I joined Phil from the CryptoGameTalk Discord server in late 2018 for a talk about crypto gaming, community building, and NFTs. In this part, we talk about safe practices and the lessons that developers can take from examples of both success and failure.
Phil’s humble demeanor is more consistent with his roots (Pennsylvania) than with his demographic (late 20s) or the scale of his earnings as a gamer (substantial). He was one of the earliest adopters in crypto gaming and he continues to be one of the most dedicated explorers of the space.
CryptoGameTalk is a server that hosts an ongoing, in-depth discussion of dapps. Its focus, as the name suggests, is crypto games, but the conversation reaches related topics including on chain gambling, dapp development, and the Ethereum toolchain. Since its inception in early January 2018, the server has grown to 6273 users.
You can follow our conversation across this three part series.
Continued from Part Two
Dan: What lessons can developers take away from the big successes and failures? We said good dapp developers should want to be open, want to be honest, want to communicate well, want to lift others up.
What are some lessons that new dapp developers can take away from the failures of CryptoCelebrities and what are some of the lessons that developers can take away from the successes of CryptoKitties?
Phil: I think it’s really important not to embody that shill-hype mentality. Whenever somebody comes to the server saying, “This is the next big thing, just you wait and see. This is gonna moon,” it’s a serious red flag.
Dan: So what does responsible promotion look like, then?
Phil: Responsible promotion would be more honest. Share honest details of the platform and what the team has been working on and what is in the future. I think it is fair, if it’s a product being built on something else, to say, “Alright, we believe that by doing things this way, we’re solving a problem in this other preexisting dapp and we believe that our product is better.” I think that’s fair and responsible promotion.
There’s a lot of referral programs out there. That’s fair game; people can refer users to get a free token. I think that should be the logic. If anyone is going to play the role of Mr. Hype Man, it shouldn’t be someone from the main team or one of the developers. Devs should be getting their users excited without forcing it down users’ throats.
Dan: I like that. 1) Know your roots. 2) Legitimate features will speak for themselves. 3) Share an honest road map and 4) get users excited enough to advocate on behalf of your dapp.
Phil: And be prepared for failure. Acknowledge the possibility. Overconfidence is not a good image. Everyone knows how badly these dapps can flop. And I think it’s important to able to talk with the community about the worst case scenario. You know, “What if this doesn’t work out?” What will the developer do to try and continue? Is that their intention? Obviously, if somebody is just in it for the short term gain they probably won’t admit it. But from my experience, the ones to worry about are the ones that won’t even face the possibility, that are heavily trying to say, “Yeah, this is long term, you know we’re going to be here.”
It really ends up being based on intuition. I see, all the time, people falsely convincing themselves that a given dapp is definitely destined for success. You can tell they don’t really believe it deep down, but they feel they just have to embody that spirit because they don’t want to admit there is a possibility of failure. I think it’s more admirable when a developer shows their more human side, instead of just pushing this moon-Lambo mission.
And if you do have a roadmap, show what it is. Show how you’re meeting it. Publicly compare it to your actual performance. If you’re behind schedule — and everyone is always behind schedule — admit it. It’s a tricky thing, even having a schedule in the first place.
I think people should have roadmaps but they shouldn’t be too eager to bind themselves to specific dates. That usually sets people up for a mess, because usually there are complicated things that come into play. Then people say, “Well, they’re not meeting deadlines.” And that can negatively impact an otherwise healthy project.
Hofstadter's law - Wikipedia
Hofstadter's law was a part of Douglas Hofstadter's 1979 book Gödel, Escher, Bach: An Eternal Golden Braid . The "law"…
Dan: Yeah. I forget the name of the rule. But there’s this rule that states, however long you estimate something to take, it will always take twice as long, even accounting for this rule. It’s nearly impossible to give an accurate estimate for something as fresh and complex as building a dapp. A flexible roadmap, I think, is a totally healthy thing.
You said for users, it’s a substantially intuitive thing to assess the legitimacy and trajectory of a Dapp. So I guess it makes sense to find a mentor who’s got more experience than you, which probably means going to a place like CryptoGameTalk. As a user, what else can I do to protect myself from potentially bad dapps?
You mentioned earlier that the hype man is a red flag — when the dev shows up and he says, “This is a moon mission, guaranteed money maker,” that’s a red flag. Anonymity is a red flag. What other red flags should users be on the lookout for?
Phil: Well, the easiest way to avoid the bad stuff is to just become part of the community. Get to know the people who have been involved with the space and have seen everything before. CryptoGameTalk is good for that. And I have a list of safe practices for avoiding the common scams. Having mentors — people who have been in it — helps.
