As we saw from the previous post, the common scarification when it comes to the trilemma of blockchain is decentralization. In fact, in this part, I would even argue that the compromise of decentralization to some extent is needed for a sustainable successful project. One example of that, besides the Etherium 2.0 merge, is the Helium project. Helium, a decentralized wireless network provider, recently announced their partnership with T-Mobile to deploy service across America. Renski, general manager of Nova Lab, said in an interview: “But with the model that we are pursuing, it's important to understand we are not looking to replace large mobile operators with our network, we are building a network that could be a complement to the existing macro network of the operators” [1].
Figure 1: Eth stakes distribution. Source: CoinDesk
In today's post, we will have a look at the issues from regulation and cyber security relating to blockchain’s centralization, as well as some counter arguments before giving out my final verdict.
Regulation issues
In 2020, during the pandemic lockdown, the world once again saw the tremendous momentum rising of crypto and blockchain-related projects with the price of all coins reaching all-time high, as well as the popularity of Non-Fungible Token (NFT). In case you have not known, NFT is essentially an online art implementing blockchain technology that allows creators to monetize their creations with full transparency [2]. At its peak, the NFT market generated almost 1 billion USD in a single day while the height of transaction number reached almost 200,000 (figure 2). For reference purposes, world wide art transactions amount to 36.7 millions, according to Statista [3]. Therefore, it can be said the NFT market is still in its infancy phase and has not reached 1% of the global market.
Figure 2: NFT market. Source: Nonfungible
However, as regulators around the world are still trying to catch up with blockchain, this space becomes the prime juicy place for scammers and fraudsters. In fact, the scale of some of these scams got so big that it involved celebrities like NBA players De’Aaron Fox or Kim Kardasian. While we don’t know how much money they made from it, copyright infringement rug-pulled projects like Marvel NFT on Opensea, the world largest NFT marketplace, or Squid Game crypto, based on the popular Netflix show, successfully scammed millions of USD in just a few days with much fewer publicity than the above. Thus, it can be understood why criminals are moving to this space during these few years. In fact, the California government just issued a lawsuit against 11 crypto firms. showing signs of fighting back against this trend. Plus, Kim Kardasian also just got fined 1.3 millions USD for the promotion act without fully disclosuring. Imagine how much the head of this scam earned to be able to payout so much money to different celebrities.
It also has to be noted that it can be very difficult to differentiate between legitimate projects with financial frauds hiding under the hood of “people alliance”, especially in an upwardly driving market. It took a bear market during the first half of 2022 to expose arguably the biggest crumble in blockchain history, which involved two crypto projects and a private equity firm. If you think it sounds familiar, yes, I am referring to the Luna- Three Arrows- Celsius fiasco. For the case of Celsius, it can be easily explained as a series of bad financial decisions by its CEO, whose motto can be roughly understood as “replacing the evil centralized bank”. Ironically, the downfall of the company leads to the freezing of customer assets, which is exactly “stopped caring for their depositors” bashing he mad on traditional banks [4].
On the other hand, it is a little bit more complicated when it comes to Luna- Three Arrows collapse. In order to see the core issue with the Luna model, we have to look at it from a macro-perspective. As can be seen from figure 3, Luna value is tied closely with its “stable coin” UST, which self-claimed to be a 1-to-1 peg with USD while holding other crypto assets like Bitcoin alongside with cash. For a simple explanation, whenever UST falls below 1.0 ratio with USD, Luna system will automatically buy UST with Luna coin, which has a higher market cap, to raise the rate back to 1, and vice versa. Hence, when the crypto bear market arrived, causing the majority of coins value to drop more than 50%, the market cap of UST and Luna got reversed and all hell broke loose. Not to mention, UST got attacked financially right at that moment. Since all coins lost value, UST peg also fell below 1, which took way more than just Luna to buy UST back to the peg ratio of 1 at that point, it created an loop of producing a glitching amount of Luna coins to keep buying back UST until Luna coin price going back to 0. Then, naturally, UST lost its peg to USD forever, along with the trust of its holders. This also leads to massive financial hit on firms making high leverage bets on it, which includes Three Arrow Capital.
Figure 3: Luna- UST behaviour. Source: BitcoinMarketJournal
Talking about high leverage plays, the leverage amount in the crypto market is absurd compared to other financial assets like stock, forex or commodities. Normally in highly regulated areas, it is rare to see anything higher than 1:20 (with 1 dollar, you can buy 20 dollar worth of asset). However, as crypto is still being debated as categorized as currency or commodities by regulators and investors, crypto exchanges are allowing upto 100 times leverage. And it is all legal as there is no restriction to them at the time they announced.
At this point, someone may argue that most of these issues are due to the private centralization of financial moves. I strongly disagree. There is a need to remember, all of the mentioned activity was legal, meaning not only it is out to be seen, it is also the greed of investors that leads to their downfall. For example, as written in their fine print, Celsius are legally able to freeze customers’ crypto assets at any point, which all users were assumed to have read and to agree when signing up for the service. So, even if their activities are decentralized and made publicly on-chain, customers have no right to refute. As for Luna, if you have not read the link I mentioned twice above, the founder lab withdrawal of crypto assets is on chain, which is observed by two bad actors who sequentially capitalized on that moment of weakness in UST-Luna model. Thus, the solution here is not decentralizing everything, but decentralizing to which extent.
Cyber Security issues
From the Celsius controversy, it has to be noted that the shift in security and responsibility, that is normally held by service providers to customers, is a huge blocking stone. Human error in cyber security, although the contribution amount has come down significantly from over 95% in 2014 (according to IBM), it's still a major factor as on-chain transactions are not reversible, which is unlike the current payment systems. If a user accidentally wires money to a wrong address, that person can only hope in the kindness of the receivers to send it back as intermediaries cannot invervine.
