Trust is a feature, not a bug. If trust is violated by rogue agents, it is because they exist[0], not because trust itself is a folly.
However, blockchain-adjacent initiatives seem to suggest a future where we implicitly label[1] every human as motivated to hurt another by making all aspects of their activities subject to verification checks.
In addition to strong dystopian vibes, won’t this act of labeling everyone as potential threat actually be instrumental in bringing this motivation to everyone, making it a self-fulfilling prophecy? Aren’t we sort of codifying malicious intent, instead of trying to remove it from the equation? Whom would this serve?
There is place for verification in the interim, such as maintaining security of your home, but if we are looking ahead (as blockchain enthusiasts do) we should strive for a future where humans are not motivated to hurt other humans. Not treating it as some sort of default is a good start.
[0] Their core motivation to benefit at others’ expense is to me indicative of mental health issues, possibly caused by insecurity and upbringing trauma.
In many countries, the richest companies operate unethically, with impunity because the legal system is in the pocket of a corrupt few in power. In such countries trust in institutions is nonexistent. In developed economies, regulatory capture still leads to inequities and gross inefficiencies.
Today on the internet, reviews and product search results can no longer be trusted. For a very long while, buying from a large class of products on Amazon was a gamble. A breakdown in reputation and curation.
Computing environments were originally high trust, a property they could not retain at scale. Encryption, https everywhere, anti-ad tracking, secure VMs, gated app stores, "Don't trust the client" designs, onion routers, anti binary blobs are technologies and principles which reduce the need for trust. Technologies like DRM, copy protection rootkits and Trusted Computing are corporations communicating their lack of trust in humans inhumanly.
There's always some minimal amount of trust necessary. The optimal minimum generally decreases with scale. Hawala might seem an exception but closer inspection shows it depends on shared belief systems, local interactions on reputation networks and honor; memes which reduce trust burden at scale.
I'd also argue bitcoin isn't about trust but about issues which arise with open permissions and no centralized enforcement mechanism. Its throughput issues addressed by "layer 2" solutions, as decentralized credit networks (from a dispute and authority perspective), actually have fair overlap with honor based informal money transfer systems but without the centuries to have ironed out issues.
Question: how would you do that without rent-extracting middlemen? And even if you are willing to accept a middlemen, why do you think this type of service is not available today? Assume that all the legal barriers for it could be removed - your insurance policy gives you exemption to this and you can have a standard contract defining what would happen in case someone driving your car got involved in an accident, or if you car got stolen by a driver, etc.
If you think that doing that with a car is too complicated, or if you are a cycling advocate: same thing, but for bikes.
Just to make my point explicit: the idea of "trustlessness" is not to get rid of the "trust" in the existing activities that can be handled at the local/"human" scale. The idea is to be able to enable these kind of activities at the higher levels that the institutions (formal or informal) can not cover. If there are things that we can do without a blockchain, great! But think of all the applications that can not be done at all today just because we don't have the tools to enforce the "rules" at a larger scale.
The key to building trust online is to recreate some of these aspects. You should have an identity in the community that you belong to and you should own assets under that identity so you can’t easily abandon it and start somewhere else with your ill gotten gains. Communication amongst members of the community should be easy and common. There should even be shared ownership of community assets and the community should provide services to its members.
I imagine this looking something like a discord server combined with some of the hosting features of FB like image sharing, posts, groups, etc. You’d also need a built in token that could be used within the community but also exchanged on a broader network of federated communities.
This drive to atomize humanity and make all relationships fungible is insane, and the only benefit is it allows long distance fuedalism.
The problem with trust, is that its awesome until it aint. When we are deaing with gov policy, billions of dollars, war, your life savings,etc a break in trust is beyond costly, making the use cost of a slower but secure blockchain the responsible thing to do.
It's hard to take any of what you say seriously when you start a comment with such a blanket statement.
Also, I think I've already seen your type of "argument" so many times, I think I am able to just play the whole tape by just pointing out to previous comments I've made:
- https://news.ycombinator.com/item?id=31195939 / https://news.ycombinator.com/item?id=31545427 (trustlessness is not about "eliminating trust")
- https://news.ycombinator.com/item?id=31463534 (Yeah, you are right that there is no such thing as an "ideal" world. What you are missing is that also applies to the anti-crypto mentality, who think that just because they were born in a place with functional institutions, they think that is the natural state of things. It's good when institutions work, but they are not perfect and we need to prepared for the times when they fail.)
Besides, we are talking about attitudes very much in countries with more or less functional institutions.
Also, edited first paragraph to be less dogmatic. This is my subjective opinion.
An anti-vaxxer might respond the same way to "the problem with anti-vaxxers," hoping to make sure that nobody discusses the very real problems with them
It's generally okay if people being criticized don't want the people speaking about them to think poorly of them.
It's generally okay if a person being criticized believes that what's said to them can be rebuffed with canned content.
You go ahead and tell everyone that the reason you're polluting with a dysfunctional casino is "you weren't born with functional institutions" if you like
Every notice how anti-vaxxers have canned responses that they think landed, but nobody else does?
Take TLS - wouldn't it be nice if we could have the same system without certificate authorities?
The thing is - like everything else, trust is a tradeoff. Bitcoin folks will discard it at any cost. Sometimes discarding it is not worth the cost. That doesn't mean adding trusted third parties is a good thing, just that it is often the lesser evil.
This tech seems often to be pushed onto human society as a whole, though. It’s like giving up on solving the underlying issues that give humans the above-mentioned motivation to betray each other, and instead baking into the fabric society an assumption that it’s human nature to be this way.
E.g. I would really trust myself to decide which products should stay in my Online Shop and which I want out. I don't need (or even want) a public append-only structure that is out of my control. For me the blockchain is good for all usecases where I would in real life use a notary. And that is not many use cases.
Absent that thing existing, this is a demonstration of the value trust provides!
Both systems recognize the existence of fraudulent actors, and handle the problem in different ways. Blockchains use cryptographically-signed transactions, so merchants get no information they can use against you. Credit cards hand your credentials over to every merchant and try to fix their fundamental insecurity by flagging unusual transactions, insuring against losses, and issuing new credentials when bad actors get them (which brings lots of associated hassle, that I've gone through a couple times in the last few years). Bank transfers handle the problem by simply delaying full access to the money, at least for larger amounts, until banks on both ends have checked everything.
The same applies to more complex systems. Blockchains try to build systems with extreme transparency and security (and sometimes fail at that). Traditional finance builds systems reliant on centralized actors, and adds lots of regulation, oversight, and incentives such as criminal penalties to keep those actors in check (and sometimes fails at that).
We certainly should strive for a more idealistic future. But legacy banking/finance is not doing that. Blockchain platforms at least provide the possibility of building something new that's better; on top of an open trustless platform, you can build your own system assuming whatever level of trust and altruism you like.
Two examples on Ethereum: optimistic rollups are more scalable second layers, in which withdrawals work more like bank transfers: withdrawals aren't cryptographically verified, but have a delay during which anyone can submit proof of fraud. A more idealistic example is Gitcoin, in which people donate to public goods and the money is allocated with a quadratic funding system.
They are doing it for good reasons, presence of malicious agents (money launderers, etc.) exploiting trust requires it. (In fact, I’d argue banks are getting away with not doing it enough with very moneyed customers.)
Blockchain does not eliminate this need in current age—either equivalent institutions would have to be reproduced all anew, or we need to end the motivations that make people want to exploit financial system in the first place.
And if we do address the latter (the only sustainable solution in the long run), then what is the benefit of blockchain and all? Isn’t it just pure overhead then?
For example, in the upper tiers of corporations all employment is on a contract basis. Nobody at these levels trusts they will be treated fairly and given a severance package if they are fired, without an explicit contract stating the terms and conditions of employment. Contracts are renewed or renegotiated every few years, right? In contrast, entry-level employees never get contracts, they can be fired at will with no warning or severance, at least in the United States where union power is very limited, relative to Europe.
