own problems - what happens to your money if you die or become non-compos mentis?
Ultimately any sane person ends up trusting someone, whether a bank, an exchange, a lawyer or safe deposit box. Crypto removes the need for trust with a pretty extraordinary and elegant idea, but nobody actually wants it.
I'm not gonna claim it's different. It's not. Holding funds in a paper wallet means you have a piece of paper that's worth thousands, millions. It's a fact that there are inherent risks to holding that paper.
At some point this becomes about principles. Even if you have banks, even if banks manage to provide a good service without screwing up the economy in the process, you always have the choice to simply opt out of it. You can withdraw all of your money if you want and still maintain the ability to transact with anyone in the world. Now banking is no longer something that's imposed on everyone, it's an individual choice. It's a lot like the right to bear arms.
Your question about what happens to the money if you die is extremely relevant. My father asked me that exact question about cryptocurrencies. I came to the conclusion that if we own crypto then we must somehow make these arrangements ourselves because we can't depend on some government or bank to do it and certainly not some exchange that doesn't even answer emails. It should be possible for family to inherit a physical paperkey but I have to admit I know of no concrete examples of such a thing happening.
This is not a problem with crypto, because there are solutions to this, it's a problem with how people use it. The real danger is that people get too comfortable with this way of doing things and we never switch to more secure solutions.
As the person said, it is not a problem with crypto because there are indeed solutions to the problem. The tool you are referring to are the set of crypto currencies, of which there are many, which do not compensate data handling.
The point I'm trying (and failing) to make is that if a solution to a problem is reliably mis-used by its users, then it's not actually a solution in practical terms. The problems in this space are ultimately social, not technical. Success is measured by usage, not passing tests.
I’m not saying Metamask is a good tool, it’s not that easy switching to a good tool today anyway, we will see what happens in the next years but I expect that this will be an active area of research and improvement.
The same thing can be said of the web in general. The linked article even makes this point! If in the early web users all wanted to run their own servers the centralization of web 2.0 would not have happened. Is there any reason to think that history won't repeat itself and users will choose to use web3 technologies the "right" way?
Without Chrome and their push to force https I doubt that the web would have become so encrypted. But then CDN services did start centralizing https as well (because users don’t want to deal with certificates). Metamask and popular wallets, as well as layer 1 projects, have to decide to invest in these areas.
First of all, nobody participating in a blockchain protocol is running their own bank, no more than you are running the country when you vote for president.
Secondly, you are correct that in Web 2 people do not desire to run their own servers or analogously in crypto today they do not want to run nodes. But many people do want to mine - its a massive industry, but the issue stands, the nodes connecting people to the network and serving the data end up centralized; The Infura Problem is a great example of this. Infura was started by Ethereum founders to run Ethereum nodes that the standard wallets (the biggest of which, Metamask, made by the same organization) connect to by default.
The issue is that the Ethereum network is deeply reliant on both consensus and data-distribution, but it only compensates infrastructure for consensus - the miners - and in the future, stakers. Bitcoin is not as deeply affected by this because of its low data throughput, but its worth noting that non-mining nodes, which are essential to non-miners having a say in the network, are volunteering. These nodes are also responsible for distributing transaction data when miners use a modified Bitcoin Core Client designed to try and gain advantages by selectively sharing.
The miners on each network and those who run businesses around it don't want the networks to crumble, so they end up doing the work of nodes, but at the bare minimum. In Ethereum this means centralized node hosting services - that's a reality of the state of the network at this point. The solution is to start compensating both aspects of the network, because both are important. This not only re-decentralizes the nodes' motives and control, but it also means that distributing data more efficiently offers more rewards, so node operators are rewarded for scaling the network. The key concept here is that if the network does not compensate for its vital functions directly and proportionally to performance, then those functions will simply remain on life support.
The average user (the same user that doesn't want to be bothered with running a server at home) doesn't care about this, I don't think. Most people would prefer to rely on a trusted authority or expert for this sort of thing.
When talking about democratization, the average user is probably the only user that matters.
Yes but the fact that the user will do what's convenient does not mean it is better. The thing about Bitcoin (as an example) is that 99% of people using can't parse the source code, but they all know that if there was an issue in it the alarm would have been sounded by now by someone who could.
This is more a problem with Ethereum rather than with "standard" crypto.
For mobiles you have "SPV wallets" that does communicate with many other nodes while verifying block headers and that the transactions you're interested in are included in the blocks.
So an SPV wallet doesn't contain the whole blockchain, but to cheat it (and make you see invalid transactions), you need to generate a fake block, which is just as expensive as creating a real and valid block.
And all that's needed is for you to find a single node you can communicate with
I'll be honest I had no idea that access to Ethereum is effectively gate-kept by two centralized entities (Infura, Alchemy). I knew there were only one or two true Ethereum full-nodes, but the impact of that never quite clicked.
Me either. I had no idea that accessing a link to NFT-described content went through OpenSea for content that isn't even hosted by OpenSea. That's apparently a MetaMask thing. Supposedly a MetaMask wallet can connect to any willing node, but in practice they use the Infuria->OpenSea server.
Yes, you can run your own Etherium node and server, and connect a MetaMask wallet to it.[1] As Moxie points out, nobody wants to do that.
Worse, the blockchain does not, apparently, contain the hash of the data. You can't even prove you even have access rights to the data if the hosting service goes down. All you own is a link to a URL.
There are more Ethereum full nodes than two, but how many will accept web queries? That's a service.
> Worse, the blockchain does not, apparently, contain the hash of the data.
It very often does, and it is certainly the case for most high-value NFTs. It is indeed not the case if you create your NFT on OpenSea and do not take the additional step of freezing the metadata.
Also, there are many artworks that change, so a hash to a single file is not necessarily the right solution.
So if you purchase an NFT, you need to make a local copy of the actual data? Since the blockchain only has the hash? And if whatever server you originally got the data from the NFT for went down, you'd lose it if you didn't make a backup?
In those cases does the blockchain still have the URL as well? And you might end up with a collection of bits that matched the hash in the blockchain but was no longer at the original URL? What's the next step then?
(The "artwork may change" bit seems like it becomes even more weird and potentially nightmarish edge-case/potentially-losing-your-purchase-wise.)
> So if you purchase an NFT, you need to make a local copy of the actual data?
If you purchase one that’s worth say >4 figures then, yes, yes you should! Also at that point, you’re either part of the 1% or at the very least owe some due diligence to your investments.
In reality, the internet is a big copy machine and you’re probably safe. But you should still back it up.
the data has no value. anyone can right click copy an image. the value is that you own the blockchain address that points to a url. picture of a house = no value. deed to the house = value. even if the house is destroyed (data changed), the deed still has some kind of value
A URL pointing to nothing with no way to view the art that supposedly lives there anymore? I don't think that "deed" is gonna be worth much for long.
Sounds like it has the same value as saying "I used to own this one famous painting before it burned down in a fire."
A hash corresponding to the bits in your file? Sure, that works, you can say "yep, this is the image, I own it." A URL plus a hash + the bits. Sure, that makes sense, even if the URL goes away, you can prove that those particular bits belong to you. A URL that's now dead and nothing else? Nah.
You're not getting it. This is a game where the point is to collect deeds to houses, not the houses themselves. What's valuable to NFT enthusiasts is owning the deed to a famous home, even if the home is destroyed. Like saying you have the deed to Lincoln's first cabin
You can say that this is a stupid game and people shouldn't be playing it. I didn't make it up and I don't take part in it. I'm just trying to tell you what they're doing
This is leaving out the real reason: they hold lots of Ethereum and were concerned that not enough people wanted to buy their tokens. So many NFTs have been made under suspicious circumstances that I wouldn’t take the stated goals at face value.
Many NFTs are hosted on IPFS. If someone hosting it pulls the image, you can just start hosting it yourself instead, and since IPFS urls are based on the hash, it will never be "lost" so long as at least 1 person still has the content pointed to by the NFT.
IPFS is basically Bittorrent plus a financing system. Arweave charges US$5/gigabyte for permanent storage on IPFS. This is supposed to be forever, funded by investing the money and speculating in the declining future price of storage.
You can supposedly put academic papers on Arweave's version of IPFS.[1] But if you try "Browse", nothing appears. This acts like another one of those distributed systems that isn't.
I haven't heard of Arweave before, but yes, the [1] link above doesn't show any results either in the "Browse" or "Search" mode. The premise sounds interesting though. Is this a bug of some sort or does someone with more info know what's up?
A deed is to land, the land still exists if the house is gone. Your example is more like owning a title to a car that's been shot into the sun. It has 0 value.
I'd argue you don't even own the database entry. You own _a private key for a wallet that appears in_ the database entry for the hash of the image.
But to truly _own_ something, all the cryptographic guarantees in the world won't change the fact that true ownership can only be enforced through violence. And if your private key can be stolen by hackers in countries without extradition treaties, one could argue that anything digital is only "owned" in the absolute weakest sense of the word: no one has tried disputing it yet.
The centralised marketplaces themselves (like OpenSea) are able to and might try to police duplicate NFTs, or other counterfeit near-matches. I'm not actually sure if they actually do.
But on the blockchain itself, the NFT is just a smart contract (bit of code, bit of data) that knows it's current owner, it's name and a URI pointing at the image. There zero mechanism preventing duplicates.
Hell, it's such an unregulated market that the NFT might be based on a custom smart contract with a backdoor that allows the creator to steal it back at any time.
Ok, yeah, that's what I thought. So someone could sell a multimillion-dollar NFT, then someone else could duplicate it manually and "re-sell" it, and if they didn't do proper due diligence...
Bit that it'd be very practical, but the data itself is shared so in theory every company could set up their own API to render the blockchain into a readable, quick to access format. Even the vanished poop emoji NFT would reappear once someone else renders their view on the blockchain in the right way.
The problem with this is that running servers that store and process one or even multiple blockchains in a searchable way is terribly costly and inefficient. In theory the public ledgers are all safe against locking away data, like Google or Microsoft could do with your accounts in the real web, but in practice nobody wants to be the guy making a loss on serving blockchain views.
If web3 ever gets off the ground, it needs more of these access provider companies. Perhaps even a prebuilt system you can throw onto your own server to participate, like IPFS and other existing decentralised systems provide.
I'm still not clear on the actual benefit of the cryptocurrency web other than the concept of "owning things without legal protection or oversight" which I (and I believe most people) have very little interest in if it comes at the premium it comes at today. From a technical standpoint all of this blockchain stuff is awesome, but it's an awesome solution in search of a problem.
In practice none of this is happening. All the major wallets query OpenSea to determine what NFTs an account has (according to the article). anyone can access the data but that doesn't change what the wallets query. I can start my own wallet that directly calculates who owns what using the blockchain, but that sounds computationally expensive and there's no guarantee that anyone would use it.
"In theory" the data is open. but I believe that the point of the article is that unless I'm running my own node, data visibility is limited to what someone else tells me. and here, in reality, OpenSea has decided to delist the author's NFT and they have no recourse.
Problem is who cares if you run your own servers when everyone you know is viewing NFTs through servers which are manipulating the data like Opensea is.
That's true, but if the NFTs show up on some places and not on others then you could start a "resistance" against the existing market places. Outside of DMCAs and other such legal requirements, an exchange needs to be impartial about the stuff being sold and published on there to remain credible.
The cryptocurrency crowd is usually drawn to the decentralised, unregulated market, and OpenSea has turned out to be the exact thing blockchains are trying to overthrow.
But that's the point. So many people hyping web3 like it's going to be fundamentally different which is why it's worth all these resources (both people and energy), when it appears already heading down the same path as web2. Consolidated companies growing very large and getting a bunch of already known VCs even richer.
It's like a populist movement whose goal is to enrich the existing rich.
And in theory I can build a social network and become bigger than Facebook.
The reality however is that market dynamics, acquisition costs, network effects etc prevent this from happening. And these aren't things that crypto can really solve.
The social graph is 90% of the value of a social network and the hardest resource to build. Without it an exact copy of Facebook built by someone else is useless.
It's only useless if your goal is to have an archival copy of the entire social network. That isn't the goal for most social networks. The build around communities and grow/evolve over time.
It is costly, but not inefficient. This is what we do at my company and our products monetize our blockchain indexing operations. We are doing it all open source and are in the process of decentralizing our operations, so that:
1. anyone who operates a node can contribute time on their node for a share of our revenue
2. anyone can host one of our blockchain crawlers for a share of our revenue
3. anyone can contribute storage to our platform for a share of our revenue
We currently support Ethereum and Polygon, and are expanding to more chains.
I found this an excellent article, but the HN discussion (not calling out your comment specifically) seems to miss the fact that, as programmers, it is fully within OUR power to create the world we want to operate in.
Edit: To clarify - we run our own nodes. Currently on AWS but we are running out of credits soon so soon in our offices and living rooms, and eventually in data centers.
I'm curious what would happen if somebody uploaded illegal data (e.g. child porn, sensitive PII, or government secrets) to an Ethereum contract. Would these nodes be legally required to filter it? If you look at something like the Pirate Bay, it's not simply enough that you are an allegedly content-unaware service -- once you become aware of your service being used for or distributing something illegal, you are required to mitigate it. At the end of the day, these are businesses which operate within a jurisdiction and must act in self-preservation.
But at the point where they start filtering transactions/addresses, there's going to be big questions about what is the true view of the blockchain.
IIRC this happened years ago on the bitcoin blockchain. I guess that nobody seems to care about that data being shared across every full wallet because bitcoin's primary use case is too remote from data sharing ?
In what sense is it "gate-kept"? Isn't the complaint that in practice most people probably use those two services? As far as I know those two services don't do anything to try to force you to use them, and people just use them out of convenience because "People don’t want to run their own servers, and never will."
The potential for single points of failure (or even intentional abuse) does exist because of this de facto dominance of two service providers, but as far as I can tell there's nothing stopping anyone from running their own node and connecting their various cryptocurrency wallets to them other than the money and inconvenience of running your own server.
> As far as I know those two services don't do anything to try to force you to use them, and people just use them out of convenience because "People don’t want to run their own servers, and never will."
Indeed, but one could make the same claim re any Web 2 juggernauts like Google and Facebook. You don't need to use them, sure. You can start your own social network. It's just expensive and inconvenient. This is what causes centralization and gatekeeping in the first place. It becomes self-reenforcing.
Except that you do need to use Google and Facebook if you want to interact with their data. They literally gate-keep the access to their data. It's not just inconvenient to host your own server that discovers peers and syncs the entire log of all historical events on the Facebook social network and allows you to write new events to that log which those peers will recognize. That's impossible (or at least, it would require some significant and very illegal hacking effort).
Heh. “Illegal hacking effort”? In the EU, it's illegal for Facebook to prevent this. In fact, there's even an export button, which gives you quite a lot of the historical data (though not all of it).
To get events, just scrape the Facebook website using Selenium and Python. There are online tutorials for this. Harder than it should be, I'll be the first to admit, but easier than blockchain-based systems. (Blockchain isn't the appropriate solution for social media; use a proper federated protocol like ActivityPub or XMPP.)
That covers exporting one user’s data at one point in time, sure. But you can’t read all public events without significant work on a scraper, and you certainly can’t contribute without going through Facebook’s servers. Of course you’re not forced to use Facebook, but in order to use Facebook you must go through their computer systems on their terms.
But the goal of most people isn't to use Facebook; it's to keep in contact with their friends. Scraping just the things they care about is fairly easy; scraping what Facebook chooses to put in front of their eyeballs when they're using an account (in practice, what they'd see if they were using Facebook) is really quite easy.
Then you can just reply to Facebook messages on something other than Facebook. That'll annoy your friends a bit, but that's the cost of them still using Facebook.
The problem with Facebook is not that it's hard to get your data off. It's not, really. The problem is that you have to be a programmer to do so; and blockchain stuff doesn't fix that problem.
Totally, but as the article points out, you only have the URL. You can't store more than a few bytes on chain so the link can point to a Facebook URL, OpenSea URL, etc which you don't own. So unless you are going to store small messages, what's different?
The concern is that since these companies are iterating faster than the protocol and providing their own API services that apps/products built on these platforms will not in fact be portable, and in practice will suffer from the same lock-in and network effects as web2.
The point is if you buy a stylized poop icon but the pseudo-gatekeeper company deems they want to shut off that part of the blockchain what are you going to do? Are you going to download and maintain 20 PiB of data on a server to keep your unique one-of-kind poop icon? The same could happen in the future to actually valuable things like a contract/NFT between you and another party.
Analysis of blockchain transactions is also consolidating around middlemen too! If you're trying to read data off of the blockchain for professional analysis purposes, you'll find a lot of working analysts are using sites like Dune.xyz, which stick a SQL interface in front of data slurped from the blockchain and charge a pretty penny to access it.
(Wouldn't be surprised if they're slurping from middlemen services themselves)
We have built an open source tool that you can connect to any node (on an Ethereum-based blockchain) and instantly start building datasets about contracts that you care about. All you need is their ABI.
We are committed to keeping this code free. Our policy is only to charge for our operational expertise, but all the code that we use is open source. We are in the process of opening our platform up for decentralization (so anyone can contribute node time, storage, etc.).
There’s no real reason for this to be honest. The Web3 projects I’ve worked on tends to fall for centralized services like Infura because of development needs at first and then it’s just easier to use it for production. I’ve made a decent living for the last two years setting up test infrastructure for Web3 projects due to its complex nature. This is true across all blockchains, not just Ethereum. It’s an area ripe for new DX products.
New products? Would those be more centralized platforms, or is it feasible for me to connect to the blockchain, verify stuff, and so on if I am running my own server?
It still seems that my users on phones and browsers would need to trust me in that case, right?
Oh it’s totally doable to run your own node on your own server! And thanks to the protocols consensus rules your users can trust that for a transaction to go through your node and be accepted onto main net your node is a good actor.
So one example I’d give - every team I’ve worked on has had to build a local development environment with several nodes to easily spin up with a clean slate for deterministic testing. Teams get sucked into tools like Infura to set these up and then it’s so easy to do the same for deployment they do just that. I think there’s tons of room for Blockchain-as-a-Service tools to improve development and testing processes without forcing centralization on main net deployments.
> And thanks to the protocols consensus rules your users can trust that for a transaction to go through your node and be accepted onto main net your node is a good actor.
Usually, you still have the “server is selectively lying” problem; unless the users are talking to each other, how do the consensus rules help with this?
> Usually, you still have the “server is selectively lying” problem; unless the users are talking to each other, how do the consensus rules help with this?
If you're submitting txs to a node that doesn't communicate to the mainnet (they're isolated from it) then any txs that go to it would be void. You could just use that Eth on the proper mainnet as it wouldn't be on the chain. If the node decided to then come onto the mainnet it's chain would be vetoed by the other nodes states and would fork back onto the main chain. Ethereal has Byzantine-Fault Tolerance up to 50% and you don't gain anything by running an isolated node to try trick people.
That's not the only way to lie. You could, for example, lie that a transaction that doesn't exist has gone through – say, in a cross-chain “currency exchange”. Or perform a double-spend attack. Or many other things, because the Byzantine fault tolerance doesn't apply in this case.
> I think there’s tons of room for Blockchain-as-a-Service tools to improve development and testing processes without forcing centralization on main net deployments.
The big Blockchain-as-a-Services shut down - both IBM and Azure are gone.
I don't mean these sorts of simple host-a-node services but something where you can run custom chains for your dev and testing. For example, this week I had to build a separate Polkadot chain for a client that had reduced governance term durations so they only took 5 minutes instead of 120 day and with a smaller council size so tests are easier to manage. This needs to run in CI so has to be in a position to spin up and tear down on command and the genesis block has to fund the appropriate accounts for testing. This could be pretty easily abstracted to a Web App for people to build this without needing to know how the underlying nodes operate, what to change, etc...
It's way simpler to just connect to Wikipedia.org and download the pages you want to read instead of downloading the whole Wikipedia.org database and keeping it stored and updated on your devices. Same principle.
Mostly the cost of hiring a DevOps engineer to set it up and maintain it and taking on the additional risk of having to deal with upgrading the node etc... It's just cheaper and easier to go centralized at the moment.
Though things are never cheaper to maintain than at the beginning of a tech bloom. Its only going to get more expensive to create and maintain as the node and the APIs get more complex.
Sure but these aren't crazy complicated beasts - a binary installation and some unix experience gets you 90% of the way there! I don't think they'll get far more complex in the next few years at least, and documentation/user support is really good
Yes, but with a few other things! Setting up ad-hoc chains with custom genesis files would be a huge improvement for dev teams as they'd not have to make their own solution (which everyone I've worked with has ended up doing).
It's not gate-kept, it's just that it's not easy to run your own node and synchronize to the chain (especially if you're on mobile) so people don't do it and instead decide to trust public nodes.
It's the early days, remember how long the internet worked with http:// ? It's only in 2009 I believe that Facebook switched to https://
I should have said archival nodes, the ones that keep state back to the genesis block. I don't know if that number is even tracked anywhere. I've read estimates ranging from 2 to 5. I'm trying to find where I read that, happy to be wrong - or right, if anyone has data.
[edit] Here. [1] And here. [2]
After examining every which way we could think of to add the Trie state to our Ethereum state, we asked Vitalik for assistance. His first comment to us was “oh you’re one of the few running one of those big, scary nodes.” We asked him if he knew of anyone else running a “big, scary node” to see if we could possibly sync with them. He knew of no one, not even the Ethereum Foundation keeps a full archival copy of the Ethereum chain. [2].
I've run quite a bit of analytics on ethereum and have downloaded the entire chain multiple times for processing and it's freely available from multiple providers. All the major API providers (infura, etherscan, etc) have the all the raw blocks available readily.
Some Erigon nodes run with pruning enabled. You can't tell which ones those are, or how much pruning.
Technically you can tell which Geth nodes are archive nodes with a GetNodeData query over devp2p, although that call is deprecated and will eventually be removed. Its replacement, GetTrieNodes, cannot be used for this.
Archival nodes also keep state back to the genesis block, it's just stored in delta format so you could say that it's not "unpacked" out to the disk. It's a common misconception that "full nodes" don't have all this data.
> Every now and then someone will argue on CT that Ethereum full nodes are not complete nodes because archive nodes exist. I decided to run a little experiment to disprove a few things
> The goal was to convert a full node into an archive node, demonstrating that Ethereum full nodes contain all the necessary blockchain data.
> 28 days later, I can confirm that it worked. I started with a 150 GB full node and expanded it to an archive node weighting 2.3 TB, without external network connectivity.
A full node lets you fully verify the chain's historical states and it lets you interact with the current state. Unless you're running a service that exists solely to allow people to query historical states (like a block explorer service), I don't see why it would be useful to be able to query historical state.
You need an archival node to see a list of all transaction that transfer eth into an address.
A full node can only give you the current balance, and a list of all transactions that directly transfer eth to that address. Any transaction that transfers eth as the side effect of a smart contract is invisible.
I personally see it as a flaw in the design of eth. You shouldn't need the complete history of states just to find all relevant transactions, but you do.
Besides, the argument that regular users shouldn't need to query such information it doesn't change the fact that the information is unqueriable in a full node, short of spending 28 days transforming it into an archival node.
I'll give you that. If you need to query a list of all contract transactions that have ever transferred ETH to your address, I believe you would need an archive node to do so although don't quote me on that.
> Besides, the argument that regular users shouldn't need to query such information it doesn't change the fact that the information is unqueriable in a full node, short of spending 28 days transforming it into an archival node.
If you don't need to query the data, then the data doesn't have to be unpacked and indexed for querying. Seems simple to me.
It's kind of misleading to claim the archival is packed. It's not compressed into some archival format. Instead, the full node contains all the inputs to regenerate the data.
To transform into an archival node, a full node has to rewind to the very first block, and replay every single transaction.
Since the EVM is Turing complete, this is roughly equilvent to stimulating a computer with years of recorded keyboard and mouse inputs, taking care to record how each input effects state of the computer.
You can't jump to the middle, you have to replay the whole thing.
I don't think it's misleading to call Git history "packed", and the mechanism for regenerating historical states is similar to Ethereum's (though of course Git's delta function is changeset-only with no turing-completeness). In fact, Git calls its own delta-storage "Git packfiles".
The EVM is a very simple and rudimentary virtual computer, so replaying the whole thing isn't an impossible task. According to the tweet, it took this guy's computer 28 days to replay 4 years of history.
Git also adds snapshots to the mix, which makes it possible to rapidly jump to fixed points in history and only use deltas for the fine grained seek. Git also has indexes to find stuff.
Git justifies the viability of it's "packing scheme" by actually making everyday use of it.
A full eth node has no snapshots or useful indexes into the archival data. It has to apply the deltas linearly from the beginning. Applying the deltas is very slow, very IO bound, seeking all over the disk.
The data might be there, but it's practically useless. A user who discovers they need some archival data is never going to consider waiting weeks for the nearly 7 years of history to be replayed before running their query. Instead they will head over to etherscan and trust whatever it says.
Those all sound like local database features that one could add to an Ethereum client if they found them useful enough to bother, they aren't protocol-level concerns or "flaws in the design of eth" as you put it earlier.
> The data might be there, but it's practically useless.
The availability of the packed data is useful, just not to the end user of the node. Having this data widely available on the network means that anyone can spin up an archive node by peering with other full nodes, they don't need to discover and peer with the very limited number of other archive nodes, and the network doesn't need to worry about losing that data permanently if all archive nodes go offline.
> A user who discovers they need some archival data is never going to consider waiting weeks for the nearly 7 years of history to be replayed before running their query. Instead they will head over to etherscan and trust whatever it says.
Call me unprincipled but I don't think it's an issue that if a user needs data above and beyond what's needed to fully verify the chain and read and write to it, they're expected to either spin up a more resource-intensive node or retrieve the data from a specialized history service. Statelessness is on the roadmap, so in the long-term the historical data that Etherscan and similar services serve up to you will come with a validity proof anyways.
I'm fine with you dropping the principles of decentralization and accepting that the current situation is ok.
You can construct many great arguments that the increased centralization is a good thing, or that the upsides are better than the downsides.
What I take issue with is attempts to classify ethereum "Full Nodes" as more than what they are. Yes, they technically contain all the information requires to reconstruct an archival node (at least until statelessness becomes a thing).
They are simply not anywhere near the same thing, and attempts to brand them as the more or less same thing just comes across as denial.
> They are simply not anywhere near the same thing, and attempts to brand them as the more or less same thing just comes across as denial.
They are the same thing specifically when it comes to:
* Downloading, verifying, and storing every transaction that has ever happened on the network
* Maintaining a tamper-proof, data-complete copy of the blockchain
* Interacting with the blockchain in a maximally verified, maximally secure way
I never said that they were exactly the same thing or that they should be branded as the same thing, I said that they store the same data (by which I mean from an information-theoretic standpoint), which is true.
> What I take issue with is attempts to classify ethereum "Full Nodes" as more than what they are.
I take issue with the attempts to classify them as less than what they are.
What needs to be squashed is the common idea in the OP that "full nodes are not actually full" because there's a "fuller" "archive" node that has the states indexed on-disk. The difference between a full node and an archive node is perfomant historical queryability, not security or data-completeness.
OP says that "access to Ethereum is effectively gate-kept by two centralized entities", which is untrue because you don't need an archive node to access Ethereum, only a full node. OP's idea that an archive node is the only "true Ethereum full-node" is common baloney that pops up often in the cryptocurrency community.
This is where the difference between theory and reality start to become an issue.
Yes, in theory the full node contains the full blockchain. Yes, it's all you need to verify that any transaction happened. Yes it's tamper proof.
But in reality, it can't show you the full side-effects of every transaction. In reality there are occasionally things things that require archival data. In reality, it's always easier to go to a centralised block explorer, or pay one of the few centralised API services (And I know this from experience, I've synced a full archival node back in 2019, and build a product that required querying it. It was such a pain that these days I'd highly recommend not doing that and just paying for API access)
In reality, the fact that you occationally need to go to etherscan to get the data you need, results in you just going to etherscan anyway, even for the simpler queries when you have a perfectly fine full node sitting there (again, personal experience). Hell, etherscan actually provides more data than an archival node, where else are you going to find the source code for contracts?
