hi this is charles hoskinson broadcasting live from warm sunny colorado always warm always sunny sometimes colorado today is february 4th 2022. been a little while since i've had a chance to talk to you guys i had corona old omicron but i am fully recovered now and feeling better but it was a pretty tough few days uh you know i've been vaccinated gotten corona once before second time now uh and uh omicron has spreads like wildfire that are not of uh seven means that the whole world probably has it by now uh and uh it just shows you what happens when things have evolutionary pressure towards escaping vaccines and infecting people as quickly as possible uh anyway doing well doing fine feeling good but just had to take a little bit of time off to get better but i'm still with you guys all right so two things uh first uh i wanted to shout out to cohen he sent me this lovely thing for hoskin tunes he asked me he said hey can i send you something i said sure and so he sent this to me uh and i love that logan lobster is there and then i guess that's an island behind me pretty nifty but i read a blog post today and uh it's a blog post from moxie marlinspike and i wanted to read it with you guys and let me share my screen real quickly here so first off who the hell is moxie marlinspike sounds like a made-up name actually something uh a very prominent person in the valley related to privacy so there's a little picture of moxie and he used to be the cto of whisper systems and you know he also worked at twitter for a little bit but his claim to fame is that he's the co-author of the signal protocol which is a marvel of cryptography and the protocol ensures off-the-record communication and secure communication and so he's kind of a all-around crypto guy and privacy advocate and he's pretty bright uh so whenever he writes something it's always fun to read so what did he write well he wrote my first impressions of web3 so i wanted to read this together with you guys because i think it really captures adequately where the hell the the state of the industry is at and what people are valuing and why that's a bad thing all right so he says despite considering myself a cryptographer i have not found myself particularly drawn to quote crypto i don't think i've ever actually said the words get off my lawn but i'm much more likely to click on pepperidge farm remembered flavored memes about how crypto used to mean cryptography than i am for the latest nft drop also cards on the table here i don't share the same generational excitement for moving all aspects of life into an instrumented economy even strictly on the technological level though i haven't yet managed to become a believer so given all of the recent attention into what is now being called web 3 i decided to explore some of what has been happening in that space more thoroughly to see what i've been missing so how i think about one and two web 3 is a somewhat ambiguous term which makes it difficult to rigorously evaluate what the ambitions for web 3 should be but the general thesis seems to be that web one was decentralized web 2 centralized everything into platforms and that web 3 will decentralize everything again web 3 should give us the richness of web 2 but somehow be decentralized it's probably good to have some clarity on why centralized platforms emerge to begin with and in my mind the explanation is actually pretty simple one people don't want to run their own servers and never will how many of you complain about running dead list nodes right oh deadlifts is not a good user experience well that you're running a server actually think about it the premise for web one was that everyone on the internet would be both a publisher and consumer of content as well as a publisher and consumer of infrastructure we'd all have our own web server with our own website our own mail server for our own email our own finger server for our own status messages our own chargen server for our own character generation however and i don't think this can be emphasized enough that is not what people want people do not want to run their own servers even nerds do not want to run their own service at this point which is actually true it's really hard for me to actually get people to run jitsi servers or things like that or discord servers even organizations building software full-time do not want to run their own service at this point yeah how many of you guys live in the cloud if there's one thing i hope i've learned about the world it's that people do not want to run their own servers the companies that have merged offering to do uh that for you instead were successful and the companies that iterated on new functionality based on what is possible with those networks were even more successful yeah look how rich google is and facebook all these other guys are you could always host your own facebook page and your own facebook website right but you don't you have a facebook page a protocol to a protocol use much more slowly than a pr platform after 30 years email is still unencrypted meanwhile whatsapp went from unencrypted to full end-to-end encryption in a single year people are still trying to standardize sharing a video reliably over irc meanwhile slack lets you create custom reaction emojis based on your face this isn't the funding issue and actually let me repeat that again because it's such an important statement this isn't a funding issue if something is truly decentralized it becomes very difficult to change and often remains stuck in time and that's another incredibly important point i when i criticize bitcoin when i say hey you know bitcoin has issues well this is the crux of it bitcoin is incredibly valuable and there's plenty of people willing to spend massive sums of money to fix it upgrade it make it better but if it's decentralized which many people purport then it becomes very difficult