To this day, the issue of using weak passwords like “1111” or “123456789” are still relevant, with the average internet user not having the habit of reading terms and services. In fact, it can be strongly argued that traditional web 2.0 services are doing a much better jobs than the current web 2.5 services as the old systems architecture have withstand the test of time by developing all kind of security services. On the side of blockchain companies, we can have a look Axie Infinity bridge attack as an example. Let’s have a look of how Axie Infinity transaction system works. It has to be noted that while there are other system architecture for blockchain projects at the time of this writing, the bridge issue is still relevant.
Figure 4: Axie Infinity bridge model. Source: handmade for easier understanding
As explained by the Verge, the attack was a simple and common phishing one. The bad actor tricked a senior developer to click on a pdf, which has 4 keys along with a should-have-not-been-allow-to-borrow one. It means they have enough right to access the vault without having to attack another machine/person. Hence, it can be seen that those so-called “web 3.0” projects are still relying heavily on current web 2.0 technology as banking and payment systems around the world are not able to use blockchain directly as a payment method yet. This is due to the heavy regulation around the industry to avoid fraud and other crimes. Therefore, blockchain projects have more attack surface for bad actors to attack.
For the matter of fact, due to the hype of blockchain and crypto gains since 2018, the industry attracts billions of dollars in investment around the world, according to Statista. This also makes the blockchain sector a big cake to split for hackers, as the payout is much bigger while there are more areas to work around (figure 5). For now, as the industry is still young, there is not much study into blockchain architecture models to avoid these issues.
Figure 5: Attacking on Defi protocol yields more money than traditional hack. Source: John Hammond Youtube Channel
Counter Arguments
With all those negative issues being said, there are some strong statements that can be made about the blockchain future. As it has been mentioned in the technical issue section, decentralization has to be compromised in some form to help promote web 3.0 technology. Like we have seen with the Helium project earlier, its partnership with T-Mobile allows it to offer service across the United States faster and more consistently, rather than having to wait for sufficient users in every corner of the country. The same could also be said for decentralizing hosting projects, although there are billions of mobile devices around the globe, there is not much incentive for people to join the network. Hence, a some-what-centralize solution is needed.
From the regulation and cybersecurity perspective, there are more promising signs. Firstly, there seems to be a race for central bank stable coin for countries around the world, with China, Europe and the United State leading the way [ source, also elaborate]. It can be guessed that the national currency market is bracing for a big impact as small and weak ones are bound to face it first. In fact, just this October 2022, the Malaysia government announced a plan to build a national public blockchain.
With many countries like Canada and Singapore encouraging blockchain companies to open business in their jurisdictions, while countries like America and Europe did not outright ban crypto, it can be understood that a framework for regulating the sector is being constructed. Since blockchain technology is global in its characteristics in my opinion, there is a need for an agreement on basic principles for blockchain businesses among participating countries. Furthermore, blockchain analysis companies are gaining attention due to their unique ability in assisting business monetizing and complying to regulations, while helping the government monitor blockchain transactions for crime investigation (Chainanalysis, Ciphertrace). Hence, it can be proposed that there might be a case for a global blockchain analysis sector to connect governments around the world to create a global blockchain Central Bank Digital Currency (CBDC).
In fact, if it is done right, blockchain technology can be implemented into our current democracy voting system. Due to the controversial accusation of cheating from America’s former president Donald Trump, a lot of states have to do recounting in person votes while some others implemented odd rules when election time comes around the corner. While all that is happening, Elon Musk's brother, Kimbal Musk, proposed a brand new decentralized charity organization, with donors given tokens to vote on how their funds are used. The integrity and non-fakable characteristics of blockchain can help clearing doubts off of already-diversified areas.
Virtual Reality
Now, it is weird to see Virtual Reality (VR) mentioned here when I have not hinted at all throughout the two posts, and what connection it has to the “web 3.0 dream” in the title is not clearly seen, even in the industry. However, I think VR is the key for blockchain technology, like NFT and Defi protocol, to fully grow. Let’s take gaming for instance.
What if, there is an online RPG game likes GTA, but you can “feel” your interaction in every touches or actions? What if you can experience things you have not yet to try in real life like sky-diving from your own one of a kind helicopter? What if, there is an online shooting game likes Valorant, but you can cast spells or skills by voice commanding? What if the visual changes depending on your skin, making it more beautiful and grander with a special season-limited skin? And what if, you can work from home, but able to visit all brands around the countries, as well as in foreign markets? What if you can also create your own dream land, where customized jet black dinosaurs are flying and Batman is playing poker with Iron Man, while you and your friends are busy watching a football match live in a stadium thousands of miles away from your physical body?
All of that can come true only when VR and blockchain technology has matured. In fact, it is not that far away. Recently, MKBHD posted a video reviewing dope tech, in which a VR handset is mentioned. Although there is room for improvement, it can be seen that the technology is really close to a break out. In fact, there are already studies looking into the crossing path of VR, AR and blockchain helping each other to grow[5].
Verdict
From all the points being made, the outlook for a world of web 3.0 is very promising, even if it is facing majors challenges from technical standpoints, regulation issues and cyber security perspectives. Moving forward, although I think the future of web 3.0 and blockchain are not very similar to what the majority are imagining, I predict that this case will be similar to previous generations thought of web 2.0 in the late 1990s and early 2000s. There will definitely be some areas developed in an unbelievable way, there will also be very different from our current expectation.
However, just like any technology invented before blockchain, regulation will catch up to it and dictate not only its behaviour, but also its development. Hence, there is a need for startups to work with regulators in order to create successful sustainable ventures. Plus, we should also be prepared for further impacts of blockchain on other sectors, like national currency, VR gaming or VR social media as the required developments are being closed to mature.
References:
Comments