To me the most damning part of the article is:
> These critiques are usually unmoored to anything actually happening in the blockchain space, and unaware of the technological development and cultural vision. This bifurcation is extremely harmful for the health of the emerging technologies: these technologies are not going to go away, so if your only answer is dismissal and anger, you’re actually just ceding the power to decide what these technologies will look like in our world. This pattern of discourse creates a negative-sum feedback loop that does a disservice to all.
Quite frankly, if web3 really was all its cracked up to be, enthusiasists wouldn't be so offended anytime someone "didn't get it". After all, if it really was gold, they would be too busy making cool things and the results would speak for themselves.
As the author says, those who ignore something ceede power to those who show up. But why would the people who show up be so offended that people are giving them power? If it was actually valuable wouldn't they want it for themselves?
Every time someone criticizes cryptocurrency, its always the same refrain: people are wrong to be negative. All the bad vibes will turn your heart black, etc. That's what cults say, not what people with viable tech say.
True. In reality the "bad vibes" are just folks trying to find a consensus on where this technology belongs- if you can't communicate the benefits of the tech in a convincing way, it's not everyone else's fault.
Kelsey Hightower @kelseyhightower, Jan 2, 2022
What else is there to discuss?
And once a critical mass of people have adopted said technology, it becomes too easy for those in control to shift the blame onto the millions of functionally satisfied adopters when looking for solutions to the negative externalities that don't directly affect those adopters.
Bitcoin has stalled in development so I don’t think it will ever change, Ethereum has been talking about moving to extremely low energy Proof of Stake for years (hopefully will happen soon).
Almost all the other major blockchains available - Polkadot, algorand, Tezos, NEAR, Solana, Cardano - are proof of stake, or similar extremely low energy consumption blockchains.
The environmental criticism of blockchain is therefore going the way of the dodo. There are many valid criticisms of blockchain but the energy consumption criticism is about to be technologically outdated. It will age like milk.
The only significant project using it is really Ethereum, and like I said, they have long promised to move on but have apparently gotten into a lot of technical trouble doing it, but they are still dead set on doing it.
Maybe. But right now PoW block chains have most of the marketshare. The environment concern is not a new one, maybe it will become spoiled milk one day, but so far it seems like the milk has had an incredibly long shelf life.
Join discussions where draft standards are being ratified or tabled.
There isn't really a world where any of this goes away, so the voyeuristic and quizzical approach doesn't work, there is a world where updates push it in a more relatable direction. That might be the biggest pill for cynics to swallow, that there is no convincing them thats going to happen and they’ll wind up contributing to its resiliency anyway.
There's no reason for me to hang out with them, they can come to me if they want my attention. I don't come to HN for blockchain evangelism, but this is a tech forum and blockchain is tech so if an article comes up I will engage with what I am presented with.
> There isn't really a world where any of this goes away, so the voyeuristic and quizzical approach doesn't work
I don't think it goes away, but I don't see it really going anywhere else than where it already is. Cryptocurrency is synonymous with "speculation" in terms of what is actually happening in the real world. I have no doubt we might see bitcoin and alts continue to rise in price as the ecosystem continues to do everything it can to amplify the hype, but at the end of the day, blockchain "web3" will never take off because the masses have no interest in using cryptocurrency, they just enjoy trading it on coinbase and robinhood like it's a stock - web3 has nothing to offer those people.
Why not? Technologies rise and fall in unpredictable ways. I'll admit that there is a lot of energy to web3 - its not a minor passing fad. However that's still a long way from being inevitable.
Honestly, whole thing reminds me of how communism is going to "bury us".
The main answer is that these concepts dont go away and will continue even in a world without ubiquitous internet as making a couple computers communicate doesnt go away.
I see the same kind of, history is on our side so we can't fail, attitude here.
And you're right, the "idea" of a blockchain isn't going to be forgotten anymore then the idea of the internet would be. However that doesn't mean web3 is going to succede in its rather undefined vision. It would be like saying the internet won't be forgotten and extrapolating facebook's future stock price.
Or to use a digital cash analogy. The idea of digicash was not forgotten, but yet it still went under.
This isnt as simple as the LA Mayor’s response as mentioned in the above article, where he basically said “we’ll live our lives not bothering each other instead”, as we are all capitalists here there is alot of alpha. The alpha is built in seamlessly to your contributions, if you build. If you build you exercise a sentiment towards a world you want to exist, even if the technology stack does not allow it to succeed. And yet you make enough money. So you make enough money working on something you believe in. If the possibility of the technology being the limitation is your issue with it, then just call it entertainment. The entertainment industry, and that has unambiguous value too.
For example many developers are enthusiastic about a specific blockchain technology and unenthusiastic about the others.
Consider also the difference between someone who researches the formal specification and verification of smart contracts, vs someone who tweets dank memes of babydoge to Elon Musk. They’re completely different people with unaligned interests.
If you choose to lump them together and react only to people peddling hype, then what you’ve really done is fooled yourself into aligning with the hype peddler and unaligning yourself with the researcher, by choosing the reverse vector of the peddler.
I mean, if I'm dismissing it, it means that I don't believe that anything meaningful could come out of it, doesn't it? At that point, why "power to decide what these technologies will look like in our world" should have any role in my decision process?
> these technologies are not going to go away
There are a lot of harmful, useless, irrelevant, etc. technologies which won't go away. So this wouldn't be surprising. But if someone is trying to articulate that these technologies will create a revolution of some sorts, most people will need better convincing.