to change and often remain stuck in time that is a problem for technology because the rest of the ecosystem is moving very quickly and if you don't keep up you will fail there are entire parallel industries focusing on defining and improving methodologies like agile to try to figure out how to organize enormous groups of people so that they can move as quickly as possible because it's so critical when the technology itself is more conducive to stasis than movement that's a problem see guys this is why the hard fork combinator this is why governance is such a critical component because if your protocols are stuck in stasis they have limited utility and this is why it's such a big focus of cardone anyway back to the article a sure recipe for success has been to take a 90s protocol that was stuck in time centralize it and iterate quickly but web 3 intends to be different so let's take a look in order to get a quick feeling for the space and a better understanding for the future may hold i decided to build a couple of dapps and create an nft all right so what did he do he said well making some distributed applications to get a feeling for the web 3 world i made a dap called autonomous art that lets anyone mint a token for an nft by making a visual contribution to it the cost of making a visual contribution increases over time and the funds a contributor pays to mint are distributed to all previous artists visualizing this financial structure would resemble something similar to a pyramid shape you got to love his dry sense of humor at the time of this writing over 38 000 has gone into creating this collective art piece i also made a dap called first derivative that allows you to create discover and exchange nft derivatives which track an underlying nft similar to financial derivatives which track an underlying asset both gave me a feeling for how the space works to be clear there is nothing particularly quote distributed about the apps themselves they're just normal react websites their distributedness refers to where the state and logic permissions for updating the state lives on the blockchain instead of in a centralized database one thing that's always felt strange to me about the cryptocurrency world is the lack of attention to the client server inter yeah you see this is the key guys pay attention to this one when people talk about blockchains they talk about distributed trust leaderless consensus and all the mechanics of how that works there's always some notion by the way of leadered consensus it's just how you get there but that's neither here nor there all the mechanics of how that works but often gloss over the reality that clients ultimately can't participate in all the network diagrams are observers the trust model is between servers and everything is about servers blockchains are designed to be a network of peers but not designed such that it's really possible for your mobile device or browser to be one of those peers yeah i see that's a huge problem and some of those are limitations of the devices themselves and some of those are limitations of the software providers but there were some projects to be fair that have tried to turn a browser into making it appear and we can certainly talk about that a bit anyway back to the article with the shift to mobile we now live firmly in a world of clients and servers and excuse me with the former completely unable to act as the latter and those questions seem more important to me seem more important to me than ever meanwhile ethereum actually refers to servers as clients so there's not even a word for an actual untrusted client server interface that will have to exist somewhere and no acknowledgement that if successful there will ultimately be billions more clients than there are servers let me read that again and no acknowledgement that if successful there will ultimately be billions more clients than servers for example whether it's running on mobile or the web a dapp like autonomous art or first derivative needs to interact with the blockchain somehow in order to modify or render state the collectively produced work of the art the edit history for it the nft derivatives etc that's not really possible to do from the client though since the blockchain can't live on your mobile device or in your desktop browser realistically so the only alternative is to interact with the blockchain via a node that's running remotely on a server somewhere rot raw a server but as we know people don't want to run their own servers that's moxie's axiom number one uh as it happens companies have emerged that sell api access to an ethereum node they run as a service along with providing analytics enhanced apis they've built on top of the default ethereum apis and access to historical transactions which sounds familiar at this point there are basically two companies almost all dapps either use infuria or alchemy in order to interact with the blockchain in fact even when you connect a wallet like metamask to adapt and the dap interacts with the client the blockchain via your wallet metamask is actually just calling usually infuria these clients apis are not using anything to verify blockchain state or the authenticity of responses and this is one of the cruxes of it right here what he's saying is they lack inclusive accountability so when you use this client it's talking to a centralized service and it sends a response back but they're not authenticated in a way that you can verify client-side the results aren't even signed an app like autonomous art says hey what's the output of this view function on this smart contract alchemy or fura responds with a json blob that says this is the output and the app renders it this was surprising to me so much work energy and time has gone into creating a trustless distributed consensus mechanism but virtually all clients that wish to access it do