I keep getting sucked into discussions of web3, decentralization and cryptocurrency. It's only natural: much of the rhetoric and stated goals of the people behind these technologies intersect with my longstanding causes, like access to cryptography and decentralized communities (what we used to call P2P).

1/

The reason I say I get "sucked into" these discussions is that, despite the rhetorical overlap, I've sensed a significant ideological divergence between my position and the dominant web3 ethos. In general, I would say that I think there are only a few circumstances in which markets produce good incentives and distributions, and that these depend heavily on publicly accountable governance that set up their rules.

2/

Which is not to say that I reject markets altogether. As John T Harvey - the "Cowboy Economist" - says, an economist who says that we must *always* use markets to attain our goals, or *never* use them, is like a carpenter who says, "I will only join those two pieces of wood together with a nail; screws are for commies!"

3/

So I think markets are a tool, not a ethical imperative, and I think the core of the web3 project not only values markets beyond their worth, but also sees the problems of markets as the result "distortion by regulators" and wants to eliminate the publicly accountable governance (AKA "deregulating") that I see as essential to getting good results from markets.

4/

That means that while I often find myself having conversations with web3 advocates that feel like the excited conversations we had 20 years ago at the old O'Reilly P2P conferences (which I sat on the committee for), beneath the surface, there's a deep and meaningful rift.

5/

Here's a superficial but telling example: when I decided to write this post, I had to brainstorm a graphic for the top of it. After some image searches, I decided I'd just go the hacky route and pull out my old Oxford English Dictionary and take a picture of the definition of "decentralization," then jazz it up with the familiar topological diagrams illustrating different models of decentralization.

6/

When I went looking for a hi-rez, CC-licensed version of that diagram, I came up empty - there were plenty of those diagrams, but they were all proprietary licensed, mostly from news websites catering to financial speculators thinking of "investing" in web3.

I was briefly stumped, but then I had an idea: those web3 decentralization diagrams look an awful lot like the diagrams from the P2P days.

7/

I searched for "p2p network diagram" and got an image that was basically identical to those proprietary web3 illos, except it was CC-licensed (under the ultra-rare Spanish CC BY-SA 2.5 license, no less!).

commons.wikimedia.org/wiki/Fil

8/

That decade-old image is a pretty on-the-nose symbol of the difference between P2P and web3: the former directly produced public goods through appeals to sharing and generosity; the latter produces literally identical private goods through appeals to speculation, but claims that this will produce public goods.

9/

Those claims aren't all bullshit, either. This recent discussion between Danny O'Brien and The Blockchain Socialist makes for an interesting overview of the market-skeptical, leftist wing of the web3 world, and it bemoans the fact that people like me don't pay enough attention to people like them, which may be true:

theblockchainsocialist.com/are

10/

This was on my mind when I came across "The Web3 Decentralization Debate Is Focused on the Wrong Question," a Wired article by Divya Siddarth, Danielle Allen and E Glen Weyl, two of whom are affiliated with RadxChange.

wired.com/story/web3-blockchai

11/

The authors start by drawing a distinction between the "global redundancy" model of blockchains - lots of computers operated by mutually untrusted parties who collaborate to create a system they all can trust - and a "subsidiarity" model, which is a little harder to describe, but which resonated with me.

12/

Follow

Subsidiarity keeps data "as close as possible to the social context of creation;" relies on "a plurality of solutions" that are federated and interoperable; and it leverages and extends "online and offline trust and institutions."

So what's subsidairity in the real world? TCP/IP, but also the Activitypub standard (which powers Mastodon), mesh networks, Wikipedia, Reddit community moderation, federated learning, and some more exotic technologies like "socially local identity systems."

13/

· · Web · 3 · 5 · 5

Contrast this with blockchain/global redundancy projects, which: "maximally remove data from social context" and rely on transactions, not social relations; seek "universalized solutions" that work in all contexts; and rely on "global consensus and redundant verification."

14/

The technical design and ethos of global redundancy is meant to provide security and robustness, but global redundancy has proven itself to be both volatile and brittle, vulnerable to shocks, like China shutting down mining, or Kazakhstan's crypto-mining destabilization:

restofworld.org/2022/crypto-mi

15/

What's more, a market-based approach works at cross-purposes to redundancy, because the tool relies on profit-seeking, self-interested miners who can realize efficiencies of scale, which drives consolidation, which crowds out most individual miners, and pushes even very large miners into mining pool consortia.

16/

A useful accompanying chart contrasts the two approaches; where Subsidiarity relies on "social context," Global Redundancy is "Contextless." Subsidiarity has "Commons governance;" Global Redundancy has "Coin-voting governance." Some of these contrasts are very abstract but important, for example, Subsidiarity uses "Distributed permissioning" while Global Redundancy is "Permissioned through fungible assets."

17/

With this framework, the authors consider three of web3's major programs and contrast the Subsidiarity and Global Redundancy approaches: Identity and Reputation; Data Empowerment; and Organizational Innovation.

18/

Global Redundancy struggled with identity because it is grounded in the idea of pseudonymous ledgers. By design, it's easy to set up lots of identities in blockchain-based systems, and the main design challenge of permissionless blockchains is preventing "Sybil attacks" where bad actors set up multiple identities and use them to influence platforms by pretending to be lots of people at once.