Show me the value, where's the ??? value!
The point is that nobody knows what the future tools of the internet will be, they can only see trends and act on those. Most are probably stupid and most will probably be useless, but innovation will inevitably happen. Its fine if you think places like facebook can have the metaverse to themselves, just like it is fine for people to think they shouldn't.
Facebook doesn't need to build it all themselves, they just have to make the platform that everyone else will want to build on, just like what all of the current tech giants have done for the past 20 years. The idea isn't about chasing trends (or even something specific like a "metaverse"), it is seeing where innovation in happening and hopefully avoiding further concentration of power in the future of the internet.
one reason there are so many blockchains is because they are all taking different development approaches and tradeoffs.
I thought the whole idea was it is "distributed" and non centralized. If big evil company takes over, can't you just fork? If it really was decentralized, why would i care about the direction the central commitee takes?
Somehow the web3/crypto etc discussions tend to vastly overestimate the role of technology vs the role of societal choices.
This is decentralized root naming system. This is one of the most practical use of a blockchain where all records need to be public and verifiable. No need to depend on icann and registry owners for having a tld which you own.
This is membership protocol powered by nft. People can buy a nft and then for authorization, service provider can check whether the wallet has the nft and is valid. This way, nobody controls your membership and you can move them around the web as you like.
They are all connected to a wallet you control.
Permanent storage using incentives and built on the idea of storage getting cheaper. Of course, this may not scale but I like the potential.
This is what Namecoin tried to do using the Bitcoin blockchain ten years ago without success. This gets reinvented about every year on top of every new blockchain, and none of these implementations have proven useful yet.
The main problem is that speculators become domain squatters, and buy all the popular domain names with the hope that they go up in price.
almost as if the existing structures, as flawed as they are, were created for a reason.
This is the worst part about any web3 project.
Though, there are some differences between namecoin, ens, and handshake.
Handshake lets you register the TLD while ens, namecoin, etc are limited to domain on a single TLD. The potential number of combination of domain + tld is enormous comparatively.
Secondly, handshake doesn't release all TLD at once. They are released slowly to stop speculators from gobbling up the initial supply.
I do agree speculation is a huge problem which happens in normal ICANN world as well. So nothing to miss except I can own the TLD for which I don't need to pay over 200k USD with chance of getting rejected from ICANN and ongoing cost.
I like the geo-libertarian approach to this. Said squatters should need to keep paying the market value of the resource in rent to remain in control of it. Thus removing the benefit of just squatting and require you to provide additional value on top of being the current owner to not lose money.
Should we let a bunch of black hats purchase google.com if they can extract more value from it than Google can (and are therefore willing to pay more for it than Google)?
a) On black hats, and presumably the risk of being tricked. Perhaps this is an orthogonal problem to who controls the name. Then again it might not.
b) On who the name is valuable for. You hint at there being a public interest in who controls the name. The free market response would be that in theory if the black hats can extract more value its because the invisible hand provides that value to the public in unforeseen ways. Or it may be that we just exchange one rent extractor for another, in which case perhaps the public should be more directly involved in the value assignment. A democratically governed central authority is one approach, another might be a more direct decentralised trust/value assessment towards a particular assignment
c) On bidding. I can see different approaches but to avoid a takeover situation a bid would probably have to binding over some significant time making it implausible for a takeover to be profitable unless the calculated return can be sustained.
Who is the boogey-man trying to control your site memberships? The site operator? I highly doubt this system is robust against site operators trying to "moderate" you, but supppse it was, why would they sign up for it?
For an ecosystem originally built on keen insights on how to mix tech with incentive structures, web3 seems to have thrown that all out the window and replaced it with wishful thinking.
People use centralized platforms like patreon for memberships. They can kick you off and you will lose all your subscribers. Your patrons will lose access as well. That is what unlock tries to solve.
The membership data is stored on the blockchain publicly which everyone has equal access to. You can prove you own a particular nft stored on the blockchain by signing using your private key. So even if all data is public, authorization is secure and reliable.
I mean i guess, but you could also just back up your subscribers list.
Let's say, I want to provide special benefit to people who own membership on hackernews.
In the model where this data is public, I can query the wallet of people to check for HN nft and provide special discount or perks.
If this membership data was privately backed up, I cannot do that.
It fits nicely into the blockchain model, imo.
Subscriber owns the membership and can prove to the service provider.
Service provider has access to the membership and can check the validity.
How will you provide your "perks" if either you or your members have been kicked off the platform where those perks made sense in the first place?
With this use-case you're describing - all you have is a list of wallets that were at some point relevant to you in some way. This is the equivalent of maintaining a mailing list. Why does any of this require a distributed ledger? What problem does this solve exactly?
> "Subscriber owns the membership and can prove to the service provider. Service provider has access to the membership and can check the validity."
How is this any different than signing up with an email-address as a username?
I'm not the one providing HN membership. That would be YC but I as a third party can verify whether someone has a valid HN membership and provide them perks based on their membership. That is the problem a distributed ledger solves. The data is public and usable by any service provider.
To verify you have a HN account (membership) today, a service provider need to build something like keybase. That is complicated and will be different for each service.
That is the problem unlock-protocol "solves". It defines the protocol for managing these memberships. To create, verify, deploy, etc.