so by simply trusting the outputs from these two companies without any further verification it also it also doesn't seem like the best privacy situation imagine if every time you interact with a website in chrome you request first went to google before being routed to the destination and back actually in a lot of cases it does that's the situation with ethereum today all right traffic is obviously already public on the blockchain but these companies also have visibility into almost all read requests from almost all users in almost all dapps two companies and for an alchemy partisans of the blockchain might say it's okay if these types of centralized platforms emerge because the state itself is available on the blockchain so if these platforms misbehave clients can simply move elsewhere however i would suggest that that is a very simplistic view of the dynamics that make platforms what they are let me give you an example this one's great making an nft i also wanted to create a more traditional nft most people think of images in digital art when they think of nfts but nfts generally do not store that data on chain for most nfts of most images that would be much too expensive instead of storing on chain data nfds instead contain a url that points to the data what surprised me about the standards was that there's no hash commitment no hash commitment for the data located at the url which is extraordinary to me too that's like what you can't verify that the image is authentic looking at many of the nfts and popular marketplaces being sold for tens hundreds or millions of dollars that url often just points to some vps running apache somewhere anyone with access to that machine anyone who buys that domain name in the future or anyone who compromises that machine can change the image title description etc for the nft to whatever they'd like at any time regardless of whether or not they own the token there's nothing in the nft spec that tells you what the image should be or even allows you to confirm whether something is the quote correct image so as an experiment i made an nft and this is why i love moxie he doesn't just say it he does it so as an experiment i made an nft that changes based on who is looking at it since the web server that serves the image can choose to serve different images based on the ip or user agreement of the requester for example it look one way on openc another way unrearable but when you buy and view it your crypto wallet should always be displayed as a large poop emoji what you bid on it isn't what you get there's nothing unusual about this nft it's just how the nft specifications are built many of the highest priced nfts could turn into a poop emoji at any time i just made it explicit so he shows a little picture of the view on nft on openc the view on wearable and then poop in the wallet after a few days without warning our explanation the nfta i made was removed from openc an nft marketplace uh uh it was rude right here the takedown suggests they violated some form of terms of service but after reading the terms i don't see anything to any that prohibit an nft which changes based on where it's being looked at from and i was openly describing it that way what i found most interesting though is that after openc removed my nft it was no it no longer appeared in any crypto wallet on my device this is web 3 though how is that possible right it's supposed to be on the blockchain a crypto wallet like metamask rainbow is non-custodial the keys are kept client side but it has the same problem as my dapps above a wallet has to run on a mobile device or in your browser meanwhile ethereum and other blockchains have been designed with the idea that it's a network of peers but not designed such that it's really possible for your mobile device or your browser to be one of those peers a wallet like metamask needs to do basic things like display your balance your recent transactions and your nfts as well as more complex things like constructing transactions interacting with smart contracts ensure metamask needs to interact with the blockchain but the blockchain has been built such that clients like metamask can't interact with it so like my dab metamask accomplishes this by making api calls to three companies that have consolidated in this space for instance metamask displays your recent transaction by making an api call to etherscan and he actually puts the call here and displays your account balance by making a api call to infura and displays your nfts by making an apa i call to open c so what's really happening is centralized service centralized service centralized service unauthenticated and then here is the unauthenticated json blob that he's talking about so you're just trusting three centralized services for your entire display again like with my dap these responses are not authenticated in some way they're not even signed so that you could later prove they were lying it reuses the same connections tls session tickets etc for all the accounts in your wallet so if you're managing multiple accounts in your wallet to maintain some identity separation these companies know they're linked metamask doesn't actually do much it's just a view onto data provided by these centralized apis this isn't a problem specific to metamask what other option do they have rainbow are set up exactly the same way interestingly rainbow has their own data for social features that they're building into the wallet social craft showcases and have chosen to build it all on top of firebase instead of the blockchain all this means that if your nft is removed from openc it also disappears from your wallet it doesn't functionally matter that my nft is indebtedly on the blockchain somewhere because the wallet and increasingly everything else in your ecosystem is just using the openc api to display nfts which begins returning 304 no