Just watching how things usually play out, moving slow, and observing a few cycles before you dive in, those are all good ideas.
It’s very seldom a good idea to buy into something or send someone your Ether just because you feel like it’s a time sensitive thing. Be patient. It’s better to let an opportunity go by than to wipe out your capital acting impulsively on a dapp that turns out to be a scam. Oftentimes the reason that somebody is creating that sense of urgency is that they can benefit from your impulsivity. So you have to be on the lookout for that.
Users who are more familiar with the blockchain should invest time in researching the team, researching their claims. I’m in almost a hundred game servers. If I see something pop out of nowhere, or if I come across a new developer promoting new work, I’ll spend time searching through their posts to get a sense of who they are. I want to figure out if they’re acting under an alias. I search their post history, through the chats, and sleuth, basically. I’m really good at sleuthing. A lot of people in CryptoGameTalk are. I think the scam incidence has decreased a lot. Users have become more aware of the warning signs.
Unverified contracts are a big thing to us. Unless you’re completely convinced that the developers are legit, like a game studio, then you’ll want to see verified code. Look at them and see that they have an extensive history. In some of those situations, where a big name is involved, I think it’s OK to leave a contact unverified. But, in most situations, and especially for the gambling the type of games, it’s almost never acceptable to leave a contract unverified.
Right now, that’s where the majority of the scams are. Why would somebody try to hide their code in that situation? Why won’t they show it? It’s one thing for a big studio to guard proprietary code. That’s their prerogative, part of their moat. It’s part of what allows them to make a low risk entry into the space. But if it’s just someone completely out of nowhere or a completely new game, unverified code is definitely a red flag.
But even verified code can have subtle little tricks and exploits. Some malicious devs upload honeypot contracts to Etherscan and verify them. They look like legitimate games and someone thinks, “Hey, I can win this,” and the contracts end up with some Ether in them. But then, because of some nuance of the EVM, the developers can just pull the plug and abscond with the funds.
I wouldn’t consider myself that talented of an auditor. I can kind of read this stuff a little bit, but I usually rely on my community’s developers. There are so many people who are willing to at least take a quick look through a new contract and give us an idea of what red flags they see.
High developer fees are a strong warning signal. If a developer takes a huge cut on the action, at the very least, that shows they’re self serving. It could also mean that they’re in it for the short term gains, and they won’t stick around for long.
Another good strategy, if you’re interacting with contracts that are clones of known and reliable contracts, is to bring up the difference checker and see exactly what was changed. If it’s just certain variables, like percentages or whatnot, usually it’s fine. But if you see other major changes, that’s a place to investigate deeper.
Diff Checker is an online diff tool to compare text to find the difference between two text files
If you see a change like that, ask the developer a question about why they made the change. If they’re not willing to answer it honestly and publicly, think twice. A lot of times the shady developers will ban people from their servers for asking questions like,”Why didn’t you verify the code?” and, “What’s this functionality here in the code?” If the team has a militant presence, usually that’s that’s a bad sign. That’s not acceptable.
Dan: That’s such an eternal lesson. It’s so true of governments, too, you know? If they’re suppressing free speech, you have reason to be concerned. It’s funny how that principle holds up even at the scale of indie developers building a community around a dapp.
What tools are going to make this space better? What sort of things is your community calling out for right now?
Phil: Well, I think MetaMask can have a lot of improvements. I hear that from people who use it a lot. I think that being able to accurately track your performance on smart contracts is key.
Dan: Have you seen RollDiceClub?
Phil: I don’t think so.
Dan: It’s a site that shows the top earners and biggest losers on CryptoKitties. We also built a similar feature as part of Crypto Baseball Explorer.
Phil: That stuff is good. The sort of statistics you guys offered on KittyExplorer, that stuff is tremendously helpful.
Dan: Should offering those statistics be on the dapp developer? Who should be building that functionality? Is that the responsibility the interested community or should that come baked into the game?
Phil: Ideally, if the devs are capable of including in the game, it comes from the core team. It would definitely set them apart. But I noticed, a lot of times, it’s usually just community efforts.
Dan: OK, that’s another lesson for devs, then. A dapp can set itself apart from its peers by including that feature. It’s a way to make a better UI/UX. Anything else?
Phil: A lot of these UIs, I think, are very underwhelming. [laughs] CryptoKitties is good. OpenSea is good. A lot of the established dapps have improved a lot. A lot of the newer ones are pretty weak.
