Web 3.0, Part 2 : A beginner's guide : Decentralized Web, really?

Jan 10

Hi All,

I hope you all are doing well and welcome to Dozen Worthy Reads. A newsletter where I talk about the most interesting things about tech that I read the past couple of weeks or write about tech happenings. You can sign up here or just read on …

I’m super excited to be taking David Perrel’s Write of Passage class soon. I hope to become half as good a class act writer as he is. Time will tell. Writing like everything else as I’ve come to realize is great output primarily depends on how much you put into it and I’d really like to put more into it.

Let's get into today’s topic … I’m going to be writing the 2nd part of the Web 3.0 series (Part1 is here) in which I’ll explore decentralization and gatekeepers. This was prompted by multiple things over the past couple of weeks. The first was OpenSea banning PHAYC and Phunky Ape Yacht Club (or PAYC) collections both of which are NFT projects that basically just mirrored originals of their high priced “originals”, the Bored Ape Yacht Club avatars. Now that is a sentence I never thought I’d ever write but here we are.

The next thing was a brilliant article by Moxie Marlinspike who is, as of today, the ex CEO of Signal written over the weekend which explores the question of centralization v/s decentralization.

To level set – and to clear this in my own head – I’m only going to talk about the decentralization aspect of Web 3.0 (as compared to prior generations). There are a lot of other concepts which are connected but not the point of today’s article (Crypto, blockchains, Metaverse etc)

A long long time ago, when I wore a younger man’s clothes I “hosted” several Apache servers and also IIS servers (yes I had the absolute displeasure) and yes I can remember so many parameters for httpd.conf that I wish I could forget :)

Marlinspike’s point is primarily that no one wants to host servers and protocols take time to seed and become popular over time but once they do what happens? I mean why didn’t we all build our own version of “hotmail” and “yahoo” (though I have to say promail sounds cooler). No one cared because hotmail and yahoo were just simpler (Brownie points if you still have a hotmail account and little known fact Sabeer Bhatia and I went to the same high school. To be sure, I barely know him but I managed to get a photo with him at a recent school reunion in the Bay Area. Anyway, that's totally not the point ….)

Back to the point …Marlinspike writes:

Both gave me a feeling for how the space works. To be clear, there is nothing particularly “distributed” about the apps themselves: they’re just normal react websites. The “distributedness” refers to where the state and the logic/permissions for updating the state lives: on the blockchain instead of in a “centralized” database.

Now keeping that sentence in mind, a blockchain is really nothing but a distributed database. Distributed databases exist but they are centralized. The way it works is quite simple:

Web 1.0 : Databases were mostly read only since you were more likely to consume content rather than interact with content or “update” the database. A good example might be signing up for a mailing list. Content was static for most of the part so a simplified version of this would look like this. Web 1.0 also had writes back to the DB but it was less common and started becoming more common as time went by.

Web 2.0 : Web 2.0 was about centralization for two reasons. One was primarily that no one wanted to build their own SMTP/POP server and try to host their own mail server. The hotmail’s of the world worked for consumers and businesses .. Exchange for example. This is technically not accurate as some pieces of content did store on your localhost as well. However the centralization is based on demand. Centralization is nothing but aggregation theory at play. Take two examples

Email : I do not have to worry about where your email is hosted. The protocol is enough for me to get to you
Payments : I do have to worry, if I am on a network such as Paypal or Venmo since I am unable to pay you without being on the same loop (Closed loop payments) which is what Interledger is solving for)

Your favorite messaging app with all their growth apps and slick interface managed to make it simple for a non tech person to communicate with their family or friends

Now back to Web 3.0. If the premise here (and the general consensus is that because it's really early in the Web 3.0 cycle) is that the blockchain is a distributed database; the only way to interact with the blockchain is via a hosted peer (a server). Ignore the simplicity and the hacky Whimsical but this solves where the data is stored.

Now as Marinspike mentions, emphasis mine:

Blockchains are designed to be a network of peers, but not designed such that it’s really possible for your mobile device or your browser to be one of those peers.
With the shift to mobile, we now live firmly in a world of clients and servers – with the former completely unable to act as the latter – and those questions seem more important to me than ever. Meanwhile, ethereum actually refers to servers as “clients,” so there’s not even a word for an actual untrusted client/server interface that will have to exist somewhere, and no acknowledgement that if successful there will ultimately be billions (!) more clients than servers.
For example, whether it’s running on mobile or the web, a dApp like Autonomous Art or First Derivative needs to interact with the blockchain somehow – in order to modify or render state (the collectively produced work of art, the edit history for it, the NFT derivatives, etc). That’s not really possible to do from the client, though, since the blockchain can’t live on your mobile device (or in your desktop browser realistically). So the only alternative is to interact with the blockchain via a node that’s running remotely on a server somewhere.

