再次制作以太坊密码朋克
2023 12月 28查看所有帖子
特别感谢 Paul Dylan-Ennis 的反馈和审查。
十年前,我最喜欢的记忆之一是前往柏林一个被称为比特币基兹的地方朝圣:克罗伊茨贝格的一个地区,那里有大约十几家商店,彼此相距几百米,都接受比特币付款。这个社区的核心是 Room 77,这是一家由 Joerg Platzer 经营的餐厅和酒吧。除了简单地接受比特币外,它还充当了社区中心,各种开源开发人员、各种派别的政治活动家和其他角色会经常光顾。
77号房间,2013年。资料来源:我 2013 年在比特币杂志上的文章。
两个月前的类似记忆是PorcFest(“porc”就像“porcupine”和“don't tread on me”),这是新罕布什尔州北部森林中的自由主义聚会,在那里获取食物的主要方式是从名为“Revolution Coffee”和“Seditious Soups, Salads and Smoothies”的小型弹出式餐厅,这些餐厅当然接受比特币。在这里,讨论比特币更深层次的政治意义,并在日常生活中使用它,也是并排发生的。
我之所以提起这些记忆,是因为它们让我想起了加密货币背后的更深层次的愿景:我们在这里不仅仅是为了创造孤立的工具和游戏,而是朝着一个更加自由和开放的社会和经济全面建设,在这个社会中,技术、社会和经济的不同部分相互融合。
“web3”的早期愿景也是这种类型的愿景,朝着类似理想主义但有些不同的方向发展。“web3”一词最初是由以太坊联合创始人 Gavin Wood 创造的,它指的是一种不同的思考以太坊的方式:Gavin 没有像我最初那样将其视为“比特币加智能合约”,而是更广泛地将其视为一组技术之一,这些技术可以共同构成更开放的互联网堆栈的基础层。
加文·伍德(Gavin Wood)在他的许多早期演讲中使用的图表。
当 1980 年代和 1990 年代开始自由开源软件运动时,该软件很简单:它在您的计算机上运行并读取和写入保留在计算机上的文件。但今天,我们的大部分重要工作都是协作的,通常是大规模的。因此,今天,即使应用程序的底层代码是开放和免费的,您的数据也会通过由公司运营的集中式服务器进行路由,该服务器可以任意读取您的数据,随时更改您的规则或取消您的平台。因此,如果我们想将开源软件的精神扩展到当今世界,我们需要程序能够访问共享硬盘驱动器,以存储多个人需要修改和访问的内容。什么是以太坊,以及点对点消息传递(当时是 Whisper,现在是 Waku)和去中心化文件存储(当时只是 Swarm,现在也是 IPFS)等姊妹技术?一个公共的去中心化共享硬盘。这就是现在无处不在的术语“web3”诞生的最初愿景。
不幸的是,自 2017 年左右以来,这些愿景在某种程度上已经淡出人们的视线。很少有人谈论消费者加密支付,唯一真正在链上大规模使用的非金融应用程序是 ENS,并且存在巨大的意识形态裂痕,非区块链去中心化社区的重要部分将加密世界视为一种分心,而不是志同道合的精神和强大的盟友。在许多国家,人们确实使用加密货币来汇款和存钱,但他们通常通过中心化方式进行:通过中心化交易所账户的内部转账,或在 Tron 上交易 USDT。
背景:谦逊的 Tron 创始人和去中心化先驱 Justin Sun 勇敢地引领着全球最酷、最去中心化的加密生态系统。
经历过那个时代,我认为这种转变的根本原因的头号罪魁祸首是交易费用的上涨。当写入链的成本是 0.001 美元,甚至 0.1 美元时,你可以想象人们制作各种应用程序,以各种方式使用区块链,包括非金融方式。但是,当交易费用超过100美元时,就像在牛市高峰期一样,只有一个观众仍然愿意玩 - 事实上,由于硬币价格上涨,他们变得越来越富有,变得更加愿意玩:degen赌徒。Degen 赌徒在适度剂量下可以接受,我在活动中与很多人交谈过,他们有动力为了钱而加入加密货币,但为了理想而留下来。但是,当他们成为大规模使用该链的最大群体时,这会调整公众的看法和加密空间的内部文化,并导致我们在过去几年中看到的许多其他负面因素。
现在,快进到 2023 年。关于扩展的核心挑战,以及对于构建一个真正可行的密码朋克未来至关重要的各种“支线任务”,我们实际上有很多积极的消息要展示:
- Rollups开始真正存在。
- 在对Tornado Cash进行监管打击后,在短暂的平静之后,Railway和Nocturne等第二代隐私解决方案正在看到(月球)的曙光。
- 账户抽象开始兴起。
- 被遗忘了很长时间的轻客户端开始实际存在。
- 零知识证明,一种我们认为几十年后的技术,现在已经出现,对开发人员越来越友好,并且即将用于消费者应用程序。
这两件事:人们越来越意识到不受约束的中心化和过度金融化不可能是“加密货币”的意义所在,以及上面提到的关键技术最终即将实现,这些技术共同为我们提供了一个将事情推向不同方向的机会。也就是说,至少要让以太坊生态系统的一部分成为我们最初构建的无需许可的、去中心化的、抗审查的开源生态系统。
这些价值观是什么?
