"Personal data stores have to be fast, cheap and private."
Uh yeah. That's called a Personal Computer - "PC" if you haven't heard of it.
The problem is that technology came along and gave us a "PC" in our hand (cell phones) that wasn't a "PC". What we need is an actual "PC" in our hand. That is: a cell phone that is under the control of the user (and no, a "global single-sign on" sounds absolutely worse than "web3" <- whatever that is).
For a decade now, or perhaps longer, I've been wanting a first-class general purpose computer in the form factor of a cell phone. Microsoft has danced ever-so-close to providing us this, through several iterations of rumored "Surface Phones," and in showcasing the promise (if not necessarily the execution) of a viable dockable phone in the Windows 10 Mobile era. A few Linux flavors of the same concept have circulated through history as well, but none particularly viable.
Failing that, I'd like a computing model that I call PAO, Personal Application Omnipresence, where all of my devices are terminals to my own application server [1].
I've been looking for something like this for a long time.
I have a powerful desktop PC in an inconvenient place, and a much weaker laptop which can be anywhere I am. All I want in life is to pause work on my desktop, pick up my laptop, and resume what I was doing.
As an extension, I never want to think about which machine is running my app. I just want it to run wherever there are enough resources, and be displayed on whatever device I'm in front of.
Network bandwidth isn't a limiting factor these days. Between all the devices I own, I have more compute power than a high end modern desktop. Why do I have to physically go sit at one machine for one task and a different machine for another? Every individual part of this problem has a solution, but no one has put them all together yet
Interesting article. Honestly it's sad that you can't just wave your phone in front of any screen or input device and instantly be able to use that device to interact with the phone.
Have you tried Samsung Dex? I doubt it meets all your requirements, but I used an anker USB-C hub to connect my Samsung device to a monitor, keyboard, and mouse. Then you can run android apps like in a desktop environment. It's at least a novelty.
It’s a big project to fix the underlying issues to get us there, but it’s not impossible. It does require more than trying yet another DOA federated system that doesn’t fix the underlying incentive problems that lead to centralization.
You know, I actually had this back in ~2011 with the now defunct AlwaysOnPC—it was a really weird service which you could pay like $30 once for an then get access to a remote desktop on a random Debian install on some server they had. It was kind of a security nightmare in retrospect (only the kernel was used for isolation, i.e. everyone was on the same machines!) and I'm suprised it didn't die sooner from abuse (bad actors doing illegal shit from their servers) but it was amazing for the few years it was a thing. You could just sign in from your phone, tablet, or even a random computer at the library using a little java applet and get access to all your stuff just as you left it. I eventually moved on and just started remoting into a server back home but it was very cool at the time to have a fully end to end solution for personal cloud computing.
The problem isn't mobile phones, it's the convenience of the cloud. I can access my email and files from any location, from any device. It's magic.
Of course, we've given up our privacy and autonomy for that convenience. The problem is that we seem to keep ending up on the convenience side of the trade-off.
If you want the convenience of the cloud but the security of owning your own data there's anything that uses WireGuard. The only tricky thing is selectively exposing via a proxy for things like sharing. Traefik has done wonders in that category though.
Traefik can listen on individual addresses on a machine, which lowers the barrier to making a chained ingress. If chained ingress doesn't make sense, think of how Kubernetes has a load balancer pointing at several nodes and each of those nodes run an ingress internally to route traffic across the private-to-the-node network.
For instance, I didn't want my sharing URLs to enter directly on my home IP. I felt that would expose my house to an enumeration of vectors that I couldn't possibly control. I ended up creating a small server in digital ocean that runs Traefik on a public address with various public DNS records pointing at it. That instance of Traefik then points to my home servers Tailscale addresses. I actually go a step further by running Traefik on each server so that I can host multiple services on port 443 on each server, but this isn't absolutely necessary.
Did you mean Tailscale, or Tailwind? I'm interested in replicating your setup, so if you happen to have a blog post or some other HOWTO resource, that would be deeply appreciated. Thanks in advance!
I meant Tailscale, thanks for that. I use both but I think one has a dominant weight in my autocorrect, lol. Check back here and I'll dump my docker-compose. That pretty much contains everything except the actual agent installation, which is a very minimal step.
> a cell phone that is under the control of the user (and no, a "global single-sign on" sounds absolutely worse than "web3" <- whatever that is).
The FCC does not allow this because of their certification requirements for the baseband processor. You can either lobby for this to change (good luck :-( ) or go the hacker way and build something that is under control of the user, but violates the laws.
What exactly does this mean? Doesn't the baseband processor exclusively handle the mobile communications? I thought the parent comment was more to do with OS running on the main processor.
>Web3 is a nebulous term in the tech world used to describe a hypothetical future version of the internet that’s more decentralized than it is today and not dominated by a handful of powerful players such as Amazon, Microsoft and Google.
This is not some hypothetical version of the Internet. This was how it worked until the early 2000s. Google and Amazon weren't evil back then. Microsoft was actively developing IE and had good intentions after it won the browser war. Almost everything was decentralized.
As someone who worked on software from the 80s to today, I don't know about MS internally, but from the outside it definitely didn't feel like good intentions. It didn't help that interviews or articles with or about Gates or Ballmer were about destroying competitors. They have a trackrecord in those years of doing that at all cost and I believe IE was part of that strategy. I have never seen anything to the contrary, but happy to hear insider info to the contrary.
A bit of time after they won, IE development basically stalled, which I see some people attribute to other things, but, again, where is the documentation this was not malice? Simply: we won, the rest is dead, why spend money on dev for something that doesn't make money? Isn't that the most obvious?
ActiveX (while there was Java, oh boy J++) was another sign that there was no intention of making this open tech but just peddle more windows (granted, there was IE for Mac and Solaris, for a while).
Again, I might be wrong, I had issues with MS in those days because of their behaviour which probably colors my memory, but reading back now, I was not alone in this. Maybe someone can point me in another direction with more documentation and proof instead of memories.
Ms was definitely evil. Vendor lock-in. They stole Java (.NET). They sabotaged Fahrenheit/chronos. Kept office formats proprietary. Did a smear campaign against Linux and open source in general. IE didn’t adhere to standards
And speaking as someone who had to develop for it, making a site both IE-compatible (around versions 5 thru 8) AND compatible with any other browser LITERALLY DOUBLED THE WORKLOAD. They made absolutely no effort to conform to standards by design because it forced companies (and there were many) to develop "IE-primarily" sites. That experience alone gave me a lifetime of hate for Microsoft.
Isn't that Chrome's entire game? Keep developing new APIs into standards even before they are standardised such that everyone else is always just trying to keep up. Advertise these new APIs to web developers such that new websites only work well in Chrome.
Take this perspective: The less boxes in a row, the less complex. Can I use is biased towards feature creep.
If not supporting a feature (in terms of not having it, not half implemented) would count and this would be visually faire represented, what we be your choice?
I’m not choosing a browser here, I’m saying that Chrome is not repeating the most fatal mistake of IE: implementing many APIs in their own way, often very different from the standard. Until recently, Safari was repeating the IE approach, but right now it looks like they turned to the road of sanity.
Curious to hear about these good intentions from MS/IE after the browser wars. Honestly, not being sarcastic. From what I've heard they stopped innovating because they no longer had competition, until Firefox in the early 2000's.
Anyone who remembers that era of Internet Explorer with positivity must have been on an island of consumer facing websites like Geocities and never had to deal with ActiveX websites.
As a .NET developer since the early days, it's purpose has always been to sell more Windows Server and SQL Server licenses. For the first 15 years, there was no official support for other platforms. More recently, the runtime is cross platform but many libraries only have support for MSFT products out of the box (e.g. WPF, or entity framework relying on external maintainers to write providers for most popular OSS DBs).
IE’s problem was that it was too successful and Netscape couldn’t keep up. Further, MS had shorty coding practices so IE was deeply ingrained into Windows.
But IE set a whole lot of standards and pushed the web forward.
The one complaint with IE was that at some point it stagnated. This was unlikely due to malice on MS’s part and more likely because once again, MS’s shitty coding standards meant it just couldn’t improve. One way to know this is true is the fact that even after IE was surpassed and rapidly losing market share, MS wasn’t able to bring it up to speed with its competitors.
It had to create an entirely new browser to even try and come close.
But should we ignore Solid? The project started in 2016. Can you _do_ anything with it yet? You can "start a pod", but all the apps are clearly written to demonstrate the platform features rather than to _do_ anything or meet any user need. Of the ones listed, I couldn't actually get any to work with a newly created pod.
Hi, I work at Inrupt (Tim's company.) Here's two recent examples:
The BBC just announced that they're hosting Solid Pods for personal data, allowing users to control access to their information[1][2].
The government of Flanders is hosting Solid Pods for citizen data[3].
Solidproject.org is a community-led project, but I'd recommend trying out going through our docs at https://docs.inrupt.com under "getting started" if you'd like to play around with it. Feel free to let me know if you have any issues or questions.
let me conclude that the new, more decentralized, more privacy respecting vision of a future internet is based on an "enterprise" server with no open source code and to use it I need an "entitlement token" sold by one single company?
To login to Inrupt’s private Docker registry and download the ESS Docker images, your enterprise needs to obtain an entitlement token from Inrupt.
I really hope my conclusions are very wrong, because, you know, it reads like a satire.
Mr. Barners-Lee is selling tokens for the next generation freedom internet and talking about why the other guys selling tokens for the next generation freedom internet are bad?
There are multiple implementations of SOLID server https://solidproject.org//self-hosting/css what you are linking too is other implementation that inrupt sells to big corps as a product. I assume it has a lot more functionality for management of users stuff like that. But the pods them selves work the same.
Hi, thanks for responding. I already created a pod from the provider referenced in those docs (i.e. start.inrupt.com). It shows me a WebID url and a data storage url. What can one do with these? What can one do with a pod? The documentation says you can 'view' your pod, and links to some SDKS.
- MediaKraken: If you click the button indicating you want to use Solid to store stuff, it presents a box in which to put a URL to log in. It won't accept either of the two URLs given above. Following experiences with other apps, I sub in `https://login.inrupt.com`. I can pass through the login page at inrupt, but the redirect brings me to an error page. I can repeat this loop ad infinitum.
- Penny: presents a box in which to put a URL to login. I can't log in with either of the URLs listed above, but it present a modal suggesting I try using `login.inrupt.com` instead. After a couple tries, I can get in to browse and see that I have no content. Yay.
- Solid IDE: I get a 404
- Solid File Manager: After trying Penny, I know to enter https://login.inrupt.com in the login box. I can again browse my lack of data.
- Pod Pro (an IDE for editing pods). I can log in and see that there's basically nothing to edit. I have no contacts, but the files they would presumably eventually go in have some markup which I can mess up.
So far, I've yet to encounter an app that actually seems to do anything useful. Upon creating my pod I was shown 2 URLs and it turns out that none of the apps I encountered will accept them for anything.
I'd love for this to be a vibrant ecosystem of actually useful stuff. But so far it seems like an empty room that's awkward to get into. I think my new pod will be as neglected as my urbit planet, and for the same reasons.
Years ago I remember talking to someone about whether hadoop/mapreduce could help address some problem they were encountering -- but they had neither the data collection infrastructure or data analysis knowledge. It's not that mapreduce wasn't a good tool, but to him of course a framework that can run jobs he doesn't have and doesn't know how to write on data he doesn't yet have was pointless. A framework can need a lot of enabling conditions to be useful. I'm not sure what those are for Solid.
