Why webs of trust may be unavoidable even in an optimally decentralized world.
The first time I encountered the concept of a web of trust I was perusing the “Gnu Privacy Handbook” as any good privacy advocate would do. At the time that document was written in the late 1990s, PGP in email was a niche topic shared among security experts and enthusiasts, and while it is still widely used today, we normally expect end-to-end encryption to be taken care of for us. PGP, like Bitcoin, is made possible by public key cryptography. Initially, I assumed basic cryptography was enough to authenticate and prevent tampering of communications, so I was a bit taken aback to discover that a web of trust was integral to the process of sharing keys. Why would this be?
Consider this concrete example. You download a piece of software. You’re encouraged to also obtain a cryptographically signed file corresponding to the software release. You can verify the download is authentic by confirming the signature was produced by the developer’s public key. However, this still leaves one very important question: How do we know we have the correct developer’s public key and not an imposter key? In theory, an attacker could insert a malicious download and still produce a valid signature made with the imposter public key. So we need a way of trusting that the public key we obtain is authentic. In practice, we accomplish this either by contacting the developer personally or designating a trusted web server that stores and disseminates public keys on behalf of their owners.
You can see we never really get around the issue of trust. The best we can do is find one trusted source and hope they can vouch for someone else and so on until we have built up a web of mutually trusting parties. There can be varying degrees of trust in this web. You might have high trust in one of your personal contacts but only marginal trust in the contacts of your contacts. Throughout the article, we’ll assume trust refers to delegating control and oversight to a custodian or third party. The term trustless would then imply an absence of such a condition as in removing the intermediary in a transaction. We say holding bitcoin can be done in a trustless manner because it’s a bearer asset with no counterparty risk, and the protocol incentives ensure the user can’t be cheated by the other economic actors in the system like miners and validators.
The main objective set forth in Satoshi’s white paper is to remove the need for trusted intermediaries in financial transactions, and Bitcoin solves this quite elegantly. Since then, however, we’ve seen other applications of blockchains and distributed ledgers that aim to enable trade and social interaction in a trustless manner (DAOs, DEXs and NFTs come to mind). I want to provide some nuance to what it means to be trustless, as I think we could benefit from discerning where trust is present in daily life, where it can be minimized, and whether that may or may not be desirable for certain applications. I think it would be naive to say we must avoid situations of trust at all costs, but instead be realistic in weighing the trade-offs around trust, permission and decentralization.
Trust All The Way Down
We can imagine all the ways that trust creeps into our online activities. You are probably familiar with the lock icon in the search bar that indicates a web page is using HTTPS, where the “S” stands for “secure.” But you may not have known that the browser’s trust in the website is mediated by an entity known as a certificate authority which, in a nutshell, is a trusted third party who decides whether to issue security certificates to domain names. This is just the tip of the trust iceberg that ties the internet together.
Encryption and digital signatures using GPG, cran.r-project.org.
Say you’ve done your Bitcoin homework, and you hold your keys on a hardware wallet. Not only do you trust the device firmware, but you also probably need to use some companion software to view your balances, make transactions and so on. When you think about it, there is an element of trust that the software is being truthful about the coins held in your addresses. This is why it’s imperative that you double-check addresses on the device, because they are generated directly on the hardware and not served through a potentially insecure medium.
The next step in minimizing trust is, of course, to run a Bitcoin node. This gives you the security and peace of mind that transactions are valid and ensures your wallet details aren’t shared with the outside world; but then there is the question of what software you allow to run on the node. If you buy a prebuilt node from a reputable retailer, how do you know it wasn’t compromised during shipping by a supply chain attack? If you’re technical enough, you could compile the appropriate source code from an open-source repository and eliminate a lot of the middlemen, and still there could be vulnerabilities at the hardware level or compromised libraries and dependencies.
The only way not to become paralyzed by all the sources of risk is to accept that, somewhere along the line, you’ll have to trust someone. Trust can never be eliminated; it can only be transferred or substituted for another form of trust. We can mitigate the risk by spreading it out and making compromises in cases where we’re not willing or able to be extra paranoid. I can recall one day skimming through the Glacier Protocol out of curiosity, and the biggest take away was the fact that you can identify all the possible attack vectors, but you can only spend so much time and energy trying to mitigate them. At the end of the day, you have to accept that some level of risk is unavoidable.
Trust In Finance
A good example of minimizing the trust factor is using hardware wallets from multiple vendors in a multisignature setup. This is commonly advocated by services like Casa and Unchained and is a good way to avoid failure or compromise in one specific manufacturer.