content for the query of nfts owned by my address isn't that remarkable we say trustless and decentralized and that's where we're at recreating this world given the history of why web one became web 2 what seems strange to me about web3 is that technologies like ethereum have been built with many of the same implicit trappings as web one to make these technologies usable the space is consolidating around platforms again people who run servers for you and iterate the new functionality that emerges inferior c coinbase ether scan likewise the web 3 protocols are slow to evolve yeah because they don't have governance built in right when building first derivative it would have been great to price minting derivatives as a percentage of the underlying value the data isn't on chain but it's in an api that open c will give you people are excited about nft royalties for the way that they can benefit creators but royalties aren't specified the erc 721 specification and it's too late to change it so openc has its own way of configuring royalties that exists in the web 2 space the centralized space iterating quickly on centralized platforms is already outpacing the distributed protocols and consolidating control into platforms again centralized platforms given those dynamics i don't think it should be a surprise that we've already that we're already at a a place where your crypto wallet's view of nfts is open c's view of your nfts i don't think we should be surprised that openc isn't a peer view that can be replaced since it's busy iterating the platform beyond what is possible strictly with the impossible slash difficult to change standards i think it's very similar to the situation with email i can run my own server but it doesn't functionally matter for privacy censorship resistance or control because gmail is going to be on the other end of every email that i send or receive anyway once a distributed ecosystem centralizes around a platform for convenience it becomes the worst of both worlds this is actually i think one of the most important sentences in the entire uh write-up so i'll read it again once a distributed cis ecosystem centralizes around a platform for convenience it becomes the worst of both worlds centralized control but still distributed enough to become mired in time so you get slow evolution and to compensate you get centralized control and you have the worst of both worlds i can build my own nft marketplace but it doesn't offer any additional control if openc mediates the view of all nfts in the wallets people use and every other app in the ecosystem this isn't a complaint about openc or an indictment of what they've built just the opposite they're trying to build something that works i think we should expect this kind of platform consolidation to happen and given the inevitable design systems that give us what we want when that's how things are organized my sense and concern though is that the web3 community expects some other outcome than what we've already been seeing it's early days it's early days still is the most common refrain i see from people in the web 3 space when discussing matters like these in some ways cryptocurrency's failure to scale beyond relatively nascent engineering is what makes it possible to consider the days quote early since objectively it's already been a decade or more however even if this is just the beginning and it very well might be i'm not sure we should consider that any consolidate i'm not sure we should consider that any consolid a consolation i think the opposite might be true it seems like we should take notice that from the very beginning these technologies immediately tended towards centralization through platforms in order for them to be realized that this has zero negatively felt effect on the velocity of the ecosystem in other words people don't care and that most participants don't even know or care it's happening think about that all this centralization is occurring nobody cares this might suggest that the centralization itself is not actually of immediate practical oppressing importance to the majority of people downstream that the only amount of decentralization people want is the minimum amount required for something to exist and that if it not very consciously accounted for these forces will push us further from rather than closer to the ideal outcome as the days become less early but you can't stop a gold rush when you think about it open c uh would actually be much quote better in the immediate sense if all web 3 parts were gone it would be faster cheaper for everyone and easier to use for example to accept a bid on my nft i would have to have had to have paid 80 to 150 dollars just in ethereum transaction fees that puts an artificial floor on all bids since otherwise you'd lose money by accepting a bid for less than the gas fee payment fees by credit card would typically feel extraordinary which typically feel extraordinary look cheap compared to that openc would even publish a simple transparency log if people wanted a public record of transfer transactions offers bids to verify their accounting however if they had built a platform to buy and sell images that wasn't nominally based on crypto excuse me i don't think it would have taken off not because it's it isn't distributed uh because as we've seen so much of what's required to make it uh work is already not distributed i don't think it would have taken off because this is a gold rush people have made money through cryptocurrency speculation those people are interested in spending that cryptocurrency in ways that support their investment while offering additional returns and so that defines the setting for the market of transfer of wealth the people at the end of the line who are flipping nfts do not fundamentally care about distributed trust models or payment mechanisms but they care where the money