其中许多价值观不仅被以太坊社区中的许多人所共享,而且也被其他区块链社区,甚至非区块链去中心化社区所共享,尽管每个社区都有自己独特的这些价值观组合,以及每个价值观的强调程度。
- 开放的全球参与:世界上的任何人都应该能够在最大程度上平等地作为用户、观察者或开发人员参与。参与应该是无需许可的。
- 去中心化:最大限度地减少应用程序对任何一个参与者的依赖。特别是,即使其核心开发人员永远消失,应用程序也应该继续工作。
- 抗审查:中心化参与者不应有权干扰任何给定用户或应用程序的操作能力。对不良行为者的担忧应该在堆栈的更高层得到解决。
- 可审计性:任何人都应该能够验证应用程序的逻辑及其正在进行的操作(例如,通过运行一个完整的节点),以确保它按照其开发人员声称的规则运行。
- 可信的中立性:基础层基础设施应该是中立的,并且要让任何人都能看到它是中立的,即使他们还没有信任开发人员。
- 建造工具,而不是帝国。帝国试图将使用者俘虏并困在有围墙的花园内;工具可以完成其任务,但可以在其他方面与更广泛的开放生态系统进行互操作。
- 合作心态:即使在竞争中,生态系统中的项目也会在共享软件库、研究、安全、社区建设和其他对他们来说通常有价值的领域进行合作。项目试图成为正和,无论是彼此之间还是与更广阔的世界。
在加密生态系统中构建不遵循这些价值观的东西是很有可能的。人们可以构建一个被称为“第 2 层”的系统,但它实际上是一个高度集中的系统,由多重签名保护,没有计划切换到更安全的东西。人们可以构建一个试图比 ERC-4337 “更简单”的帐户抽象系统,但代价是引入信任假设,最终消除了公共内存池的可能性,并使新的构建者更难加入。人们可以建立一个 NFT 生态系统,其中 NFT 的内容不必要地存储在中心化网站上,使其比这些组件存储在 IPFS 上更不必要地更加脆弱。人们可以建立一个质押界面,不必要地将用户引导到已经最大的质押池。
抵制这些压力是很困难的,但如果我们不这样做,那么我们就有可能失去加密生态系统的独特价值,并以额外的低效率和额外的步骤重新创建现有 web2 生态系统的克隆。
制作忍者神龟需要下水道
加密空间在许多方面都是一个无情的环境。Dan Robinson 和 Georgios Konstantiopoulos 在 2021 年的一篇文章在 MEV 的背景下生动地表达了这一点,认为以太坊是一片黑暗森林,链上交易者经常容易被抢先运行的机器人利用,这些机器人本身很容易被其他机器人反利用,等等。在其他方面也是如此:智能合约经常被黑客入侵,用户的钱包经常被黑客入侵,中心化交易所的失败更加惊人,等等。
对于该领域的用户来说,这是一个巨大的挑战,但它也提供了一个机会:这意味着我们有一个空间来实际试验、孵化和接收有关各种安全技术的快速实时反馈,以应对这些挑战。我们已经看到在各种情况下成功应对挑战:
| 问题 | 溶液 |
|---|---|
| 集中式交易所被黑客入侵 | 使用 DEX 和稳定币,因此中心化实体只需要被信任即可处理法定货币 |
| 单个私钥不安全 | 智能合约钱包:多重签名、社交恢复等 |
| 用户被诱骗签署交易,耗尽他们的钱 | 像 Rabby 这样的钱包向用户展示交易模拟结果 |
| 用户受到 MEV 玩家的三明治攻击 | Cowswap、Flashbots Protect、MEV Blocker...... |
每个人都希望互联网是安全的。一些人试图通过推动强制依赖单一特定行为者(无论是公司还是政府)来确保互联网安全,这些行为者可以充当安全和真相的集中锚。但这些方法牺牲了开放和自由,并助长了日益增长的“分裂互联网”的悲剧。加密领域的人们高度重视开放和自由。所涉及的风险水平和高财务风险意味着加密空间不能忽视安全性,但各种意识形态和结构性原因确保了它无法获得实现安全的集中方法。与此同时,加密领域处于非常强大的技术的前沿,如零知识证明、形式验证、基于硬件的密钥安全和链上社交图谱。这些事实共同意味着,对于加密货币来说,提高安全性的开放方式是唯一的方法。
所有这一切都是说,加密世界是一个完美的测试平台环境,可以采用其开放和去中心化的安全方法,并将其实际应用于现实的高风险环境中,并使其成熟到可以应用于更广阔的世界的地步。这是我对加密世界的理想主义部分和加密世界的混乱部分,然后是整个加密世界和更广泛的主流如何将它们的差异转化为共生关系的愿景之一,而不是持续不断的紧张局势。
