As an engineer, I feel like this single post helped me better understand Web3 and how it worked under the hood better than any of the heavily hyped Discord and Twitter announcements of new projects over the past year.
It's interesting how tightly coupled Metamask is to all of the other big crypto / NFT marketplaces. Feels like the "distributed web" portion of it has just been an over-exaggeration all along.
> Feels like the "distributed web" portion of it has just been an over-exaggeration all along.
It has, but only a small portion of people with the engineering skills to recognize knew it. Those profiting off it hyped it, and those not either called it a scam or stayed out of the fray.
This somewhat reminds me of reading IPFS documentation (which is fucking excellent BTW) and realizing the same thing: nobody is going to run their own pinning service and Piñata is the only one they mention by name which means it’ll be the platform everyone (to a first approximation) will use.
The lack of a a few "chains" though means an ephemeral node might actually not suck though.
Put another way, even IPFS nodes that for all intents and purposes are "clients" can still speak the same protocal to talk to the pinning service.
The single-ish central chain idea was always terrible. "Trustless" or not, that much synchronization is a misfeature! The real world really is partial-order time/causality, that is a feature not a bug.
I make content. I put it on IPFS. I pin it to Piñata because my laptop isn’t on all the time. Piñata decides my content isn’t acceptable and removes it. You can’t access my content. Not a problem?
With torrents people actually participate. Piñata should not be viewed as the "database of record", but as a something that complements the desktop at home.
I understand that is still not satisfactory.
I think the real goal is to find institutional users who are not interested in a profit. For example I am involved with https://nlnet.nl/project/SoftwareHeritage-P2P/. Software Heritage would be not a high bandwidth pinner, but a pinner of last resort. Universities were very important to the original internet, and should also host public data sets, software artifact, and hopefully if Sci Hub prevails the journal articles themselves.
None of that is a pinning service, but if it catches on the big cloud companies might feel compelled to get into the pinning service game, if only so they can get those university and government contracts! The current cloud computing business as a racket, but them offering support for a protocol that reduces switching costs might make for some real competition.
Basically "web2" problems are Captialism problems, and the stuff needs to become a low-margin business or state-run not-for profit to be better. There is no secret magic short cut, it is a political problem. SV is of course completely uninterested in low-margin businesses. The regular web3 will have a hard time being anything but a Ponzi scheme per its design, but IPFS itself at least doesn't have those characteristics baked in, and so these alternative futures are possible.
Naw, there’s also naive optimists which are similar but distinct from gullible fools. Kind of half and half. They know exactly what they're doing for half the equation.
And that's one of Moxie's points: how exactly is web3 supposed to be avoiding the centralization that occurred on the web, when it's already at that point.
The fact that a problem exists doesn't mean it can't be solved, but any solution which does not go deep enough to address why Ethereum nodes are centralized is simply hype.
It’s not the same as web2. These web3 frontends don’t have moats or lock-in like Facebook or Google, because they don’t actually control the data. The data they serve is all from public ledgers. You can switch off of Infura in a second by changing your RPC url.
Github relies on a distributed storage architecture (local git repositories on developers' machines) and in theory anyone can take a project from github and duplicate it on gitlab etc. In reality nobody bothers and a project hosted on github will remain exclusively hosted on github and nowhere else, and likewise with other git hosting services. For the most part nobody cares if the data is hosted on a distributed system or a centralized one, because the overwhelming majority of users will rely on the front end. Changing RPC urls is not as easy as you might think, especially for systems that are widely deployed and have heterogenous clients (which in theory would be the case if Web3 ever took off, which I personally doubt).
People do bother. I don't have specific examples off the top of my head, but I've occasionally run into an read-only GitHub repo that's been moved to Gitea or GitLab, or even BitBucket.
More broadly speaking, it's important that you can migrate, even if you don't actually do it, because users who can easily churn give the developers an incentive to keep the UX solid. If you can just leave GitHub at any time, then they're less likely to add gigantic banner ads to every page, or bundle "third party offers" into installers - they know what happened to SourceForge, after all.