This brings us to financial services. In the traditional financial industry, trust exists at every layer, as there is always counterparty risk present in a system that’s based on delayed settlement by design. In contrast, bitcoin allows for final settlement and full custody, but you have to take advantage of full custody to benefit from these assurances, or else you’re no better off than having a regular banking relationship. The beauty of bitcoin is that it allows for a spectrum of custodial solutions that fit for use cases that require varying degrees of trust. Collaborative custody services are ideal where user control is desirable, while the servicer can play a supporting role such as being a signatory to transactions, providing education and infrastructure, and offering more complex arrangements like bitcoin-backed loans and retirement accounts.
There are other instances where trust is unavoidable or even preferred as in the case of small communities. For instance, mining pools rely on trust that the pool operator will be honest about handing out block rewards, although there can always be improvements on the pool model. Further, there is interesting work being done on federated e-cash which was first conceived by David Chaum in 1983. Conceptually, this consists of a custodial relationship between a customer account and a bank or mint. Electronic tokens can be traded between customers without trust or permission much like regular cash. If a version of Chaumian e-cash was built on top of Bitcoin, it would effectively allow many people to share custody of one on-chain transaction. The efficiency gains in terms of block space make this a reasonable trade-off.
Making use of a trusted setup for convenience and efficiency doesn’t mean having to give up privacy. The protocol can be designed such that the custodian remains blind to the sender and recipient; it only knows that a transaction took place. In general, if compromises are made that introduce more trust, then users should be compensated with strong privacy guarantees.
El Salvador’s bitcoin bond is a testament to the kinds of financial innovation that can be done in a Bitcoin world. Sovereign bonds are traditionally safe assets although they still carry a non-zero default risk. The “Volcano bond,” however, is significantly de-risked by being partially backed by bitcoin the asset as well as bitcoin mining infrastructure. The bonds are tokenized on the Liquid sidechain making for easy access to investors all over the world. Liquid as a Layer 2 network is also federated, which means it can’t truly be called trustless the way Bitcoin can. On the other hand, Liquid allows for confidential transactions, so what we lose in trust, we make up for in excellent privacy. Hypothetically, if the same degree of privacy was implemented on Bitcoin’s base layer, we would lose the ability to verify the total supply which is not desirable. So it’s actually better to innovate across distinct layers to address new use cases rather than assuming every application needs to live on the blockchain.
Bitcoin vastly reduces friction in monetizing content and supporting other people’s work online. We’ve seen how the relationship between users and social media platforms can get complicated, but social media is still an effective way for content creators to reach a large audience. Bitcoin can help streamline engagement within and across platforms, and the ability to stream sats to reward creators, journalists and gamers has been nothing short of a miracle. Examples include Twitter’s Strike integration, Podcasting 2.0 and stacker news.
The problem with social media is twofold. For one, all engagement is rewarded whether or not the information is credible, and this allows extreme content to proliferate. Secondly, If you can freely spin up anonymous accounts, then there is no cost to your reputation for posting incendiary content. Stacker news and Y’alls are pioneering a new model for social media powered by bitcoin. In this model, the platform imposes a cost to produce and engage with content. The cost is miniscule, but it’s enough to prevent spam, and as a result, the quality of the content is greatly improved. You might think users would never opt to pay for a service that they’re used to having for free. But in return for sharing valuable content, creators are rewarded with bitcoin directly by the community. Meanwhile, everyone benefits from an overall better experience and less spam which makes it a net win. Over time, users build up a reputation that increases the weight of their influence in the future. If they abuse their privileges or act in bad faith, then they will lose that reputation. However, rather than the platform owners deciding who has a voice, it is the community itself that enforces the guidelines through the shared web of trust. Therefore, bitcoin fixes the incentives of social media and can aid the return of more trustworthy news sources.
So, while bitcoin can be held in a trustless manner, it also is extremely helpful in facilitating trustful relationships. Bitcoin and crypto at large have catalyzed a push for more trust-minimized and verifiable layers of the internet. I only caution that we remain vigilant about the trusted aspects of applications that tout trustlessness as a feature. An example of hidden trust is, say you have a decentralized exchange for peer-to-peer trades, but one person holds admin keys that allow him or her to halt trading or reverse transactions. You have to assume that if a backdoor exists, it will eventually be used.
Bitcoin will continue to be the driver of progress and innovation in the way financial services are carried out. People today have a huge number of competing digital currencies at their fingertips, but there are instances where the trust element can still rear its head. Any time you give a custodian control of your money, you are beholden to that entity for allowing you access to your funds. The trust factor is even more pronounced in the case of central bank currencies. If the issuer of the currency can print and burn tokens or censor transactions, then that doesn’t make for a very trustworthy relationship. Alternative crypto assets that make ambitious claims about transaction throughput and programmability, but fail on security and decentralization, I argue are no different than fiat currency and might actually be a step backward in cultivating a more inclusive financial system.