Similarly, look at the prevalence of marital contracts that imply a lack of trust among the parties, i.e. the famous pre-nuptial agreement regarding how the net wealth of the couple will be divided up in the event of a divorce. There's a zero-trust situation that's increasingly common.
It's true that a society where nobody trusts anyone else and all are suspicious of each other's motives is not a very healthy society, but isn't this also the assumption of the economic theorists who claim all humans are basically little more than rational autonomous self-improving algorithms, with net assets being the benchmark of success?
When I worked with non-trivial (>$1m) contracts, I learned that the sooner you start pointing to contract language, the sooner the relationship breaks down. “Working with” partners through shortfalls and giving second chances resulted in much more long term success than sticking to the letter of the contract.
Part of the reason, I think, is simple human relationship-building. And a big part of that is trust. Trust and credit also play into it directly - the vendor knows we didn’t penalize them when they delivered a feature a month late, so they’re willing to surge when we have a requirement pop up that needs fixing quicker than we agreed to.
Or it exists so that everyone makes sure that everyone else understands the words/concepts being used in the same way.
What does (e.g.) "full payment on final construction" mean? Well, it depends on who you ask. Contracts there to (hopefully) make sure everyone is agreeing to the same transaction.
I thought about this in such framing, too.
My observation was exactly this: in “higher classes” it looks like trust is implied, and in lower classes everybody is verified.
My logic, however, runs such that we need to elevate the entire society to that level, rather than drop it to the level of “rubes” you mention.
I.e., treat everyone as a respectable individual—a mentally healthy person tends to behave the way they are perceived by others—and by working on general well-being eliminate mental constructs that push people to secure themselves at the expense of others. Does this make sense?
If you create a online store, one million strangers could connect to it. You need a way to understand who is a scammer in that situation.
Take for web for example. It is trustless in the same manner. There is no third party (apart from the web browser and the server) that you need to trust in order for you to view a web page. There is no International Web Organization that you need to procure permission from in order to set up a web server. You just start it. (And, conversely, also why so much bad actors exist on the web.)
This is fundamentally a different system than for example all economic transactions, apart from cash. This is why some people argues against the cashless society for not being trustless, and also what the people who experiment with private monetary systems study.
DNS is part of the web and it is a federated/heirarchical 3rd party trust model you need to route your named traffic to the right server, often managed by states. It's super important to understand, this is why authoritarian governments can still hide what citizens can experience on the internet
I think there's a sort of person that thinks to themselves, "I want all the benefits of living in an advanced society without actually being obligated to participate in said society." I can't help but think this is a kind of sickness. Self-Determination doesn't necessarily exclude social obligation it only dictates that I might not be tyrannized by these obligations.
There's a kind of, "e-person" who is the perfect Cartesian. The new existentialist who reaps the benefits of a globalized society and what is their sacrifice to the world-machine? --Just their continued existence; nothing more.
Without being crude we used to call those people tramps until Charlie Chaplin taught us to be nice to poor people.
Why do people always misunderstand "trustless"?
Being ABLE to trust somebody is a good thing. Being REQUIRED to trust somebody is a problem.
You will not find trust _in people_ anywhere in modern society.
Banks certify transactions, governments certify identity. We can go on and on here. Whole swathes of law around this topic too lol (see: fraud).
Crypto isn't about not trusting people, it's about not needing to trust strangers.
Some of them are scams, ironically, but when there's money involved... well it's pretty stupid to _just_ trust people.
Unless I've missed something?
Define malicious intent.
What and whome one person is willing to trust will always be different than another person. This is a hard truth that we will never work around. Culture vs Culture, family vs family, idea vs idea. We can't get rid of conflict or therefore 'malicious intent' and by extension we can't (or shouldn't) bank on trust. I think the better way to deal with our very real human differences is to look past them in the spirit that all of us are creations of a higher power, and thus working together is in everyone's greatest interest.
Money as a medium of exchange is a very powerful concept It holds the idea of an IOU that can transcend our differences in the spirit of building a better world. But in order for that to happen money needs to be fungible, else our differences will enviably tear it apart.
Perhaps when the dollar was backed by gold this concept was more or less true, but central banks undermined that, hense the pull towards extreme decentralization.
>There is place for verification in the interim, such as maintaining security of your home, but if we are looking ahead (as blockchain enthusiasts do) we should strive for a future where humans are not motivated to hurt other humans. NOT TREATING IT AS SOME SORT OF DEFAULT IS A GOOD START.
I must disagree with this concept.
To treat it in a trusted manner is to ignore the fact that we have insurmountable differences and therefore those differences will raise their ugly heads elsewhere and tear our hopes for peace apart.
Rather to start with the presupposition that these differences exist, but that we will create a form that transcends them for the better of all is imo the ideal.
I think there's a deeper problem that you're ignoring. The desire for trustless systems didn't materialize out of nothing, as has been pointed out many times in the cryptocurrency discussion space. Some of it is surely coming from a libertarian angle of absolute personal freedom to avoid the "unfair" regulation from the government, to avoid the compulsions the state imposes on each of us in order to grant us the rights it does. I think that's a very small part of it though.
I think most of the desire for "zero-trust" comes from a disillusion of the current parties seen as trusted. I can at least say that this is what drives the desire within me. It's very hard to see the fairness in paying taxes when I see the people labeled the most trustworthy abuse the system to hide money in tax havens all while using their entrusted positions to lead the economy of the world into an ever deepening hole. When we see the actors labeled "trustworthy" acting maliciously, it becomes hard to trust the system that calls them "trustworthy".
I go to work every day where I'm asked to ignore my own instincts and instead do whatever some faceless "process" claims is the right thing to work on. I'm asked to ignore the horrible state of our products and instead focus on the massive piles of money we shovel in the door from out entrusted position as a financial institution. Meanwhile I can turn on the TV to see the very same people talk about how they just couldn't have known that billions were being stolen from my government because it's just so hard to be a bank. That shit does stuff to your trust in other people and I'm not alone in that disillusionment.
In that light I think the discussion makes much more sense, even if it doesn't make it any more helpful. Trust is still important, but the current method of obtaining trust, and the by extension people we imbue with it, is broken. For someone in the middle of that, it becomes very logical to discard the whole thing like a junior rewriting a legacy business app.
Presumably, there’s understanding that one cannot participate in a complex web of interdependencies that is advanced human society without giving up complete freedom, due to the presence of the aforementioned malicious actors.
So I don’t understand why not assume other people—whom one without immense hubris would assume to be equally smart—and whom hopefully one voted for, directly or not—have struggled with it and arrived at a solution that works? And if one legitimately thinks it’s a bad solution and cares enough about it, why not attempt to fix it instead? Is this a failure of democracy? Could it be that it moves too slowly for the modern age? Or is there a belief in some underlying conspiracy due to which democracy is not a democracy and no change is possible?
Regarding rogue agents exploiting the system to avoid paying taxes, I don’t think should be a factor that affects my decision on whether I should pay taxes (like what a criminal does shouldn’t be my guiding principle).
What I would agree on is that there’re people incentivised to attempt to benefit at someone else’s cost, and that those people exist everywhere including corporations, institutions, and the government. I’d also agree that, regarding government specifically, it’s worse because such malicious actors are incentivised to actively seek power because power converts to money very well. It’s a truly regrettable state of affair, because government corruption leads to corruption elsewhere. I think part of the issue is democracies being liable to be influenced by kleptocracies in other countries, who funnel unjustly extracted money into Western economies much to the benefit of individuals at the receiving end.
I just don’t think this can be solved technically, we either work on people not being jerks or we will have them find ways to be jerks regardless of any checks, barring complete thought control and predictive crime enforcement dystopia.
