Oldschool Internet & The Blockchain

Oldschool Internet and Open Standards are under assault from big corporations. Blockchain can help.

Aren’t you tired of typing your passwords over and over again? About wondering which email did you use to sign up for this particular site? Was it Facebook login? Oh no – you got another notification that another site got hacked. Jon Stokes, The author of “The Billion User Table” predicts that these problems could soon be over, with identity moving on the public blockchain.

the public blockchain amounts to a single, massive users table for the entire Internet, and the next wave of distributed applications will be built on top of it.

He presents a future where the equivalent of “Google Login” will be baked into the fabric of the Internet in a safe, distributed (not owned by any corporation) and secure fashion.

When you’d visit a service you want to sign up for, you click a button, the browser already knows who you are, and BAM, you’re there.

There’s no on-boarding or sign-up friction

If you are not creating software, this may not seem that important, but you’d be surprised how effective removing a single step is for helping users join. When I was working on monetization tools for WordPress.com customers, simplifying one step in checkout resulted in hundreds of thousands of dollars of revenue for the creators on our platform.

Jon summarizes it succinctly, and I love this phrasing:

Adding rows to your platform’s users table is how you win at software.

He also presents this outcome as inevitable, since the companies using the protocol would benefit from the network effects of this protocol being already present in our digital lives:

My guess is that the temptation to take advantage of blockchain-sized network effects will be so great, that companies will default to putting data on-chain rather than keeping it siloed.

The idea of an interoperable, distributed user table sounds very appealing to me as a programmer/hacker. That is also why it sounds very scary to me as a user. Let’s explore how can we make it safer, and why we need to.

We’ve already been there

The first thing that came into my mind is that we’re already there. We have email, an open standard that is effectively a distributed “user table” – when you sign up for a new service, they will most likely ask you about your email address.

• The addressing system ( user@domain ) is distributed between domains.
• It’s an open standard, not owned by any one corporation
• It has built-in messaging, so at least one level of interoperability
• One-click sign-ins are possible with email. Slack and WordPress.com will sign you in to your account with one click by sending you a “magic link” to your email. I have implemented this functionality myself and wish more services used it
• It can be even turned into a “Social Network”, with built-in DMs and distribution – something that newsletters take advantage of
• Tangentially: The biggest gripe that people have about email – long reply-all threads – have a few characteristics of the blockchain itself

In the 2000s, we have regressed from Email and other (like XMPP and RSS) open protocols. I remember being able to respond to Facebook Messenger messages over email. Now, the consumer internet seems to have fractured into private data silos, requiring a separate app for each simple thing I’m attempting to do. Ben Thompson points it out in “The Web’s Missing Interoperability“:

That, though, points to Web 2.0’s failure: interoperability is nowhere to be found

Sometimes this interoperability is removed on purpose, in an effort to bootstrap a gatekeeper that could reap all the network benefits:

The Facebook Cannibalisation manouver

Facebook also used to support XMPP – an open messaging protocol. I think it was the key to bootstrapping their Messenger platform in what I call The Facebook Cannibalisation Maneuver:

1. Support wide access to your platform by supporting open APIs
2. Attract technically sophisticated early adopters because they have nothing to lose – the platform already supports their apps
3. These technical users help convince more people to join the platform
4. Reach a critical mass to start seeing network effects on the platform internally
5. Turn off the open APIs that were previously supported. Technical users are disappointed, but it’s not an issue anymore.

That’s why I’m skeptical about this assertion from the Billion User Table:

My guess is that the temptation to take advantage of blockchain-sized network effects will be so great, that companies will default to putting data on-chain rather than keeping it siloed.

I’m sure big players would welcome this protocol with open arms, suck any data out of it, and turn off support later, citing privacy issues.

Privacy&security concerns

The author does not go into privacy concerns too much, and I think these are all solvable problems that will be worked out in time. But I’m going to list them regardless because we don’t want to escalate problems to the level where the federal government has to step in, like in Europe with GDPR.