I'm the author of Penny, and you are right: there are only two viable Solid apps at the moment, both by the same author [1]: Media Kraken [2] and Umai [3]. They're good, but pretty simple, and primarily interesting if you're really sold on the concept of Solid. And Penny works, but it's really only useful for developing Solid apps.
The BBC app mentioned above doesn't, at this time, really bring any of Solid's purported benefits (see my analysis at [4]). Inrupt's server implementation still occasionally introduces breaking changes that even the mentioned apps are having a hard time keeping up with, let alone the unmaintained ones.
So honestly, I think the best time to take another look at Solid is the moment Inrupt has a paying customer that is providing a Solid server that is usable with more than just their own apps, and an app that is usable with more than just their own server. Until that happens, it's unlikely that there will be anything that really works and that you can count on will continue working.
And to be perfectly clear, the above are my personal opinions only :)
I just spent some time reading about it and visiting the same links while finding some of the same problems. It sounds interesting but I can't figure out what it "should" be used for. I can imagine this replacing existing data stores but it looks like an over complication to me, initially.
If I imagine Facebook backed by Solid pods, well if any social media site is web based, can't they just scrape my data and send it to their server if I plug my pod into their system and allow access? Because they can do that for anyone else that signs up, wouldn't it just be a veneer over me "controlling access to my data"?
The only benefit I can see is having a unified consistent data structure for combining information from different sources, an HTML standard for data.
Ah, I've got it. This is what I was searching for to say.
After reading their site I can't figure out what problem these solid pod solves and I also don't know how it solves it. It looks like neat tech that I would want to play with but that's as far as I can get after about 20 minutes of being introduced to it.
> can't they just scrape my data and send it to their server if I plug my pod into their system and allow access?
The answer I usually give to this is that Solid's goal is to be the enabling technology that allows good actors to give you control over their data. Of course Facebook can funnel your data elsewhere if it were to be built on Solid, but it's even easier for them to just not build on Solid and just harvest your data that way. Technology is not a solution by itself, but with the technology available, customer demand or legislation potentially has a viable path towards giving you a way to control your data.
Instead of centralised service users each have their mini server that can communicate with others. As a user you give acces to certain data on your pod to other users. Of course the other user than has acess to this data.
How it is iseful? Imagine notes app or todo app that you download but it works only on data in your pod. The data is not sent anywhere, its like a desktop app on your computer but 24/7 on and you can connect to it online.
Spammers have money. For them it's merely a cost of doing business and they'll spam as long as there's positive ROI. For something like politically-motivated disinfo on Twitter there are millions of dollars bankrolled.
OTOH any non-zero cost is off-putting for regular users and stifles growth of services. Twitter has upset its top users by trying to change $8!
Then there are flash loans that let you have any amount of wealth in the web3 world for only a tiny fraction of the price. It keeps popping "DeFi" services that naively assumed nobody would risk a fortune to attack them, but there's a fortune-for-hire service!
Anyway, the real-world web has used phone numbers as proof of small amount of money. There are CC checks for bigger amounts. Then there's web of trust which is a pre-web3 word for "staking", except using reputation instead of Monopoly money. Mastodon instances for example ban other instances from federation if they don't police spam/abuse enough, so every server admin is motivated to fight it locally, while the system as a whole remains decentralised.
I think Solid is an awful idea that gets a ton of media coverage solely because Tim is behind it. It still has you giving arbitrary servers access to your data, rather than keeping the apps under your control as well.
I think the only way you end up with really liking Solid is if you nearly paradoxically care about user freedom but really hate open source software and want to ensure you control your app code.
I don't think there's a 'conflict of interest' here; he has a startup, was talking at a web conference, and expressed an opinion about the landscape. I don't take issue with his points about web3.
I would like to see _something_ that moves towards decentralization (or at least weaker centralization / greater portability), and if it's not Solid, I hope something else will step into that gap. But I am genuinely confused why there's not at least _something_ useful built on that framework after several years.
I'd go further than this and suggest that web applications, sites that don't display anything without executing code, are not web at all. They just use web protocol to transfer the executable. And pretty soon most web applications will switch to using HTTP/3 implemented on QUIC so they won't even be using HTTP.
The web platform, HTML/js/css in a browser, is one of the greatest inventions of all time. Its versatility is immeasurable. The fact we have one toolkit that scales from a simple text based publishing platform to full application development environment, is insane. It covers all paradigms of computing, from thin client to full offline enabled local computing.
It is incredible that the community have built this general purpose platform, and that it's not only versatile but also incredibly performant.
Modern JS engines are only 50% the speed of native C, no compiler or toolkit needed. How insane is that!
CSS/HTML is growing from strength to strength, it's a gui toolkit with so much power universally supported on all computing platforms, from phones to desktops. It has so many features, and is so extendable, but anyone can use it anywhere. There's no limit to its capability, or who can use it to build their inventions.
The same toolkit can be used by small children to explore the ideas around "programming" all the way up to the best developers in the world.
Honestly the argument that we have somehow gone wrong with html/css/js is absurd. What this platform has contributed to humanity is immeasurable.
The "original vision" of the web as a publishing platform for text may be dead. But it lives on as a publishing platform for human invention, ingenuity and creativity.
While I absolutely agree regarding the immeasurable contribution to humanity part, I feel it happened despite HTML/CSS, not because of it. I still think that it is a very inefficient and bad abstraction for general purpose layouts and only recently with flexbox/grid did it basically got feature-parity with things like.. WinForms.
Js used to be pretty bad as well, but hats down, they did alleviate many of the shortcomings and made it into a decent language (though I do get grumpy when it is overused at places where it has no reason to be)
No sane person would use WinForms, my point was that layouting and GUIs already had prior art and none of the lessons were learned.
> If you only ever use a tool the way it was intended how can you make it better?
I don’t think that it’s how things work.. you don’t have to misuse something to think ahead and make something better/develop it into better directions.
Sounds like: "We're proud of the craziest kludge in history. Look mom, DHTML!"
One could even write a full parody of one of the previous posts. (Sorry, SCNR):
"""
The JVM platform, Java in a browser, is one of the greatest inventions of all time. Its versatility is immeasurable. The fact we have one toolkit that scales from a simple text based platform to full application development environment, is insane. It covers all paradigms of computing, from thin client to full offline enabled local computing.
It is incredible that the community have built this general purpose platform, and that it's not only versatile but also incredibly performant.
Modern Java interpreters are only 50% the speed of native C, no compiler or toolkit needed. How insane is that!
JavaFX/CSS is growing from strength to strength, it's a gui toolkit with so much power universally supported on all computing platforms, from phones to desktops. It has so many features, and is so extendable, but anyone can use it anywhere. There's no limit to its capability, or who can use it to build their inventions.
The same toolkit can be used by small children to explore the ideas around "programming" all the way up to the best developers in the world.
Honestly the argument that we have somehow gone wrong with Java is absurd. What this platform has contributed to humanity is immeasurable.
The "original vision" of Java as a platform only for embedded devices may be dead. But it lives on as a platform for human invention, ingenuity and creativity.
I chuckled. It felt a bit too positive for my taste too. Yes, those are all great things but the breadth of functionality from things like Electron apps is not because HTML/CSS and JS have grown and matured. A lot of that comes from packages that wrap C libraries. And those are easy to suck into the HTML/CSS and JS environment because of package management. None of those things are "the web", not even close. Ah well, its nice to see someone excited about it all I guess. And I enjoyed your parody too.
This is beautifully said and absolutely true. The HTML/js/css platform is truly incredible. Looking forward to seeing how people can use WASM in incredible ways!
Absolutely, and like all new things some of the original uses will not work out but what it brings to the table is awesome. (I'm unconvinced by trying to "speed up" normal web apps with it)
The two places I'm most excited about it is using it in combination with WebGPU for games/engineering/ai/science, and with the "origin privet file system" enabling client side databases such as SQLite and DuckDB. I think it's the final peace of the jigsaw to make PWAs take off like a rocket.
Honestly, PWAs are the true future of the web, the perfect extension of its vision.
I have somewhat mixed feelings on WASM... you can't "peak" into it nearly as much as JS... but even JS has gone past the point of being really decipherable by humans in production sites for a while.
I know there's some boundary issues with performance and hope that it can be worked out in a meaningful/reasonable way. I think WASM gets much more interesting in server hosted platform environments. You get largely portable code that can run wherever (x86, arm, risc-v, etc) and is in a secure environment, read-only into itself.
Not just text, multimedia documents. The lack of standalone support for which these days is pretty sad, everyone seems to be using pdfs even though those are mostly only good for archiving paper documents !
And while using the browser as an OS inside the OS has some benefits, it's even worse than Java in the sense that it's hard to build a good program when you're constantly fighting with the browser for the interface... (consider how rare it is to see a webapp with lots of keyboard shortcuts and support for multiple windows for instance)
HTTP/3 is HTTP because Google and Microsoft said so and had the people in place to push it through the IETF. It's not really HTTP like HTTP/1.1 was and is; designed for human people to interact with for web sites made out of pages. It's a protocol designed for web applications. This is so deep in it's core it won't even allow you to connect to another IP unless you get continuing approval from an incorporated entity running a CA to lease a TLS cert.
QUIC does not require a CA. Self-signed or DANE-backed TLS certificates work fine. Try using cURL built with HTTP/3 support to see for yourself.
Requiring CAs and not implementing support for other anchors of trust is an implementation decision, and is not mandated by the spec. The spec mandates TLS 1.3, not "the version of TLS 1.3 used by these three web browsers". QUIC was designed with non-browser use in mind too; it's for any situation where you want to maintain connection integrity in an unreliable network.
True in theory, not true in practice. It might work if all the random people on the internet used cURL to visit my websites but they tend to use browsers that are Chrome based. And Chrome's QUIC (or the underlying quiche library) differs how Chrome's H1 and H2 implement TLS. It will not accept a self-signed cert during a HTTP3 QUIC connection. Even going localhost (defeats the point, but to check) and trying --disable_certificate_verification --allow-insecure-localhost will not work.
Like I said, the megacorps that designed QUIC designed it for their use cases and that does not include allowing human people to host websites by themselves. Not if it potentially impacts e-commerce security. Their implementations reflect this.
Funnily, the fact that Google can only index resources/documents associated to a URL has saved the whole concept of the web (for now).
Note: and the fact that there is no search engine inside companies has led them to disregard the concept of permalinks. All SPAs there simply never change the URL in the address bar. Which is an HORRIBLE experience as a user!
Everyone on HN needs to take a week to actually look into crypto projects. Nothing that makes headlines is ever good, and it's clear that's where most of the opinions of it on here are sourced from.
You're doing yourself a definite disservice by not investing a smidgeon of your time.
You are looking at a garden and remarking about the rotten veggies on the soil floor.
> Everyone on HN needs to take a week to actually look into crypto projects.
Most of us have looked at this space extensively over the last decade plus. Can you offer pointers to the things you think are delivering real benefits to anyone whose primary goal isn't finding buyers for random hashes?