You need some way to pay for membership without a middleman. This is solved by cryptocurrency part of the blockchain these nfts are stored on.
Memberships are also more complicated than a list of email addresses. They can be transferred, expired, and change depending on the action of the user. For example, some provider want their memberships to be reduced to half when transferred.
This is the part smart contracts solve.
What's wrong with plain old digital signatures in this contrived scenario. If for some reason this was desired, hn signs an assertion that so and so is a member. Person presents this assertion as neccesary. No blockchain required.
Memorizing hn's public key is no more hard than memorizing what their nft is.
I suppose you'll say transfering memberships. If hn is onboard with the transfer they could just issue a new signed assertion. So the only use case is if you want to transfer ownership against the service provider's will. But how does blockchain solve that? Unless i missed some great advance in zkp, all transfers are public on the blockchain, and service providers can trace the transfers and not recognize transfers they don't like.
> They can be transferred, expired, and change depending on the action of the user. For example, some provider want their memberships to be reduced to half when transferred.
What's a real world example of someone wanting something like this? I can't think of any.
Blockchain isn't required for this part and I answered why not certificates in this thread elsewhere. The simple reason is, wallet based authentication & authorization is more mainstream than pgp today. You also need to pay for memberships and that can be done through the same wallet. Arguably better UX.
> If hn is onboard with the transfer they could just issue a new signed assertion. So the only use case is if you want to transfer ownership against the service provider's will. But how does blockchain solve that?
Indeed. That's the point of storing membership data on blockchain. The user and community can go against the service provider. Think of freenode transfer a while ago, if the identity, moderation, ownership of channels, etc data was stored on the blockchain and controlled by the user. The community could migrate to another IRC service which fetched data from the blockchain and each user could get the same account they had on freenode by verifying they owned that data.
Check out other commenter on the same thread too.
This is the one of the most "damning with faint praise" comments I have seen this year.
So what, the killer feature is its UI isn't as shit as the program world famous for having a shit UI
Besides if that is your metric, JWTs are definitely more mainstream than blockchain stuff.
>Think of freenode transfer a while ago, if the identity, moderation, ownership of channels, etc data was stored on the blockchain and controlled by the user. The community could migrate to another IRC service which fetched data from the blockchain and each user could get the same account they had on freenode by verifying they owned that data.
Kind of hard to have a secret cabal channel if membership is public. Does this mean to ban someone from a channel you need to pay a transaction fee? That sounds fun from a channel op perspective.
No, they need at-best a small subset of what OAuth offers. OAuth is already distributed in that sense. It's a standard protocol which accounts for this exact scenario. This is a solved problem today.
It's not different than "login with Google"/"login with Apple".
> "You need some way to pay for membership without a middleman. This is solved by cryptocurrency part of the blockchain these nfts are stored on."
What does this sentence even mean? Your membership costs are on a per-service basis, and they are tied to each service you want to pay for. Different services have different costs.
This could make some sense if services wanted to get paid with Bitcoin, but ironically enough - the Bitcoin must be converted to USD at some point down the chain?
> "Memberships are also more complicated than a list of email addresses. They can be transferred, expired, and change depending on the action of the user."
Sure, but wtf does the blockchain have anything to do with this? You're free to have an account with any service and manage it as you wish on an individual per-service basis.
It's the problem delegated auth (OAuth, etc.) already solved.
> You need some way to pay for membership without a middleman. This is solved by cryptocurrency part of the blockchain these nfts are stored on.
But... it's not, because a system that relies on a distributed network of middlemen isn't “without a middleman”.
> Memberships are also more complicated than a list of email addresses. They can be transferred, expired, and change depending on the action of the user. For example, some provider want their memberships to be reduced to half when transferred.
Smart contracts just add complication; this is trivially solved internally in centralized membership systems.
AuthN is one of the few use cases where having a public shared database/blockchain and users authenticate using their private keys works out better in some respects because the alternative is to depend on a centralized user database owned by a private company (eg Facebook). What happens on all of the sites you used Facebook login on, if your Facebook account gets suspended?
> This is membership protocol powered by nft. […]
How is this preferable to just having the client generate a local private key and authenticating using public key cryptography?
That data is stored on blockchain vs having a centralized database. Refer to an earlier comment for why having it public is useful.
As for why people didn't use certificates till now, I don't know. I know they use wallet connect more which operates on the same principle but with existing adoption.
Really though, I am not sure what problem is being solved here. Why do we need this in the first place? What is the attack scenario we are trying to address?
> Permanent storage using incentives and built on the idea of storage getting cheaper. […]
How does this compare to existing implementations of the same idea such as STORJ?
The service provider sure does. They can just decide to not let you use the service.
also, my post is on arweave, one of the cryptoeconomic data availability layers mentioned on the post:
> The ENS token contract is token.ensdao.eth: 0xC18360217D8F7Ab5e7c516566761Ea12Ce7F9D72
> Double check the website URL and contract address to avoid scams.
> Users have until May 4th, 2022 to claim their tokens, after which any remaining tokens will be sent to the DAO treasury.
Yeah of course.
Is it me or this links to some JSON?
More info on the ENS Governance page: https://docs.ens.domains/v/governance/process
that wasn't my point. my point is that this technology shows no sign of slowing down, so by just angrily and reflexively dismissing it critics are throwing away an opportunity to make real, constructive criticism like Moxie did here at a time when it could make the most impact.