1. We need to prevent users from being tracked across sites without their explicit consent. You probably don’t want every service you use to know you have a Tinder account, for example
2. There needs to be built-in pseudonymity (as explained by Balajis) and a mechanism to switch “contexts.” People need burner identities and a mechanism to transfer data or “karma” to those,
3. We need mechanisms for permission levels.
4. We need a better mechanism for retrieving access than a private key. People will lose access, or fraudsters will steal them,
5. At some point, governments will need to be involved, and this will create a whole new set of issues,
6. We need to solve the spam

The Apple problem

The biggest obstacle to adopting a distributed, interoperable data store will be Apple. They deserve recognition for their effort in keeping your data private, but it’s downstream from their business model – lock you inside their ecosystem and prevent others from challenging their position.

You could argue that there are alternatives, but the dominant position of the iPhone means that you have to obey their rules if you want your app/service to be successful. And you know Google will eventually copy each one of these rules into the Android ecosystem:

• If you want to distribute your app to iPhone users, Apple has to review it and agree. There is no other way
• If you are offering a “federated login” option, like Facebook Login or Google Login, you have to offer the “Login with Apple” as well
• If you are selling access to any digital goods on iOS, you have to use the Apple In-App-Purchase system, giving 30% of your income to Apple
• Apps cannot “talk to each other” directly, only through a very small set of APIs. Apps don’t have any access to the filesystem, because of what is called “app sandboxing”.
• Offering a different version of the experience provided by Apple is often forbidden

Apple’s strategy seems to move all interoperability into the Apple ecosystem and frameworks, making apps themselves interchangeable and commoditized. “The Billion User Table” is unlikely to work on iPhone because Apple effectively monopolized all the exciting benefits.

The app and services developers have to fight back by closing their own gardens and motivating users to stay within their properties. That’s why I think it’s unlikely to see big players participating in this interoperability.

We desperately need it to work

We still have a few open standards left: RSS is still powering podcasting, although Apple and Spotify are making moves to supplant it. The Web is still working, although it wouldn’t be permitted on the iPhone if it was created today. We have to protect and extend them. Working on open standards, and adopting them by “small players” is the only way to protect the Internet against the network effects of big players, and The Apple Problem.

I think we can extend existing “footholds” of interoperability, and work from there:

• RSS: Sync the state of what podcasts I have listened to, or am listening so I can easily switch between the apps,
• Email: Earn.com was a nice idea to give you money for replying to messages so people have to be motivated to spam you. Although I’d prefer a karma sytem.
• XMPP: the open messaging protocol is close to dead, unfortunately and I have no ideas how to save it
• HTML, JavaScript and CSS are being obfuscated by source minification and precompiling of source code – something that blockchain probably won’t solve and it’s a different story.

I agree with the author of The Billion User Table that we need interoperability, and I’d be happy if we started by bringing back the protocols of the 1990s. Blockchain solves the issue of “who hosts the user data, ” which is a brilliant insight in the original article.

But I’d start with throwaway identities and small stakes. We need to prove the concept before attracting regulator attention and big players’ cannibalization. Starting with extending and protecting existing open standards will let us understand the tradeoffs between privacy and interoperability. And we desperately need the latter – as the current privacy debate favors Big Tech. Per Ben Thompson:

I worry even more about small businesses uniquely enabled by the Internet; forcing every company to act like a silo undoes the power of platforms to unlock collective competition (a la Shopify versus Amazon), whether that be in terms of advertising, payments, or understanding their users. Regulators that truly wish to limit tech power and unlock the economic potential of the Internet would do well to prioritize competition and interoperability via social graph sharing, alongside a more nuanced view of privacy that reflects reality, not misleading ads

Where I disagree with Jon Stokes is that it will upend the present Internet. It is the missing piece of the original Internet, which was correct on so many ideas. I miss it a lot.