Understanding Web3
There was a dream that was Rome. You could only whisper it. Anything more than a whisper and it would vanish, it was so fragile.
Marcus Aurelius, ‘The Gladiator’.
There are hundreds of definitions of Web3 — each different from the rest. The common vision is a “better Internet”. But to succeed, we need a proper understanding of the problems with the current Internet.
The Root of Internet Evil
All discussions of Web3 can be traced back to 2 key problems:
- Privacy
- Censorship
This may come as a surprise to you. It did for me. I thought Web3 was all about blockchains and decentralization. But it turns out those are just technologies, rather than the problems the technology is supposed to solve.
And to address these real human problems, we need to address the underlying power structures. Web3 is about control: who controls our data, our accounts, our technology? It’s about wrestling that control from big tech companies, who have abused their power for the last decade. Web3 is a “reformation, not a revolution.” [1]
Digital Currency
Digital currency (such as Bitcoin) is a fundamental building block for Web3. You’ll notice that it squarely addresses the key problems of privacy & censorship. With traditional finance, the banks & credit card companies see all of your transactions. And they maintain control over the money, which is a problem for censorship. Remember when the credit card companies blocked Wikileaks? The organization had to switch to cryptocurrencies to get around them.
Decentralized Identity
In the early days of the Internet, each website had a different login. This was difficult for users, who often regressed to using the same password for every site. Eventually technologies like OAuth were born, and now we login to nearly every site using Facebook or Google. It may be easier, but it comes with a cost: loss of privacy & decreased censorship resistance.
If Facebook is the service I use to login to web service XYZ, then that means Facebook technically holds the key to access my XYZ account. Which means nothing prevents them from accessing my account, and scanning my information. I’m not saying they’ve been caught doing this yet. I’m just saying they could, and perhaps would, if the financial incentives were there.
But the bigger problem is censorship. If I rely on Facebook to access a dozen other web services, then I’m going to be really terrified if Facebook threatens to delete my account for “thought crimes”. Because I lose a lot more than just my Facebook account.
That’s where Decentralized Identity comes in. The idea is to build identity as a separate technology. So we’re no longer dependent on big tech companies, but rather on a decentralized protocol. Our online identity will be tied to cryptographic keys, which we control, and which are verifiable via a public blockchain. We may still bind our Facebook ID to this decentralized identity. But Web3 services will be tied to our decentralized ID, not Facebook. Which means we’re moving toward censorship resistance.
Decentralized Finance
The Web3 movement really got moving with Bitcoin & Ethereum. So it makes sense that many of the first applications in this space are related to finance. But don’t mistake Web3 as simply a finance-related revolution. The scope is much broader than that.
Blockchain & Decentralization: Means vs Ends
Early Web3 technologies shared similar underlying tech: decentralized blockchains. And this has lead many people to believe that Web3 is all about blockchain. Or all about decentralization. “Decentralize everything !!1!” has become a meme. But the real problems have remained the same: Privacy & Censorship.
It’s clear that blockchain will play a pivotal role. And it’s clear that decentralization is one strategy to fight against censorship. But as the community has matured, sensible conversations have begun to deconstruct the role of decentralization. We now understand it as a means to an end — not the end itself. The true goal remains censorship resistance.
However, this has been a difficult truth to admit for many in the community. Possibly because many companies got started by touting phrases like “blockchain for X” & “decentralized version of Y”. And there’s a lot of money chasing these early visions, thus there’s a lot of pushback in the form of noise and rhetoric. But the human problems of privacy and censorship will ultimately take center stage.
Personal Data Ownership
One of the bigger ideas for Web3 is personal data ownership. The idea stems from the fact that big tech companies currently own your data. And with that ownership, they’re free to do whatever they want. Naturally, this gives them all the power. And they protect that power by creating “walled gardens” — ecosystems surrounding your data which enshrine their power.
The opposite approach is a system in which you own your data. Imagine if you owned all your tweets. And you had to explicitly give Twitter access to that info. Not only that, but if you wished, you could revoke their access and move to a Twitter alternative. All of your tweets would migrate with you, because you own your data.
Now imagine the same thing for Facebook…
We witnessed a similar problem with cell phone companies several years ago. The phone companies wouldn’t allow you to leave, and take your number with you. The daunting task of changing your phone number in hundreds of different places was enough to prevent many from switching phone providers. That was, until government stepped in, and put an end to this practice. Which restored users’ ability to choose their phone provider, and increased competition in the marketplace.
Once you own your data, the technology landscape changes dramatically! First, app competition is restored. Since the walled gardens have been taken down, new competitors are no longer barred from entering. Second, new symbiotic relationships emerge. Data from app X can now be consumed by apps Y & Z. Let me explain.
Email is an example of an open protocol, more inline with Web3 philosophy. This allows other services to integrate with it in unique ways. For example, TripIt can scan your inbox for travel related emails (hotels, flights, etc), and automatically add that information to your trips.
