If you'd like an essay-formatted version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:
pluralistic.net/2022/05/12/cry… 2/
pluralistic.net/2022/05/12/cry… 2/
It's only natural: much of the rhetoric and stated goals of the people behind these technologies intersect with my longstanding causes, like access to cryptography and decentralized communities (what we used to call #P2P). 3/
The reason I say I get "sucked into" these discussions is that, despite the rhetorical overlap, I've sensed a significant ideological divergence between my position and the dominant web3 ethos. 4/
In general, I would say that I think there are only a few circumstances in which markets produce good incentives and distributions, and that these depend heavily on publicly accountable governance that set up their rules.
Which is not to say that I reject markets altogether. 5/
Which is not to say that I reject markets altogether. 5/
As @John_T_Harvey - the "Cowboy Economist" - says, an economist who says that we must *always* use markets to attain our goals, or *never* use them, is like a carpenter who says, "I will only join those two pieces of wood together with a nail; screws are for commies!" 6/
I think markets are a tool, not a ethical imperative. But I think web3 people not only overvalue them, but also blames markets' problems on "regulatory distortion" and wants to eliminate the publicly accountable governance ("deregulating") that is essential to good markets. 7/
That means that while I often find myself having conversations with web3 advocates that feel like the excited conversations we had 20 years ago at the old O'Reilly P2P conferences (which I sat on the committee for), beneath the surface, there's a deep and meaningful rift. 8/
Here's a superficial but telling example: when I decided to write this post, I had to brainstorm a graphic for the top of it. 9/
After some image searches, I decided I'd just go the hacky route and pull out my old Oxford English Dictionary and take a picture of the definition of "decentralization," then jazz it up with the familiar topological diagrams illustrating different models of decentralization. 10/
When I went looking for a hi-rez, CC-licensed version of that diagram, I came up empty - there were plenty of those diagrams, but they were all proprietary licensed, mostly from news websites catering to financial speculators thinking of "investing" in web3. 11/
I was briefly stumped, but then I had an idea: those web3 decentralization diagrams look an awful lot like the diagrams from the P2P days. 12/
I searched for "p2p network diagram" and got an image that was basically identical to those proprietary web3 illos, except it was CC-licensed (under the ultra-rare Spanish CC BY-SA 2.5 license, no less!).
commons.wikimedia.org/wiki/File:P2P_… 13/
commons.wikimedia.org/wiki/File:P2P_… 13/
That decade-old image is an on-the-nose symbol of the difference between P2P and web3: the former produced public goods via sharing and generosity; the latter produces literally identical private goods through speculation, and claims this will produce public goods. 14/
Those claims aren't all bullshit, either. This chat between @mala and @TBSocialist makes for an interesting overview of the market-skeptical, leftist web3 tendency, bemoaning people like me who don't pay enough attention them, which may be fair:
theblockchainsocialist.com/are-we-a-psyop… 15/
theblockchainsocialist.com/are-we-a-psyop… 15/
This was on my mind when I came across "The Web3 Decentralization Debate Is Focused on the Wrong Question," a @WIRED article by @divyasiddarth, @dsallentess and @glenweyl, two of whom are affiliated with @RadxChange.
wired.com/story/web3-blo… 16/
wired.com/story/web3-blo… 16/
The authors distinguish between the "global redundancy" model of blockchains - many computers operated by untrusted parties who collaborate to create a system they all can trust - and a "#subsidiarity" model, which is a little harder to describe, but which resonated with me. 17/
Subsidiarity keeps data "as close as possible to the social context of creation;" relies on "a plurality of solutions" that are federated and interoperable; and it leverages and extends "online and offline trust and institutions." 18/
So what's real-world subsidairity? TCP/IP, but also the Activitypub standard (powering Mastodon), mesh nets, Wikipedia, Reddit community mods, federated learning, and exotic tech like "socially local identity systems." 19/
Contrast this with blockchain/global redundancy projects, which: "maximally remove data from social context" and rely on transactions, not social relations; seek "universalized solutions" that work in all contexts; and rely on "global consensus and redundant verification." 20/
The technical design and ethos of global redundancy is meant to provide security and robustness, but global redundancy has proven to be volatile and brittle, vulnerable to shocks, like China's mining shutdown or Kazakhstan's crypto-mining disaster:
restofworld.org/2022/crypto-mi… 21/
restofworld.org/2022/crypto-mi… 21/
What's more, a market approach works at cross-purposes to redundancy, because markets rely on profit-seeking, self-interested miners whose efficiencies of scale drive consolidation, which crowds out most individual miners, and pushes large miners into mining pool consortia. 22/
A useful accompanying chart contrasts the two approaches; where Subsidiarity relies on "social context," Global Redundancy is "Contextless." Subsidiarity has "Commons governance;" Global Redundancy has "Coin-voting governance." 23/ 
Some of these contrasts are very abstract but important, for example, Subsidiarity uses "Distributed permissioning" while Global Redundancy is "Permissioned through fungible assets." 24/
With this framework, the authors consider three of web3's major programs and contrast the Subsidiarity and Global Redundancy approaches: Identity and Reputation; Data Empowerment; and Organizational Innovation. 25/
Global Redundancy struggled with identity because it is grounded in the idea of pseudonymous ledgers. 26/
By design, it's easy to set up many IDs in blockchain-based systems, and the main design challenge of permissionless blockchains is preventing "Sybil attacks" where bad actors set up multiple identities and use them to influence platforms by pretending to be many people. 27/
This is a genuine problem in Global Redundancy system, and there are lots of proposed solutions to it, but the current frontrunner is gathering unique biometrics and using them for #ProofOfPersonhood. 28/
This has lots of problems, both in terms of privacy (you can't replace your biometric if it's captured by an attacker!) and equity (not everyone has eyes, fingerprints, or any other biometric except DNA, which is its own nightmare).