Who Do You Trust?
Bitcoin introduces a different kind of trust, and that is trust in the code. We don’t need to trust that the developers will remain holy and benevolent, because the protocol defines a set of monetary properties that are non-negotiable (e.g., 21 million). Any deviation from those core principles would likely never garner broad consensus, nor can a single dictator or group of insiders hijack the protocol. We trust the underlying math won’t change, but of course, code is not without bugs. In a sense, we have faith that Bitcoin’s cryptography won’t be broken, but Bitcoin has dealt with bugs in the past, and it can do it again with the help and expertise of the open-source community.
In the real world, people still rely on business and personal relationships to get things done. Bitcoin has helped remove some trust from the monetary base layer, but that doesn’t mean we should treat everyone like a faceless adversary. Bitcoin helps lubricate financial relationships in which trust already exists by giving us more flexibility, and that’s something we should lean into. The economy is made up of many different actors with their own values and motivations. It helps to know what those motives are so we can do business with people that share a common goal.
It’s tempting to be triggered by anything that introduces an element of trust, but we have to realize there aren’t always perfect solutions, only trade-offs. Greater security can often mean less convenience. Further, just because an attack is theoretically possible, it may not be feasible for most unsophisticated attackers. In other words, you shouldn’t try to protect a thousand-dollar investment from an attack that would cost a million dollars to execute. That said, there are basic recommendations for safety and trust minimization that can make a world of difference like using password managers, two-factor authentication and a bitcoin-only hardware wallet. Perhaps later that can lead you to more advanced topics like self-hosting your data and shrinking your dependence on big tech. We should be looking to reduce trust in gatekeepers and large centers of control and instead grow the trust in our own social circle. The real danger is lacking the tools to opt out of a system that can suddenly become oppressive.
In the end, you have to weigh what level of trust you can tolerate. Knowing we can’t fully eliminate trust, we should work on cultivating and improving the quality of our own webs of trust.
This is a guest post by Tyler Parks. Opinions expressed are entirely their own and do not necessarily reflect those of BTC Inc or Bitcoin Magazine.
The first time I encountered the concept of a web of trust I was perusing the “Gnu Privacy Handbook” as any good privacy advocate would do. At the time that document was written in the late 1990s, PGP in email was a niche topic shared among security experts and enthusiasts, and while it is still widely used today, we normally expect end-to-end encryption to be taken care of for us. PGP, like Bitcoin, is made possible by public key cryptography. Initially, I assumed basic cryptography was enough to authenticate and prevent tampering of communications, so I was a bit taken aback to discover that a web of trust was integral to the process of sharing keys. Why would this be?
Consider this concrete example. You download a piece of software. You’re encouraged to also obtain a cryptographically signed file corresponding to the software release. You can verify the download is authentic by confirming the signature was produced by the developer’s public key. However, this still leaves one very important question: How do we know we have the correct developer’s public key and not an imposter key? In theory, an attacker could insert a malicious download and still produce a valid signature made with the imposter public key. So we need a way of trusting that the public key we obtain is authentic. In practice, we accomplish this either by contacting the developer personally or designating a trusted web server that stores and disseminates public keys on behalf of their owners.
You can see we never really get around the issue of trust. The best we can do is find one trusted source and hope they can vouch for someone else and so on until we have built up a web of mutually trusting parties. There can be varying degrees of trust in this web. You might have high trust in one of your personal contacts but only marginal trust in the contacts of your contacts. Throughout the article, we’ll assume trust refers to delegating control and oversight to a custodian or third party. The term trustless would then imply an absence of such a condition as in removing the intermediary in a transaction. We say holding bitcoin can be done in a trustless manner because it’s a bearer asset with no counterparty risk, and the protocol incentives ensure the user can’t be cheated by the other economic actors in the system like miners and validators.
The main objective set forth in Satoshi’s white paper is to remove the need for trusted intermediaries in financial transactions, and Bitcoin solves this quite elegantly. Since then, however, we’ve seen other applications of blockchains and distributed ledgers that aim to enable trade and social interaction in a trustless manner (DAOs, DEXs and NFTs come to mind). I want to provide some nuance to what it means to be trustless, as I think we could benefit from discerning where trust is present in daily life, where it can be minimized, and whether that may or may not be desirable for certain applications. I think it would be naive to say we must avoid situations of trust at all costs, but instead be realistic in weighing the trade-offs around trust, permission and decentralization.