---
As another analogy, it’s like a distinction between the spirit and the letter. The spirit is the guiding principle, and the letter is a lossy way to express it. Automatic conversion between the spirit and a letter is not possible: this is a philosophical issue adjacent to the hard problem of consciousness; one human not being able to convey to another human the entirety of what they think or feel, words being always interpreted through another mind’s lens.
Whether the letter can be expressed on paper or as a smart contract, the letter is never going to be equal fidelity to that of the spirit, and for understandable reasons (such as “fallible humans have written it”) should never have precedence over the spirit.
So I wish we invested the effort that goes into inventing higher and higher fidelity letters into, say, alleviating whatever pushes people to violate the spirit in the first place. It’s a much more complex meatspace problem, though.
There are high-trust and low-trust societies out there.
Majority of the world lives in low-trust societies and this is culturally, not economically driven, so unlikely to change fast. Globalisation means these people will permeate - through migration too, but mostly, through cross-border economic activities - all high-trust societies, too, so very quickly people who rely on trust and trust others will either be scammed out of all their lives, or resort to a niche role by picking their interacting parties so diligently they will be cut off from most economic and social activity, and become irrelevant.
So, for the modern world, trust is a bug indeed (and no i don't think blockchain will help this, or anything at all).
It's a feature of the system, precisely because it replaces trust in shaky institutions.
I trust strong cryptography. I don't trust governments not to abuse their power. I don't trust corporations not to maximize profits at our expense.
It's really simple. I don't believe in any system that requires trusting either governments or corporations. A good system will necessarily work despite them.
> we should strive for a future where humans are not motivated to hurt other humans. Not treating it as some sort of default is a good start.
Trust is inherently selective and small scale. You trust specific individuals that you personally know, not all of humanity. Even that trust is easily broken.
Compare that to modern computer and internet technology where servers are expected to receive input from any other computer on earth. The technological equivalent of children being encouraged to talk to strangers.
It's about building robust systems. A system that assumes counterparties are trustworthy will fail in the case they aren't (as demonstrated clearly in modern OS/web architecture), whereas a system that assumes counterparties are not trustworthy will not fail in that case.
> we should strive for a future where humans are not motivated to hurt other humans.
This is the same premise as communism and has proven to be a complete failure: it's not possible to change human nature. Even with a massive propaganda and brainwashing apparatus like the Chinese education system.
And for the record, I believe it is possible to achieve what I am talking about in conditions and general spirit of market and capitalism. Suppressing personal choice (USSR- and China-style) is not the way to get there, it is in fact the opposite—making people feel psychologically secure enough to not feel compelled to be malicious is one thing; forcing them into constraints that prevent them from being malicious does not solve the issue and only obscures it (and besides, party elites will always be free to be whatever they want).
In fact, it is the parallels between blockchain-based social system and some emerging Chinese realities (social karma, etc.) that worry me.
> we should strive for a future where humans are not motivated to hurt other humans.
i don't even know what to say when people say things like this. we should strive for good will and cooperation, but we must be prepared for situations where there is none. this is like arguing against allowing people to put locks on doors. when you create situations where distrust is disallowed, defecting becomes the winning strategy.
I am not arguing that we metaphorically and literally need to do away with locks right now, but that we can and should apply effort in the direction that makes them obsolete as preventative measures. I want to live in a place where I do not need them.
The existence of trustless systems does not make distrust mandatory, it is such systems becoming mandatory that bothers me, as well as the effort spent into developing more and more robust trustless systems—as opposed to trying to make those very systems obsolete by eliminating the underlying motivations that push people to exploit trust.
Could we avoid armchair diagnoses? For society to function we need to maintain the polite fiction that one's actions are determined solely by their will.
Maybe it makes more sense to look at it all through a different lens. Classical, post-mercantile liberal economics, - that is, liberalism - is entirely built around a framework for dealing with the question of establishing trust between parties: Individuals do not have to establish trust, or agree with each other, or be friends, if they certify that they acquiesce to a system where the market is well regulated. In exchange they get the advantage of being in a market where trade can be a non-zero game that advantages both parties. The problem with crypto as it stands has something to do with unregulated markets, something to do with bad actors, but a lot more to do with the fact that no one has yet come up with a use for deflationary currency that's something other than a zero-sum game.
We are social creatures. We sacrifice individual needs because we gain massive security and social value in return.
We need a balance of the various ideologies, and not the extremism of any one ideology.
Fifty years of narcissistic, anti-social, "Leave me the hell alone" libertarianism is at the heart of the culture-rot collapse we are facing.
We need people on hackernews and Ridgewood elsewhere developing civic and social innovations that deepen our connections, not replacing them with with increasingly inauthentic, algorithmic, trustless, artificial substitutes.
It seems that there's something similar here. For most of the world, it's just natural that your government provides you with identity proof. USA and maybe other anglo countries could be the exception, although other times the question was discussed, I was told that, even if there is no official id card, other means like SS numbers provide an equivalent mechanism.
The movie plot, in which you are framed for some heinous crime and you need to go full Jason Bourne, is what justifies having a handful of fake passports, of course guns and a sizeable reserve of cash in a hole in the woods. Now it would be your bitcoin wallet and some sovereign identity keys in USB drives.
We need a balance of the various ideologies, and not the extremism of any one ideology.
Actually I think that those extreme views are a reaction to one ideology adopted by all mainstream parties. You see that no matter what you vote, you're going to be screwed, so you turn to fringe options.
we are indeed social creatures and we are developing new civic and social innovations. this mostly relates to actively opting into communities with people we like that share our values and that do not attempt to control us. and crypto/web3 enables us to exit the rotten institutions that try to coerce us into being part of them, and create new institutions that represent our values.
it is pretty obvious when you think about it. only institutions we actively and freely opt into can actually be legitimate.
and the idea that something that claims a monopoly on violence also claims to be legitimate is just completely, utterly laughable. and what is going on right now is that the clown car is finally flying off a cliff :)
If it is a minority position, how to convince more people? Or where to find a place to create a new society without free-riding on the existing one, etc.?
I'd rather take an extremely individualist culture and then fill in the gaps with taxation and some level of wealth redistribution.
Alternative to individualism is everything that is not based on individualism alone.
For example every social democracy out there the majority of which you can find in Europe.
We live in countries where we are individuals with rights but also we have to let go some of that individualism because the good of the many overrides the individual rights.
It's not very hard actually.
and we have plenty of examples from the last century of what do you get if you adopt the opposite values
Jean-Jacques Rousseau strongly disagrees with you.
I believe you confused individualism with autonomy and free will.
a society of individuals can easily become atomized and paradoxically uniform when “every citizen, being assimilated to all the rest, is lost in the crowd“.
-- Alexis de Tocqueville
a true pillar of modern developed World
The entire point of it being in crypto of course is that the same people and forces that push back so hard against it in meatspace are relatively powerless to do so in the cyptosphere.
For better or worse, I can't see that changing any time soon. I was in a meeting at a very large crypto exchange recently and their branded coffee cups all had a very simple message; "freedom is here". That's basically at the core of everything happening in the space, and I don't think arguing against it is going to work in any way shape or form given the polarised attitude toward the philosophy on either side of the cyptosphere border.
Like it or not, it's not going away, and it's swinging more towards extreme individualism by the day, not less.
Unfortunately, our society and culture has been going into more collectivist and totalitarian direction for quite a while, which is why there's so much economic and social issues.
"Leave me the hell alone"-people are just normal people who react to their freedom being violated.
I'm not a libertarian or a proponent of cryptocurrency. But I do think we can be clearer about what being "social creatures" means.
We are "social creatures" in the sense that we seek the advantages of group membership (safety, co-operation, food stability, shelter, school), but we are not social creatures in the sense that we want oppressive control and uniformity. Our "agreement" with being social is accompanied by resentment. In some cases, the resentment is pathological. (Conformity can be pathological too.)