I add that last qualifier because literally every time this question comes up the only things people seem to come up with which aren't outright scams are projects which only make sense if you've already decided that everything you work with should be on a blockchain and you need to deal with the ensuing problems. I'm looking for things where someone who works at a normal non-crypto business — say a coffee shop or a company which makes toasters — could go to their boss and say “If we spend money setting up X we'd save $Y over what we're doing now or gain $Z from new sales”. The closest people come are things like supply chain verification, which is certainly useful but nobody can explain why that idea only works if you pay the extra blockchain overhead relative to just using basic digital signatures from the human you're already trusting to do a particular task.
Also as a starting premise, remember that most of us are quite familiar with things which aren't great now. The idea of getting rid of PayPal or not having people login using Facebook/Google sounds great to a lot of us, but that needs to be predicated on system which would actually get normal people to switch by being cheaper, safer, etc. Appeals to ideological purity don't tend to get traction when the “Login with Facebook” button is right there.
> The idea of... not having people login using Facebook/Google sounds great to a lot of us, but that needs to be predicated on system which would actually get normal people to switch by being cheaper, safer, etc. Appeals to ideological purity don't tend to get traction
But it's quite the opposite of an appeal to ideological purity. If you care about building out widespread truly decentralized cryptography, the practical results of cryptocurrency are nothing short of incredible. Because of crypto, millions of people now self custody their own private encryption keys without any dependency on centralized services. Yes, they're doing so because they want to play in a giant on-chain casino. But the same ECDSA key that secures your Ethereum wallet can also serve as your decentralized cryptographic identity.
It's hard to overstate how much of a miracle this is compared to what anyone expected 15 years ago. Hardcore cryptography engineers would joke about how even their small, highly committed community couldn't build a decentralized a web of trust with decent opsec. Now even dentists are self-custodying their crypto keys with decentralized identity powered by ENS.
Quite the opposite the only reason to dismiss this achievement is an appeal to ideological purity. The cryptography infrastructure may have been built for the "wrong reason", to gamble in the world's largest casino, but a once undreamt of decentralized infrastructure now exists.
Why would I care about building widespread “truly” decentralised cryptography?
This also sounds like idealism. And I speak as someone that works in cryptography-related spaces including PKI.
How many of those millions of people get compromised in some way, lose their ‘money’ and are then chided for poor opsec? How many don’t even bother with self-custody and just use centralised services like exchanges?
You don't see any value to people owning their own crypto keys and identity instead of relying on a centralized party like Facebook?
I'm not even talking about digital assets. I'm purely talking about the ability of someone to sign their own emails without being dependent on a monopoly like Gmail to do it for them.
I don’t see that for most people this is any sort of enabling technology, no. In fact I think for average humans that delegation is a very worthwhile service.
Edit — And whether we agree or not, this really seems to fall into an ideological space rather than being a practical thing.
My personal project is a working case study proving the practicality of the idea. It’s not ideological and enables things you would dare do with prior existing server/client models.
> If you care about building out widespread truly decentralized cryptography, the practical results of cryptocurrency are nothing short of incredible. Because of crypto, millions of people now self custody their own private encryption keys without any dependency on centralized services.
You mean the exchanges the vast majority of cryptocurrency users rely on have control, right?
I mention that because a greater number of people already have cryptographic keys to use to assert their identity (every iOS user, most Android, and Windows Hello users) in the form of WebAuthn passkeys. Unlike Ethereum, that system does not cost money to use, is free for anyone to implement, and does not depend on a slow centralized data store being available.
One important note: ENS doesn’t in any way solve the question of identity, any more than DNS does. In both cases, they link a name to a machine id without solving the much harder problems of verifying identity or disambiguating people with the same name.
Most importantly, not conflating money with identity makes attacks harder (if I get your keys, I can compromise your brokerage account but I still have to convince them to transfer your assets) and lowers the costs of errors because I’m not pushed into having to decide whether I’m more concerned about losing access to my money if I don’t make a backup and having my money stolen because I did. That’s going to matter to their next of kin if our hypothetical dentist is run over by some SUV driver on their next bike ride.
That last part gets to back to the question of goals. Self-hosting cryptographic keys isn’t a goal anyone has for non-ideological reasons. People care about things like communicating privately and not being impersonated, and will gravitate to the systems which make that safe and easy. Cryptocurrency projects haven’t delivered on either of those so far and since they inevitably depend on real-world systems to handle identity or resolve disputes, it’s hard to offer a compelling reason to pay the extra cost to use them.
Going back to my hypothetical person at a non-crypto business, he goes to his boss and says “we should have our customers login using self-managed private keys”. When she says “how does that make us more money?”, what’s the answer?
The Internet Computer[0] hosts whatever kind of service you can cram in a smart contract form-factor. In exchange for having to deal with things like oracles to retrieve information from the outside world, it costs absolute peanuts[1]. I tend to use it whenever I want to PoC a web app because it's usually lower-friction than a VM. Unfortunately there aren't that many things to show as an example that aren't just NFT silliness, but one big one is OpenChat[2], which also shows off the basically zero-friction single-sign-on[3] that can't be tracked across services.
Will it pan out? I have no earthly idea. But it's cool enough to try.
(unfortunately obligatory: I am not a bot. please do not downvote singularly because of linking to a blockchain service, in response to a question about them.)
Those "peanuts" look more expensive that traditional hosting to me. It does help that they blatantly try to lie about their service being "more energy efficient than traditional IT".
Let’s go with those. Truly beneficial for the parties referenced.
At the risk of sounding somewhat cold and calculating:
Is that worth the carbon emissions of the entire country of Argentina? How many people are dying from the resulting climate impact?
How many lives have been ruined from the gambling related to bitcoin? How many times have bitcoin forums had to post suicide hotline numbers?
How many criminal enterprises, oppressive governments (like North Korea), etc have been enabled by bitcoin and other cryptocurrencies from ransomware and countless, endless scams?
While I do acknowledge the use cases you’ve provided and truly do sympathize with the (relatively few - tiny) people who benefit I cannot see how it could possibly be net positive.
Okay, let's go with those — and we'll even assume that they're fully accurate and representative. Money laundering wasn't exactly impossible before so the two questions here are whether it was cost-effective for the users (someone in Nigeria has less capacity to soak up one of those speculative swings, after all) and safe to use.
That last part is significant because while the Bitcoin marketing team likes to talk about it being anonymous or “censorship resistant”, it's extremely risky for anyone to use when their threat model includes the government they live under. Yes, I'm sure someone has been able to transfer money to a Russian or Chinese dissident but once that becomes at all significant, consider the incredible risk that poses to the recipient. They can't make a transaction without making highly-distinctive network traffic, they can't use the funds locally without finding someone willing to take them which is risky to both parties since you're betting that the other party isn't compromised, and unlike regular currency transactions you're leaving an immutable public audit trail. If any party involved ever has records which the police obtain, they now have hard evidence to go after everyone they've ever transacted with rather than just the ones they observed after learning of that blackmarket activity. Better hope that you and everyone you ever do business with has perfect opsec…
This isn't some idle speculation, either — there have been a number of cases where Bitcoin provided key evidence linking people's activity and allowing the police to wrap up an entire group rather than the one guy they caught. Here's an example of where that was used for good:
Now, I personally would not like to see political dissidents in China or Russia meet the same fate so I would not want to tell them Bitcoin is suitable for this task.
What do you think about NY Fed's project I linked, which demonstrated that "blockchain-enabled cross-border payments can be faster, simultaneous, and safer" (their words, not mine).
Speaking of dissidents subverting their governments, I personally know people who are using cryptocurrencies to assist their families stuck under the said governments. There might be some risks, but when they don't have any other way to exchange value, crypto is a lifeline.
It’s a prototype but also not how most cryptocurrency people use blockchain. It’s a shared ledger between a couple of banks, organized by a central bank. It’s no surprise that this works because it doesn’t drag in all of the notorious drawbacks trying to do the pseudo-anonymous permission-less stuff, or trying to be a separate currency.
What is the specific drawback of pseudo-anonymous permission-less stuff?
> trying to be a separate currency.
None of the serious crypto projects I am aware of (which are Bitcoin, Ethererum and its L2's basically) claim to be a currency. Bitcoin is an asset. ETH is a currency only for the ETH ecosystem and does not claim to be something along the lines of a popular definition of currency.
Can you explain more about what it does? The website is a bit vague but it looks like you're encoding S-expressions on a blockchain, so my first question would be what this gives us that traditional PKI would not.
People always say things like this, but i never see the interesting projects. Yes some are not as batshit insane as the ones that make the news for being crazy, but none of them seem "good" either.
It feels a bit like an unfalsifiable premise. You should do your own research until you find one that is good. If you haven't found a good one yet, you just haven't researched hard enough, so keep going.
My understanding is that its basically a decentralized crypto exchange.
I'm not sure what's to really get excited about. It does solve a problem which makes it miles better than most crypto things. Nonetheless its basically solving a problem that only exists due to crypto currency stuff in the first place. So it doesn't really get me excited about the promise of "web3".
I've spent far more than a week studying crypto and I've actually went from thinking it's a great thing to realizing it has too many limitations to be web3, the future of finance, etc.
I cannot tell you how many people have said the exact same thing as you and when pressed to show what is exciting to them, all that comes out is yet another financial motivated, inward looking solution searching for a problem.
I've done some serious searching. There is absolutely nothing exciting in this space for people who aren't already bought in to it. It's like a cult
This is by no means an exhaustive list, just a smattering of some of the bigger projects doing neat things.
The graph protocol - decentralized blockchain indexing feeding a network of graphQL servers hosting the data powering dapps https://thegraph.com/en/
Chainlink - decentralized on-chain oracles for basically any piece of data from the real world - https://chain.link/
MakerDAO - creator of the first “soft pegged” stablecoin, it is a series of smart contracts that allow people to lock up crypto as collateral and mint DAI, uses a number of neat and novel mechanisms to keep peg by adjusting interest rates and incentivizing economic behavior https://makerdao.com/en/
Compound - a decentralized lending and borrowing protocol with no centralized authority handling liquidations/collateral pricing/etc. https://compound.finance/
Uniswap - a decentralized exchange for swapping assets in a trustless way, has neat features like flash loans where you can borrow a large amount of money (millions of dollars) for the length of one transaction, as long as the money is returned with a fee. This allows anyone to do things like capture arbitrage opportunities, liquidate large positions, or whatever else can be done in one transaction. https://uniswap.org/faq
A lot of these are DAOs using smart contracts to propose and vote on binding proposals on chain and adjust parameters within the protocol or paying contributors and whatnot. You can see an example here https://compound.finance/governance
Beyond that there’s other blockchains focused on specific use cases like GameFi, bridges connecting together different blockchains and moving liquidity between them in a mostly seamless way, massive research attention being paid to zero knowledge proofs (which have a lot of potential implications in the real world), and multi-sig contracts for only doing things when a quorum of key holders come together and signal their intent.
You could look at Chia. I don't think the base project with the typical token scheme is worth anything, but the way it uses disk space for mining is kind of neat.
The general idea is that you precompute a bunch of proofs and store them on disk. Challenges are issued and if you have a matching proof, you can claim the token for that challenge.
The part that I find interesting isn't the tokens. It's the concept that an algorithm can prove you've committed some disk space to the network. The reason I find it interesting is because, for small amounts of disk space, the incremental cost of participation is $0. If I plot proofs on unused disk space and only try to match proofs when my computer is on anyway, it basically costs me nothing.
