Are Doughnuts Better than Cookies?

Nicole Upchurch
Jun 3, 2020 · 6 min read

Despite appearances, this won’t be an epic debate between which of these popular treats reigns supreme. But if you find the online architecture of tomorrow interesting, there are plenty of valuable insights ahead.

Since the inception of the world wide web, the internet has gone through distinct phases of development. These phases have come to represent our past and present interactions with the online world. However, this trajectory remains at odds with the founding principles of online infrastructure. Prominent early-web architects like Tim Berners-Lee remain vocal in their opposition to the current centralisation of web platforms.

However, today’s decentralised technologies offer an alternative to the dominant client-server platforms we have come to rely on. For many, Web 3.0 or the decentralised web presents an opportunity to rectify the issues resulting from decades of rampant, often unauthorised data collection.

Source: Deloitte

However cookies, one of many tools used to obtain user data, have been subject to greater scrutiny in the wake of a ‘user privacy’ push back. Recurring data breaches continue to exacerbate online privacy concerns, and momentum is building. For those visiting EU-based web pages, the recently enacted GDPR protocol now requires the use of cookie notification banners. However, while some data collection mechanisms remain distinctly intrusive, cookies also serve to optimise the online experience by storing credentials for future reference.

So, how do we find a balance between privacy and efficiency? Fortunately, the advent of decentralised technologies and resulting integrations present a path forward. However, to adequately highlight these advancements, an understanding of early authorisation credentials is key.

What are Cookies?

In short, cookies are messages passed from a web server to a web browser when visiting a site. Browsers store each of these messages in a small file known as a “cookie.txt.” Whenever internet users visit a website, browsers send cookies back to the server for future reference. Cookie files typically include information about each web page visit along with any user data offered up on the page.

Source: Reddit

Cookies are most commonly used to track website activity — think of it as a digital identification card. Upon each visit to a particular website, browsers cross-reference prior visits, seeking authorisation to display personalised information. While this authorisation method has been in use for decades, more recent iterations offer greater control over permissions.

Macaroons: Layered Cookies

Macaroons, or “layered cookies,” build on the authorisation methods of regular cookies by embedding caveats that attenuate and contextually dictate when, where, by who, and for what purpose a target service should authorize requests. The introduction of these contextual caveats facilitates distributed authorisation.

Source: The Mobility House

In the example above, a user wishes to limit macaroon access to a select username within a set period of time. To achieve this, two layers of first-party caveats are set before it’s sent to another party. By adding these caveats, the macaroon is attenuated, or the user attenuates the macaroons rights. As such, the macaroon is only able to access associated services with a specific username within a set timeframe.

While this functionality is an improvement over early web cookies, Web 3.0 development has begun to generate fully decentralised authorisation technologies capable of achieving further autonomy.

Doughnuts: Decentralised Cookies

Aiming to build a solution that accelerates this transformative process, Centrality has introduced a proprietary, decentralised cookie known as “Doughnut.” But why call it a doughnut? In short, the name reflects the concept of decentralization; there’s no centre in a Doughnut nor central authority in a decentralised network. By giving users control of their data, these Doughnuts expand on the distributed nature of macaroons but more closely emulate the functions of cookies.

But for the sake of comparison, we can look to JSON Web Tokens (JWTs) to better understand how doughnuts work in the decentralised realm.

JSON Web Tokens (JWTs)

Source: Toptotal

However, while Doughnuts are optimised for the decentralised realm, JWTs remain a product of centralised ecosystems. But how are they the same? When a user successfully logs into a centralised platform using their credentials, a JWAT is generated. Mirroring this dynamic, user-generated Doughnuts provide user access to platforms. While these comparisons highlight an apparent inverse relationship, Doughnuts also expand on the functionality of JWT solutions.

Why Doughnuts Are Better than Cookies (and Macaroons)

Decentralised Permissions

In summary, by operating over blockchain architecture, Doughnut permissions remain immutable, configurable, and agile. And because permissions are rich with data in comparison to static cookies, including parameters for time and value, more information is accessible for future reference further enhancing the online experience.

Moving Off-Chain

In response to these obstacles, Doughnuts were built to function in an off-chain environment. As a result, significant savings are a natural result in the absence of gas fees and other transaction costs. Further, because transactions can occur off-chain and even offline, network congestion is one less variable to consider.

Source: Crypto Encyclopedia

By storing data off-chain, while maintaining the inherent security of decentralised infrastructure, Doughnuts present an undeniable value proposition. And because Doughnut architecture supports the use of cross-chain contracts and the creation of permissioned networks inside a public blockchain, functionality can be leveraged further. In combination, this superior flexibility and functionality are poised to change the game.

Everyone Likes Doughnuts

So, are doughnuts really better than cookies? We’ll let you be the judge.


Creating a world UNcorporated

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store