There are two chains of thought here:

The first of course is .. so what does a blockchain/distributed peer DB (distributed DB’s of course can be non peer ie owned by a company) solve. The second is so what? Who cares?

For all practical purposes if everyone goes to OpenSea (demand and supply) to buy and sell NFT’s irrespective of the fact that it's a distributed ledger OpenSea is kinda the central access point for NFT’s and thus centralized. Why don’t you use Bing as a search engine? You are not blocked from using it. You just like the results from Google, the experience, the ease of use, the simplicity. You don’t really care if the DB is centralized or not. Of course with OpenSea if they screw up there is potential for a new competitor to come in and replace OpenSea and be the central gateway to buying an NFT. The fact of the matter is that a non tech person really does not give a sh*t how cool your technology is or whether its web1 or 2 or 3 or 4. They only care about their specific JTBD and the best way to accomplish that. Non tech users are quite happy being mollycoddled by a large platform. Yeah, sure we hate Facebook’s “violation” of our privacy right? Now ask most normal users if they care and they’ll probably say “yes” and then ask them why .. and … crickets. Point being Web3.0 just seems like Web1.0 with tokens and Web3.0 will morph into “Web 4.0” which will, to an end user, look like Web2.0. Services become centralized because users love them.

The interesting point with reference to the OpenSea ban was nothing to do with BAYC, PHAYC, or PAYC but more so that Web 3.0 promises to be decentralized and in theory it is. NFT’s themselves are theoretically supposed to live outside any platform but … marketplaces such as OpenSea have become huge bottlenecks by doing one thing well - simplifying the experience.

Back to Marlinspike’s article:

What I found most interesting, though, is that after OpenSea removed my NFT, it also no longer appeared in any crypto wallet on my device. This is web3, though, how is that possible?
A crypto wallet like MetaMask, Rainbow, etc is “non-custodial” (the keys are kept client side), but it has the same problem as my dApps above: a wallet has to run on a mobile device or in your browser. Meanwhile, ethereum and other blockchains have been designed with the idea that it’s a network of peers, but not designed such that it’s really possible for your mobile device or your browser to be one of those peers.
A wallet like MetaMask needs to do basic things like display your balance, your recent transactions, and your NFTs, as well as more complex things like constructing transactions, interacting with smart contracts, etc. In short, MetaMask needs to interact with the blockchain, but the blockchain has been built such that clients like MetaMask can’t interact with it. So like my dApp, MetaMask accomplishes this by making API calls to three companies that have consolidated in this space.
For instance, MetaMask displays your recent transactions by making an API call to etherscan:
GET https://api.etherscan.io/api?module=account&address=0x0208376c899fdaEbA530570c008C4323803AA9E8&offset=40&order=desc&action=txlist&tag=latest&page=1 HTTP/2.0
…displays your account balance by making an API call to Infura:
POST https://mainnet.infura.io/v3/d039103314584a379e33c21fbe89b6cb HTTP/2.0
{
    "id": 2628746552039525,
    "jsonrpc": "2.0",
    "method": "eth_getBalance",
    "params": [
        "0x0208376c899fdaEbA530570c008C4323803AA9E8",
        "latest"
    ]
}
…displays your NFTs by making an API call to OpenSea:
GET https://api.opensea.io/api/v1/assets?owner=0x0208376c899fdaEbA530570c008C4323803AA9E8&offset=0&limit=50 HTTP/2.0
Again, like with my dApp, these responses are not authenticated in some way. They’re not even signed so that you could later prove they were lying. It reuses the same connections, TLS session tickets, etc for all the accounts in your wallet, so if you’re managing multiple accounts in your wallet to maintain some identity separation, these companies know they’re linked.
MetaMask doesn’t actually do much, it’s just a view onto data provided by these centralized APIs. This isn’t a problem specific to MetaMask – what other option do they have? Rainbow, etc are set up in exactly the same way. (Interestingly, Rainbow has their own data for the social features they’re building into their wallet – social graph, showcases, etc – and have chosen to build all of that on top of Firebase instead of the blockchain.)
All this means that if your NFT is removed from OpenSea, it also disappears from your wallet. It doesn’t functionally matter that my NFT is indelibly on the blockchain somewhere, because the wallet (and increasingly everything else in the ecosystem) is just using the OpenSea API to display NFTs, which began returning 304 No Content for the query of NFTs owned by my address!