Now imagine the same concept, but on a MUCH bigger scale. Your Tweets, your social media posts, your calendar, your notes, your conversations, your cloud filesystem — all owned by you, and under your control. So you can decide which applications can access your data. For example:
- You give a new reminder application access to your calendar. It integrates with the audio system in your house.
- You give a blogging platform access to a folder in your cloud storage. Any markdown file you add automatically gets posted.
The Layer Fallacy
Many within the Web3 community have fallen prey to the layer fallacy. When the web first got started, it was built using layers. The web was layered on top of HTTP, which was atop TCP, which was atop IP… The layer fallacy assumes Web3 MUST follow the same layering solution. And this leads people to believe that everything in Web3 will be layered on top of blockchain. Because reasons. But this isn’t true.
If we follow the thread of “personal data ownership”, we see that users are going to be storing all kinds of data in the Web3 cloud. But my notes and calendar information doesn’t need to be encoded in a blockchain. It just needs to be under my control. I control who can access that information — which apps, which users, and what their permissions are (read-only vs read-write).
Again, the focus here is on privacy & censorship. Blockchain & decentralization are just tools we have at our disposal to achieve our primary goals. But they’re not our only tools.
The Importance of the App Ecosystem
Those investing money in Web3 have largely remained focused on blockchain & Ethereum. It’s predictable because it’s the safe bet. But here’s another safe bet: Web3 won’t truly take off until developers have a decent toolset to build upon.
This is easy to agree with. The original iPhone was cool because you had the “real web” in your pocket. But the App Store is what made smartphone’s go from cool to indispensable. Now we have Uber in our pocket. And Spotify, Audible, Runkeeper, and thousands of other apps we can’t live without. So it’s easy to see how an App Ecosystem surrounding Web3 will be a catalyst for success.
Ethereum has done a good job here. But the kinds of apps that can be built on Ethereum are limited. And I’m not talking about current limitations — I’m assuming Ethereum v2 with infinite scalability. Think about the plethora of apps that are on your phone right now. Web3 promises us a reformation — users taking back control from big tech. And that includes migrating many of our existing apps to Web3. But these apps use a TON of cloud storage. And they require push notifications to operate correctly. And they also run on multiple devices — sync is a requirement, not an afterthought. (And cloud storage, by itself, is far from sync.) And let’s not forget about collaboration. I need to be able to share my Todo list with my spouse, and my notes with my colleagues.
The missing ingredient: end-to-end encryption
Personal data ownership requires a cloud server. Hardware manufacturers would love to believe in a future where every household buys their own server. But this is wasteful. Not only does it require every household to spend a bunch of money on a server, but it takes up a lot of unnecessary electricity. A single server could support thousands of users — far more than a single household. Cloud servers are simply more cost efficient. Plus users don’t want to worry about running their own servers. What a headache this would be for the average non-techie!
But if some random tech company is running a server for me, what about my privacy? Web3 promised me a privacy reformation. If I replace Google with Foogle, what’s going to stop Foogle from reading my data, and selling it to advertisers? And that’s where the missing ingredient comes in. With end-to-end encryption, I can confidently store my data in a cloud server, and know that I control the keys required to decrypt my content. The cloud server can’t read it, Foogle can’t read it, and even hackers can’t read it. The server knows the bare minimum amount of information required — such as where to send push notifications.
And this is what ZeroDark.cloud achieves. It’s a zero-trust cloud service & open-source library for developers. It provides essential building blocks for Web3: end-to-end encryption, zero-trust cloud storage, sync, collaboration, messaging & push notifications. All implemented in a way that preserves user privacy, and gives developers the required tools to achieve their basic needs.
The hardest pill to swallow
The goals of Web3 are going to require a tremendous amount of work from developers. But even if all this work is accomplished, it doesn’t guarantee market success. The biggest challenge will come from the business side. Web2.0 provided users with free services. And free is now the expected cost. Which leads to a dilemma. Software business have typically relied on only 3 business models:
- one-time payment
- monthly subscription
- advertising model (i.e. free for users, customers are actually the advertisers)
But the one-time payment model often doesn’t make sense for cloud-based software that requires ongoing costs. And advertising is going to be a hard sell. Advertisers have grown accustomed to precise targeted marketing, thanks to massive privacy invasions from Google & Facebook. Web3 requires respecting user privacy, which moves the needle from precise targeted marketing back towards blanket marketing.
This leaves only the subscription route. But this too is problematic. Customers don’t like monthly subscriptions — they tolerate them. But this tolerance has an upper-bound. If Web3 businesses try to replace free services with monthly subscriptions en mass, they’re going to fail. Hard.
And that’s why I believe Web3 will also require a transition to a new software business model: pay-as-you-go. With technologies such as serverless computing, we now have the tools to track costs on a per-user basis. I’m not talking about an average per-user cost. I’m talking about knowing exactly how much user Alice costs the business, in terms of backend costs (CPU, bandwidth, storage, etc). And with this information, we can devise a pay-as-you-go scheme, that aligns Alice’s cost with her actual usage, and ensures the business is still making a profit from her.
I gave a presentation on pay-as-you-go at AltConf, a software conference in Silicon Valley, this past summer. You can watch it here.
