It’s not the same as web2. These web3 frontends don’t have moats or lock-in like Facebook or Google, because they don’t actually control the data. The data they serve is all from public ledgers. You can switch off of Infura in a second by changing your RPC url.
Github relies on a distributed storage architecture (local git repositories on developers' machines) and in theory anyone can take a project from github and duplicate it on gitlab etc. In reality nobody bothers and a project hosted on github will remain exclusively hosted on github and nowhere else, and likewise with other git hosting services. For the most part nobody cares if the data is hosted on a distributed system or a centralized one, because the overwhelming majority of users will rely on the front end. Changing RPC urls is not as easy as you might think, especially for systems that are widely deployed and have heterogenous clients (which in theory would be the case if Web3 ever took off, which I personally doubt).
People do bother. I don't have specific examples off the top of my head, but I've occasionally run into an read-only GitHub repo that's been moved to Gitea or GitLab, or even BitBucket.
More broadly speaking, it's important that you can migrate, even if you don't actually do it, because users who can easily churn give the developers an incentive to keep the UX solid. If you can just leave GitHub at any time, then they're less likely to add gigantic banner ads to every page, or bundle "third party offers" into installers - they know what happened to SourceForge, after all.
The barrier to hosting your own email is that you'll spend a day configuring everything, and a year later, the big providers will slightly change a spam detection algorithm, your mail won't be delivered, you won't know, and there will be bad consequences for you.
The barrier to changing your git origin is spending five minutes setting up an account and repo somewhere else. Everything will work absolutely fine, you'll still have all your git history, you'll just be slightly less discoverable and some potential contributors might not want to create an account.
I keep my projects on GitHub for discoverability and the reputation provided by stars, whatever that's worth. So essentially network effects.
The reality is if I'm looking for a library to solve a problem, I'm much more likely to use one from GH with 1000 stars than a random self-hosted GitLab with 50. I would like to not feel that way, but I suspect many others do as well. It would be nice if we at least had a decentralized reaction/reputation system.
Is there an analog to this with the services Moxie talked about? Sincere question, I'm not familiar with the ecosystem at all.
The closest attempt I can think of is status wallets token ranking for dapps. You could burn your tokens to say if you liked something in their listings and that would rank it for others. The issue they hit is when the lists got popular (in like 2018-19) vc funded projects just bought up the supplies of tokens and burnt them to get their project rated higher. So basically Sybil attack and they became unreliable.
It’s the same problem across all decentralised protocols, if it’s cheap to say something you get spam(see email) but introducing costs can just skew it to those who can afford to spam instead (essentially those with an advertising budget).
So there’s been a lot of research on proof of personhood (BrightID/ideas/proofofhumanity) to add Sybil resistance mechanisms so we can do 1p1v across the network. They’re working ok, but the next big step is adding zkproofs so we can anonymise the voting (which is needed to prevent collusion) which clrfund and sismo are working on.
Kleros have an interesting curated register protocol, which seems to work on small scales. Some groups are using it to token rank guy issues to prioritise work and get feedback.
The status blog has some interesting writing around these ideas over the past few years https://status.im/research/
And, as the article suggests, if there is some new feature that Github can enable (integration of git commits with an issue tracker or CI/CD integration come to mind), that will happen in a vendor-specific way on Github, not in the Git protocol. So, then you immediately move back to the world of platforms.
Few people bother because every git commit is cryptographically signed and every git repo is inherently replicated. It doesn’t matter if you use a centralized service or not as long as you can rely on SHA1 (and sha256 is coming…) Git is almost the ur-blockchain in this respect, hardly an argument for centralization.
The web3 frontends appear to be in the same place that Chrome is: yes, technically you can always switch to another browser, but if Chrome decides to boycott a new feature, it will never exist as a practical matter. If Chrome blocks a website, it will be as though it doesn't exist for most people. That in theory it still does doesn't change anything. What makes OpenSea different than Chrome in this respect?
The problem is that they control distribution – the only thing that matters. You don't need to own the data if you own the eyeballs/mindshare.
For example: Spotify doesn't own any music copyrights, yet they own 32% of the music streaming market. The second best is Apple at 16% ... which also doesn't own any of the music.
It's a little different than Spotify. Spotify still controls the means of distribution while the data sources for "web3" are public/decentralised (in most but not all cases). Rather I'd compare it to Google Search and AMP. The data is still accessible and there are alternatives (manually routing to the sites themselves or using other search engines) however the main path to the data is gatekept by a centralised source (Google) which is routing all the requests through their servers (AMP) instead of using the underlying protocol.
It's still a severe issue but it's a much simpler solution to simply build competitors for a tool accessing an open platform than it is to build a new platform entirely.
Yes, web2 incumbents control data and they control distribution. I agree with you there!
aside; sometimes I feel like I’m taking crazy pills because for the last decade or so on HN we’ve been talking about how Big Tech has monopoly control over everything, how they’ve destroyed privacy and monetized eyeballs and engagement to the fullest. And now that a potential decentralized competitor is emerging, the kneejerk reaction is “why not just keep using <monopolistic centralized surveillance ad platform>”?