In reality... Most people don't even run light nodes. They certainly don't run full nodes. They just use etherscan, or whatever API their 3rd party wallet uses.
That's why in reality, access to ethereum is partially centralised around API providers. Yes, in theory anyone can go around them, set up their own node or create a competing API service at any time. But that's not what happens in reality, and when it comes to the topic of centralisation vs decentralisation, I'd argue that reality is far more important than theory.
Its a bit of a well kept secret. It does not represent maliciousness on the part of Ethereum or centralized node providers - its a consequence of the network doing nothing to compensate for nodes to deliver data to-and-fro. Miners and businesses stand to lose if the whole network crumbles, so the bare minimum is done to supply nodes, which means centralized node hosting.
A fully scalable, sustainable and decentralized network compensates all infrastructure important to the network, which means mining (consensus) and transaction/data routing. A nice side effect of rewarding data transmission is that you incentivize speed, so scalability can happen naturally with no conflicts of interest between miners and users.
Check out Pocket Network, it's a web3 network protocol that incentivizes node operators to run ethereum nodes (and other blockchains). Effectively decentralizes Infura / Alchemy https://www.pokt.network/
It's not gate-kept by two centralized entities at all, there are a lot of alternatives many completely decentralized. This author is clearly new to the space and hasn't really done much research, outside 5 minutes of google.
All these arguments apply to email as well - there are plenty of small providers and you can run your own email server. But, in practice, almost everybody uses gmail or outlook so we still say it's heavily centralized.
What good is running your own full Ethereum node if OpenSea blocks the NFT you're trying to sell and most of the customers who would want to buy it are going through OpenSea's node?
You're not wrong, but it can be a fantastic experience if you do have your own self-hosted node. I run the geth node on a linux server and can connect to it to send blockchain transactions or retrieve information from the chain. Example: my tax prep software took my wallet addresses and found all my uniswap trades by querying the local node.
At the risk of displaying my ignorance and lack of knowledge about this area, one part I found very familiar in this article is that the action interactions in his apps didn't actually interact with the blockchain, but essentially with two centralized services.
My very limited understanding is that for blockchains essentially the way to distribute them is that every node has a full copy. This sounds awfully expensive in the long run. My intuition would be that once running a node is expensive enough, this would not be truly decentralized. If I can't get the fundamental information out of a blockchain myself on hardware I can afford, the actual properties of the blockchain don't matter anymore as I cannot access them myself.
The moment you need to rely on third parties, you lose any unique properties a blockchain might have. I don't know how this would work if blockchains inherently are inefficient enough that you always need a way around querying them directly. I find the idea of a distributed trust-less database interesting, but if it is so inefficient that I can't actually access it myself that idea doesn't seem that interesting anymore.
Except that as you say, it's too expensive for every node to have a full copy, so there will only be a few dominant players. If that's the case, web3 will be like what we have now, where instead of the dominant players being Google, Meta, and Amazon they will be the two or three dominant web3 companies, with a few smaller people trying to keep up.
You are massively over estimating how much a copy of the entire history of ethereum costs.
You can store the entire blockchain on a 1 tb harddrive.
The cost prohibitive nature is only running an open rpc that you tell hundreds of thousands of people about. Then you will have to deal will letting all those people access that 1tb of data.
Quicknode lets you have a private rpc with the full history of the chain for dollars a month.
That's not how decentralized blockchains work, you participate in staking or as a validator, there are no "companies", it's open source and decisions ar3 made from the ground up, meaning your are a participant. Also to say every node needs a full copy is about 5 years behind what's currently happening in the space.
> blockchain data providers obviously need to provide the exact same data
That's not obvious to me. I'd expect that companies could be asked to censor certain parts of the blockchain, and would then hide those parts in their API. I would also expect that transacting with certain addresses could be blocked, and companies could enforce that in their APIs.
This article also helps me appreciate how important the "small node" approach is. Bitcoin and Ethereum nodes can run on $200 of hardware (a basic Raspberry Pi + 1 TB drive). And even that investment is inaccessible to most.
>> At the risk of displaying my ignorance and lack of knowledge about this area, one part I found very familiar in this article is that the action interactions in his apps didn't actually interact with the blockchain, but essentially with two centralized services.
Absolutely correct. Extremely flawed reasoning regarding blockchains and web3 on Moxie's part. He actually created more confusion than enlightenment.
He's creating confusion by treating front ends or clients like (Metamask, Opensea, and Infura) as servers when they are actually clients.
So dapp -> infura -> blockchain is really client -> client -> blockchain.
When multichain interoperability becomes widely available (See polkadot, cosmos, etc) blockchains will also become clients as well. Clients at any level won't be bounded like they currently exist in centralized networks.
> I think changing our relationship to technology will probably require making software easier to create, but in my lifetime I’ve seen the opposite come to pass.
I don't think I'm disagreeing with Moxie here, but I do like to emphasize that it's less that creating software has gotten harder (which is true in some ways but false in other ways), and more that our standards and expectations for what software should do have gotten higher. If I wanted to make a chat app today, for example, it would obviously need to:
1. run on iOS, Android, and probably also Windows/macOS/Linux or at least desktop browsers
2. have some notion of persistent user identity and message history, including something like passwords and something like an account recovery flow
3. support group communication among these persistent users, hopefully allowing for multiple devices per user
4. be internationalized into many languages
5. with some sort of abuse reporting/detection/response mechanisms and some posture towards law enforcement requests
It doesn't need all those things on day one, but it will need them if and when it gets popular. And of course this is without even beginning to think about discretionary features like
6. searching, sending, and displaying animated GIFs
If my goal is to build an app that me and my friends can use for fun, of course I don't need to do most of this. But if my goal is to compete for market share with apps that do these things, I 100% have to do all this and more.
Chat apps are incredibly commoditised. It also seems natural that improvements to huge tech platforms today takes more time than anything previously.
But for smaller applications that innovatively solve a new problem, feature parity shouldn't be as important. I actually think now is the best time ever to build something, with all the tooling available. You can use Electron, Firebase, Auth0, GetStream etc to solve many of your points.
As an engineer, I feel like this single post helped me better understand Web3 and how it worked under the hood better than any of the heavily hyped Discord and Twitter announcements of new projects over the past year.
It's interesting how tightly coupled Metamask is to all of the other big crypto / NFT marketplaces. Feels like the "distributed web" portion of it has just been an over-exaggeration all along.
> Feels like the "distributed web" portion of it has just been an over-exaggeration all along.
It has, but only a small portion of people with the engineering skills to recognize knew it. Those profiting off it hyped it, and those not either called it a scam or stayed out of the fray.
This somewhat reminds me of reading IPFS documentation (which is fucking excellent BTW) and realizing the same thing: nobody is going to run their own pinning service and Piñata is the only one they mention by name which means it’ll be the platform everyone (to a first approximation) will use.
The lack of a a few "chains" though means an ephemeral node might actually not suck though.
Put another way, even IPFS nodes that for all intents and purposes are "clients" can still speak the same protocal to talk to the pinning service.
The single-ish central chain idea was always terrible. "Trustless" or not, that much synchronization is a misfeature! The real world really is partial-order time/causality, that is a feature not a bug.
I make content. I put it on IPFS. I pin it to Piñata because my laptop isn’t on all the time. Piñata decides my content isn’t acceptable and removes it. You can’t access my content. Not a problem?
With torrents people actually participate. Piñata should not be viewed as the "database of record", but as a something that complements the desktop at home.
I understand that is still not satisfactory.
I think the real goal is to find institutional users who are not interested in a profit. For example I am involved with https://nlnet.nl/project/SoftwareHeritage-P2P/. Software Heritage would be not a high bandwidth pinner, but a pinner of last resort. Universities were very important to the original internet, and should also host public data sets, software artifact, and hopefully if Sci Hub prevails the journal articles themselves.
None of that is a pinning service, but if it catches on the big cloud companies might feel compelled to get into the pinning service game, if only so they can get those university and government contracts! The current cloud computing business as a racket, but them offering support for a protocol that reduces switching costs might make for some real competition.
Basically "web2" problems are Captialism problems, and the stuff needs to become a low-margin business or state-run not-for profit to be better. There is no secret magic short cut, it is a political problem. SV is of course completely uninterested in low-margin businesses. The regular web3 will have a hard time being anything but a Ponzi scheme per its design, but IPFS itself at least doesn't have those characteristics baked in, and so these alternative futures are possible.
Naw, there’s also naive optimists which are similar but distinct from gullible fools. Kind of half and half. They know exactly what they're doing for half the equation.
And that's one of Moxie's points: how exactly is web3 supposed to be avoiding the centralization that occurred on the web, when it's already at that point.
The fact that a problem exists doesn't mean it can't be solved, but any solution which does not go deep enough to address why Ethereum nodes are centralized is simply hype.
It’s not the same as web2. These web3 frontends don’t have moats or lock-in like Facebook or Google, because they don’t actually control the data. The data they serve is all from public ledgers. You can switch off of Infura in a second by changing your RPC url.
Github relies on a distributed storage architecture (local git repositories on developers' machines) and in theory anyone can take a project from github and duplicate it on gitlab etc. In reality nobody bothers and a project hosted on github will remain exclusively hosted on github and nowhere else, and likewise with other git hosting services. For the most part nobody cares if the data is hosted on a distributed system or a centralized one, because the overwhelming majority of users will rely on the front end. Changing RPC urls is not as easy as you might think, especially for systems that are widely deployed and have heterogenous clients (which in theory would be the case if Web3 ever took off, which I personally doubt).
People do bother. I don't have specific examples off the top of my head, but I've occasionally run into an read-only GitHub repo that's been moved to Gitea or GitLab, or even BitBucket.
More broadly speaking, it's important that you can migrate, even if you don't actually do it, because users who can easily churn give the developers an incentive to keep the UX solid. If you can just leave GitHub at any time, then they're less likely to add gigantic banner ads to every page, or bundle "third party offers" into installers - they know what happened to SourceForge, after all.
The barrier to hosting your own email is that you'll spend a day configuring everything, and a year later, the big providers will slightly change a spam detection algorithm, your mail won't be delivered, you won't know, and there will be bad consequences for you.
The barrier to changing your git origin is spending five minutes setting up an account and repo somewhere else. Everything will work absolutely fine, you'll still have all your git history, you'll just be slightly less discoverable and some potential contributors might not want to create an account.
I keep my projects on GitHub for discoverability and the reputation provided by stars, whatever that's worth. So essentially network effects.
The reality is if I'm looking for a library to solve a problem, I'm much more likely to use one from GH with 1000 stars than a random self-hosted GitLab with 50. I would like to not feel that way, but I suspect many others do as well. It would be nice if we at least had a decentralized reaction/reputation system.
Is there an analog to this with the services Moxie talked about? Sincere question, I'm not familiar with the ecosystem at all.
The closest attempt I can think of is status wallets token ranking for dapps. You could burn your tokens to say if you liked something in their listings and that would rank it for others. The issue they hit is when the lists got popular (in like 2018-19) vc funded projects just bought up the supplies of tokens and burnt them to get their project rated higher. So basically Sybil attack and they became unreliable.
It’s the same problem across all decentralised protocols, if it’s cheap to say something you get spam(see email) but introducing costs can just skew it to those who can afford to spam instead (essentially those with an advertising budget).
So there’s been a lot of research on proof of personhood (BrightID/ideas/proofofhumanity) to add Sybil resistance mechanisms so we can do 1p1v across the network. They’re working ok, but the next big step is adding zkproofs so we can anonymise the voting (which is needed to prevent collusion) which clrfund and sismo are working on.
Kleros have an interesting curated register protocol, which seems to work on small scales. Some groups are using it to token rank guy issues to prioritise work and get feedback.
The status blog has some interesting writing around these ideas over the past few years https://status.im/research/
And, as the article suggests, if there is some new feature that Github can enable (integration of git commits with an issue tracker or CI/CD integration come to mind), that will happen in a vendor-specific way on Github, not in the Git protocol. So, then you immediately move back to the world of platforms.
Few people bother because every git commit is cryptographically signed and every git repo is inherently replicated. It doesn’t matter if you use a centralized service or not as long as you can rely on SHA1 (and sha256 is coming…) Git is almost the ur-blockchain in this respect, hardly an argument for centralization.
The web3 frontends appear to be in the same place that Chrome is: yes, technically you can always switch to another browser, but if Chrome decides to boycott a new feature, it will never exist as a practical matter. If Chrome blocks a website, it will be as though it doesn't exist for most people. That in theory it still does doesn't change anything. What makes OpenSea different than Chrome in this respect?
The problem is that they control distribution – the only thing that matters. You don't need to own the data if you own the eyeballs/mindshare.
For example: Spotify doesn't own any music copyrights, yet they own 32% of the music streaming market. The second best is Apple at 16% ... which also doesn't own any of the music.
It's a little different than Spotify. Spotify still controls the means of distribution while the data sources for "web3" are public/decentralised (in most but not all cases). Rather I'd compare it to Google Search and AMP. The data is still accessible and there are alternatives (manually routing to the sites themselves or using other search engines) however the main path to the data is gatekept by a centralised source (Google) which is routing all the requests through their servers (AMP) instead of using the underlying protocol.
It's still a severe issue but it's a much simpler solution to simply build competitors for a tool accessing an open platform than it is to build a new platform entirely.
Yes, web2 incumbents control data and they control distribution. I agree with you there!
aside; sometimes I feel like I’m taking crazy pills because for the last decade or so on HN we’ve been talking about how Big Tech has monopoly control over everything, how they’ve destroyed privacy and monetized eyeballs and engagement to the fullest. And now that a potential decentralized competitor is emerging, the kneejerk reaction is “why not just keep using <monopolistic centralized surveillance ad platform>”?
(I understand why, cryptocurrency is the whipping boy of the week, and it’s full of scammers, I get it! But I’m not going to pretend I’m happy with the existing crop of centralized services.)
Do you actually think blockchain tech is remotely competitive with the big platforms? Blockchain payment systems have had more than a decade to become popular and still are not even remotely competitive with the big payment processors. Most of the world will only read about "Web3" on some news site or blog, then ignore it because it does not even come close to meeting their needs.
Consider how many people post something on Facebook in a single day, and now consider what it would take if each post had to be replicated across tens of thousands of independently operated systems. Big tech companies scale in large part because of their centralization, which allows them to coordinate large numbers of physical machines to efficiently provide service to their users. You may not like the ads-centric business model but on a purely technical level it is pretty clear that the big tech companies have a big advantage in terms of operating their infrastructure, and overcoming that advantage is not going to be easy for any distributed system.
I personally prefer to focus on mitigating/preventing abuses by a central authority/component of a system, which almost always results in a far more efficient and reliable solution that trying to eliminating all centralization.
> Do you actually think blockchain tech is remotely competitive with the big platforms?
Right now? Absolutely not, web3 is pure jank right now. I’m just trying to see where the puck is headed.
> I personally prefer to focus on mitigating/preventing abuses by a central authority/component of a system, which almost always results in a far more efficient and reliable solution that trying to eliminating all centralization.
How do you do this? How do you take Facebook to task? The only entity that comes anywhere close is France maybe and those fines are just a slap on the wrist.
I was referring to technical solutions, not fines or regulatory measures. For example, before Bitcoin cryptographers published a mountain of research on designing secure and anonymous electronic payments, but relied on a central bank that issued and redeemed the money. The bank was constrained mathematically so that it could not link user transactions, unless some subset of users had cheated in some way (double spending). So there was a central party but certain forms of abuse were impossible, and those systems were overwhelmingly more efficient than Bitcoin or even a proof-of-stake approach ever could be (this is because transactions are "truly" peer-to-peer, meaning that only two parties do any work at all when a payment is made or when money is withdrawn from or deposited with the bank; moreover the work required to perform transactions amounts to verifying a few signatures/NIZKs). Another example is the use of oblivious RAM for secure cloud storage, which both protects user data and ensures that "most" of the access pattern (everything but the number blocks of data a user has accessed) remains private. There are also many examples of real-world deployments of secure multiparty computation that limit abuse by large/centralized parties in various ways while still allowing those parties to operate and even expand their business (without having to collect more user data than they already collect).
> “why not just keep using <monopolistic centralized surveillance ad platform>”?
The question, for me, is actually "how is this any different than <monopolistic centralized surveillance ad platform>”?
Because I still remember high school and how every single one of these monopolistic centralized platforms sold itself to me as "Come to us, we represent a new free and open society unencumbered by stodgy authorities!".
You know, the exact same rhetoric these new web3/crypto companies are selling. Sounds like Animal Farm all over again to my skeptic ears.
Remember when Twitter was the future of decentralized discourse free of government tyranny where you can organize political protests free of oversight and manipulation from your local govt? Hell it's a big part of why arab spring worked!
>> The question, for me, is actually "how is this any different than <monopolistic centralized surveillance ad platform>”?
You can send a transaction from A -> B using Bitcoin (or another cryptocurrency) without it being censored by any government. Can they see your transaction? Yes. In that case, use Monero (or the upcoming Railgun). Comparing crypto to any of the above is quite a stretch.
Twitter may have failed in it's promise, but right now, crypto/blockchains/web is a massive improvement. They may not be perfect, but they are trending in the correct direction. Like the parent post, it's shocking to me the 180 that HN has done in this regard.
> Like the parent post, it's shocking to me the 180 that HN has done in this regard.
Is it all of HN that's changed, or just this thread? There are probably a lot of ppl commenting on this article that don't bother to comment (or maybe even read) many other web3 related articles.
> "Come to us, we represent a new free and open society unencumbered by stodgy authorities!".
I don't pay a lot of attention to the complaints, so I could be wrong, but it seems like when ppl complain about Twitter they're just as likely to complain about them being too unencumbered as they are about them restricting too much.
End consumers don't care and that will always dictate adoption.
Also because people are complaining - doesn't mean that this specific implementation of decentralisation is the right one and that's why it gets so much pushback. A mere difference of opinion, but mostly because parties who claim to work in the name of decentralisation are there to grab the cash and push the narrative that it is actually to relief the society of evil organisations - so far its rather about wealth re-distribution as usual...
The web3 providers mentioned are the most popular, but they do not control distribution. That's the whole point. Anyone can distribute the data on the blockchain with no clear legal repercussions unlike with music where you will get sued for distributing music without permission.
A counter example here might be Twitter and Facebook. You can export all your data just fine, but it’s useless anywhere else. Because the reason you’re on Twitter/Facebook is that everyone else is there. They own the distribution of your connections making the data itself useless without them.
True, you can export your Twitter data, but a competitor to Twitter cannot access the entire set of user data that Twitter has access to.
The real differentiator is that with Web3, the data is open, so providing an alternative is as simple as providing an alternative front-end.
What threatens the promise of Web3 are the issues that this article brings up, with decentralized projects not being able to iterate as quickly as centralized ones, leading to proprietary elements becoming the standard for some aspects of widely used Web3 technologies (like NFTs) and establishing a moat for the centralized platform that owns that element.
> but a competitor to Twitter cannot access the entire set of user data that Twitter has access to.
True, but they could make it very easy for users to transfer all their data, which makes it possible if they could convince everyone to do it mass. So the real problem is that it's not realistic to convince everyone to move; the network effect is too strong.
AFAICT, OpenSea et al have the same first mover/network advantage. The record on the chain of a url "belonging" to someone has approximately zero utility without the edifice they've built on top
How does this handle data schemas? Perhaps I’m thinking too much of an RDBMS schema but for Twitter for example. If decentra-Twitter stores my data in some schema (say a hard-coded “pinned tweet” column that only supports one) then is everyone else stuck with that forever? Or could they extend that to include, say, multiple pinned tweets?
I don't have the experience with smart contract development to have an informed opinion on this.
My guess would be that others could extend the protocol, but the challenge would be to get the extension widely adopted.
For example, ERC20 is the primary token transfer protocol on Ethereum, and there are various new token transfer protocols that are supersets of ERC20, and add useful new functionality, but they have not yet gained the widespread adoption to become useful the way vanilla ERC20 is.
You’re still relying on one central server though because of the fundamental problem OP laid out: the blockchain is designed for servers, not clients. There is no API inherent to any chain and thus one must be grafted over it by a web server. Things will tend toward one or two companies because those will be the ones who can afford to run such services and then they will have funding to create more features and better documentation and do dev evangelism and you know the rest. Just look what happened already once OpenSea removed his NFT.
While in theory you could change your RPC URL, in practice what difference would it make? At least IPFS offers some form of integrity checking through its generated hash. But there's no way to say, for example, that I karrot_kream at time T fetched a URL pointed to by NFT N with contents C. As demonstrated by Moxie's changing NFT and eventual deletion by OpenSea, who _knows_ what will happen to it? It's possible to at least build cryptographic attestations of fetching a particular NFT (and even maybe placing this attestation on-chain, to have some NFT "provenance" going on) but there's really not that much work going into it right now. That's the critique.
Changing your RPC url will make no difference because you’ll get the same result either way. Any service that lies about the state of the chain will quickly be jettisoned like so much carbon dioxide.
The bare minimum for a reputable NFT is to publish the contract source code and use immutable storage. That’s the first step of due diligence in the space.
All of this stuff is super fluid and non-standardized because it’s still super early and everyone’s trying to figure out how it ought to work.
OpenSea lied about the non-existence of the jpeg-swapping NFT he minted. They removed it from their API responses because they didn't like it. Do you think they're about to be jettisoned? Or will people largely not care because they actually like the centralised nature of OpenSea with its TOS and extra features and with no viable alternative that doesn't require running your own server?
Consider also "what's the point of an uncensorable block chain if the API servers can become untrustworthy and refuse to the serve the data?"
If OpeanSea can blackhole / cancel / hide a NFT on a whim, what does that say about the viability of hosting other services that access the blockchain through similar gateways?
Additionally, if such services can preform those actions, what does that suggest about the viability of financial instruments and company governance accessed through those or similar services?
Yes, this is FUD. I believe it is quite reasonable FUD.
That’s fair. I was talking about canonicalized chain state (hence RPC), not consensus about what constitutes spam.
I agree that OpenSea should not have final say in this regard, as clearly that is not decentralized. I would be interested to hear if anyone is trying solve this at scale.
> All of this stuff is super fluid and non-standardized because it’s still super early and everyone’s trying to figure out how it ought to work.
I understand this and I'm certainly sympathetic to it. Folks are also trying to figure out how to actually stuff art on-chain which I'm a fan of. I'm very familiar with the NFT standards because I was involved in some of the discussions with it. The amount of money this space is seeing though given how fluid representation in the space though, leads to Moxie's other critique, that this is being fed with a gold rush trying to find liquidity for hoarded crypto. I know that builders can't control what these speculators do but it certainly adds pressure for builders to either take the money or operate at a disadvantage to builders who do.
In regards to keeping the art on-chain, the immutability is a real problem. What happens when someone stuffs illegal data/images on the blockchain? Once a bad actor sneaks trade secrets, doxxing material, or CP onto the chain, it's there forever. By design, deleting data from the blockchain isn't possible.
Actually, this was his point exactly. OpenSea must start on a decentralized block chain (due to market forces) and must move to a more centralized (faster moving) protocol in order to remain relevant.
I think it's good to remember that bitcoin and ethereum were the very first cryptocurrencies. They are flawed, bitcoin in particular failed at everything it was idealized to be and will probably never improve. Ethereum seems to be moving forward at least. Slowly, but still.
Ethereum light clients will make it trivial to verify the state of the blockchain and interact with it without also having to store the entire blockchain.
The nice thing is that you can depend on Infura for now, but if they ever attempt to be dishonest, you can easily switch to hosting your own node or light client. The cost of moving away from these centralized services is pretty low.
I think this is “the point”. This is like saying you can switch away from GMail by running your own mail server. People don’t want to run their own mail server.
Will the ethereum light client run in metamask with no configuration? I’m afraid anything short of that is too heavy.
He's saying that configuring MetaMask to work with a light client is as easy as changing the RPC URL. The light client still needs to be installed/configured separately.
Ideally, as Moxie suggested, MetaMask itself integrates a light client into its wallet, so that it becomes the default configuration.
The idea of light clients is they will be bundled inside of apps/websites/extensions. So yes running a light client will be easy because it’s just happening in the background of the app, replacing the api hopping we do now with direct call/response to the chain.
So for metamask they would replace the calls to infura with a light client instead. Easy. They’re probably a year away from adoption, this year will accelerate development as it’s something lots of us want.
It's a step up from the "crypto isn't crypto" mantra that many used to repeat, refusing to even look at how it works. Not sure why it took something as silly as art NFTs, but it does seem that now even those who previously tried avoiding cryptocurrencies at all cost have at least started looking at them critically.
He does point out some real problems. Yes, all this has been discussed in the Ethereum community already and many in the community have voiced the same criticisms as well. But a lot of the issues are still unsolved for regular mainstream users, who rely on a lot of centralized services and are often herded into solutions that may bring more convenience but are also less secure. It's good we're having discussions about this, and the more people that point out flaws the better. After all the entire point of a blockchain is to be public and robust. If this is our future money or notary service, the more probing the better.
This is exactly the attitude that moves us forward. "Us" not being just those who happen to get in early on the solutions to the solvable problems, but hopefully including everyone who can get a benefit from using truly decentralized services.
For a non-tech regular user who just want to get some work done Internet Explorer was indeed the internet.
In India even to this day for a vast majority YouTube/FB/WA is all the internet is. It's not at all unusual for people to walk up to a mom-and-pop store to top-up their data plan asking them to "recharge my WhatsApp balance". Even carriers have specialised data packs that are tied to a specific product/service.
And to be fair this is just how it'll be with any product/tech. As an example, in India Xerox literally stands for photocopy https://imgur.com/a/66TnCog
> is tying web3 to several centralized front ends (Metamask/OpenSea).
You can't really lump both of those into the same bucket of "front-end". Metamask is a front-end, a user interface. OpenSea is more like middlewear that connects various front-end clients like Metamask to the backend database, and provides some additional functionality that's in any of the database's stored procedures or views. OpenSea also has its own front-end UI to its own service, but its core service is its API to the Ethereum database.
MetaMask is a wallet, its not ingrained into any blockchain, your free to use alternatives, and many protocols don't support it. The centralized aspect of a chrome app and marketplace like opensea is very well know issue and talked about a lot in crypto, the problem of course comes down to lack of education, which is apparent in this very post.
Can you point me to where this insightful discussion happens? And where can I educate myself? 99,99% of content and forums I find online about crypto only care about promoting coins, nfts or services basing only on futuristic visionary promises, hyping up the users and attempts at FOMO. It's almost literal spam. This is the first time I read something that just explains how thing works from a technical standpoint and what challenges are there.
Its almost entirely done on crypto twitter. You follow the builders and they talk about this stuff. Tweet threads are terrible but that is where the good information is.
Twitter is frustrating in that the good content is buried and if you follow the wrong people they just spam your feed.
Its a constant battle to keep the signal to noise ratio of your feed high and the right people to follow constantly changes.
I got into web3/crypto (hate both those terms) Twitter a few months ago and it took a very significant amount of time to find the signal among the noise if you will. Twitter’s algorithms heavily favor engagement which in turn favors “influencers” who lack a lot of technical knowledge and peddle hype. I can see why curious skeptics are so quickly turned off, but there really is a gold mine of good discussion out there.
@das_connor is an awesome follow. He works for Avalanche (which I believe will be a massive player in enterprise blockchain adoption).
I agree about Twatter being difficult. And it is time consuming.
Some projects have decent Discord channels. It depends on the devs and community there.
It is quite difficult because indeed everyone has a profit motive to shill. The only way I could get a good read on anything was by experimenting with the tech.
The Daily Thread on https://old.reddit.com/r/ethfinance has a number of folks who are in it for the the tech and generally some pretty good takes on protocol/ecosystem tech. It is better than any other crypto subreddit I've come across.
People are certainly free to use alternatives, but if they aren't spinning up their own nodes what will they be using, another centralized node service? Most people aren't going to run their own node and for good reason, its expensive and profitless. Sure a cryptographic/economic layer on top of Ethereum could incentivize people to run nodes and have users pay for decentralization, but at the end of the day people will use Infura or a competitor because it is cheaper, and when these companies control who gets transactions they also influence who can make blocks.
