Web3, Moxie, Signal, Telegram, and why Decentralization Matters

A couple days ago, Moxie Marlinspike wrote an article about his first impressions with Web3. In it, he advances several valid criticisms of the Ethereum ecosystem, but overall throws the decentralization baby out with the bathwater. Although Moxie is self-admittedly new to Web3, this is one of most substantive critiques of the current Web3 commercial space. And being one of the few pioneers of encryption who is openly outspoken against decentralization, it’s important to engage with his argument and see what we all can learn from the discussion. To quote Moxie from 2020:

“I’m not entirely optimistic about the future of decentralized systems, but I’d also love to be proven wrong”.

Well, let’s attempt to do just do that! First, we’ll discuss why decentralized services are sorely needed – both by individuals and society at large – and then we will engage with Moxie’s arguments against Web3 in particular (as implemented by the Ethereum ecosystem).

What’s Wrong with Centralized Services?

For starters, there are a ton of community applications you wouldn’t even be able to even implement with centralized services, because of the deficiencies in their trust model. As just one example of many, consider running elections (see our article in CoinDesk for what is involved in that). Today, collective decision-making by a community is done rarely, and resorts to electing representatives every few years whose job it is to make the decisions for society. Today, we still think of elections as something that has to be done with pen and paper, and mutually distrusting parties checking each other’s work (aka byzantine consensus by hand). It’s like when we used to have human computers mechanical devices and telephone switchboard operators, until digital computers changed the paradigm and allowed a whole host of new applications to be created. Web3 and smart contracts can lead to new applications, of which DAOs and NFTs are just the early implementations.

But there are deeper problems with centralization itself, that need to be solved for people and society as a whole to progress through better technology, the way it did by moving from analog devices to digital computers. Let’s see what they are:

Centralization: Single Points of Failure

Moxie Marlinspike founded Signal, a centralized messaging service whose technology wound up in WhatsApp, which eventually got acqui-hired by Facebook for $19 billion. Gradually, Facebook proceeded to exert more and more control over the service, and the founders left. Facebook continued to encroach on users’ privacy in order to help monetize and control the platform, and triggered a sizable user exodus in early 2021 when they unilaterally changed the terms.

Now let’s give credit where credit is due: Moxie is an anarchist who has built end-to-end encrypted systems since 2010, founded WhisperSystems a decade ago, and launched a very successful centralized messenger service called Signal. Here he is on TechCrunch Disrupt, talking about it:

Guess what… there’s another entrepreneur from Russia, who is an even more hardcore anarchist, founded the Russian Facebook years ago, refused to hand over user data to the Russian government – and was forced to sell all his shares in a fire sale to Russia’s Mail.ru conglomerate, while fleeing the country to France (he is now in Dubai).

While Moxie started Signal, Pavel Durov started Telegram, which has grown to be used the world over. Both are centralized messaging services championing user sovereignty and end-to-end encryption, run by billionaires who had (voluntarily or not) lost control of their previous centralized services (WhatsApp and VKontakte, respectively). Both new centralized services have already had their developers (and founders) been approached by intelligence services, and their technology confiscated and scrutinized at airports etc. If these guys are our last line of defense against blackmail against government spies installing backdoors, or targeted advertising arrangements from economic partners, then perhaps we need a better system.

Pavel routinely criticizes WhatsApp, and even the government-sponsored encryption it uses, with Telegram preferring to hire its own Ph. Ds and roll its own encryption that, to date, has never been broken according to Telegram’s own website.

But we can’t just go off what Telegram, WhatsApp and Signal claim on their own sites and twitter accounts about their own products. Even if what they say is true at one point, it takes a single person in their organization to ship a backdoor in an update, that immediately ends that whole guarantee.

Centralization: Lack of Control

Privacy, as important as it is, is only one aspect of a greater issue with centralized services: the lack of control users have. Today, we all live in a Feudal Society, with a few large landlords (Google, Microsoft, Facebook, et al) who do not give you their back-end software. You just have to trust them to have your best interests at heart when they host your files, and manage your data and implement your privacy settings. Just recently, Google banned distribution of “misleading content”. Individuals and organizations around the world trust them with their very online identity and brand every time they choose to “log in with Facebook/Google/etc.”. If you don’t like it, don’t use it, right? But what about that open source alternative?

When all you have is a choice between one landlord or another, you shake your fist at WhatsApp and yell “I’m leaving to Telegram or Signal!” Let’s see why that is, and why under a capitalist market system with unlimited private ownership (of networks as they grow), and profit motives (by shareholders), the end result is inevitable. And we’ll then see how Web3 is different.