(I understand why, cryptocurrency is the whipping boy of the week, and it’s full of scammers, I get it! But I’m not going to pretend I’m happy with the existing crop of centralized services.)
Do you actually think blockchain tech is remotely competitive with the big platforms? Blockchain payment systems have had more than a decade to become popular and still are not even remotely competitive with the big payment processors. Most of the world will only read about "Web3" on some news site or blog, then ignore it because it does not even come close to meeting their needs.
Consider how many people post something on Facebook in a single day, and now consider what it would take if each post had to be replicated across tens of thousands of independently operated systems. Big tech companies scale in large part because of their centralization, which allows them to coordinate large numbers of physical machines to efficiently provide service to their users. You may not like the ads-centric business model but on a purely technical level it is pretty clear that the big tech companies have a big advantage in terms of operating their infrastructure, and overcoming that advantage is not going to be easy for any distributed system.
I personally prefer to focus on mitigating/preventing abuses by a central authority/component of a system, which almost always results in a far more efficient and reliable solution that trying to eliminating all centralization.
> Do you actually think blockchain tech is remotely competitive with the big platforms?
Right now? Absolutely not, web3 is pure jank right now. I’m just trying to see where the puck is headed.
> I personally prefer to focus on mitigating/preventing abuses by a central authority/component of a system, which almost always results in a far more efficient and reliable solution that trying to eliminating all centralization.
How do you do this? How do you take Facebook to task? The only entity that comes anywhere close is France maybe and those fines are just a slap on the wrist.
I was referring to technical solutions, not fines or regulatory measures. For example, before Bitcoin cryptographers published a mountain of research on designing secure and anonymous electronic payments, but relied on a central bank that issued and redeemed the money. The bank was constrained mathematically so that it could not link user transactions, unless some subset of users had cheated in some way (double spending). So there was a central party but certain forms of abuse were impossible, and those systems were overwhelmingly more efficient than Bitcoin or even a proof-of-stake approach ever could be (this is because transactions are "truly" peer-to-peer, meaning that only two parties do any work at all when a payment is made or when money is withdrawn from or deposited with the bank; moreover the work required to perform transactions amounts to verifying a few signatures/NIZKs). Another example is the use of oblivious RAM for secure cloud storage, which both protects user data and ensures that "most" of the access pattern (everything but the number blocks of data a user has accessed) remains private. There are also many examples of real-world deployments of secure multiparty computation that limit abuse by large/centralized parties in various ways while still allowing those parties to operate and even expand their business (without having to collect more user data than they already collect).
> “why not just keep using <monopolistic centralized surveillance ad platform>”?
The question, for me, is actually "how is this any different than <monopolistic centralized surveillance ad platform>”?
Because I still remember high school and how every single one of these monopolistic centralized platforms sold itself to me as "Come to us, we represent a new free and open society unencumbered by stodgy authorities!".
You know, the exact same rhetoric these new web3/crypto companies are selling. Sounds like Animal Farm all over again to my skeptic ears.
Remember when Twitter was the future of decentralized discourse free of government tyranny where you can organize political protests free of oversight and manipulation from your local govt? Hell it's a big part of why arab spring worked!
>> The question, for me, is actually "how is this any different than <monopolistic centralized surveillance ad platform>”?
You can send a transaction from A -> B using Bitcoin (or another cryptocurrency) without it being censored by any government. Can they see your transaction? Yes. In that case, use Monero (or the upcoming Railgun). Comparing crypto to any of the above is quite a stretch.
Twitter may have failed in it's promise, but right now, crypto/blockchains/web is a massive improvement. They may not be perfect, but they are trending in the correct direction. Like the parent post, it's shocking to me the 180 that HN has done in this regard.
> Like the parent post, it's shocking to me the 180 that HN has done in this regard.
Is it all of HN that's changed, or just this thread? There are probably a lot of ppl commenting on this article that don't bother to comment (or maybe even read) many other web3 related articles.
> "Come to us, we represent a new free and open society unencumbered by stodgy authorities!".
I don't pay a lot of attention to the complaints, so I could be wrong, but it seems like when ppl complain about Twitter they're just as likely to complain about them being too unencumbered as they are about them restricting too much.
End consumers don't care and that will always dictate adoption.
Also because people are complaining - doesn't mean that this specific implementation of decentralisation is the right one and that's why it gets so much pushback. A mere difference of opinion, but mostly because parties who claim to work in the name of decentralisation are there to grab the cash and push the narrative that it is actually to relief the society of evil organisations - so far its rather about wealth re-distribution as usual...
The web3 providers mentioned are the most popular, but they do not control distribution. That's the whole point. Anyone can distribute the data on the blockchain with no clear legal repercussions unlike with music where you will get sued for distributing music without permission.