The barrier to hosting your own email is that you'll spend a day configuring everything, and a year later, the big providers will slightly change a spam detection algorithm, your mail won't be delivered, you won't know, and there will be bad consequences for you.
The barrier to changing your git origin is spending five minutes setting up an account and repo somewhere else. Everything will work absolutely fine, you'll still have all your git history, you'll just be slightly less discoverable and some potential contributors might not want to create an account.
I keep my projects on GitHub for discoverability and the reputation provided by stars, whatever that's worth. So essentially network effects.
The reality is if I'm looking for a library to solve a problem, I'm much more likely to use one from GH with 1000 stars than a random self-hosted GitLab with 50. I would like to not feel that way, but I suspect many others do as well. It would be nice if we at least had a decentralized reaction/reputation system.
Is there an analog to this with the services Moxie talked about? Sincere question, I'm not familiar with the ecosystem at all.
The closest attempt I can think of is status wallets token ranking for dapps. You could burn your tokens to say if you liked something in their listings and that would rank it for others. The issue they hit is when the lists got popular (in like 2018-19) vc funded projects just bought up the supplies of tokens and burnt them to get their project rated higher. So basically Sybil attack and they became unreliable.
It’s the same problem across all decentralised protocols, if it’s cheap to say something you get spam(see email) but introducing costs can just skew it to those who can afford to spam instead (essentially those with an advertising budget).
So there’s been a lot of research on proof of personhood (BrightID/ideas/proofofhumanity) to add Sybil resistance mechanisms so we can do 1p1v across the network. They’re working ok, but the next big step is adding zkproofs so we can anonymise the voting (which is needed to prevent collusion) which clrfund and sismo are working on.
Kleros have an interesting curated register protocol, which seems to work on small scales. Some groups are using it to token rank guy issues to prioritise work and get feedback.
The status blog has some interesting writing around these ideas over the past few years https://status.im/research/
And, as the article suggests, if there is some new feature that Github can enable (integration of git commits with an issue tracker or CI/CD integration come to mind), that will happen in a vendor-specific way on Github, not in the Git protocol. So, then you immediately move back to the world of platforms.
Few people bother because every git commit is cryptographically signed and every git repo is inherently replicated. It doesn’t matter if you use a centralized service or not as long as you can rely on SHA1 (and sha256 is coming…) Git is almost the ur-blockchain in this respect, hardly an argument for centralization.
The web3 frontends appear to be in the same place that Chrome is: yes, technically you can always switch to another browser, but if Chrome decides to boycott a new feature, it will never exist as a practical matter. If Chrome blocks a website, it will be as though it doesn't exist for most people. That in theory it still does doesn't change anything. What makes OpenSea different than Chrome in this respect?
The problem is that they control distribution – the only thing that matters. You don't need to own the data if you own the eyeballs/mindshare.
For example: Spotify doesn't own any music copyrights, yet they own 32% of the music streaming market. The second best is Apple at 16% ... which also doesn't own any of the music.
It's a little different than Spotify. Spotify still controls the means of distribution while the data sources for "web3" are public/decentralised (in most but not all cases). Rather I'd compare it to Google Search and AMP. The data is still accessible and there are alternatives (manually routing to the sites themselves or using other search engines) however the main path to the data is gatekept by a centralised source (Google) which is routing all the requests through their servers (AMP) instead of using the underlying protocol.
It's still a severe issue but it's a much simpler solution to simply build competitors for a tool accessing an open platform than it is to build a new platform entirely.
Yes, web2 incumbents control data and they control distribution. I agree with you there!
aside; sometimes I feel like I’m taking crazy pills because for the last decade or so on HN we’ve been talking about how Big Tech has monopoly control over everything, how they’ve destroyed privacy and monetized eyeballs and engagement to the fullest. And now that a potential decentralized competitor is emerging, the kneejerk reaction is “why not just keep using <monopolistic centralized surveillance ad platform>”?