buzzfeednews.com/article/richar… 29/
buzzfeednews.com/article/richar… 29/
Under Subsidiarity, identity is "about relationships (status as employee, citizen, student, platform contributor)," not "universal identification." 30/
The authors point to longstanding cryptographic protocols like "web of trust" and identify modern successors to old, PGP-style keysigning parties, like "Spritely, BackChannel, KERI, Āhau and ACDC." 31/
In the Global Redundancy framework, "Data Empowerment" is mostly about data *ownership*, where each of us has a personal data store that we grant companies access to based on market-based bids and sales. This just doesn't work. 32/
Most valuable data is "relational" - created by interactions between two or more people. That means that buyers can just find the seller with the lowest price (like if the person you sent email to values the contents less than you do). 33/
Treating information as property is a poor fit. It's not that data isn't valuable, it's that the value isn't well-captured by markets. People are valuable, but not because they're on sale! You can tell people are valuable is that they're *not* sold:
theguardian.com/technology/200… 34/
theguardian.com/technology/200… 34/
Beyond this "relational" problem with data markets, there's this: the most valuable information is aggregated. It's not that Facebook makes a lot of money from *your* data: it's that combining your data with billions of others' data produces value. 35/
That's why "data dividends" (where Facebook pays you for your data) are a bad idea:
eff.org/deeplinks/2020… 36/
eff.org/deeplinks/2020… 36/
Finally, there's the problem of inequality and data-markets. If privacy is a human right, it shouldn't be a luxury. Protecting privacy by pricing data just means that the people with the least have to sell the most. 37/
The authors argue that there's another way. Subsidiarity, which uses "data cooperatives, collaboratives, and trusts with privacy-preserving and -enhancing techniques for data processing, such as federated learning and secure multiparty computation." 38/
They cite an example of a credit-union whose members agree to allow a company to mine its data to figure out how to offer loan refinancing to those members and a public agency analyzing predatory lending practices. 39/
This reminds me of @bengoldacre's stupendous "Better, broader, safer: using health data for research and analysis," a report for the NHS on safe, responsible and effective research programs using the NHS's incredible storehouse of health data:
gov.uk/government/pub… 40/
gov.uk/government/pub… 40/
Goldacre argues for the creation of "Trusted Research Environments" built on open, interoperable code that's managed and hosted by the NHS. 41/
Researchers don't ever access the data directly - rather, they are able to securely submit queries to run against it within a secure environment that the NHS exercises total control over. 42/
A central feature of web3 is the #DAO (Distributed Autonomous Organization): a blockchain-based, smart-contract governed meant to create accountable "peer-to-peer, holocratic communities." 43/
Like me, the authors like the sound of this - and like me, they're skeptical that DAOs achieve their stated aims.
