Ola Sundvall

Tag: Decentralization

  • Web3 and all of my questions, #3

    Photo by Shubham Dhage on Unsplash

    There is obviously a dividing line between integrity and authenticity when we talk about creating value based on Web3 technology. I’ll see if I wind up my own tail in trying to elaborate on this (for me) quite unclear topic.

    Cryptocurrencies, distributed ledgers, DApps etc. built on a blockchain has this quite odd property – they leave the users information wide open for all who look into the database of the blockchain. This is by design and quite inevitable as I have understood it, and it was revealed for quite some years ago as a part of research written about in Wired (it’s a really well-written long read, highly recommended for those looking for an introduction to the crypto world).

    This reveals a conflict between wanting to claim authenticity and wanting to have integrity. I visited a webinar a couple weeks ago where a Swedish web3 community had invited to a session around web3 application for corporates. I realized there and then that one of the first questions a buyer representative on an enterprise is going to ask is “how does your product/technology comply with GDPR*?” And I also realized that if you don’t have a clear answer to give instantly on that question, the buyer’s not gonna buy (or even consider to further think about it. Said and done, I thought I should be the smart one in the virtual room and ask about the lecturer’s view on this. And yes, it became clear for me that this isn’t an obvious thing to solve. You can of course build protection mechanisms in your overarching logic, but it isn’t necessarily an easy task, since this mechanism need to follow your info through the blockchains journey through the nodes.

    Another question to think about in this context is then – is it even desirable? Do we really want to hide our personal data that we have uploaded in the blockchain? Isn’t this one of the purposes with the cryptographic technology – to prove that we really are the one we claim to be? And could it even be that we need to redefine what personal data is, when web3 use gain a wider traction, or is it even like personal data is personal data covered by GDPR* in one application and not in another? Is maybe GDPR* not be applicable in certain future use case scenarios? In some use cases it might be more important for me to prove my authenticity than having my integrity secured, or?

    This leads me to an analogy regarding surveillance and me being the one saying “I don’t care ‘cuz I have nothing to hide”. Could it be really, really bad in a long term to claim authenticity through blockchain-ish footprint from a surveillance perspective, if the surveillance structures start to use my wide-spread, wide-open authenticity information against me?

    A possible branch on this topic is to analyze fraudster scenarios and how to block them, a topic possibly being another factor the buyer of web3 development will ask questions around. Having preparations for this in a product development startup quickly becomes a hygiene factor in order to build trust towards the corporate user.

    *)GDPR here taken as an example of an extensive and very adopted regulatory framework, with the awareness of many other frameworks existing globally.

  • Web3 and all of my questions

    Photo by GuerrillaBuzz on Unsplash

    I tried to dive in to the web3 universe, as I for quite a long time have heard that web3 is the future, that it can change how we live and work and that it is important for everyone to learn more about this. Until now I have bought this wholeheartedly, but also been wondering a bit why this doesn’t seem to lift off. Here in this first pondering I try to sort a bunch of reflections and questions from the more technical point of view.

    I can’t refrain from comparing the web3 ideas with a concept that maybe became more rebellious than it deserved – but it was founded on an idea of true decentralization – namely the BitTorrent protocol. Some of you might think that I’m totally out in the wild, but I’m fully aware of that BitTorrent is a file transfer protocol, and that web3 is more of a way to verify transactions that represent different purposes and has the potential to serve an infinite number of applications, it’s only the imagination that sets limits for what you actually can use web3 for. My comparison is around the decentralization idea and the absence of a centralized ownership and with that the following of one-sided determination of terms (the one who takes the (financial) risks is also the one who owns the terms).

    When individuals started to share big files with the BitTorrent protocol, nodes were growing like fungi out of the internet soil – it grew rapidly to a pirate-ish life style where the most credited were the one who hoarded hard disks and seeded like crazy, and the famous site Pirate Bay acted like a hub for a big part of this traffic – though there were a lot of sites doing the same, some with more specialized themes regarding content. I’m targeting the nodes in this comparison, since they were truly decentralized and also anonymous, since it was the indexing site, acting as a central hub and search spot collecting torrent files and in this architecture being the lever for increased and continued sharing. Nowadays torrent sharing is still active, but maybe more in the open source community where operating systems and large program files can be distributed in a way that optimizes net load and utilization.

    A weakness in this model was that not so popular files could take ages to download due to too few seeders, maybe also with too poor upload speeds. This revealed a lack of robustness – what happens when too many nodes shut down for whatever reasons and the seeders numbers decline? The availability of the asset is suddenly jeopardized, and there is no one who grants availability – what to do then? In the pirating context it was law enforcers that chased down the model to decline in parallell with the development of streaming services, making the decentralized model more centralized and more web2-ish, but the reasoning about robustness could and should be applied on the web3 idea as well in order to reflect over success factor that need to be in place somehow.

    Decentralized infrastructure – how to reach a sufficient level of perseverance, so a sufficient level of trust can be reached? What criteria do a currency need to fulfill in order to be regarded as perseverant and trustworthy?
    Which fundamental criteria is possible to set aside if one tries to imagine an existence beyond our present economic model* that postulates eternal growth, with return on investment as norm for success?

    Blockchain technology on a node published on the internet isn’t as easy to set up for a private person as a BitTorrent seed, It requires a database and some code that can do the work blockchain nodes do (where verifying transaction data is core business). Therefore we shouldn’t expect everyone who has a computer on an internet connection to be an enthusiast in hosting Blockchain nodes. This instead leads to an emergence of startups, offering robust and reliable blockchain support as a service. And this in turn, leads me to turn the page to the next post, pondering on the economical and business model aspects of web3.

    *) I imagine our present economic model as having two pillars, where one is exchanging time and effort with currencies or money, the other is investing in ideas in order to make the value of the investment grow. More about this in a coming post