Two things are needed to navigate Web 3 projects: a high level of skepticism and the ability to follow meaning. Forrester’s recent analysis of the evolution of the Internet is rigorous and honest:
- Fraudsters are running the show.
- The guiding principles are contradictory and confusing.
- People who lose money in a decentralized system seek the help of outside authorities to solve the problem.
Two new Forrester reports explain why CIOs, CMOs and other executives should approach Web3 with extreme caution and suggest how to evaluate Web3 proposals:
- Check whether a Web3 project is an enterprise blockchain project in disguise.
- Be prepared to develop a governance model if one does not exist.
Forrester VP and chief analyst Martha Bennett, both lead authors of the report, said, “Web 3 promises a better online future but contains the seeds of a dystopian nightmare,” and “Web 3 and Web 3.0 are synonymous today – but not always true.”
The problem with many Web3 proposals is that “… some of the key principles advocated by Web3 advocates are not practical today এবং and may never be.” According to Forrester, these include, but are not limited to:
- Believe in the code, not the company.
- Open the protocol and transparent code.
- User-owned data and content.
- User-managed identity.
Part of the problem is the belief in a technological utopia, the idea that technology is the answer to every problem and the belief that it will only be used for good. Bennett describes a personal experience that illustrates the problem of blind faith, ignoring the fact that people use technology in both moral and immoral ways. Bennett, who was present during an Ethereum developer conference, said the Ethereum network service was under attack. When asked about the attack, one of the original developers said he never thought anyone would use the code in this way.
“Some people are just thinking about how the code should work and not how it can be distorted,” he said.
According to Bennett, complete decentralization is neither possible nor desirable.
One of the biggest concerns is the significant technical challenges that remain with Web3 plans and concepts, including:
- Maintain privacy and confidentiality in public blockchains
- Prevent harassment
- Interconnect between different blockchains
- Troubleshoot scaling and security issues at the network and application level
Weaknesses in Web3 architecture
Some of the earliest design decisions for blockchain have created opportunities for malicious activity without any guarding. Bennett used an example of an address that could not refuse a package to describe how cryptocurrencies work. A bad actor can create an NFT linked to pornographic content and send it to a wallet.
“Most of the wallets are fully open, so if I have your address, I can send you something with the bad stuff in it,” he said. “And because of the way public blockchains work, once something goes out, you can’t undo it.”
Gas fees that are more expensive than the cost of an NFT are another example of a system weakness. Recently, the company that owns the Board App Yacht Club has started selling NFT to launch a crypto-based metavers game. Some buyers pay a transaction fee that is five times higher than the cost of NFT. An additional $ 3,300 fee is required for $ 25 digital images.
See: Metavers: What is it?
According to Bennett, in addition to the risky design of open wallets, there are also issues with smart contracts.
“It’s a completely wrong name because smart contracts are not smart and they are not legal contracts,” he said. “These are automated business rules running in a blockchain.”
An architectural weakness of these business rules is the decision to make the contract code publicly available.
“If you’re true to the Web3 standard, you’ll be able to provide that code openly, but by doing so you’ve got a much bigger attack surface,” he said.
Developers who decide to keep the source code private go against Web3’s policy and still run the risk of messing up when launching a new product.
“There’s a tendency not to be so open about realizing what this approach means,” he said.
There is no widespread demand for personal control
The main idea of Web3 is to control the person, but according to Bennett it also falls here. It is possible to manage data and identity in a decentralized, self-regulating community but it requires a level of effort that many people are not willing to do. Instead of memorizing public keys and private keys and putting a seed phrase in a physical lockbox, people want these services to be easy to use.
“Not everyone will be able to do it, and a lot of people don’t want to do it,” he said. “It is possible to avoid the underlying complications, but then you immediately violate Web3’s policies.”
David Mahdi, Sectigo’s chief strategy officer, agrees that there are some significant barriers to blockchain adoption, especially reliability.
“Central cloud providers offer service-level agreements on a contractual basis, but not public blockchains,” he said.
See: Metaverse Security: How to Learn from Internet 2.0 Mistakes and Build a Secure Virtual World
Mahdi said trust management and security are another barrier to identity management.
“Strong digital identities are needed with decentralized identification and formalization of NFT,” he said. “It will be important that the Remote Identity Validation solution enables users to securely sign in to documents from anywhere on any device.”
According to a recent stack overflow survey, developers are also skeptical about Web3’s merits. More respondents were unfamiliar with Web 3 Key (36%) while 25% described it as the future of the Internet. The “it’s all hype” and “crypto” groups were about 15% equal in size. The smallest group at 9% sees Web3 as a scam.
Among those familiar with Web3, 40% of those without blockchain experience think Web3 could be the future, and with almost the same number of developer blockchain experiences as the future. Nineteen percent think it’s all hype or a scam.
The majority of the 595 people (85%) who responded to the survey did not create anything with the blockchain.
Maintaining balance and setting ground rules
Web3 World and its infrastructure do not need to be completely centralized to provide consumer protection and personal security. James Arlene, CISO of Database-a-Service Company Ivan, said that creating secure Metavers World is not a zero-sum game but more of Nash’s balance situation, which means each player has to consider the decisions of other players or his own strategy when setting it.
“If everyone loses a little, everyone wins,” he said. “It could be a model where everyone would win if we did something for each other.”
The key to success, Bennett said, is to ensure that governance is established by a governing body, not arbitrary decisions by big technology companies.
“I want to see an adult discussion that balances the elements of decentralization and central control that are properly managed,” he said.
A governing body can set up a mechanism to address the flaws in a smart contract. For example, a flash crash may be caused by an algorithmic trading program that “triggers each other to sell in a response loop.”
An independent governing body could establish consumer protection rules for digital currency and wallets. There is currently no recourse for people who lost cryptocurrency by accident or due to a scandal despite the fact that bad actors earned $ 4.64 million in four attacks over the weekend.
“Whenever there is a successful attack, people call law enforcement, even if they say they want to work in an environment that is out of government control,” Bennett said.
There is also a privacy issue with recording every activity on the public blockchain.
“In many ways, public blockchain and privacy rules are inconsistent,” he said. “If you can never delete something, you have no right to forget.”
In addition to establishing consumer protection, a standard group can establish a code of conduct outside of “you can go elsewhere if you don’t like it.”