Web 1.0 Disrupts Human Institutions

Web 1.0 quickly disrupted the centralized online services of the day (America Online, CompuServe, Prodigy, Microsoft Network), as well as newspapers, magazines, cable channels, TV networks, and other gatekeepers that were necessary for getting the word out. It allowed anyone to deploy some code on a web server, and serve anyone in the world through an open decentralized protocol called HTTP. Voice Over IP (or VOIP) quickly brought down the cost of telecommunications, disrupting the capitalist telecommunications industry – a feat that the government was unable to achieve in decades with its tools (antitrust, regulations, etc.) In both cases, open protocols and technology replaced institutions that historically used human gatekeepers (editors, switchboard operators). The new technology would route packets around costs, outages and other obstacles.

Web 2.0: Public Forums on Privately Owned Platforms

The centralized Web 2.0 companies were built with money from Venture Capitalists, who propped up money-losing unit economics for years (to “remove friction”) before selling the shares to the public via an IPO. Then, the companies are perpetually beholden to Wall Street bigwigs to make sure they keep their backend code, AI training data, patents, etc. closed so they can extract enough rents and profit from their users’ content and customers’ money, to satisfy the “quarterly earnings” that the capitalist machine requires. Moreover, since Zuck built it, he owns it, and investors couldn’t vote him out even if they wanted to. So there isn’t much of a democratic mechanism there, either.

If Facebook is going Meta, that’s where we’re all going, kicking and screaming. They’re building a brave new world, moving fast and breaking things. “Calm Down, Breathe, We Hear You” said Zuck when he rolled out his first unilateral decision, which has since shaped the world in many ways. Before that, a younger Zuck may have correctly assessed how stupid it is to hand over your data and passwords to his services. But Facebook’s first big funder was Peter Thiel, who openly wrote

competition is for losers, if you want to create and capture lasting value, build a monopoly

Thiel and Clarion Capital was just taking Moxie’s arguments in favor of centralization to their logical conclusion, plus an extra helping of profit motive with no limit (at the expense of users and society). Many VCs still have that same mindset (but not all). Moxie celebrates platforms “moving fast”, but what about “breaking things”?

Web 3.0: Derailed by the Profit Motive

Web 3.0 was supposed to smash a lot of the “landlord-tenant” relationships of Web 2.0, replacing centralized databases with decentralized ones, and secret back-end code with open code that all nodes can verify. The premise of Web3, indeed, is very powerful:

“Web 3.0 allows us, for the first time in human history, to simply trust code to do what it says.” - Greg Magarshak

This is the main feature of Web 3.0, regardless of the underlying technology (blockchain, hashgraph, IOTA DAGs, etc.) Trust in institutions, promises and audits is replaced with trust in computer programs. This can gradually bring about a revolution as significant as when people moved from analog devices to general-purpose digital computers. But the space stagnated as projects got stuck on “blockchain” technology. As a result, we are still in many ways in the equivalent of the “mainframe computers” era with punch cards and renting time slices.

Going by the title of Satoshi’s whitepaper, Bitcoin was originally supposed to be a “Peer to Peer Cash System”. Even the staunchest bitcoin maximalists have to admit that, 10 years later, it failed at becoming the kind of mainstream medium of exchange that a “cash system” would suggest. Following a similar trajectory, Ethereum became a “world computer”, an extremely expensive way to run transactions. We’ve written a lot on this forum about Ethereum’s lack of scalability and what it means for the whole space.

The problems are rooted in the underlying “blockchain” technology (which we will eventually help solve with Intercloud technology). Whether it’s secured by proof of stake, or proof of work, all transactions in the world have to go through a bottleneck (miners, or their delegates) before going into a block (which has limited space). Making that block bigger by a constant factor doesn’t solve the main problem: the entire network is bottlenecked. No one asks how many websites the Web can support per second, or how many emails the Email protocols can support per second, because the more computers join, the more the network can handle. There is no topology like this:

The other problem is, of course, that everyone stores everything. Even if they don’t run an “archive node” to store historical state, an Ethereum “full node” takes so many resources to store data and sync it, that people outsource it to others.

Moxie’s Arguments

Now, on to Moxie’s actual arguments. Here are the main points:

1. People don’t like to run servers, they pay others to run them

The sentiment behind what Moxie says is mostly true, however, as we can easily see with Web hosting companies and their “one-click install” of Wordpress, Drupal, etc. However, that doesn’t mean you can’t have open source software and a free market of hosting companies. That’s the difference between Medium.com and Wordpress, between Google Maps and OpenStreetMap, and so forth.

The problem is that Web 3.0 is built around these “monolithic blockchains” that have an ever-growing snowball of data that needs to be synced. Due to the bottlenecks of “blockchain”, it is totally not like hosting a website.

Moxie is right that, when it’s so expensive to interface with “the blockchain”, only a few large providers will run it, and trust once again will follow a power law, with centralized services Infura, Etherscan and OpenSea approaching the status of trusted centralized Web 2.0 with APIs that everyone relies on, instead of the blockchain itself. If they want to ban something, many of the wallets stop showing it too. Not so “decentralized”.