A counter example here might be Twitter and Facebook. You can export all your data just fine, but it’s useless anywhere else. Because the reason you’re on Twitter/Facebook is that everyone else is there. They own the distribution of your connections making the data itself useless without them.
True, you can export your Twitter data, but a competitor to Twitter cannot access the entire set of user data that Twitter has access to.
The real differentiator is that with Web3, the data is open, so providing an alternative is as simple as providing an alternative front-end.
What threatens the promise of Web3 are the issues that this article brings up, with decentralized projects not being able to iterate as quickly as centralized ones, leading to proprietary elements becoming the standard for some aspects of widely used Web3 technologies (like NFTs) and establishing a moat for the centralized platform that owns that element.
> but a competitor to Twitter cannot access the entire set of user data that Twitter has access to.
True, but they could make it very easy for users to transfer all their data, which makes it possible if they could convince everyone to do it mass. So the real problem is that it's not realistic to convince everyone to move; the network effect is too strong.
AFAICT, OpenSea et al have the same first mover/network advantage. The record on the chain of a url "belonging" to someone has approximately zero utility without the edifice they've built on top
How does this handle data schemas? Perhaps I’m thinking too much of an RDBMS schema but for Twitter for example. If decentra-Twitter stores my data in some schema (say a hard-coded “pinned tweet” column that only supports one) then is everyone else stuck with that forever? Or could they extend that to include, say, multiple pinned tweets?
I don't have the experience with smart contract development to have an informed opinion on this.
My guess would be that others could extend the protocol, but the challenge would be to get the extension widely adopted.
For example, ERC20 is the primary token transfer protocol on Ethereum, and there are various new token transfer protocols that are supersets of ERC20, and add useful new functionality, but they have not yet gained the widespread adoption to become useful the way vanilla ERC20 is.
You’re still relying on one central server though because of the fundamental problem OP laid out: the blockchain is designed for servers, not clients. There is no API inherent to any chain and thus one must be grafted over it by a web server. Things will tend toward one or two companies because those will be the ones who can afford to run such services and then they will have funding to create more features and better documentation and do dev evangelism and you know the rest. Just look what happened already once OpenSea removed his NFT.
While in theory you could change your RPC URL, in practice what difference would it make? At least IPFS offers some form of integrity checking through its generated hash. But there's no way to say, for example, that I karrot_kream at time T fetched a URL pointed to by NFT N with contents C. As demonstrated by Moxie's changing NFT and eventual deletion by OpenSea, who _knows_ what will happen to it? It's possible to at least build cryptographic attestations of fetching a particular NFT (and even maybe placing this attestation on-chain, to have some NFT "provenance" going on) but there's really not that much work going into it right now. That's the critique.
Changing your RPC url will make no difference because you’ll get the same result either way. Any service that lies about the state of the chain will quickly be jettisoned like so much carbon dioxide.
The bare minimum for a reputable NFT is to publish the contract source code and use immutable storage. That’s the first step of due diligence in the space.
All of this stuff is super fluid and non-standardized because it’s still super early and everyone’s trying to figure out how it ought to work.
OpenSea lied about the non-existence of the jpeg-swapping NFT he minted. They removed it from their API responses because they didn't like it. Do you think they're about to be jettisoned? Or will people largely not care because they actually like the centralised nature of OpenSea with its TOS and extra features and with no viable alternative that doesn't require running your own server?
Consider also "what's the point of an uncensorable block chain if the API servers can become untrustworthy and refuse to the serve the data?"
If OpeanSea can blackhole / cancel / hide a NFT on a whim, what does that say about the viability of hosting other services that access the blockchain through similar gateways?
Additionally, if such services can preform those actions, what does that suggest about the viability of financial instruments and company governance accessed through those or similar services?
Yes, this is FUD. I believe it is quite reasonable FUD.
That’s fair. I was talking about canonicalized chain state (hence RPC), not consensus about what constitutes spam.
I agree that OpenSea should not have final say in this regard, as clearly that is not decentralized. I would be interested to hear if anyone is trying solve this at scale.
> All of this stuff is super fluid and non-standardized because it’s still super early and everyone’s trying to figure out how it ought to work.
I understand this and I'm certainly sympathetic to it. Folks are also trying to figure out how to actually stuff art on-chain which I'm a fan of. I'm very familiar with the NFT standards because I was involved in some of the discussions with it. The amount of money this space is seeing though given how fluid representation in the space though, leads to Moxie's other critique, that this is being fed with a gold rush trying to find liquidity for hoarded crypto. I know that builders can't control what these speculators do but it certainly adds pressure for builders to either take the money or operate at a disadvantage to builders who do.
In regards to keeping the art on-chain, the immutability is a real problem. What happens when someone stuffs illegal data/images on the blockchain? Once a bad actor sneaks trade secrets, doxxing material, or CP onto the chain, it's there forever. By design, deleting data from the blockchain isn't possible.
Actually, this was his point exactly. OpenSea must start on a decentralized block chain (due to market forces) and must move to a more centralized (faster moving) protocol in order to remain relevant.