Homo sapiens developed/evolved language, the amazing human protocol to support co-operation. But when we ask people to say everything that they are thinking without social consequences, we discover the degree to which people can be angry, rude, willfully ignorant, and even crazy. (Consider "social media" to be both a business and an unprecedented live experiment revealing social resentment.)
The cryptocurrency movement/phenomenon is a construct with significant flaws and ardent adherents who see their own interest fulfilled in the narrative. In this, it is nothing particularly special. But by definition a crowd of people who all seek total individuality will not cohere.
That's pretty much by definition. So-called "libertarian" and neoliberal posit that individuals are greedy yet emotionless rational actors.
Unsurprisingly, individuals with narcissistic tendencies flock to that.
building systems that give better control to users online is orthogonal to social goals.
not too much knobs on Facebook helped elect Trump, quite the opposite
If I were to articulate the gap in perspectives, it would be that it is between the engineering view of solving problems (e.g. Vitalik's "soul bound tokens") and managing them - that is, to extract value from a dynamic, in the case of existing legacy paper/card identity schemes today.
Arguably, in a society, all value is created from risk, where someone takes on the risk of an outcome and someone pays them to hold it while reaping the benefits of whatever thing has exposure to the failure. It's imperfect on purpose, as it allows for flexibilty and non-binary failure modes, and it lets people manage (or extract value) from the shifting risk, where the result is an Economy. When you just solve a problem - let's say we had these perfect soul based tokens, where there was no ambiguity or repudiation for anything, you are depriving people of the very thing we have evolved to be good at, which is judge and collaborate to trade in risks. It's not desirable precisely because instinctually people get they don't want to become solved problems and known quantities.
Digital identity is a very nuanced power struggle going on in the background within government and industry, as identity is the substrate to a certain type of economy, and who wouldn't want to be the controller of that? The better case is having ephemeral identities and just price in insurance to transactions, much like interest rates on credit, but less centralized, and with more exposure to volatility of real life - just like other crypto solutions.
The people writing about this stuff in the crypto community are still sounding out some things for the first time, but just because they are doing so doesn't mean they are the first to consider them. When I worked on an actual govt digital identity and currency product, I pissed off the execs because I said their design didn't pass "the hookers and blow test," which is that if you can't use the payment and identity scheme for grey market transactions, nobody is going to adopt it. Not because they are vice ridden manaics, but because the human animal knows when it is in captivity and it will find ways to resist it.
This is the same reason that central bank digital currencies are going to be an economically inferior good, and create dangerous black markets that produce the dystopian corruption that idealists seem to be trying to avoid, as 1/3 of people just aren't going to trust them. Sure, you can impose the schemes, but if you have ever spent time in an authoritarian regime, you know that the culture is completely debased and anything-goes behind closed doors becase the rules themselves are arbitrary and selectively enforced, because the arbitrariness creates a sense of illigitimacy where there is nothing to trust or believe.
The stupidity of technocracies is illigitimate, and it breeds contempt and corruption. This may seem meta compared to the implementation details of some nerdy key management protocol, but I'd argue if you haven't thought these other parts through, crypto really is just some naive kids building a bike shed to fill with shaved yaks and thinking they're reinventing democracy and freedom.
But they have this “Freetown” of sorts right smack in the center of their capital, where you can buy illegal stuff with cash.
There’s no guards, no police posted at the entrance. People are just kinda OK with all that. You live a highly structured civilized life, but then a metro stop away you enter this place where people are selling weed on the streets and you can probably get other funky stuff.
And seems to be quite stable thing - they’ve had it for like 50 years or so.
Maybe thats what we need - unregulated places where societies can try out different things that are not accepted at large?
Maybe digital currencies in the future would incorporate that? A friend is working for a VMWare project where the etherium based crypto has an “escape hatch” built in with some allowance for “cash like” transactions … maybe something like that would work?
Forget drugs for a moment, what about meat, gas, ammunition, and other normal things that are being reclassified as decadent luxuries you apparently don't "need," or "deserve," according to whoever "they" are. It's not enough for them to live virtuously according to their values, they need to police you first, and fly around in private jets while they do it. Seeing the institutions behind identity, government, and payments from the inside has persuaded me that the conspiracy theorists are just people in denial of what they have discovered, because they can't face the consequences of how serious it really all is. The architects of this don't care what anyone believes, they just need for members of any potential resistance to keep doing nothing to stop it. For good men to do nothing, as they say.
Cryptocurrencies were and remain necessary beacuse they represent a limit on state power in an era of previously unimaginable total surveillance tech, and this limit makes leviathanists and technocrats apopleptic. That's also why the arguments against crypto always seem to have a shrill whinge of cant about them - as they're based on accusations of blasphemy against the pillars of offical technocratic narrative, and the arguments themselves aren't powerful or persuasive.
Not only do we need cryptocurrencies, we need to establish boundaries on the dominion of people in governments, as without those boundaries, we're in for a totalitarian hell not even fiction could prepare us for, imo.
If we try to conflate those kinds of identity problems arise because people who are young, vulnerable, transient, in crisis need to be able to revise both kinds. Unless we are wanted criminals we have a right to be forgotten. And we all have a right to change our minds about things and re-invent ourselves.
I think we don't yet have a mature enough understanding of what identity really means for human beings to get successful digital mileage except in a few limited applications like payment systems or session management. Perhaps that's why the concept of "identity politics" is so prominently at play.
1984 had a pretty good argument why it’s dystopian to tell people they are not allowed to remember or continue believing something.
"Nobody is going to adopt it" is an extreme opinion. People have resentments about society but most are minor. Few enough people feel captive that most continue as members of significant societies. The degree to which people feel resentment and pursue extreme "solutions" is a complex variable. Some societies succeed better than others in meeting needs without needing a cryptocurrency.
> The stupidity of technocracies is illigitimate, and it breeds contempt and corruption. This may seem meta
The phenomena that you are describing here are resentments about characteristics of people or of society (or of a particular society). These resentments are unlikely to find a solution in another even more dubious techno-financial construct for which literally no one will ever care except for the value that credulous people ascribe to it.
> I'd argue if you haven't thought these other parts through, crypto really is just some naive kids building a bike shed to fill with shaved yaks and thinking they're reinventing democracy and freedom.
Yes, I do agree.
> the arbitrariness creates a sense of illigitimacy where there is nothing to trust or believe.
Problems of "illegitimacy", trust, and belief, are not going to be solved by cryptocurrency. In fact, the cryptocurrency movement has no trust and no credibility at all.
However, what I can say is that engineers are not lawyers, so we tend not to understand the regulatory systems in place, and the lawyers you would need to untangle this stuff aren't technologists. That's changing post-covid, where western governments in general are taking a "so sue me," approach to imposing technology and mandates over top of privacy norms and regulations, and there is a young generation of lawyers who grew up online (and with cryptocurrency, bitcoin is 11 years old now) who can pick up things like protocols.
The vaccine passport system and covax was quite a gambit as it was an international digital id scheme intended to subsume other efforts that had stronger technical requirements. The central bank digital currency (CBDC) stuff we're hearing about now is an artifact of a few related factors, but what CBDCs are really going to look like in my opinion is the CUC in cuba, or a kind of government/public sector scrip, or the peso in argentina or venezuela that has an official dollar peg and price controls, but there's a huge grey market for USD. Reality is from a state perspective, power is zero sum and human suffering is just managable, and the technology changes of the last two decades have sidelined government as an authority, so they're all trying to reassert themselves. It's going to look clumsy and dumb and it will destroy a lot of wealth and value, but they don't care so long as they think they have secured the reins.
Of course, nobody ever secures the reins so the demand for authority is infinite, but that doesn't stop anyone from trying. Economists, politicians and so-called experts who tell you they can manage an economy don't tell you the part where they run it in to the ground and rule over the ashes, as once you give them secured control, it doesn't matter how well it works. Their promises and arguments are to persuade you to give in to them, because their logic reduces to, if we have power, what do we need your consent and approval for?