The people like me who really need your communications are starving for it. People who are already bought in and want quality content aren't getting much. This is a risk to the long term adoption of crypto.
My sources are few. I get a few crumbs on /ethfinance, and some nice nuggets from this thread, but there's just so much crap and snark to wade through it's almost not worth it.
What are the killer apps that are built on top of the web3 stack? Most I saw are not very killer... Or decentralized. I would expect, if this all is great as they say, that people tell me 'oh, you are using platform X?? Did you know that's fully web3?'. I tried things and they all are... not good... expensive or obvious money grabs. And when I ask around, even though 'entire twitter' seems to be building web3 apps, people only send the same ones; how can that be? Maybe it's my echo chamber; I don't follow many blockchain things.
Light clients are a great example. They are only efficient compared to running a full node yourself. The computation and time is still far below relying on a platform to do it for you.
But this example misses the more general point that protocols always evolve more slowly than platforms.
It's not really a good example. Platforms aren't in competition with layer 3 network protocols. The examples Moxie gave were layer 7 application protocols.
I wonder if the quality of conversations around this subject were improved if similarly to conflicts of interest declared by scientific paper authors, each public critic or supporter of web3 would disclose whether they are currently financially invested in 'crypto'. For outsiders it's harder to tell apart hacker/geek types from speculators and lurkers (not that there couldn't be an overlap). The fact that this article mentions there exist much fewer Ethereum nodes than "Ethereum nerds" may suggest that the non-technical group controls the public discourse and expectations.
On the other hand, if you encounter primarily spammers, speculators, and scammers, you’ll just get garbage (similar to anti-blockchain grifters that repeat the same “blockchain is a ponzi pyramid earth-burning scam” garbage repeatedly)
Props to builders like the OP, Moxie, and Vitalik for building and sharing. And to podcasts like Bankless for creating venues for communication from builders. I'd love to find a "Builders" cryptocurrency podcast.
This is excellent, listening to the Flashbots interview now: https://zeroknowledge.fm/168-2/ (urls dont have podcast title)
The "Zero-Knowledge Proofs Starter Pack" section is most up my alley. I read "Zero Knowledge Proofs: An illustrated primer by Matthew Green" about a year ago so am starting by re-reading this. https://blog.cryptographyengineering.com/2014/11/27/zero-kno...
Any other articles more like the intro section? The rest of the article lost me quickly, not beyond my ability but would take me 10x reading through and multiple days.
Re-posting the part I loved here in case others want to read:
Zero-knowledge proofs are advantageous in a myriad of application, including:
1) Proving statement on private data:
Person A has more than X in his bank account
In the last year, a bank did not transact with an entity Y
Matching DNA without revealing full DNA
One has a credit score higher than Z
2) Anonymous authorization:
Proving that requester R has right to access web-site’s restricted area without revealing its identity (e.g., login, password)
Prove that one is from the list of allowed countries/states without revealing from which one exactly
Prove that one owns a monthly pass to a subway/metro without revealing card’s id
3) Anonymous payments:
Payment with full detachment from any kind of identity [Ben+14]
Paying taxes without revealing one’s earnings
4) Outsourcing computation:
Outsource an expensive computation and validate that the result is correct without redoing the execution; it opens up a category of trustless computing
Changing a blockchain model from everyone computes the same to one party computes and everyone verifies
I thought web3 was about to be about AI running the world, 5G mind control and IoT everywhere, now I hear it‘s about blockchain.
Blockchain supporters stole a word once (crypto), now they’re trying to steal web3.
I am disappointed.
By the way, the largest academic cryptography group, IACR, was founded by people who were working on cryptocurrency before they founded it.
This is extremely misleading. IACR was proposed by David Chaum in 1982, a year before his first paper on ecash, and its first board members in 1983 included Whitfield Diffie (who had not done any work on payments) among others. Chaum's ecash ideas look nothing like "cryptocurrency" as it exists today, nor do any of the ideas presented in subsequent research on the topic.
The person you replied to correctly pointed out that "crypto" was coopted by the blockchain space and is now being used to mean any number of distributed systems technologies. I have seen people wearing t-shirts saying things like "crypto means cryptography" and making jokes about reclaiming "blockchain" to refer to block chaining modes at various cryptography conferences (many organized by IACR) over the past decade. Moxie was right when he quipped that the "crypto" spaec involves very limited use of actual cryptography.
leading research in the field is being done by blockchain companies. you don't have to believe me, try reading ePrint. cryptocurrency people lead the research in zk proof systems and more. the idea that the crypto space doesn't use cryptography is absolutely laughable
Meanwhile, academic and (non-blockchain) industry researchers have been pushing the state of the art in every subfield within cryptography, ZKPs included. Big companies have been deploying MPC as a means of addressing privacy concerns and regulation, and the cryptographers working on that (full disclosure: I am one of them) have been pretty active in publishing their work. Academic researchers have further advanced the results and addressed the problems raised by industry researchers, sometimes breathing new life into almost-forgotten lines of research (like set intersection protocols).
So sure, I can grant you that there has been some interesting work on cryptography within the blockchain space, but it is not nearly as exciting and significant as you suggest. I actually have a lot of respect for the ZCash team, whose work really is top-notch and who I see (or saw pre-COVID) at high-quality conferences like CRYPTO and RWC. On the other hand they are a small and very unique team within both the blockchain ecosystem and the cryptography research community, and their research work is only nominally related to blockchains (it is inspired by an application that did not even require a blockchain in the first place). Beyond the ZCash and a few other groups with serious cryptographers the blockchain space is a desert in terms of interesting cryptography.