Trust All The Way Down
We can imagine all the ways that trust creeps into our online activities. You are probably familiar with the lock icon in the search bar that indicates a web page is using HTTPS, where the “S” stands for “secure.” But you may not have known that the browser’s trust in the website is mediated by an entity known as a certificate authority which, in a nutshell, is a trusted third party who decides whether to issue security certificates to domain names. This is just the tip of the trust iceberg that ties the internet together.
Say you’ve done your Bitcoin homework, and you hold your keys on a hardware wallet. Not only do you trust the device firmware, but you also probably need to use some companion software to view your balances, make transactions and so on. When you think about it, there is an element of trust that the software is being truthful about the coins held in your addresses. This is why it’s imperative that you double-check addresses on the device, because they are generated directly on the hardware and not served through a potentially insecure medium.
The next step in minimizing trust is, of course, to run a Bitcoin node. This gives you the security and peace of mind that transactions are valid and ensures your wallet details aren’t shared with the outside world; but then there is the question of what software you allow to run on the node. If you buy a prebuilt node from a reputable retailer, how do you know it wasn’t compromised during shipping by a supply chain attack? If you’re technical enough, you could compile the appropriate source code from an open-source repository and eliminate a lot of the middlemen, and still there could be vulnerabilities at the hardware level or compromised libraries and dependencies.
The only way not to become paralyzed by all the sources of risk is to accept that, somewhere along the line, you’ll have to trust someone. Trust can never be eliminated; it can only be transferred or substituted for another form of trust. We can mitigate the risk by spreading it out and making compromises in cases where we’re not willing or able to be extra paranoid. I can recall one day skimming through the Glacier Protocol out of curiosity, and the biggest take away was the fact that you can identify all the possible attack vectors, but you can only spend so much time and energy trying to mitigate them. At the end of the day, you have to accept that some level of risk is unavoidable.
Trust In Finance
A good example of minimizing the trust factor is using hardware wallets from multiple vendors in a multisignature setup. This is commonly advocated by services like Casa and Unchained and is a good way to avoid failure or compromise in one specific manufacturer.
This brings us to financial services. In the traditional financial industry, trust exists at every layer, as there is always counterparty risk present in a system that’s based on delayed settlement by design. In contrast, bitcoin allows for final settlement and full custody, but you have to take advantage of full custody to benefit from these assurances, or else you’re no better off than having a regular banking relationship. The beauty of bitcoin is that it allows for a spectrum of custodial solutions that fit for use cases that require varying degrees of trust. Collaborative custody services are ideal where user control is desirable, while the servicer can play a supporting role such as being a signatory to transactions, providing education and infrastructure, and offering more complex arrangements like bitcoin-backed loans and retirement accounts.
There are other instances where trust is unavoidable or even preferred as in the case of small communities. For instance, mining pools rely on trust that the pool operator will be honest about handing out block rewards, although there can always be improvements on the pool model. Further, there is interesting work being done on federated e-cash which was first conceived by David Chaum in 1983. Conceptually, this consists of a custodial relationship between a customer account and a bank or mint. Electronic tokens can be traded between customers without trust or permission much like regular cash. If a version of Chaumian e-cash was built on top of Bitcoin, it would effectively allow many people to share custody of one on-chain transaction. The efficiency gains in terms of block space make this a reasonable trade-off.
Making use of a trusted setup for convenience and efficiency doesn’t mean having to give up privacy. The protocol can be designed such that the custodian remains blind to the sender and recipient; it only knows that a transaction took place. In general, if compromises are made that introduce more trust, then users should be compensated with strong privacy guarantees.
El Salvador’s bitcoin bond is a testament to the kinds of financial innovation that can be done in a Bitcoin world. Sovereign bonds are traditionally safe assets although they still carry a non-zero default risk. The “Volcano bond,” however, is significantly de-risked by being partially backed by bitcoin the asset as well as bitcoin mining infrastructure. The bonds are tokenized on the Liquid sidechain making for easy access to investors all over the world. Liquid as a Layer 2 network is also federated, which means it can’t truly be called trustless the way Bitcoin can. On the other hand, Liquid allows for confidential transactions, so what we lose in trust, we make up for in excellent privacy. Hypothetically, if the same degree of privacy was implemented on Bitcoin’s base layer, we would lose the ability to verify the total supply which is not desirable. So it’s actually better to innovate across distinct layers to address new use cases rather than assuming every application needs to live on the blockchain.