Under the Global Redundancy framework, DAOs have been plagued by smart-contract bugs. 44/
Under the Global Redundancy framework, DAOs have been plagued by smart-contract bugs. 44/
Smart contracts have a "dual complexity" problem - to rely on them, you need to be able to understand their code and their financial terms, and not many people understand either, let alone both:
pluralistic.net/2022/03/02/sha… 45/
pluralistic.net/2022/03/02/sha… 45/
The authors identify a tension between "flexibility and automaticity" - the ability of a community to respond appropriately to changing contexts and the automatic, instantaneous execution of smart contracts. 46/
This is what @ProfHilaryAllen called #DriverlessFinance, and she likens it to the "suicide notes" - inflexible lending terms - that precipitated and then accelerated the 2008 financial crisis:
papers.ssrn.com/sol3/papers.cf…
DAOs try to patch this with "democratic governance." 47/
papers.ssrn.com/sol3/papers.cf…
DAOs try to patch this with "democratic governance." 47/
But because they are locked into the Global Redundancy model of identity, they struggle with "one person, one vote" and generally default to "one token, one vote" - creating a situation where a small group of whales can vote to take all the minnows' money for themselves. 48/
The other patch for this is to rely on Web 2.0-style governance, which is to say, they abandon Global Redundancy in favor of centralized tools that have all the vulnerabilities and failure modes that Global Redundancy was invented to get rid of. 49/
The Subsidiarity approach to organization looks a lot more like a "platform coop" or "#ExitToCommunity" - a way for projects to transfer ownership to the communities they serve. 50/
They also talk about Radicalxchange, a nonprofit project that two of the authors are involved with:
radicalxchange.org/about/ 51/
radicalxchange.org/about/ 51/
They're big on some technical innovations in community structure, like "quadratic voting" and democratic deliberation tools like Pol.is and Loomio. They also endorse Gitcoin as a way of funding public goods. 52/
What distinguishes all of these is "community participation and empowerment, federating together organizations to build larger-scale cooperation rather than acquisitions or purely financial contracts." 53/
I found this essay fascinating and thought provoking, especially in this moment, in which all asset prices are tanking, but crypto "assets" are just *imploding*.
ft.com/content/5887ef… 54/
ft.com/content/5887ef… 54/
As a speculative bubble bursts, the everyday people who hoped to find economic stability are left holding the bag. One especially hard-hit group are artists who were hoping to fund their work with #NFTs. 55/
Today on her blog, @molly0xFFF examines this phenomenon:
blog.mollywhite.net/digital-artist…
(NB: if your only contact with White is her dry quick hits on @web3isgreat, you're missing out - her long-form essays on her blog are essential reading) 56/
blog.mollywhite.net/digital-artist…
(NB: if your only contact with White is her dry quick hits on @web3isgreat, you're missing out - her long-form essays on her blog are essential reading) 56/
White points out that the thing that supposedly created value for NFTs - uniqueness by dint of cryptographic signatures - is something artists have done for a long time, without any blockchain involved. PGP-signed works a well-established, niche category. 57/
When a FL high school principal illegally canceled the school's entire summer reading program to keep students from reading my novel Little Brother, we sent cases of free books to students - and I also emailed PGP-signed, personalized copies to them:
latimes.com/books/jacketco… 58/
latimes.com/books/jacketco… 58/
The thing is, PGP basically sucks. It's really hard to use and even harder to use well. In fact, PGP is so creaky that a lot of people just pretend it doesn't exist. 59/
Take the debate over the EU's #DigitalMarketsAct, which will mandate interoperable, end-to-end encrypted messaging. 60/
Opponents of this - who have a legitimate concern that this could weaken the security of messaging tools and put billions of people all over the world at risk - have said that end-to-end, interoperable messing is *impossible*:
doctorow.medium.com/end-to-end-enc… 61/
doctorow.medium.com/end-to-end-enc… 61/
Now, it's pretty clear that these technologists know about PGP. It's 30 years old, of course they know about it. 62/
When they say E2EE/interoperable messaging is impossible, they mean, "It's impossible to do in such a way that anyone will use it" because, to a first approximation, no one uses PGP, while billions of people use, say, Whatsapp. 63/
But I'm not convinced that PGP is so wonky just because it is trying to do something hard. PGP, remember, is 30 years old, and dramatically under-resourced. 64/
When @Snowden used PGP to contact journalists with his disclosures, the tool he used had a single, half-time volunteer maintainer:
businessinsider.com/the-worlds-ema… 65/
businessinsider.com/the-worlds-ema… 65/
As I wrote, "I think that the true lesson of OpenPGP is that end-to-end, interoperable encryption is absolutely possible, but it helps if you don’t have to design it to run on a Compaq 486 IBM PC clone running Windows 3.0... 66/
"...and if the maintenance of the project is managed by multiple engineers, not a single part-time semi-volunteer working for donations in his spare time." 67/
Which brings me back to public goods. White's idea for unique, PGP-signed digital artwork is fantastic, but without speculators, how do we produce the code that enables people to use it? 68/
Maybe we have to get rid of PGP and start over - 30 years' worth of technology debt may demand a bankruptcy - but starting over still requires investment. 69/
Image:
Txelu Balboa (modified)
commons.wikimedia.org/wiki/File:P2P_…
CC BY-SA Spanish 2.5:
creativecommons.org/licenses/by-sa… 70/
Txelu Balboa (modified)
commons.wikimedia.org/wiki/File:P2P_…
CC BY-SA Spanish 2.5:
creativecommons.org/licenses/by-sa… 70/
• • •
Missing some Tweet in this thread? You can try to
force a refresh