If I were hedging, I would figure out what the grey market commodities will be in response to a CBDC that doesn't pass the H&B test I described above. Precedents I would reference would be times in history where govts declare a "bank holiday" and replace bank deposits with treasury bills, or seize deposits of FX and reserve currencies and "buy" them from citizens with the new pegged currency with greater national controls.
The scenario I speculate about is NZ/AU/CAN use a long weekend or "banking system outage," to replace citizen cash deposits with the new CBDC with the flick of a switch and the stroke of a pen, similar to India banning certain cash denominations and taking high denomination bills out of circulation. Assets that facilitate capital flight out of these places will be at a premium, imo. (good news for the art, wine, jewelry, collectables, precious metals, equine, super cars, and other portable alternative asset markets, imo. The big auction houses will probably do well this year.)
Dark stuff, but you spend enough time in security, and everything is within a degree or two of these historic sea changes.
Also, you say that "instinctually people get they don't want to become solved problems and known quantities," but at least a large subset of the population wants to be famous. And it seems like being trusted by people you know has its benefits too?
If nobody wanted to take the risk to plant each time given the potential ROI, you wouldn't get grocery items?
(I'd consider this a random example https://www.callifd.com/uploads/1/3/0/7/130789654/chili_pepp...)
In the end, it boils down to everyone just asking to see the passport or some other government ID, or a proxy for that (credit card, library card, employee card).
In this context, much of what we think of as identity on the internet doesn't need a central authority because all most web sites know about you is that you're the same entity that originally created the account (usually implemented via your email address). But email tends to be favored by users because managing your own keys is problematic.
Be very skeptical of anyone who claims to have devised a decentralized sybil-resistant identity scheme.
The big problem there is that it doesn't scale beyond a small handful of people who know each other well and trust each other for a specific purpose. Cryptocurrency companies seem to be aware of this (and of the prominent historical record of failure associated with WoT), which might be why they perform remarkable contortions to avoid that phrase (see "web of verifications" in the article.)
That word "transitive" is a very important qualifier here: it's weaker than an absolute statement but hierarchical PKI turns out to be weaker than theory, in practice.
Crypto coins are trash. Signatures are not trash. Behaviour of people and systems performing signing including HSM operators are mutable and worrisome.
The birth of brand names was all about attaching enough status to a product line that if you ever broke that trust, that you harm yourself more than you did the customers. CAs are built on that idea. But then so is BP, 3M, and DuPont. So was Hooker Chemical Company (Love Canal), and Montrose Chemical Corp (DDT dumping off California). So I don't know what that really buys you.
I do think that trust in certificates needs to be incremental, especially when they change. And perhaps you need a way to ask your savvy friend to take a hard look at some and be able to veto them.
However, doing graph-based Sybil detection is already a hard problem[0], and trying to create an infallible algorithm that also works using homomorphic encryption is maybe pushing beyond the boundaries of known technology, unfortunately.
https://www.w3.org/TR/did-core/
> Decentralized identifiers (DIDs) are a new type of identifier that enables verifiable, decentralized digital identity. A DID refers to any subject (e.g., a person, organization, thing, data model, abstract entity, etc.) as determined by the controller of the DID. In contrast to typical, federated identifiers, DIDs have been designed so that they may be decoupled from centralized registries, identity providers, and certificate authorities. Specifically, while other parties might be used to help enable the discovery of information related to a DID, the design enables the controller of a DID to prove control over it without requiring permission from any other party. DIDs are URIs that associate a DID subject with a DID document allowing trustable interactions associated with that subject.
There was a time that having multiple identities online was a sensible thing to do, and many in the privacy community wanted this, but now that State actors are fucking with elections, that use case is in serious jeopardy.
I hope someone less cynical can convince me it's a good idea.
- The trilemmas do not need to be solved. They just need to be acknowledged when you are designing your application so that people can understand the types of trade-offs being made. In cases where sybil-resistance is not a requirement, you can build a system that gives you privacy and decentralization. When sybil-resistance is required, you just need to think if you prefer a system that sacrifices privacy or if it sacrifices decentralization. Depending on the use-case, one might be preferred over the other.
- "Security practices are hard, no one will do it properly, they will rather have some expert that can do it for them". Well, if you don't want to deal with security hygiene, you delegate. Just like the majority of people will rightfully prefer to have a bank to manage most of their funds, one could still envision a future where service providers will act as a proxy to anything that requires "your" identity(ies).
In general, the thing that upsets me with all of anti-crypto/anti-web3 people is that they fall into the same trap as the maxis: they start from this ridiculous notion that "web3" is about creating a Highlander solution (there can be only one!) and that this solution needs to satisfy all constraints, otherwise it rubbish and needs to be discarded. The important thing by having decentralized identities (and decentralized technology in general) is that it gives new options for whole new classes of applications that do not exist. No one is being forced to adopt a system just because it is now possible to do it on a blockchain, and we do not need to destroy the current systems if they work well - or at least if they work better than any alternative. There will be even plenty of cases where the status quo is totally fine.
> No one is being forced to adopt a system just because it is now possible to do it on a blockchain, and we do not need to destroy the current systems if they work well - or at least if they work better than any alternative. There will be even plenty of cases where the status quo is totally fine.
which is probably true in reality, but still something I'd like to challenge.
Every technology that ends up being totalitarian/expansive starts out with "Nobody is being forced to....". I am sure when automobiles first appeared it seemed obvious that "nobody is being forced to drive them", and yet the other day a poster here was absolutely indignant with me for suggesting it might be possible not to have one.
I read hundreds if student essays that literally begin with the line:
"Today, life without the internet would be impossible."
You're right, many (maybe most) technologies do reach a healthy balance with alternatives and legacy systems. But certain "infrastructural" technologies tend to expand aggressively. I think money systems are among them, at least if the number of times I have heard someone say "cashless society seems inevitable" is any guide.
(Though often, when one hears these little maxims repeated verbatim, over and over and over, I come to suspect they are not the authentic views of the speakers, but propaganda injected into public discourse.)
If anything, if you (like me) would like to avoid a cashless society the you have yet another reason to be in favor of decentralized technologies.
"Cashless Society" is just Newspeak for "Total Economic Surveillance". It implies a world where corporations and governments alike have full visibility over what everyone else is doing. Blockchain-based systems already provide an alternative (Monero) where privacy is respected. In a world where Governments and Corporations can conspire to eliminate cash and extend their reach even more over our liberties, I think we should at least try to support an alternative.
One can live a pure cash no internet life even in SF.
If I were to build a blog system I would not store the blog posts in a local merkle tree. Why not? Because a regular database has more benefits. Now why would I want to store the data on a decentralized public merkle tree (blockchain)? I don't want my blogs data to be public, I want *an adjustable view" into non-public, editable and deletable data, which is what we have now. This is one case where the status quo is not only totally fine as you phrased it, but it is superior (to me at least).
The issue I have with web3 is not that it is a new idea, it is that to me it sounds like yet another solution in search of a problem. People who have/are invested in crypto-tokens have a huge incentives to fool themselves into believing you actually can/should solve every problem using the technology of the blockchain.
If it is an problem that people can delete things use an append-only-log/merkle tree. If it is an problem that you want to have a centrally agreed upon public state, open a public API to that append-only-log. If it is a problem that people can neither trust you, nor each other to be a faithful keeper of logs, decentralize it wit consesus algorithms and end up with something like a block chain.
Now this chain of problems is something that fails at the first step for many things. There is not a lot of things that you want to be append-only, typically for very good reasons.
But let's say I want my blog append-only for some reason. One solution would be to just do it instead of forcing myself technically. But lets say I want to force others, then it would make sense.
