I continue to think that /the/ critical problem with web3 as pitched is that users cannot be trusted to maintain private keys in the long run. Either the keys need to be in HSMs and easy to rotate (à la Urbit's identity-as-NFT scheme) or you need a social/institutional escape hatch when the cold logic of cryptography fails you so you're not completely hosed. Maybe you need both.
Definitely users cannot be trusted with private keys. Why? Because when I worked at Google on the Play Store I learned that even sophisticated developers cannot be trusted with their app’s publishing key. How could the end user ever be trusted with something similar?
The article, and possibly a lot of Web3 discussions/posts, seems to confound two subjects, one that many of us can understand and support, and another that seems dominated by die-hard fans looking for problems that match their favourite solution:
1. Use choice, independence, and sovereignty, and
2. Crypto, in the coin-and-NFT sense (sorry, I'm old, that's not what crypto used to mean, I'd like to revert, get offa my lawn)
The second has been discussed on HN and elsewhere, well, if not to death, then to near-death. Of it no more herein.
The first, though, is a really interesting topic. We do not need "web3 crypto" to get decentralized privacy respecting user first systems, but if the conversation around "web3 crypto" gets us closer to these things, then, please, converse!
(Cynically, perhaps, I think the article is an attempt to link 1 and 2 to make 2 a solution for 1. Manipulative, perhaps. Underhanded, perhaps. Desperate, perhaps. But if it starts us talking more about 1, great!)
Web 2 was a set of features on top of web 1, which gave room for the existing features to catch up ever so slightly to flash, activx and java applets. Instead of largely static pages with some interactive content, the entire page itself became interactive, without many of the drawbacks of plugins. Anyone could see the magic the first time they saw gmail or facebook or whatever load content without reloading the entire page.
Web3 brings features that are only surfaced to users indirectly... just implementation details, really.
Do cryptocoin escrow services count as Web3 / dApps? From what I understand they're some sort of multisig or smart contract thing to avoid the possibility of the operator disappearing with your bits. And well users must interact with them somehow, which I'd think implies something that counts as a UI.