Ethereum is fundamentally flawed in this sense - it only pays for mining (and in the future, staking). The work of routing and storing data is done by the most prolific miners and businesses reliant on Ethereum to keep it from collapsing; there is no sustainable model where a decentralized cohort of nodes can run Ethereum without fundamentally changing how Ethereum pays for infrastructure.
This post really resonates with me, I've been building https://raremints.club as a way for indie, non technical artists to create NFT's, and have really had to wrestle with all things "web3" that would've been trivial in "web2".
But basically: I built an app that relied on mostly stable gas fees. A single app on polygon spiked the fees over 10x in the past few days, and so large swaths of it have to be rebuilt.
The promise of web3 was software that was not controlled by any centralized company. But it seems like any new project sharing a chain can effectively DDoS what you've built.
This is effectively an anti-network effect. Inevitably, you'd have to start centralizing part of your application to avoid gas fees altogether to hedge this risk.
It requires a change in mindset from “efficiency first” to “robust first”.
That’s a tough learning curve for trad web devs, the best web3 dev I know comes from aerospace engineering where resilience and redundancy are part of the process.
But ultimately succeeding in making something that can live in the sometimes hostile environment on chain means you make something that can last and is reliable. There can be awkward UX issues with that though.
Relying on stable gas fees won’t work because the network has to have a priority list when it’s busy, so those willing to pay more will be prioritised and you’ll be stuck. If you want to inherit the properties of the chain that are why you would build on it in the first place then you have to work to those constraints.
In conventional web wasn't the same war fought as 'net neutrality' ?
All packets are equal.
Pardon me if I am wrong, I don't understand web3 or crypto much but what you describe looks like a capitalist version of Internet where processing of every request depends on one's ability to pay. If this is the future, history has already taught us that it is bound to fail.
Wow. I was thinking about making a game and saving player state in a similar way to what caused the gas prices to spike for everyone. I'm floored by the ramifications. My stomach feels very queasy with OP's article, and now yours.
The author mentions that currently all NFTs are just URLs, but it is possible to store data directly in the blockchain, even if it would be prohibitively expensive.
An issue with general-purpose immutable storage is that it can be permanently polluted with illegal data. Everything from child pornography, instructions for making drugs or explosives, doxing/attack information, private keys for copy protection systems, etc...
It would be possible to make Ethereum or any similar blockchain illegal to the level of "penalty of death" in many countries by simply adding some horrendously blasphemous text content to it.
Even if bulk image or video data is too expensive to store, an option would be to simply use torrent "magnet:" links.
Bitcoin is just for financial transactions, so I doubt it would be vulnerable to this, but the more generic chains don't seem to have any way to protect themselves from this kind of attack.
Seriously, what would happen if a bunch of paedophiles started minting NFTs of their favourite child pornography and trading it? They would be "protected" by the inertia of the block chain. Governments eventually would have to step in and make it totally illegal, and then.. that's it. The value would instantly go to zero!
Alternatively, NFTs would have to be made revocable or erasable in some way, but that then totally defeats the purpose. That's the author's point -- his dynamically changing NFT was revoked in this manner.
I just don't see a way around this. Either you allow indelible illegal content, or allow forced revocation. Either way, the value of NFTs must go to zero.
> That's the author's point -- his dynamically changing NFT was revoked in this manner.
For me the much scarier weaponization is to change the linked content to be something illegal after you buy the NFT. How would you prove the illegal thing is not the thing you bought? (You will certainly not be treated as innocent until proven guilty if we're talking child pornography in the USA or democracy advocacy in China, etc etc.)
I don't think making them revocable defeats the purpose, it's having the registry of NFTs effectively being "OpenSea API" and not "blockchain" that's the problem. Having the NFT content itself be erasable is probably a good thing as long as there is some way of making a local copy. Sometimes we want the government to have the ability to stop the spread of information; but (subject to the risk of your possessing it) your "ownership" of content with a hashed URL is also going to apply to the download, assuming the hash is reproducible.
Bitcoin is 'vulnerable' to this. The most common use is to put financial transactions on Bitcoin, but you can put whatever binary data you want. Famously the genesis block[1] includes a newspaper headline to prove it was created after a specific day.
It's possible to place illegal content onto the Bitcoin blockchain.
So anyone running a mining node could potentially be prosecuted for distributing illegal content? That definitely seems like it will be a massive issue in the future.
If your only solution is clunky, then sure, maybe NFT's are worthless as a distributed asset, if you can even call most of them that at this point.
But you're solution is bad, that's why no one does it. A much better solution is to use a decentralized file hosting protocol and store your base NFT file on it. These protocols are free to prune illegal data should their government force them to, but are economically motivated not to. With enough redundancy, (and if you're NFT is so valuable you'll keep a local copy) this isn't a problem.
Without sounding negative, it basically says that sometimes its good to have centralisation because you have:
- Moderation
- Parties with skin in the game for protection
- Support
- Someone to reach-out to when things go wrong
And the second argument is that country can still censor (to an extent)
I wonder how this works out from a legal perspective. It seems like an NFT is a contract, that never expires, to host content at a URL. Can a buyer sue the seller if the seller shuts down the serving of that image? Otherwise an NFT is just a signed URL string.
I love the idea(ls) of cryptocurrencies and yet I hate "web3" because it's a misnomer that led to a series of misconstructions:
Web3 is futile because it attempts to rebuild the Web (1) on an abysmally resource-constrained global computer which (2) uses a bunch of protocols that makes it impossible interact with using web browsers thus requiring a series of intermediary parties whom participants have to rely on. It is not even the fact that I need to trust those intermediaries, I trust a bunch of Web 2 corporations for some of the most critical services anyway, but the fact that we end up where we have started except it is now more expensive and much slower.
It is easy to dismiss Web3 as such, but that would not be fruitful. Besides all financial incentives, I (would like to) believe that there is a group of people who are sincerely interested in a more decentralized web, or rather, a web that is decentralized in a fundamentally different way than Web 2 and Web 1 are and were. To make it more concrete, there is an interest in decoupling authoring and hosting of web services; Linux distributions have had mirrors all over the world for the efficient distribution of data years before BitTorrent, so the magic of BitTorrent was not just about its efficiency promises, but in bringing content-addressed data to masses and thus decoupling the authoring (torrent creating) and the hosting (seeding) of content. Instead of having to ask Debian's permission to set up a mirror, I could now simply seed its torrent. It thus mattered that this decoupling has been implemented not at a social level (mirrors) but at a protocol level (peers).
You may be familiar with the concept of cardinality in databases: one-to-one, one-to-many, many-to-many. Indeed, it can be just as useful to describe the access patterns to databases:
(A) A one-for-one database is where a single writer is storing data for themselves. In the world of decentralized apps (not necessarily crypto-ridden web3), a good example is draw.io (and Zero Data Apps[0] in general) which allows you to "bring your own storage". On desktop, you have Joplin[1] for note-keeping that can synchronize to various cloud services.
(B) A one-for-many database is where a single writer is distributing content to many. BitTorrent and IPFS are prime examples of this.
(C) On the other hand, a many-for-many database is one that multiple writers store data for multiple readers. A centralized example of this is Hacker News, Twitter, reddit, and so on... This is what web3 attempts to be. There are a couple application-level attempts[2] at this, but not as much at a lower level that can enable arbitrary many-for-many use cases except blockchains.
Sadly the critics of web3 do not acknowledge that there are legitimate use cases for decentralized many-to-many databases that would, for instance, allow members of Hacker News to be able to host it in the same way that they are able to seed an existing torrent, and there are currently no other application-agnostic solutions than blockchains. Sadly, again, the proponents of web3 do not realize that the consistency guarantees of a financial ledger are too unnecessarily strict for many use cases.
I am working on a many-for-many database with much lesser consistency guarantees using SQLite and based on CRDTs designed to be used in browsers from day one (hence, as an example, using P-256[3] for public key cryptography rather than Bitcoin's and Ethereum's secp256k1 as the former is readily available in WebCrypto). This is something I do in my spare time and 100% for experimentation and fun without any financial motives or elements; let me know if you are interested in collaborating or following, email in the bio.
This article seems like it neatly encapsulates and explains why I've subconsciously held off from jumping into the Web3 space.
It might be confirmation bias speaking, but I don't think I've seen anyone lampoon Web3 so thoroughly, and it's nice to have some well-reasoned explanations for why I feel the way I do.
EDIT: A further thought: this article is the first I've read on Web3 that feels like it's actually important and I'm looking forward to the discussion. Are there any real counterpoints to be made against his reasoning?
I kind of agree in some ways but i think he underplays the critical point that you have an option for voice and exit from the forming centralising forces (which do get established because people like convenience/reliability/familiarity) without sacrificing your data or belongings, you can leave without losses. That is a critical difference.
His nft is delisted from a platform and his wallet calls the api of that platform. That sucks, up till now we have "too bad you got delisted from this platform, all your content is gone". But that isn't the case here, his contract is still on chain, and will work with anyone who calls it. He can still get all the data, there are other wallets, you can run them in your terminal if you like, or you can set your metamask to use your own - or someone elses - node (instead of infura). There is a choice. There are things like TheGraph making distributed indexers/search engines and something like that will replace opensea as the main nft api (if they arent building it themselves).
Add to this the more recent developments of light clients, which are coming along great and which allow us to run in-app/in-browser direct connections to the chain for calls/transactions without needing infura or a third party node.
> Personally, I think enough money has been made at this point that there are enough faucets to keep it going, and this won’t just be a blip. If that’s the case, it seems worth thinking about how to avoid web3 being web2x2 (web2 but with even less privacy) with some urgency.
Absolutely agree. there are a lot of people in this space who have made enough money to spend the rest of their lives pursuing their interests in it, and they will. It isn't going away and we should engage with making it as good as we can. Will it be a big thing in ten years? who knows, I can say that everyday I interact with protocols, work and vote in daos- 4 years ago those things were in whitepapers as a possible idea, but now they are reality. What will we see in the next 5?
We can absolutely bring better privacy too. Layers like aztec are working on exactly that, and zero knowledge proofs and other forms of commitments (sismo) are exploring how to do that. I think a lot of people in the space follow the ideal of "privacy for the individual, transparency for the institutions". We will get there.
> We should accept the premise that people will not run their own servers by designing systems that can distribute trust without having to distribute infrastructure.
i sort of agree with this, we can accept that full nodes will be ran be organisations, businesses, and nerdy individuals who also have their own funkwhale instances and homelabs. those commited to the ideals -> same as home email servers or mastodon communities.
but we can also find ways to distribute infrastructure to bring resilience to those who dont think much about these things and just want to use an app. (again with things like light clients replacing api calls to third parties). so that we care for the non-committed users and make sure the points of fragility are lessened as much as we can.
I think a lot of his criticism is valid, but it also kinda falls flat on what is being built. It is a surface layer "i'll be a web3 dev for a day" overview and response. So it reads like if i followed a tutorial on neural nets in python then complained that my car still cant be driven by ai. Those of us in the space are well aware of all of this and it is all being worked on, but people unfamiliar read it as some kind of smackdown, which isn't helpful either.
I'd be much more interested in his thoughts on Whisper/Waku and messaging protocols, tradeoffs in validity/volition/optimistic rollups, distributed indexers, etc. He is smart enough and involved in similar things to just take that extra step to the dev forums and discussions and maybe give meaningful, helpful critique. I'm not sure what response he is expecting tbh?
The rest on gold rush and money i don't have much to say on, but mass speculation and desperation to make money is, imo, a symptom of the abusive system of work and finance that we are all forced into and everyone wants to escape. That didnt just appear with crypto/nfts. So sure, people are using something because they are making money and might not actually care about the details and the ethics - but we are also building a free(libre) opensource p2p programmable value network, and there are lots of people who also think that is amazing and worth indicating as different from the current stacks with the 'web3' tag.
> Even nerds do not want to run their own servers at this point. Even organizations building software full time do not want to run their own servers at this point.
I want this to be wrong.
Broadband providers make it very difficult to run your own server. Server construction is also in a very bad place as well, so this has spread from consumers to companies. There are just too many externalities from all of your vendors that are left to you to solve and that opens up space for a small number of companies who have people who work on those problems as a full time job, amortized out over X vendors and Y customers.
Until or unless that changes, a bunch of things I'd like to have happen won't happen. I should be able to pull files from my home computer when I'm stuck in an airport in Paris. That was the original promise, but we ended up with something else that has a lot of rent-seeking involved.
I think there are a few people working on the servers problem, probably nowhere near enough, but Broadband companies are also largely to blame for this. I'm not sure if Starlink or municipal broadband that is run like power and water, are ways out. But what we have isn't going to work, and consolidation is just going to get worse and worse until someone fixes it.
Groups like DappNode are doing good work here. You can buy a nuc from them with their os installed and then pick from a list of apps to install (owncloud/ eth nodes/ ipfs pinner/etc) and it handles the messyness of dyndns/openvpn/updates and all of that. Anyone can contribute docker packages with their markup for people to install new programs. I’m working on a funkwhale port so I can pull my music back locally and not digital ocean
> That sucks, up till now we have "too bad you got delisted from this platform, all your content is gone". But that isn't the case here, his contract is still on chain, and will work with anyone who calls it
Well, it is still "content on a platform", which is Ethereum. If another blockchain comes into existence and most people say that this new blockchain is the source of truth for digital ownership, your old NFTs are worthless, because nobody cares about old Ethereum.
The same is true for wallet apps. If 90 % of people use one specific thing (OpenSea) and think that only this thing is the source of truth, it simply doesn’t matter that your NFT is technically on the chain.
The sense of ownership and the value comes purely from where the attention is right now – and this being the internet, everything can change.
Compare this to the physical world. Here, the attention and trust is in your local laws. If this changes, you can lose ownership (government seizing properties).
The solution is actually to acknowledge that there is no ownership without society.
With Ethereum, people want to build another society, again based on trust/attention. That society has not much overlap to the physical world.
It is not much different than any group of people doing a thing together, like say, an open source project, a clan in EVE or whatever with the only difference that web3 enthusiasts think their hobby has some link to the real world.
Thanks for the detailed and comprehensive writeup. I think you make some very valid points that help to understand some of the context that he elides.
> everyday I interact with protocols, work and vote in daos- 4 years ago those things were in whitepapers as a possible idea, but now they are reality.
This is a pretty important point. He states that it's not really "early days", but if this is the kind of momentum we're talking about it feels like it is early days still. You don't see this kind of innovation in a stale field.
> I think a lot of his criticism is valid, but it also kinda falls flat on what is being built. It is a surface layer "i'll be a web3 dev for a day" overview and response. So it reads like if i followed a tutorial on neural nets in python then complained that my car still cant be driven by ai. Those of us in the space are well aware of all of this and it is all being worked on, but people unfamiliar read it as some kind of smackdown, which isn't helpful either.
This is the money quote for me. Just because there are issues currently doesn't mean that they won't ever get fixed.
My takeaway is that this subject is a lot more nuanced than his article is claiming, and although he's certainly right in a lot of his criticisms, that doesn't mean Web3 as a whole is doomed to failure.
It also does make me reconsider the movement as a whole. Sure, there are bound to be golddiggers, but that doesn't immediately render the whole concept invalid.
The views on centralized services such as Infura really resonate with me. A few months ago I looked into how Ethereum and smart contracts work and got excited that there is basically this shared "virtual machine" with persistent, public state that can only be altered by interacting with those smart contracts.
But soon after it became clear that it is not really possible for me (or any regular "client" as the article calls it) to look at the state of the virtual machine and evaluate view functions myself. The block chain is so large already that we need to rely on big servers which are operated by other people to do this.
You can do this locally though, it just takes like 200 GB. I've run an Ethereum full node + eth2 beacon chain node on my Macbook Pro for local development, took like 10 hours to sync IIRC and just worked afterwards. I still use Infura for projects though bc I don't really see the value in running my own hosted client for pet projects. If I was doing a production app I'd likely use my own w/ a 3rd party service for backup/HA.
Ethereum has plans for state expiry, so that to maintain a verified copy of the blockchain you won't be expected to maintain a growing list of state transitions since genesis anymore.
A sister initiative, weak statelessness, means that you will be able to verify the validity of the chain without needing to store state at all.
But that's just it.. One would have to stand up a server that hosted the 200gb, so their Iphone users could consume the data. Or they'd go through a central server.
Yeah that’s fair enough, and it’s changing so fast. I imagine alot of the current problems will be fixed over time… it’ll get there eventually. There are some good educational resources cropping up now e.g. Web3 University and rabbithole.gg
Running nodes is pretty easy with setups like DappNode. Full eth nodes arent that big, i synced a new one in a couple of days last week onto an old ssd.
Most heavy contract data is stored offchain on ipfs, so you can just pin the stuff you are interested in.
Where i would agree is indexing/searching lots of data is a pain. You cant just give an address and get a list of tokens associated with it, you have to call every token and get its balance. It makes sense, but its annoying, and is why opensea api is so popular for nfts. But i have hope with services like TheGraph growing that search and index also has distributed and resilient design and we become less dependant on one endpoint api.
He's focused on Ethereum and NFTs, which is certainly the most popular/obvious place to research. I think his analysis is excellent and the article is worth reading.
But he does say:
> I have only dipped my toe in the waters of web3
Notably he doesn't even mention IPFS (which uses the pre-image of an JPG to form the URL.) Nor does he mention Bitcoin (which provides a shared state layer as well as a currency and makes it much easier to run a full node than Ethereum, which by most measures makes the network more decentralized.)
I prefer to use the term "Decentralized Web" or "Decentralized Internet" and I agree with Moxie that it will take a long time.
I think Ethereum is fascinating and an amazing innovation and (who knows) maybe eventually the off-chain pieces of its ecosystem will become more decentralized.
While I agree that he only touched on NFTs and not really anything beyond that, his core point, "decentralized architecture is slower to iterate on, therefore centralized tools will outpace decentralized ones, therefore the market will trend towards use of centralized services" is hard to disagree with. He is only using the NFT market as an example to demonstrate this point.
Even if you don't consider it natural market forces, and you say "people are building their infrastructure on centralized services so as to place themselves in a rent seeking position", you now wind up having to explain how you intend to stop these "bad actors" from not doing the "right thing" and designing their infrastructure against their own interest. How do you align incentives to ensure a decentralized future in this way? Seems like a glaring hole in the entire plan that results in centralized services being in wider use, only bolting on top of a decentralized database that in the end doesn't really matter.
I'm a big fan of cryptocurrency and these decentralized incentive networks. I'd love to see a future where everyone doesn't rely on these centralized services and the UX is low friction. I think it can be done. I like to know that I can use decentralized uncensorable money, and other asset types, and I like the fact that these options are available today, right now, to me and anyone else who values them. But the web3 concept as it's sold by the cryptocurrency enthusiasts doesn't appear to be going that direction, and at this point I think moxie is probably right.
> "decentralized architecture is slower to iterate on, therefore centralized tools will outpace decentralized ones, therefore the market will trend towards use of centralized services"
This is a good point and something I find very concerning. But remember, the Internet itself is a decentralized tool and it eventually triumphed over the centralized ones. Even with Google, Apple, Amazon, etc. we're still more decentralized than if everyone were still on CompuServe or AOL.
> He is only using the NFT market as an example to demonstrate this point
I don't think so, he pretty clearly issues a disclaimer about the limits of his knowledge. He's extrapolating (with an admittedly insightful proposition) from a limited amount of knowledge and is being honest about that.
> How do you align incentives to ensure a decentralized future in this way?
That's a very good question. Many smart people are working on answers to it. I like to think I'm one of them.
> Seems like a glaring hole in the entire plan
There is no plan -- and ultimately that's a good thing.
> results in centralized services being in wider use
Actually, I fear the result will more likely be failure for these centralized services that results in a backlash that delays the decentralized ones from emerging.
> I'm a big fan of cryptocurrency and these decentralized incentive networks.
Me, too. Obviously.
> UX is low friction
That is an incredibly important point.
> web3 concept as it's sold by the cryptocurrency enthusiasts doesn't appear to be going that direction, and at this point I think moxie is probably right.
*Some* cryptocurrency enthusiasts, but yeah it's a problem and unfortunately Moxie is mostly right.
Is IPFS really web3? IPFS is a slight upgrade to bitorrent, and p2p tech was popularized by Napster over 20 years ago. It's been a part of the internet longer than "web2"
IPFS isn't even really an upgrade in many regards, at this current point in time. Auto-replication of data, tracking, some NAT stuff, DHT quality still have a bunch of gaps. Actually, browsing around with IPFS feels like being on dial up with a ton of the standard examples being super bandwidth limited.
Indeed, it's the point of the article: Web 2.0 was already supposed to be this decentralized nirvana with blogs and peer to peer software like IPFS. And look what ended up dominating !
Some day these new centralized "web3" services will just remove (or very severely restrict) their APIs, just like Twitter and Facebook did. (Hopefully the effect will not be as dramatic on the companies using them...)
This is a truly excellent criticism of the state of "crypto" and "web3". As someone who thinks these technologies are interesting, i'm glad someone finally wrote a decent, sincere critique that covered a lot of the very real issues with it.
I think i'd break this piece down into two categories: The first is critiques of current implementations, and the second is critiques of the structural incentives of the technology. I think it's important to separate those things somewhat.
The privacy, security and centralization of Infura/Alchemy are real and important issues, and to a limited extent, derive from the fundamental incentives of the ecosystem. However, what I think critically differentiates "web3" from "web2" is that those platforms are commoditized. Infura and Alchemy are providers of a service that is fundamentally a commodity, they have very little market power. Contrast to comparable web2 platforms like Facebook or Google, who have tremendous market power over consumers who's data they've warehoused. I think this is a really important structural difference between the two. That in no way takes away from the seriousness of the critique of Infura/Alchemy and how they're used, but I think it does somewhat limit the importance of that failure. Anyone can build a new, better gateway platform, and users can switch to it without having to ask anyone's permission to export their data. That's a really big deal.
The more structural critique I think relates to the issue of iteration speed, and the tendency that slow, bureaucratic development processes have to push the technological frontier outside their own scope. I think that's a real, structural problem that any decentralized system has, and its fitting that Moxie should point it out, given that he's famously (and correctly, in my view) resisted exactly these sorts of things for exactly these reasons in Signal (e.g. federation) since forever. I think this critique is the most important and serious critique of the crypto space in general, and if anything is going to bring it down, this is it. This problem remains largely unsolved at this point, but whether or not it can be solved is going to hinge on the quality of the group coordination mechanisms people are able to devise. I'm personally optimistic that these things can get figured out, but they are very hard problems.
An important thing to note here though is that a lot of things actually work just fine with this kind of bureaucratic/slow iteration process. Consider core web protocols like HTTP, SMTP, or even something like x86. These things tend to be "low in the stack", but that is exactly what the underlying crypto infrastructure wants to be as well. The more general your platform, the less quick iteration you require. Whether or not crypto platform are able to deliver something like this remains to be seen, but it is a thing that does happen and works ok in many areas today.
> “It’s early days still” is the most common refrain I see from people in the web3 space when discussing matters like these. In some ways, cryptocurrency’s failure to scale beyond relatively nascent engineering is what makes it possible to consider the days “early,” since objectively it has already been a decade or more.
I'd also like to point out that most prior "generations" of the web took at least a decade to come to fruition. It's easy to forget how long things take to mature, but the fact that crypto doesn't have everything figured out after 10 years is not all that surprising:
And this is only going back to the early 90s. Obviously various proto "webs" existed long before then. Very structurally different technologies can take quite a while to sort themselves out, and find their niche.
Really liked this post - brings up some great points, and I consider Moxie a friend.
Here are a few notes that came to mind though...
1. For NFTs, some keep their data in IPFS (decentralized file storage) or in the smart contract itself for procedurally generated images. We (as a community) should probably move more to solutions like this over time, since it is indeed more decentralized to build them that way.
2. I agree with the overall point that clients don't behave like full nodes. However, there has been quite a bit of discussion about "light clients" in the crypto community even going back to the early days of Bitcoin/Ethereum, so i wouldn't say it hasn't been an area of focus.
3. I agree there is an overall move toward using platforms. But there is a big difference between using a platform that also owns all the data also (web2) and a platform that is merely a proxy to decentralized data (web3). In the latter, if a platform ever turns evil, people will switch. Not owning the data counts for a lot.
4. There are more options than Infura and Alchemy. Access to simple blockchain data will be relatively commoditized. Which is good for decentralization.
As Moxie points out, it's still difficult to build things in a decentralized way (nascent tools), so you are seeing various apps/companies revert to using more centralized web2 techniques when they run into a hairy technical problem. As a result, there are a lot of "hybrid" web2/web3 apps during this phase of web3 development. That doesn't mean the overall trend is bad though. I think it's great that more and more web3/decentralized technologies are being developed.
I don't think crypto is anywhere near this end stage though. We are still seeing a lot of new technology and players enter the space. It's not "already centralized" as much as it is "still using some web2 components".
These points aside, the post is great and I basically agree with the overall premise.
1) The addressing side of IPFS could probably actually be standardized to be as ubiquitous as URLs or email addresses. DNS style stuff is honestly a reasonably good blockchain fit. The storage and server side of it still has a ton of gaps, where lessons learned from torrents are being somewhat inefficiently rediscovered.
4) It sounds like the data available already from those two isn't that simple and is likely to only become more complex over time.
Heck, web2 is still using a ton of web1 components. What are the forces to push some dapp to be fully decentralized e2e?
I think it really is light client development that will make a big change to being decentralised e2e. Being able to talk with the chain directly from an app or webpage without needing to make api requests to a node (be it local or infura/alchemy). If we can get light clients for indexing/search networks too that would be the dream.
> People don’t want to run their own servers, and never will
That's one believably accurate summary. But here's another: rather than focus on trying to make it easy, cheap and simple for everyone to run their own servers, the tech world spent 1996-today instead focused on offering to take care of this for everybody else, for a price.
Everybody concluded in the late 90s that the "nobody wants to run their own servers" claim was self-evidently true, and so all the tech development went into extending server capabilities, extending browser capabilities, building hosting services and infrastructure, and almost no effort went into making running a web server as easy as, oh, I don't know, running Excel.
Imagine a version of things where the server was almost a toy-like appliance. Hard to do? Yeah, I know, it's hard. But then again, in 1996 browsers with Web USB, Web Workers, Web Assembly and the like would have seemed impossibly hard and yet here we are.
We don't have it because we chose not to build it.
The personal server space is littered with failed startups.
Not because it's difficult to make turnkey personal servers. Embedded Linux hardware is unbelievably cheap.
They fail because they don't bring any benefit against real-world threats, but they come with significant downside risks.
If your house floods or your home server is burgled, your data is just gone. So your home server ends up backed up to the cloud anyway, and now you're maintaining a home server and a cloud server when you could have just used the cloud service for everything without the headache.
> Not because it's difficult to make turnkey personal servers.
It's crazy hard to make turnkey personal servers that will be usable by ordinary people.
> They fail because they don't bring any benefit against real-world threats,
For a vocal contingent online, real-world threats involve lack of control over hosting, over their data, over encryption. Your own servers would address (at least partially) all these problems, but of course, these are not problems that most people in the world using walled gardens even consider to be problems.
> So your home server ends up backed up to the cloud anyway, and now you're maintaining a home server and a cloud server
Utilizing an online/network backup service as part of running your own server is qualitatively different from running a server in the cloud.
> For a vocal contingent online, real-world threats involve lack of control over hosting, over their data, over encryption. Your own servers would address (at least partially) all these problems, but of course, these are not problems that most people in the world using walled gardens even consider to be problems.
Vocal? Yes, but my no means the majority.
I'm in tech running my own software company and I don't even want to upkeep centrally maintained hardware like my PlayStation. It's just a pain (often enough) and for the non-tech people in my life it's just barely tolerable.
Apple TV is the best, but it still has really problems that pop up now and then.
FreeNAS has ~1M deployments and the recent migration of upstream ZFS development to Linux will continue to increase the availability of ZFS-based storage.
> Imagine a version of things where the server was almost a toy-like appliance.
The odroid seems to be at best only the h/w side of the sort of thing I was suggesting/imagining. It's a funky little box, and that's great, but what about the software? "Mom, nginx is gunked up again, do you want me to restart it or just reboot the server?" "Sam, did you put my new portfolio pictures on the site yet? Sorry Jan, ran into some size and format problems and am still working on it". Etc. etc.
For those who have more money than time, Synology NAS devices include mobile apps for common use cases, e.g. photo sharing. There's apparently an open-source clone called XPenology. For simple photo backup, Photosync works on all major desktop/mobile operating systems and can sync to a wide range of local or cloud storage.
After 2 decades and billions of investment in web services, it's not realistic to expect a generic "home server" to serve all possible use cases. Those that work best are usually based on an open protocol (e.g. WebDAV, SSH/SCP, SMB).
> did you put my new portfolio pictures on the site yet?
As an example, the UX for client-side workflow for blog publishing (WordPress, Jekyll, Hugo) is likely independent of the infrastructure for blog hosting (VPS, self-hosted, WordPress.com, GitHub Pages, etc.
> After 2 decades and billions of investment in web services, it's not realistic to expect a generic "home server" to serve all possible use cases. Those that work best are usually based on an open protocol (e.g. WebDAV, SSH/SCP, SMB).
Surely HTTP is the common, open protocol here? Other than email, at least. Is anyone using SMB-from-the-cloud for network file systems? Are they serious? :)
The most widely deployed "home server", FreeNAS, is historically based on NAS/LAN protocols. Most home users want to share file storage across multiple devices, which historically has been SMB/NFS/DLNA. Over time, NAS devices have added cloud/WAN protocols, like WebDAV, S3, etc.
The most expensive aspect of server software development is data integrity/availability, e.g. ZFS or other high-integrity filesystem. Services atop the storage layer are usually built by different teams, often from different eras.
"home server" here was intended to mean "network-facing http and maybe smtp server", not "server for domestic duties". Sorry if that wasn't more clear.
of course, no reason why the same box couldn't do both.
I was a webmaster back in the days when one could debate cern vs ncsa and which provided a better server and for a while, I ran my own web servers at home on some static IPs from Speakeasy...
The issue is that the complexity of the modern systems have gone beyond what one person can keep in their head and maintain. This is doubly true when one considers the amount of time investment to keep on top of patches and CVEs.
The simple servers are still there. Grab a web server and put static files for it to be served - but people don't want that. They want a fully functional web application with persisted data with a maximum outage window less than the duration of a good night's sleep.
Those things aren't easy. Keeping a few servers up and running and the databases behind them backed up and the servers load balanced with failover so that if one of them goes down you don't need to wake up at 2am to fix it.
Making a Raspberry Pi web server in a box wouldn't be too hard. Put it on your home network. Open up your device on the home network (note: if the home network isn't to be opened up, advanced network configuration to establish a dmz or putting the device external to the internal network is needed) to the world.
And then you've got to find some way to keep that device patched and the ISP not unhappy with the traffic you're getting when your home blog page shows up on HN.
For me, even imagining the work that I'd need to do to my home network to set up that... I can't see it making sense anymore to get what I could get by creating a GitHub pages site and doing it there - and then I don't have to worry about all the other parts of my home network.
While I can't find my copy of it now, I have a memory of reading a quote from Ansel Adams about the darkroom and that it was a necessity for photography - but he'd rather be out there taking photographs than in the room making the print.
So too, I would rather be writing a program or writing a blog post than dealing with maintaining the infrastructure that maintains that. There are too many concerns and too many things where I know that I don't have deep enough knowledge anymore to keep a modern web server in my home network secure when facing the world.
Consider all the people on HN who are skeptical of having an Amazon echo, Google Home, or Apple HomePod because they're concerned about a small appliance from a company on their network is possibly listening with an open microphone but only communicates to one Big Tech server... imagine a device on the network that is accepting all incoming traffic and talking to anyone who listens.
Spin up that server as an instance on AWS instead and then the worst that will happen is you'll rack up a large bill when it's compromised and someone runs a crypto miner on it.
> The issue is that the complexity of the modern systems have gone beyond what one person can keep in their head and maintain. This is doubly true when one considers the amount of time investment to keep on top of patches and CVEs.
I dislike that this myth keeps getting thrown around. I’m not the brighest person around but the state of my self hosted applications, be it config, patch level, etc is probably the easiest part of running them. Configs aren’t archaic like they used to be, OS patches itself when setup, and everything just works. I somehow manage to run this, with a busy work schedule, a busy home life and a 2 year old who just wants my attention all the time.
Hosting and keeping home intranet things up and running isn't too much of an issue.
Hosting and running a 3rd party instagram clone on my home intranet that is available to the outside world isn't something that I'd be comfortable doing.
On the other hand, the bluehost Wordpress instance keeps itself nicely updated. I'm ok with that. Likewise, the GitHub pages site is out there and I don't even have to slightly think about that one.
The difference between the home intranet and home hosted intranet available services is a significant distinction for me.
I wouldn't be comfortable running home hosted intranet available solutions for anything. Nor would I want my parents or siblings to be running such.
I shudder to consider how many home networks were compromised with Minecraft systems last month... and how many are still vulnerable.
While you and I may be practicing safe and reasonable network policies and staying up to date with vulnerabilities for services running on our systems - that level of technical understanding and responsibility isn't something that is commonly found in the general populace.
I would be hesitant to suggest that people should be hosting their own services on their own networks and without a managed solution.
> I was a webmaster back in the days when one could debate cern vs ncsa and which provided a better server and for a while, I ran my own web servers at home on some static IPs from Speakeasy...
I fired up my first httpd when the current chair of UWashington CS&E was pissed off about a NYT article on how physicists were building this new-fangled computer network thing. So we have that in common ....
> The simple servers are still there. Grab a web server and put static files for it to be served - but people don't want that. They want a fully functional web application with persisted data with a maximum outage window less than the duration of a good night's sleep.
That's actually what most people who've ended up posting pictures on Instagram and blogging on Wordpress want. They need something one or maybe two steps up from a static site. Essentially, something like Squarespace but self-hosted.
> And then you've got to find some way to keep that device patched
Most linux distros can do a perfectly reasonable job of this already.
> For me, even imagining the work that I'd need to do to my home network to set up that
That reflects the incredibly limited work that has gone into making self-run servers easy, stable and correct over the last 25+ years.
> a quote from Ansel Adams about the darkroom and that it was a necessity for photography - but he'd rather be out there taking photographs than in the room making the print.
The difference is that we've have the capability to change the analogy stand-in for the dark room so that you have to spend almost no time on it at all. We haven't done it, because we took the path towards server-hosting companies and left the software to be as technical and fussy as almost anything out there. Adams would likely have been entirely fine with spending 15-30 mins a month in his darkroom.
> imagine a device on the network that is accepting all incoming traffic and talking to anyone who listens.
What web server does this? If such a machine was the only solution, then I'd agree with you - this would be a catastrophic issue. But we really don't use such systems anywhere and certainly would not do so for a toy-level home appliance.
> Spin up that server as an instance on AWS instead and then the worst that will happen is you'll rack up a large bill when it's compromised and someone runs a crypto miner on it.
This is a really good and well=researched article. I think it highlights a lot of current problems with the existing web3 ecosystem. A few thoughts after reading it:
- For NFTs in particular, I agree that the ecosystem is way too centered around OpenSea. But things also seem to be generally moving in the right direction here too. I've seen a lot of new exchanges pop up recently, some of which put more of an emphasis on decentralization (such as zora [1]). There are also some new standards on the royalty front [2]. Exchanges may or may not pay attention to it, but it's at least a start.
- The ecosystem's current centralization around Infura and Alchemy is also concerning. But as with the other issues, I think there's a definite path towards improvement. In the meantime, choosing an Ethereum node service feels kind of like choosing an ISP. But at least I'm not bound to a single service by physical architecture.
- In the absence of any improvements to Ethereum's scalability, I don't think it has much of a future. Sure, you can do some interesting things on it today, but high gas prices and low tx throughput make it impractical for many applications and most internet users. That said, there seems to be a lot of resources being thrown at various scalability solutions. Whether or not we see them in the near future is one story, but there's at least a viable roadmap, which makes me optimistic. And I think a lot of the centralization issues are a direct result of the scalability issues. So as the latter improves, I'd expect the former to improve as well.
- I disagree with the analysis that OpenSea would be much better as a centralized service. Part of what makes it valuable is that it can (fairly easily, but no seamlessly) integrate with other software (contracts) deployed to a global public network. I'd imagine it would be very difficult for OpenSea to get off the ground if they had to build their own general purpose contract VM that thousands of people would be willing to build on top of. On top of that, it would be a lot harder to tell a convincing story about what happens to peoples NFTs if they go out of business. However, if scalability doesn't improve, I agree that OpenSea and Coinbase will likely move in an increasingly centralized direction until most of the web3 components are stripped out.
- I definitely agree that people (myself included) don't want to run their own servers, but I wonder if Ethereum's Proof of Stake will change things. Supposedly I can run a validator on a raspberry pi. So if there's enough of a financial incentive to keep one running, I may do so.
> We’d all have our own web server with our own web site, our own mail server for our own email, our own finger sever for our own status messages, our own chargen server for our own character generation. However – and I don’t think this can be emphasized enough – that is not what people want. People do not want to run their own servers.
I must be stuck in the past.
It's true. No one wants to run an arcane, buggy, insecure, wonky POS that needs constant patching. This is really a failure of software and shoving all that up a level into the cloud is not fixing anything. At least with your own hardware you can nuke it and start over from scratch. With your own hardware (and disks), you at least know where your data resides.
We live in a time where you can get a 4 TB NAS for essentially nothing. You can drop a 8 core, 32GB RAM server on top of that for less than $1k. I don't know what other people's scaling needs are--who knows, maybe they need to serve 100 PB?--but it's a mind blowing amount of computation. Most people can probably serve their silly websites off that. If you can't handle your own email load on a server like that, I honestly have no idea what you're up to.
I kind of do want to run my own ones of those things...but I know (with today's software) I'd hate it. Because even after all these years, it kind of terrifies me, the metric shitton of stuff I have had no clue how to do, and I know is way over complicated...because everything is way overcomplicated.
I run a homelab, and also run a shared server for a few folks.
The hardware is easy. The software can be easy (if you let it). The things that are tricky:
1. Getting different software to all play nicely from the users perspective. I can't even give my users SSO because most software doesn't accept reverse proxy authentication!
2. The gap in average computer skills. Some of my users are engineers, most of them are not. My average user needs help with password resets, remembering URLs and very basic tasks. "Upload a file" is a _difficult_ task for the average user.
3. Feature requests and keeping maintenance reasonable. A lot of my technical users will ask me for feature after feature.. but not put in any time or effort to set things up or maintain. I'm one person and I set a hard cap of how much maintenance I'll do in a week, and that is a big limiter of stuff.
I have toyed with just charging my users a bit per month and hiring someone as a basic tech, and honestly more of my users would rather pay a monthly fee than actually work on the servers themselves.
> 1. Getting different software to all play nicely from the users perspective. I can't even give my users SSO because most software doesn't accept reverse proxy authentication!
It sounds like you're referring to something specific here but I'm not understanding. What kind of software doesn't play well with SSO? And what is reverse proxy authentication? Do you mean give users SSO as in give them an account on an SSO system like Google/Okta/LDAP or do you mean use SSO as authentication for a web app you're running? Even if in the latter case I still don't understand what you mean by reverse proxy authentication or what that has to do with SSO. (I've set up SSO on my apps before and I've run SSO auth servers.)
SSO is short for single sign on. It means users have only a single login across all the parts of the system. That can be something like "Login with Google" or it can be they just have a single local user account that works everywhere.
A really efficient way to make SSO work is to allow a reverse proxy to do all the work. A reverse proxy is a webserver (such as nginx or traefik) which receives all incoming requests and then hands them off to the correct bit of software, such as Plex or Heimdall.
Reverse proxies do lots of things but they help glue different pieces of software together. It allows you to have "http://plex.example.com" and "http://heimdall.example.com" on the same server as a for instance.
You can also have the reverse proxy handle authentication. Users get redirected to sign in if they don't have the right cookie and when the proxy forwards their request it includes headers that give the username, email, etc to the underlying software.
This way instead of both Plex and Heimdall having to support a bunch of different sign in options, user management, password resets, etc all that is done by the reverse proxy. Your software just has to trust the reverse proxy and get it's data from the headers.
This smells like the classic "you can build your own Dropbox easily" comment. Just because it's technologically feasible doesn't mean people want to do so.
Yes. Just because it's possible doesn't mean it's easy.
I'd love to see appliance-level servers become standard, but you'd need Google or Apple to throw their weight behind such a thing to make it usable, since decades of server software/hardware development has failed to produce things that require less-than-professional-level users.
I'd love to buy an off-the-shelf box for my network, have it act as a back-end for all my Google cloud-based apps and email and serve my blog and my photos and automatically encrypt and back it all up to a cloud storage system. But none of the big players are interested in that kind of thing, and the small players can't create replacements for the entire Google or Apple or Microsoft server/client architecture.
Note, I didn't claim that. I'd love to put a box in my house next to the cable modem that did all that stuff in a manageable, understandable way, that wasn't some underhanded subscription service that is going to try to squeeze me in the future or whoops my data amongst its constant, silent upgrading itself. But alas, no such box exists, and the software components that would go in that box seem to need constant babysitting and arcane configuration. Worse, it seems like all those overcomplicated things keep having critically bad security vulnerabilities and I'm just wondering what the actual fuck is wrong with having a damn thing on my computer that receives my email and serves a webpage.
I don't want to maintain my own mail server, but I definitely want to run my own server.
The irony is that modern internet infrastructure makes decentralisation _more_ feasible, but software lags behind. Why can't I buy some device for 200€ or so where I store all my data and I receive email? (with the cloud being used only for optional encrypted backups). One can even imagine a decentralised social network running in these devices, with my friends getting updates by polling it periodically (or my device sending updates to their devices). The device would be powered 24h/365d, and if it breaks you just replace it. When I'm out of home, my phone apps would just query the device to get new mail and updates.
We shouldn't really _need_ the cloud for many things yet we use it for everything.
You can't receive email this way because your spam filter wouldn't work; Gmail's works because they can see what's being sent to multiple people at once.
You can't send email (reliably) locally because other email servers don't trust you like they do Gmail.
You’re going to run into a problem right off the bat: Your home network is likely behind a NAT and has an IP assigned by your ISP that can change at any time. You’ll need to tunnel through a server in the cloud somewhere (or use a tool like ngrok that tunnels through a server in the cloud). And now that proxy server is “really” the server, because if the business providing the tunnel decides you’re using too much of their bandwidth, they can throttle you, and if you don’t want to get throttled you’ll likely need to pay by the GB/month for a premium tunneling service. You could make your own tunneling service with an EC2 instance, but it’s the same difference: You’re paying AWS, and the EC2 server is now your “real” server.
As far as I can tell (and I’ve looked pretty hard) there’s no good way to run a website from your house without tunneling unless you have a very unusual house or a very unusual ISP.
Just looked it up, this looks like a tool to let you and your friends create a “private internet” using a VPN. Which is cool (I could see a bunch of uses for this, like SSHing into my home computer while I’m on the go), but I’m talking about the ability to expose a device on your home network to the public internet.
Yeah, but the public proxy is exactly the thing I’m trying to avoid. If we’re talking about hosting a static site like your personal portfolio, then once you put a proxy in front of it, you might as well just host the site where you’re hosting the proxy. My complaint is that there’s no way to host a website from home without either paying for a cloud VM to proxy traffic or paying a company who uses a cloud VM to proxy traffic.
I think they key is: despite regular people not wanting to RUN their own server, they do want to CONTROL their own server. Current incumbents treat your data like tier asset, not like custody.
This is because you pay nothing. The beginning of regular people having empowerment begins by paying some fee to own the product.
None of the regular people I'm familiar care about their data at all. If you use any of the popular social media apps (Twitter, TikTok, FB/Instagram, Snapchat), then you can't really claim that you care about your data, and most of the people I know use those apps on a weekly if not daily basis.
> If you use any of the popular social media apps (Twitter, TikTok, FB/Instagram, Snapchat), then you can't really claim that you care about your data
That's not true. I don't use any of those, and I understand the huge toll it has on my ability to participate in stuff. Many conversations happen only on Twitter or Facebook, so it's perfectly possible to "care about your data" and still, as a necessary compromise, use those services.
His point is that a majority of people don't want to bother with the cognitive overload of running a server. Just like you could build your own car, very few want to. Often they don't even care what kind of car they have. As long as it can get them from home to work and back again without killing them.
Yeah and I think the point here is that the cognitive overload is unnecessary.
Most people don't want to build their own car but most people would rather own their own car instead of rent one every time they need to go somewhere. In the server world, the options are to build or rent, there's no real option to just buy one that works already. Even having to set your rear view mirrors and seat position is worthwhile, even having to check tire pressure periodically is worthwhile, to continue the car analogy. If we could buy a box that we plug into the wall, and have simple minimal maintenance and setup UX, like a car, or even like a desktop or mobile device, is not impossible. But it doesn't really exist.
I mean, I get that. I have a mailbox on my house. Letters come to it. I don't think about it too much. Bits come to my house all the time but somehow those trillions of computations keep flubbing this basic functionality.
Are you talking about physical On-prem systems or just buying a basic ec2 type server and renting some storage space? Because wouldn't the first one require a specific business line to an ISP for networking, which would require an office space and other associated costs? Or are you referring to renting a vanilla server and rolling everything yourself vs using some automated deployment and build pack system?
I just did a speed test and got 175mbs up. That is ridiculously fast and i don't have an out of the ordinary home internet connection. Entire data centers use to run on internet connections slower than that.
A mac mini, ups, and that connection is plenty to run any kind of server for personal/family use.
U didnt answer my question at all. Also running a public facing server for any commercial out of your house is not recommended and may not even be allowed by your ISP
This is the first enlightening article I have read about Web3. Maybe that says more about how little I have read than about how good the article is.
Anyway, Moxie seems very focused on the decentralization aspect - that Web3 doesn’t decentralize as much as we would like.
An alternative aspect is the “global ledger of ownership and transferrence” though. Yes, interacting with blockchains is hard so it is some through APIs… but there does still seem to be something important about the idea that my ownership of something on a blockchain is permanent, and exists outside of any corporate notion of ownership, in a deep mathematical way. That’s fundamentally appealing!
But is it appealing enough to overcome market forces? I think Moxie is right to spend a lot of time on the “nobody wants to run servers” thing because it shows that most users are powerfully motivated by convenience; if the mathematically-beautiful blockchain ownership records remain inconvenient then they are likely to be a niche attraction (like running your own mail server).
The "a website for buying and selling JPEGS with your debit card" part simultaneously made me realise how ridiculous NFTs are and, nevertheless, how popular they are, and how that popularity fuels the value of bitcoin. Essentially paper money gets its value because you need it to pay taxes; that is, there is a demand. Bitcoin gets it value because you can do interesting and popular things with it; that is, there is a demand. As long as there are interesting and popular things to do with bitcoin, that attracts outside money, bitcoin will keep gaining in value. Obvious, I guess, but that helped it hit home.
You're confusing Bitcoin and Ethereum. Ethereum is the platform that supports smart contracts. Bitcoins intent is to be a simple ossified protocol used as a store of value, akin to digital gold.
> A purely peer-to-peer version of electronic cash would allow online
payments to be sent directly from one party to another without going through a
financial institution.
That's Bitcoin's intent as the first sentence of the original whitepaper. The intent is on transactions. In practice, it's an ossified store of value now.
Of course, it's not that because you can't actually store value. Saving money works as a temporary defection from everyone else trading it; the trading is what maintains the value.
Thin clients that verify transactions are possible though. For something like Bitcoin you have SPV-proofs that prove chains of headers. You can prove that a transaction was included in the longest chain without having to run a node yourself just by checking proof-of-work merkle trees; Even if the vast majority of users end up running clients that don't verify the whole chain -- cryptographic trust would still be ensured by checking headers. This requires no centralization.
Satoshi wrote about this architecture early on in scaling the blockchain. Ethereum also allows light clients and I think it even has checkpoints that make downloading headers faster. Cryptographic protocols that verify smart contract results could be included in Metamask. I feel like not mentioning this in the essay shows a lack of familiarity with the literature even if he was extremely opened minded (enough to create dapps himself.)
He did make valid observations about third-party trust: OpenSeas and Infura. But in both cases: these protocols can be implemented without centralized architecture. A decentralized alternative to Infura (that provides reliable results to users and easy-to-check attestations) is possible to build. One should also note that in blockchain land the lack of incentives to run a full node is a problem people are working to address. It's actually a perfect illustration of how the blockchain can lead to emergent systems. Some ledgers already have rewards for running full nodes. So yes -- people do want to run full nodes -- they just want to be paid for it.
I understand the criticism to be targeted at the "web3" idea, which is assumed to be about the infrastructure for decentralized applications.
What is possible to implement is less relevant than what is likely to get implemented: here the clients (read: the app on the mobile) and their means of accessing the decentralized goodness matters.
The argument as I understand it is: if access/usage to whatever decentralized goods is always mediated by the old centralized approach (you have to ask the server whether the transaction is valid) then you trust the operators of the servers and those folks have the option of making "everything" (access to those services/goods) faster & better.
It is like the "last mile" problem where a company may well operate a global network but have no setup to act as ISP for end consumers, which is left to mediator. This is compatible with "web2" (https vpns etc) but the "web3" answer seems to be missing.
The problem is that benefits of well-thought out incentive systems evaporate when access is mediated. If every dapp comes with its own mobile client and app-specific servers to address this, there is nothing decentralized about it.
I recently became a web3 developer and created Flovatar (flovatar.com) and I totally agree with all the issues outlined in this article, but I think they are mostly limited to the Ethereum ecosystem and because most projects are not thinking outside the box and using IPFS to store the images.
In my case I decided to build it on the Flow blockchain (flow.com) and to use SVG illustrations and I couldn’t be happier about both choices.
Flow provides a JS library to interact with the blockchain without the need to use browser plugins like Metamask and also allows to store data on-chain with really affordable costs.
Having the SVG stored in the NFT guarantees that all the issues outlined in the article won’t apply in my case and will be guaranteed to exist as long as the blockchain will live (unlike IPFS where someone actually has to keep paying for the servers to store the images).
I could go on by saying that I managed to build a Marketplace that handles 500k$/month transactions with a single and relatively simple smart contract. Doing that in a web2 way would have been much much harder to both implement and maintain.
So from my perspective all the problems outlined in the article are super valid, but if you look a bit outside the current “standards” of the Ethereum world there is definitely hope and lots of solutions available.
It would take an Ethereum hard fork to tamper with it. That is a very big undertaking and rarely happens.
So he can prove that he minted it.
This is something we do not have on Web2. If FB deletes something, you do not have proof. And you cannot see it anymore. Neither in Chrome nor in Edge nor in Firefox.
On Web3, if OpenSea blocks an NFT and MetaMask uses the OpenSea API to display it, you can use another browser and see it again.
Could it be that people aren't really interested in undoing the mistakes of Web2, but rather just kicking off a new round of consolidation, where they could be the gatekeepers/platform owners?
" that URL often just points to some VPS running Apache somewhere. Anyone with access to that machine, anyone who buys that domain name in the future, or anyone who compromises that machine can change the image, title, description, etc for the NFT to whatever they’d like at any time (regardless of whether or not they “own” the token). "
This is how I felt when I first created a NFT. Man, the contract is so secure and all that but the raw asset - forget about it.
What I deduced was that the chain will somehow reject any other contract referencing the duplicate asset and only preserve the original contract. Something similar happened on OpenSea with Moxie but isn't this centralisation ?
But doesn't this apply to all off chain assets ? Essentially any underlying data for a smart contract, because you know storing even a byte of data on chain costs a lot.
So the smart contract - essentially a set of instructions is distributed, decentralised but prone to security lapses ( a whole another story ) yet somehow the data for these smart contracts is centralised ?
I am (or was?) a huge Moxie Marlinspike fan, and highly recommend this video[0] of his from Defcon several years ago. It was formative in my understanding of privacy and security.
That said, something here really doesn't add up. Being a huge fan, I took note several years ago of MobileCoin, a cryptocurrency, which listed him on the home page as one of the team.[1] Or, see this Wired article about it[2]. The big selling point, as I remember it, of MobileCoin (per the name) was that it was actually feasible for small clients (i.e. phones) to meaningfully take part in the network. But he's since been scrubbed from the site, as far as I can tell.
MobileCoin was added to Signal, much to the chagrin of HN. And Signal is intimately related to Moxie's work. I had thought that if MobileCoin becomes a thing, then the holders of the originally mined coin would become pretty rich, and I assume that would include Moxie.
So I'm a little confused by how this post fits in. I infer from it that he's new to web3 and crypto in general, but it feels like this isn't the case. (Though "web3" is ambiguous, and I suppose he's referring generally to Ethereum and dApps.) But his main point seems to be that the dominant cryptocurrency isn't suitable for involving light clients, which was the main selling point of MobileCoin.
I just wish it were clear his involvement with MobileCoin, since it feels to me like that could be a pretty significant conflict of interest with regard to Ethereum investigated here and could influence his perspective. For all I know, he answered some questions to the MobileCoin folks and they inflated his involvement. But then that wouldn't really explain how or why it was integrated into Signal.
If you care about the environment even a little bit (like turning off lights in rooms you're not occupying) then you will reject Web3. Even the most efficient blockchains use more energy than the status quo unnecessarily.
This is also to say nothing of the fact that it's more expensive per USD/KB transferred, slower and more complicated.
I think what Web3 should be is a way to use your laptop or any commodity computer as infrastructure for your data, and there should be APIs for websites such that it uses your computer as the source as opposed to their own servers.
For example this comment could be saved on my computer, but accessible to everyone viewing even if my computer is off via caching, but ultimately I could invalidate and delete.
> it uses your computer as the source as opposed to their own servers
> this comment could be saved on my computer, but accessible to everyone viewing even if my computer is off via caching
It sounds to me like you're just renaming datacenters from "origin" to "cache", without any meaningful difference in how the data is stored and retrieved in practice.
What about proof of stake chains, do you reject those too? How many companies with huge carbon footprint do you reject? What about cows did you reject them?
the public dismay at the carbon footprint of crypto is always fascinating to me. The network rewards are setup in such a way the the most profitable miners are the ones with the cheapest electricity as this is their biggest overhead. This pushes miners to the cheapest forms of electricity, i.e renewables
> This pushes miners to the cheapest forms of electricity, i.e renewables
I would love for this to be true (and that's why I used to believe it). But there are two problems with this:
• Renewables aren't the cheapest form of electricity; low-value (dirty-burning) or subsidised fossil fuels are cheaper in many places. You've heard of people buying and re-commissioning old coal power stations for crypto mining, I'm sure?
• Using any grid electricity drives up the price of other electricity, by market forces. The effect is local, but when cryptomining is happening globally, that's a global effect. That means that otherwise-infeasible inefficient (and polluting) electricity generation is now viable.
Greenest ≠ cheapest. If this were a universal truth, we wouldn't have a climate problem in the first place.
From https://www.globalpetrolprices.com/electricity_prices/ - the countries with the cheapest energy prices (and show up in the hash rates) are those that are using fossil fuels (and likely trying to subsidize those prices from the government to avoid civil unrest).
> If you care about the environment even a little bit (like turning off lights in rooms you're not occupying) then you will reject Web3. Even the most efficient blockchains use more energy than the status quo unnecessarily.
On an Intel NUC (Core i3, low power mode) I'm running a non-mining Ethereum 1 full node[1] plus a staking Ethereum 2 node[2] (comprising two active validators) on mainnet. Measured with a Kill A Watt[3] since genesis of the beacon chain, it's using approximately USD 140 kWh of electricity per year (about USD $15/year where I live), and makes use of the Internet connection that I use for everything else personal and work related. The Ethereum 1 node also acts as my personal gateway to Ethereum vs. say my needing to connect through Infura.