Now it does not make a lot of sense to make that literal log public, but let's say I also offer an API to it and ignore all the real world problems it would bring (illegal content that needs to be deleted which I could do by rolling the merkle tree back to the latest non-illegal version.
Now I run that sote, why would I like to decentralize that data? So I can claim I don't need to delete anything?
It's also ridiculously poor value-generated-per-Watt-used.
It's in the same conceptual class as "gun culture makes everyone safer" and "lowering taxes on rich people makes everyone richer" - both of which are trivially falsifiable, but repeated fervently by promoters and adherents, some of whom are acting in bad faith.
The root comment is correct - you can't enforce trust in a low-trust culture.
The real problem is the culture. And especially the fact that in a low-trust culture, successful scamming is considered a major status marker.
But something like a Kickstarter-ish crowdfund system could be using a blockchain contract to handle funding and escrow, while the rest of the website is hosted in a standard web2 way. Suddenly it’s a “web3 project” where users are able to interact with and even own records in the contract, outside the context of a single frontend website.
I dub this the Highlander bias.
The argument is effectively boiled down to “here are a bunch of people working on very hard problems. Hard problems are hard, and therefore crypto won’t work”.
If you were to replace the word crypto with “computers” or “space travel”, most folks here would push back, saying that “yes these are hard problems, but there’s a lot of people working on it, and there’s lots of different solutions in many different directions.” And that would be a perfectly reasonable counter.
Most pro-crypto and anti-crypto have attached their identity to liking or dislike crypto.
If you disagree, ask yourself if, upon meeting someone who likes crypto, your brain naturally likes or dislikes the person. If you see someone talk about crypto in a positive light on the internet, do you instinctively upvote or downvote them?
This identity makes it very hard to make rational predictions about crypto. It’s too easy to weigh the same evidence in favor of crypto if you like crypto, or against crypto if you don’t like crypto.
Since most folks on HN dislike crypto, you may want to ask “what evidence would cause me to think crypto would work? What evidence would cause me to think it was good? Say crypto worked in 20 years, what would now like?”
If, when you’re attempting to answer those questions, your brain instead starts to answer the opposite questions (ex: “here is why crypto can’t possibly work”), then you know you’ve been trapped by the soldier mindset, and are not thinking rationally.
If your mind draws a blank or thinks “there is no evidence that crypto will work”, then either you are living in a bubble, your brain refuses to see information counter to your prior, or you have to figure out what makes you more able to understand the situation.
I can appreciate the potential of the technology, but that doesn’t mean I embrace the community.
That seems fine, and is basically the opinion I hold.
The intellectually challenging thing about crypto is that it is very easy to go from “I don’t like these people” to “these people’s predictions are wrong”.
Hacker news seems so caught up in disliking a subset crypto people, that they assume that not only are they “bad people”, but they’re wrong.
Sputnik was launched in 1957 [0] - it did nothing except orbit and beep. Telstar, the first commercial communications satellite was launched in 1962 (5 years later) - it relayed television signals, photos and phone calls [1].
Blockchain cryptocurrencies started with Bitcoin in 2009, and it's now 2022 (13 years). How long are we supposed to wait for a practical application that solves a real problem? I guess we're supposed to conclude that making literally any broadly useful blockchain application is in fact much harder than commercial space travel or computers.
- it has a moving goal post on what “a real problem” is
- it creates an arbitrary start date and end date
Or in other words, it’s not falsifiable.
What would count as a “real problem”? Why does “money” not count? Why does “1000x cheaper storage compared to s3” (filecoin) not count?
The argument implies that, if some important use case is new and just getting off the ground now, then it’s inception is predated 10 years ago, and is judged as such.
The equivalent would be to say “space has had 70 years to get us to mars, therefore the 2030 missions to mars will fail” only to follow up with “if the 2030 missions succeed, then space must explain why it has not gotten us to Jupiter”.
I’ll reevaluate in a year or two. I think something like ripple could work, and maybe some non eth based dapp platform. But currently none of the coins really seem like a good investment and I’ll continue working on regular ass applications.
I wanted to find something new and amazing, but it feels like more of a religion to me. I guess it’d be cool if something incredible precipitated in a couple decades but I’m not holding my breath.
Not all crypto projects and their technologies will survive, a few of them will stand the test of time especially when regulations do come and all of them won't be completely and 'totally destroyed' as the anti-crypto folks keep saying that 'all of them must be destroyed'. They also won't overthrow and 'replace the current system' as the crypto-maximalists keep saying that it will.
The hint in seeing which ones will survive are the ones that aim to co-exist with the current system. Take this from Stripe [0] and Moneygram [1] and Checkout.com as good examples of all of them using a stablecoin like USDC for payments. I'm sure they all waited for regulatory clarity before implementing these projects. It is not what either camp would want to see, but it is what is really happening right now, even for the case of some of them with CBDCs and the ISO 20020 standard.
> Most pro-crypto and anti-crypto have attached their identity to liking or dislike crypto.
Exactly. This is the problem.
Either you have those who have invested heavily in the coin so they need to keep shilling it on social media or you have those who make a living or gain a following disliking all of crypto on social media or even selling books on why it will be destroyed. What's definitely common with both extremes is the attachment of identity to either camp which does bring out the most irrational and absolute claims and predictions seen with a very high chance of them being both incorrect.
The only absolute that exists is: There are no absolutes. When either side continues to make absolute claims, they will realise that they will be disappointed with the actual reality that is being shown to them doesn't match their utopian goals and absolute beliefs.
[0] https://stripe.com/blog/expanding-global-payouts-with-crypto
[1] https://www.bloomberg.com/news/articles/2022-05-29/moneygram...
[2] https://www.cnbc.com/2022/06/07/checkoutcom-jumps-into-crypt...
- it provides identity tools that use standards that span across geographical and platform boundaries. this is a different form of “user account” than say an online Amazon or NYStateGov account. it is good to have an option on the web for auth and identity that is detached from any single corporate entity or jurisdiction.
- unlike most of the world’s current identity systems, many of the SSI systems can and are using novel cryptography, which can combine with privacy and encryption techniques such as hashing, private keys and zk-proofs. so instead of sending photos of your passport and drivers license all over the web, SSI allows you to sign a message on a public ledger, or send a zero knowledge proof that the other end can verify.
SSI doesn’t need to replace typical identity and web auth but it could be introduced as another option.
Various web3 platforms already require verifiable attestations through signing messages with private keys such as multi sig wallets, off chain voting, token gated access.
Proving systems like Groth16 and TurboPLONK have only recently gotten to a point where they can be run in a web browser, and circuit development has come a long way with Circom 2 and now varying zkVMs being built around higher level programming languages. It is reasonable to concede that we are still some years from seeing production grade SSI + ZK tech reach a mass market.
For those who want to go deeper, highly recommend reading up more on
DIDs https://w3c.github.io/did-use-cases/ Verifiable Credentials: https://www.w3.org/TR/vc-data-model/
Some people working in the space to follow: https://twitter.com/kimdhamilton https://twitter.com/IdentityWoman https://twitter.com/ChristopherA
Also highly recommend this paper by Fennie Wang and Primavera De Filippi: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3524367 ( Self-Sovereign Identity in a Globalized World: Credentials-Based Identity Systems as a Driver for Economic Inclusion )
Self-sovereign identity has some great use cases, even if it does not solve Sybil attack problems. Further, being able to establish identity at all is still a major problem in many places in the world and a barrier to financial inclusion.
Sybil attacks are not solved with the "Soul" bound reputation approach. This was mathematically proven some years ago by Harvard University phd student Sven[0]. See his impossibility results on "weakly beneficial Sybil attacks" and "single report responsiveness property". The blockchain crowd has not yet discovered this, fake identities are an unsolved problem.
Startups be aware. European Commission now has an official "26 000 000.00 EUR" "estimated value" open offer for SSI wallet solutions [1]. Prior for basic service called "EBSI" was 35 million, won by IBM Hyperledger. That now works, Dev API [2]. Upcoming Europe directive states that by 2024 all citizens can apply for a digital identity, if they want one.
