Re: Web3 First Impressions by Moxie Marlinspike (was: Re: Ideals meet Implementations - Blockchains, NFTs, Decentralization, Oh My!)

Simone,
If I remember the history correctly, this group started off focused on
"Verifiable Claims" which were later renamed to "Verifiable Credentials,"
in order to avoid the implication that the truth or correctness of claims
was somehow being verified (i.e. an impossible task). It was my impression
that the change in name did not imply a change in the scope of the group.
Just as "Verifiable Claims" would allow for the making of either claims or
credentials, so "Verifiable Credentials" should be understood to address
both credentials and claims. Am I wrong?

GIven that, I have some questions:

   - Why have you listed VCs as not generating "Value due to scarcity?"
   GIven the essentially unlimited variety of claims that could be
   incorporated into a VC, it seems to me that one could craft a VC which has
   semantic content equivalent to any NFT. (i.e. A VC that identifies the
   "ownership" of some specific object.) The limited issuance of such VCs
   would create a "scarce" resource in just the same way that issuance of an
   NFT does.
   - Why do you say that a VC is not "transferable?" Rights that are
   recorded in a VC could either be delegated , in whole or in part, or the
   "ownership" of the VC itself might be transferred by the issuance of a new
   VC recording the delegation or transfer. How is this different from an NFT?
   - Why do you say that VCs are "privately held," but not "publicly
   displayed?" While it is certainly the case that VCs may be private, it is
   also the case that one could publish VCs and thus make them public. One
   might even publish a VC on a blockchain. It seems to me that choice of VC
   visibility is not available in blockchain-based NFTs since a blockchain's
   content is typically public. To me, optional visibility is an advantage of
   VCs since it allows verifiable private relationships.
   - Why do you say that a VC only proves the "identity of an entity" but
   not "ownership of an object?" I can issue a VC to identify the existence
   (identity) of some right (e.g. the ownership of, or limited right to use,
   an object) and then issue another VC to associate that VC with some
   identified individual. While the VC-based mechanics are a bit different
   from what is typical with NFTs, how is the net effect different from that
   provided by issuing an NFT?

bob wyman



On Wed, Jan 26, 2022 at 8:30 AM Simone Ravaioli <
simone.ravaioli@parchment.com> wrote:

> +1 to *broadening our collective aperture and keeping it a DMZ.  *(Thx Taylor
> and Juan).
>
> One way of keeping the exploration grounded in our credentials turf, could
> be through the  “VCs vs NFTs” credentials lens.  Here are some triggering
> resources:
>
> - Affinidy article
> <https://academy.affinidi.com/non-fungible-tokens-nfts-vs-verifiable-credentials-vcs-cd0ebb13f1fb> and
> infographic (attached)
> - Phil Windley take
> <https://www.windley.com/archives/2021/10/nfts_verifiable_credentials_and_picos.shtml>
> - SSI Orbit Podcast
> <https://podcasts.apple.com/ca/podcast/31-the-future-of-work-will-happen-through-daos/id1552622325?i=1000548733000>with
> Stepan Gershuni (work, education, DAOs,  .eth vs DIDs)
>
> One of the first insightful comments by  Darrell O’Donnell about the “NFT
> vs VC” representation:  *“...a VC can be about identity data it could
> just as easily be non-identity data (e.g. a lab test of a substance). VCs
> get conflated with "identity" all too often. Yes, I may carry VCs that
> contain identity data but that is one particular area of use."*
>
> I support engaging with this new discourse to help mature the conversation
> (rather than dodge it a priori)  - within VC EDU Task Force we are
> considering hosting a session about “VC vs NFT Credentials” in #Ed3 (Web3
> for Edu).  Here is one primer
> <https://ed3.mirror.xyz/0U3QG8-4K6CD_ltU6SJyKN3-uBD3x6nEFs-YeShzYmk> of
> how the #Ed3 narrative is starting to be circulated.  More on that soon.
>
> Simone
>
>
>
> On 25 Jan 2022, at 18:48, Taylor Kendal <taylor@learningeconomy.io> wrote:
>
> Echoing appreciation for Manu's expert dissection, Drummond's
> affirmations, and Juan's uncanny ability to analogize. Here's to keeping
> the CCG list a DMZ!
>
> You all point to the importance of broadening our collective aperture to
> include historical perspective and wisdom. As has always been the case in
> (web)tech, regardless of how we choose to brand the epochs, there are key
> voices and views that get ignored and/or actively excluded. We should all
> have an interest in, yes, acting as informed skeptics, but also as
> anthropologists; humble and human-centered in our collective attempt to
> look just far enough into the future in order to build something better.
> #WAGMIT
>
> As an optimistic (utopian?) counterbalance to many of Moxie's views, I
> highly recommend folks check out Juan Benet and the talks from this recent
> event: https://fundingthecommons.io
>
> Looking forward...
> _tayken
>
> *Note: our website got a 2022 refresh with shoutouts to w3c + vc-edu.
> https://www.learningeconomy.io
>
> On Tue, Jan 25, 2022 at 4:22 AM Juan Caballero <caballerojuan@pm.me>
> wrote:
>
>> Well-put, both of you.
>>
>> I recently read a twitter thread by an academic who abandoned a
>> book-length monograph on O'Reilly, with multiple chapters on the
>> vicissitudes of what O'Reilly kept trying to make Web 2.0 "mean" and what
>> it ended up meaning after billions of dollars of VC and a decade-long hype
>> cycle's worth of marketing and spin had been applied to it.  Web3 is likely
>> to be an even bigger, uglier, stupid semantic tug-of-war for some time.
>> I've already heard people start to distinguish between:
>> - "narrow" Web3 (EVM-centric, smart-contract-enabled, chain-centric web
>> business and communities)
>> - "economic" Web3 (more libertarian and/or Georgist-oriented,
>> currency-centric, BTC-centric)
>> - "social" Web3 (the non-monetary aspects of legal, political, and social
>> organization via decentralized and/or crypto-enabled networks)
>> - "broad" Web3 (including crypto-powered P2P networks like secure
>> scuttlebutt, PGP, DIDs and non-DID SCIDs, etc)
>>
>> Throwing an adjective in front probably won't be enough clarification to
>> have a meaningful and civil conversation for many years.
>>
>> Anyways, I hope we can keep the CCG list a DMZ in this rapidly-escalating
>> culture war, before "Web3" becomes the next "Critical Race Studies" or
>> "Satanic Panic".
>>
>> Thanks,
>> __juan
>>
>> On 1/24/2022 1:16 PM, Drummond Reed wrote:
>>
>> Manu, I just wanted to say that this is a gem of a message, and I agree
>> with your points 1000%.
>>
>> What I particularly appreciate is how carefully and artfully articulate
>> how to separate the wheat from the chaff—and your lack of inhibition at
>> calling the chaff just that.
>>
>> The irony is that the spat of all these "what's wrong with Web3" articles
>> from prominent authors just end out reinforcing the public's perception
>> that Web3 is in fact a big deal, and that they better pay attention to it
>> (just like with "cloud" and "mobile" and — at one point in the
>> not-terribly-distant past — "Web" ;-)
>>
>> To the extent that "Web3" in its most abstract sense is about how the
>> democratization of cryptography will shift power and change the status quo
>> across a number of markets/industries/products, there is indeed some real
>> truth (and momentum) to it. And DIDs and VCs are indeed key building blocks
>> for whatever lies on the other side of that shift.
>>
>> Best,
>>
>> =Drummond
>>
>> On Sun, Jan 23, 2022 at 8:56 AM Manu Sporny <msporny@digitalbazaar.com>
>> wrote:
>>
>>> On 1/18/22 12:06 PM, John, Anil wrote:
>>> > Given the continuous discussions around
>>> centralization/de-centralization in
>>> > our community, I found this essay by Moxie Marlinspike …
>>> >
>>> > https://moxie.org/2022/01/07/web3-first-impressions.html
>>>
>>> Given that the original thread seems to have been re-directed to a
>>> discussion
>>> about delegation, I'm re-titling the thread to focus on Moxie's article
>>> as it
>>> relates to DIDs and VCs.
>>>
>>> For the record, I share much of Moxie's scepticism, but don't let it get
>>> in