is so the money draws people into open c they improve the experience by building a platform that iterates on the underlying web 3 protocols in the web 2 space they offer the ability to mint nfts through openc itself instead of through your own smart contract and eventually this opens the door for coinbase to offer access to the validated nft mo token with their own platform via your debit card that holds the door open to coinbase managing the tokens themselves through dark pools that coinbase holds which hopefully eliminates the transaction fees and makes it possible to avoid having to interact with smart contracts at all eventually all the web 3 components are gone and you have a website for buying and selling jpegs with your debit card the project can't start as a web 2 platform because of the market dynamics but the same market dynamics and fundamental forces of centralization will likely drive it to end up there and at the end of the stack nft artists are excited about this kind of progression because it means more speculation and investment in their art it also seems like if the point of web 3 is to avoid the trappings of web 2 we should be concerned that this is already the natural tendency for these new protocols that are supposed to offer a different future i think these market forces will likely continue and in my mind the question of how long it continues is a question of whether the vast amounts of accumulated cryptocurrency are ultimately inside an engine or a leaky bucket if the money flowing through nfts ends up channeled back into the crypto space it would continue to accelerate forever regardless of whether or not it's just web 2x2 if it turns out then this will be a blip personally i think enough money has been made at this point that there are enough faucets to keep it going but this won't and this won't be a just a blip if that's the case it seems worth thinking about how to avoid web 2 being web 2x2 web 2 with even less privacy with some urgency creativity might not be enough i have only dipped my toe in the waters of web3 looking at the through the lens of these small projects though i can easily see why so many people find web3 so neat i don't think it's on a trajectory to deliver us from centralized platforms i don't think it will fundamentally change our relationship to technology and i think the privacy store is already below par for the internet which is already a pretty low bar but i also understand why nerds like me are excited to build for it it is at the very least something new on the nerd level and that creates a space for creativity exploration that is somewhat reminiscent of the early internet days ironically part of that creativity probably springs from the constraints that make web3 so clunky i'm hopeful that the creativity and exploration we're seeing will have positive outcomes but i'm not sure it's if it's enough to prevent all the same dynamics of the internet from unfolding if we do want to change our relationship to technology i think we have to do it intentionally and my basics thoughts are roughly one we should accept the premise that people will not run their own servers by designing systems that can distribute trust without having to distribute infrastructure you know that's such an important statement and it shows you the guy knows what the hell he's doing this means architecture that anticipates and accepts the inevitable outcome of relatively centralized client server relationships but uses cryptography rather than infrastructure to distribute trust one of the surprising things to me about web3 despite being built on quote crypto is how little cryptography seems to be involved and two we should try to reduce the burden of building software at this point software projects require an enormous amount of human effort even relatively simple apps require a group of people to sit in front of a computer eight hours a day every day forever this wasn't always the case and there was a time when 50 people working on a software project wasn't considered a quote small team as long as the software requires such concerted effort and so much highly specialized human focus i think it will have the tendency to serve the interest of the people sitting in that room every day rather than what we may consider our broader goals i think changing our relationship to technology will probably require making software easier to create but in my lifetime i've seen the opposite come to pass unfortunately i think distributed systems have a tendency to exacerbate this trend by making things more complicated and more difficult not less complicated less difficult gm a hell of a write-up and you know it's great because you have a guy from the outside who's giving our industry a chance and he approaches it like an information security guy would and so he builds some things and then he notices all the centralized points of failure and he he notices that he can manipulate things in ways that people didn't expect you know this is why we wrote the mithril paper so there's this concept of inclusive accountability and he's absolutely right when he talks about at the end of the paper we should accept that people are probably not going to run their own servers and that we're going to have billions of clients and still have some servers because that's what's happened every single time we've given people an opportunity well things like mithril it's a broader conversation into inclusive accountability these types of technologies where on the wire in the transaction in the protocol itself you guys get enough information that you're able to self-verify that the things you're looking at are correct you see and that's the only way we're going to get there infrastructure is commoditized it's fluid there are winners and losers and it's verticalized meaning that people have incentives to build gargantuan data centers