#define web3

By David Luna

#define web3

The journey that we’re on…

As we saw the emergence of Web2.0 (“web two point oh”) around 2003-2004 it changed the way users interacted with the world-wide web. No longer were static pages of information akin to an offline directory suitable for the modern web; it was time for dynamic content, and user participation. No longer were discussions between users hidden away in forums; it was time for comment sections and sites with built-in chat functionality. No longer was a user required to remember the name of each of their friends and connections; it was time for friendship requests and social networks.

The Shift to Web2.0

Original Web

Web2.0

Content

Static

Dynamic

Users

Viewers

Content Creators

Infrastructure

Self-managed

Cloud / *-as-a-service

Currency

-

Data

Interactions

User ⇔ Service

User ⇔ Service ⇔ User

Accounts

Per-service

Per-service, Federated


These fundamental shifts meant that websites were no longer a destination from which users were informed by the service provider: they were a place for people to actively participate. Share their music and jokes, create images and videos, and socialise online. Users moved from being viewers to content creators.

This change in the way services were approached by users was backed by similarly fundamental shifts in infrastructure. To cope with the massive amounts of user-generated content, peaks and troughs of traffic, and emerging cybersecurity risks “the cloud” was born. Services could mitigate the cost of maintaining their own hardware by purchasing computation and storage power from server-farms all over the world. This hardware would dynamically respond to demand by spinning up enough capacity to handle the requests. Alongside this hardware shift came a new software paradigm, as applications became “cloud native”. Services written without state that could be started and stopped at a moment’s notice worked within the hardware, eased development and improved stability.

As the technology adapted, so did businesses. Able to mitigate the risk of running their own hardware and software by using software run “as a service”, companies were now able to augment their service with an ever-growing library of additional functionality, all served over the world-wide web.

The more things change…

However, for all this change some things remained constant: users must access services, and to do this they needed to be able to securely identify themselves. Worse still, these account credentials were stored, centralised, by the service providers.

While all around was change and tumult: the way users interacted with services, the way those services ran on hardware, and the way those services were written in software; two things remained a certainty. You need an account to access each service, and your email address is your one-stop identifier and account recovery mechanism - the key to every castle.

One step was made in this direction, that of account federation. This allows a user to re-use their authentication credentials from one site (say, facebook.com) to allow them to access another site, drawing attributes from the former to be used in the latter. This reduces user friction, the proliferation of account information, and in doing so reduces the risk of account takeover attacks for both the relying party and the end user. However, it expressly never addressed the issue of centralised credential storage.

Here be giants…

Over time, these changes have culminated in the formation of a series of “Internet Giants”. Significant players such as Amazon and Google have become one-stop-shops for enabling access for service providers. An emerging product can build almost its entire infrastructure on these Cloud Service Providers (CSPs) by paying for it monthly “as a service”, and its users can authenticate to the product using their Google or FaceBook credentials. This reliance on giants is not a fundamental aspect of Web2.0, but rather an emergent result of users flocking to certain early-to-arrive services.

Nothing in the Web2.0 concepts specifically required that only a handful of CSPs would rise to the fore. However, that’s the way it has turned out, for better or worse. In doing so, what these companies gained - through luck or incredible foresight - was to turn out to be the black gold of the new millenium: Data.

Not only were these giants in control of the hardware through their data centers, the software through their *-as-a-service offerings, and the users through federated social network accounts. Not only did these companies become the most valuable in human history, but they did so while building libraries of data about their users. This data was collected and mined for insights, which in turn helped the service providers optimise their systems to better gather and retain more users, and even more data.

Enter blockchain

Around ten years after the emergence of Web2.0, Bitcoin burst onto the scene, underpinned by blockchain. Ten years after that, the first murmurings of Web3 (“web three”) began to emerge from communities filled with early adopters of blockchain and their related technologies. So what justifies the iteration of the entire world-wide web’s major semver this time?

Web3’s watchword is decentralisation. The ambition of its proponents is to reduce the reliance on centralised service operators while continuing to enable the types of user interactions Web2.0 introduced.

Blockchain technology on its own only solves a small part of this problem. It provides a globally distributed, immutable ledger which entities can read and append. It provides a consensus mechanism to ensure that all participants in the network agree to the order in which operations were performed. It provides a currency, or “coin” which can be used both as a token to “pay” for the computational resources used to operate the blockchain, and a proxy for fiat currency. While still a fairly immature technology, Web3 proponents cast the move to placing information on the blockchain as significant as the move from static to dynamic content.