Compare that to someone trying to farm (aka mine) on an industrial scale and they have a real, non-zero cost starting with the first byte of storage they buy. I find it interesting because it's different than normal economies of scale where a large operator eventually outperforms all the small operators (economically).
Unmatched, but valid proofs, are a byproduct of mining the tokens and those are what proves you have some idle capacity. Since normal PC owners pretty much have to buy excess capacity for something like a hard disk, participating in a system like that doesn't have much downside. It's that byproduct that I think is interesting.
I'm not sure if there are any pragmatic use cases, since the 500GB of free space a normal user has might not exceed the value of pretending to be a real person, but being able to say "I have $50 of idle capacity and I can prove it" could be a novel way to combat large scale networks of bots and bad actors.
I'm still missing where this model achieves anything relatable to the real world beyond "less destructive than BitCoin", which honestly is a pretty compelling value proposition.
Proving you’ve committed disk space is every bit as wasteful as PoW, it gives a financial incentive to manufacture more, pushing up the associated waste and prices for people wanting to actually use storage.
Skiff is exactly the type of service that uses crypto and chains for no reason.
Its essentially gmail/docs alternative that e2e encrypts the content and saves them on their servers. Services like protonmail have been working like that forever.
I am not saying its not a good product just that it doesnt require blockchain at all. They slap it on there to use it and get hype but thats all.
maybe you should-- i am an unrelentingly rational man, but i can't deny that of all the horoscope "archetypes", or whatever you want to call them (i'm by no means an expert or even an enthusiast), Virgo is by far the best description of my personality, and just so happens to be my astrological sign (I guess... like i said, i find the whole thing rather silly).
as a crypto skeptic, i did go through the exercise of learning about the space in various respects (Solidity + mostly niche, more cool, less-crypto-bro-y things like zero-knowledge proofs), and i actually must confess that i had a lot of fun, and was left with the feeling that there are certain classes of thing that the crypto mindset actually is valuable, or, at the very least, interesting.
for example: if you were to ask me "would you rather deal with the shitshow of oath, or use crypto-y / solidity-ish primitives for dealing with authentication/authorization?".... i have to admit that there are some blissful aspects to the crypto view of the world. which makes sense: it was literally built to "solve" some of these problems.
[written as someone who remains a "crypto-skeptic", whatever that means at this point]
The skeptical position on astrology is typically that the archtypes are so vauge that they apply to everyone equally, and people tend to discard any parts that don't fit.
Saying that the archetype applies to you isn't countering the skepticism. On the contrary that is precisely the outcome that someone who think astrology is bullshit would expect.
Yeah, it's sort of funny how much scorn people heap on astrology. I am not trying to convince anyone to take astrology seriously, but I think it's foolish to condescend to those who take an interest in it. The archetypes that astrology describes are undeniably true if you bother to read them and think about how you, yourself, and others relate to them. As a tool for forecasting what's going to happen tomorrow, it's of very dubious value. But if one thinks across longer time scales, if you are manifesting certain types of archetypal energies, and we all are, there are certain types of events: conflicts, romance, etc. that are very likely to happen and others that are quite unlikely to happen.
On a meta level, it's also interesting simply because so many people find that they strongly relate to their chart, even when they really do not want to believe that their time of birth has any meaning at all. You don't have to believe that there is actually some physical influence of the position of the stars to be curious about why it has that effect. Is it just one of the greatest magic tricks of all time? If so, it might be interesting to understand how that works from a human psychological perspective.
> His new startup aims to address this through three ways: A global “single sign-on” feature that lets anyone log in from anywhere. Login IDs that allow users to share their data with others. A “common universal API,” or application programming interface, that lets apps pull data from any source.
Cool to see his project is centered around these goals, but also funny because these are some of the few aspects that I find interesting about Ethereum. Much more interested in the identity/SSO potential vs the financial stuff.
decentralization of X does not and cannot exist without decentralized funding of X.
this is why there is simply no way to separate blockchain (as an implementation of decentralized X) from tradeable cryptocurrency derived from units of X.
this is not in any way a defense or support for cryptocurrency, only that it is nonsense to claim decentralization of function can exist independently from decentralization of funding. that cryptocurrency is designed to explicitly realize this principle doesn't excuse its failure to do so.
decentralization of X does not and cannot exist without decentralized funding of X.
An essential observation. It's easy to design some kind of decentralized utopia but the future can't run on a trickle of Patreon donations. Decentralized business models that don't rely on pump-and-dumps are very thin on the ground.
I wonder if we'll run out of volunteer Mastodon sysadmins at some point.
I generally agree with him, although there are exceptions. You can't generally replace the functionality that centralized servers provide without some sort of mechanic to compensate and incentivize the decentralized nodes themselves. If you relied on VISA or Paypal and charged a fee for the service in that sense, well you now have to stand up an organization that gets to straddle the network and effectively control it. And now that organization has a legal surface area, as well as an administrative surface area that is attackable and can compromise the network itself.
Blockchains just are not a particularly good datastructure for most applications.
In cryptospace you will easily find projects where the creators took an idea and inserted a blockchain instead of a traditional database. Web3 is the same idea.
But this idea is obviously really bad, blockchains are an extremely niche datastructure. They are write only and established by consensus. Most databases shouldn't have these properties and forcing them in will lead into a giant mess.
> Blockchains just are not a particularly good datastructure for most applications.
Very few applications are bottlenecked by the efficiency of their data structure. Computing is filled with examples where we make significant performance tradeoffs to achieve other goals. E.g. software applications are orders of magnitude less efficient than dedicated hardware, yet we accept that tradeoff because software is far more flexible and faster to develop.
Similarly decentralized blockchains may be orders of magnitude less efficient than centralized databases, but for many applications that simply doesn't matter. The most scalable chains cost $0.0001 per transaction and can process tens of thousands transactions per second. Yes, a very optimized database may only cost $0.00000001 per transaction and can process millions of TPS. But the fact is none of this matters to your typical CRUD app.
What you do get for that tradeoff is much better guarantees around durability and reliability, observability, transparency, censorship resistance, decentralization, and a much more credible commitment to the users that the app will not stop operating, delete their data, or change its behavior in unexpected ways.
That doesn't mean the tradeoff is always worth it. The most performance critical systems will still probably run in centralized databases, just as the most performance critical applications run on custom ASICs instead of software. (Even then, we'd probably still expect databases to commit frequently commit their Merkle root to decentralized blockchains for trust, transparency, trust, auditability)
But we know that blockchain technology continues to improve at exponential Moore-like rates (in the past ten years, blockchain capacity has doubled about every 24 months). We'd therefore expect the performance tradeoffs vis-a-vis centralized databases to become increasingly de minims, whereas the positive characteristics of decentralized chains should only improve as the general tooling and technology gets better.
That is not my really my point. It isn't just about a speed, but that the blockchain doesn't solve a problem.
In most situations you have a central source of authority and you want that central source of authority to be able to manipulate the database. It is a feature.
The applications where a blockchain is more useful than a traditional database have yet to be found. Money might be one such thing, but the Etherium/Bitcoin implementation is pretty bad.
They are not write only. Ethereum is a VM. Smart contracts are not databases, they are objects, classes, methods, and applications. They can be thought of as in memory applications or long lived processes.
>They are not write only.
I guess you can delete data from a blockchain by having a rollback.
The etherium blockchain also is much more than a "block chain". But it is still very much a solution in search of a usecase.
Digital money is the only area where a blockchain is a sensible choice from a technical point of view, that I know of. Although I am entirely unconvinced that bitcoin or etherium actually are even close to a viable interpretation of digital money. Say what you want about paypal, it isn't distributing my payment details publically.
Multisigs, permissionless lending, decentralized data storage, automated market makers, social protocols, exchangeable token based authentication, digital content ownership, digital rights management, etc. All of these things already exist on the platform.
There's over $100B in USD backed currency alone on the Ethereum blockchain. It's programmable, liquid, exchangeble 24/7, interacts with thousands of smart contracts, and increasingly will be used for day to day commerce in addition to financial investment applications.
You are pseudo-anonymous on Ethereum. It's free to spin up new accounts and you can always fund them from a centralized exchange if you want Paypal-like privacy. Even then, there are solutions in the works for privacy:
>Multisigs, permissionless lending, decentralized data storage, automated market makers, social protocols, exchangeable token based authentication, digital content ownership, digital rights management, etc. All of these things already exist on the platform.
And all of these either shouldn't exist or can be done better without a blockchain.
Anonymous (or pseudonymous), independently verifiable operations with digital goods are clearly in demand. There may exist a better solution, but blockchain works now.
The demand for e.g. NFTs is rapidly dwindling.
Most of the crypto currency space is driven purely by greed, fueled by gwt rich quick schemes.
With the downturn of many economies peoples expendable income dwindled and so did their desire to buy a link to an image.
For me personally, it's a low-fee payment system that can't be blocked and doesn't require any KYC. My friends and I use it primarily as a replacement for cash when we split restaurant bills abroad. There are people who use it to donate funds to organisations under repressive regimes anonymously.
Blockchain is just a useful primitive to build stuff on top of it. As an engineer, I would like to embrace it, NFTs notwithstanding.
My bank account has no fees and I am legally entitled to having one.
(Unlike crypto exchanges where you can get booted off for any reason)
My bank account also has the awesome property of not broadcasting my entire payment history.
Besides, I even said that money is perhaps (definitely not BTC or Eth though) the one area where a blockchain actually solves a problem which might exist.
In most countries, banks can freeze your funds or kick you out for any reason, unlike crypto where you can’t have assets frozen if you are holding Bitcoin or DAI non custodially. Many banks have monthly fees, charge for international transfers, invest and loan your capital and give you back almost no interest, and there have been a few high profile data breaches that would not be possible in a private chain like Monero.
You are pretty much ignoring what I said.
Monero is pretty much the only somewhat sane implementation of a cryptocurrency, although even in crypto space it is quite a niche coin.
When will the crypto community finally quit with “it’s still early”?
Bitcoin is 13 years old. Ethereum is seven years old. Tens if not hundreds of billions of dollars have been invested in the ecosystem.
Please look at block explorers across L1s, L2s, and side chains for daily transactions, unique addresses, etc.
User adoption is abysmal and that says it all.
I was really excited about cryptocurrencies and blockchain until I woke up one day and realized a decade has gone by and outside of gambling on crypto exchanges and people who make it their identity the entire thing could disappear tomorrow and literally 99% of the population wouldn’t know the difference.
Well, the Web was 7 years old in 1996, the Internet itself probably older (multiple potential beginning years for the Internet as we know it), and at that point they were still pretty confidential...
(Not to say that blockchains will have a huge success, but it's also not like progress hasn't been happening, haven't they managed to work out viable proof of stake recently?)
In 1990 15% of US households even had a computer (the highest percentage in the world). A small number of those had a modem or were otherwise web capable. Modems alone were roughly $1,000 (inflation adjusted) in 1990. When I first got on the internet in 1994 the computer was $5000 (inflation adjusted). Mosaic wasn’t even released until 1993…
The growth of the web also depended on laying many millions of miles of fiber that required everything from digging up entire countries to dispatching ships to cross the world’s oceans. Millions more phone lines, ISP modem banks in almost every phone central office in the country, etc. A truly monumental and expensive effort of humanity.
In 2015 68% of the US population owned a smartphone. 85.5% of US households had the internet. Data is cheap, reliable, fast, and plentiful. Billions of users are interacting on social media platforms to enable communication and spread ideas across the globe more quickly than ever before.
In 2015 these billions of people could catch a random Tweet, news story, etc and be counted as an Ethereum user in minutes for free or close to it.
1.7m ATH daily transactions with the average being around 1m. I'm not exactly a statistician but a simple breakdown could be 500k people doing two transactions per day. Factoring in adoption is likely heavily weighted towards individual users (in the DAU sense) transacting with multiple addresses I think it's safe to assume the mapping between active addresses and users is some fraction - 1/2, 1/3, 1/4, etc.
Being conservative and favoring Ethereum in this 250k DAUs for total on-chain activity encompassing all activity across the entire platform.
You can look at cheap and "high" traffic sidechains, L2s, etc and pretty quickly determine that the number of DAUs across the entire ecosystem is in the low single digit millions at best. To be really fair let's say it's 10m - that's .02% of internet users daily.
Even if we use your total addresses and assume each address is a user 210m users across the 5b people on the internet represents an adoption rate of 4.2% of internet users ever transacting with the network across the seven years of existence.
In my original comment I said 99% of internet users wouldn't notice if it all disappeared. Looking at the numbers I think this was charitable.
>Aztec is on the cutting edge of zero-knowledge SNARK development. Built on PLONK — the paradigm-defining universal zk-SNARK used by leading zero-knowledge projects like Mina, Dusk, Zcash, and zkSync.
I have an open mind about this area and a technical background. I really struggle to understand what any of this means and what I can use it for. My experience with cryptocurrency (paying for things) has been challenging. As the whole ecosystem is very fragmented it's hard to know what to explore.
ZK proofs allow you to prove you know the answer to something without revealing the answer itself. You may not need to know how these things work at a low level. If you're interested, feel free to dig into zk proofs and the cryptography behind them. The subject is quite deep and rapidly evolving. Ultimately, the important thing to know at a high level is that you can post a zk proof with just a few bytes of data, and that zk proofs, while computationally expensive to generate, are computationally cheap to verify. So they are being used as a blockchain scaling technology, since data storage is expensive on blockchains.
If you're just interested in crypto as a user, I would generally recommend getting a Metamask wallet and interacting with some applications like Uniswap, Aave, or OpenSea.
Smart contracts themselves are mutable, though. They have their own memory allocation and data storage in the VM. While the transaction log itself may be immutable, there is still mutable state at the application level.
And now... we've also hit the ricochet point where now people are taking things backed by a regular centralized database and using blockchain marketing terms for it. Because that's apparently where the $$ is.
> “It’s a real shame in fact that the actual Web3 name was taken by Ethereum folks for the stuff that they’re doing with blockchain. In fact, Web3 is not the web at all.”
Translation: 'I'm so angry and annoyed that Ethereum has gotten more traction over the actual Web3 name than my still in research Solid project and wondering why little to no-one has heard of it let alone is using it. Please ignore Web3 as hard as you can.'
At this point, it appears that crypto is going to be around for a very long time and there will be no complete and total ban on all of it by the extreme and absolutist crypto skeptics.
Web3 is just "web with a sprinkle of crypto and blockchains." The problem space is narrow, and different than what DNS and HTTPS tries to solve. But its not useless, and probably will continue to grow as part of the web.
Internet2 is just the academic peering network and backbone. I general it used fiber leased from commercial providers, so in no way is faster or "better" than what you get outside it.
In the context of TBL's invention combining urls, hypertext, and http, this is about the authentication and authorization steps that ask, "who is making the request, and should they be sent the resource they requested?"
Lacking great peer-to-peer approaches to this, we've gotten certificate authorities and tech giants acting as identity providers. Web3 is about exploring more decentralized approaches here which may, but by no means necessarily, involve blockchains.
> Web 3.0 — User-generated content, user-generated authority. A model is emerging where people don’t have to host a server or create a user account in someone else’s database to create content.
Make no mistake, people will have to host servers to serve the files. That's true with web2 or with this web3 definition. No way around that one. And if you host your file on a torrent, great, but there are fundamental pros and cons of torrents, namely with mutability. Not a panacea or the whole web would have switched to this model a decade ago.
When VC gets to appropriate a new paradigm for the sake of driving speculation people's opinions on both sides become quite uninteresting. To debate Web3 the way most of HN is content to do it is to accept the framing of the loud and careless non-visionaries - on both sides.
All (successful) mediums (markets) become centralized. Per winner-takes-all. Unless it's actively prevented.
"Web3" hubris is to be centralized from the jump, skipping a few steps of the (apparently natural) medium lifecycle. Like Ted Nelson's Xanadu, Zuck's Megaverse, and any number of other exquisite future perfect big bang utopias. Given the historical record, success of this strategy is unlikely.
(John Carmack's paraphrasing of the "all successful complicated systems started simple" criticism of Zuck's betaverse makes the same point.)
Nitpick: Demographic data is aggegregated and monitized. It is not siloed.
I'm almost certain if you were forced to define Web3 you would be incapable of anything but a strawman. I'll make it easier on you, define it how you believe a deluded but good faith proponent would, and I am still sure you would omit many important and fundamental principles, innovations and techniques.
I guess saying "Web 3 is trash" requires no explanation is and psychically understood - but asking to expand on the reasoning for that opinion is magical thinking. Good luck applying that method elsewhere.
Web3 is akin to SOA. The concept of service-orientation was great. We could think of systems as discrete services, each single responsibility, and each working with other services to accomplish a system. Awesome. And so it became popular. Then training courses, certifications, consultants all started to appear in order to cash in on this new thing. It took little time to get to the point where you could ask 10 people what SOA really meant and get 15 different answers, some of them completely incompatible with each other.
A similar thing happened with REST. A similar thing happens to many ground-breaking technologies that get popular, or make good sound-bites.
So..Web3. Web3 started as a bunch of other things:
* VRM - Vendor Relationship Management, the inverse of Customer Relationship Management, where the power and data control is shifted to the customer
* Decentralized Identifiers - IDs that aren't controlled by some third party organization like Google, your company, or the government. This has come in different versions, including info:, XRIs, SOLID, DIDs.
* DApps - Applications that run within the browser and communicate among themselves (and possibly other services) to accomplish tasks and save state. Everyone ties DApps to blockchain smart contracts, but that is just one implementation of the DApp concept.
* DAO - Distributed Autonomous Organizations. This is nothing more than a set of cooperating software agents that execute control over assets based on a provided policy. Policy could be if/else rules, a smart contract, a machine learning CN, or other things. So again, not necessarily blockchain. Charles Stross's Accelerando has a great example of a DAO.
* Distributed Ledgers - This is where the blockchain comes in. However, you don't need to use a cryptocurrency to do a distributed ledger, it's just a common way of doing it right now that is perpetuated in part because it makes people money. Check out the Apache Hyperledger project for more info on distributed ledgers.
* Decentralized Web - Am early term that combined some of the above. Which of the above depends on who you are talking to, but often it included VRM, DApps, Decentralized Identifiers and possibly Distributed Ledgers.
Now add hype (lot's of hype) and a hunger for cash (an insatiable hunger, think
Ghnomb, the troll god of eat from David Edding's Elenium series). Both of those things latched onto cryptocurrencies and stirred them into the Decentralized Web mix of concepts. This amalgam birthed the abomination we know as Web3.
But don't worry, Web4 is just around the corner. It'll arrive as soon as a new innovative technology arrives that is deemed a sufficiently hype-worthy and plump-enough cash cow. My bet is that you will start seeing VR/AR as Web4 within the next few years.
Barnhill's First Law: Any technology movement with a number in it's name is hyper - either ignore it or seek to understand the possibly 20% gems within it and throw away the 80% dross (e.g., Web3 and 5G).
TBL's Solid is a decent attempt to build a decentralized web. But imo it leans too heavily on clunky w3c protocols instead of building something new. The developer experience (at least when I tried it a few years ago) was awful. The end user experience isn't much better.
The problem seems to be that any move towards decentralization necessarily comes with a hit to convenience or ease of use. So outside of the tiny subculture that cares about these things, these projects never get much traction.
That said, I hope we keep building them--there could be a political future where they come in handy.
I don't even understand what Web3 is. Whenever I try to learn about it the discussion digresses into blockchain pyramid schemes that clearly won't scale and other such nonsense. Certainly Web3 isn't just crypto-bros trying to take over the web? Why would anybody outside of the crypto scam sphere care about it if that were the case?
It's more than just crypto-bros trying to take over the web.
It's an italian serial conman in a dark room somewhere, pressing "print" on software that generates ostensibly a dollar-equivalent crypto currency out of thin air, wrapped in a network of criminal enterprises that is currently using special 'insider only' versions of those tokens (tether-trons, vs tether-eths) to facilitate the theft of the life savings of a generation of middle class chinese, wrapped in a nesting doll of scams and pyramid schemes, wrapped in the greed, hubris, and legitimate desperation of a generation of 1st world hustlers, all wrapped in crypto-bros trying to take over the world.
If it was just crypto-bros, there wouldn't be anywhere near so much smoke to confuse/conflate with fire: the market manipulation being facilitated by the dirty (and clean, albeit grifted) money entering the system makes the whole thing seem financially bigger than it really is. But despite all the smoke making, it is still just a fart in a colander: the entire crypto market cap, as fanciful and hyperbolic as it is, is still less than the market cap of Apple.
The really astounding part is that so much of this activity is being recorded on publicly accessible server ledgers, in real-time.
Sorry, I should have said "presumably inadvertently exactly technically correct" … and then I would have presumed wrong, but at least not made a baldly incorrect statement about technical correctness.
Can't you just say the same thing about the fiat currency that you say Apple's holding? It could also "go to zero". And certain "tokens".. specifically, let's say something like Bitcoin or Monero, actually do have what you would call "intrinsic" value since they require the expenditure of actual, physical energy to obtain, unless you know of a viable attack on those proof of work systems that you're not telling us about.
I don’t think you can. Apple owns real estate, intellectual property, and tons of tangible physical assets. The market is not going to decide Apple’s patents are worthless, California Real Estate is worthless, their factories and manufacturing equipment is worthless until there’s some world-ending cataclysm.
> The market is not going to decide Apple’s patents are worthless, California Real Estate is worthless, their factories and manufacturing equipment is worthless until there’s some world-ending cataclysm.
I'm not sure why you think there has to be a world-ending cataclysm for this to happen? If there were any major change in the way societies or economies were organized, Apple the entity could cease to exist entirely, or some/all of its assets could cease to belong to them. Like for patents, it certainly seems like the world is very far from deciding to abolish IP, but if society wills it, it is very simple to do.
My real point here is poking fun at how, as has been observed in the past, "it is easier to imagine the end of the world than the end of capitalism." People are talking about world-ending cataclysms when the much more mundane "downfall of an economic order and rise of a different one" is a possibility too.
I think it's reasonable to say that "any major change in the way societies or economies were organized" which resulted in all of Apple's assets going to zero, including the US Dollar, would qualify as the end of the World As We Know It, and would be effectively cataclysmic in magnitude as far as its effects on society.
...Whereas blockchain assets going to zero doesn't even register as a blip to the average citizen.
The requirements for a major sudden loss of value in Apple would likely involve a loss of value in a vast number of other presently high-intrinsic-value assets: real estate, the entire tech sector, the US and global economy, etc., etc.