There are today 279235 active validators[4] on Ethereum's mainnet beacon chain. Now, I know that Ethereum hasn't made the switch over to Proof of Stake yet (that's what Eth 2 is all about) but it's coming this year. Let's ignore the kWh usage of my non-mining full Eth 1 node and assume the 140 kWh is split evenly by the validators (it's not even close, the Eth 1 node is a pig in comparison, but for sake of argument), then round each one up to 100 kWH per year and assume that's the average per validator going forward, and let's grow the beacon chain to 1 million active validators. So that's 100k MWh per year. Amazon reported[5] that they consumed 24 million MWh in 2020.
I'm not sure how many combined MWh are consumed by the data centers for VISA, traditional banks, etc., but I'm guessing it's nothing to sneeze at. According to Statista[6], it costs about 150 kWh for VISA to process 100k transactions. According to VISA[7] they processed about 206 billion transactions over 12 months. So that's about 309k MWh.
A couple of things to consider also. Ethereum devs are concerned about energy consumption, and there are active efforts to drive down the energy cost per validator by the various projects (nimbus, teku, etc.). Also, my Core i3 Intel NUC is pretty heavy-duty compared to lower-end hardware capable of running a validator node. So I expect the energy cost/year of Eth 2 to improve in coming years.
Via carbon offsets, so they emit all the co2 up front and then hope the forests their partners plant are both real and will be properly managed for the next few decades.
> People don’t want to run their own servers, and never will
It's worth distinguishing "running" a server from "having" a server. I lost interest in "running" my own services a couple decades ago - too much work, and I don't keep up on security patches, so it felt like a huge liability too. I am quite happy to "have" a server of my own though that requires minimal babysitting.
We already have this today in some forms: I have a network attached printer that once configured to get online, removes the need for me to run my own print server. Similarly I have NAS devices that remove the need for me to run my own file server. You could argue that the little box that my HomeKit devices talks to is also a little server for coordinating all of my little HomeKit devices. Each of these are pretty popular, even amongst the general population. That popularity tells me that people are quite happy to "have" purpose-built servers, but only if they don't need to "run" them.
This is a really interesting breakdown of web3 (or as he calls it later on web2x2). I haven't dove into the world of web3 yet but it does seem incredibly ironic that there's already seemingly a large amount of consolidation around platforms to make web3 more accessible to people. This is good for early adopters and artists who are generating wealth during the gold rush but I don't think it's good for "web3 the idea" as a distributed protocol.
I like Moxie's work and writings, and this article has some great points, but I can't get behind this:
We should accept the premise that people will not run their own servers by designing systems that can distribute trust without having to distribute infrastructure.
I'm not ready to give in. I am happy to leave "normal" (tech illiterate and politically apathetic) people behind to reach my decentralization goals.
I think instead of building centralized infrastructure that does not require trust, we can make it easier to host decentralized infrastructure. Including allowing a "server" to be offline for months at a time, come online for a minute or two, then disappear again. P2P networking is also an area we can improve on, IMO. Too much information is going across the internet instead of point to point. Bluetooth is a terrible protocol, but airdrop (and reverse engineered implementations) seems to be promising.
Email doesn't require DNS. Modern spam solutions for DNS do. You can most definitely use something like `spiped` to create a mutually authenticated, secure channel over IP, and just send mail over that. Or build a VPN overlay network and send mail to raw IPs. If you're going to cloister yourself with your fellow monks^W nerds then this is simple.
Hm, I think my point might not have been clear enough. I would find it hard to function without interacting with central system, like sending an email to someone on gmail. Just today, I emailed a plumber on gmail, but it could easily have been an old friend or a relative or whatever.
> I'm not ready to give in. I am happy to leave "normal" (tech illiterate and politically apathetic) people behind to reach my decentralization goals.
I don't think we have to "leave "normal" [...] people behind". I don't like devices like Alexa, but FFS, look at what millions of people have installed and running 24/7 in their homes. Is someone seriously telling me that a dedicated engineering and marketing effort couldn't build a similar consumer-centric device that functioned as a server (purposes to include but not necessarily limited to http and smtp).
> Is someone seriously telling me that a dedicated engineering and marketing effort couldn't build a similar consumer-centric device that functioned as a server
> I'm not ready to give in. I am happy to leave "normal" (tech illiterate and politically apathetic) people behind to reach my decentralization goals.
Which should be already possible with with the current offerings around selfhosting applications and p2p technologies.
But as the same time you need to accept that the "normal" people would probably be happy to, in turn leave you behind to reach their goal of being able to use all service available without needing to concern themself with running their own server.
NNTP with enforced GPG authentication and PoW like spam prevention could work today (in the narrow technical sense, not in the wide product sense.) It wouldn't even be that large of a lift from current NNTP architecture. Create a moderated Usenet group that only accepts posts that complete a PoW challenge and that sign their messages.
Apparently, 10 years and half a trillion dollars isn’t enough time or money these days for people to ship a basic SPV wallet to end users.
Even assuming the Ethereum people finally ship SPV support following moxie’s critique of their infrastructure, they still don’t have even so much as a rudimentary desktop wallet designed for air gapped spending which isn’t a literal web extension.
There has well and truly never been a more deserving poster child for the phrase “the market can remain irrational longer than you can remain solvent”, than Ethereum. If there’s one societally valuable thing Ethereum can be credited for doing, it’s laying bare that cryptocurrency valuation really is just a Keynesian beauty contest with absolutely no fundamentals whatsoever. The entire cryptocurrency space consists of pure and simple confidence games, all of them claiming to be anything but.
> The people at the end of the line who are flipping NFTs do not fundamentally care about distributed trust models or payment mechanics, but they care about where the money is. So the money draws people into OpenSea, they improve the experience by building a platform that iterates on the underlying web3 protocols in web2 space, they eventually offer the ability to “mint” NFTs through OpenSea itself instead of through your own smart contract, and eventually this all opens the door for Coinbase to offer access to the validated NFT market with their own platform via your debit card.
This raises an interesting question - can a new technology ride the hype-train sufficiently long enough to become mainstream and benefit from network effects and ecosystem dynamics kicking in, even if in its best case scenario - it's only a replacement of status quo and not necessarily an improvement? Historically, any widely adopted technological innovation has had the burden to offer and prove incremental value to society to justify paying the transition costs. But here, the incremental value is being pitched as literal "money" to be made by getting in early - which can be hard to resist for your average joe - notwithstanding their passion or stance on the underlying technology. Believe this will be an interesting race condition between dying out of the hype on one side, and technology reaching critical mass to be self sustaining on the other side. In either case however, don't see anything fundamentally changing or improving for society, except perhaps some new players displacing (or getting bought out by) old ones.
> This raises an interesting question - can a new technology ride the hype-train sufficiently long enough to become mainstream and benefit from network effects and ecosystem dynamics kicking in, even if in its best case scenario - it's only a replacement of status quo and not necessarily an improvement? Historically, any widely adopted technological innovation has had the burden to offer and prove incremental value to society to justify paying the transition costs. But here, the incremental value is being pitched as literal "money" to be made by getting in early - which can be hard to resist for your average joe - notwithstanding their passion or stance on the underlying technology.
If the product is self-enrichment, not technology, then when the “technology customer” — who has, invariably, invested money — starts losing money during a bear market, the vendor has a de facto failed core product on their hands in addition to a ruinous reputation from their prior unscrupulous peddling of a technological dud.
There's a huge amount happening in the crypto space beyond NFTs.
The article focuses on that area, which is fine, as they were the flavour of 2021, but it's worth keeping in mind that very few techies in the space saw the NFT hype train coming, Vitalik included: https://twitter.com/VitalikButerin/status/147740467160615321... so it's probably to be expected that a lot of the hacky, centralized fixes pointed out relate to NFTs.
> This raises an interesting question - can a new technology ride the hype-train sufficiently long enough to become mainstream and benefit from network effects and ecosystem dynamics kicking in, even if in its best case scenario - it's only a replacement of status quo and not necessarily an improvement?
That's more or less how Uber works. They just ignored taxi medallion laws, and only ended up winning because everyone decided to abandon them.
I view the final two conclusions points, that people do not want to run their own servers and that we need to make software easier to build/run, to be one and the same. Is the reason people don't want to run a server because it's just so difficult and expensive to keep a computer online in your living room (remembering that a smaller deployment doesn't need 20 nines of uptime), or is it because the UX of running server software has always been terrible? Could an OS be made which makes running a server actually a friendly process? We managed to design OSs which made running apps on a _mobile device_ a friendly process, surely the same could be done here.
The internet as it exists today for the vast majority of people simply isn't well-equipped for everyone to have their own servers. Imagine a small server box that you could simply plug into the wall and give your wifi credentials. You still have the solve the NAT issue. You still have to secure the publicly routable box somehow and constantly apply updates, or backdate when (not if) something breaks. In parts of the bay, PG&E goes offline every time the wind blows. Does everything in your digital life go offline with it?
There's a lot that goes into running a reasonably reliable server.
I put my NAS in a quiet PC case (it’s still too loud because I don’t have any closets to keep it in) and when I filed a FreeNAS bug a graybeard literally yelled at me for not using a 1U server.
> [...] NFTs instead contain a URL that points to the data. What surprised me about the standards was that there’s no hash commitment for the data located at the URL. Looking at many of the NFTs on popular marketplaces being sold for tens, hundreds, or millions of dollars, that URL often just points to some VPS running Apache somewhere. Anyone with access to that machine, anyone who buys that domain name in the future, or anyone who compromises that machine can change the image, title, description, etc for the NFT to whatever they’d like at any time (regardless of whether or not they “own” the token). There’s nothing in the NFT spec that tells you what the image “should” be, or even allows you to confirm whether something is the “correct” image.
How did we go from trapdoor functions being the foundation of everything in the space to forgetting to hash a link? Is the rational that these links should only ever be IPFS links? That's fine I guess, at least those are hashed. Why does the protocol allow for this to happen?
There are plenty of use cases for NFTs with updating data. Many exist already. Most high quality NFT art project do use IPFS, yes. But that is not the only use case for NFTs
I believe that it's possible for there to be a reasonable use case for a pointer to something that changes, though I'd appreciate an example because I can't come up with one. If it links to something that's not on some sort of blockchain, then what's the point?
If an NFT contains a normal URL, how could that possibly be valuable? The domain could expire or be transferred, or the original server hosting it could go down. I can't imagine any NFT that holds "ownership" of a real world tangible asset having any meaning whatsoever.
Imagine a logistics system that uses the existing capability of NFTs to give all interested parties a clear and transparent view of ownership transfers, eg factory to container ship to port etc. The data underneath can only be modified by the current owner of the NFT. The off-chain data could be encrypted and fit the particular companies standard.
The blockchain need not contain 100% of the business logic for a use-case, but instead only the parts that are relevant to being trustless and public.
Some of his points are out of date (given state of the art is old), like royalties and immutable data. See ipfs, eip-2981, etc.
Other parts are very on point, specifically everyone using opensea as authoritative for NFTs, which is crazy town. Opensea has a dog in the fight, and they are very opinionated about what's allowed in the tent and not. Things like etherscan and infura are less scary. I can't imagine building a wallet and depending on opensea for anything though, because your users are not going to appreciate that choice.
> What surprised me about the standards was that there’s no hash commitment for the data located at the URL. Looking at many of the NFTs on popular marketplaces being sold for tens, hundreds, or millions of dollars, that URL often just points to some VPS running Apache somewhere.
Wait, really?! Indeed, that seems insane to me — links change or die all the time!
I had thought the whole point was to prove a kind of ownership of some specific piece of art/data and just assumed that a hash of that data would be involved in a significant way.
> Instead of storing the data on-chain, NFTs instead contain a URL that points to the data. What surprised me about the standards was that there’s no hash commitment for the data located at the URL. Looking at many of the NFTs on popular marketplaces being sold for tens, hundreds, or millions of dollars, that URL often just points to some VPS running Apache somewhere.
This is an important line. People buying NFT's who are not aware of this may assume the NFT pictures itself are stored on-chain.
This doesn't actually matter, though. When you buy an NFT, you're not buying the picture, the art, the URL, or the copyright - you're just buying the NFT.
(I deleted my previous comment, because I don't think I said what I meant. So let's try again.)
Distributed, peer to peer, is worse. Everything that uses it, as a suite of technologies ranging from torrents to Freenet to bitcoin, only does so because a simpler, cheaper, central alternative is somehow seen as bad. In general, because it would be raided by The Man.
Blockchain, is worse. You could do everything it does, cheaper and better, without it. Except the bit about lawlessness, but the whole NFT gold rush has no need for that.
For any use that doesn't actually need to evade The Man, you can always make your system work better by pulling more and more of it into centralisation and out of the blockchain. Therefore, the final "victory" of the blockchain will look exactly like its obsolescence.
> Everything that uses it [...] only does so because a simpler, cheaper, central alternative is somehow seen as bad.
Walled garden ecosystems have a fairly obvious downside — ultimately someone has to get disproportionately enriched and empowered. By using the word “somehow”, you insinuate it’s actually hard to see this.
No, that's just a problem that lives in a different layer of how we organise the world. Right now we haven't decided to operate these centralised things as services provided by society, to society. Right now, they are owned by people who build up heaps of money, which in our current system translates to unwarranted power.
These are choices which can be changed.
Trying to work around the current system via a blockchain is certainly an option. But it's going to be worse in every other way except those externalities. And so they will tend to creep back, and the blockchain will be pushed out.
That’s a tad bit non-specific. Do you claim walled garden ecosystems are acceptable if a state government controls it? Save for possible science fiction AI administered states, this would disproportionately empower state executives, no?
It's non-specific because I'm not trying to write a manifesto right now. Nation state or sub-national state governments are not the only way to organise things that are done by society and for society.
People run servers because they don't want their operations to be affected by the arbitrary whims of some third party. When issues inevitably occur, they want to have as much control over the situation as possible so that they can remedy the issue as optimally as possible.
This issue was wonderfully illustrated to you by OpenSea when they unilaterally removed your poop NFT and offered the generic "You violated our ToS, we wont tell you how, and no there is no appeal". This is the fundamental reason why cryptocurrencies took off. No more arbitrary rules from whimsical payment processors.
I agree that Web3, as currently implemented, is a regression. Hopefully they manage to fix their flaws before the whole thing falls apart.
Concise, well thought out analysis by a cryptographer on Web3. If you believe in Web3, then you shouldn't dismiss this out of hand as a hater. He truly tried to understand how it works by actually building dApps. And the holes seem glaringly obvious.
What you should do if you believe in Web3, is take this as constructive criticism and improve so that they holes are no longer there.
> People don’t want to run their own servers, and never will.
What if the server is their phone and the service is an app that they install?
The problem that I personally have with web3 is that nobody seems to be building the infrastructure to accommodate this sort of setup, which the article sort of touched on. But I disagree that people will never want this. I think that there’s a lot of will and understanding among the average non-technical internet user that they don’t host their own services and I think they’d like to be a part of a distributed system, if there was a platform that made it possible.
But that’s not ethereum. IPFS and wireguard are closer to realizations of this.
> Even nerds do not want to run their own servers at this point. Even organizations building software full time do not want to run their own servers at this point. If there’s one thing I hope we’ve learned about the world, it’s that people do not want to run their own servers.
Why is this true? At this point it's never been easier to make your own static website, deploy nginx, and get online. Maybe not everyone wants to make a website, but you would think that everyone that does want to make a website would be able to and deploying a server would not be the bottleneck.
It's the things that come with running a server that everyone dreads: software updates, downtime, potential attacks and misconfigurations.
As an example, I think we would have more decentralized social networks if moderation was easier, so in a sense, these are human problems, but where the software hasn't caught up yet. So, hard agree that software should be easier to do. Servers are just one part of it IMO.
> People don’t want to run their own servers, and never will.
Not really much related to web3/crypto topics, but I think this is an indictment of servers, not people. If managing a server were easy and secure, lots of people would do it - for blogs, a minecraft server for the kids, to back up their pictures, and yes, to store their bitcoins or other digital secrets - they just don't want to manage a unix or windows server.
It used to be hard to install a webcam, now it isn't. No reason server software can't do the same thing - all we need is for some gigantic corporation to sink 100k developer-hours into it (which sounds like a joke, until you remember that there are several gigantic corporations who have very profitable side-hustles hosting servers, and who would be creating a whole new class of customer if they did this).
What is the benefit to the average user of running their own server? Most people (maybe even on HN) just want things to work. We buy connectivity services for our phones and our homes. I certainly don't want to run my own Wireless ISP to connect up my neighbourhood even if it was marginally cheaper (until I account for my time).
We buy storage services (for lots of reasons) from Amazon, Google, <your favorite backup provider>, etc. I don't want to run a large NAS and keep it running and backed up.
We buy messaging services (voice, SMS, email, IM etc). I don't want to run my own Asterisk VOIP PBX, my own OpenBTS node, my own postfix instance, my own IRC server.
I buy power services (electricity and oil). I don't want to run my own oil well, refinery, nuclear power plant etc. I do actually run some solar panels, but the amount of cognitive load that they cost me is very small. It is probably under 3 hours per year of having to fiddle with them.
In short, the cost in terms of time and energy from me makes it far cheaper to outsource all of these services to someone else. This doesn't prevent you from running any/all of these services, but I would suggest that you are in a very small minority.
Having said all of that, if I lived on an island with no services, I might be tempted to run some of them myself.
> What is the benefit to the average user of running their own server?
All the server-side use cases you can't do with a client alone. I think you misunderstood my comment; I'm not saying that running your own email server is easy, nor that it's hard but still worth it; I'm saying that the fact that it's too hard to be worth doing is a statement about the software that exists today, not some sort of immutable feature of the universe.
Anyway, that's the wrong question. The right one is: what new software would we make if everyone had their own server? The answer is, I dunno, but the hardware is good enough to find out; a cheap virtual server costs about as much as a streaming service, and quite a bit less than a mobile plan. It's well within reach for everyone in America to have their own VPS running their own email server. They don't, because Gmail is way easier, but that would cease to be true if we had better software. And, once there were a few server-side apps that were actually good, we'd probably make more (just as the advent of smartphones led to a lot of new use cases that would've been difficult to imagine before they were commonplace).
> not some sort of immutable feature of the universe
Except it is. Running your own server will always be more work than letting someone else do it, so unless there is a strong incentive people will let someone else run their server.
This is basically the Law of Leaky Abstractions. At some point you will have to deal with a problem yourself because no abstraction is perfect.
Why is there a graphical installer for the Minecraft client and not for the Minecraft server? Because of some fancy Law with Capital Letters, or because more work went in to the former than the latter?
The value to the average user is the possibility of self-hosting under unusual circumstances. It's like insurance. In a walled garden, when you get canceled there's nothing you can do. In an open Internet when you get canceled you can self-host. 99% of people will never need it but the option is valuable.
People will run all sorts of things they don't directly interface with if the setup and functionality is low friction. People run routers for example. If you had to SSH into your router and troubleshoot it just to figure out why you're not getting connectivity people wouldn't do it. Unplug it for 5 seconds and plug it back in? Still frustrating, but the UX has low friction.
If you can buy a little square box that you plug into the wall and it Just Works™ people would do it. People used to leave their home PCs running all day to allow them to perform server type functions.
When I build a home server, I generally shoot for low maintenance, but I do the setup myself. If I can do it once, I can do it once for a million people. Sane defaults, low friction UX, just the needed functionality, everything starts on boot and resets on reboot to a working state is all it really takes.
I agree, except for the part about this being physical hardware rather than a cloud thing. I find it very difficult to imagine even 10% of America buying something like this; a likelier model is, imagine that your typical $50/mo wireless plan included a $5/mo virtual server, and an app to manage it that looks like an easier version of cpanel.
If even 10% of america bought something like this the product is a wild success, and it would be enough pressure to ensure silos are unable to totally wall themselves off. I'm sure apple would love to drop support for SMS, but they can't, because some large percentage of Americans don't use apple devices, and so those that do wouldn't tolerate being unable to message their friends without apple devices.
I know people that aren't tech savvy at all that would buy a box they just plug in, boot up, that for example synced their contacts, pictures, ran a social media server just for them (mastodon maybe) and an email server and IM server and all they had to do was run an app on their phone and enter a password. You could build something like that and offer it to people for under 100 bucks. People don't run those though, because it's not as simple as that. Most people would rather have a product than a service. But the product is less profitable than the service, so companies build services, and so people use services.
Yeah, I think the success of Synology's NASes speaks to this - they're largely used as little home servers. And it could be even easier if someone built a box that functioned as a router and a server with dynamic DNS as an easy part of the setup. The UI would have to be really, really polished, but I think it could be done.
Symmetric home ISP connections would make these more useful, too. Sadly, that's not the norm right now, but perhaps that's because most people don't demand it.
> If managing a server were easy and secure, lots of people would do it - for blogs, a minecraft server for the kids, to back up their pictures
Easy 1-click deploy exists right now. Lots of VPS providers offer service specific deploy for things like minecraft, seedboxes, plex, nextcloud, etc. Check out Scaleway's InstantApps section to get an idea. https://www.scaleway.com/en/imagehub/
Yes, this is the sort of thing I'm talking about, but I think it also demonstrates that there's a ways to go yet. I suspect that one part of the solution will be abandoning linux and windows. They were built for performance and versatility, which just aren't that important in a server I use to host my blog and email, and come with a lot of baggage that isn't needed in a virtual-only OS.
Don't want to bother with OS updates? CoreOS exists. And containers abstract away the fiddly parts of running services. Firecracker/Ignite exists. I feel like all the parts are there to build what you want. Except there's no market for it. Even if it were free and easy to run your own Nextcloud instance, most users would never switch away from Google/Apple/Microsoft.
Techie users can roll their own servers. Power users can buy a NAS with 1-click service installs. Normal users don't even want alternative services.
I don't think that's true, people bitch about those services all the time. Everyone that uses FB has a gripe about it. Windows users have been complaining about Windows non-stop for thirty years.
I'm not arguing that people will switch off of those to crappy self-hosted replacements out of sheer spite against megacorps, I'm arguing that they will switch when self-hosted replacements are better and easier to use. Building a self-hosted platform that does what Facebook does more easily and conveniently than Facebook is hard, but IMHO it's easier than building AWS or Salesforce, and it gets easier every year, due to bandwidth and cloud hardware getting cheaper and big tech getting more user-hostile.
while all true; its also true no one wants to run their own servers.
the problems are practical. power and heat. noise. theft or disaster => backups; 3-2-1. updates, botnets, firewalls, static/external ips. ssh, vpn, or port forwarding. vlans? scaling? trust?
each of these things is a rabbit hole of problems and issues to solve.
I'm sure some people would want to run one in their basement, but I was referring to virtual cloud servers, and assumed the last sentence would've made that clear.
I'd agree that running a server is easy.
I built one for my company once. It ran on a standard PC (early 2000's).
But for some reason it never worked from my house. (Rogers ISP in Canada)
It took me hours and hours to find out my ISP didn't allow me to run a server. BellCanada ISP did, so the server worked on my co-workers system perfectly.
To be allowed to run the server I would have had to pay an extra 200$ a month, and be classed a business address.
It's not just that the tech is hard, the ISP's don't want it. So they gate keep.
What are examples of actually successful decentralised software? I can think of
- syncthing
- git (regardless of github, I still regularly clone/fetch between and within my own machines)
- bittorrent
None of these needed a cryptocurrency blockchains or stupid buzzwords in order to lure in users, they just solved real problems. I guess they are all fairly dependent on a stable protocol, making it hard to retrofit features, but some people do prefer that situation for at least some of their needs ;-)
email is the most successful decentralized tech we use.
It's not that decentralized doesnt work, but people need an incentive to make it work. cryptocurrencies currently aim for maintaining a high price, not delivering a final product (which might tank the price)
> These client APIs are not using anything to verify blockchain state or the authenticity of responses. The results aren’t even signed. An app like Autonomous Art says “hey what’s the output of this view function on this smart contract,” Alchemy or Infura responds with a JSON blob that says “this is the output,” and the app renders it.
Is there a technical debt story behind these practices?
Have there been attacks which took advantage of this gap?
You mean the smart contract would sign the response? Signatures by Infura or the node client would not tell you anything, you're already trusting them by using them.
Much of the infrastructure seems quite immature, with lots of hard problems to solve on the core blockchain first (but this is being addressed) [0]
So the idea of web3 is that the only thing stopping me from making my own twitter is that I don't have their past and future data. If I had real time READ access on their database of public tweets, I could make hooande-tweeter.com and it would be a viable competitor. This would mean that social media companies have less control over what we see and say due to market competition.
This obviously isn't working in the real world. OpenSea can still delete moxie's NFT. Starting a competitor to them will be difficult even though their core data is completely public. Just like twitter, OpenSea's position is based on brand awareness and first mover advantage. At this point competing would require differentiating features that solve real problems. That's a lot of work just because they deleted an NFT.
A better example might be twitter banning trump. If someone had access to all of twitter's data in real time and used it to start "twitter + trump", I could see a significant number of people using that. But then you'd kind of have half of people on regular twitter and the other half on trump twitter and it wouldn't be the same thing. In fact, it's fragmentation all the way down. I don't know if having a dozen different social media interfaces with slightly different rules and guidelines would solve anything.
The general idea seems to be that data is more powerful than branding. I don't know if that's true. Google and Facebook have a place in the zeitgeist that is more valuable than a search index or a social graph. We'll see if blockchain based open data is the answer. I think it might be way more complicated and less technical than that.
>Blockchains are designed to be a network of peers, but not designed such that it’s really possible for your mobile device or your browser to be one of those peers. [...] With the shift to mobile, we now live firmly in a world of clients and servers – with the former completely unable to act as the latter
I've got a dumb question: Why can't the phone or browser act as a node? Are the computational requirements too expensive?
My understanding is that it's because the entire blockchain would need to be stored on the device which from even a data perspective is too much for a phone. The processing of data on the chain will also be too computationally difficult/expensive for the phone. You would either run out of battery immediately or the phone would crash.
Well the flaw being they claim it is decentralized when it really isn't. How can a blockchain based web be more decentralized than what I run on my vps? In any case, all the things I read about this cryptoweb technology screams bullshit (and scam/moneygrab - possibly by investors).
> web1 was decentralized, web2 centralized everything into platforms
Am I the only one who remembers Web 1.0 as "publisher-generated content" and Web 2.0 as "user-generated content"? (publisher being the one who hosts the server) The latter is dead for several years now, since we've found out content moderation is hard and even scale won't help you there.
Your distinction aligns with Moxie's point that most people do not want to run their own servers. Web 2 made user-generated content easier, so more people used it.
> "user-generated content [...] is dead for several years now"
I don't think that is true at all, see the rise of Youtube creators, Twitter influencers, TikTok etc. Regardless of web3, I believe we are moving more into the "creator economy" and away from centralised news media (a single-digit number of news sources everyone listens to).
Disclaimer: I don't have much knowledge around web3. I would probably consider my self a skeptic, if I had to.
> People don’t want to run their own servers, and never will.
Just wanted to point out that the last part of this sentence is merely a prediction.
> If something is truly decentralized, it becomes very difficult to change, and often remains stuck in time. That is a problem for technology, because the rest of the ecosystem is moving very quickly, and if you don’t keep up you will fail.
By that logic, has email failed? I wouldn't say so.
> Eventually, all the web3 parts are gone, and you have a website for buying and selling JPEGS with your debit card. The project can’t start as a web2 platform because of the market dynamics, but the same market dynamics and the fundamental forces of centralization will likely drive it to end up there.
I find it hard to imagine that NFTs will eventually not be backed by a blockchain, since this is what provides all the hype.
This is a fascinating and absolutely brilliant article that explains so many things in very clever and intelligible ways.
Here are two things I'd like further clarification on:
1/ The article explains that NFTs are just pointers to some url and that what resides at the url can change at any time, with no control from the NFT as the standard doesn't involve a hash which would at least help verify that the content hasn't been changed. (A hash would not prevent the content to be changed but it would show it has been).