The Shift to Web3

Original Web

Web2.0

Web3

Content

Static

Dynamic

Dynamic

Users

Viewers

Content Creators

Content Owners

Infrastructure

Self-managed

Cloud / *-as-a-service

Blockchain

Currency

-

Data

Tokens

Interactions

User ⇔ Service

User ⇔ Service ⇔ User

User ⇔ User, User ⇔ Service

Accounts

Per-service

Per-service, Federated

Wallets


This article does not focus on the current (severe) limitations and costs of blockchain technologies, nor the various different approaches that are advanced as routes to resolve these issues. It is expected that significant improvements will be made to distributed ledger technologies, so rather than get bogged down in the short term practicalities they will be glossed over to focus on a description of Web3.

The most significant step since mass adoption of blockchain technologies has been the development of the smart contract on the Ethereum distributed ledger. A smart contract is a piece of code able to execute autonomously which exists purely on the blockchain. It is able to interact with other entities on (and off, in some cases) the blockchain, and executes once suitable criteria has been met. Due to its existence on the blockchain the code does not reside on a particular company or individual’s servers, but rather distributed across hundreds of thousands of machines.

Consider the difference between a marketplace application in Web2.0 compared to Web3. In this scenario, Alice wishes to purchase a second-hand bike.

In Web2.0 she may navigate to a user-driven marketplace site where users put items up for purchase and others browse them. She searches for and selects her chosen item and transfers the specified fee to the service provider which, in turn, holds the money in escrow, awaits confirmation of the item’s delivery and releases the funds. All of this is executed within the service provider’s ecosystem, and in addition to their cut of the payment, they have gained data about both seller and purchaser.

In Web3, Alice instead opens up her marketplace app. She authenticates via her wallet’s credentials, which creates a tether allowing her to transfer tokens, present credentials, and mint smart contracts through the app. She describes the features she’s looking for in her bike, and the app searches for matches. Once she’s selected the seller she wishes to purchase from, a smart contract is generated that describes the amount Alice will pay. This contract will release the funds to the seller’s account upon delivery of the agreed goods. Alice deposits the money into the smart contract’s wallet, and awaits delivery of the bike. Once received, she notifies the contract that the bike has been delivered, and the money is transferred out of the contract’s wallet into the seller’s wallet.

Wallets and peer-to-peer transactions

In order for users to interact with these service-provider independent applications, both users and smart contracts must be able to identify themselves to one another. Additionally, both users and the smart contracts themselves must be able to transfer the tokens used by the blockchain. These identifiers are wallets - the storage location of a blockchain entity’s tokens. A pointer to a specific wallet, its address, is the identifier through which interactions occur. A wallet may be associated with a more traditional Web2.0 user account to facilitate the bridge between the two paradigms.

In Web3, users store tokens and credentials in their wallets. These are issued by various authorities and are either transferable (such as ETH, Bitcoin, or NFTs) or associated with a specific individual/wallet and therefore useless once taken out of that context (such as verifiable credentials or mobile driver’s licenses).

Wallets provide several core functions in Web3:

  • A storage location for issued credentials and keys
    • Credentials make claims about the owner of the wallet, analogous to ID cards
    • Private keys allow access to blockchain-stored tokens, such as bitcoin
    • Public keys allow a reference to this wallet to be made by external entities
  • Most wallets include agents capable of making and receiving requests:
    • Interacting with the blockchains whose keys they support to transfer tokens
    • Interacting with peers to share credentials for purposes such as authentication and authorization

Wallets fall into one of two broad categories - custodial and non-custodial; and herein lies an example of one of the dichotomies at the heart of the Web3 movement. Wallet-ownership and control is at the heart of the decentralised movement. Yet, already there exist wallet-as-a-service offerings to mitigate some of the more burdensome aspects of wallet ownership - secure key management, backup, and recovery. Interestingly, even among the die-hard early adopters of Web3, in some circumstances usability is outweighing the security aspects of wallet management.

This example of adversarial interoperability will, over time, be the compromise between Web3 and Web2.0 technologies that drives innovation. Web3 is currently somewhat isolated from mass-adopted Web2.0 services and applications.The most integrated Web3 feature on a major Web2.0 platform right now is Twitter’s enablement of NFT Profile Pictures. If Web3 is to be adopted, it must first learn to “play nice” with Web2.0 to bring its users over. As users control their own data, it becomes increasingly valuable to those service providers that wish to mine it for insights. The concept of tokenomics has already begun to be explored, allowing users to be compensated for granting use of their data to service providers.

Fundamentally “Web3” is still in its infancy. Whether its name turns out to be a true precursor to a new paradigm of decentralised interactions across the world-wide web, or a hopelessly optimistic advertising slogan by early-adopters of cryptocurrencies and NFT-collectors remains to be seen. Whatever comes, hopefully this article has been useful in defining at a high level the major components that underpin Web3 technologies.


#Web3
#DigitalWallet
#BlockChain
#DecentralizedIdentity
#Tokenomics
#NTF
#CyberSecurity
#Cryptocurrencies