(I understand why, cryptocurrency is the whipping boy of the week, and it’s full of scammers, I get it! But I’m not going to pretend I’m happy with the existing crop of centralized services.)
Do you actually think blockchain tech is remotely competitive with the big platforms? Blockchain payment systems have had more than a decade to become popular and still are not even remotely competitive with the big payment processors. Most of the world will only read about "Web3" on some news site or blog, then ignore it because it does not even come close to meeting their needs.
Consider how many people post something on Facebook in a single day, and now consider what it would take if each post had to be replicated across tens of thousands of independently operated systems. Big tech companies scale in large part because of their centralization, which allows them to coordinate large numbers of physical machines to efficiently provide service to their users. You may not like the ads-centric business model but on a purely technical level it is pretty clear that the big tech companies have a big advantage in terms of operating their infrastructure, and overcoming that advantage is not going to be easy for any distributed system.
I personally prefer to focus on mitigating/preventing abuses by a central authority/component of a system, which almost always results in a far more efficient and reliable solution that trying to eliminating all centralization.
> Do you actually think blockchain tech is remotely competitive with the big platforms?
Right now? Absolutely not, web3 is pure jank right now. I’m just trying to see where the puck is headed.
> I personally prefer to focus on mitigating/preventing abuses by a central authority/component of a system, which almost always results in a far more efficient and reliable solution that trying to eliminating all centralization.
How do you do this? How do you take Facebook to task? The only entity that comes anywhere close is France maybe and those fines are just a slap on the wrist.
I was referring to technical solutions, not fines or regulatory measures. For example, before Bitcoin cryptographers published a mountain of research on designing secure and anonymous electronic payments, but relied on a central bank that issued and redeemed the money. The bank was constrained mathematically so that it could not link user transactions, unless some subset of users had cheated in some way (double spending). So there was a central party but certain forms of abuse were impossible, and those systems were overwhelmingly more efficient than Bitcoin or even a proof-of-stake approach ever could be (this is because transactions are "truly" peer-to-peer, meaning that only two parties do any work at all when a payment is made or when money is withdrawn from or deposited with the bank; moreover the work required to perform transactions amounts to verifying a few signatures/NIZKs). Another example is the use of oblivious RAM for secure cloud storage, which both protects user data and ensures that "most" of the access pattern (everything but the number blocks of data a user has accessed) remains private. There are also many examples of real-world deployments of secure multiparty computation that limit abuse by large/centralized parties in various ways while still allowing those parties to operate and even expand their business (without having to collect more user data than they already collect).
> “why not just keep using <monopolistic centralized surveillance ad platform>”?
The question, for me, is actually "how is this any different than <monopolistic centralized surveillance ad platform>”?
Because I still remember high school and how every single one of these monopolistic centralized platforms sold itself to me as "Come to us, we represent a new free and open society unencumbered by stodgy authorities!".
You know, the exact same rhetoric these new web3/crypto companies are selling. Sounds like Animal Farm all over again to my skeptic ears.
Remember when Twitter was the future of decentralized discourse free of government tyranny where you can organize political protests free of oversight and manipulation from your local govt? Hell it's a big part of why arab spring worked!
>> The question, for me, is actually "how is this any different than <monopolistic centralized surveillance ad platform>”?
You can send a transaction from A -> B using Bitcoin (or another cryptocurrency) without it being censored by any government. Can they see your transaction? Yes. In that case, use Monero (or the upcoming Railgun). Comparing crypto to any of the above is quite a stretch.
Twitter may have failed in it's promise, but right now, crypto/blockchains/web is a massive improvement. They may not be perfect, but they are trending in the correct direction. Like the parent post, it's shocking to me the 180 that HN has done in this regard.
> Like the parent post, it's shocking to me the 180 that HN has done in this regard.