This is untrue, I see far more work on the permissionless setting (including formalizing definitions) than on the permissioned setting on ePrint. This includes respected cryptographers Like Elaine Shi, Rafael Pass, Silvio Micali, Andrew Miller, Aggelos Kiayas, and more.
> Meanwhile, academic and (non-blockchain) industry researchers have been pushing the state of the art in every subfield within cryptography, ZKPs included. Big companies have been deploying MPC as a means of addressing privacy concerns and regulation, and the cryptographers working on that (full disclosure: I am one of them) have been pretty active in publishing their work
While cryptography is certainly a much bigger than zkps, it is also absolutely true that, for the metric of “deployable protocols”, the pace of zkp innovation has far outstripped the pace of MPC innovation over the past few years. I say this as a cryptographer with a bunch of non-zkSNARK papers; my general-purpose zkSNARK work has been deployed, adopted, and obsoleted in the span of ~2yrs, all while my MPC work in the same span hasn’t inched towards deployment (despite being sufficiently practical for deployment), and follow up work has provided only marginal improvements.
> Beyond the ZCash and a few other groups with serious cryptographers the blockchain space is a desert in terms of interesting cryptography.
That’s incorrect. Beyond ZKPs, there’s been blockchain-inspired-and-funded work on Verifiable Delay Functions, threshold signatures, signature aggregation, anonymous gossip networks, fuzzy variants of PIR, functional commitment schemes, set accumulators, coding theory, and more.
I have not seen ZKP innovation outstrip MPC innovations at all. In the past decade I have seen a rapid expansion of research in MPC following both a strong push by DARPA and growing interest among large tech companies and banks. There has been a revival of interest in set-intersection protocols and related functionalities, a lot of impressive work in garbled circuits and other generic protocols that have greatly reduced their resource requirements, machine learning applications, and various other ongoing lines of work. At worst I would say that ZKP and MPC research have been roughly equal in terms of the pace of innovation, which should surprise no one as the two topics have strong connections.
Moreover, while there is certainly a lot of ZK research being published year after year, most of it has nothing to do with blockchains and is not coming from anything related to blockchains. There are plenty of academic researchers publishing ZK work, and I still see lots of industry ZK research that has nothing to do with blockchain. The same is true of all the other topics you mentioned -- some blockchain-inspired work here and there, but a lot more research from elsewhere.
Sorry to hear that your MPC work has not made it into production, but maybe that is because it is not as practical as you claim. Personally I like to say that the only test of "practicality" that matters is whether or not it is useful in a real-world application. Obviously your SNARK work cleared that bar, which is great but does not really say much about the pace of innovation. I can say that most of my published research at this point has been put into production -- an equally meaningless statement since I have been working for a big tech company for a long time, and the research I have published in that time has all been the result of work I did to address various privacy and security problems that company faces. My judgement of where the innovation is happening is based on the research I am seeing people present at various conferences. Maybe I am looking in the wrong places, and there is actually a whole world of cryptography conferences where people are excited about blockchain work?
I see a whole new wave of fouls about to lose their money to ponzi schemes and over-hyped "investments", much like it happened with the bitcoin/crypto train.
Just write NFT or crypto in Youtube and you immediately see all the sharks promising you millions in their videos, trying to manipulate you into investing - don't read the comments though, it's even worse. I see a lot of red flags and trouble for nothing. I hold crypto assets so I'm not talking out of my but here - I must confess; I've had no real benefits yet from this new tech. The crypto I hold is because one of my products has crypto as a payment method so I decided to just hold a piece of it and try to make use of "new tech".
Proof-of-personhood a la BrightID is something that governments could theoretically provide, but most don't, and even if they did, there are serious privacy and interoperability concerns. SaaS companies trying to provide a free trial can prevent abuse by verifying unique personhood using web3 tech without needing to ask for any more information about the user. I'm sure you can think of other applications for that tech. Even if every government in the world provided this service, everyone who wants to use it either has to implement 195 different APIs or fork over money to a cottage industry whose sole job it is to unify those APIs.
Finance and commerce on blockchains has a lot of real-world benefits that traditional finance can't or refuses to provide. You can't easily set up a 3-of-5 multisig for your photography club in traditional finance. A lot of normal people have their payments blocked or funds frozen in TradFi for arbitrary reasons. Sex workers get kicked off of platforms all the time, and a friend recently had their PayPal frozen while raising funds for a school reunion party.
I'm not super into NFTs personally, but I can see them having a use case as a more consumer-friendly business model for gacha games and games with similar mechanics. There are probably other promising applications that I just don't know about because I don't follow that space very closely.
A trial is usually backed by a financial instrument. Usually that financial instrument is a credit card. A credit card can be uniquely identified, and so if you really are concerned about trial reuse, you can check reuse of the credit card, and that gets you pretty far. Folks can use prepaid cards, but you can also block those, which isn't totally unreasonable when you are talking about a subscription-- and a lot of subscription services do block them. Is it indefeatable? No. Is it good enough? Yeah actually. So why do I need to replace the concept of a credit card with an entirely new type of financial instrument that most users (especially non-technical users) don't have or understand?
