The Cyfrin Mission
In 2023, it's embarrassing to be in Crypto.
It's a painful statement to type, having personally spent roughly the last four years here, but it's true.
Knowing that most mainstream exposure is about traders, scams, and monumental collapses, how do you broach the fact that you work in Crypto to the general population without hesitating? The industry that was born as a protest against opaque corruption is now, in the eyes of many, the poster boy for opaque corruption.
We can squabble internally about which token-based governance mechanism works better for which use case, which DeFi yield strategies are sustainable and which aren't, which Oracle is the most censorship or attack resistant, or which language quirks produce the most gas-optimized bytecode. We can divide these things into sub-cultures of sub-cultures and organize them into buckets for eternity. Ultimately, most people on this earth sweep it all together, scoop it up, and dump it into one bucket: "Too Risky".
As Vitalik wrote, Legitimacy is the most important scarce resource. At its inception, Blockchain technology championed the fundamental idea of power to the people, using transparent systems that incentivize good behavior in a way that traditional systems could not. This was and to this day still is a Legitimate idea. But for more than a few reasons, the mainstream perspective is that Crypto does not live up to it.
Defining The Problem(s)
Why is that, and how do we fix it? To provide solutions, we must first define and analyze the problems. Here, there are several.
The Scammers
When new industries come into being, the opportunities to scam, grift, and hustle are ample. It's in our nature to hunt for the "next big thing", to take risks and jump at opportunities that might pay off. That will never change. Problems arise when people take advantage of that nature. This is not new, and society has established institutions and rules to curb the effects of bad actors.
To this point, the room in which scammers, grifters, and hustlers had to operate in Crypto is vast, the repercussions of which were felt by everyone in the industry last year (2022, the year of Terra/Luna and FTX, to name a few). Restricting that room takes time, effort, and countless hours of education, discussion, and agreement. Legislating is not a quick process, and when a new industry is born, the wheels of democracy turn (rightfully) slowly in response. We are just now starting to see these wheels turn and gain speed in many parts of the world, with the European Parliament discussing MiCA and the UK Government passing Stablecoin legislation into law. Gradually, I am confident that we will see good legislation and regulation restrict these bad actors' impact on the general public while fostering innovation.
The Nerds
The vast majority of what I would call "legitimate actors" in Crypto are extremely technically gifted and by far the most competent people I have ever worked with. Researchers, Engineers, and Security Auditors. All hard-wired to be nerd-sniped by obscure problems, leading down never-ending rabbit holes in search of enlightenment. I love it, to be honest, and I will always be in search of Nerdvana. But to this day, communicating the concepts we grapple with daily, in "normie" speak, is difficult.
Our industry needs non-technical pioneers, as well as technical ones, to widen our audience as much as possible and to be able to communicate the advantages that Crypto provides. Fortunately, non-technical learning resources have been very noticeably maturing, with Metamask Learn being a prime example, and more non-technical people are entering our space. This trend will continue, and we will be better for it.
The Cost
The initial use case of Crypto was to replace financial rails with decentralized infrastructure. Unless the cost to do so reaches parity with existing rails, decentralized infra will simply not be adopted. A disrupter in any industry, especially one as entrenched in society as banking, must be overwhelmingly better than the incumbent. In terms of cost of usage, we're not there yet.
There are giant leaps forward in this area, with scalability being a huge topic within the economies of Crypto with the widest usage. Ethereum's rollup-centric roadmap is at the forefront of the EF's research priorities, having pivoted away from the sharding-centric roadmap. Roll-ups are on everyone's lips these days.
The UX
Using an actual blockchain, and not just purchasing some IOU of a Crypto asset on a centralized exchange, is an activity that requires homework. Actual homework. You have to learn, understand, and practice. Self-custody is a razor-edged concept that scares most people. The idea that no claim facility can scrape back misplaced funds if something goes wrong is a huge hurdle we must overcome for mainstream adoption.
UX efforts are making strides at present. EIP-4337 and wallet UX improvements from projects outside Ethereum are pushing the envelope. We have a long way to go, but significant brainpower is directed at bridging the UX gap between Web2 and Web3.
The Hacks
If an incumbent bank gave you a percentage chance that all of your deposit disappeared at some point in the future, what number would you find acceptable? 1%? 2%? Frankly, 1% is rightly terrifying for most people. In 2022, of all the value locked in DeFi Smart Contracts, ~3-6% was drained by hacking ($3.1bn from DeFi Smart Contracts).
Forget the benefits that Smart Contracts offer. If they are to replace any incumbent processes, that risk must come down. As long as hack numbers look like this, the risk/reward simply isn't there. We change nothing.
This is still a burgeoning industry that rapidly experiments with new paradigms. We should expect some risk, but we must also be realistic regarding adoption. There's no way that 6% is a reasonable risk for most people.
To Cyfrin, this is the area that requires our attention.
Prioritizing for Legitimacy
As The Nerds are joined by lawyers, legislators, and lobbyists, The Scammers will find it progressively more challenging to operate in the Crypto sphere. Outcome:
legitimacy++;
As Scalability improves and The Cost of using our infrastructure comes down, we can start to compare ourselves to high-bandwidth services that permeate everyday life. Outcome:
legitimacy++;
As we develop The UX so that interacting with our infra is as easy as logging into Facebook or unlocking your smartphone, users won't have scary homework to do to use it. Outcome:
legitimacy++;
Advancements in these areas are paramount, and spending brainpower on them is vital to the progress of our industry. However, Legitimacy is hard to gain and easy to lose. We can advance all these areas to the point where they are marked above and beyond incumbent infrastructure, but it counts for nothing unless we lock security down and reduce The Hacks.
The outcome of a 6% hack rate is not this:
legitimacy--;
It's this:
legitimacy = 0; // downbad
Leveling Up
Cyfrin was founded to level up Web3 Security by any means necessary. We are dedicated to improving Web3 Security because of how vital it is to the Legitimacy of our industry. We believe in Crypto.
Unlike The Scammers, The Cost, and The UX, Security is not sexy to talk about, even to most of The Nerds. It's hard, time-consuming, it's not foolproof, and there's no silver bullet. But it is required.
Without better security, the rest is for nothing. Without it, legitimacy=0;.
To learn more about smart contract security and smart contract audits, visit Cyfrin.io.