The article says "NFTs generally do not store that data on-chain. For most NFTs of most images, that would be much too expensive". Can someone elaborate on this? Why would it be too expensive to store the art on the blockchain instead of a pointer? What amounts are we talking about, and how do they correlate to the number of bytes stored?
In the case of generative art that consists of a few lines of JavaScript for example, is it different? Could it then be stored directly on the blockchain?
2/ A very surprising fact is that centralized intermediaries can indeed decide and change what's on the blockchain, with no challenge from the users. Here's the key paragraph:
> All this means that if your NFT is removed from OpenSea, it also disappears from your wallet. It doesn’t functionally matter that my NFT is indelibly on the blockchain somewhere, because the wallet (and increasingly everything else in the ecosystem) is just using the OpenSea API to display NFTs, which began returning 304 No Content for the query of NFTs owned by my address!
But why is that? Why can't we have independent servers that actually read the blockchain directly without using OpenSea's APIs? Is it just a matter of convenience? Is it because it would be too complex and expensive and therefore it's simpler to just use the APIs? Or is it technically infeasible, for some reason?*
> Why would it be too expensive to store the art on the blockchain instead of a pointer?
Remember that "on the blockchain" means that everybody who keeps a copy of the chain needs to store it. Thus blockchains have a huge motivation to keep that small. A chain which includes lots of data would have many nodes exclude that data from storage - functionally pretty much the same then as storing hashes pointing elsewhere. (or if it forced nodes to keep it somehow, it would have fewer full nodes and/or higher costs to compensate)
> But why is that?
Because those particular implementations are badly done (and the success of Opensea shows that many people (or at least people wielding lots of money) participating don't care about this kind of detail, or at least don't consider it a dealbreaker). Using some kind of API is useful of course to implement, but going through the platform again is not very decentralized...
I really like how this article is written. I'm a big time crypto fan, but the point the author makes about how something being decentralized makes it more difficult to change is so true. This is the reason Ethereum 2 has been in the works for numerous years and is still several years away from being completed.
1. When people are financially incentivized to run servers, they always will.
2. If a crypto protocol doesn't evolve at the pace of available innovation, that particular blockchain will be superseded by a new one. That said, a (truly democratic) evolutionary process is a core part of every blockchain specification.
3. You can get blockchain data via public (and federated/proxied) API, but you can always cryptographically verify its veracity, and your edge device (e.g. your smartphone) can do that. The same the other way around, you cryptographically sign the inputs you send to the networks, so that no federated API can tamper them, because the secret key stays on your device. This is referred to as the "trust-less model".
Once again I was hoping for a discussion of IPFS, DAT and Hyper. I've written post of an implementation for HyperSwarm and am impressed by the possibilities for decentralization. Does anyone know of a similar article for web3 that excludes the blockchain?
As much as I hate cryptocurrency as-it-exists, I'm very much into its potential. Untraceable (eg Monero) digital cash that settles instantly? That has the potential to disrupt societies.
The problem is that most societies don't have a particular need of being disrupted, so people are perfectly content paying with their credit cards, and why shouldn't they be? The UX is better and the banks are fine as long as they don't piss off a too-large portion of the population.
Still, I would love it if I could use, say, Nano (as it has very limited PoW) to pay for things instantly and securely. I'm hoping a miracle happens, but I don't think it will, or it would already have happened.
And perfect law enforcement means a stagnating society. Think where we would be now if gay people were discovered and punished instantly as soon as they kissed a person of the same sex, or interracial couples were punished as soon as they started dating, etc.
> Untraceable (eg Monero) digital cash that settles instantly? That has the potential to disrupt societies
With where the world is with Debit/Credit cards and all other trackable digital payments, the world going back to untraceable physical cash could have the potential to disrupt societies (people should make sure to put their phone/watch/entire car in a faraday cage so their cell phone providers don't have real time access to where they spent their untraceable physical cash)
I don't think there's necessarily any contradiction. This is a critique of the Web3 paradigm (crypto all the things) and not cryptocurrency itself for say, payments.
Yeah I read the article more as a list of valid suggestions for a nascent industry. Not an attempt to suggest that crypto is going to disappear entirely.
To disagree with the post: I have always wanted to run my own servers. But for most of my time on the internet, my upload speeds have been garbage, my IP addresses have been dynamic, and my computers have been behind NATs.
The basic networking architecture during Web 1 wasn't suited to Web 1. Had it been, there might have been more people experimenting with running home servers, more work going into developing home server solutions, and thus more momentum to building that version of the web.
Can we stop calling it Web3 and just call it NFTs...
Just call it what it is. If we are talking about NFTs say NFT, if we are talking about the general applicability of blockchains, say Blockchain. Every time someone attempts to describe Web3 they just end up trying to describe NFTs without actually talking about what NFTs tangibly do and are, which is why it sounds so ridiculously nebulous.
This response and the original article are both 99% literally discussing NFTs.
I completely agree with his take. What I always found interesting with greener BFT consensus protocols that a lot of modern cryptocurrencies implement is that you can actually fix the problem of untrusted services: you can provide a cryptographic proof to the light clients (the real clients) when they query the blockchain, which allows them to verify the response without synchronizing to the blockchain. This is what Celo is doing, I think Zcash had a proposal to do the same? But essentially any BFT consensus protocol should be able to do this.
You don't get the same insurance that you get by verifying all of the blockchain of course, but recursive zero-knowledge proofs that attest to the state transitions might solve this (cf Mina).
Another issue is key rotations, which increase the size of the proof (as you need to give proofs to all the key rotations before you can give a proof to the latest state of the chain), but I believe that zero-knowledge proofs can fix that as well.
Bottom line: it's actually not that grim, solutions are there, but users have to care for people to implement them, apply them, and for the solutions to receive adoption.
> Instead of storing the data on-chain, NFTs instead contain a URL that points to the data. What surprised me about the standards was that there’s no hash commitment for the data located at the URL.
I've been recently exploring the Solana[0] NFT ecosystem. The situation is similar there and I admit it took me by surprise at first. However upon further inspection, there's more to the story.
As others here have mentioned, most serious ETH collections address this problem using IPFS. But on Solana, Arweave[1] is a popular solution. I had never heard of Arweave before and it's a seriously cool concept. In a nutshell, it's a system that allows you to pay for 200+ (potentially much more) years of storage _up front_. I won't pretend to understand it all, but it effectively pays the network of miners to host your assets indefinitely. The up front payment - which is steep when compared to traditional hosting - provides a "sustainable endowment" for these mining rewards. This allows you to guarantee that the asset will be available without counting on some random hosted storage system.
It seems that NFTs are the main use case for such a system at the moment. However I can imagine other use cases could emerge for an answer to this question I never really thought to ask: "How can I ensure that an asset is hosted "forever?" Interesting problem and an interesting solution that a network like this - with its marriage of decentralized technology and economic incentives - is uniquely poised to address.
> To be clear, there is nothing particularly “distributed” about the apps themselves: they’re just normal react websites. The “distributedness” refers to where the state and the logic/permissions for updating the state lives: on the blockchain instead of in a “centralized” database.
This is one way to do it, but ideally you would host the site on IPFS so that you don't have a web server involved at all.
> there’s not even a word for an actual untrusted client/server interface that will have to exist somewhere, and no acknowledgement that if successful there will ultimately be billions (!) more clients than servers.
I would not say there's "no acknowledgement" of this; depending on how deep you are in the space, it's pretty obvious that the goal is to have layered networks and mission specific networks (storage vs. messaging vs. consensus), all economically incentivized, that are p2p through and through, from the resource constrained devices of end consumers to the staking nodes that secure the networks. That's the hope, the goal, and the focus of ongoing efforts.
The opposite of the missing word is "a node in a p2p network".
The points made about the difficulty in evolving protocols quickly are not lost on me, but I guess I'm more optimistic than the author that it will happen relatively quickly in coming years, including this one. In the process, there will be opportunities seized where the protocols fall short and half-measures or worse (with respect to decentralization) will generate excitement for a time. That seems like "growing pains" to me.
> For example, whether it’s running on mobile or the web, a dApp like Autonomous Art or First Derivative needs to interact with the blockchain somehow – in order to modify or render state (the collectively produced work of art, the edit history for it, the NFT derivatives, etc). That’s not really possible to do from the client, though, since the blockchain can’t live on your mobile device (or in your desktop browser realistically). So the only alternative is to interact with the blockchain via a node that’s running remotely on a server somewhere.
> As it happens, companies have emerged that sell API access to an ethereum node they run as a service, along with providing analytics, enhanced APIs they’ve built on top of the default ethereum APIs, and access to historical transactions.
> Almost all dApps use either Infura or Alchemy in order to interact with the blockchain. In fact, even when you connect a wallet like MetaMask to a dApp, and the dApp interacts with the blockchain via your wallet, MetaMask is just making calls to Infura!
> Imagine if every time you interacted with a website in Chrome, your request first went to Google before being routed to the destination and back. That’s the situation with ethereum today.
This is a very common complaint about anything that claims to be decentralized. It was also surprising to me years ago when I first read about Bitcoin and realized that it's not practical to maintain the whole blockchain on most clients. However, how do ISPs fit into this analogy with "web 1"? Since we're assuming that the original world wide web was worthy of being called "decentralized," doesn't this same criticism apply to ISPs? Even if you ran your own web server from your own facility, presumably the ISP was a third party that you had to (in some sense) trust.
Having a cryptographer taking up this topic has become a rarity, and that says something. I have not delved into the NFT world much, although I am quite familiar with blockchains and smart contracts. I've argued with more knowledgeable colleagues and friends that there is not much meaning in "owning" the hash of a piece of art for various reasons - a) you don't possess the art and are the mercy of systems which you need to do anything with it, b) someone can make an imperceptible modification to the art and invalidate the hash while retaining full artistic value except perhaps as a pedantic statement ... and then some.
What baffled me is that the accepted protocol for NFTs currently just requires a URL, any URL! ... with no hash validation! How did the blockchain world get here? Well, perhaps a IPFS URL would be "best practice", but it is shocking that currently any URL with no content validation goes! It should be impossible to mint an NFT for a URL with no content validation.
I always had trouble understanding what web3 was all about because I just couldn't figure out why anyone would be excited for it. I found this article to be excellent at explaining what the platform is but I still can't figure out why people keep bringing up this topic when it's clearly a classic example of a "Solution in Search of a Problem".
Loved the perspective. It does feel like those technologies which get "wrapped" open sourced or otherwise by first movers feel this way.
A few points which hope to not conflict with pinned rules:
- Ethereum has outlived it's usefulness. Cost me several thousand dollars closing token positions last month. Swore off anything on this chain. People literally cannot move their $100 worth of alts because of the fees.
(my kids, test coins, etc).
- Your statement about centralization is what made me move most of my interest to mobile crypto. One coin does mining on phones and sends their to/from via mobile. See this as the way for true-er decentralization. Still have app issues associated
from Apple & Google. Further think new $600 reporting reg for Cashapp/PayPal will increase mobile p2p interest - for some reason
- I'm not a dev, but OP's points made me wonder about The Graph (GRT) and perhaps ATOM as ways to ensure data has an outlet in the case where something like Openseas gains too much power?
About NFTs: we tend to think they somehow need an image to make sense, while the "own the NFT to own the image" is both wrong and just one specific use case out of many.
I find it useful to think about NFTs as "internet native property titles" which do not embed "law enforcement".
See it this way: if you own a house, you own a property title which proves it.
In case someone squats your house and the law enforcement does not help you get it back (e.g. due to corruption or slow legal system), it's just a useless piece of paper.
Same with NFTs.
Some use cases have enforcement embedded (e.g. ENS domains) and bear no risk, some don't (OpenSea minted image NFTs) and carry some risk from centralized entities (the same risk we have in 100% of Web2 applications btw)
Enforcement often happens at the app layer, even if the NFT image can be compromised.
E.g. an NFT which gives you access to a walled web page will still work even if the image is compromised.
> The project can’t start as a web2 platform because of the market dynamics, but the same market dynamics and the fundamental forces of centralization will likely drive it to end up there.
Great insight.
I didn't realize for maybe 8 months that NFTs were not actually storing the art on the Blockchain. I appreciate Moxie pointing out the problems with this in an eloquent way.
I wanted to say that I appreciate his approach to stating why he isn't sold on Web3: thoughtful, succinct, diplomatic, and based on the results of an open-minded experiment. This is so much more of an article I'm ready to engage with than the the "crypto is a pyramid scheme, don't you get it you morons!?" articles.
3. Most of the user facing clients for Web3 are decentralized
4. Power is easily rolled up into convenience providers like QuickNode
but I think something that is (perhaps conveniently missed) is that there is A LOT of power in having decentralized / censorship-resistant state - this is the thing that makes DeFi a real threat to orgs like exchanges and banks. They can't force people to have a certain amount of capital to trade derivatives or have a certain credit profile to borrow, the system is permissionless and the API is open 24/7.
That's pretty remarkable IMO and I think that sort of permissionless is likely to be used for very compelling things in the future, NFTs aside.
Also one thing that he notes but doesn't quite provide a solution for but I'm betting will exist in the near future is a markup language to map UI components to smart contract functions/views.
> A sure recipe for success has been to take a 90’s protocol that was stuck in time, centralize it, and iterate quickly.
Wow. That's one of those things you kinda know, then someone puts it to words like this, and the next thing I know I'm floored by the realization that Twitter is just centralized finger.
I think Moxie's critique of web3 concerns the decentralised aspect (DAOs, token economies, smart contracts, NTFs etc). He probably sees MobileCoin (which is built on the Stellar blockchain) just as a solution to fast anonymous payments.
It also looks like he's been involved with MobileCoin since 2017 [0], so this is not a quick cash-in on the web3 hype. Signal did not even publicise the payments integration normally.
> Even organizations building software full time do not want to run their own servers at this point.
This is almost entirely an educational/labor force issue, combined with a slight preference for the nominal hardware flexibility of cloud setups. The tech community focus from the dawn of the web until today has been overwhelmingly on getting people and tools to be better at creating and managing website content, whereas the traditional sysadmin stuff required to run "your own servers" with contemporary server technology has been viewed with both a level of disdain and also utter intimidation. Finding someone who can do React or Angular for your project might not be trivial, but finding someone who could actually run your servers for you ... much harder.
>People don’t want to run their own servers, and never will.
The older I get, the more I see that there is not much point in making arguments about topics. You can argue whatever you want, and it ultimately isn't about proving something is true or false, it is about feelings and what you want to happen based on your own desires.
This whole section about running servers can be argued against. I never thought I would see normal people with "gaming computers", yet here we are. "People don't want to bother with the hassle of gaming computers". etc etc. Same arguments. Things change, and the past does not dictate the future. I mean, half the reason people didn't want to run servers was because the web wasn't centralised. So now that has changed.
Other changes have occurred like the availability of the raspberry pi - a cheap, powerful, silent, relatively simple computer that can be used as a server. I remember back when Windows Home Server was a thing. It was packaged in these large noisey computers, running proprietary and expensive software. I didn't want to run a "home server" back then either.
Whether people working at businesses want to run their own servers is irrelevant. I doubt they care about any of the things that would be relevant to home servers. They are often running lots of different servers with complex security rules and various applications. The managers see the cloud as a way not to hire expensive people they don't trust. The programmers don't care because it isn't their own product, and hate IT because they make you jump through a bunch of hoops to do anything. It is all a completely different environment to one person running one server at home.
There are still impediments to running home servers that, if lifted, could make people more likely to run them. Static IP addresses are often expensive add-ons, for example. Upload speeds are sometimes too slow, and so on.
Anyway, I don't even know what web3 is, I just know that people can get anything done if they have the will to do it.
I found it interesting that the content of the NFT is held by a company that can remove it at will. To me this flies in the face of freedom and will land us in the Youtube paradigm. Where walking past a restaurant playing music gets your video ownership ripped from you.
imo these nfts that are "host it on an endpoint on our apache server" will die away as their fragility fails them. its mostly quick-buck thinking.
yes you can do a bad job with your nft contract and not think about metadata location etc. but you could also do a good job (ipfs/arweave). There are plenty that will last as long as the chain they are on with no problems.
Opensea shooting themselves in the foot. But its ok Zora and Foundation and others are stepping up and leading the way.
Just quickly from a technical perspective: web3 is like a useful wrapper around json-rpc which etherereum nodes use as a comms protocol.
You can just use whatever off the shell cli thing that supports json-rpc and talk directly to the mainnet.
Web3 is more of a concept that involves wrapping those complicated and cumbersome raw json-rpc calls(deploy a contract, compile a contract etc) into simple libraries. There’s literally a bazillion web3 libraries in many different programming languages. It simplifies talking to the ethereum mainnet.
I think they tackled it a little too high level in their post; missing the fact it’s really just a costly distributed state store you interact with via json-rpc with a shitty wrapper everyone basically calls web3.
> When you think about it, OpenSea would actually be much “better” in the immediate sense if all the web3 parts were gone. It would be faster, cheaper for everyone, and easier to use.
I really love this idea. Why doesn't a company with already established authority (say, Google) build this? An NFT-free NFT marketplace. That would be hilarious, as well as probably useful.
Or maybe someone else than an established player, but then with some mechanism to compensate for the lack of intrinsic authority. For example, a database with a hash of the whole db stored on a blockchain. To keep costs low, the hash could be stored only every x inserts (or, for a fee, one could force a hash store after a given transaction).
I'm a large doubter of Web3 and crypto in general though there is one problem space I can it can do well in:
Ownership and transfer of digital assets (though I would imagine this is better and more easily solved by web2 technologies as well by cooperation among platforms).
This could take the form of lending a friend a purchased copy of a video game, Ebook, etc.
The transfer would take place on the blockchain and could be performed regardless of platform - xbox vs playstation vs steam - Apple Books vs Kindle vs Android books etc.
Though this would require agreement by these platforms who operate these services.
But again, I don't see this really happening because these platforms have no incentive to enable sharing of digital assets over selling new copies.
except those files/data has to be stored somewhere, and if server decides you don't own it, then regardless of how many NFTs you own for that data it is gone. Buying NFT is buying a referral to actual product, not even IOU.
I agree but those files are already stored somewhere - your PC, kindle, cloud account etc.
On top of which, purchasing a movie via the Google Play Store or a book via Kindle doesn't mean you actually own that digital asset, just that you have access to it (which can be revoked by the platform).
What I imagine being possible here is to transfer ownership of the pointer to that digital asset from your account to a friend's account and commit that ownership transfer on the blockchain as proof to everyone.
If you want your copy back, either you have to have your friend transfer it back, or purchase a new digital copy.
If we move more in the direction of owning digital assets, this might be a big field for block chain to solve. Though this is certainly shrinking as we move to a subscription service economy for these goods - Spotify, Stadia, etc.
TLDR I think blockchain can lead us back to full and complete ownership of digital assets outside of any platform equivalent to owning a physical copy that I can lend out and get back.
If I buy something from Google Play Store, then I'm legally entitled to it, and if Google refuses to give it to me I can make them refund the money or give me the digital asset I own via legal system. NFT has no such requirement and NFT NEEDs legal system then written paper with two parties signature is just as valid.
> We should accept the premise that people will not run their own servers by designing systems that can distribute trust without having to distribute infrastructure.
My biggest issue with that concept is that cryptography isn't timeless. Most cryptography system just work, because they delay information retrieval to a point were its value has degraded. However, if I want to store information securely for the long term, I prefer having it protected by more than just encryption (e.g. locality).
So even though I understand the argument, that most people don't want to run their own servers, I think the proposed alternative is even worse than the status quo :-/
I started learning Solana recently to try and see what the fuss was all about. After getting beyond the basics I took a look at the technical concepts behind NFTs and my first reaction was literally - "this is creating something out of nothing". It was the equivalent of just inserting some rows into a database except that the operations were all logged in an immutable audit trail.
While I appreciate the value that a decentralized system of record with immutable log entries that the blockchain offers, I struggle to see how NFTs have value. But who am I to argue when buyers put their money into it.
This was the best read on web3 that I’ve seen yet. I’m definitely excited to play around with it, but I agree with many of Moxie’s points, especially around the promise of decentralization diverging from the hyper-centralized reality we see today.
I’ve been stewing on a thought experiment. Diaspora was aiming to be a decentralized Facebook competitor. I can see this project (or similar ones) gaining a foothold in the web3 space. But if social events are on chain, some of which might contain PII, how would such a service securely store fragments of data like this on random computers?
On the one hand I am happy to read a, at first sight, well balanced and well thought out critique of "web3"...
On the other hand: I can not escape the idea that he picked specific examples to make specific point:
- People don't want to run a server... Do they not? Or are most APPs simply not build with server capabilities? In the early days of Spotify they had a limited server capacity and everyone who streamed a song simply downloaded it from a server and peers mix, and in the background uploaded it to others peers. People were feeling just fine about 'running a server', just because they didn't even knew they did. The app hid (or abstracted) away the whole client/server question. [1]
- decentralisation doesn't work because "the blockchain" is hard to query and you need centralised APIs to do it for you. Again, a very weird and false dichotomy. Why take Ethereum as an example for "the blockchain". If I wanted to write a pro-blockain piece I would pick the Bitcoin blockchain as an example of how this CAN work. At this moment I run several apps on my iPhone which all query this blockchain for their functionality and it words just fine (and decentralised). To clarify I don't have the whole chain on my phone, it connects to random nodes (or my own if I so choose) and queries the chain via Bloom-filters [2].
- OpenSea as a example of a decentralised market place that doesn't seem to work. Again, why this example? Why not BISQ, a marketplace that is truly decentralised and has been running flawless for years? [3]
So, one could write an article that is saying the exacte opposite only by picking different examples.
> - People don't want to run a server... Do they not?
I think this is the most important point the article made. Most people really don't want to run a server, why? because they don't even know what a server is.
However they do have some tangible sense of some program they download and run on their device. So the only way for the masses to have truly decentralised infra is to make sure those programs are nodes in the decentralised networks.
> Or are most APPs simply not build as with server capabilities?
This. I don't know why, maybe there just aren't enough interested developers to build clients for this stuff that works like e.g a bittorrent client. The irony seems to be that most people making these "decentralised" apps are only interested in making portals into centralised platforms connected to a blockchain. Or maybe the design of the protocols simply doesn't lend itself to independent clients directly connecting to each other.
I think bittorrent is a really good example of how to do this stuff well. People will complain and say the masses don't use it, but it's been around for a couple of decades now and it "just works" and continues to "just work" and every client is a server, it is truly decentralised, with federated infra only to distribute metadata. I think the only reason it's not used by the masses is because 90% of what it's used to distribute is copyrighted material.
If web3 (or lets just call it what it is - NFTs, or the next blockchain fad) are to work in a truly decentralised manner, then whoever is designing these protocols needs to keep the whole picture in mind, end to end, to ensure clients are equal - to design it in such a way to actively work against the trend to centralised platforms, make them irrelevant.
Running a server means installing, configuring, and maintaining an OS and stack of software. Spotify running a server in the background isn’t what Moxie means.
>People don’t want to run their own servers, and never will
People don't trust their computers on the open internet enough to run them as servers. No computer running Linux, Windows, or MacOS exposed to raw internet is safe.
This is subject to disruption, should sufficiently well designed microkernel based OSs arrive on the scene before the war for general purpose computing is lost.
Personally, once I get a capability based OS as a daily driver, the first thing I'm going to try out is running a few servers on it, and persistently checking for trouble.
I do not look forward to immense backlash against "techies" when normal people have been grifted out of what they thought were their "savings" in crypto and NFT's.
Some of this echoes Matt Levine's take on crypto and DeFi generally: you will repeatedly see the re-learning the lessons of hundreds/thousands of years of traditional finance.
I'm not sure that the "mobile device can't act as a node" is fundamental (it's more a quirk of the current systems), but "nobody wants to run their own server" => "centralization" is a great reminder:
> I think this is very similar to the situation with email. I can run my own mail server, but it doesn’t functionally matter for privacy, censorship resistance, or control – because GMail is going to be on the other end of every email that I send or receive anyway. Once a distributed ecosystem centralizes around a platform for convenience, it becomes the worst of both worlds: centralized control, but still distributed enough to become mired in time.
So several fundamental forces gave us the centralized internet, at least for the time being. Trusting a few players has never given resistance to these forces and so blockchain doesn't alter the equilibrium.
What are the forces pushing for blockchain? Some will say greed, and of course at an individual level greed has something to do with it, but greed has always been there. Greed is part of humanity. What is specific to blockchain? Maybe just the desire for decentralization.
This is not what I expected from Moxie. A writes very good account of his experience trying to do some dapp / NFT stuff. He eloquently draws attention to the problems that are based in human behavior.
Definitely worth the read. Both sides of the debate could elevate their arguments if they ponder what Moxie has written.
> Both sides of the debate could elevate their arguments if they ponder what Moxie has written.
I appreciate that he fairly tried these different things out and reported his experience. But I don't think he has noticed anything particularly interesting or novel.
It's common knowledge that the plentitude of blockchains out there now make compatibility between them almost impossible. This is how Bitcoin "maximalists" came to be in the first place. If reputation and trust is the game, it defeats the purpose to have a million different blockchains.
Same. I'd like to make this experience better rather than give up and give in to centralization. I know others have different priorities, but I don't need them to use my servers. I just need them to interoperate minimally.
Marlinspike is the CEO of Signal Messenger LLC, and he also coincidentally believes that people shouldn't make clients which are compatible with the official Signal messenger (even though the protocol and code are freely available), and shouldn't even try to distribute Signal from app stores that he doesn't approve of.[0]
I don't actually know if he receives a meaningful salary from his CEO role, but Upton Sinclair's adage still seems relevant for explaining Marlinspike's views on decentralization: “It is difficult to get a man to understand something, when his salary depends on his not understanding it.”[1]
It's also worth pointing out that non-official Signal clients would be less likely to include support for MobileCoin, which "gained over 450% [in value] since" Signal announced support for it.[2]
I would like it if Metamask connected to a distributed hash table of Ethereum node providers and sent transactions to random subsets of those nodes. Then if there was some way to track the reliability of these nodes to make some kind of ranking of quality. Perhaps the client (Metamask) and a given server could mutually sign the transaction so when it eventually makes it into the mempool it is clear who put the transaction there.
This post taught me more about the current state of ethereum than nearly all other ethereum content online combined. Incredibly well researched and thought out.
I can see why everything is centralized: moderation. How would you ban NFTs that would be considered illegal?
Sure a solution would be to put the NFTs on a decentralized file system (IPFS?) or a P2P sharing network. And have kind of P2P/decentralized API that can easily be validated. But then, how would you ban illegal content?
I'm sure Opensea would prefer to keep everything centralized and under control. But clearly, there is room for improvement.
The uniswap people made a standard called tokenlists to help users filter out spam and junk tokens while still allowing anyone to list any token. I don't see why this couldn't work for sets of NFTs as well.
You seem to readily assume there is such a thing as universally "illegal" content. Can you elaborate? Who decides what is "illegal"? Which jurisdiction? Who enforces it?
> Instead of storing the data on-chain, NFTs instead contain a URL that points to the data. What surprised me about the standards was that there’s no hash commitment for the data located at the URL. Looking at many of the NFTs on popular marketplaces being sold for tens, hundreds, or millions of dollars, that URL often just points to some VPS running Apache somewhere.
This is all everyone needs to know about the current wave of NFTs
I think the best thing that can come out of this whole crypto/web3 space is a new sort of stock market. I've a startup that I want to open up for micro investors and the best way I can think of doing so is through NFTs/crypto that represent shares in the company.
The barrier to entry to the traditional stock markets (turn over requirements etc) is far too high. Does anyone know of something like this?
I think moxie makes a good point about centralized services like alchemy, on-chain data from opensea, etc.
The increase in development velocity using services like alchemy and pinata is astounding (I remember spending a month writing a stupid nft app in 2017 which now only takes a weekend.) I think these services are here to stay but they ultimately undermine decentralization.
“Protocols move slowly. After 30 years, email is still unencrypted.”
OK, so I know what moxie means but in terms of sniffability: how much SMTP traffic is actually conducted in plaintext these days? Could someone put a ballpark value on the amount?