I think the vast majority of reflexive dismissals of crypto tech have two themes in common: "if the technology doesn't satisfy this use case, or the UX is not perfect yet, then surely there is no way to fix that and we should discard the whole idea;" and "why use this decentralized solution when we can use this centralized one which, in many cases, doesn't work as well?"
I've reached my weekly budget on the amount of time I want to spend explaining this tech online, but maybe consider if problems you see are truly insurmountable, or if you are simply uncomfortable with the idea of an economic layer that is actually open to build on.
Granted, take care of yourself! I hope you feel no obligation or attack in my line of questioning, and perhaps others can fill in here if they are active over the weekend.
> SaaS just seemed relevant to the audience here, but there are a lot of applications which want to limit one account per natural person, not just SaaS. For example, social networks want to prevent astroturfing, and video games want to prevent cheaters from ban-evasion
That's true, so then I wonder what stops someone from farming these identities and selling them?
> I think the vast majority of reflexive dismissals of crypto tech have two themes in common: "if the technology doesn't satisfy this use case, or the UX is not perfect yet, then surely there is no way to fix that and we should discard the whole idea;"
The main issue for me is that quite often existing well-known problems are tackled with this new hammer that ostensibly offers no real benefit on top of solutions we already have. This is not true of all applications of blockchain technology, but it's clear that there is not a strong case that it is as generally applicable as a movement like "web3" would suggest.
> and "why use this decentralized solution when we can use this centralized one which, in many cases, doesn't work as well?"
It's just not clear that this is the case.
It feels wrong to me that building financial apps for public good basically requires creating a capital class and handing over profits and control to them. Will VCs fund another Kickstarter or Open Collective?
I got into crypto because I realized the things I actually wanted to build I could basically only do so using crypto. (Also, watching myself earn interest every 15 seconds was just incredibly cool.) Granted, that was in 2018, and prices are a lot higher now, and so is the level of grifting and hype. A stronger layer of psychological self-defence is warranted both from people in the space and outside of it.
Anyway, the short answer to your question is that the time cost of Zoom verification will in many cases deter low-level and botting fraud, but Zoom verification overall is a stopgap to bootstrap the network, and over the long term applications will require users to be verified by a few of their IRL F&F (and Zoom parties can be used to connect their social network to the rest of the graph.)
Building on the blockchain does not indemnify you from following the relevant laws. You mention also Visa's rules, which also mostly tend to be based on the relevant laws (though there are exceptions, like their restrictions on adult content).
> It feels wrong to me that building financial apps for public good basically requires creating a capital class and handing over profits and control to them
The amount of "financial apps for public good" being made are exceedingly few. Acting like the apps being made by "web3" companies just want to faciliate trade for underserved populations with no gain to themselves is perhaps disingenous. Yeah sure if you are one person it might be easier to build an app to allow folks to send money to each other when you build it on a cryptocurrency, but is it easier or have you ignored all the ways nefarious people will use your app to do things that are absolutely something that should be stopped? Is that better than gatekeeping these apps for those who can manage these sort of protections?
> I got into crypto because I realized the things I actually wanted to build I could basically only do so using crypto. (Also, watching myself earn interest every 15 seconds was just incredibly cool.)
Hey, if you want to build some financial apps, that's great. Go forth! But it is not "web3". I will say that I don't think of earning interest in real time as anywhere near as "cool" as literally any other aspect of technology/engineering I can think of. And I don't feel compelled to enable that feeling you had in everyone else either.
> prices are a lot higher now, and so is the level of grifting and hype
The prices are a lot higher because of the hype, not the other way around. In fact, the prices are above zero because of the hype. To be clear, that is not to say the hype isn't warranted, but I think it's important to have the ordering clear.
> Anyway, the short answer to your question is that the time cost of Zoom verification will in many cases deter low-level and botting fraud, but Zoom verification overall is a stopgap to bootstrap the network, and over the long term applications will require users to be verified by a few of their IRL F&F (and Zoom parties can be used to connect their social network to the rest of the graph.)
The time cost of Zoom verification will deter individuals from performing it, but not specialists who do it on individuals' behalf. I could imagine starting a business solely to participate in these Zoom calls, generate identities, and then pass the credentials for one or more of those identities to anyone who puts up the ETH. Since I have to assume it's not just the same people in every one of these Zoom calls, I have no doubt you could send the same "seemingly unique" person to many of them and get a new set of credentials for each one, and then sell those off like anything else. Given how things like Spotify botting and phone farming are actually happening, this will be compromised in no time, just like all the previous prevention techniques have been.
> but Zoom verification overall is a stopgap to bootstrap the network ... over the long term applications will require users to be verified by a few of their IRL F&F (and Zoom parties can be used to connect their social network to the rest of the graph.)
Even after the stopgap is stopped and the network is strapped and booted, is someone without a network of "acceptable" social contacts not worthy of being able to participate in this ecosystem? So folks who do not want to divulge their social contacts literally cannot participate? This seems like one of the core audiences of decentralized privacy-conscious technologies, and yet they could not participate without (publically?) divulging personal information.
You are right. The relevant laws apply to money service operators and blockchain software developers, in most cases, are not money service operators. Software developers, in most societies, cannot be deputized to enforce particular uses or non-uses of their software.
> have you ignored all the ways nefarious people will use your app to do things that are absolutely something that should be stopped?
I think freedom to transact is as valuable as freedom to access information (uncensored, using Tor) and freedom to communicate (securely, using E2E.) In fact, the latter two freedoms boil down to the former. If you disagree, you are correct to not like DeFi.