(self-promotion..) State-of-the-art: Delft University trustless SSI solution with running code and field-tested zero-knowledge proofs. Scientific publication "A Truly Self-Sovereign Identity System", published at IEEE LCN conference[3]. Disclaimer: we got the government contract for doing privacy-first digital identity. We integrated our own Tor-fork based on UDP for solid privacy with verifiable credential stack, see Github deep link [4].
[0] https://dash.harvard.edu/bitstream/handle/1/4907301/Seuken_S... [1] https://ted.europa.eu/udl?uri=TED:NOTICE:309685-2022:TEXT:EN... [2] https://ec.europa.eu/digital-building-blocks/wikis/display/E... [3] https://arxiv.org/pdf/2007.00415.pdf [4] https://py-ipv8.readthedocs.io/en/latest/basics/identity_tut...
Are you sure? Where? And why would the tried and tested methods for establishing identity not work in those places?
Methods existing in one place (e.g. the United States) does not mean that those methods are established and/or will work in another place (e.g. Sierra Leone). This is a multi-faceted problem that involves government, infrastructure, and technology.
Further, there are improvements to be made even in the U.S. For instance, I cannot digitally establish my identity with several providers. Why? Because I do not and have never used credit and those providers rely on the "3 questions" KYC check via a credit bureau.
I’ve been musing about a similar but more simple problem: how can we prove we are an individual human in the context of a web service. Think of this like the ultimate CAPTCHA where not only can you prove you are human but every person can do so at most once or, more pragmatically, O(once).
The closest thing we have in society today is Sign in with Apple, where you have a delegated identity provided by a company which has effectively put up a large portion of its brand value as collateral that it won’t be shady, for some definition of the term “be shady”. This is suboptimal for a number of reasons, not least of which is that they can be compelled by a government to divulge this data while (mostly) protecting their brand-value-collateral, and they can be selective in what types of services are allowed to use this system.
I’m hopeful some of the non-charlatan web3 folks can come up with some sort of scheme where a trusted entity (a government or a civil rights oriented NGO) can participate in a cryptographic handshake with an end user and a service where at the end the service receives a unique identifier for that user which can not be used to associate that user across services, or divulge to the trusted entity which services a particular individual is using. This wouldn’t fully solve the “can I give this person a loan” problem, but would make many things on the web much better (most bots pretending to be human would become cost prohibitive). I also feel like trustworthiness attestation can be incrementally built on such a system (if such a system is possible).
Purely tech solutions for social problems generally don't work and frequently create more social problems.
No one says this can't be done. In fact, it's explicitly mentioned in the essay, that the problem this approach has is that it's centralized and you typically can't use it as an anonymous proof of humanity, or disclosing information selectively.
So, why is this important? Well, while you can still make a website and trust you won't be popular enough to become a target, the truth is that without proof of uniqueness / humanity, many services and systems can't be put to the service of the people without potentially falling into an insane battle against spam, in protection of user data, in protection of privacy, etc. And while you can absolutely build lots of things without giving a shit about all this and actually be successful, it's simply immoral (and progressively becoming more and more legally restricted). If this was a solved problem, digital services could finally become truly democratized. Nowadays, this is the main issue preventing many programmers from setting up useful services, very often intended to serve the local community, requiring us instead to start a whole company, getting in touch with some lawyers and storing user data like their actual state IDs. Which we can't do if we don't intend to monetize the service! Without this barrier, we could really do a lot more for our local communities in the digital space.
Having to identify yourself to every website ever does sound dystopian (albeit there are cryptography (the old fashioned type not botcoin) solutions like blacklistable anonoymous credentials.
See also crypto papers on blacklistable credentials, e.g. https://www.cypherpunks.ca/~iang/pubs/blacronym-wpes.pdf
It's also possible that a society with more transparency regarding financial transactions is the better option long-term, but surrendering the dream of anonymity is a tough one for proponents.
Well, except "it's too early" and "these articles are wrong and a smear campaign".
It’s also pretty hard to “address” the post as, in broad strokes, many crypto people will agree with her. Nobody wants all data to be public on a blockchain. Worldcoin is disturbing. SBTs are poorly named and not perfect. Identity data posted on an immutable ledger is dystopian, and why ZK proofs are getting so much attention to try and solve this.
Just to take a specific comment:
> Now [Buterin’s] revealing here that his dreams for soulbound tokens involve police departments uploading criminal records to the blockchain. [..] Not only that, but he’s envisioning a world in which every police department uploads criminal records to a blockchain, providing the level of data completeness required to prove a negative.
That whole paragraph sounds like a crazy rant by Molly. Vitalik never said that criminal records in the real world should be posted to a public blockchain. His statement was that it can be useful to verify some record of a user before taking some action with them. In the real world one way this is done is with a criminal background check.
Vitalik often points to ZK proof primitives to avoid posting any private data online. Molly does not seem to take this into account, and hardly gives it a passing mention when she earlier writes:
> Buterin brushes this off with the argument that such a system could use zk-SNARKs to encrypt the token contents as well as its sender and recipient.
To the casual reader it might seem like Vitalik wants to put private real-world data on a public ledger. But this is not the reality of his statements.
If the article was about the dystopian landscape of Google/Apple, then it would've talked about that.
As it is, the article talks about the current state of solutions/proposals in the crypto world.
> That whole paragraph sounds like a crazy rant by Molly. Vitalik never said that criminal records in the real world should be posted to a public blockchain. His statement was that it can be useful to verify some record of a user before taking some action with them. In the real world one way this is done is with a criminal background check.
Which literally translates to: let's put people's criminal record on blockchain, and assign them to people without any possibility of revocation. Ah yes, and it's going to be police and/or courts who are going to put those records there.
> To the casual reader it might seem like Vitalik wants to put private real-world data on a public ledger. But this is not the reality of his statements.
Yeah, no. I just watched the segment where he talks about it. He literally brushes aside the privacy implications. It's all "yeah, we could definitely go further, and zk-something could do something". But the underlying reality is that: nope, everything is public. So those criminal records uploaded and attached to you by the police? Yup, they can be as public as police wants.
If only there was anyone to provide those.
> That's the reason they're not addressed
No, it's not the reason. Because you'd think that after a decade there would be blog posts or articles with coherent explanations of how these problems are tackled. Nope. All we hear is "there are arguments but we won't show them to you just join the discords believe in blockchain so many smart people are working on it".
Identity is one of those concepts that has a lot of parts to it, and you can do the individual parts sanely, but if you try to do everything all at once, its crazy.
As a example, my ssh key is an identity system. It works great in some contexts. Would i want my social insurance number attached to it? Obviously not, that is crazy. That doesn't mean ssh keys are bad.
We are obviously going to be sharing more data in the future and these projects are discovering how this can be achieved. Blanketing the entire movement as dystopian is unhelpful.
It is because we have been hearing for over a decade about how crypto is going to deliver massive value "in the future".
There is only so much time people will be willing to listen to vague promises of future innovation before they take a look at the actual technology of today and realize that most if not all of it is of little value other than gambling.
My advice to anyone that actually wants to make real products or advancements in identity would be to avoid crypto. Build the product on top of a generic store layer. It will be obvious to anyone with software expertise that Blockchain could be interested in that storage layer of the product would benefit from it.
No. Give up illusions like your rights exist in some vacuous transcendental place outside of other people and society. Read, "Leviathan" by Thomas Hobbes or if you really want to get the, "tarian" washed out of your soul dig into Rousseau's, "the Social Contract."
I will state this over and over: "The Divine Right of Individuals" is a myth rooted in how the United States' constitution is worded. God isn't real and he can't give you rights and claiming in a court of law (made up of people) where evidence is of the highest concern, "God gave me rights and I'm a sovereign unto myself do to certain unalienable rights which I cannot obviously or readily demonstrate without making an appeal to hundreds of years of political development" doesn't seem a compelling enough reason for society to release a suspected criminal or the like.
