Web3 is Self-Certifying

There’s been a lot of discussion lately about what Web3 is and isn’t. Here’s my definition: Web3 is user-generated authority, enabled by self-certifying web protocols. These are a superset of technologies that include blockchains, but are not limited to them. Is this what other people think “Web3” is? Maybe not, but hear me out.

Authority on the web establishes who ultimately has control over content. In the earliest stage of the web, there wasn’t usually a separation between “users” and web hosts — whoever hosted a website also put the content on there. In the shift known as “Web 2.0”, sites became popular that gave users accounts to create content, but the site hosts still had the final say and could unilaterally change anything they wanted to. This is mostly how the web works now. In the evolution of the web I’m calling Web3, users can cryptographically assert their identity and publish verifiable content, and sites that host content don’t have the authority to change it, because the root of trust is in the data itself, not in where it is found. To recap:

  • Web 1.0 — Host-generated content, host-generated authority. A person wanting to publish to the web had to run their own server to host a website. Websites were mainly read-only, and offered few interfaces for user content creation or interaction.
  • Web 2.0 — User-generated content, host-generated authority. Websites emerged that let people create user accounts so they didn’t have to host their own servers to publish to the web. This led to a lot more user-generated, interactive content, but these sites have grown to become powerful platforms, and the fact that users don’t ultimately have control over their accounts and content is becoming problematic.
  • Web 3.0 — User-generated content, user-generated authority. A model is emerging where people don’t have to host a server or create a user account in someone else’s database to create content. Servers can choose whether or not to host someone’s account or content, but they don’t have ultimate authority over it. The technologies that enable this are “self-certifying protocols”, based on cryptographic signatures and hashes.

In short, these three stages are “the hosted web, the posted web, and the signed web.”

What is a “self-certifying protocol?” This is a general term I’m using to describe protocols that have cryptographic user identifiers and content-addressed data. “Cryptographic user identifiers” associate users with public keys. The ability to sign with the corresponding private key is the root of trust proving someone controls an account, rather than an entry in a database keeping track of user logins. “Content-addressed data” means content is referenced by its cryptographic hash — the unique digital “fingerprint” of a piece of data. Putting these two pieces together, a content hash signed by a user key can prove a user authorized its creation, without requiring an intermediary. ​​Self-certifying data enables trust to reside in the data itself, not in where you found it, allowing apps to move away from client-server architectures. This creates “user-generated authority”.

What’s the role of blockchains in Web3, if we’re defining it as self-certifying protocols? Blockchains are self-certifying protocols that create consensus on global state, emulating a centralized database without any one party being in control. “User accounts” on blockchains are cryptographic keypairs, used to sign transactions. The “content” is hashes of transactions bundled into blocks, that are themselves hashed and chained together. Transactions are signed with a user’s keypair. What Bitcoin (the first blockchain) introduced was a novel consensus mechanism for mutually distrusting parties to agree on what transactions occurred — very important for digital money without an intermediary.

What other protocols have self-certifying properties that are not blockchains? Git, PGP, BitTorrent and Tahoe-LAFs preceded Bitcoin. Among the current generation of non-blockchain self-certifying protocols, IPFS, Hypercore, SSB, Peergos, and Spritely all have user keys and content addressing. In these non-blockchain self-certifying protocols, you can prove a user “owns” content in the sense that it can be verified that they published it. Blockchains introduce a stricter notion of ownership by having a timestamped global ledger everyone agrees on. This lets you assert properties like global ordering and uniqueness, so you can prove only one person “owns” a bitcoin or an NFT at one time. Architecturally, blockchains can be thought of as just one type of datastore in Web3, useful for some applications and cumbersome in others. But financially and socially, they’ve poured attention and resources into the space. Important pieces of Web3 infrastructure that have been built as a result of blockchains include wallets and apps that put keypairs into the hands of millions of users, and tooling for new cryptographic primitives such as zero-knowledge proofs that unlock countless possibilities. It’s understandable why they currently overshadow discussion of anything else, but if the full Web3 vision is to be realized, other kinds of self-certifying protocols will have to be developed.

If a self-certifying protocol is one that allows authorship of content to be proven directly through user keys and content addressing, a self-certifying web protocol is one that also has content linking and discovery. Algorithms that enable discovery of content are a fundamental part of how we use the web these days, and “Web3” needs to develop more sophistication here if it’s going to provide a good user experience. Things I think are missing or immature: social graphs, user profiles, identity and reputation attestations, content aggregation, indexing and discovery, curation and moderation methods. A confusing part of the term Web3 as applied to blockchain tech is that it’s a lot of disconnected pieces right now, that are missing a lot of features we’ve come to expect from the web.

I would like a broader definition of Web3 to be recognized that includes all self-certifying protocols, of which all blockchains are a subset. But rather than focusing on the terms, let’s try to focus our energy on what properties and characteristics are important as the internet evolves. I want a more user-centric web, where people can generate their own authority to create content without locking themselves into a centralized service. If you agree with this but don’t want to use the term “Web3” for whatever reason, I propose using “Self-Certifying Web Protocol”, or SCWP for short, as a more concrete and technically descriptive term for these technologies.

Thanks to everyone who provided thoughts and feedback on this post: Paul Frazee, Daniel Holmgren, Aaron D Goldman, Christine Lemmer-Webber, Andre Staltz, Whyrusleeping, Jenny Kaehms, and more.

--

--

--

Developer, writer. Decentralization, social networks, privacy, crypto.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

SubQuery Integrates Acala to Aggregate and Serve DeFi Data to Polkadot and Kusama Builders

Router Protocol AMA Recap with Razor Network

KEPLERSWAP: The Project Built around DeFi 2.0 October 27, 2021 by EMMANUEL EFFIONG

Onchain Custodian goes virtual exhibition booth

Unmarshal Forms a Strategic Partnership with Plugin to Create a Unified Platform Syncing Real-world…

AMA Recap| BitWell * FIO Protocol— Embracing Web3.0: The Past, Present and Future of FIO Protocol

Cudos Labs: development update! 🧠 (16/12/2021)

UN enlists blockchain in Afghanistan for transparency in rebuilding process

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Jay Graber

Jay Graber

Developer, writer. Decentralization, social networks, privacy, crypto.

More from Medium

8 Crypto & Web3 Skeptics You Should Follow

NFTs solve a very real problem (just not very elegantly)

What are Verifiable Credentials? Why do they matter?

“Impermanent loss” is inevitable in AMM DeFi protocols — and that’s totally fine