以太坊作为更广泛技术愿景的一部分
2014 年,Gavin Wood 将以太坊作为一套可以构建的工具之一,另外两个是 Whisper(去中心化消息传递)和 Swarm(去中心化存储)。前者被高度强调,但不幸的是,随着2017年左右转向金融化,后者受到的爱和关注要少得多。也就是说,Whisper 继续以 Waku 的形式存在,并被去中心化的信使 Status 等项目积极使用。Swarm 继续开发,现在我们也有 IPFS,用于托管和服务这个博客。
在过去的几年里,随着去中心化社交媒体(Lens、Farcaster 等)的兴起,我们有机会重新审视其中一些工具。此外,我们还有另一个非常强大的新工具可以添加到三重奏中:零知识证明。这些技术作为提高以太坊可扩展性的方式最广泛地被采用,如 ZK rollups,但它们对隐私也非常有用。特别是,零知识证明的可编程性意味着我们可以超越“匿名但有风险”与“KYC因此安全”的错误二元对立,并同时获得隐私和多种身份验证和验证。
2023 年的一个例子是 Zupass。Zupass 是一个基于零知识证明的系统,在 Zuzalu 孵化,它既用于事件的面对面身份验证,也用于投票系统 Zupoll、类似 Twitter 的 Zucast 等的在线身份验证。Zupass 的主要功能是:您可以证明您是 Zuzalu 的居民,而无需透露您是 Zuzalu 的哪个成员。此外,每个 Zuzalu 居民只能为他们登录的每个应用程序实例(例如投票)创建一个随机生成的加密身份。Zupass非常成功,并于当年晚些时候被应用于Devconnect的票务工作。
零知识证明,证明我作为以太坊基金会的员工,可以访问 Devconnect 联合办公空间。
到目前为止,Zupass最实际的用途可能是民意调查。已经进行了各种民意调查,其中一些是关于政治上有争议或高度个人化的话题,人们觉得强烈需要保护自己的隐私,使用Zupass作为匿名投票平台。
在这里,我们可以开始看到以太坊密码朋克世界的轮廓,至少在纯粹的技术层面上是这样。我们可以将我们的资产持有在 ETH 和 ERC20 代币以及各种 NFT 中,并使用基于隐身地址和隐私池技术的隐私系统来保护我们的隐私,同时锁定已知的不良行为者从相同的匿名集中受益的能力。无论是在我们的 DAO 中,还是为了帮助决定对以太坊协议的更改,或者为了任何其他目标,我们都可以使用零知识投票系统,该系统可以使用各种凭据来帮助识别谁有资格投票,谁没有: 除了像 2017 年那样使用代币投票外,我们还可以对为生态系统做出足够贡献的人进行匿名民意调查, 参加过足够多活动的人,或每人一票。
面对面和在线支付可以通过 L2 上的超廉价交易来实现,这些交易利用数据可用性空间(或使用 Plasma 保护的链下数据)以及数据压缩,为用户提供超高的可扩展性。从一个汇总到另一个汇总的付款可以通过像 UniswapX 这样的去中心化协议进行。去中心化的社交媒体项目可以使用各种存储层来存储活动,如帖子、转发和点赞,并使用 ENS(在 CCIP 的 L2 上便宜)作为用户名。我们可以在链上代币和链下证明之间无缝集成,这些认证是通过 Zupass 等系统亲自持有的和经过 ZK 验证的。
二次投票、跨部落共识发现和预测市场等机制可用于帮助组织和社区自我管理并随时了解情况,区块链和基于 ZK 证明的身份可以使这些系统免受来自内部的集中审查和来自外部的协调操纵。复杂的钱包可以在人们参与 dapp 时保护他们,用户界面可以发布到 IPFS 并作为域访问,HTML、javascript 和所有软件依赖项的哈希值通过 DAO 直接在链上更新。智能合约钱包的诞生是为了帮助人们不损失数千万美元的加密货币,它将扩展到保护人们的“身份根源”,创建一个比“使用谷歌登录”等中心化身份提供商更安全的系统。.eth
Soul Wallet恢复界面。就我个人而言,我更愿意将我的资金和身份信任给这样的系统,而不是集中式 web2 恢复。
我们可以将更大的以太坊(或“web3”)视为创建一个独立的技术协议栈,在各个层面与传统的中心化协议栈竞争。很多人会把两者混搭,而且往往有聪明的方法可以把两者搭配起来:有了ZKEmail,你甚至可以让一个电子邮件地址成为你社交恢复钱包的守护者之一!但是,将去中心化堆栈的不同部分一起使用也会产生许多协同作用,特别是如果它们旨在更好地相互集成。
| 传统堆栈 | 去中心化堆栈 |
|---|---|
| 银行系统 | ETH、稳定币、用于支付的 L2、DEX(注:仍然需要银行贷款) |
| 收益 | 区块浏览器上的交易链接 |
| 公司 | DAO的 |
DNS(、、等).com.io | ENS英语 (.eth) |
| 常规电子邮件 | 加密电子邮件(例如。小艇) |
| 定期消息传递(例如。电报) | 去中心化消息传递(例如。地位) |
| 使用 Google、Twitter、微信登录 | 使用以太坊、Zupass、通过 EAS、POAP、Zu-Stamps 证明登录...... + 社交恢复 |
| 在 Medium 等上发布博客 | 在 IPFS 上发布自托管博客(例如,使用 Fleek) |
| 推特、脸书 | 镜头,Farcaster...... |
| 通过无所不知的老大哥限制坏人 | 通过零知识证明约束不良行为者 |
将其视为堆栈的好处之一是,这与以太坊的多元主义精神非常吻合。比特币试图解决一个问题,或者最多解决两个或三个问题。另一方面,以太坊有很多子社区,有很多不同的重点。没有单一的主导叙事。堆栈的目标是实现这种多元化,但同时努力提高这种多元化的互操作性。
社会层
很容易说“这些人做X是一种腐败的影响和坏事,这些人做Y是真正的交易”。但这是一种懒惰的回应。要想真正取得成功,我们不仅需要对技术堆栈的愿景,还需要堆栈的社会部分,这些部分使技术堆栈首先成为可能。
原则上,以太坊社区的优势在于我们认真对待激励措施。PGP希望将加密密钥交到每个人的手中,这样我们就可以在几十年内进行签名和加密的电子邮件,这在很大程度上失败了,但后来我们得到了加密货币,突然间,数百万人拥有公开与之相关的密钥,我们可以开始将这些密钥用于其他目的 - 包括回到加密电子邮件和消息传递。非区块链去中心化项目通常长期资金不足,基于区块链的项目获得了 5000 万美元的 B 轮融资。我们让人们投入他们的 ETH 来保护以太坊网络不是出于质押者的仁慈,而是出于他们对自己利益的考虑——结果我们获得了 200 亿美元的经济安全。
同时,激励措施是不够的。Defi项目通常从谦虚、合作和最大程度的开源开始,但有时随着规模的增长,它们开始放弃这些理想。我们可以激励质押者以非常长的正常运行时间参与,但激励质押者去中心化要困难得多。使用纯粹的协议内手段可能根本无法实现。上述“去中心化堆栈”的许多关键部分都没有可行的商业模式。以太坊协议的治理本身显然是非金融化的——这使得它比其他治理更加金融化的生态系统更加强大。这就是为什么以太坊拥有强大的社会阶层是有价值的,它在那些纯粹的激励措施无法做到的地方大力执行其价值观——但又不会创造一种“以太坊对齐”的概念,这种概念会变成一种新的政治正确形式。
在这两个方面之间要取得平衡,尽管正确的术语与其说是平衡,不如说是整合。有很多人第一次进入加密领域是渴望致富,但随后他们熟悉了生态系统,并成为寻求建立一个更加开放和去中心化的世界的狂热信徒。
我们如何真正实现这种整合?这是关键问题,我怀疑答案不在于一个灵丹妙药,而在于一系列将以迭代方式得出的技术。以太坊生态系统在鼓励第 2 层项目之间纯粹通过社交手段的合作心态方面已经比大多数生态系统更成功。大规模的公共产品融资,特别是Gitcoin Grants和Optimism的RetroPGF轮次,也非常有帮助,因为它为那些看不到任何不需要牺牲其价值的传统商业模式的开发者创造了一个替代的收入渠道。但即使是这些工具仍处于起步阶段,要改进这些特定工具,以及识别和发展可能更适合特定问题的其他工具,还有很长的路要走。
这就是我看到以太坊社交层的独特价值主张的地方。有一种独特的中途组合,既有价值激励,又不被它们消耗。有一种不切实际的混合体,既重视一个温暖而有凝聚力的社区,但同时要记住,从内部感觉“温暖和有凝聚力”的东西,从外部很容易感到“压迫和排他”,并重视中立、开源和抵制审查的硬性规范,以此作为防止在社区驱动方面走得太远的风险的一种方式。如果这种组合能够很好地发挥作用,那么它将处于在经济和技术层面上实现其愿景的最佳位置。
Special thanks to Paul Dylan-Ennis for feedback and review.
One of my favorite memories from ten years ago was taking a pilgrimage to a part of Berlin that was called the Bitcoin Kiez: a region in Kreuzberg where there were around a dozen shops within a few hundred meters of each other that were all accepting Bitcoin for payments. The centerpiece of this community was Room 77, a restaurant and bar run by Joerg Platzer. In addition to simply accepting Bitcoin, it also served as a community center, and all kinds of open source developers, political activists of various affiliations, and other characters would frequently come by.
Room 77, 2013. Source: my article from 2013 on Bitcoin Magazine.
A similar memory from two months earlier was PorcFest (that's "porc" as in "porcupine" as in "don't tread on me"), a libertarian gathering in the forests of northern New Hampshire, where the main way to get food was from small popup restaurants with names like "Revolution Coffee" and "Seditious Soups, Salads and Smoothies", which of course accepted Bitcoin. Here too, discussing the deeper political meaning of Bitcoin, and using it in daily life, happened together side by side.
The reason why I bring these memories up is that they remind me of a deeper vision underlying crypto: we are not here to just create isolated tools and games, but rather build holistically toward a more free and open society and economy, where the different parts - technological, social and economic - fit into each other.
The early vision of "web3" was also a vision of this type, going in a similarly idealistic but somewhat different direction. The term "web3" was originally coined by Ethereum cofounder Gavin Wood, and it refers to a different way of thinking about what Ethereum is: rather than seeing it, as I initially did, as "Bitcoin plus smart contracts", Gavin thought about it more broadly as one of a set of technologies that could together form the base layer of a more open internet stack.
A diagram that Gavin Wood used in many of his early presentations.
When the free open source software movement began in the 1980s and 1990s, the software was simple: it ran on your computer and read and wrote to files that stayed on your computer. But today, most of our important work is collaborative, often on a large scale. And so today, even if the underlying code of an application is open and free, your data gets routed through a centralized server run by a corporation that could arbitrarily read your data, change the rules on you or deplatform you at any time. And so if we want to extend the spirit of open source software to the world of today, we need programs to have access to a shared hard drive to store things that multiple people need to modify and access. And what is Ethereum, together with sister technologies like peer-to-peer messaging (then Whisper, now Waku) and decentralized file storage (then just Swarm, now also IPFS)? A public decentralized shared hard drive. This is the original vision from which the now-ubiquitous term "web3" was born.
Unfortunately, since 2017 or so, these visions have faded somewhat into the background. Few talk about consumer crypto payments, the only non-financial application that is actually being used at a large scale on-chain is ENS, and there is a large ideological rift where significant parts of the non-blockchain decentralization community see the crypto world as a distraction, and not as a kindred spirit and a powerful ally. In many countries, people do use cryptocurrency to send and save money, but they often do this through centralized means: either through internal transfers on centralized exchange accounts, or by trading USDT on Tron.
Background: the humble Tron founder and decentralization pioneer Justin Sun bravely leading forth the coolest and most decentralized crypto ecosystem in the global world.
Having lived through that era, the number one culprit that I would blame as the root cause of this shift is the rise in transaction fees. When the cost of writing to the chain is $0.001, or even $0.1, you could imagine people making all kinds of applications that use blockchains in various ways, including non-financial ways. But when transaction fees go to over $100, as they have during the peak of the bull markets, there is exactly one audience that remains willing to play - and in fact, because coin prices are going up and they're getting richer, becomes even more willing to play: degen gamblers. Degen gamblers can be okay in moderate doses, and I have talked to plenty of people at events who were motivated to join crypto for the money but stayed for the ideals. But when they are the largest group using the chain on a large scale, this adjusts the public perception and the crypto space's internal culture, and leads to many of the other negatives that we have seen play out over the last few years.
Now, fast forward to 2023. On both the core challenge of scaling, and on various "side quests" of crucial importance to building a cypherpunk future actually viable, we actually have a lot of positive news to show:
- Rollups are starting to actually exist.
- Following a temporary lull after the regulatory crackdowns on Tornado Cash, second-generation privacy solutions such as Railway and Nocturne are seeing the (moon) light.
- Account abstraction is starting to take off.
- Light clients, forgotten for a long time, are starting to actually exist.
- Zero knowledge proofs, a technology which we thought was decades away, are now here, are increasingly developer-friendly, and are on the cusp of being usable for consumer applications.
These two things: the growing awareness that unchecked centralization and over-financialization cannot be what "crypto is about", and the key technologies mentioned above that are finally coming to fruition, together present us with an opportunity to take things in a different direction. Namely, to make at least a part of the Ethereum ecosystem actually be the permissionless, decentralized, censorship resistant, open source ecosystem that we originally came to build.
What are some of these values?
Many of these values are shared not just by many in the Ethereum community, but also by other blockchain communities, and even non-blockchain decentralization communities, though each community has its own unique combination of these values and how much each one is emphasized.
- Open global participation: anyone in the world should be able to participate as a user, observer or developer, on a maximally equal footing. Participation should be permissionless.
- Decentralization: minimize the dependence of an application on any one single actor. In particular, an application should continue working even if its core developers disappear forever.
- Censorship resistance: centralized actors should not have the power to interfere with any given user's or application's ability to operate. Concerns around bad actors should be addressed at higher layers of the stack.
- Auditability: anyone should be able to validate an application's logic and its ongoing operation (eg. by running a full node) to make sure that it is operating according to the rules that its developers claim it is.
- Credible neutrality: base-layer infrastructure should be neutral, and in such a way that anyone can see that it is neutral even if they do not already trust the developers.
- Building tools, not empires. Empires try to capture and trap the user inside a walled garden; tools do their task but otherwise interoperate with a wider open ecosystem.
- Cooperative mindset: even while competing, projects within the ecosystem cooperate on shared software libraries, research, security, community building and other areas that are commonly valuable to them. Projects try to be positive-sum, both with each other and with the wider world.
It is very possible to build things within the crypto ecosystem that do not follow these values. One can build a system that one calls a "layer 2", but which is actually a highly centralized system secured by a multisig, with no plans to ever switch to something more secure. One can build an account abstraction system that tries to be "simpler" than ERC-4337, but at the cost of introducing trust assumptions that end up removing the possibility of a public mempool and make it much harder for new builders to join. One could build an NFT ecosystem where the contents of the NFT are needlessly stored on centralized websites, making it needlessly more fragile than if those compoents are stored on IPFS. One could build a staking interface that needlessly funnels users toward the already-largest staking pool.
Resisting these pressures is hard, but if we do not do so, then we risk losing the unique value of the crypto ecosystem, and recreating a clone of the existing web2 ecosystem with extra inefficiencies and extra steps.
It takes a sewer to make a ninja turtle
The crypto space is in many ways an unforgiving environment. A 2021 article by Dan Robinson and Georgios Konstantiopoulos expresses this vividly in the context of MEV, arguing that Ethereum is a dark forest where on-chain traders are constantly vulnerable to getting exploited by front-running bots, those bots themselves are vulnerable to getting counter-exploited by other bots, etc. This is also true in other ways: smart contracts regularly get hacked, users' wallets regularly get hacked, centralized exchanges fail even more spectacularly, etc.
This is a big challenge for users of the space, but it also presents an opportunity: it means that we have a space to actually experiment with, incubate and receive rapid live feedback on all kinds of security technologies to address these challenges. We have seen successful responses to challenges in various contexts already:
| Problem | Solution |
|---|---|
| Centralized exchages getting hacked | Use DEXes plus stablecoins, so centralized entities only need to be trusted to handle fiat |
| Individual private keys are not secure | Smart contract wallets: multisig, social recovery, etc |
| Users getting tricked into signing transactions that drain their money | Wallets like Rabby showing their users results of transaction simulation |
| Users getting sandwich-attacked by MEV players | Cowswap, Flashbots Protect, MEV Blocker... |
Everyone wants the internet to be safe. Some attempt to make the internet safe by pushing approaches that force reliance on a single particular actor, whether a corporation or a government, that can act as a centralized anchor of safety and truth. But these approaches sacrifice openness and freedom, and contribute to the tragedy that is the growing "splinternet". People in the crypto space highly value openness and freedom. The level of risks and the high financial stakes involved mean that the crypto space cannot ignore safety, but various ideological and structural reasons ensure that centralized approaches for achieving safety are not available to it. At the same time, the crypto space is at the frontier of very powerful technologies like zero knowledge proofs, formal verification, hardware-based key security and on-chain social graphs. These facts together mean that, for crypto, the open way to improving security is the only way.
All of this is to say, the crypto world is a perfect testbed environment to take its open and decentralized approach to security and actually apply it in a realistic high-stakes environment, and mature it to the point where parts of it can then be applied in the broader world. This is one of my visions for how the idealistic parts of the crypto world and the chaotic parts of the crypto world, and then the crypto world as a whole and the broader mainstream, can turn their differences into a symbiosis rather than a constant and ongoing tension.
Ethereum as part of a broader technological vision
In 2014, Gavin Wood introduced Ethereum as one of a suite of tools that can be built, the other two being Whisper (decentralized messaging) and Swarm (decentralized storage). The former was heavily emphasized, but with the turn toward financialization around 2017 the latter were unfortunately given much less love and attention. That said, Whisper continues to exist as Waku, and is being actively used by projects like the decentralized messenger Status. Swarm continues to be developed, and now we also have IPFS, which is used to host and serve this blog.
In the last couple of years, with the rise of decentralized social media (Lens, Farcaster, etc), we have an opportunity to revisit some of these tools. In addition, we also have another very powerful new tool to add to the trifecta: zero knowledge proofs. These technologies are most widely adopted as ways of improving Ethereum's scalability, as ZK rollups, but they are also very useful for privacy. In particular, the programmability of zero knowlege proofs means that we can get past the false binary of "anonymous but risky" vs "KYC'd therefore safe", and get privacy and many kinds of authentication and verification at the same time.
An example of this in 2023 was Zupass. Zupass is a zero-knowledge-proof-based system that was incubated at Zuzalu, which was used both for in-person authentication to events, and for online authentication to the polling system Zupoll, the Twitter-lookalike Zucast and others. The key feature of Zupass was this: you can prove that you are a resident of Zuzalu, without revealing which member of Zuzalu you are. Furthermore, each Zuzalu resident could only have one randomly-generated cryptographic identity for each application instance (eg. a poll) that they were signing into. Zupass was highly successful, and was applied later in the year to do ticketing at Devconnect.
A zero-knowledge proof proving that I, as an Ethereum Foundation employee, have access to the Devconnect coworking space.
The most practical use of Zupass so far has probably been the polling. All kinds of polls have been made, some on politically controversial or highly personal topics where people feel a strong need to preserve their privacy, using Zupass as an anonymous voting platform.
Here, we can start to see the contours of what an Ethereum-y cypherpunk world would look like, at least on a pure technical level. We can be holding our assets in ETH and ERC20 tokens, as well as all kinds of NFTs, and use privacy systems based on stealth addresses and Privacy Pools technology to preserve our privacy while at the same time locking out known bad actors' ability to benefit from the same anonymity set. Whether within our DAOs, or to help decide on changes to the Ethereum protocol, or for any other objective, we can use zero-knowledge voting systems, which can use all kinds of credentials to help identify who has standing to vote and who does not: in addition to voting-with-tokens as done in 2017, we can have anonymous polls of people who have made sufficient contributions to the ecosystem, people who have attended enough events, or one-vote-per-person.
In-person and online payments can happen with ultra-cheap transactions on L2s, which take advantage of data availability space (or off-chain data secured with Plasma) together with data compression to give their users ultra-high scalability. Payments from one rollup to another can happen with decentralized protocols like UniswapX. Decentralized social media projects can use various storage layers to store activity such as posts, retweets and likes, and use ENS (cheap on L2 with CCIP) for usernames. We can have seamless integration between on-chain tokens, and off-chain attestations held personally and ZK-proven through systems like Zupass.
Mechanisms like quadratic voting, cross-tribal consensus finding and prediction markets can be used to help organizations and communities govern themselves and stay informed, and blockchain and ZK-proof-based identities can make these systems secure against both centralized censorship from the inside and coordinated manipulation from the outside. Sophisticated wallets can protect people as they participate in dapps, and user interfaces can be published to IPFS and accessed as domains, with hashes of the HTML, javascript and all software dependencies updated directly on-chain through a DAO. Smart contract wallets, born to help people not lose tens of millions of dollars of their cryptocurrency, would expand to guard people's "identity roots", creating a system that is even more secure than centralized identity providers like "sign in with Google"..eth
Soul Wallet recovery interface. I personally am at the point of being more willing to trust my funds and identity to systems like this than to centralized web2 recovery already.