Ok so to break this down if you consider MetaMask kinda like a dApp (which as discussed above really has no direct access to the blockchain; ie the source of truth) so the App/dApp/Wallet has to use an API (created by a centralized entity) to access a decentralized blockchain (the database). Whoa. Now of course theoretically anyone can create a new etherscan, but if etherscan makes it easy there is no need, really

So Web3.0 technically is less decentralized than it appears to the average Web3.0’er. My thoughts went to Integrated v/s modularized immediately. The basic premise of integrated experiences is either technologies are not mature enough, or there are no other companies building what you need or a company wants to have control over the entire stack (Apple for example). The more I think about this, I don’t believe this is true. In fact this should be the exact opposite of what is happening because Web3.0 is meant to, by design, be composable v/s integrated.

There is yet another powerful feature of open-source: composability. Entrepreneurs and programmers won’t need to build applications from scratch. Instead, they can combine various pieces of open-source code to create custom software that matches their goals. Applications plug into each other like lego blocks. Because of their composability, Web 3 projects move forward dramatically fast.

Composability is a powerful concept not only in open-source but in all sorts of creative endeavours. Web 3 communities can write books, movie scripts, or create art collectively instead of working solo.

At the end of it, if Web3.0 is nascent and needs to meet its true purpose of no centralized control it sure isn’t starting off that way.

However, even if this is just the beginning (and it very well might be!), I’m not sure we should consider that any consolation. I think the opposite might be true; it seems like we should take notice that from the very beginning, these technologies immediately tended towards centralization through platforms in order for them to be realized, that this has ~zero negatively felt effect on the velocity of the ecosystem, and that most participants don’t even know or care it’s happening. This might suggest that decentralization itself is not actually of immediate practical or pressing importance to the majority of people downstream, that the only amount of decentralization people want is the minimum amount required for something to exist, and that if not very consciously accounted for, these forces will push us further from rather than closer to the ideal outcome as the days become less early.

Moxie finally argues that OpenSea would be a better experience if it were just a Web2.0

When you think about it, OpenSea would actually be much “better” in the immediate sense if all the web3 parts were gone. It would be faster, cheaper for everyone, and easier to use. For example, to accept a bid on my NFT, I would have had to pay over $80-$150+ just in ethereum transaction fees. That puts an artificial floor on all bids, since otherwise you’d lose money by accepting a bid for less than the gas fees. Payment fees by credit card, which typically feel extortionary, look cheap compared to that. OpenSea could even publish a simple transparency log if people wanted a public record of transactions, offers, bids, etc to verify their accounting.

Vitalik Buterin has provided a candid explanation (and somewhat agreeing) with Marlinspike’s arguments on a Reddit thread. For all practical purposes if you look back at Web 1.0 and Web 2.0 users wanted it and as excited as I am about Web 3.0 in general, as a user, I am not really clamoring for a blockchain based Facebook (Flockchain?). For all practical purposes I care less if Facebook wants to sell my data or worse still “cancel” me. If the argument is that in Web3.0 you can’t get “canceled” by a central entity .. well.. Opensea as an example above proves that wrong. What’s old is likely going to be new once again. Or as I like to say “New wine but an old bottle”

PS : There was a lot of coverage on Marlinspike’s article. Some links are below and worth reading in addition to Marlinspike’s article itself

Ed Zitron's Where's Your Ed At

Libertarianism For Me, But Not For Thee

Once upon a time, there was a monkey. Well, to be more specific, a picture of a monkey. Okay, okay, to be a little more specific, a token that was a digital certificate of ownership for a picture of a monkey. Anywho, said token - a non-fungible token…

Read more4 months ago · 33 likes · 5 comments · Ed Z

Noahpinion

Web3 had better not be Transaction Cost Hell

In recent months, there has been a lot of excitement around the idea of a new World Wide Web based on blockchains. It’s commonly referred to as “web3”, to be contrasted with “web1” (websites) and “web2” (social media platforms). The creators of Ethereum have been…

Read more4 months ago · 27 likes · 19 comments · Noah Smith

Margins by Ranjan Roy and Can Duruk

Who is Web3 Really Good for?

Hi! Can here. Long time, no see! I started a company. It’s called Felt and it is about maps. And yes, we are hiring! Scroll to the end to learn more…

Read more4 months ago · 15 likes · 1 comment · Can Duruk