For starters: 50% must be big-webmail-provider to either themselves or another big-webmail-provider. Do the long tail not have their LetsEncrypt certificates configured?
I can’t speak for him, but I think whenever moxie talks about encrypted mail/messengers he means E2EE. And the state of E2EE for email is not good. SMIME is hard to set up for regular users (dearth of free certificates [0], lack of SMIMEA support [1]), PGP support is lacking out of the box in most mail clients.
And maintaining your contacts’ keys is quite a nuisance, using key servers requires trust (I have no control over who submits keys in my name, revoking can be hard). Regardless of whether you go for SMIME or PGP you will always have to sync your private keys when you use more than one mail client (web mail especially is a problem).
[0] Only one I know is Actalis, supporting catch-all is impossible with it and you need to request a new certificate every year but cannot request before it is expired.
[1] I can’t set a SMIMEA record on Namecheap’s name servers. And mail client support seems hard to check.
"We should accept the premise that people will not run their own servers by designing systems that can distribute trust without having to distribute infrastructure."
This resonated with me. If we want Web3 disruption to happen, perhaps we need better P2P networks. For example, with things like static IP per user, it would be trivial to standardize and build next gen chat apps.
If people want a blockchain based decentralized web couldn't we cut out the middleman and just make hosting data the proof of work?
Edit: After all of ~10 minutes of uninformed thought I'm leaning towards an unholy marriage of torrents, IPFS and banking with each server acting as IPFS node, torrent tracker/seed and bank, issuing letter of credits to seeds of the data.
I enjoyed reading this article. The closer you look towards cryptocurrencies and smart contract projects like nfts, the less likely without a significant (state) player supporting these experiments I doubt we'll talk let alone use these speculative industries in a quarter century.
Anyone can make an currency, only a strong arm can force you to pay.
My takeaway from this article: decentralization is usually bad UX (gas fees, slow to add features...), so people tend to aggregate to platforms w/ better UX that sit on top of decentralized services, which leads back to centralization
I love the Gmail analogy, that even though email is decentralized, everyone just uses Gmail (probably because it's a better UX)
I have immense respect for Moxie, who has spent time building experiments and tinkering with a new technology, and as a result has a take on it that highlights very different issues than what most of the predictable web3 flamewar centers around. It makes you really think about who is really qualified to discuss said technology.
>A protocol moves much more slowly than a platform. After 30+ years, email is still unencrypted
Traffic between email clients and servers is encrypted so can be emails themselves; PGP can be used for encryption of emails and authentication between email senders. But another story is majority of people do not use PGP because of its bad UX.
Running email protocols over TLS isn’t an improvement to the protocol, it’s tunneling. PGP isn’t an improvement to the protocol, it’s encapsulating data in another protocol/format.
Your comment proves he point; email has evolved so slow we’re running it through tunnels and embedding PGP encryption to overcome the weaknesses that the protocol has not been able to fix.
> People don’t want to run their own servers, and never will.
This is sad to hear. People do run their own servers in their homes though, they are called routers, except they only serve one thing. Pity we don't have a lightweight self-updating system that sits in a router and does the basic job of keeping the user's data.
> People don’t want to run their own servers, and never will
If only 0.01% of the population ever run a node / mine, isn't that still infinitely better than what we have now? Especially so when money is involved.
The current alternative is 100% centralized. In other words, it's 1 DB vs ~700,000 or 1 company vs 700k individuals etc.
So basically web3.0 is just json-rpc calls to a cluster of peer servers that host distributed databases(e.g. blockchain that records your write-operations in stone) via a few portal servers, the portals are the gateway to the pool of blockchain-peer-servers and themselves are also part of the blockchain pool.
FTFA: “We should try to reduce the burden of building software.”
(building, compiling, linking my own copy of a Signal-Desktop app: failed, upgrade, failed, upgrade, failed, upgrade, failed, package is too new, … FAIL!)
- And Signal-Desktop app comprises of some 130,000 components/modules/archic/EOL packages, got it.
I really love their example of an NFT that changes based on where you see it.
I've been kicking around an idea of selling a bushel of NFT's and then later changing all the images to the text "I spent money on a monkey but all I got was this stupid text" and then abandoning the project.
I guess my beef with the whole web3 discussion is that everyone is bashing all the centralized bandaids is indicative that web3 is fake without acknowledging that those things are bandaids "until it's really ready". These bandaids (infura and the like) are mostly only necessary for mobile users who can't run a full chain. And even then there are legit solutions like Status.im as well as lots of research into lite-clients.
The "right" way to use something like Ethereum or IPFS is to download geth and go-ipfs and run the nodes yourself. You can do it on a modern laptop or a raspberry pi easily.
Then you can point Metamask at `localhost` and be using your own pristine connection to the networks.
Or you don't even need to use Metamask and can just issue commands directly in the console or you can download a local copy of of the static files for MyEtherWallet or whatever it's called these days and just double click on an HTML file and connect to your local node.
Then once you've done that, stop wasting money on buying pointless centralized NFTs.
I have been looking for an objective, skeptical evaluation of web3 and this delivers. Despite all of the discussion around decentralization, market forces like network effects, switching costs, and winner-take-all will likely occur and with it some degree of centralization.
I don't this part. Oh the NFT is just the URL and the image served by the server can be changed .. can't the URL include the hash like ?h=HASH_OF_IMAGE .. a compromised server can send any image, but the end user can verify its fake as they have the hash ???
Literally while reading this I heard in the background an NBA commercial with Matt Damon telling people that "fortune favors the brave" when it comes to crypto. Whatever else is true, this thing probably isn't going to just quietly settle down.
For someone who has only ever dipped one toe into "crypto", this is super informative. Especially good to read the constructive advice at the end (all the way until the bit about software-building burden, which felt rather random).
„Unfortunately, I think distributed systems have a tendency to exacerbate this trend by making things more complicated and more difficult, not less complicated and less difficult.“
His conclusion about distributed web3 is also true for microservices.
> People don’t want to run their own servers, and never will
They would if it's an app on their phone. Currently that's not possible due to the constraints of battery life and, to a lesser degree, mobile coverage and data plan limits.
Do you think Cardano can aliviate some of the clear issues we are seeing with Ethereum? I've been reading a lot for the past two weeks and I must say I'm close to start developing stuff in Cardano.
The article is written great and was enjoyable to read. I do have issues with how it is focused on NFT marketplace to the detriment of explaining what the real benefit of the blockchain/crypto is. Which I am going to try and explain to the best of my ability. Here goes. The article omits to mention that whatever is stored in the blockchain is immutable. This means that there is not google or Zuckerberg behind it all with ability to actually change what's on the chain as this is not possible at all. Instead the author focuses on the ability of OpenSea to remove things from their marketplace and also how it uses centralized apis to get the info. This, while true, is orthogonal to the immutable ledger use case which is still true.
Can anyone explain clearly and objectively and succinctly what an NFT is, for an audience who knows how the internet works, what a hash function is and what properties they have, and how bitcoin works.
This is the most thoughtful critique I've seen of the web3 space because it engaged meaningfully with the stated intent of web3 as a movement (and found it somewhat lacking on its own terms).
Web2 was more about ajax than centralization. It was being able to interact with websites without needing a full server rerender on every interaction. Why is everyone trying to rewrite history.
I come to hacker news for this kind of well written content. As a person who works in a non engineering role (although I started out there) this is brilliantly written and explained. Thank-you.
> What I found most interesting, though, is that after OpenSea removed my NFT, it also no longer appeared in any crypto wallet on my device. This is web3, though, how is that possible?
It's refreshing to see someone actually roll up their sleeves and not immediately descend into reactionary takes.
The criticism here is excellent; I think something people outside of this space never see is that despite all the boosterism there are web3/crypto proponents who have been airing these same exact grievances for some time now, particularly regarding metamask, infura, ipfs, & opensea, but there's alternatives to all of these.
Decentralization is a spectrum, and while I think Moxie's probably right in that this all trends towards consolidation, at the same time there's founders trying to to change course and move in the opposite direction, Joe Lubin being among them.
could everyone run their own matrix server in theory? sure. do people want that? not really.
so just like in tfa we get a centralised system with all the downsides of a heavily distributed one (reduced reliability, operational and transactional overhead, etc.)
With regard to the last paragraph: Take a look at what Agoric is doing. Basically making programming smart contracts less difficult with JavaScript. Very interesting, worth a look.
> the funds a contributor pays to mint are distributed to all previous artists (visualizing this financial structure would resemble something similar to a pyramid shape)
End to end encryption and open protocol give user more control of their data and has the same decentralized feature as blockchain. It should be the future we should build.
I thought web2 aka web-2.0 was AJAX+Unobtrusive JavaScript aka XHR+jquery aka SPAs. I guess we rolled The Cloud (rented server time) back into that at some point?
> This might suggest that decentralization itself is not actually of immediate practical or pressing importance to the majority of people downstream
This is exactly what I've heard from lay investors in crypto (vs the techno utopians pushing crypto as the world's decentralized medium of exchange).
The lay investors welcome the centralization and the regulation of off ramps as they feel it will bring more traditional financial instruments trust and relative stability to crypto, thereby bringing in even more common investors. They see its value as a gold replacement and inflation hedge.
Their agenda is quite at odds with the original anarcho-capitalist vision of cryptocurrency, as they aren't interested undermining existing institutional structures (which they are themselves reliant on).
Wait I assumed that NFT marketplaces like OpenSea stored a hash of the artwork in the layer 1 blockchain. Please someone tell me this is actually happening?!
It's usually a URL of the artwork that is stored on the blockchain.
That URL is sometimes an IPFS url, which is a hash of the content. But it could be anything, that's why you can create NFTs which change their image based on where they are viewed, or eventually 404.
3rd party wallets often don't bother looking up the blockchain to find the URL. They just query a centralised API like the one run by OpenSea. That's why OpenSea blocking an NFT can make it show up as blank in 3rd party wallets.
This is the best article on web 3 I have read thus far. Probably because this guy actually bothered to create some dApps (as one of 7 in the world I think).
> Please don't post generic, shallow, obvious, indignant, and/or dismissive comments—those are repetitive and predictable, we've had more than enough of them, they're tedious, not what this site is for, and we don't need more.
So the only “curious” comments are those which accept the premises of the post. Oh okay, little could make me less interested in finding out whether there’s actually something of value here than proscribing I give its contents merits before I even form my own opinion. I’ll see myself out again.
the good news is that it's not the first shared database that we have to manage. Take DNS as example. We know the answer: Start a new blockchain using Ethereum technology, and let institutes around the world, host the "servers". Even better if every central bank in the world could run a node.
His argument here is that web3, as it exists today, isn't actually decentralized. Also:
> These technologies immediately tended towards centralization through platforms in order for them to be realized, that this has ~zero negatively felt effect on the velocity of the ecosystem, and that most participants don’t even know or care it’s happening. This might suggest that decentralization itself is not actually of immediate practical or pressing importance to the majority of people downstream, that the only amount of decentralization people want is the minimum amount required for something to exist, and that if not very consciously accounted for, these forces will push us further from rather than closer to the ideal outcome as the days become less early.
Per the post, he's in favor of decentralization that "uses cryptography (rather than infrastructure) to distribute trust," he's just skeptical that web3 will head in this direction.
And his arguments in favour of centralization are flawed. Sure, regular people do not want to run their own (email, chat, etc) servers. But they DO want to be able to chose from a handful of available servers the one they like best (or the one they trust most), without losing connectivity with their contacts. Tired of Google's shenanigans, move from Gmail to Protonmail, tell your contacts your new email, set up an autoresponder, all is fine. When you move away from a centralized silo like Signal, you'll have to move all your chat buddies with you to a new platform.
Some people say they want this, but in practice, why you should trust someone you've never heard of?
Network effects aside, consider the difficulty of deciding that the people behind a fork of Chrome or Signal are trustworthy. The average person doesn't have the knowledge to do due diligence, and many of us who could (in theory) don't want to bother.
How do you get to the point where people think your team of software developers is legitimate? Decisions like this are based on what everyone else is using.
One reason that app stores serving sandboxed apps are popular is that you don't have to evaluate each software developer's organization just to play their games.
> consider the difficulty of deciding that the people behind a fork of Chrome or Signal are trustworthy.
Yet web users did decide that the people behind Chrome were trustworthy, even when there were still sites claiming to "work best in Internet Explorer". You're arguing that something is unrealistic, and yet you give an example of that thing actually happening.
> The average person doesn't have the knowledge to do due diligence
The average person knows that Facebook is bad for society, and yet they are tied to the platform because of a lack of interoperability. A minority of users have accepted the switching cost and moved to Fediverse instances, but I think it's not controversial to suggest that more people would switch to Facebook competitors if they could stay in contact with their Facebook friends.
Directly, and not convincingly at all. He presents just one use case, which, coincidentally, is the only one that casts the service he runs in a really good light. There are other use cases, like several email users leaving Gmail altogether, escaping from what he calls "the worst of both worlds". And his alternative? Using the centralized service (preferrably, the one he runs), because, he promises, this one will be totally different, aha.
It seems that with Signal he actually prefers that people trust specifically the organization that he founded, and not compatible implementations of the protocol, or even self-built copies of the same binary.
Great post, but IMHO it should have been called "My First Impressions of Ethereum". The web3 ideal and movement is much larger than Ethereum only, and many are focused on solving these issues. For example Mina allows for mobile clients to verify the blockchain using recurring ZK proofs.
Too much web3 thinkpiecing (both pro and anti) comes from people who've never looked under the hood. It's refreshing to see someone try actually try crypto as a developer, not just as a user, and go deep enough to figure out how things work in practice.
Moxie's critiques are valid. All of these are well known problems to the researchers at the core of web3 and all are the subject of active R&D.
- Point 1: people fundamentally don't want to run their own servers.
Clearly true. Vitalik gave a vivid example of this in a recent interview on Bankless pod. He visited Argentina, where hyperinflation has forced many people to use crypto or physical USD. He observed people using stablecoins, but not primarily via Eth L1 or any L2. Instead many transacted via Binance. Not BSC--Binance the centralized exchange! Which provides a Paypal-like UX.
Crypto researchers are fully aware. The plan is a couple thousand validators and millions, eventually billions of end users. Of course the end users will not run command-line geth, or run their own server in any capacity.
The plan is for them to use some combination of light clients or trust-minimized hosted services. This requires bringing transaction fees way down, the core goal of L2 rollups + sharing.
Also, today's popular clients are not particularly trust-minimized, which brings us to his second point. Paraphrasing:
- Point 2: current "web3" is really mostly web2. Under the hood, Metamask, OpenSea, etc just use trusted servers.
The fix here is trust-minimized services (= like Infura, but with every response bearing a proof of correctness) or light clients (= very similar, but using full nodes as interchangeable servers).
This exists today as a proof-of-concept. It is about to become feasible in production. The reason current Infura does not provide proofs is because Merkle proofs are 10x+ the size of the data returned for a typical query. Verkle trees fix this.
Zooming out. Here is the Ethereum roadmap for the next two years, summarized:
- The Merge. This removes proof-of-work. The Eth ecosystem will use >99% less energy after this point.
- The Surge. This is about data sharding. Today a transaction might cost ~$50 on a bad day on Eth L1 and ~$0.50 on a Layer 2 rollup like ZKSync. After the Surge, L2 transactions will be nearly free.
- The Verge. This is about Verkle proofs and statelessness. These allow the core user interfaces -- wallets and light clients -- to efficiently follow the blockchain without trusting central intermediaries. They enable efficient proofs of any portion of the chain or its state.
---
I think these are fundamentally powerful primitives, the implications of which we've just barely begun to explore. I actually welcome the next bear market, since it shakes out the grifters. It is day 1.
It is very refreshing to see this from a primarily technical angle.
In common with many HN-ers, I actually did a lot of cryptocurrency and blockchain dev work 5+ years ago, and was actually very exited about it at first, before realising what was behind the curtains. It is a similar story with many early Bitcoin developers, including one famously describing it as an experiment that failed[0]. I also get the distinct impression that the vast majority of pro-cryptocurrency people on HN at the moment are relatively new[1].
I stopped looking at it primarily from a technical angle because I realised that, firstly, the technology isn't anywhere nearly as useful as some people make out and might never be able to do the things which are promised, but secondly and more importantly, the technology really isn't the important part - what matters is the belief that technology might work, and sustaining that belief for long enough to make money. Moxie hints at this when he says "you can’t stop a gold rush".
There were an increasing number of people at the tech meetups etc. who knew nothing about the technology. Many were gamblers, refugees from the 2011 "Black Friday"[2], who knew full well that many of the schemes they were putting money into would never work or were even out-and-out scams, but they enjoyed the thrill of trying to get in and out and make money before the collapse.
The was also a growing sense of people being involved just to be anti-establishment. The ironic thing is that, back in 2008, you could make a reasonable case that the established banks were the bad guys and the cypherpunks were the good guys, but the situation has now definitely reversed - the banks have cleaned up their acts considerably (anyone who has worked in one for a long time will say how completely different the cultures are now vs then) with new regulations (e.g. Dodd-Frank) and most have plans to become carbon neutral, etc., and it is all the cryptocurrency scammers and fraudsters and climate-destroyers who are the bad guys now.
But there is more to it than that. There was also an increasing undercurrent of very non-technical people coming in and trying to exploit the technologists excited to work on the next new and shiny thing. I know that kind-of thing happens with everything, but this was much deeper and more malicious than in other contexts.
So while the technology isn't the important part, it is useful to be reminded of the intractable problems with the technology.
I jotted down some thoughts I want to post before this very well written and interesting article by Moxie drops off the front page. I'm sure I got things wrong, but in the spirit of blue sky thinking:
The Physical layer is centralized on the telcos, fiber providers and satellite providers. This doesn't change
The internet is decentralized at the Application layer. Is it peer to peer. BitTorrent, IPFS
The network become centralized at the services layer in Web 2.0.
A decentralized search engine or global commerce store is impractical
Centralized services like search and social are a solved problem and efficient. People expect to get them for free in their monthly internet bill
Just like no one wants to run their own server, no one wants to run their own social network
web3 says it will change decentralization at the services layer, but it probably won't
"I don’t think it’s on a trajectory to deliver us from centralized platforms" - Moxie
People want to spend money on it without really caring much about the technical details. They just want it to work.
People (mostly young) use their interest and involvement in it as a social signifier
web3, crypto and decentralization are buzz words like "the special properties of copper" or "energy balancing tea"
When everything is free, nothing has value. NFT's create a value that can be bought, sold, traded and collected
The buying and selling of digital objects has momentum and will continue.
"I think these market forces will likely continue... If the money flowing through NFTs ends up channeled back into crypto space, it could continue to accelerate forever... I think enough money has been made at this point that there are enough faucets to keep it going"
Web3 is here to stay but it won't be what the techies want it to be, it will be what the market wants
"I also understand why nerds like me are excited to build for it. It is, at the very least, something new on the nerd level – and that creates a space for creativity/exploration that is somewhat reminiscent of early internet days." - Moxie
The market has spoken and people want this. Consumers don't understand it but think it's cool and are told it's the future, so they can flex at being in the know and forward thinking by getting involved. Web3 is here to stay, without the implementation details even mattering to anyone but a small set of highly technical people. It's a fun project to get involved in, it's not boring, and gives people something to get excited about. The best thing someone like me can do is try to steer it in a direction away from harming the environment by coming up with alternative to proof of work.
When I read "People don’t want to run their own servers, and never will." I thought, what an elitist (and libertarian) idea to assume people would be able to afford and manage a server in their home but also afford/have access to the required Internet bandwidth. Yuck.
The server here is actually not a centralize server in a traditional world. It's a node that connect to the network and replica state.
When running transaction, you send it to that node, that node then broadcast it to network. This node here is like a replica in a traditional database.
You can run that node, and talk to it through http, websocket.
The point about trusting server signature the author bring up is bad IMHO. Even with a database, if you install some malicious Postgres package that return fake data for example, it doesn't help you at all if you enable TLS or not.
The point about verification is that read-only data isn't important because write always get verified. If you connect to a malicious node, that change the data it returns to you on purpose, then it's fine. But when you write data to the system, it always get verify so it isn't a problem at all.
The point here is that you are the one that run that node, and you are responsible for it. Entire point of Ethereum is that anyone can run node that connect to the network to replicate its state.
If you take out all the hype(OpenSea is a massive scam here no argue), I found web3 is really amazing.
1. It's a public dataset that anyone can read data and listen to event
anyone know something like that in current web1/2? Example, when I bough a domain name on namecheap or google domain. Can anyone know that? When I change my DNS, do anyone know that?
With Ethereum when you run a WRITE method on a smart contract, when you transfer event. Everything can be emitted. And you can listen to it.
The code is almost always open source.
2. Build-in Authentication System
Many website use wallet to sign in but didn't verified a signature. In fact, that signing is very cool in deed. That signature verifcation ensure that only you can sign that data, send it to server and server can verified it with your public key, which is part of your address
3. No one can stop you
If you search hacker news, you will found many people got blocked/suspended randomly by Stripe, Paypal then what do you do?
4. Openness
This is a system that anyone can read. Think about that for a second. Anyone can read its data. Without the need of any API. Everything follow a standard, which is smart contract.
Anyone can write, if you're willing to pay.
You're pretty much can see the code of any legitimate company. Pretty much all of them published their contract on ethscan, to make it convenience for you to run directly.
If you don't like some webui, you can just write to its directly.
Literally just a `curl`, without you to even register for an account.
I know that many people like to dismiss web3, the term is broad and bad IMHO, but think about the thing that it gives us. I can think of some example how web3 is great.
1. ACL: any changes is published, if a malicious activity happen, pretty much anyone can monitor it
2. Charity Fund: we can see what happen with the fund, transfer to where, when, who made it
> People don’t want to run their own servers, and never will.
This depends on what you mean by servers.
Nobody wants to pay money for dedicated hardware and experience service interruption if they fail to constantly provide it with power and internet.
But a lot of the need for "servers" could be eliminated by running a Tor onion service on your phone and accepting connections from peers. You can get e.g. direct messaging from this without any "servers" of your own, but also without any Facebooks playing MITM between you and your peers.
> A protocol moves much more slowly than a platform.
I could make two criticisms of this.
One, sometimes stable is good. We all whinge about the decades-old protocols that were designed for mainframes the size of buildings with less memory than a toothbrush, but now try to think of something you want from current day Reddit that you didn't get from ten years ago Reddit. Maybe the problem is some things got frozen before they were cooked, not that stability is bad once you have something that works.
Two, a lot of this is survivorship bias. If it's easy to push changes to all the clients you're either already centralized or you're susceptible to EEE. Protocols like that got absorbed into some centralized product already, so the ones that are left are the ones with more protocol implementations than there are tech companies. Then if there is any problem with the protocol at all it's impossible to make changes, but that's the very reason it's still in use.
If the other protocols eventually get replaced by something centralized, that eventuality only comes after the defects become fatal. When they're so bad that the problems exceed the network effect. But that's also the same time when you can release a new protocol version and people will adopt it for all the same reasons. You just need the replacement to be another protocol instead of a platform.
> Recreating this world
This seems to be a problem. We know generally what we want, e.g. P2P to the extent possible and completely fungible untrusted commodity servers when it isn't.
Then the people writing the code are also the people running the servers, so they're willing to write code that makes the servers stop being fungible and untrusted and we're right back where we started.
> This might suggest that decentralization itself is not actually of immediate practical or pressing importance to the majority of people downstream, that the only amount of decentralization people want is the minimum amount required for something to exist, and that if not very consciously accounted for, these forces will push us further from rather than closer to the ideal outcome as the days become less early.
Nobody cares about decentralization until the centralized entity becomes adversarial or unreliable, but then it's too late. The time to start caring about fire safety is not when you are already on fire.
> People don’t want to run their own servers, and never will
This kind of gets at the reason why I think a lot of tech articles/blogs about what the future will be like are just terrible. The wants of someone who is driven enough read and write about the bleeding edge of technology are very, very different from the general population. Like this author says, most people don't want to run their own web server, but I'd go even farther and say, most people don't really care about decentralization or even data privacy. Getting most people to care about privacy and decentralization is like getting a kid to eat vegetables. They know they should, but the alternative has more short term benefits. I think most people care about ease of use over almost everything else.
People who write these articles need to be thinking about the middle aged woman who still calls every video game system "a Nintendo". There will always be some users for technologies like web3, but until you can clearly demonstrate to that woman that this new technology has value and is easier to use than the status quo, you're never going to get mass adoption.
Connecting this back to web3, we're clearly not there yet. Almost anything being done on web3 is slower, more expensive, and more complicated than its web2 alternative. We may or may not get there one day, but until we do, I don't see web3 being anything more than a niche product.
It's refreshing to read an article that admits this:
> > Even nerds do not want to run their own servers at this point.
I actually enjoy build and running servers, but only for hobby purposes. When it comes down to anything business related or critical, I have zero desire to run and maintain it on my own. And I especially don't want to have to handle security for large amounts of money that could disappear in an instant if I make one wrong misstep.
For sure. I ran my own servers for many years. And I still enjoy playing with hardware at home. But a couple years back I shut down my last colocated physical server and I do not miss it. The background stress of knowing that at any point I might have to wake up, haul my ass down to a colo, and swap a motherboard just got to me.
Now all my must-stay-up stuff is built via Terraform in a a public cloud. If there's a hardware failure, it's not my problem. It's such a relief!
> The background stress of knowing that at any point I might have to wake up, haul my ass down to a colo, and swap a motherboard just got to me.
I would miss mine terribly. I couldn't afford colo and hosted on VPS for a while but just didn't cut it. The Cloud is the same. Kind of like having two monitors and downgrading to only one.
In all honesty how often does that requirement come about? Did you not have fail over? 2u is mandatory if you want to fully exercise colo, 4u is ideal.
> If there's a hardware failure, it's not my problem. It's such a relief!
Not for me, if AWS or Azure fall over I'm at the mercy of the engineers to fix which could take hours just due to the processes standing up the cloud. And when those occurrences happen its normally fatal. If the same happens in colo their are only three reasons.
Datacentre,
Server or DDoS
Granted you can either live on the edge and having no spare hardware and hope they don't die. Or have kit ready to ship and rack. My colo servers are eight hours from me and always happy to jump down to my rack to fix whatever.
But I do respect your opinion because I don't know the variables you live in. Colo forever with me.
Is hardware failure a common problem making you can't sleep? I don't get it. I run several desktops and servers at home for decades. Other than my baby pulled keys out of keyboards, I never had any hardware problem at all. And some of computers are more than ten years old.
It's not a particularly common problem. But it's one I always had to plan for. I was, in effect, always on call. If I was going to be out of town, I had to have somebody to cover for me. Somebody who was on the list for physical access and knew what to do enough that I could talk them through it.
It's worth making a distinction between running a server and managing it. People don't want the hassle of managing all the complexity of server infrastructure, but they appreciate the benefits of owning your data, and the hardware it is stored on. It's just that right now the centralized solutions that store data centrally are the only ones available for web-scale applications.
However, that doesn't have to be the case. If you look at consumer appliances and mobile computing, you can build managed environments that are physically distributed but partially or fully managed, with the actual code and data as close to the user as possible.
IMO this diagnosis is still one level away from a more fundamental truism, which is that people don't want to pay anything for digital goods. Running servers can and has been massively simplified over the last couple decades, and I don't see any inherent technical barrier preventing it from being as simple as registering for an account on FB (i.e. anyone can do it). The deeper problem is the lack of willingness to pay (directly) for anything online.
The reason for this is complex, with lots of unclear cause and effect dynamics (e.g. did our unwillingness to pay push the ecosystem to gravitate towards ad-based revenue models, or the other way around?). The inevitable race to the bottom between competitors, under the massive incentive for platforms to centralize/consolidate (if you charged any amount for your service I can always under-price and out-compete you) is likely a major contributor. We do not exhibit such reservations against payment for anything physical, probably because of the innate sense we have that anything in physical reality should have a cost, yet not so in the digital world.
