Crypto is really hard. You have to trust that whoever implemented the crypto is smart and diligent, and you have to trust that whoever operates the crypto is smart and diligent, and you have to trust both of those parties.
Centralization means that it's very easy to trust that whoever implements and operates the crypto is smart. Do I trust them? I don't know. I trust myself, but I don't think I am independently capable of operating or implementing crypto - if I want to make assertions like "this is end-to-end-encrypted" and ensure those assertions remain true, I will need a several million dollar a year budget, at a minimum. "Decentralized" means you've got tons of endpoints that need securing, and they can share crypto implementations, but the operations are duplicated. Which means it's more expensive, and you're trusting more operators, especially if you want resiliency.
Yes, something like Signal or Whatsapp means you've got a single point of failure, but something like Matrix, you've got many points of failure and depending on how it's configured every point of failure can allow a different party to break the confidentiality of the system.
Decentralization is great for resiliency but it actively works against reliable and confidential message delivery.
It's always very easy to trust as long as you're allowed to be mistaken in your trust. That's literally how people fall for all kinds of things, including wars, advertising, etc. It's much harder to fool all the people all the time, than corrupt some of the people (the ones in charge) all the time:
The mistake Moxie makes (and you do as well, you should really click on the links I posted to understand why)
is that "no one wants to run a server". In fact, an entire industry of professional "hosting companies" exists for Wordpress, Magento, etc. It's a free market of hosting.
You can't trust the software they're hosting, that's true. Which is why we have things like Subresource Integrity on the Web, IPFS, and many other ways to ensure that the thing you're loading is in fact bit-for-bit the same as the thing that was just audited by 3 different agencies, and battle-tested over time.
Think UniSwap. I'd rather trust UniSwap with a million dollars than Binance. I know exactly what UniSwap will do, both because it's been audited and because it's been battle-tested with billions of dollars. No amount of "trust me bro" will make me trust Binance to that extent. The key is "Smart contract factories":
In short, when you decouple the infrastructure layer (people running ethereum nodes) from the app layer (the smart contracts) all of a sudden you can have, for the first time in human history, code you can trust. And again, there is a separation of responsibilities: one group of people runs nodes, another group of people writes smart contracts, another group audits them, another makes front-end interfaces on IPFS, etc. etc. And they all can get paid, permissionlessly and trustlessly.
Look at Internet Computer canisters, for instance. Or the TON network smart contracts. There are may examples besides slow clunky blockchains today.
What do web3 and crypto moneys have anything to do with the discussion?
Decentralized protocols have existed for a very long time. Email have existed since the 70s. Telephone is also arguably decentralized and have existed for even longer.
The technology has potential to be decentralized, but telephones were famously considered a "natural monopoly" and ended up centralized under Ma Bell.
Government split Ma Bell into multiple smaller pieces, but they still operated as a cartel and kept prices high. They had centralized telephone switchboard operators etc.
It is only when authors of decentralized file-sharing networks like Kazaa (who built them to get around yet another government-enforced centralized regime of Intellectual Property, RIAA, MPAA etc.) went clean did we get Skype, and other Voice over IP consumer products. And seemingly overnight, the prices dropped to zero and we got packed-switched networks over dumb hubs, that anyone can run.
That's the key. We need to relegate these centralized platforms (X, Meta, etc.) into glorified hubs running nodes and earning some crypto, akin to IPFS nodes earning filecoin, or BitTorrent nodes earning BTT, etc.
You are not answering my main concern. Again, you snick in crypto into the discussion. Why?
We have decentralized stuff. Email, xmpp, matrix, the fediverse, all this works without this web3/crypto stuff. Those things are not perfect, including their decentralized aspect (sometimes to the point of doubting that decentralization really works well, although I personally think decentralization is a good thing).
I didn't downvote you but I suspect this is exactly why you are being downvoted. Since you asked. Many of us just think cryptos and this web3 stuff is bullshit and gets mentioned totally off topic without any convincing link to the discussion every single time.
> Many people on HN silently downvote anything that has to do with crypto and decentralization.
I primarily downvote them because I haven't seen anything come out of that space that seems like it's remotely capable of actually achieving decentralization (for which I also see a dire need in today's structure of the Internet and the applications running on it).
95% of the time, these things are built as a Potemkin village of technical decentralization backed up by complete administrative centralization, with the path to actual decentralization "very high on our public roadmap available here, we promise!!!"
I wish the downvote button would require at least a private message to the person of why they are being downvoted. (Upvote could have an optional message).
Otherwise it's the most toxic feature on HN as it promotes extreme groupthink activism.
A public message seems better. There's zero accountability in private messages - you can just smash your keyboard. You can't leave such a message if it's public.
Crypto is really hard. You have to trust that whoever implemented the crypto is smart and diligent, and you have to trust that whoever operates the crypto is smart and diligent, and you have to trust both of those parties.