and there's economy of scale and if it's a game of economics people are going to optimize the cheapest experience so the natural state of affairs is to push a lot of these things from your desktop to your laptop to push it to basically a third-party custodian the point of mithral and the point of these types of research the point of extended utxo we talk about local state is to get as much of the logic and the activity that you guys are seeing as possible into a proof that you're able to check and verify the point of governance is what he's mentioning up here about these ossified protocols you have to be able to evolve the protocols quickly at the same speed that the centralized software does otherwise the natural tendency will be to take stuff out of the protocols and have them run somewhere else and now we're not the only people in this game like uh starkware does some great stuff they wrote this beautiful blog post on fractal scaling and they're talking about saying well we can still recursively embed certain structures inside centralized infrastructure and it just kind of works its way to a base layer and you end up getting high scalability in transactions even though you you have centralized infrastructure with the same trust model of an underlying route of trust but you know i just wanted to read this for you guys because you know moxie's a real guy and there's a lot of real people that don't take crypto seriously because there's the advertisement and there's the gold rush and then there's what's happening and when we looked at things like the design of aura borrowers and when we looked at other things it's really hard to build decentralized protocols and try to predict what keeps this protocol getting more decentralized you're staying at the same level of decentralization over time it's super hard it's a massive engineering challenge it's a massive incentives challenge and it's a massive protocol design challenge and then we talk about dat development you know what type of model of dap development forces you to build things in a way where you use cryptography at the very base and you have all kinds of things in your toolkit proofs and signatures and other things to be able to when a user is using it they on their side can verify what they're looking at is right so when you have all these vc people and these other people running out of space and they say well this they have all these daps and they're doing all these transactions well if only two servers three servers four servers four companies are controlling your entire experience and none of that is actually running or very little is actually running on the underlying blockchain infrastructure how is that any different from amazon or rackspace or digitalocean or any of these other guys honestly you're just putting a different coat of paint on it and you've moved the goalposts the goalposts for cardano we're always saying how do you build truly decentralized things and what collection of research and incentives and mechanisms do you need that you keep the system decentralizing over time and the experience and yes there are consequences to that for example daedalus is a server you guys complain about it a lot he's oh it's so slow it's so slow all these other guys it's so fast yeah it's real fast when it's centralized it's not so fast when it's decentralized so how do you make something that's fundamentally decentralized faster that's a huge engineering challenge it requires an enormous amount of work and a lot of engineering and thought but when you do everybody who has it is actually running a server so there's a little bit of that and of the centralized stuff how do you build a model where even though somebody else is doing something for you you can check their work you can preserve inclusive accountability it's a very big challenge as well it's something interesting to think about so uh think for yourselves and really take a step back and try to understand what's going on there's a lot of dunning-kruger in this industry where people seem to think they're domain experts and they got it all figured out and the only metrics they care about is price so price high you're doing a good job price low you're doing a bad job guys share price of google is pretty high doesn't necessarily mean that's a decentralized experience right so you have to take a step back and all these things and say what are we really trying to achieve uh it is pretty shitty and sad if all we get after all this is said and done is just a rehash of web 2 but now it's even slower and more expensive because it's got some weird blockchain infrastructure behind it but five guys basically get to decide the whole thing and you can be de-platformed at any time to the alliances like the defy alliance and the emerging nft alliance these other things we have to create standards where we preserve decentralization and inclusive accountability and the user is aware of that and they're party to that and you authenticate things like an nft standard on cardano as those emerge and materialize yeah we should probably put a hash of all the stuff that we're trying to create property around as well as legal nexus and a litany of other things okay so our standards have to evolve faster and our protocols have to evolve faster that's the great challenge of governance and if you put all these things together in the right way scalability interoperability and sustainability you end up getting an ecosystem that doesn't suffer from what we've seen happen in the ethereum ecosystem which is brilliant but flawed that's what i'm after and that's what you guys are after i hope that's the point of the cardonal project so i hope that this gives you guys some food for thought i included the link to the blog post if you didn't want to listen to me reading it in the description and until next time i'll talk to you guys later see