Is it all of HN that's changed, or just this thread? There are probably a lot of ppl commenting on this article that don't bother to comment (or maybe even read) many other web3 related articles.
> "Come to us, we represent a new free and open society unencumbered by stodgy authorities!".
I don't pay a lot of attention to the complaints, so I could be wrong, but it seems like when ppl complain about Twitter they're just as likely to complain about them being too unencumbered as they are about them restricting too much.
End consumers don't care and that will always dictate adoption.
Also because people are complaining - doesn't mean that this specific implementation of decentralisation is the right one and that's why it gets so much pushback. A mere difference of opinion, but mostly because parties who claim to work in the name of decentralisation are there to grab the cash and push the narrative that it is actually to relief the society of evil organisations - so far its rather about wealth re-distribution as usual...
The web3 providers mentioned are the most popular, but they do not control distribution. That's the whole point. Anyone can distribute the data on the blockchain with no clear legal repercussions unlike with music where you will get sued for distributing music without permission.
A counter example here might be Twitter and Facebook. You can export all your data just fine, but it’s useless anywhere else. Because the reason you’re on Twitter/Facebook is that everyone else is there. They own the distribution of your connections making the data itself useless without them.
True, you can export your Twitter data, but a competitor to Twitter cannot access the entire set of user data that Twitter has access to.
The real differentiator is that with Web3, the data is open, so providing an alternative is as simple as providing an alternative front-end.
What threatens the promise of Web3 are the issues that this article brings up, with decentralized projects not being able to iterate as quickly as centralized ones, leading to proprietary elements becoming the standard for some aspects of widely used Web3 technologies (like NFTs) and establishing a moat for the centralized platform that owns that element.
> but a competitor to Twitter cannot access the entire set of user data that Twitter has access to.
True, but they could make it very easy for users to transfer all their data, which makes it possible if they could convince everyone to do it mass. So the real problem is that it's not realistic to convince everyone to move; the network effect is too strong.
AFAICT, OpenSea et al have the same first mover/network advantage. The record on the chain of a url "belonging" to someone has approximately zero utility without the edifice they've built on top
How does this handle data schemas? Perhaps I’m thinking too much of an RDBMS schema but for Twitter for example. If decentra-Twitter stores my data in some schema (say a hard-coded “pinned tweet” column that only supports one) then is everyone else stuck with that forever? Or could they extend that to include, say, multiple pinned tweets?
I don't have the experience with smart contract development to have an informed opinion on this.
My guess would be that others could extend the protocol, but the challenge would be to get the extension widely adopted.
For example, ERC20 is the primary token transfer protocol on Ethereum, and there are various new token transfer protocols that are supersets of ERC20, and add useful new functionality, but they have not yet gained the widespread adoption to become useful the way vanilla ERC20 is.
You’re still relying on one central server though because of the fundamental problem OP laid out: the blockchain is designed for servers, not clients. There is no API inherent to any chain and thus one must be grafted over it by a web server. Things will tend toward one or two companies because those will be the ones who can afford to run such services and then they will have funding to create more features and better documentation and do dev evangelism and you know the rest. Just look what happened already once OpenSea removed his NFT.
While in theory you could change your RPC URL, in practice what difference would it make? At least IPFS offers some form of integrity checking through its generated hash. But there's no way to say, for example, that I karrot_kream at time T fetched a URL pointed to by NFT N with contents C. As demonstrated by Moxie's changing NFT and eventual deletion by OpenSea, who _knows_ what will happen to it? It's possible to at least build cryptographic attestations of fetching a particular NFT (and even maybe placing this attestation on-chain, to have some NFT "provenance" going on) but there's really not that much work going into it right now. That's the critique.
Changing your RPC url will make no difference because you’ll get the same result either way. Any service that lies about the state of the chain will quickly be jettisoned like so much carbon dioxide.
The bare minimum for a reputable NFT is to publish the contract source code and use immutable storage. That’s the first step of due diligence in the space.
All of this stuff is super fluid and non-standardized because it’s still super early and everyone’s trying to figure out how it ought to work.
OpenSea lied about the non-existence of the jpeg-swapping NFT he minted. They removed it from their API responses because they didn't like it. Do you think they're about to be jettisoned? Or will people largely not care because they actually like the centralised nature of OpenSea with its TOS and extra features and with no viable alternative that doesn't require running your own server?
Consider also "what's the point of an uncensorable block chain if the API servers can become untrustworthy and refuse to the serve the data?"
If OpeanSea can blackhole / cancel / hide a NFT on a whim, what does that say about the viability of hosting other services that access the blockchain through similar gateways?
Additionally, if such services can preform those actions, what does that suggest about the viability of financial instruments and company governance accessed through those or similar services?
Yes, this is FUD. I believe it is quite reasonable FUD.
That’s fair. I was talking about canonicalized chain state (hence RPC), not consensus about what constitutes spam.
I agree that OpenSea should not have final say in this regard, as clearly that is not decentralized. I would be interested to hear if anyone is trying solve this at scale.
> All of this stuff is super fluid and non-standardized because it’s still super early and everyone’s trying to figure out how it ought to work.
I understand this and I'm certainly sympathetic to it. Folks are also trying to figure out how to actually stuff art on-chain which I'm a fan of. I'm very familiar with the NFT standards because I was involved in some of the discussions with it. The amount of money this space is seeing though given how fluid representation in the space though, leads to Moxie's other critique, that this is being fed with a gold rush trying to find liquidity for hoarded crypto. I know that builders can't control what these speculators do but it certainly adds pressure for builders to either take the money or operate at a disadvantage to builders who do.
In regards to keeping the art on-chain, the immutability is a real problem. What happens when someone stuffs illegal data/images on the blockchain? Once a bad actor sneaks trade secrets, doxxing material, or CP onto the chain, it's there forever. By design, deleting data from the blockchain isn't possible.
Actually, this was his point exactly. OpenSea must start on a decentralized block chain (due to market forces) and must move to a more centralized (faster moving) protocol in order to remain relevant.
I think it's good to remember that bitcoin and ethereum were the very first cryptocurrencies. They are flawed, bitcoin in particular failed at everything it was idealized to be and will probably never improve. Ethereum seems to be moving forward at least. Slowly, but still.
Ethereum light clients will make it trivial to verify the state of the blockchain and interact with it without also having to store the entire blockchain.
The nice thing is that you can depend on Infura for now, but if they ever attempt to be dishonest, you can easily switch to hosting your own node or light client. The cost of moving away from these centralized services is pretty low.
I think this is “the point”. This is like saying you can switch away from GMail by running your own mail server. People don’t want to run their own mail server.
Will the ethereum light client run in metamask with no configuration? I’m afraid anything short of that is too heavy.
He's saying that configuring MetaMask to work with a light client is as easy as changing the RPC URL. The light client still needs to be installed/configured separately.
Ideally, as Moxie suggested, MetaMask itself integrates a light client into its wallet, so that it becomes the default configuration.
The idea of light clients is they will be bundled inside of apps/websites/extensions. So yes running a light client will be easy because it’s just happening in the background of the app, replacing the api hopping we do now with direct call/response to the chain.
So for metamask they would replace the calls to infura with a light client instead. Easy. They’re probably a year away from adoption, this year will accelerate development as it’s something lots of us want.
It's a step up from the "crypto isn't crypto" mantra that many used to repeat, refusing to even look at how it works. Not sure why it took something as silly as art NFTs, but it does seem that now even those who previously tried avoiding cryptocurrencies at all cost have at least started looking at them critically.
He does point out some real problems. Yes, all this has been discussed in the Ethereum community already and many in the community have voiced the same criticisms as well. But a lot of the issues are still unsolved for regular mainstream users, who rely on a lot of centralized services and are often herded into solutions that may bring more convenience but are also less secure. It's good we're having discussions about this, and the more people that point out flaws the better. After all the entire point of a blockchain is to be public and robust. If this is our future money or notary service, the more probing the better.
