The other day I introduced my mom to Bitcoin.
First we reviewed the open-source code together, before she downloaded her first wallet software from the Github repository and compiled it to a clean device with a randomly-generated password. After taking care to verify the checksum against the file download, she generated a 24-word seed phrase which she wrote down and placed in two secure locations. Then she started trading, being careful to avoid URL lookalikes and phishy links – after she installed 2FA and waited nine weeks for her KYC, of course.
Nah, just kidding. She downloaded Coinbase from the App Store.
The hodlers will howl, but sometimes the trusted third party is trusted for a reason. Although Vitalik has a special place for centralized exchanges, they have an important role in this lifetime—even if it’s not one we always like.
What does crypto centralization look like today?
When cryptocurrencies brag about being “decentralized,” they usually mean that there are no central servers. But crypto still requires trusting an awful lot of third parties, especially as we approach mainstream adoption.
We have to trust the programmers, not only to be honest but also competent. Then we have to trust the websites that host the code, our own computers, compilers, antivirus programs, our WiFi, and even our printers.
The worst part is that we don’t know what we don’t know. Do you know how deterministic keys are generated? Neither do I, but our wallets depend on it. A bad random number generator could put us both in the streets.
There are several other ways in which decentralized currencies rely on a few trusted actors. Vitalik Buterin has weighed in on the question of crypto centralization, pointing out that many projects are organizationally identical to every other top-down company. Jackson Palmer, the creator of Dogecoin, maintains a helpful site to track crypto pressure points: arewedecentralizedyet.com. Spoiler: not as much as we’d hope.
We’ve previously reported on the dilemmas presented by mining monopolies like Bitmain. Here are a few more actors you need to trust, whether you realize it or not:
Centralized Brains
In the real world, code requires maintenance, just like a car does–and that usually requires a trusted mechanic. Verge users got a taste of that centralization after its first 51% attack–instead of auditing his code with a community of developers, their solo dev pushed an emergency update that caused an accidental fork.
If you think that’s an exception, take a scroll down CoinMarketCap and count the number of million-dollar projects that are actually one-man bands.
Some communities are big enough to be truly leaderless. If aliens abducted Vitalik and the other top developers, Ethereum would probably go on. For Bitcoin, that may have already happened.
Centralized Budgets
In the early days, crypto was a grassroots effort. There were professionals involved, but they were usually paid from community chests like the Bitcoin and Litecoin Foundations.
That’s no longer true, especially as currencies move away from creating coins. In premined coins like Ripple and Tron, the founding company holds most of the coins and thereby maintains control (unless they DENY IT VEHEMENTLY, in which case, obviously, they don’t, because they said so). The software’s still open source—but any serious development will be on company payroll.
Centralized Control
How many times have you seen an ICO promise a decentralized, censorship-resistant, government-proof whatever?
It turns out that they may have exaggerated. Jackson Palmer has identified kill switches and upgrade commands buried in the code of several ERC-20 contracts. Via Twitter:
https://twitter.com/ummjackson/status/1016487042505510913
There are pretty good reasons why a startup would want a bit more control over their tokens, but most investors want to know if there are strings attached.
So what are we supposed to do?
The stock answer to these crypto centralization concerns, when raised on Reddit, Twitter, Bitcointalk or wherever else, is usually: “DYOR.” It’s a lazy, hand-wavy sort of response, as if to say: “That’s not our problem. Go away.”
At the opposite extreme are the people who say: “Well, decentralization’s clearly no good. Back to Visa.”
A more realistic approach might be to trust… sparingly. “Decentralization” is a set of tradeoffs: you’re going to have to trust someone, at least until all the holes in the system are filled.
If you don’t trust the code, you have to find trustworthy code reviewers. (Hey! That’s us!) If you want a trustless Lightning Network, you have to give some trust to the companies that developed it.
Does crypto centralization really lie at the heart of the decentralization movement? So far, it seems so.
We may not want to trust everyone. But if you don’t trust yourself to keep your private keys safe, maybe it’s okay to trust Coinbase.
It may not be a perfect answer, but it seems to work for my mom.
The author is invested in Bitcoin and Ethereum.
Comments