2. The returned blockchain data isn’t even signed

This is the most egregious problem Moxie pointed out, and we’ve seen it ourselves. In the current Web3 world, the blockchain is the single “source of truth” for all these pieces of data. While it’s true that the blockchain is constantly forking into multiple chains, and in the short term it may not be clear which chain is a winner, it’s still possible for Infura or Etherscan to provide proof that enough proof of work or stake has been heaped on it.

This problem can, in theory, be easily solved by having market participants introduce these proofs as a feature, and clients would move to using only those gateways which provided these proofs. Why the clients haven’t demanded it en masse, and why Moxie has to point out the obvious, however, remains a mystery.

3. People will never want to run servers

First off, many protocols (like BitTorrent, Beaker Browser, and SAFE do let people easily run servers on their desktop computer, but certainly this is harder to do on mobile devices, where a program can’t be listening for requests all the time.

On the other hand, why do people need to run servers in order to participate in or secure a decentralized network? A client can simply connect once in a while and do its part: pick up some mail, validate some transactions, and so forth. Servers are simply programs that are listening 24/7 for requests. One can argue that, in a truly anonymous, unlinkable, decentralized system, you don’t want to expose yourself to the world via such availability. (For example, servers behind the Tor network can be readily doxxed and or undergo denial of service attacks.)

In fact, entire networks can be run via clients doing most of the work, leaving an open market of servers to be operated as dumb hubs following a protocol, such as WebSub or secure scuttlebutt. Arguably, this is how Voice Over IP turned the telecom industry into “dumb hubs” routing packets, rather than tying up phone lines the way blockchains currently tie up blocks.

4. Centralized Services Move Faster than Protocols

Protocols are way more resilient and open. People can implement a web extension or app and have it speak to others. We don’t have to trust Signal to merely say they won’t store your contacts’ data. While it’s commendable that Signal turned to Intel and its SGX extensions, it still means the whole scheme is based on a few trusted companies.

Users in Control

By contrast, control and privacy can be enforced by users having their own keys on their own wallets, interfacing with autonomous networks that are run by many distrusting participants. Sharing access with others would boil down to sharing encryption keys. Signing transactions would be up to the user, or the user agent software they installed on their own computer – not something they were forced to install unilaterally by WhatsApp, Telegram or Signal.

Ethereum wallets like MetaMask and TrustWallet have finally made it mainstream that you can sign actions using your own keys, such as directly requesting to log into a site without asking Facebook or Google to do it for you. The keys are kept inside an app like TrustWallet, or browser extension like MetaMask. Using your mobile phone to scan a QR code on a computer (e.g. through WalletConnect) is a great feature that lessens the control one particular browser or OS maker has over, say, an election in a country.

There is still a problem with Ethereum wallets’ approach to storing keys: they let you export the actual private key and import it on another device. This has led to a cottage industry of scammers asking people for their secret passphrase, and even sites like this one which offer to generate a vanity address for you (who knows if they store your private key!) Instead, the proper convention would be for wallets (user-agents) to never implement key export, so each key never leaves a device. People would simply have keychains where they grant or revoke access from some keys to their accounts, which are stored in the cloud. But this would be better implemented with BLS signatures that require no trusted dealer, something newer than the ECDSA that Bitcoin and Ethereum uses.

KeyBase was on the right track with their innovations, but sadly, they were acqui-hired by Zoom. Once again, imagine if we had an open protocol, instead…

It seems that companies like Intercoin, SAFE and Holochain are building a “Web 4.0” where the Intercloud will replace Blockchain as the back-end for the new breed of decentralized applications, that can actually go mainstream.

What’s next for Web 2.0 and 3.0?

Intercoin’s founder Greg Magarshak has also been building a social platform called Qbix since 2010, but it was built to be open source and decentralized. Here is a photo from 2014 with Greg and his cofounder Zak meeting with Tim Berners-Lee and his team at MIT to discuss ways a decentralized web users can take control back:

You can read Greg’s article in CoinTelegraph about how the Web can find its way, or read about what Qbix is doing to move the Web from Feudalism to a Free Market. Or you can learn more about Qbix from the following two videos:

6 Likes

Brilliant and insightful article. Thank you, Greg!

More and more in everyday businesses, I can see that leaders would prefer to work with a range of advanced applications.

Businesses and institutions want to experience a smooth transition to DLT or even blockchain but most businesses that I’ve been working with, are afraid to spend money to check if it would work for them.

They work hard to create a WOW effect for their customers to solve business problems but most of them think that individual tech solution is the most expensive task for their business growth (which is NOT, but it’s a topic for another discussion)

Why would business owners spend their funds on educating their employees if their experience might be not so much different when it comes to their everyday tasks? If any of them would know that new solutions are going to get their queries or issues resolved easier and cheaper in the long term, then we would have queries regarding automation of payslips, performance reviews or employee-management requests immediately.