Devaluation of cryptocurrency assets, on the other hand, could come about from someone sneezing. Or other events which would have similarly little impact on any asset valuations outside the crypto bubble itself.
The market's view of the likelihood of Apple disappearing via the things you suggested is priced in by people choosing to hold things like gold, NZ property to escape to or I guess guns and bunkers.
no we were talking about the 'cash' they hold. I dont get why you're bringing such tangential things into the discussion. what guarantees the value of USD is (a) its current adoption and (b) the fact the US stands behind it and will police and secure its usage. how is that different from a proof of work, asic resistant cryptocurrency?
Apple does have worth beyond it's stocks because it owns stuff. The chairs in Apple's offices are worth more than some very profitable small businesses, let alone their current working inventory of devices or the parts to make more or the IP that they've generated to make them, or or or ad infinitum.
Cryptocurrencies are a null term. There's no there there.
we weren't talking about the value of apple's stock or its property aside from the cash it holds on hand. did you just not read what i wrote? the considerable number of downvoters must have made the same mistake as you i guess. the question is whether fiat cash is any more real than cryptocurrencies.
and as for them being a null term, you have no clue what you're talking about or you're intentionally trolling. please don't reply to me.
You are right, I misread. I apologize. Unfortunately, you don't get to decide who replies to you or not, and the "but fiat currency!" is even easier to disabuse: it has societally inherent worth because it can be used to pay taxes even if it is not accepted in any other venue (which of course it is), whereas cryptocurrency's primary use is to grift or be grifted.
That is inherent worth, unless you intend to go full big-brain about the Fall of Society, and at that point nobody is going to care about your digital ledger unless it comes with lead-backed securities.
They have tens of thousands of chairs in Apple Park alone. Even if every chair went for $50, Apple could net hundreds of thousands of dollars. There's plenty of small businesses that would kill to net hundreds of thousands of dollars.
It's an italian serial conman in a dark room somewhere, pressing "print" on software that generates ostensibly a dollar-equivalent crypto currency out of thin air, wrapped in a network of criminal enterprises that is currently using special 'insider only' versions of those tokens (tether-trons, vs tether-eths) to facilitate the theft of the life savings of a generation of middle class chinese, wrapped in a nesting doll of scams and pyramid schemes, wrapped in the greed, hubris, and legitimate desperation of a generation of 1st world hustlers, all wrapped in crypto-bros trying to take over the world.
Replace italian with <insert racial boogeyman here> and you would literally be describing the current financial system.
So they're conmen using smoke and mirrors, deception and... this sounds like a lot of fancy words that mean the same thing as "crypto bros". Crypto bros are all of the things you say, so what's the distinction?
He means to say there are not just fanatic believers who are winning minions in pyramid schemes, but there is also professional large scale systematic extraction of wealth
Wow. I have been guilty of this very same blunder many times and I understand it's just a joke, but please realize that it is not pleasant to be on the wrong side of a joke for no reason.
I'll be more careful with my generalizations in the future. I am confident you will be, too.
>>It's an italian serial conman in a dark room somewhere, pressing "print" on software that generates ostensibly a dollar-equivalent crypto currency out of thin air,
There is zero evidence for the Tether conspiracy theories.. But I gotta give you marks for creative writing.
> There is zero evidence for the Tether conspiracy theories.
Tether has literally admitted to lying, which means at least one of the conspiracy theories is true by the admission of the major player. There is plenty of evidence that they are still lying, but the biggest evidence is that (unlike the rest of the financial system!) they claim to have $10s of billions of financial assets and refuse to identify which assets those are.
The conspiracy theory is an extreme exaggeration on what has been admitted, which I believe is - at one point - reserves of 77 percent of liabilities, and even that admission I'm not certain about given how much any news about Tether is misconstrued by the regulatory crowd.
It's a bit sillier than that, since for the time being, crypto-bros are making money not by levying a tax on what people do online, but by speculating on the potential future income from levying a tax on what people do online.
Convincing others that there's imaginary future money on taxing online interactions is where the real present money is actually made. In a way, this turns their biggest weakness (they can't actually achieve their goal) into their biggest strength (their audience is people who aren't tech-literate enough to understand that they can't actually achieve their goal)
Also about VCs having a lot of excess money that they siphoned from LPs during the zero interest rate period.
And since Web2 has largely picked its main winners and losers an opportunity existed to reset the game and pick another set. Only this time they would be the ones to invest in the next Apple, Google etc.
Web3, in good faith, and sophisticated vision, is taking the ability to authorize digital privilege without oversight and working backwards to scale that ability down to the minutia of online interaction.
Bitcoin achieves it for the narrow privilege of publishing small amounts of block data to it's chain. It's important for the security of Bitcoin that this is what the novice would say is "inefficient" - but the minutia online activity is far lower stakes and therefore naive proclamations that Web3 is all Web2 data hosted on blockchain is an embarrassing suggestion - there are extremely basic techniques like hashing data in Merkle Trees as a timestamp service that any cryptographer would reach for before adding arbitrary data to a blockchain.
Techniques like that and systems which allow one to own their identity independent of corporations or Public Key Authorities are the basis. Obviously it has a long way to go - but try not to mistake your obtuse guess for what is possible.
Seems like “web3” has completely missed the mark and is actually highly centralized, arguably more so than web2. If I had to guess, it’s because expediency requires it. If you’re in the middle of a gold rush, first principles like decentralization are quickly supplanted by principles like “line goes up”.
> Seems like “web3” has completely missed the mark and is actually highly centralized, arguably more so than web2.
In the sense that the “web3” brand is mostly used to make proof-of-concept and crypto startups in the Ethereum ecosystem, which is just one ecosystem, and a highly centralised one at that, 100%.
Creating a decentralised web is extremely difficult. Most Ethereum web3 projects are more like concept art within a research project.
> We’ve had it for years: tor’s .onion sites. And look how popular they are… when was the last time you visited one?
Don't ask this kind of rhetorical question on HN - HN is exactly where you can find a lot of audience that can honestly answer this question with "today" or "yesterday". :-D
ERC721 is an EVM spec, how do you even propose achieving this kind of restriction in Solidity?
tokenURI aims to be flexible and unopinionated. It can be an inline SVG string generated by the Solidity contract itself, an IPFS link to a JPG, some app's custom protocol URI scheme, or a mutable HTTPS CDN like a game developer using NFTs but wanting to retain control over their assets.
Yes, and all-but-two of those ideas are awful, because the server or IPFS-pinning node backing the asset file is gone off the face of the Internet six months later, so now you've got an NFT that looks like nothing.
(My company, among other things, spiders + scrapes + archives NFT assets. I know what I'm talking about here.)
ETC721 should have been limited to exactly two use-cases:
1. embedded data: URNs
2. URNs for data on distributed content networks that make permanency a guarantee for posting (e.g. Arweave); where an oracle-check that the data is in the network at the time of creation from at least one client's perspective is required as collateral to successfully mint the asset.
As it is, I'd settle for even IPFS-without-guarantee-of-pinning, as long as you can guarantee that at least one node accessible to the public web has the data at the time of mint. That'd at least mean that someone who does care could come along, scrape the asset, and then pin it themselves to ensure the URN never goes bad from then on.
Even this, though, is far more thought than people put into earlier standards, e.g. the Solidity compiler's deployment metadata, which is always nominally an IPFS URN, but is never actually populated by the generated metadata. If they had just stood up a backend at ReMix.org that pinned these metadata files, and had solc push compiled metadata to said backend, then we wouldn't be where we are now with the (centralized) Etherscan "verified contract source code" being the only way to see/decode the storage layouts for (even some) contracts.
ERC721 is not designed to solve permanent media storage or force usage toward a certain storage network. Better the ERC721 spec does not try to solve for this.
totally disagree with your assessment and would hate to be forced to rely on oracles to deploy a mintable ERC721. I like the broadness and simplicity of ERC721 and would attribute that to its success.
The chain is open and public, just publish your own ERC with oracles and see if it takes off?
To be clear, I agree that the broadness and simplicity of ERC721 is what led to its success.
My point is that "success" (in the sense of "a lot of people making NFTs" or "a lot of people investing in NFTs") is a bad measure for things that "Web3 society" should care about, because the whole thing happening with NFTs right now is a speculative market run by people who want to make money first, second, and N≤1000th; and to package art they would have made anyway for long-term secondary-market appreciation, roughly dead-last.
(And even if they did want that, they don't know how; the whole ecosystem is geared toward splitting technological competence out of the equation into fly-by-night professional-services firms and their productized "NFT as a Service" offerings, leaving the decision-making for choosing those firms in the hands of independent artists/musicians/etc — i.e. people who have no idea what considerations are at play for things like fault-tolerant distribution of digital media. Or in the hands of businesspeople who recruit and exploit such independent artists en-masse, with eyes only on short-term profitability of their NFT collection offerings, and no thought toward long-term asset valuation even ten years down the line.)
Insofar as the people building Web3 — and Ethereum specifically — can be said to share a set of ideals about decentralization, immutability, permanency, etc., the kind of people who have come in to create NFTs are operating explicitly against these ideals (see also: the fact that NFT asset URIs — and NFT metadata generally — is updatable; the artist/their publisher can come along and decide they want to replace your monkey with a "better-drawn" one after you've bought it!)
IMHO a non-fungible asset standard that was actually written and used to the same ideological purpose that Ethereum itself was created and operated, would look far different.
It's just that "the ideological purpose for which Ethereum itself was created"... isn't a very common thing for artists or business-people to care about; and so that kind of NFT wouldn't have any speculative market behind it. So nobody would even know it exists. Except maybe digital conservationists, and the rare kind of private collectors who want to engage explicitly with digital conservationists. The sorts of people who would consider purchasing something from the Smithsonian's private archives.
---
Also, re: oracles, I can see why "get an oracle to do X" is onerous; my own personal stance has always been that there should be functionality built into Ethereum-alike nodes enabling every node to be its own web2 + web3 oracle; in two primary senses:
- "declare your intent to request an arbitrary web2 URL; actually request it; and embed the request+result together into a tx, where your key then asserts provenance on the fetch" being a core RPC method you can expect to exist on any node for any Eth-like blockchain
- "fetch an asset by URN from a permanent storage network into memory" being an EVM opcode — the permanency means it's deterministic, so why not, eh? Though, such an opcode would actually be terminal — would interrupt current TX execution and instead queue a thunk into a state-trie scheduling queue, to be evaluated when the runtime finishes the blocking IO for the tx. (Like how Microsoft Orleans does blocking-yields on distributed actors. See also, the way Elrond's cross-shard transactions work: https://docs.elrond.com/technology/cross-shard-transactions/.)
Of course, none of this exists today, let alone did it exist in November of 2017 when the first ERC721 token was minted. :)
So, like I said, I'm an outsider, I don't know what ERC721 or EVM or Solidity are.
I'm just someone from the outside saying, from the actual current popular use cases of NFT, it seems really a mis-match between design and use-case not to have a digest fingerprint, right? What confuses me if that, from your comment it seems like the "community" does not agree... or perhaps thinks this is somehow an insoluble problem?
If it's totally arbitrary what the payload is, like it doesn't even have to be a URL, but URLs seem quite popular... okay, how about putting in eg `https://example.com/some/url#sha512=a1bd4ef`
Marketplaces could put a special tag on items that supplied digests, the marketplace could even check it and confirm it. No change to standard needed. (Since I know nothing about what I'm talking about, it's possible I have some details wrong, but surely something along these lines is possible? This does not seem like a sophisticated technological problem, to embed a digest in a recognizable way)
If it's not being done, it would seem like there isn't sufficient interest in it? That is what confuses me.