This is exactly the attitude that moves us forward. "Us" not being just those who happen to get in early on the solutions to the solvable problems, but hopefully including everyone who can get a benefit from using truly decentralized services.
For a non-tech regular user who just want to get some work done Internet Explorer was indeed the internet.
In India even to this day for a vast majority YouTube/FB/WA is all the internet is. It's not at all unusual for people to walk up to a mom-and-pop store to top-up their data plan asking them to "recharge my WhatsApp balance". Even carriers have specialised data packs that are tied to a specific product/service.
And to be fair this is just how it'll be with any product/tech. As an example, in India Xerox literally stands for photocopy https://imgur.com/a/66TnCog
> is tying web3 to several centralized front ends (Metamask/OpenSea).
You can't really lump both of those into the same bucket of "front-end". Metamask is a front-end, a user interface. OpenSea is more like middlewear that connects various front-end clients like Metamask to the backend database, and provides some additional functionality that's in any of the database's stored procedures or views. OpenSea also has its own front-end UI to its own service, but its core service is its API to the Ethereum database.
MetaMask is a wallet, its not ingrained into any blockchain, your free to use alternatives, and many protocols don't support it. The centralized aspect of a chrome app and marketplace like opensea is very well know issue and talked about a lot in crypto, the problem of course comes down to lack of education, which is apparent in this very post.
Can you point me to where this insightful discussion happens? And where can I educate myself? 99,99% of content and forums I find online about crypto only care about promoting coins, nfts or services basing only on futuristic visionary promises, hyping up the users and attempts at FOMO. It's almost literal spam. This is the first time I read something that just explains how thing works from a technical standpoint and what challenges are there.
Its almost entirely done on crypto twitter. You follow the builders and they talk about this stuff. Tweet threads are terrible but that is where the good information is.
Twitter is frustrating in that the good content is buried and if you follow the wrong people they just spam your feed.
Its a constant battle to keep the signal to noise ratio of your feed high and the right people to follow constantly changes.
I got into web3/crypto (hate both those terms) Twitter a few months ago and it took a very significant amount of time to find the signal among the noise if you will. Twitter’s algorithms heavily favor engagement which in turn favors “influencers” who lack a lot of technical knowledge and peddle hype. I can see why curious skeptics are so quickly turned off, but there really is a gold mine of good discussion out there.
@das_connor is an awesome follow. He works for Avalanche (which I believe will be a massive player in enterprise blockchain adoption).
I agree about Twatter being difficult. And it is time consuming.
Some projects have decent Discord channels. It depends on the devs and community there.
It is quite difficult because indeed everyone has a profit motive to shill. The only way I could get a good read on anything was by experimenting with the tech.
The Daily Thread on https://old.reddit.com/r/ethfinance has a number of folks who are in it for the the tech and generally some pretty good takes on protocol/ecosystem tech. It is better than any other crypto subreddit I've come across.
People are certainly free to use alternatives, but if they aren't spinning up their own nodes what will they be using, another centralized node service? Most people aren't going to run their own node and for good reason, its expensive and profitless. Sure a cryptographic/economic layer on top of Ethereum could incentivize people to run nodes and have users pay for decentralization, but at the end of the day people will use Infura or a competitor because it is cheaper, and when these companies control who gets transactions they also influence who can make blocks.
Ethereum is fundamentally flawed in this sense - it only pays for mining (and in the future, staking). The work of routing and storing data is done by the most prolific miners and businesses reliant on Ethereum to keep it from collapsing; there is no sustainable model where a decentralized cohort of nodes can run Ethereum without fundamentally changing how Ethereum pays for infrastructure.
It's interesting how tightly coupled Metamask is to all of the other big crypto / NFT marketplaces. Feels like the "distributed web" portion of it has just been an over-exaggeration all along.