However, most systems that currently exist are primarily priced on a monthly basis and their solutions may not be specifically designed to solve the unique needs of this particular business but they search for something adaptable.

And I think it’s up to us (early adopters) to educate the masses with our solutions and I’ll be glad to share this article on my LinkedIn page for my other contacts to see.

4 Likes

I think thinking about this debate about centralization, decentralization, protocol, and platform in terms of fragility is a helpful framework – one book I read earlier last year was Taleb’s Antifragile, and he presents this dichotomy between things that benefit from randomness and chaos, and things that are hurt. In my opinion, decentralized systems benefit from this antifragility – they don’t have a single point of failure, and are more robust as a result. That’s not to say it’s strictly better to be decentralized, or antifragile. These things come at a cost – namely, in the short run, they are often not as effective as centralized systems. However, over time, centralized systems can be prone to blow-ups, and die out as a result, leaving the more robust and antifragile system to survive. It’s parallel to the dichotomy between democracy and authoritarianism in a sense. So, while bitcoin may not be the most effective form of money today, a hundred years from now, it may be the last currency standing.

5 Likes

Great article Greg! It is truly mind-blowing to me where we started at web 1.0 to where we are entering 3.0 (even though it’s been around for much longer). I can agree with Moxie and can see why he left WhatsApp after selling it to Zuck. It’s a one man show when it comes to Meta and there is no governing body to say otherwise. This can lead to some serious issues when 1 person has control of billions of users data/privacy. I like the fact you mentioned that it takes just ONE person in their organization to open that door and can potentially cause some big security problems for everyone. I am putting my trust into companies like google to not share my drives, emails, ect.

We all need an open-source alternative and that’s where Intercoin comes in. It will be even more important to have social networks that people can run off their own computers rather than relying on Meta and Google for simple things like sharing photos and documents. It could be much faster and cheaper. We need sustainability and we must take the power back.

Intercoins technology can fix this by developing open-sourced software and apps taking the “landlords” completely out of the picture. With Intercoin Members can make decisions on-chain and democratically.

This is just a fraction of what Intercoin can really do for the world!

4 Likes

Not naturally being a tech minded person — while wanting to be I 100% get this! I don’t think currently the average person cares enough but I’m confident there will be a shift as people wake up to reality.

Understanding how we went from Web 1, Web 2, and Web 3 & each transition is something to think about but… when I hear Greg talk about beyond blockchain that blows my mind! :exploding_head:

As for myself decentralization matters!!! I understand one of it’s current downfall being generally not adopted as quickly. While centralized application commonly are easily adopted. I often wonder why? First thought that comes to mind — is it’s just been the norm. I have never settled with the norm, actually I generally question the norm.

What attracted me to crypto so much from the beginning was decentralization and I stand on that! :100:

3 Likes

Kudos Greg!
The world is moving forward not backwards, so ‘open source’ is the way! It makes sense to move away from centralised to decentralised economy, just like we are transitioning from linear to circular economy

3 Likes

Excellent article! Regarding privacy, I have noticed a change in peoples attitude over the past few years, most likely stemming from the Facebook hearings which I think that was an eyeopener for many. Now more than ever people are happy to share personal information and “check-in” when they are out, but there’s a big difference between choosing to share that information and having some centralised body profit of it without your knowing. I’ve seen our personal data being described as “the new oil” and “the ultimate commodity” which makes me uneasy. This is why decentralisation is so important to me and why I use Sentinel, a decentralised VPN, and invested in Akash an open sourced decentralised cloud.

There’s also the censorship issue which is a huge area of discussion now. We recently had the sitting president of the United States continually censored and eventually banned from Twitter. I think most would agree, irrespective of their politics, that that was at best undemocratic and at worst interfering with an election. As censorship increases I can see more and more people moving to decentralised alternatives where users can speak freely and own their data.

Though there are still a lot of people that prefer centralised services, especially when it comes to money. I know a lot of people that prefer to stake/store funds on exchanges and platforms like Celsius as opposed to via a non-custodial wallet. Ease of use and convenience seems to be the most important thing to many.

4 Likes

Here is an update about governments and Telegram: German politicians threatened to do just that, but ended up giving Telegram a slap on the wrist.. Russia tried, but failed, to do the same when it comes to Telegram’s servers.

Here in the USA, the attorney general William Barr often spoke against end-to-end encryption, and advocated back doors for law enforcement, telling us to think of the children:

Apple has been trying to straddle the line between privacy advocates (it’s famously positioned itself as the privacy-friendly company) and the needs of law enforcement:

1 Like

And in China, this actually just happened… and exactly to the biggest app Moxie contributed his technology to, WhatsApp: