Key revocation certificates come to mind as a good case for a public blockchain. NFT's for domain ownership makes a lot more sense than paying monthly. The whole trustless thing means users can provide compute for each other rather than tolerating an ad-riddled central point of failure.
You know, the stuff that doesn't need hype and is just the right engineering call.
Ownership is an interpretation of the blockchain and therefore still requires someone to interpret it. I'm not sure what you're thinking about domain ownership (I'm open if you can explain), but my sense is that contracts of ownership arent suitable for blockchains -- nor indeed, for any presently imaginable computable system.
Rights are fundamentally modal, ie., "what ifs". The exercise of a right changes depending on context, and that context includes how a given society inteprets its meaning at any given time. Hence lawyers, judges, etc.
Algorithms are fundamentally non-modal constructs, ie., "always if". And whilst "perhaps" (but probably not) reality can be described by an algorithm, it isnt any that is "always if" at the level of social phenomena.
Ie., maybe atoms are simply deterministic, but their aggregates (eg., people) are not. And so it is unlikey any finite computable representation of social life will ever, eg., account for "a change of taste in the law".
Blockchains are distributed immutable logs which impose massive computation costs on appending to them. They're a niche technology that, does actually, model money. That's about the best use-case as a model for money.
But they're terrible at implementing money. Beaten by a simple piece of paper at every turn.
I agree that the ownership perspective is not likely to be very fruitful when paired with blockchains and the abstractions implemented on them.
And I'm not all that excited about money. It's just boring. You could build consensus about anything and you choose... account balances?
But sometimes you need a log that can't be altered by threatening to fire whoever has write access to the data of record. The strategy of not having any infra worth attacking is valid against some threat models.
If I have evidence of wrongdoing by a nation state, I like that I can put a hash of that evidence on a blockchain and no amount of deepfakery to the contrary will allow that state to create evidence that provably preceeds it.
If I have the kind of enemies that can dns-poison a whole continent in order to keep my voice from being heard, I like that I can use a crypto domain that I "own" to periodically update the corresponding nft with the merkle root of the latest version of my manifesto blog. This lets me get new versions to readers who have my blog's name without worrying about whether a DNS registrar, certificate authority, or ISP is gonna interfere.
The reason that crypto sucks for money is that the value of a token is subjective anyway, so having an indelible record of who has how many tokens of whatever flavor doesn't buy you much since people can turn their backs on the token's value without bothering to attack the recordkeeping behind it.
But the fact that anybody with the knowhow and access to the code can participate--you don't need to be buddy-buddy with somebody in a privileged position--that's kind of cool.
So if the hype can carry the technology far enough that it's no longer an electricity hog (and it pretty much has) then when everyone's aspirations about using it to get rich fail, it'll still be around and useful for computing in the presence of powerful adversaries without having your own IT department, or for enabling participation in non-money social protocols at scale without having to submit to a gatekeeper.
And I think that's pretty cool, even if I can't retire on it.
That's a lot of words to say nothing in particular.
Ownership is an interpretation - I agree with that. It may be an interpretation of the blockchain (Namecoin). It may be an interpretation of the land deed (house). It may be an interpretation of records that a registrar stores (DNS) or at RIPE (IP addresses).
I don't see any reason blockchain is any different from the others. People either respect the underlying data storage or they don't. Algorithms have nothing to do with it, nor do computational costs. Moving paper isn't cheap either.
If you want to put the text of a legal contract into a blockchain, go ahead. I don't see why.
But also that isnt what is meant by using the blockchain for ownership. For this, people are assuming that the verification algorithms of a blockchain "with some extra steps" are somehow supposed to replace contracts and the legal system.
That is what my comment targets. This misunderstands contracts, rights and the need for a legal system.
If you're just interested in having your legalese registered in public across vast data centres and provably appended to a log, etc. then sure.. that's possible. But incomprehensibly motivated. Since, of course, our current system ("paper") provides vastly more features.
Paper has extremely cheap privacy, modification costs, proof of ownership, etc. Features only blockchain tech could dream of...
In the context of owning a domain, having my legalese registered in the public is precisely what I want. It doesn't even need to add any value over records stored in someone's desk to be a viable option, as long as it can compete on price.
Unrelated, but actual paper is not cheap. Storing it, finding, modifying, and synchronizing between parties interested in the data involves people actually going places and moving stacks around.
Even if you think about single-owner databases of records, those fail at preserving the proof of ownership. The ownership of the record is clear - it's in the hands of whoever has it. The record itself - the actual proof of ownership - is forgeable unless backed by cryptographic signatures, and easily eraseable unless made public. And to solve both, we gravitate back to blockchain-like tech.
Either courts recognize it or not, and no court in the world has recognized any blockchain as a valid proof of contract of anything. Nor should they, laws are never immutable and always up for interpretation, which is why courts exist in the first place.
I'm not sure about courts, but the government over here will definitely recognize that I owned the coins and that I later stopped owning them - by collecting taxes on the transaction.
I have't seen anyone trying to push that on to courts, which indicates that the expectation is that courts have the same idea on coin ownership.
I'm talking about the "use blockchain to prove ownership of a domain" or whatever else people are talking about. Money is different as the non-fungible part of money already exists. It's called cash, and even ownership of that is able to be adjudicated. They can sue you for back taxes and you can sue to say you do not own certain taxes.
In this context, maybe a closer analogy would be information "ownership". While in a typical database, you can order the change of an entry by fiat, you can't do that on blockchain without the crypto key.
Revealing a secret cannot be forced by the court, be it a password, or a recipe. Best courts can do it "encourage" one party to do it. Even then it might be in vain, if the information was forgotten. Courts do deal with it somehow, more out of necessity than choice. That would be more similar to getting the keys to a domain or any other blockchain asset.
> Logs are operated by many parties, including browser vendors and certificate authorities.
Why should we trust browser vendors and certificate authorities? They're high value targets and therefore more likely to be targeted.
As for Schneier, he asks:
> Would you rather trust a human legal system or the details of some computer code you don’t have the expertise to audit?
If I don't have any evidence that the code will fail in the way I'm worried about, but I do have evidence that the legal system frequently fails in the way I'm worried about, then maybe the code.
But whatever the case, I definitely prefer a legal system that has to worry about being replaced by code than one whose dominance is assured.
> Why should we trust browser vendors and certificate authorities? They're high value targets and therefore more likely to be targeted.
You're mentioning that as if blockchain somehow solved this problem. It doesn't. At best, blockchain moves trust around and you end up with a system that won't resist the test of time and end up converging to what you already have, but worse.
If you can generate a valid revocation certificate in the first place, you're already trusted. There's no need for additional trust in this case, just a place to put it that's hard to censor.
Certificate revocation checks already work fine without a blockchain. No one pays monthly for domains; existing registrars let you pay in advance for multiple years and are quite cheap.
You should read the NIST blockchain technology overview because you clearly don't understand how to make the right engineering calls.
Humans are messy and rely on trust to work together. That's why we have laws and a judicial system that can create, interpret and enforce actual contracts instead of the cold logic of "code".
It's also why Web3/crypto is encountering all the problems solved over time by the traditional finance system as it converges on the reality of human nature and how people actually behave.
There are use-cases for a completely trustless interactive ledger - however these are so niche as to be irrelevant for the vast majority.
I'm sure there are more than dozens interested in publishing a site without a persistent billing relationship with a cloud provider.
If you're hosting on IPFS you just have to make sure that some device somewhere has your content pinned. There's a raspberry pi in my closet...
Data is referenced by cryptographic hash so there's no need to authenticate the source. The hardest problem in that space is getting new hashes to your audience when you make updates.
> NFT's for domain ownership makes a lot more sense than paying monthly.
How do handle domain squatters and legal disputes?
> whole trustless thing means users can provide compute for each other rather than tolerating an ad-riddled central point of failure.
What compute? If you exchange money, you explicitly trust that person to provide you with services or goods (and/or explicitly trust the "smart" "contract" running the transaction to be correct which, you know ... [1])
1. You don't. But if you choose to use an nft domain it's probably because you think these are lesser evils when compared to broken references when domain ownership lapses or changes hands.
2. I'm talking about providing compute in lieu of money.
I want to be able to tell users of a service: you can pay me $5 per month for access via my node, or you can run your own node on that phone you have lying around with a cracked screen, and then you don't need to pay anything.
> You don't. But if you choose to use an nft domain it's probably
What if I chose NFT domain to scam people, impersonate someone or squat?
> I want to be able to tell users of a service: you can pay me $5 per month for access via my node
If you exchange money, you explicitly trust that person to provide you with services or goods (and/or explicitly trust the "smart" "contract" running the transaction to be correct which, you know ... [1]
> What if I chose NFT domain to scam people, impersonate someone or squat?
Well that's a shitty thing to do, and a limitation of the technology, but it doesn't make all uses of that technology invalid.
> If you exchange money...
You're missing my point. It's the case where no money changes hands that I'm interested in. If we have technology that can function without custodial trust, then I can pay my subscription fees by helping host the site that I'm subscribing to.
I wanna turn everybody's pile of phones with bad batteries or busted screens into a distributed datacenter which we can use as a cheaper alternative to aws & friends provided we're willing to cooperate with each other.
> Well that's a shitty thing to do, and a limitation of the technology, but it doesn't make all uses of that technology
Yes, it's a shitty thing to do. And yes, it's a limitation of technology. I never said anything about "all uses". All I asked is, quote:
How do handle domain squatters and legal disputes?
> It's the case where no money changes hands that I'm interested in. If we have technology that can function without custodial trust, then I can pay my subscription fees by helping host the site that I'm subscribing to.
So, no money is changing hands but at the same time you "can pay your subscription fees". So money is changing hands.
> I wanna turn everybody's pile of phones with bad batteries or busted screens into a distributed datacenter.
And to do that you:
a) find enough phones with bad batteries and busted screens because there aren't that many: people tend to repair them or change them
b) motivate people to run your software on them
So with b), people are going to run your software just because they, ahem, trust you?
And my answer is that you don't. If you want content moderation (via a judge upholding the law, or a registrar admin who would prevent squatting) then use a stack that respects those authorities. If you chose to participate in one that doesn't, then you don't get those protections. Engineering is full of trade-offs.
--
Well if they're paying (in terms of the use of their hardware, electricity, and internet connection) to keep the distributed service running so that they can use it, then presumably they trust its author (and its dependencies) to some degree, right? Otherwise they wouldn't want to use it. Trust is a necessary ingredient to most cool things, and as long as it's explicit trust I got no problem with it.
People trust that folding@home or bitcoin mining is not going to open their network up to attack or some other malicious thing, so I don't see how this would be any different.
The question is not do they trust me (an author of a dependency of the service that they want to use). That happens all the time. The question is can that service's author offload "hosting" to the users without requiring that they trust each other?
For certain very restrictive applications, the answer is clearly yes. IPFS users host each others' content all the time. But can "hosting" here be safely expanded to a wider and more useful set of actions? Because if it is, I think that at the very least we could all deal with less downtime, pay less for remote compute, and see fewer ads.
> And my answer is that you don't. If you want content moderation
DNS isn't content. And protection against scammers, squatters etc. isn't moderation.
It's funny how even the most primitive societies had rules, and laws, and ways to upholding them. But the crypto utopia where "NFTs make sense for DNS" is invariably "you don't get these protections" and "engineering is full of trade offs"
> Trust is a necessary ingredient to most cool things, and as long as it's explicit trust I got no problem with it.
If there's trust you have exactly zero need for the crap that is blockchains etc. Because our society is built on trust.
> For certain very restrictive applications, the answer is clearly yes. IPFS users host each others' content all the time.
IPFS is really, really small. But when police comes knocking at your door for storing someone else's child porn, you will quickly learn that blindly storing someone else's content will not help you.
> But can "hosting" here be safely expanded to a wider and more useful set of actions?
Of course not. Because you keep assuming that trust is a technical/engineering problem. It's not.
If I used to trust my friend, and I gave him key to my house, and later I decide that I don't trust him anymore, I change the locks: a technology solution to a trust problem.
If people want to revoke trust in the bank or the law or AWS, they're probably going to need technology to shore up the gaps made by the loss of trust.
I'm not assuming that you can derive trust from technology alone, but I do think that you can use it to get more out of whatever trust you have.
> If people want to revoke trust in the bank or the law or AWS, they're probably going to need technology to shore up the gaps made by the loss of trust.
So. Back to the question about NFTs and DNS, which is literally about trust: How do you handle domain squatters and legal disputes?
Oh wait. I know the answer to that: "Technology limitation, you don't get protections" and something about "engineering trade-offs".
If you want something that cuts, you use a knife. If you want something that pinches, you use pliers. If your pliers cuts you, that's a bug. If your knife pinches you, that's a bug.
If you want to insulate your dealings from action by third parties, you use crypto. If your crypto is sensitive to action by third parties, that's a bug. I don't know why this is so hard to understand. If you don't like it don't use it.
When most people name something, they don't think: "golly, I better make sure the ministry of truth can step in and rename this thing if I'm being bad". And when people want to reference a named thing, they're more worried about whether the reference will fail than they are about whether whoever named the thing had to name it differently than they would've preferred due to hazards in the namespace.
Besides, isn't squatting more of a problem because your ownership lapsed and some jerk bought the domain out from under you? If ownership doesn't lapse, the only problem is when the squatter gets the name before you have even distributed it--just pick a different name and distribute that one instead.
And legal disputes. What legal disputes? I name my variables whatever I want, what laws am I going to run afoul of by naming my blog whatever I want? If the content is illegal, go censor the content, the only reason that it's customary to censor the name is because that's the weakest link. DNS NFT's would move the weakest link to... I dunno, IP addresses maybe? That'll be something that the cops have to figure out, but it's not a naming system's problem to handle its adversaries' needs just because it has less attack surface than its predecessor.
Key revocation certificates come to mind as a good case for a public blockchain. NFT's for domain ownership makes a lot more sense than paying monthly. The whole trustless thing means users can provide compute for each other rather than tolerating an ad-riddled central point of failure.
You know, the stuff that doesn't need hype and is just the right engineering call.