We can think of the greater Ethereum-verse (or "web3") as creating an independent tech protocol stack, that is competing with the traditional centralized protocol stack at all levels. Many people will mix-and-match both, and there are often clever ways to match both: with ZKEmail, you can even make an email address be one of the guardians of your social recovery wallet! But there are also many synergies from using the different parts of the decentralized stack together, especially if they are designed to better integrate with each other.
| Traditional stack | Decentralized stack |
|---|---|
| Banking system | ETH, stablecoins, L2s for payments, DEXes (note: still need banks for loans) |
| Receipts | Links to transactions on block explorers |
| Corporations | DAOs |
DNS (, , etc).com.io | ENS (.eth) |
| Regular email | Encrypted email (eg. Skiff) |
| Regular messaging (eg. Telegram) | Decentralized messaging (eg. Status) |
| Sign in with Google, Twitter, Wechat | Sign in with Ethereum, Zupass, Attestations via EAS, POAPs, Zu-Stamps... + social recovery |
| Publishing blogs on Medium, etc | Publishing self-hosted blogs on IPFS (eg. using Fleek) |
| Twitter, Facebook | Lens, Farcaster... |
| Limit bad actors through all-seeing big brother | Constrain bad actors through zero knowledge proofs |
One of the benefits of thinking about it as a stack is that this fits well with Ethereum's pluralist ethos. Bitcoin is trying to solve one problem, or at most two or three. Ethereum, on the other hand, has lots of sub-communities with lots of different focuses. There is no single dominant narrative. The goal of the stack is to enable this pluralism, but at the same time strive for growing interoperability across this plurality.
The social layer
It's easy to say "these people doing X are a corrupting influence and bad, these people doing Y are the real deal". But this is a lazy response. To truly succeed, we need not only a vision for a technical stack, but also the social parts of the stack that make the technical stack possible to build in the first place.
The advantage of the Ethereum community, in principle, is that we take incentives seriously. PGP wanted to put cryptographic keys into everyone's hands so we can actually do signed and encrypted email for decades, it largely failed, but then we got cryptocurrency and suddenly millions of people have keys publicly associated to them, and we can start using those keys for other purposes - including going full circle back to encrypted email and messaging. Non-blockchain decentralization projects are often chronically underfunded, blockchain-based projects get a 50-million dollar series B round. It is not from the benevolence of the staker that we get people to put in their ETH to protect the Ethereum network, but rather from their regard to their own self-interest - and we get $20 billion in economic security as a result.
At the same time, incentives are not enough. Defi projects often start humble, cooperative and maximally open source, but sometimes begin to abandon these ideals as they grow in size. We can incentivize stakers to come and participate with very high uptime, but is much more difficult to incentivize stakers to be decentralized. It may not be doable using purely in-protocol means at all. Lots of critical pieces of the "decentralized stack" described above do not have viable business models. The Ethereum protocol's governance itself is notably non-financialized - and this has made it much more robust than other ecosystems whose governance is more financialized. This is why it's valuable for Ethereum to have a strong social layer, which vigorously enforces its values in those places where pure incentives can't - but without creating a notion of "Ethereum alignment" that turns into a new form of political correctness.
There is a balance between these two sides to be made, though the right term is not so much balance as it is integration. There are plenty of people whose first introduction to the crypto space is the desire to get rich, but who then get acquainted with the ecosystem and become avid believers in the quest to build a more open and decentralized world.
How do we actually make this integration happen? This is the key question, and I suspect the answer lies not in one magic bullet, but in a collection of techniques that will be arrived at iteratively. The Ethereum ecosystem is already more successful than most in encouraging a cooperative mentality between layer 2 projects purely through social means. Large-scale public goods funding, especially Gitcoin Grants and Optimism's RetroPGF rounds, is also extremely helpful, because it creates an alternative revenue channel for developers that don't see any conventional business models that do not require sacrificing on their values. But even these tools are still in their infancy, and there is a long way to go to both improve these particular tools, and to identify and grow other tools that might be a better fit for specific problems.
This is where I see the unique value proposition of Ethereum's social layer. There is a unique halfway-house mix of valuing incentives, but also not getting consumed by them. There is a unqiue mix of valuing a warm and cohesive community, but at the same time remembering that what feels "warm and cohesive" from the inside can easily feel "oppressive and exclusive" from the outside, and valuing hard norms of neutrality, open source and censorship resistance as a way of guarding against the risks of going too far in being community-driven. If this mix can be made to work well, it will in turn be in the best possible position to realize its vision on the economic and technical level.