Meta: The fundamental fallacy with crypto is that it ignores that the vitality of, "currencies" is quite like the vitality of languages vs their counterparts, dialects-- What makes distincts a dialect from a language? Borders and armies. It's a tough pill to swallow that the world is kind of fundamentally based on violence but once you get past what is sometimes referred to as, "Democratic Peace Theory" and have a sense of history (start with Thucydides) it becomes very hard to take the idea of cryptocurrency seriously. Digital payments have practical value. I think that's about the extent of it. Trustlessness is a character defect and a social mallady and it doesn't surprise me nerds see this as forward movement.
I was just thinking about the CAP theorem again a few days ago and the trilemma you describe here, interestingly, feels quite related.
As for what I personally consider to be the heart of the problem, I believe proof of personship (or whatever a soul is) is an unsolvable problem in the most rigorous sense. This is one reason why we have government. The issue isn't that government exists, it's that we cannot trust them, nor control them effectively. Still, a local government is much better positioned to prove my identity than some nebulous algorithm. Even the crazy Orb people knew this, and took to physically scanning retinas as you mention. We just need to build trust locally again somehow.
Of course, people move and trust must be (re)bootstrapped. This is the root of the heart of the problem if you will; and a problem I cannot see concrete solutions to that don't approximate the existing systems. Here in MA, I have to both pay to get an ID, and provide various information to verify my address and initiate background checks, etc. This is all worth something, no?
So why not have local governments provide this verification service...? Well, there's another complicating factor. The higher the value of a secret (i.e. identity proof), the less one should use it, or the more careful one should be with it. If I'm asked to give out my SSN to log into some new video game, I might stop and think twice. Whereas, providing my SSN to apply for a loan from a trustworthy financial institution is pretty commonplace.
Finnaly, on data stewardship. Why not have companies like Apple and Google selling HomePods which act as local clouds which store, sync, and replicate encrypted data as requested by the user? Give me a static IPv6 and a decent authenticated tunnel into my LAN and I'm good to go! I choose what files go up to iCloud.com, I choose where 3rd party services point to for authentication credentials, and I decide when I want to delete and invalidate things!
Anyway, thanks for the thought provocation. </rant>
If they also provided some kind of public-key database, any internet service could verify my identity without learning how to impersonate me. If I lose my private key (or it gets leaked), I can go to the DMV or whatever and have them revoke my old one and issue a new one, just like if I lose my physical license today.
EDIT: I know, Estonia/Iceland/whoever already do this. Not an original idea.
That's obviously a silly example, but the point is that soulbinding isn't a cryptographic primitive. There's just no such thing. Not only is non-dystopian identity impossible, No amount of dystopia will change this. Even a totally authenticated system is vulnerable to the "Add a new person that I control" attack. It's not current technology, but it's also not science fiction, and in simple fact, a lesser version of this attack happens all the time. People who have more kids get more representation in government. I don't think that we should totally ignore this effect, but it's certainly useful to mostly ignore it.
Anyway, there is no way to establish a sophisticated adversary's unique identity and also allow new identities to be created based on phenomena external to the system.
If the technology existed to take a neural snapshot, that would be completely unique. And I would argue if anything had the ability to operate at the complexity of a brain, then it deserves representation.
If you were to automated the entire system top down for identity validation, there are possible avenues to get a high degree of assurance that someone is uniquely human on a system. Just because it hasn’t been done yet does not me it is impossible.
But it is a very hard problem.
It’s as if we are all disregarding the centuries of evolution that has gone into creating what we already have today. Systems that, whilst sometimes flawed, for the most part enable us to live our daily lives freely and easily. Systems that already have means of verifying people when you need to make an important transaction and that already allow for trust and stability. As the essay mentions making people the agents of their own verification with documents that you’d have to backup forever would be an absolute nightmare.
There is a reason we have centralised systems and there is a reason we can’t escape them.
The very concept of SSI was motivated by ethical concerns: https://www.moxytongue.com/2016/02/self-sovereign-identity.h...
There is a field of academic research on ethics of SSI: [1] https://link.springer.com/article/10.1007/s10676-020-09563-x [2] https://www.frontiersin.org/articles/10.3389/fbloc.2020.0001...
And there is a great deal of awareness regarding these issues in industry https://www.coindesk.com/policy/2021/04/26/self-sovereign-id... (yes including core Ethereum developers community).
I think it's important to be clear about why this is important, depending on the use case (votes, currency, etc) there may be a different reasons why it's important that one identity follows one person.
In the case of currency, the reason behind needing stable identity has to do with double spending.
But I have a toy scenario that I like to play around with, consider a cryptocurrency such that anybody can emit tokens (credits) however they deem appropriate, in this case the necessity of a stable identity is clear, the person needs to be able to answer for their emited tokens. If people can just shed the token-emitting-identity, then they cannot be held accountable (forced to answer) for their emitted tokens and the entire construction is useless.
However, for the case of votes and other group-concensus schemes, the scenarios are sufficiently different that I'm not sure if it'e even worthwhile to try to come up with ONE answer to the identity "problem"
You can't compromise on security while still being usable.
You can compromise on decentralisation, and everything will work. Your gym, bank and employer already have you in a centralised identity system. Compromising on decentralisation fails the other way. There's no way of holding the centralised body to its side of the compromise. If worldcoin controls identity, they'll control downstream of identity too.
For actual solutions, I think it's better to think of specifics applications. Once you get specific, there are often more options.
Take DAUS governance. Say you want to implement a voting system that requires identity for sybil resistance. Maybe it's ok if voting requires a limited compromise on privacy. You expose just enough information to demonstrate eligibility, then vote. If privacy is more important that voting, you can maintain privacy instead.
'Proof of Personhood' is mostly only going to matter in a legal context, in which there will be some kind of state that recognizes that personhood. Even governments kind of screw that up though.
For the later we probably just need a slightly more advanced 'Ministry of Information and Identity'. Like the passport office, but digital. And away you go.
This whole 'decentralize everything' is a big of a canard. Useful though experiment, but not much more.
Also: "Soulbound token" make me cough up my coffee a little bit.
The desire to be "identified" incorporates the desire to be identified as "Self sovereign," which is an appeal that only other people can fulfill. Your identity is sovereign thus depends on their collaboration in constructing and maintaining a space where such an identity is even possible. You cannot be self sovereign because the mandate to make that identification is not entirely reserved to yourself. Unless of course you impose it on others by force, in which case you're no longer self sovereign but sovereign, period.
Woah, hold on, I thought we were still on "Web3"? Actually I'm not convinced that we've even moved past Web 2.0, since Web3 is still mostly just bullshit, scams, vaporware and monkey jpegs.
Did "Web4" get swallowed up by the same beast that made us skip IPv5?
And where, Oh where, are other good original thinkers, please? I don't care about "agree" or "disagree" I just care about the #$?* thinking.
No, of course cryptocurrency doesn't give you the powers of a nation state
In this case, negative attestations are reimplementing liens / UCC filings (for business loans) and credit reports (for individuals). But without any plausible consumer rights recourse, of course. (Like for example your right to have errors on your credit report fixed.)
It will be interesting to see if they can use zk-SNARKs to come up with a scheme that’s substantially better here.
Another corollary of this observation is that crypto will recapitulate the evolution of privacy legislation too. As the OP notes these systems are going to struggle to comply with deletion requests under GDPR. And while many would buy the premise that financial regulations are not helpful to the public (I don’t personally buy that), I think privacy legislation is much more popular and clearly a case of hard-won consumer protection.
some surface knowledge, little to no expertise, further watered down by lots of musings nobody except those familiar with the guy who wrote it would really care to read in full