I understand it’s not an easy thing. And it can be expensive, if you’re paying someone, to get a good UI. But it’s a worthy investment, at the end the day, to make your dapp’s UI clean and nice looking. Good UI really sets a game apart. It sets a good tone for everything else that follows. If everything is clean and simple, users are more comfortable and the game is stickier. Good UI is undervalued by devs, who tend to get most excited about novel mechanics. Maybe it’s just that they don’t have the skills or that they don’t bother, they don’t think it’s worth it. I would hope to see better, smoother interfaces in the future.
Dan: Yeah I agree. I think it’s imperative. It’s got to happen, or else the crypto gaming space is going to remain fringey.
Alex said an interesting thing to me about 6 weeks ago, and it’s made me feel a little more comfortable. He said that it takes years to build a really good video game, so we shouldn’t expect triple A quality dapps right away. For example, my wife ordered me the new Red Dead Redemption for Christmas two years ago and I think I might finally get it for Christmas this year. But we just haven’t been developing dapps that long. This is still a really fresh space.
I think it’s incredible that CryptoKitties hit on such a good UI right out of the gate. That’s part of what made them so impressive. So while I think it’s fair to expect more, I feel more comfortable being patient while waiting for the really good UI to arrive and I trust that there are people building interesting dapps with excellent user experiences and UIs. But we’re just gonna have to wait a little bit longer for them. I’m excited to see what the next year holds for dapps, especially in terms of UI and UX improvements.
Phil: Yeah, definitely. I mean, it feels like a lot has happened, but it’s been less than a year since CryptoKitties launched. I think that there’s definitely a lot in store and as time goes by it will only get more interesting.
Dan: Absolutely. The fundamental thesis has not changed. The bear market has hurt NFTs and games less than the rest of the cryptocurrency space and I think it’s only going to get better from here. I’m glad to hear that you’re equally optimistic.
Phil: Yeah, I was pretty surprised about all the activity in dapps in the past year. There were such slow moments, but I was expecting it to be much slower. I didn’t expect all this stuff to be happening.
The worldwide nature of the space kind of acts as a hedge against collapse, I think. Fomo3D got really big in China. And the “daily return” contracts brought in a lot of Russian users. I feel like those are those are kind of dumb models, even though they did introduce some new users to the space. I just don’t like the odds those games offer. 333 ETH, for example. It’s unsustainable.
How do you feel about MetaMask putting phishing warnings on sites like 333 ETH? I don’t know if you’re familiar with it, but it was a big Russian dapp where you know you get 3 percent per day as long as the contract still has Ether in it, but MetaMask flagged it as potentially risky and blocked access to it. How do you feel about their decision? Does that set a bad precedent? Or is it good for them to protect people from code that people can lose a lot on?
Dan: It feels so weird to be on the opposite side of this! MetaMask is a utility. They should not be in the business of picking winners, declaring losers, or convicting criminals.
I guess it’s in their interest to protect the space and to protect people from blatantly abusive content. But that’s extremely troubling to me. More information is the solution, not gatekeeping. If it’s dangerous, tell us what it is. But to block access, that’s fucked up.
Phil: I think I’m on the same side of the spectrum as you are. I think Dapp Radar does a good job with it. Not necessarily to say what is what. I think that it’s a good way of handling potentially objectionable dapps. It has a ‘high risk’ category. That’s a good approach. They’re acknowledging that there’s risk involved, but at the same time, he’s not blocking it completely, as MetaMask did. I think that was definitely a questionable act by MetaMask. It set a weird precedent.
People started trying to submit their competitors to MetaMask as objectionable, asking MetaMask to blacklist them. It got a little weird for a bit. I agree with you that MetaMask should just be left as a tool. That’s all it is.
Dan: I like Etherscan’s approach, too. They assign a smiley face, a neutral face, or a frowny face, depending upon the reputation. That’s reasonable. That provides added information. That’s useful. I’m not sure how it’s calculated, but I like their approach. Concerning MetaMask’s behavior: whether it’s right or wrong, whether it’s good or bad, it’s certainly not consistent with the spirit of the space.
Phil: Did you notice that Etherscan has labels now, too? They have some labels for contracts like ‘gambling’, they have a ‘Ponzi’ label for those ‘percent a day’ contracts. They’re not using it on many contracts. It’s only on the bigger contracts. Obviously, they can’t look through every little thing.
In my experience, since day one, it’s been hard to effectively categorize things in the crypto gaming world. There’s often a lot of different systems at play. It’s hard to say you know what is what.
Dan: Everything’s a mongrel, a hybrid, or something novel. It’s a fool’s errand to try to put legacy labels on all of this new tech.
Alright, we’re out of time. Excellent talk. Thank you for your time. Thank you for leading your community and providing the services that you do. And shout out to your volunteer auditors. I look forward to speaking with you again.