> And I don't feel compelled to enable that feeling you had in everyone else either.
I know you don't, but I wanted to share the first time using a blockchain tech was more pleasant than using its traditional counterpart for me. Trying to convince people that "blockchains are useful" is not very compelling either. It's not my job, but I can spend hours on it with no benefit to me.
> So folks who do not want to divulge their social contacts literally cannot participate?
You are right that Zoom verification is a low level of verification. On BrightID today, you can be verified by a friend without having to divulge the identity of yourself or your friend to any blockchain, any application, or any other person in your social network. Using zero-knowledge proofs, the entire anonymous network graph can be hidden as well.
In addition, the only apps they cannot use are those which require anti-Sybil guarantees. Is "has 3 friends who will vouch for you" too high of a bar compared to "qualifies for and has a credit card"? If it is, is it bad to have the former as an option for those who cannot reach the latter?
ETA: government/institutional ID verification is a valid BrightID graph node as well, for institutions/individuals/applications which choose to use it.
i think you're in for a rude awakening if you believe that, especially if you are financially benefitting or are advertising the software is useful for the prescribed purpose.
For example, people who sell malware get arrested all the time. People who run naspster got sued off their ass.
My question: What about BrightID stops you from verifying and creating multiple identities by simply joining these Zoom-based verification parties multiple times? If someone does that, what's to stop someone from then providing those multiple identities to other people?
Beyond that its all minor fixes and applications that are mildly interesting at best. So yeah, very little innovation, but please enlighten me if i missed something.
The result of these efforts is that ZKPs have gone from a academic curiosity to widely productionized tech. this stuff is beyond the wildest dreams of people like David Chaum.
David Chaum dreamed about a world where electronic payments could be anonymous and secure, but the demand was not there and his startup never took off. "Blockchain" sucked most of the oxygen out of the room when it comes to further work on ecash, which is unfortunate given that even the most technically complex ecash proposals were overwhelmingly more efficient than any blockchain-based payment tech ever could be. For what it's worth, the most recent ecash proposals also advanced the research on NIZKs and ZKPs more generally (it is actually hard to avoid some kind of NIZK in a system that supports offline payments) and had ecash been deployed more widely we probably would have seen at least as much research and productionization activity as we see in the blockchain space.
On the other hand, blockchain research has struggled with a foundational question that does not present a problem for any of the technology I mentioned above: how to properly define security. Especially in the permissionless setting the effort on defining security has been unconvincing so far, requiring a very stretched approach to formalizing computational resources that is hard to actually map onto a real-world application. Satoshi did not start with a well-defined problem he was trying to solve with Bitcoin, and such an approach -- clearly identifying the problem you are actually trying to solve and verifying that the definition is logically consistent and realistic -- is exceedingly rare in the blockchain space, while in mainstream cryptography research it is a de facto requirement. So while blockchain tech has not experienced a spectacular failure due to some theoretical shortcomings, the theory itself is not well developed compared to the theory of cryptography in general (including ecash, which can be rigorously defined and proposed systems can be proved to satisfy the definition).
Furthermore, the MPC deployments you speak of are rather small-scale, there have been no deployments of general-purpose MPC beyond maybe the sugar beets auction.
As for zerocash, the last time I looked into it what I saw were a set of security definitions that assume a reliable ledger of some kind; whether or not that ledger is implemented using a blockchain at all is not addressed in the theoretical work. The practical deployment relied on Bitcoin, but since Bitcoin security is not well-defined (or at least not convincingly defined) that makes the rest of the security argument dubious. As far as I know Zexe has the same problem: yes, the security definition is much stronger, but they do not address the realization of the ledger functionality itself and thus any real-world deployment that relies on e.g. Bitcoin, or really any permissionless blockchain, has the same theoretical shortcomings. Ultimately the permissionless setting itself is the problem; zerocoin could be implemented using a ledger managed by a trusted party, and it would achieve its security goals without those theoretical problems.
I should also be clear that when I say ecash does not share this problem, it is because ecash has a well-defined security model and all functionalities needed to realize an ecash system also have well-defined security. We can instantiate ecash using any of the security assumptions we commonly use for digital signatures, and in theory ecash can be instantiated from MPC (by using a generic MPC protocol to implement a blind signature, then using the blind signature to implement ecash), which itself can be instantiated with standard cryptographic assumptions. So ecash has a security definition that is as well-defined as a cryptographic security definition can be.
Re: MPC deployments, the point about deploying general-purpose MPC is that it’s a much more complex task than specialized protocols. That’s why I specified general-purpose zkps; we already have ubiquitous deployments of specialized zkps (I.e. digital signatures). And maybe your project indeed has a large scale MPC deployment, that’s awesome. Doesn’t take away from the fact that cryptocurrencies are pushing zkp innovation at unprecedented rates.
Engineering effort is not what holds back the deployment of generic MPC protocols. Those protocols are just too expensive to run in the majority of real-world MPC applications. Even special-purpose protocols are sometimes too resource-intensive to be deployed. I do not see that situation changing without a radically different approach to generic protocols. I also do not understand what is so uniquely exciting about deploying a generic ZKP or MPC protocol. If it works in a giving setting and no special-purpose construction could be used, great, but it is not some kind of badge of honor.