OpenSea already does tag NFTs as having "Centralized" or "Frozen" metadata, verifying the URI as you say. ERC721 spec only deals with EVM and Solidity, where it would not make sense to try and force the token contract URI state to match a specific hosting protocol.
I feel like crypto meant something different in the early days. I think the 2017/2018 bull run with the BitConnect collapse is where we start seeing major faults in the crypto ecosystem.
The NFT/DAO and VC boom is the ideological nail in the coffin for me. I guess that's what people cal Web3... so perhaps you are right.
Nah, scamming was there basically from the start, it's just that every iteration of it has been more egregious than before (NFTs today, ICOs in the previous iteration...)
The good news is that it's hard to imagine how it could get any worse, the bad news is that perhaps I am just lacking imagination ?
There is no single company driving the PR and marketing for Web3, so the term is whatever somebody wants it to be. But the vague way to describe it is an approach to building web apps with decentralized public blockchains and smart contracts, like DeFi or ENS.
For one small example: enabling this https://docs.ipfs.tech/ website, to be delivered to your browser care of a (replaceable commodity) gateway node that fetches assets by URL-embedded content-hash from an open-membership DHT.
(If you're wondering how this website appears on its own domain rather than you needing to directly visit the domain of the gateway node, that's because of https://docs.ipfs.tech/concepts/dnslink/).
Site will never go down; data backing the site will never be lost; content-addressability of data means data is guaranteed to be the same data that was intended to be published, with no ability for e.g. a state-actor to tell Amazon to modify what's in the S3 bucket.
In other words: if someone could figure out how to host ThePirateBay on IPFS, then governments wouldn't be able to take them down any more. They'd only be able to take down arbitrary IPFS gateway nodes; and if they did that enough to be a problem, anyone who cared could work around that by just running their own IPFS node. (Or using a browser like Brave which runs its own IPFS node internally.) Content will be fetched from by DNSLink-aware browsers in preference to hitting the gateway specified in the DNSLink record, so as soon as you used such a browser, all the taken-down domains would just magically work again for you.
IPFS itself doesn't guarantee these things, but it serves as the technological basis for higher-stack-layer technologies — centralized "pinning" services like https://web3.storage/, and decentralized ones like FileCoin — that do make these guarantees.
IPFS's own docs do have these additional higher-level guarantees — so they specifically will never go down.
One way to think of this is that, in a centralized model, the owner of an asset has to choose a single centralized CDN partner to collaborate with to distribute that asset, where the website you visit is really a pointer to the single (fallible) CDN partner.
Whereas, in a decentralized model, the owner of an asset can pick zero or more CDN partners who will all then "back" the asset on the DHT with their own mirrored copies of it. And I say zero or more, because the asset-owner can also still back the DHT asset with their own mirror on some personal node, without this causing much of a problem for them. (Where doing this wouldn't help in the centralized-CDN case, for two reasons: if the central CDN goes down, clients don't automatically switch to fetching from the origin that populated the CDN; and even if they did, a personal origin server would likely fall over under the traffic load. Whereas in IPFS, those nodes fetching copies — gateways et al — become (temporary) mirrors of the data themselves; so an origin server only ever has to serve O(log N) copies of an asset, not O(N).)
Also, in a decentralized model, besides the owner, anyone else who is interested in the asset's continued availability, can also choose to increase the data's availability in the network by mirroring it themselves (or by paying some pinning service to mirror it.)
Compare/contrast: organizations like universities who seed torrents of important data like Linux distro ISOs. IPFS is the BitTorrent model of data survivability/availability, but applied to websites / web assets.
----
Which is all the way one would present this until a few years ago, since IPFS used to be the forerunner in this space... but now there are decentralized protocols that are similar to IPFS but are "permanent" at the network level, e.g. https://www.arweave.org/. With these networks, as long as you pay the (one-time) costs related to writing data to the network, your assets will then be available on the network as long as the network itself exists.
“Better” is relative, depends on your frame of reference. Anything crypto will be better in some ways, and worse in others.
Like self custody: the idea of owning a valuable and transferable asset by only holding a private key was not possible prior to Bitcoin. The closest comparison might be a domain name: people feel like they own those, but they are just renting them from a registrar who leases you the account and ability to edit your domain records.
This applies all over Ethereum, DeFi, ENS, NFTs. Look at Aave, that allows lending and borrowing without a custodial service provider.
Certainly web3 is used by lots of different people to mean lots of different things. And many of those people are there to scam.
Part of web3 are DAOs, corporate entities with both a legal presence as well as a presence on a public blockchain system of record. The DAO is an organization where people perform work in the context of workflows and incentives. The workflows and incentives are called a protocol.
The protocol is implemented in code, and the record of activities are on the blockchain. Governance of the protocol occurs in the non-blockchain legal organization.
There are many entities- many non-profits and public service entities, passive management entities like real estate management, many others- that in the future could be much more fairly, sustainably, and transparently operated as DAOs.
Much- very much- has to be done still, of course. But I am confident that in 10-20 years participation in DAOs will be common and a net benefit to society.
Web3 are browser-based wallets (or mobile based) that can authorize transactions in a blockchain securely because it's separate from the web page itself. When I use metamask to buy something on the chain, it'll ask me to confirm if that's ok or not. That's all that the developer of the page can do, they can ask metamask to confirm the transaction is safe. Once it's confirmed, a one-time unique token for the transaction is created, and used to execute the transaction. This can work because the browser provides the secure separation between app and wallet. Otherwise, no one would trust a 3rd party to run transactions for them on the blockchain.
To me that sounds like reinventing the wheel, as it's basically the same process by which online shopping services have integrated for years with payment service providers (PSPs), which contact customers' banks to do strong customer authentication (SCA), such as 3-D Secure v2, without the need for a blockchain.
In fact, I can minimally edit your description to make it an accurate description of checking out using Braintree, for example.
«The drop-in UIs is an external wallet that can authorize card transactions securely because it is separate from the merchant's web page itself. When I use my credit card to buy something from a retailer, the PSP will ask my bank to do a SCA to confirm that it is me doing it. That's all that the merchant can do, they can ask the PSP to confirm the transaction is authenticated. Once it's confirmed, a one-time unique token for the transaction is created, and used to execute the transaction. This can work because the browser provides the secure separation between website and wallet. Otherwise, no one would trust an online shop with their credit card details to run transactions.»
The "app" (Distributed App / DApp) is some arbitrary thing written by a developer, running in a sandbox in a tab in your browser.
The "wallet" (Metamask) is a browser extension containing a set of pairs of (RPC gateway URI for a given blockchain, cryptographic private key for an account on said blockchain.) It can also proxy through to other such "wallets", e.g. "hardware wallets" (smart cards.)
"web3" is an API (like any DOM API) that the browser extension exposes to app, allowing the app to ask the wallet to do things (where the wallet then asks the user to confirm that they want to do those things); and, through the wallet's connection to blockchains, to watch for things to happen on a blockchain.
Together, these additional APIs allow web3 "DApps" to transact on blockchains, and to observe what happens in response to their transactions.
Example DApps:
- Gnosis Safe (https://gnosis-safe.io/) — an interface for deploying and managing multi-signature smart contracts (i.e. trusts whose assets are controlled by M-of-N voting)
- Sushiswap (https://www.sushi.com/swap) — an interface for creating and managing Automated Market Maker liquidity pools
On all of these websites, you'll notice that instead of registering an account, there is a button that CTAs you to "Connect a Wallet." This is requesting permission to communicate with the web3 agent installed as an extension in your browser.
Deploying a whole ass web application on small, immutable smart contracts seems inane to me. Reminds me of something programmers do not because its powerful, but because its hard and it makes them feel cool.
It is powerful. The contracts run 24/7 with 100% uptime. Hayden Adams created Uniswap with about 1000 lines of code using an elegant xy=k formula to create the first good automated market maker, Uniswap. It essentially replaces much of the functionality of an order book on a stock exchange, except it's decentralized, global and permissionless. Plenty of other good examples in web3.
Cryptography is the basis of Web 3.0, so in a formal sense there is none.
But I think that you rather want an example that is a little farther away from finance markets. Consider, for example, the (in my observation mostly dead) Namecoin:
They won't, because they can't. Executing a smart contract costs thousands of times more than executing a normal piece of software. Everything you see would still be served by an ordinary web server, and interactions with the blorpchain are all mediated by one or two centralized API services.
> Executing a smart contract costs thousands of times more than executing a normal piece of software.
No, not necessarily. For one let's qualify that statement. Smart contracts on Ethereum are executed 100,000+ times by every node on the network, which is providing security and uptime for the network.
Some software transactions have external costs associated with them, such as financial transactions. Doing an international bank transfer may simply boil down to a credit in one SQL database and a debit in another SQL database but it still can cost dozens to thousands of dollars depending on the amount, and the situation. Even a VISA credit card transaction costs 1.5-3%. You as a consumer don't see that cost, the retailer is eating it though, and marking up their products and services to accommodate that fee.
But ETH transaction fees do not scale with the value of the transaction, it simply scales with the demand for the limited block space.
Ethereum community has been actively developing solutions for this problem, by developing optimistic rollups and zero knowledge rollups, which are effectively able to compress transactions and scale the network throughout by 100-1000x. Innovations like this will get Ethereum to Visa scale plus.
This technology is still early, but rapidly improving. Currently deployed rollups are in the 10-100x scale improvement range.
What international bank transfer costs “thousands” of dollars to complete? What ethereum transaction only costs 3% to complete? Are you saying that a retailer accepting crypto will suddenly no longer need to “eat” the transaction costs because… crypto?
Every transfer service has transfer limits. Have you ever tried to send $1M or $10M internationally? What service provider would you go through to execute the transaction? What are their fees? Not only will your transaction be delayed as much as weeks, you'll have additional forms to fill out and fees and expenses associated with such a transfer. Even more so if you are converting to another currency.
On Ethereum, you can execute a swap from one currency to another (0.3% fee) and have the transfer execute to anyone in the world in 15 seconds. Even in a highly congested time on the network, that will cost at most a few dozen dollars. Doesn't matter if you're sending $1K or $1B.
Crypto isn't ready for retail use cases yet, but it's within the next few years (less than 3) that it gets there. Retail transactions will occur on rollups. The retailers will pay transaction fees of a few pennies to a few dozen cents. It will not be percentage based on the transaction value as VISA, AMEX, etc currently get away with.
Any sufficiently large transaction costs less than 3% on Ethereum. MetaMask claims a transfer would cost me 63 cents, so a pure Eth transfer of more than $22 for example. Though of course you can do it a lot cheaper on L2s.
You don't, actually, though. You only put what little stuff that people might distrust if any one party had centralized control over — like ownership — into smart-contract state. Everything else is fine to be stuffed into a database or centralized web backend somewhere; or just left to everyone individually to derive + implement themselves however they like.