I’m not sure I agree with that. People wanna pay as little as possible but they gladly pay for Netflix or whatever. People spend a lot of money on Amazon because they make it really easy to pay. One of the original promises of cryptocurrency is it would make micro transactions easy and painless (with something to do about trust, but… that goes in the opposite direction than consumers would like as it’s the provider that doesn’t have to trust the consumer instead of the other way around like with credit cards which allow you to back charge stuff).
The key is still making stuff easy to pay for. Low transaction fees. Low risk to the consumer. Low friction overall. Ideally we would want to enable that without enabling monopolies like Amazon. Because the low friction is Amazon’s real moat.
Netflix sets up a very obvious dollars-to-value relationship. "Subscribe" and watch "things you already want to watch" - easily.
Most types of online monetization fail that test: subscribe and then you'll use this website for 15 minutes, then the promise is it will do something later that will be worth $10 a month to you. They're the gym-membership of digital services.
They want you to pay to join, but you don't actually know what you're getting and you don't know if you're going to find it usable at even a minimal level. Netflix deals with this too: they sell you access to a movie catalogue, not a specific movie - built into the model is a hedge against local risk for a product which already has very broad appeal.
That's why micropayments are a neat idea. Sure, I'd pay a dime or a quarter to read you crappy news site. A quarter doesn't matter, as long as you don't bug me, I'm not subscribed to anything, and I just click. That's kind of what Bitcoin was promising... Of course for several reasons, that doesn't actually work with Bitcoin.
Steam does amazing because it’s all so easy and well developed. Steam is also very conservative in its development and doesn’t add stuff for the sake of it, like so many other companies fall for (Norton Crypto anyone?)
Also, we think we are there when it comes to UX, but I feel we haven’t even started to make good UX paradigms.
I am fervently anti crypto, and haven’t seen any argument that makes me move an inch, because all of the current alternatives are so much safer and easier. However, the idea of an internet wallet does appeal that’s distributed rather than centralized does appeal on some level. Crypto enthusiasts should focus on that more.
Agreed. There are significant audiences where cognitive load is a much bigger barrier than spending actual money. But people do want privacy, independence, and control, so I think non-centralized services could still work.
I think "virtual server" is the wrong abstraction here. It's like "radio with pictures" or "horseless carriage" in that it's telling us we haven't found the right new way to think about it.
people don't want to pay anything for digital goods
Which brings up a different problem: Web3 assumes that everything you do online will cost money. Even assuming that fees go to zero, virtually nobody wants that. Web3 advocates will say that the money you earn will offset what you spend, but you only have to look at Patreon/Substack/OnlyFans earnings to see that it won't happen for most people.
It also strikes me that there’s an implicit requirement to “already have sufficient capital” to operate in the crypto space - even more so that normal finance. I don’t see middle-to-low income people being willing to adopt this as any interaction will burn even more of a limited resource than normal mechanisms.
If the majority of people can’t get in, or can’t afford to do anything in the space, is there any real chance this will actually take off?
Now I’m sure someone will respond along the lines of “crypto is an investment/asset not a currency, etc etc etc” in which case, why is it trying to do all these currency things?
Arguably, everything does. You just also either sell something at the same time or someone else subsidises it for you. Neither of those approaches are forbidden in web3. It may be more explicit at least.
More generally though, "everything" there means state changing operations. Read only doesn't.
> Like this author says, most people don't want to run their own web server...
I know I certainly don't. I want to write my software and I want to be able to deploy it somewhere and manage the things I may care about for that specific software. As much as possible I don't want to have to care about hardware, or routing, or server administration, or user permissions, etc. Learning it once? Sure. Dealing with it every time I have a new project? No thanks.
So, I totally agree. decentralization and privacy on their own are difficult to market, as they aren't nearly as in demand as convenience.
Amen. I don't even get why most companies have Dev-ops. For the price of one Dev-ops you can get the most expensive plan on many providers. Running the most expensive Heroku plan (with a concierge service) is cheeper than an employee, and office space, and medical insurance, and ....
And that's just the one provider I know.
I want to type git push master, and that's the end of my involvement in standing things up.
It like getting a kid to compost, sew seeds, tend to the veggie patch, pull weeds and 10 weeks later cook and eat the vegetables.
Im the sort of person who should be interested in web3 (i dreamt of this kind of stuff years ago although had no technical idea how it might work) but now I’ve seen the culture of the space I have no interest.
"C-suite, or C-level, is widely-used vernacular describing a cluster of a corporation's most important senior executives. C-suite gets its name from the titles of top senior executives, which tend to start with the letter C, for "chief," as in chief executive officer (CEO), chief financial officer (CFO), chief operating officer (COO), and chief information officer (CIO). "
It also seems chronologically wrong since a woman who is middle-aged today would have been in the prime age group for the Nintendo Entertainment System.
I feel like it's a matter of OS improvement that will enable people to manage the software side of their own servers in as little (or less) effort than managing cloud platforms or even VPCs. Ideally in a standard way. Why is learning Dropbox any easier than learning to copy a file to some other FTP serving software? The clouds are just making $$ to support you, though that often turns on it's head when they try to protect their interests. This conflict is why everything is shit right now IMO.
If we are talking about the hardware... That might be a harder sell. But at the same time, I don't see why a company like Apple couldn't market a product like the HomePod as a personal server. It falls into the privacy narative and would be a way to make more device sales by supporting faster local services.
Personally, I want my ISPs to give me a static IP more easily so I can more in this direction without worrying about weird dynamic DNS issues. IPv6 should have enabled this years ago, but it remains an issue.
FTP is horrible. I'm glad as a web dev I haven't touched it in 8 years not since I worked for a hosting company in tech support.... git, or even rsync over ssh is way better...
The upcoming generation..even the 'non-tech' people are tech-savvy, meaning most could probably get arch linux up and running at least via a distro or follow the docs, etc...where there parents would fail.
the problem is they need to create something w/ a big enough value proposition but at the same time, easy enough for the masses to assimilate and understand it, and that serves enough utility to make it worth it.
Something like an actual currency w/ basic income dividends (taxed $ goes to lowest 50% who have a minimum utilization score), and identity/fraud management, that has a built in tax and cap system so whales can't abuse it, and zero transaction fees, instead fees are taxes for hodling and lack of utilizing (less daily/weekly transactions lower your utilization score, so you might lose a couple coins/day until you start spending more). Fraud/ID comes in handy here so you can't just spend it to yourself or other accounts you own. 1:1 only.
It'd need wide adoption to make utilization scores accessible, and maybe the price be pegged at or near a loaf of bread... and somehow make that global to be a universal price-setter to.. like say it's 1000 x currency for a loaf of bread in X country and 100y currency for a loaf of bread in y country, the c (coin) to y trade rate would be 100:1, and 1000:1 for x.
I also feel that decentralization can be bad, full democratization is good, and DAO's would be good assuming every member gets equal voting rights (protect against whales), but sometimes esp. in the beginning centralized aspects like identity verifiers could go a long way towards building something resilient, and make tweaks/iterate changes faster than blockchain tech, and then when the tech is more sound in 10 years, move 100% decentralized... or only parts if that's what the org votes on....etc...
When this expands to include metaverse it even becomes more important to have liquid democracy at its core, to ensure fairness and that companies don't control everything.
>The upcoming generation..even the 'non-tech' people are tech-savvy, meaning most could probably get arch linux up and running at least via a distro or follow the docs, etc...where there parents would fail.
I don't know what members of the upcoming generation you're dealing with, but the ones I know are more computer illiterate than their parents.
Their parents played games on dos and had to configure shit, the kids use their phone for everything and don't know how to use computers beyond a basic level.
Not a chance on that mate.. No way on Arch. Most of my neighbours can't change their wifi password. Heaps of the 20 somethings can't even run "ls" in a terminal.
> Something like an actual currency w/ basic income dividends, and identity/fraud management
Proof of Humanity is trying to do that with $UBI tokens and their method of proving who you are (basically a video of you with your wallet address saying a specific script, and putting up a collateral that could be lost if a court can provide evidence that you've signed up for it before). After you're signed up, you get one $UBI token every hour. $UBI tokens are currently worth $0.12 apiece, so it's roughly $1200 USD per year (at least for the moment, it's inherently very inflationary and seems to kind of rely on people like Vitalik Buterin, creator of Ethereum, to buy a bunch of tokens and burn them).
It does have a complex onramp, though, and will be difficult to get non-tech-savvy people onto it without some help, most likely.
We'll see if it continues to work. It's only been around since March 2021. It's an interesting idea, though.
I'm not sure I would call this "solved", since it's effectively just a replacement for the DNS servers in effect.
What I want is no additional dependencies, esspecially on dynamic and slow to propagate services. Not to mention that my current dynamic DNS (through tplink) seems to be filtered by a lot of firewalls or something.
ISPs providing a static IPv6 would be a simple solution that I should be able to create my own DNS records for convienence. No external VPN or otherwise.
Regarding your last sentence, I think that's fine.
I know Moxie criticizes people for saying “It’s early days still" but I really do think it's early days and NFTs have driven crypto into the mainstream too quickly.
Crypto researchers are still chipping away at the math and computer science required to bring the web3 vision to life. What's unfortunate is I've yet to see an article on hacker news about this research and, instead, articles about the hacked together shit that is unfortunately the face of web3 at the current moment.
If you're interested, I'd recommend people check out some of the following topics:
- Smart Wallets for better UX for your average user.
Does this not prove his point though? Because decentralization is harder to get right on a technical level, centralized alternatives will always outcompete more decentralized ones.
> The wants of someone who is driven enough read and write about the bleeding edge of technology are very, very different from the general population.
This is very insightful. I wonder what else it applies to. I bet there are tons of media sectors writing to irrelevant but interested audiences.
> People who write these articles need to be thinking about the middle aged woman who still calls every video game system "a Nintendo". There will always be some users for technologies like web3, but until you can clearly demonstrate to that woman that this new technology has value and is easier to use than the status quo, you're never going to get mass adoption.
I don't get it. I thought this used to be common knowledge. I mean it's basically a TV trope, so why and how do industries "forget" this?
Being easy to use is not usually thought of as a feature. Just look at the reaction of telephone hardware vendors to the original iPhone: There's nothing new about this, there have been tons of devices with touchscreens, we already know the customer does not want those, yada yada. They did not even consider the possibility that the selling point was not a list item on the spec sheet, but the user experience.
You're correct about ease-of-use being key, I think.
It was easier for "us" (the industry) to build hosted web servers, and so that's the paradigm that has won out. It's a direct evolution from client-server computing in the mainframe-and-terminal era.
But the user doesn't need to care what a server is, or what running one involves; it's a bit of a red herring.
A winning platform wouldn't communicate to people that they're running a server at all; they'd upload their messages/profile/etc, and the application user experience would be akin to that of any other application, with the difference that -- at an implementation level -- their data would be encrypted, replicated and hosted across multiple devices. The platform provider then goes on to win-in-competition because their hosting and bandwidth costs reduce to near-zero.
That of course conflicts with the second point: evolving the protocols for that is hard. I'd wager that a winning platform will get 98%+ of the protocol design and implementation correct up-front, because it would have to be based on simple, iterable, secure and near-correct fundamentals that stand the test of time.
> People who write these articles need to be thinking about the middle aged woman who still calls every video game system "a Nintendo".
In a world where the pool of capital allocated into crypto is hyperconcentrated in the hands of a tiny number of elite investors who employ teams of analysts to scour the web for opportunities to rapidly take advantage of, those people don’t matter.
This is also why no modern cryptocurrency investor can realistically be considered “early”, anymore. The only thing early about crypto is the general maturity levels of its technology, which arguably doesn’t matter to valuation based on the reality we see play out in the crypto markets on a daily basis.
> There will always be some users for technologies like web3, but until you can clearly demonstrate to that woman that this new technology has value and is easier to use than the status quo, you're never going to get mass adoption.
I think this isn't true. A large part of getting people to use something is often not ease of use, but momentum and popularity. Ease of use plays a large role but by itself, it doesn't explain the entire variance of why some technology reaches mass adoption or becomes the most popular.
The first article on Web3 that I've read that drills into the details and was written by someone who's not only kicked the tires but taken the thing for a spin. And the conclusion: It's mostly the bad stuff of Web2 combined with the bad stuff of Crypto.
A deep dive into this stuff is certainly useful. The question is, of the people who were offended by shallowness of people saying "this is obviously garbage though I can't be bothered to investigate it", how many will say "ah, so here's a thorough, technical and soft-spoken explanation why this is all garbage, thanks".
Exactly,and it's also intentionally misnamed as web3 as if it's an inevitable extension of current internet practices, rather than a scifi buzzword fantasy of a small pocket of investors (or small to moderate hedge of larger investors).
This article helped me understand why OpenSea was able to raise money at a $13 billion valuation. They're even more centralized than I had assumed. VCs look at that and see an impressive moat.
I think you are over-simplifying the conclusions of the article. The article presents a much more nuanced view, and while it points to certain limitations and deficiencies of Web 3.0 (and that only on the Eth part of it; we are in a multi-blockchain world now), it also points to several strengths of the growing ecosystems, and mostly comes across as humble; not knowing how its all going to turn out.
I keep reading that there are a ton better blockchains than eth, but then it seems that all dapps continue to use just eth, even at the cost of insane gas fees. Why is that?
To be fair Moxie says it's only "early days" in the sense that the technology has failed to advance, since of course a significant quantity of time has passed since inception.
In some ways, cryptocurrency’s failure to scale beyond relatively nascent engineering is what makes it possible to consider the days “early,” *since objectively it has already been a decade or more*.
I'm just addressing the misconception re: Moxie's apparent position.
My personal opinion is that the internet solved problems from day 1 and its growth was largely constrained by the deployment of physical infrastructure. Blockchain is not similarly constrained - it just doesn't really, you know, do anything for anyone. The proof will be in the pudding.
As he's expressing several opinions, let's comment on each one separately:
1) His comment that "People don’t want to run their own servers, and never will" is correct, but I think it's not the right way to think about the problem. All of us have gigabytes of cached shit on our devices. Ideally that locally stored information should be part of a decentralized web. By "decentralized web" I mean smth very different from today's web3 bs.
2) "A protocol moves much more slowly than a platform" - again, he is correct, but I feel like he's not seeing the larger picture. The fact that a protocol "moves much more slowly" is actually a feature. Elaboration: He is looking only at the pace of change, not at the robustness of the system in question. Old software that was designed for use value, still works flawlessly, i.e. it doesn't break. The dependency graph of older protocols is mind blowingly small. Today's software, which most often gets designed for exchange value, breaks within a year if it doesn't get updates, because their dependency graph is enormous. It's correct that protocols rarely update, but they get forked way more. Most updates get introduced through new forks.
3) his section "Making some distributed apps" - spot on. As long as you need to have a local copy of a ledger (even if it's just the block headers) to be a validator, the majority of users will still have to trust a server. crypto fanatics will claim "yeah, but you can ask for a merklle proof of the state" miss that lying by omission is a thing (i.e. in the classic merkle tree, you can prove that smth is present, you cannot prove that smth is not present). As a result servers can still lie to you by omission. Crypto fanatics will say "yeah, but you can contact several nodes", but that assumes that there are several nodes. In reality the majority of projects will only call an Infura node. It's all insane. Nothing about today's crypto space is actually trustless & decentralized.
4) His section "Making an NFT" - Yup, the NFT space is ridiculous on several levels. His arguments against metamask are also legit, same reasoning as in the previous point.
5) Section "Recreating this world" - I think he's making the same logical mistake as in the earlier sections here. The cryptocurrency protocols did not converge to a client - server setup. They always were a client - server setup in disguise. The problems related to simplified payment verification (SPV) were never actually solved. I think it's wrong to think that things must converge to platforms. Things that are use value based often resist such dynamics, e.g. Torrents.
6) The "It’s early days" section - yup, it's not early days anymore. These problems are inherit in the architecture design of blockchain protocols.
7) "But you can’t stop a gold rush" - This whole section was spot on. It's all a gold rush. There's no use value to any of the crypto projects right now, except maybe enabling people who live under authoritarian regimes to take take their capital with them.
8) "Creativity might not be enough" - I don't agree with the first part of his conclusion, but the second part is legit.
Personally I think current web3 is going down a very bad path. The old school p2p protocol designers were still driven mainly by a socialist / anarchist zeitgeist. They were designing for use value. Today's protocols have a neoliberal zeitgeist. Use value was thrown out of the window in exchange for speculative value.
I think the important part of decentralization is not that “everyone must” own their own server, but rather that “anyone can” run their own server, that indexes the globally consistent blockchain database.
But, I agree that the most troublesome parts are around the client/server relationship due to the need for indexing/caching, and the irony of having a man-in-the-middle between you and the trustless network.
It may be worth noting that all the crypto projects compete with each other and consider the others flawed, so it may be unfair to judge the whole sphere by some examples.
There are people who would say everything besides Bitcoin is a shitcoin atm. I personally am leaning towards that stance, although I wish the energy issue could be resolved.
I don't see why NFTs could not simply be "colored coins" on the Bitcoin blockchain?
As for people running servers, I think what matters is the option to run a server if you want to. In EMail most use servers by the big players, but people can also run their own servers.
It reminds me a bit of the counterargument to open source, that "nobody reads the code" - no, but some people can read the code, and if they would find something fishy, they would announce it to the world and hopefully even the nocoder users would be informed. It is still about trust, but people have a choice whom to trust.
Please don't HN take threads on generic-indignant tangents. This one has been repeated so often, we definitely don't need it again, regardless of which side anyone's one.
> Please don't HN take threads on generic-indignant tangents
It's an idea and topic that's directly referenced in the actual article. I'm having trouble thinking Moxie was referring to anything but cryptocurrency as pyramid scheme theory or why would they use such language?
I mean, yeah, nobody that buys cryptocurrencies expects to buy goods with it, only to sell it to someone else for more money down the road.
A decade ago there was at least Silk Road and similar, offering something tangible in exchange for cryptocurrencies, now the best you can get is a half-assed El Salvador experiment with too many issues to list (but to give two examples, imagine not being able to pay for stuff because AWS's US-East-1 went down, or waking up as a "millionaire" because the app had an integer overflow).
By definition something with a finite supply cannot be a pyramid scheme, in fact in most cases there are no parallels whatsoever to crypto and pyramid schemes. There are some pyramid schemes within the shitcoin scam and yield farmer communities, but to think that's represents the industry is highly ignorant.
Poorly worded on my part, I meant
> as long as new investors contribute new funds, and as long as most of the investors do not demand full repayment and still believe in the non-existent assets they are purported to own.
As mentioned this happens a lot with shitcoins and yield farmers, its rather easy to setup, but is not indicative of the industry, and the main source to blame for this misconception is the media, because you certainly cannot justify it if you understood the technology.
> Poorly worded on my part, I meant > as long as new investors contribute new funds, and as long as most of the investors do not demand full repayment and still believe in the non-existent assets they are purported to own.
Isn't this just saying "something can't be a pyramid scheme unless it has already collapsed"?
Whereas the argument being made is that looking like a pyramid scheme is something that tells you something about the future likelihood of collapse.
(I think there's also an interesting dynamic that's not explored much here about "finite supply" - unless/until every coin except for one or a small handful collapse, it seems like "crypto" as a whole is subject to inflationary pressure from new coins. Would BTC be worth more in USD terms if ETH didn't exist?)
It just sounds like Bitcoin to me. The proponents tell me how much it's worth and you're stupid to not want to invest. A few get rich and the rest are left poorer than what they started with. Moxie used the phrase, "gold rush" in this essay, and it's fitting for cryptocurrency itself as far as I can tell.
I'm poor, (but not stupid, thank you!), but I've only seen crypto being used as payment for prostitution. Which, hey if that works, good on 'em, I support the idea of safe, legal sex work.
I think if you're invested in a pyramid scheme, it's not easy to admit such.
I have to relate this to the whole Allison Mack/NXIVM pyramid scheme.
Funny that we still don't know who the mythical "Satoshi Nakamoto" is. Seems pretty cultish to me, but believe what you wanna believe. To me that's a pretty big red flag. But I'm super into people calling me stupid so have at it.
Wow that's might be an record for worst analogy ever. A cult needs a figurehead and leader which is the exact opposite of this technology is trying to accomplish, here a suggestion, don't use the word "believe", it's technology, go read the white paper and the science behind it.
> After a few days, without warning or explanation, the NFT I made was removed from OpenSea (an NFT marketplace)
Then
> What I found most interesting, though, is that after OpenSea removed my NFT, it also no longer appeared in any crypto wallet on my device. This is web3, though, how is that possible?
How indeed:
> You don’t own “web3.”
> The VCs and their LPs do. It will never escape their incentives. It’s ultimately a centralized entity with a different label.
With the greatest respect, I disagree with this reading of the parent’s comment. It doesn’t seem particularly inflammatory to me? Or at least enough to warrant this call out…
It’s expressing a strong view yes, not necessarily one I disagree or agree with
(I don’t know enough on the topic yet to take a view), but this doesn’t seem to blatantly break the guidelines.
If it wasn’t for the superb track record for what I view as quite impartial moderation on HN, I’d worry that the mention of “VC” here was a trigger for moderation…!
You started from the article and headed straight for a highly repetitive flamewar trope. That's just what we're trying to avoid.
Would you mind reviewing https://news.ycombinator.com/newsguidelines.html and taking the intended spirit of this site more to heart? You unfortunately have a history of violating it, and we're trying for at least a slightly better quality of discussion here.
I have to disagree like others are doing. There was nothing wrong with that comment. I've avoided this entire post so far because after reading the entire article, I was left with a distinct "huh, this looks like a pyramid scheme run by idiots and that may even include somebody I previously respected", which is pretty much what NFTs and most of digital cryptocurrency are.
The comment consists of "This", "Then", and "how indeed", followed by the biggest recent inflammatory tweet on the topic. That is not an interesting or substantive comment. Many users in this thread have posted far more substantive things. HN is for that, not this.
I think the thing that swings it for me is that I wasn’t previously aware of Jack Dorsey’s view on Web 3 and while I don’t share his extreme position on it, I did find this comment useful and informative as a result, especially given Jack’s very unique position and viewpoint in the industry.
Is linking to an inflammatory tweet the same as posting a directly inflammatory comment?
I still think the comment was acceptable. Not the most substantive, but not deserving of moderation.
I know it’s a very fine line to tread. But I come to HN to read all viewpoints - even those that might be on the outer edges.
I agree that the comment might have seemed more interesting if you hadn't seen that tweet before, but that's an illusion for several reasons. First, the tweet has been repeated often enough to have achieved informational heat death (I get that you hadn't seen it, but that's an anomaly); second, it plays on a tedious flamewar trope in its own right; third, the comment didn't add any information.
Over the weekend I spent a bunch of time looking into web3 and I've come to the conclusion that effectively, this entire thing is a bujnch of clown cars and we're not obliged to provide comments that provide information (IE, it's not even worth the effort explaining why everything about web3 is a pyramid scheme/sham run by cryptobros). I'll generally try to avoid even commenting on such threads, but just be aware: large swaths of HN think this is dangerously bad stuff. My guess is HN wants to promote these conversations because Y-combinator invested in cryptocurrencies and wants to hype demand.
You are obliged to post better comments, no matter how little you feel you owe 'clown cars' or whatever, because you owe this community better if you're participating in it.
The idea on HN is: if you have a substantive point, make it thoughtfully; if not, please don't comment until you do.
Btw, that has nothing to do with YC investments. It just has to do with trying to have an internet forum that doesn't suck and doesn't burn itself to a crisp. That's our job here and it's hard enough already without piling something extraneous on top.
Re Dang: straight from your link, "Please don't post shallow dismissals, especially of other people's work. A good critical comment teaches us something."
Personally, I found the comment insightful. I don't have all the time in the world to sit and pick something apart. Make no mistake, the smart tl;dr of HN are what gives HN any kind of value. Without that, may as well just use RSS and Reddit. I'm already subscribed to Moxie, came to HN to see what intelligent people have to say about it given that I am no longer a Signal user, and am anti-cryptocurrency in its current iteration, but pro-decentralization, which makes Moxie quite an interesting choice for me to want to actively follow the thoughts of as we feel differently about many important topics.
There is no binary black or white to be established with abstract, complex topics like these.
If it was any kind of bait, it was bait to discuss further. That the whole USP of Web3 is supposedly ownership and anti-censorship, and what's happening appears to be opposite is definitely something we should be discussing.
What's the point of comments on HN if we can't use them to discuss? It's a commentary on somebody's opinion—with opinions.
Perhaps if you don't like opinion pieces then you should simply ban them via these rules? I think HN's content might end up a little thin on the ground in that scenario though.
Worth noting is what "guidelines" actually are, they're not rules. If you would like them to be enforced as rules, and expect people to treat them as such, start calling them rules or ToS. But in that case, expect far less interest in HN if you aren't going to permit open discussion.
Have a good weekend, Dang. Hope you and yours are healthy and happy.
If you’ve been a reader here for a long time, you should focus on being a better writer. The best HN commenters write for the community as much as for themselves.
The fact of the matter is, web3 is a new phenomenon that isn’t going away. HN deserves good discussion on the topic. “Good” doesn’t mean “positive.” It means substantive — make a critique with substance. Say something that hasn’t been said countless times.
As a web3 skeptic, Marlinspike has still been quick to outfit Signal with a privileged 'house cryptocurrency', MobileCoin, whose value-appreciation-with-usage will accrue to favored projects. That's web3, too!
The author’s argument is definitely not nuanced, but a a straw man and a false dichotomy.
“Web3 is not 100% decentralised, so it’s not really legit.”
Web3 or crypto never intended to be 100% decentralised and it is impossible to be so. There will also be dapps among the 100,000 dapps that have a centralized component.
Every percent decentralisation is good, be it 1%, 5%, 50% or 90% and we are in the high double digits in very many areas.
It’s 2022, 14 years after the invention of Bitcoin, and hacker news still doesn’t get crypto, one can only shake their head.
But hacker news be like “Muh, I want to be a boomer and my brain is not able to learn new things, so it’s a scam.”
> People don’t want to run their own servers, and never will.
I just wrote an article about this — what's really new about web3 is the incentives not the tech.
> People don’t want to run servers. It’s okay for markets to specialize and service providers to receive economies of scale.
> Email is a decentralized protocol, and customer behavior shows people just want to click and have things work, like Gmail.
> What’s important is ensuring protocols stay competitive.
> Federated servers following a decentralized blockchain with layers of competitive protocols for storing data, with semi-interoperable apps built on top, seem like a pretty workable solution.
> Forcing everything P2P will be painful; there’s a reason the Cloud exists. Offline apps are great, and P2P app architecture is great, but expecting users to run P2P nodes is a losing battle. Some power users and volunteers will run nodes, but most will use a 3rd party. It’s better to accept this reality, minimize trust and make it competitive as possible.
It's the best thing I've ever written, if you're into this kind of thing I hope you check it out.
Disintermediating Network Effects for Fun and Profit, How to prevent Web3 from ending up like Web2
What he says about NFTs is embarrassing, lmao. I've personally never bought them myself but I am enthusiastic about blockchain tech. Is there really no commitment saved for an art work? You would think this was basic shit. Maybe there is more than one NFT protocol?
He also has a good point about centralization in 'blockchain oracle' services. In major wallets I've often seen them just make calls to blockchain / TX lookup services -- no cryptographic proofs there (though in theory easy to add with 'spv proofs'?) I also like that he went as far as to make two dapps before critiquing it. This is one of the better criticisms of 'web3' out there.
I don't think what he says about OpenSea being better as a 'centralized' service is valid. Most of his critiques for the downside of blockchain-tech seem to be Ethereum-specific. For example, Solana transactions are blazingly fast, low-cost, and there are nice stable coins on there. OpenSea seems like it would be 'better' if it were an actual cryptographic protocol. Maybe link it with IPFS + Filecoin.
If you're going to comment, please focus on specific, interesting things in the article that you're curious about.
Please don't post generic, shallow, obvious, indignant, and/or dismissive comments—those are repetitive and predictable, we've had more than enough of them, they're tedious, not what this site is for, and we don't need more.
https://news.ycombinator.com/newsguidelines.html