19/

This is a genuine problem in Global Redundancy system, and there are lots of proposed solutions to it, but the current frontrunner is gathering unique biometrics and using them for proof of personhood, which has lots of problems, both in terms of privacy (you can't replace your biometric if it's captured by an attacker!) and equity (not everyone has eyes, fingerprints, or any other biometric except DNA, which is its own nightmare).

buzzfeednews.com/article/richa

20/

Under Subsidiarity, identity is "about relationships (status as employee, citizen, student, platform contributor)," not "universal identification." The authors point to longstanding cryptographic protocols like "web of trust" and identify modern successors to old, PGP-style keysigning parties, like "Spritely, BackChannel, KERI, Āhau and ACDC."

21/

In the Global Redundancy framework, "Data Empowerment" is mostly about data *ownership*, where each of us has a personal data store that we grant companies access to based on market-based bids and sales. This just doesn't work. Most valuable data is "relational" - created by interactions between two or more people. That means that buyers can just find the seller with the lowest price (like if the person you sent email to values the contents less than you do).

22/

Treating information as property is a really poor fit. It's not that information isn't valuable, it's that the value of information isn't well-captured by market systems. People are valuable, but not because they're for sale! The way you can tell people are valuable is that they're *not* for sale:

theguardian.com/technology/200

23/

Beyond this "relational" problem with data markets, there's this: the most valuable information is aggregated. It's not that Facebook makes a lot of money from *your* data: it's that combining your data with billions of others' data produces value. That's why "data dividends" (where Facebook pays you for your data) are a bad idea:

eff.org/deeplinks/2020/10/why-

24/

Finally, there's the problem of inequality and data-markets. If privacy is a human right, it shouldn't be a luxury. Protecting privacy by pricing data just means that the people with the least have to sell the most.

The authors argue that there's another way. Subsidiarity, which uses "data cooperatives, collaboratives, and trusts with privacy-preserving and -enhancing techniques for data processing, such as federated learning and secure multiparty computation."

25/

They cite an example of a credit-union whose members agree to allow a company to mine its data to figure out loan refinancing to those members and a public agency analyzing predatory lending practices.

This reminds me of Ben Goldacre's recent, stupendous "Better, broader, safer: using health data for research and analysis," a report for the NHS on safe, responsible and effective research programs using the incredible storehouse of health data the NHS holds:

gov.uk/government/publications

26/

Goldacre argues for the creation of "Trusted Research Environments" built on open, interoperable code that's managed and hosted by the NHS. Researchers don't ever access the data directly - rather, they are able to securely submit queries to run against it within a secure environment that the NHS exercises total control over.

27/

A central feature of web3 is the DAO (Distributed Autonomous Organization): a blockchain-based, smart-contract governed meant to create accountable "peer-to-peer, holocratic communities." Like me, the authors like the sound of this - and like me, they're skeptical that DAOs achieve their stated aims.

28/

Under the Global Redundancy framework, DAOs have been plagued by smart-contract bugs. Smart contracts have a "dual complexity" problem - to rely on them, you need to be able to understand their code and their financial terms, and not many people understand either, let alone both:

pluralistic.net/2022/03/02/sha

29/

The authors identify a tension between "flexibility and automaticity" - the ability of a community to respond appropriately to changing contexts and the automatic, instantaneous execution of smart contracts.

This is what Hilary Allen called "Driverless Finance," and she likens it to the "suicide notes" - inflexible lending terms - that precipitated and then accelerated the 2008 financial crisis:

papers.ssrn.com/sol3/papers.cf

30/

DAOs try to patch this with "democratic governance" - but because they are locked into the Global Redundancy model of identity, they struggle with "one person, one vote" and generally default to "one token, one vote" - creating a situation where a small group of whales can vote to take all the minnows' money for themselves.

31/

The other patch for this is to rely on Web 2.0-style governance, which is to say, they abandon Global Redundancy in favor of centralized tools that have all the vulnerabilities and failure modes that Global Redundancy was invented to get rid of.

32/

Show newer

@pluralistic We don't need a data collective, just more developers working on the SOLID Project. I'd post a link, but I'm on my cell. DDG is your friend.

@robindrake SOLID has no evidence of being something worth expanding on outside of it being a TBL production. It introduces more random cryptographical tools and just advocates more feudal technology - the opposite of what society needs

@pluralistic > Spritely

Oh look, there it is. Guess I should've read the whole thing before replying! 😅

@pluralistic this real world example proves precisely the opposite of what you are trying to say. Bitcoin as a system did not even blink during this massive attack on mining. Its robustness is a consequence of its design, and social consensus based systems are unable to achieve this.

@pluralistic this is one thing I've personally found compelling about the fediverse concept as opposed to other models - it brings both technical control and moderation in line with the social structures existing on the platform, rather than either attempting a purely technological fix to social problems or hypercentralising them to the point where the people making the decisions are incredibly removed from those they are deciding over. These are still ultimately social problems, and I am honestly convinced that adjusting the technological side to reflect that is the best way to resolve them.

Sign in to participate in the conversation
La Quadrature du Net - Mastodon - Media Fédéré

Mamot.fr est un serveur Mastodon francophone, géré par La Quadrature du Net.