Centralization means that it's very easy to trust that whoever implements and operates the crypto is smart. Do I trust them? I don't know. I trust myself, but I don't think I am independently capable of operating or implementing crypto - if I want to make assertions like "this is end-to-end-encrypted" and ensure those assertions remain true, I will need a several million dollar a year budget, at a minimum. "Decentralized" means you've got tons of endpoints that need securing, and they can share crypto implementations, but the operations are duplicated. Which means it's more expensive, and you're trusting more operators, especially if you want resiliency.
Yes, something like Signal or Whatsapp means you've got a single point of failure, but something like Matrix, you've got many points of failure and depending on how it's configured every point of failure can allow a different party to break the confidentiality of the system.
Decentralization is great for resiliency but it actively works against reliable and confidential message delivery.
It's always very easy to trust as long as you're allowed to be mistaken in your trust. That's literally how people fall for all kinds of things, including wars, advertising, etc. It's much harder to fool all the people all the time, than corrupt some of the people (the ones in charge) all the time:
https://www.npr.org/sections/parallels/2014/04/02/297839429/...
The mistake Moxie makes (and you do as well, you should really click on the links I posted to understand why)
is that "no one wants to run a server". In fact, an entire industry of professional "hosting companies" exists for Wordpress, Magento, etc. It's a free market of hosting.
You can't trust the software they're hosting, that's true. Which is why we have things like Subresource Integrity on the Web, IPFS, and many other ways to ensure that the thing you're loading is in fact bit-for-bit the same as the thing that was just audited by 3 different agencies, and battle-tested over time.
Think UniSwap. I'd rather trust UniSwap with a million dollars than Binance. I know exactly what UniSwap will do, both because it's been audited and because it's been battle-tested with billions of dollars. No amount of "trust me bro" will make me trust Binance to that extent. The key is "Smart contract factories":
https://community.intercoin.app/t/intercoin-smart-contract-s...
In short, when you decouple the infrastructure layer (people running ethereum nodes) from the app layer (the smart contracts) all of a sudden you can have, for the first time in human history, code you can trust. And again, there is a separation of responsibilities: one group of people runs nodes, another group of people writes smart contracts, another group audits them, another makes front-end interfaces on IPFS, etc. etc. And they all can get paid, permissionlessly and trustlessly.
Look at Internet Computer canisters, for instance. Or the TON network smart contracts. There are may examples besides slow clunky blockchains today.
What do web3 and crypto moneys have anything to do with the discussion?
Decentralized protocols have existed for a very long time. Email have existed since the 70s. Telephone is also arguably decentralized and have existed for even longer.
The technology has potential to be decentralized, but telephones were famously considered a "natural monopoly" and ended up centralized under Ma Bell.
Government split Ma Bell into multiple smaller pieces, but they still operated as a cartel and kept prices high. They had centralized telephone switchboard operators etc.
It is only when authors of decentralized file-sharing networks like Kazaa (who built them to get around yet another government-enforced centralized regime of Intellectual Property, RIAA, MPAA etc.) went clean did we get Skype, and other Voice over IP consumer products. And seemingly overnight, the prices dropped to zero and we got packed-switched networks over dumb hubs, that anyone can run.
That's the key. We need to relegate these centralized platforms (X, Meta, etc.) into glorified hubs running nodes and earning some crypto, akin to IPFS nodes earning filecoin, or BitTorrent nodes earning BTT, etc.
Everything centralized gets enshittified
Clay Shirky gave a talk abot this in 2005: https://www.ted.com/talks/clay_shirky_institutions_vs_collab...
And Cory Doctorow recently: https://doctorow.medium.com/https-pluralistic-net-2024-04-04...
> and earning some crypto
You are not answering my main concern. Again, you snick in crypto into the discussion. Why?
We have decentralized stuff. Email, xmpp, matrix, the fediverse, all this works without this web3/crypto stuff. Those things are not perfect, including their decentralized aspect (sometimes to the point of doubting that decentralization really works well, although I personally think decentralization is a good thing).
I didn't downvote you but I suspect this is exactly why you are being downvoted. Since you asked. Many of us just think cryptos and this web3 stuff is bullshit and gets mentioned totally off topic without any convincing link to the discussion every single time.
7 replies →
> Many people on HN silently downvote anything that has to do with crypto and decentralization.
I primarily downvote them because I haven't seen anything come out of that space that seems like it's remotely capable of actually achieving decentralization (for which I also see a dire need in today's structure of the Internet and the applications running on it).
95% of the time, these things are built as a Potemkin village of technical decentralization backed up by complete administrative centralization, with the path to actual decentralization "very high on our public roadmap available here, we promise!!!"
I downvoted for whataboutism
I respect someone who downvotes and explains why.
I wish the downvote button would require at least a private message to the person of why they are being downvoted. (Upvote could have an optional message).
Otherwise it's the most toxic feature on HN as it promotes extreme groupthink activism.
A public message seems better. There's zero accountability in private messages - you can just smash your keyboard. You can't leave such a message if it's public.