>>> the way of important nuance (which he does) or trying to fix the known
>>> and
>>> emerging problems (which we've known about for years).
>>>
>>> Just a few thoughts off of the top of my head:
>>>
>>> NFTs are an Easy Target
>>> -----------------------
>>>
>>> Picking something that has appeared in the last 2 years and then talking
>>> about
>>> all the ways it is flawed might be a personally rewarding rant, but it's
>>> just
>>> as easy as picking on "going to mars", "speech to text", and "air taxis"
>>> was
>>> when those initiatives were in their infancy.
>>>
>>> For example, Moxie writes: "What surprised me about the standards was
>>> that
>>> there’s no hash commitment for the data located at the URL."
>>>
>>> Yeah, that's clearly bad and has to be fixed... also, the industry has
>>> known
>>> about this issue for over a decade and technical solutions exist to
>>> address it:
>>>
>>> https://datatracker.ietf.org/doc/html/draft-sporny-hashlink-07
>>>
>>>
>>> https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity
>>>
>>> Expert Writes Scathing Review of Hello World Example
>>> ----------------------------------------------------
>>>
>>> There seems to be a trend lately where it's popular for technologists
>>> that
>>> built systems for Web 2.0 to criticize web3 (a term which I find just as
>>> useful as "Web 2.0", which is to say: not very useful at all). Here's
>>> another
>>> one about how terrible web3 is from Alex Russell:
>>>
>>> https://infrequently.org/2022/01/washed-up/
>>>
>>> Both of them have relevant opinions, but their commentary is very much
>>> from a:
>>> "I read about/wrote a Hello World example, and based on that, here's
>>> where I
>>> think that entire industry is going."
>>>
>>> In other words, I take those sorts of articles for what they are: the
>>> writings
>>> of someone that's technically competent in their area of expertise
>>> commenting
>>> on an area that they don't have much expertise in. Sure, they may have
>>> some
>>> useful insights, and Moxie does, but they're not the folks working on the
>>> day-to-day problems to improve the state of an emerging industry. Their
>>> opinions tend to lack the sort of nuance that come from folks like
>>> Vitalik:
>>>
>>>
>>> https://www.reddit.com/r/ethereum/comments/ryk3it/my_first_impressions_of_web3/hrrz15r/
>>>
>>> In other words, their commentary on web3 is about as useful as my
>>> commentary
>>> on browser engine architecture... which is: not very useful.
>>>
>>> How This Relates to DIDs and VCs
>>> --------------------------------
>>>
>>> Ultimately, Moxie ends with two take-aways, only one of which applies to
>>> DIDs
>>> and VCs:
>>>
>>> 1. We should accept the premise that people will not run their own
>>> servers by
>>> designing systems that can distribute trust without having to distribute
>>> infrastructure.
>>>
>>> This is why we're putting effort into things like data models that
>>> distribute
>>> trust and the VC API, which can be used by making calls against a
>>> centralized
>>> service provider, or against your own servers. That Moxie isn't aware
>>> that
>>> there is "client-server interface work" going on is too bad, but that's
>>> the
>>> reality; he's just not aware of it.
>>>
>>> DIDs are largely about using cryptography to distribute trust; they are
>>> a way
>>> of publishing your public keys regardless of which network you're on
>>> (which
>>> allows us to temporarily avoid the useless debate over which network is
>>> better
>>> until the useful ones gain traction in the market).
>>>
>>> VCs are largely about using cryptography to distribute trust; they are a
>>> way
>>> of consuming statements made by an issuer that you trust for the
>>> purposes of
>>> the statements that they're making. You don't need a blockchain or web3
>>> for
>>> them to work. If web3 provides advantages to DIDs and VCs, they're
>>> additive
>>> instead of either/or zero-sum benefits. You can run DIDs and VCs on
>>> centralized and decentralized infrastructure, no need to run your own
>>> server
>>> (unless you are in the small minority of people that want to).
>>>
>>> 2. We should try to reduce the burden of building software.
>>>
>>> *laughs in Software Engineering*
>>>
>>> Having started my "career" as a teenager crawling through buildings
>>> pulling
>>> power and hand-terminating both power and network cabling for local area
>>> networks while not brushing up against the asbestos in the ceiling, hand
>>> building server clusters, designing battery backup systems, and then
>>> writing
>>> software for said clusters all the way to helping to design, build, and
>>> then
>>> manage the software infrastructure for multiple organizations... I feel
>>> safe
>>> saying that the entire IT industry seems to be dedicated to this
>>> principle,
>>> and things are way better than they were two decades ago, and better
>>> than they
>>> were a decade ago.
>>>
>>> I find that Moxie felt the need to point it out just as amusing as if
>>> someone
>>> were to point out that "As humans, we need to focus on breathing if we
>>> are to
>>> survive."
>>>
>>> In any case, just my $0.02. This recent round of web3 bashing by
>>> "experts"
>>> feels more like a platform that people are using to either virtue signal
>>> (at
>>> worst), or make a general point they've been wanting to make for a while
>>> (at
>>> best). I'm not sure that they're really helping to move any particular
>>> industry forward.
>>>
>>> -- manu
>>>
>>> --
>>> Manu Sporny - https://www.linkedin.com/in/manusporny/
>>> Founder/CEO - Digital Bazaar, Inc.
>>> News: Digital Bazaar Announces New Case Studies (2021)
>>> https://www.digitalbazaar.com/
>>>
>>>
>>>
>

Received on Wednesday, 26 January 2022 20:27:10 UTC