Bitcoin vastly reduces friction in monetizing content and supporting other people’s work online. We’ve seen how the relationship between users and social media platforms can get complicated, but social media is still an effective way for content creators to reach a large audience. Bitcoin can help streamline engagement within and across platforms, and the ability to stream sats to reward creators, journalists and gamers has been nothing short of a miracle. Examples include Twitter’s Strike integration, Podcasting 2.0 and stacker news.
The problem with social media is twofold. For one, all engagement is rewarded whether or not the information is credible, and this allows extreme content to proliferate. Secondly, If you can freely spin up anonymous accounts, then there is no cost to your reputation for posting incendiary content. Stacker news and Y’alls are pioneering a new model for social media powered by bitcoin. In this model, the platform imposes a cost to produce and engage with content. The cost is miniscule, but it’s enough to prevent spam, and as a result, the quality of the content is greatly improved. You might think users would never opt to pay for a service that they’re used to having for free. But in return for sharing valuable content, creators are rewarded with bitcoin directly by the community. Meanwhile, everyone benefits from an overall better experience and less spam which makes it a net win. Over time, users build up a reputation that increases the weight of their influence in the future. If they abuse their privileges or act in bad faith, then they will lose that reputation. However, rather than the platform owners deciding who has a voice, it is the community itself that enforces the guidelines through the shared web of trust. Therefore, bitcoin fixes the incentives of social media and can aid the return of more trustworthy news sources.
So, while bitcoin can be held in a trustless manner, it also is extremely helpful in facilitating trustful relationships. Bitcoin and crypto at large have catalyzed a push for more trust-minimized and verifiable layers of the internet. I only caution that we remain vigilant about the trusted aspects of applications that tout trustlessness as a feature. An example of hidden trust is, say you have a decentralized exchange for peer-to-peer trades, but one person holds admin keys that allow him or her to halt trading or reverse transactions. You have to assume that if a backdoor exists, it will eventually be used.
Bitcoin will continue to be the driver of progress and innovation in the way financial services are carried out. People today have a huge number of competing digital currencies at their fingertips, but there are instances where the trust element can still rear its head. Any time you give a custodian control of your money, you are beholden to that entity for allowing you access to your funds. The trust factor is even more pronounced in the case of central bank currencies. If the issuer of the currency can print and burn tokens or censor transactions, then that doesn’t make for a very trustworthy relationship. Alternative crypto assets that make ambitious claims about transaction throughput and programmability, but fail on security and decentralization, I argue are no different than fiat currency and might actually be a step backward in cultivating a more inclusive financial system.
Who Do You Trust?
Bitcoin introduces a different kind of trust, and that is trust in the code. We don’t need to trust that the developers will remain holy and benevolent, because the protocol defines a set of monetary properties that are non-negotiable (e.g., 21 million). Any deviation from those core principles would likely never garner broad consensus, nor can a single dictator or group of insiders hijack the protocol. We trust the underlying math won’t change, but of course, code is not without bugs. In a sense, we have faith that Bitcoin’s cryptography won’t be broken, but Bitcoin has dealt with bugs in the past, and it can do it again with the help and expertise of the open-source community.
In the real world, people still rely on business and personal relationships to get things done. Bitcoin has helped remove some trust from the monetary base layer, but that doesn’t mean we should treat everyone like a faceless adversary. Bitcoin helps lubricate financial relationships in which trust already exists by giving us more flexibility, and that’s something we should lean into. The economy is made up of many different actors with their own values and motivations. It helps to know what those motives are so we can do business with people that share a common goal.
It’s tempting to be triggered by anything that introduces an element of trust, but we have to realize there aren’t always perfect solutions, only trade-offs. Greater security can often mean less convenience. Further, just because an attack is theoretically possible, it may not be feasible for most unsophisticated attackers. In other words, you shouldn’t try to protect a thousand-dollar investment from an attack that would cost a million dollars to execute. That said, there are basic recommendations for safety and trust minimization that can make a world of difference like using password managers, two-factor authentication and a bitcoin-only hardware wallet. Perhaps later that can lead you to more advanced topics like self-hosting your data and shrinking your dependence on big tech. We should be looking to reduce trust in gatekeepers and large centers of control and instead grow the trust in our own social circle. The real danger is lacking the tools to opt out of a system that can suddenly become oppressive.
In the end, you have to weigh what level of trust you can tolerate. Knowing we can’t fully eliminate trust, we should work on cultivating and improving the quality of our own webs of trust.
This is a guest post by Tyler Parks. Opinions expressed are entirely their own and do not necessarily reflect those of BTC Inc or Bitcoin Magazine.
Feedzy