I read both posts, and I still have this question.
Is it possible to provide a clear and simple explanation? Is there any answer at all which is not the expected "you're right, centralized crypto is pointless at best and a scam at worse"?
Otherwise this sort of reply feels like a blatant attempt to dismiss a concern through hand-waving for which there is no good answer without addressing any of it's points.
Repeat after me: "blockchain is only required if you want to solve a problem that deals with permissionless, trustless and distributed consensus".
- permissionless: no previous vetting/authentication/authorization of any participant. If you can a priori authenticate users, you can have a decentralized system with Paxos, and you can run a "decentralized" governance system based on simple "web of trust".
- trustless: no participant is assumed to be reliable/honest
- distributed: the network can suffer disconnections and partitions, but the overall system can still work.
If you can choose who will be allowed to define "consensus", you can use other BFT consensus solutions, so no blockchain is needed.
If you have a "cooperative" model, this assumes that you can trust the participants, so no blockchain is needed.
If your system can withstand network disconnections/partitions, no blockchain is needed.
Blockchain only requires people to coordinate on choosing the same programmatic criteria for block validity (and then choosing the longest valid chain).
My understanding is, some centralization doesn’t defeat the purpose of the blockchain. e.g. if a centralized server stores and modifies the blockchain but it’s public, then clients can verify the blockchain, and fork it if they don’t agree with the server.
But too much centralization, which seems to be the case now, basically does defeat the purpose. Because if everyone is using the same client and server or if people are interacting with these services insecurely exposing their wallets and data, then these companies could switch their backend to not use a blockchain or just steal coins. Most people probably wouldn’t even notice, and even if they did there’s nothing they could do.
-- ps
So the question is whether it is possible to have effective solutions in that design space. Email in fact fits these design parameters: end users can use PGP and PKI to have private and authenticated communication, but as Moxie knows far better than me, it hasn't happened because now we have shifted the burden of running 'something' back to the end user again, who is now responsible for participating in a 'decentralized trust' system.
It appears the problem is reducible to (and thus is fundamentally about) identity and associated attributes of an identity.
So what we really need is a decentralized identity infrastructure with 'last mile' interfaces to your physical political jurisdiction for those who want "legal" attribution for fully decentralized interactions (possibly built on centralized infrastructure). All other "Web3" systems can be built on top of these.
I can build a competitor to OpenSea that has access to everyone's NFT ownership data because it's in a public blockchain. If Twitter decides to shut down their service, it's gone.