For example: CryptoKitties. The only things in the on-chain state of CryptoKitties' contracts, are the kitties' ownerships, and their "genes" (an entropy blob, a bit like Pokemon https://bulbapedia.bulbagarden.net/wiki/Individual_values.) Because these are the two things that, if they were entirely in the hands of CryptoKitties themselves, you'd be suspicious that they might "cheat" on, by e.g. making their friends special kitties with genes nobody else can have; or deciding one day that kitties that aren't "cared for" should be forcibly transferred back to an "adoption agency." If either of these things were found to be possible, the value of kitties would quickly drop to zero.
Meanwhile, what exactly a kitty's genes translate to in terms of actual kitty features, is dictated by some arbitrary centralized Javascript on the CryptoKitties website. Nobody distrusts CryptoKitties on this aspect, because it doesn't really impact the value of their investment relative to other people's. If the same gene makes kitties render with wings one day and vampire fangs the next, that might upset people, but it won't make them do a mass sell-off of their kitties. After all, CryptoKitties could always change it back, so why would you sell "early" rather than wait to see if they do?
Or, in short: you put data in a smart contract if a game-theoretic prerequisite of your system working out is for certain data to be only updated in an openly-audited, multilaterally-agreed-upon way. (Good non-crypto example: the dealer's shuffle between hands at a card game at a casino. Done right in front of all the players, because otherwise they wouldn't trust it.)
Web3 was the term created 2014 to originally describe three properties (protocols) that decentralised networks can bring to web without need to rely on centralised service providers. Web + 3 = web3:
- eth: making transactions with smart contracts
- bzz: decentralised storage - save files
- whisper: peer-to-peer messaging, chat, etc.
More about the history of web3 in my Twitter thread here:
One piece that is for some reason insanely undervalued right now is: a global key sharing system with a baked-in reputation mechanism (you can burn cash to prove to the world you care about your public key). Combined with a human-readable naming system (like https://ens.domains/ or https://www.lens.xyz/), you've got the world's simplest and most useful auth system. SIWE (https://login.xyz/) is going to be the de-facto auth standard for all new web applications at some point in the near-ish future.
I've used multiple crypto based sign in mechanisms and own a (tezos) domain, and I absolutely do not think it is the future or going to go very mainstream. Maybe I'm wrong, but crypto-as-auth seems highly problematic in my experience.
Perhaps the biggest issue is that if you lose your key you have no recourse to recover your identity. Another big issue is paying fees or waiting for transactions when I shouldn't have to, like updating some profile information or logging in to a service. I don't want to use any form of financial identifier or financial account to sign in to any non financial related web service for obvious reasons. There isn't really a decentralization imo if you're using metamask or kukai or other wallet service, it doesn't seem very secure, and it's a pain or flat out unsupported to use anything else.
And for all these & other related drawbacks, I just don't see any upside over tradition auth systems.
1. An ill-defined buzzword with some vague concepts to try and "fix" aspect of the current web. Nobody can really agree what it is or isn't.
2. The crypto-bros various attempt(s) to implement their special vision of this buzzword, mostly in an attempt create a reason for cryptocurrency to have some kind of intrinsic value.
> Why would anybody outside of the crypto scam sphere care about it if that were the case?
People generally don't, but that doesn't so crptobros continually trying to "gaslight" people into thinking it's going to be a thing. The technique worked quite well when used for bitcoin, why not try it again?
Feels like the "meat" centers around smart contracts and stuff, but from what I can tell it mostly breaks down to exchanging value via blockchain transactions. Maybe it's building to something awesome that I can't understand yet, but right now it's hard for me to buy the vague promises from various web3 promoters. I've been hearing "it's still early days" for quite a while now.
Except that (a) there is no requirement to put all data on the blockchain and (b) it is prohibitively expensive to do so.
So you end up with a situation like OpenSea. Half of the information about the NFT is on the chain but then the other half is in its own private database e.g. ratings, reviews etc.
Of course there's no requirement to put all the data on the blockchain. Why would there be? I even consider torrent networks to be "web3" and they're not blockchains.
It is not prohibitively expensive to store data on a blockchain, however. Arweave and Filecoin are the largest storage-centric blockchains. They each have multiple exabytes of data stored on them. Currently, you can store on Filecoin for free: https://nft.storage/ as a promotional thing, but even for larger data stores (https://web3.storage/) it's $10 / month for 120GiB and 8 cents per GiB after that.
OpenSea itself is a marketplace with some centralized elements. That's fine. The core listing, selling and transfer logic is written as a series of smart contracts, however.
They also compete with other marketplaces, some which are fully decentralized. They do not control or own the important data, which is the NFT itself.
Some NFTs store all the metadata on chain, you can implement an NFT contract metadata as base64 encoded JSON (as you can see in a recent project https://etherscan.io/address/0x6f4388602c5dd6c593bf7c9cf3128..., plug in tokenId 2 into tokenURI to see). Some store them on IPFS with a hash based reference to the content. Some use centralized storage in a private database. All are valid use cases with varying applications. If you only want to own fully native-chain NFTs, feel free to filter based on that criteria.
It doesn't take that powerful of a server to serve static websites. And some data is held in open data stores, such as Filecoin or Arweave. Some data is held on-chain, as ENS does, for example.
I am also skeptical of it. I think the idea is that if you have pervasive microtransactions, and smart contracts which can participate in them, then you can easily create web applications where revenues are shared with users, in a transparent and predictable way.
Consider Facebook. Facebook is an advertising platform: advertisers pay money in exchange for users looking at ads; users look at ads. But the users don't receive the money! Facebook keeps the money. A Web 3.0 version could pass some fraction of the advertisers' money on to each user; the amount passed on could be based on various aspects of the user's activity, to incentivise them to do things which increase the value of the ads (looking at ads, attracting other users to the site, etc), and to not do things which decrease the value of the ads (driving other users away from the site, posting naughty content, etc).
The fundamental theorem of Web 3.0, as i understand it, is that this is both better for users (they get paid), and also better for site operators (users will be attracted by the prospect of getting paid).
There are problems with this, even on its own terms. Firstly, every site now has to be structured around some sort of transaction, where somebody is prepared to pay. You can't just have people hanging out aimlessly. Now, maybe that just means that Web 3.0 isn't universal, and there are sites where it doesn't make sense. But the best places on the net have always been places where people hang out aimlessly, so this seems like a substantial lacuna. Secondly, detailed, mechanically applied incentives often end up driving behaviour that isn't what the setter really wanted; you end up with everyone breeding cobras etc. Web 3.0 sites might end up not being better for users or operators. Thirdly, a Web 3.0 site will be less profitable for its operator than an equivalent Web 2.0 site, so it will (often) be less attractive as a thing for an entrepreneur to build. I suppose the theory predicts that Web 3.0 sites will outcompete Web 2.0 sites, so entrepreneurs won't have a choice.
Then there are problems where the theory interacts with reality. We already have transactions, without using cryptocurrencies, and as long as users are happy to batch up payments and withdrawals, transactions on sites themselves can be arbitrarily micro. We don't have smart contracts without blockchains, so users would have to trust operators to apply incentives fairly; but people already trust all sorts of companies to do that (credit card rewards, supermarket loyalty points, MMORPG XP, etc), so this isn't a real obstacle. If we wanted to build sites like this, we already could!
And then there are the general cryptocurrency / blockchain problems. For every one genuine and sensible attempt to build a site like this, there will be a hundred which are genuine but ill-conceived, and ten thousand which are scams. This is pretty much a market for lemons.
So i'm not sure there is any reason for anybody outside of the crypto scam sphere to care about it. It won't take off, and if it did, it would be crap.
Fundamentally, it's being able to control digital assets, like a unique name, or digital currency, with your own device.
You can even forego the speculative aspect of it entirely, and just hold USDC/DAI. Sending value is as simple as effecting a transaction from your browser-based MetaMask wallet. It removes all dependencies on third party custodians and payment networks like Venmo or PayPal.
The technology still has major missing pieces, like privacy (which isn't helped by OFAC's recent designation that prohibits Americans from using the largest Ethereum-based privacy protocol), but the fundamental functionality is a major innovation and leap.
First of all "controlling digital assets" is a solution in search of a problem, for a majority of people anyway. Secondly, in order for that to be even remotely possible, the first thing that is needed is trust. You can't replace that by any algorithm.
Trust isn't there, and for good reason. Rug-pulls are rampant. Entities that present themselves as solvent one day fall down like a house of cards the next day. It is the Wild West, complete with gamblers, snake-oil salesmen, and bandits, and the sheriff is just another bandit.
The major "innovation" crypto brought has been in leveraging psychological manipulation techniques previously used by cults and sects in order to quickly part foolish people from their money. The math part is just a distraction.
I think it'll prove to be a massive need, as it removes a lot of points of friction.
When people have electronic cash on their device, they can, at least in theory, do things like pay $0.01 to bypass a paywall and read an article on a website they just found, without registering with the website or entering their credit card details, and without the website needing to have an account with the same trusted third party payment network as them.
This kind of seamless commercial interaction is made for the jurisdiction transcending internet age.
Also, I think the vast majority don't like the idea of internet commerce being controlled and gatekept by a handful of multinational corporations who run the proprietary payment networks, and decentralized digital currency offers a clear way to fix that.
Truth be told, while a legend of his time Tim Berners-Lee is a dinosaur who while likely has great insight also comes from a different generation. He's not much different than other blockchain cheerleaders each pushing their own solution. IPFS is the closest we've came to Web3 or whatever you want to call it, but there is still a lot of issues. Where blockchain solutions fall short is none of them are really decentralized. An ideal Web3 IMO would be a distributed storage that you can contribute a certain amount of storage on practically any device and it is able to predict and allocate resources efficiently to scale at datacenter level performance.
> Where blockchain solutions fall short is none of them are really decentralized.
Of course they are. If this is a no true Scotsman argument please advise so I can move on to more productive discussions.
Filecoin or Arweave are essentially what you describe, but of course they don't achieve data center performance. That doesn't mean they aren't decentralized. There are trade-offs to decentralization.
That is not how Filecoin and Arweave works. I'm talking about like thousands of users distributing content for free because they like the content and they allocate a percentage of their devices storage to do so.. and no not pinning it, because IPFS doesn't auto distribute a portion based on allocation ratios.
Filecoin and Arweave is nothing more than riskier data storage and usually more expensive that what you'd get with B2 or R2 with like one or two copies at most.
IPFS is just a routing protocol, it is not a storage protocol itself. Pinning just lets other nodes know that you're hosting a particular file.
Anyone can operate a Filecoin or Arweave node. They are compensated for allocating harddrive space on those nodes with FIL or AR tokens. AR has the unique feature of 200 year storage, so it is certainly more expensive than B2. But currently you can store a substantial amount of data on Filecoin for free: https://nft.storage/ (this is temporary promotional storage, but still, the pricing is competitive).
They are stored on multiple nodes when you pay the fee.
But of course, these services have a different purpose altogether than traditional cloud based infrastructure. They are designed to act as a censorship-resistant and long term archive. They don't have the low latency of CDNs or what have you. That's generally ok, because you will typically use FIL or AR as your archive layer and also publish the data to a cloud provider for hot storage access. It makes sense to use IPFS, then, so it can link all these sources together for the same content.
Uh yeah. That's called a Personal Computer - "PC" if you haven't heard of it.
The problem is that technology came along and gave us a "PC" in our hand (cell phones) that wasn't a "PC". What we need is an actual "PC" in our hand. That is: a cell phone that is under the control of the user (and no, a "global single-sign on" sounds absolutely worse than "web3" <- whatever that is).