As for Zerocash, you had originally said that blockchains are where we can finding the largest deployments of non-trivial ZKPs, which is why I pointed out that Zerocash and its followup work do not really involve "blockchains" beyond a particular instantiation of a ledger. If the construction can be implemented without any blockchain at all -- which the authors of the original paper took the time to point out -- then I do not see how any of the research on ZKPs motivated by Zerocash and its followup work supports your claim at all. You are saying that Zerocash is actually ecash, which kind of makes my point for me: we are not actually talking about something in the "blockchain space."
(Also, I have a somewhat controversial view that NIZKs and signatures are not actually "zero knowledge," since the verifier obviously cannot compute a NIZK or signature without receiving a message from the prover/signer and thus gains knowledge when it does receive those strings. Not that it matters in any way for this conversation, since the value of innovation in NIZKs or ZKSNARKs is not in doubt, but I did want to mention that signatures are a poor example of real-world deployments of ZKPs.)
Looking through the CRYPTO'21 and EUROCRYPT'21 conferences, there is only one session between them involving "blockchain" and it is not even dedicated to the topic (it also includes papers related to law enforcement and privacy).
This may be hard for blockchain enthusiasts to hear, but it is not really a hot topic among cryptographers. There was a bit of interest a few years ago as people tried to figure out if any good security definitions can be developed, and the results were not very convincing. Beyond that almost all the academic interest in block chains has focused on the "permissioned" setting where security can be defined in a meaningful and useful way.
So, yes, "crypto means cryptography" and "blockchain" should refer to block cipher chaining modes.
This is really refreshing.
Critics are unmoored? This technology is inevitable?
I don't believe that's true. It seems to me that it might find a niche in the corner of the Internet and eventually be forgotten by all but the most ardent followers.
Many countries are banning cryptocurrencies for many of the reasons critics have been rightfully skeptical. I can't imagine why that trend will stop.
How many times has china banned bitcoin now, 20?
Guess what else they banned:
Lying implies wilful deception.
Instead what ALL providers will eventually do is implement moderation. And they will do so because (a) they will be legally required to and (b) it makes users happy. And unless the spec can address this requirement Web3 isn't really going to scale.
And we've already seen such moderation with OpenSea so this isn't some contrived situation.
It isn't trying to force all servers to return an identical response like Web3 is.
my point is that the purpose of the security architecture proposed in the article is to authenticate data from the chain. this is a protocol-level detail: like TLS secures transport between a client and a server, light clients authenticate data between a validator set and a user. whether a particular person or group decides to use such a protocol, or if they decide to censor data, is a separate concern.
Then call it just that: blockchain space.
I think because the 'web' part of web3 needs to be attached to this idea of blockchain and distributed ledger to give it a sense of fairness and legitimacy.
I'm not saying blockchain or distributed ledgers are bad, I know way too little about that to judge it accurately.
It's just that the name 'web3' irks me a lot. Maybe it has something to do with the 'web 2.0' that promised golden mountains, but eventually just F'd everybody in the A.
Just add another number to the name and all the sh1t is forgotten, it seems. Here's a blank screen for you all, please start painting the same pictures.
"Web 3.0" should be indeed be about decentralization-- but more in the sense of building applications that take advantage of the enhanced client abilities and de-emphasize central control. The colloqiual term is the "Fediverse". The modern web has brought about offline support (ServiceWorker), multi-processing (Web Workers), local capabilities (Filesystem API, local/DB storage, peripheral APIs) interprocess communication (Broadcast Channels), peer to peer (via disinterested party HTTP/WebSockets coordination), verifiable privacy via encryption, backend server federation (see Mastodon, Matrix, diaspora, PeerTube, etc).
Web 3.0 already exists, we just hadn't named it yet, but there's so much more there to be built.
Also, a large number of projects utilize TheGraph (GraphQL indexer for specific protocol/DApps). These are run by teams or out-sourced to the lowest cost service provider (staking pools, etc). re: https://thegraph.com/hosted-service/subgraph
If you are interested in using/rolling your own RPC infrastructure, here are the minimal JSON RPC methods required to support most DApps: https://github.com/sambacha/minimal-jsonrpc-dapp-methods
The real bottleneck is reliance on web browser extensions (namely Chrome's V2, which this January is depreciated and no longer accepting new submissions.) for providing safe key management.
Another example is having to poll for RPC updates.
That's the idea.
The reality however is that will never happen unless both Apple and Google are fully signed up to Web3 and incorporate the clients as part of the OS.
And I don't see a single reason why they would do that when it would compromise their billion dollar payment revenue streams.
But this idea that it would be a persistently connected service running in the background on your phone. That's a completely different story.
Is there some benefit to users from OS integration eventually? ie "Pay With Ethereum" in the same way Apple Pay / Google Pay / NFC works, does that benefit from running a light client?
Sure, maybe the incentives aren't there because Apple wants Apple Pay money but whoever does implement it will make their device more useful.
No thank you, though your body and your choice.
Simpler to just change the metamask RPC provider to something I trust or even my home node. Is more difficult to change full-bodied web3 apps which rely on specific data graphs.
- download a hash-sized state root every block
- download the set of validator signatures over that hash and verify each signature against the hash. if using aggregation-friendly curve, download the aggregate signature and verify it against the root.
- for each state fragment, download the merkle uncles and compute the root hash and verify that it is the same as that signed off by the validator set.
so yes, easily within resource limits for having them running all the time with near zero impact. Find My has comparable impact.