The Venn Diagram of Decentralization
Ask five people for the definition of decentralization, and it’s very possible you get five different answers. People come to a concept with their own biases (myself and Graphite, as a whole, included). So, it makes sense that there is such a range of definitions and opinions on what decentralization should be and should mean. With that in mind, it’s important to define what decentralization means to Graphite.
As previously written, decentralization doesn’t mean you need to store everything on-chain. It doesn’t mean blockchain all the things. Decentralization solves real-world problems. It doesn’t just strive to acquiesce to what one group or another demands of it. As such, I want to define what problems Graphite believes decentralization should be solving. There are three of them:
Graphite sits alongside decentralization in the middle of the Venn diagram shown here. Let’s define what that means, item-by-item.
It would seem impossible to have decentralization implemented in such a way that it was not secure. The promise of blockchain technology is immutability. Tamper-proof data. But, we’ve long known that this was not totally true. There are blockchains that have been compromised. Data has been edited or deleted. Not all blockchains are created equal. So, it’s important to explore, first, the underlying blockchain being used.
The second part of the security equation is encryption. Blockchains do not mean encryption. It might seem that encryption is the default since blockchain ledgers utilize cryptographic algorithms and technology to stamp data to the ledger. However, that cryptography is generally based around verifiable identity. This is how we know the data we see in any blockchain ledger was provided by the person that says they provided it. Encryption of the data being stored is something else entirely. And this leads to Graphite’s position that much of this data should live off-chain.
Using any number of proven encryption libraries, data can be stored almost anywhere and live in a tamper-resistant environment. Government requests for data may be fulfilled without that data ever actually being exposed. Over-zealous engineers at cloud storage companies can peek into a storage bucket only to find that the file they were hoping to view is an unintelligible jumble of seeming garbage. But encryption alone is not enough to satisfy encryption alongside decentralization.
What you also need is data replication. Even if you store data on-chain, you have a single point of failure. If, somehow, someday, a blockchain is rendered unusable, the data stored there will be inaccessible. So, replication of encrypted data is the only way to establish true decentralization as it relates to removing single points of failure.
Blockchains are inherently NOT private. So, the whole idea of privacy being a default position of blockchain technology is a huge source of confusion. Some blockchains try to provide a layer of anonymity, but the very definition of publicly verifiable and immutable data is that the data is presented to the public to inspect, verify, and confirm.
So, how do we create decentralized applications that utilize blockchain technology while also providing privacy? The first step is making sure the authentication process for the decentralized application uses decentralized identifiers. These identifiers are owned by the user and not the company or the app. These identifiers should also be approved by the Decentralized Identity Foundation and should be working towards the W3C Decentralized Identity Spec.
What these identities do not require is personally identifying information. Whether it’s a Blockstack ID (which is what Graphite uses now) or a uPort ID, you are only required to provide as much personally identifiable information as you’re comfortable with. Want a fully anonymous ID? Create a decentralized identity made up of gibberish that doesn’t connect you to any of your other online accounts. Don’t participate in any social verification processes. Don’t broadcast to the world that you own that identity.
Since storage of data will, invariably, be linked to the identity with which you use to log in, having a private, decentralized identity will allow you to keep the information you are storing in decentralized applications secure. While someone might be able to sniff out that you are storing your data in an Amazon S3 bucket, they won’t know who owns that bucket, nor will they be able to gain access to that data.
Privacy is possible with blockchain, but it requires a combination of identity and storage practices that support said privacy.
This is where blockchain technology shines. When an application uses it properly, it is possible to create systems that are so censorship-resistant, they are close to being censorship-proof. But the key is proper use.
There are plenty of “decentralized” applications that use blockchain technology in a centralized way. Whether that is through a private blockchain or a governance model that allows for the outright blocking of usage, those types of applications fail the censorship-resistance test. The goal, and what Graphite provides, should be to ensure the following:
- The application is always accessible, even if living in a heavily internet-filtered region.
- Data is replicated so that in the event that a storage provider is blocked, the user’s data is still accessible.
- User identity is self-sovereign and potentially obfuscated enough that the user does not have to worry about a government or bad actor discovering their real identity and physically censoring them (this ties in very much with privacy).
This third point—censorship-resistance—is the one most often overlooked in the United States and the United Kingdom. When people discuss decentralization in these nations, they tend to think of it as a means of owning data and avoiding the likes of Facebook and Google. And that’s partially true. That is one of the promises of decentralization. But, perhaps, the greater promise is that of censorship-resistance. When creators can make art and share it with the world without fear of persecution, jail, or death; when journalists can write the truth without worrying about their newsroom being shuttered by a nation-state; when anyone, anywhere can freely connect, collaborate, and share; that is where decentralization delivers the most value.
Graphite, as a software company operating in the decentralized space, has the unique position of seeing a wide range of takes on decentralization (and often being involved in those takes). And while it is important to embrace decentralization in as many forms as it might take, it’s also important that everyone knows Graphite’s position on what decentralization means. And to us, it means sitting neatly in the middle of the Venn diagram of decentralization.
If you’d like to learn more about using Graphite for your organization, schedule a demo here.