At 22, fresh-faced and straight out of college, I landed my first job building websites at one of those swanky design firms in New York City. With every app I built, I often found myself holding an asymmetric amount of power.
When building a dating app, I could read users’ private messages. While working on a journaling app, the private journals of our users were just a click away. Websites acted like one-way mirrors; I could see our users, but they couldn’t see me.
Shockingly, in 2013, Edward Snowden shattered the mirror. He exposed that, with corroboration from AT&T and the willful blindness of companies like Facebook, Google, Yahoo, and others, the U.S. government maintained a database of every American’s emails, text messages, photos, and even sexts. In his memoir, Snowden explained,
“You could even play back recordings of [unknowing people’s] online sessions, so that the screen you’d be looking at was their screen, whatever was on their desktop. You could read their emails, their browser history, their search history, their social media postings, everything.”
The world was shocked, and collective outrage erupted online. Yet, within a few months, we returned to our usual routines as if nothing happened.
Why? For one, changing habits is difficult, and secondly, there were no alternatives. Then came a new hope: Web3.
At Web3 Summit 2019, Edward Snowden joined as the keynote speaker. In his talk, he celebrated our achievements thus far in building a decentralized web focused on privacy and censorship resistance.
The summit was held in East Berlin, a city whose history is deeply intertwined with the oppressive surveillance tactics of Stasi, the East German secret police. From the mid-1950s to the early ’90s, East Berliners lived under the constant watch of a government that used personal information as a means of control and exploited private conversations for oppression.
Among those present at Web3 Summit, there was a palpable sense of being at the forefront of a movement ready to redefine the web. We believed we were creating a new and better future — a future-proof internet that could withstand the harshest of tyrants.
For me, Web3 began with high hopes. However, what started as a movement to make the world more secure, private, and free has lost its way. Today, Web3 is largely saturated with crypto, mints, airdrops, and investors eager to “own” the web. What is Web3? I’m no longer certain. When I ask my non-technical friends, they describe Web3 as a collection of NFTs and apes trying to get rich, and they’re not wrong. And let me be clear — there’s nothing wrong with that — just that for me that doesn’t resonate with why I’m here building. When do we walk away from the casino, and get back to building a better internet?
How to Build TrustLess apps
TrustLess (or trustLess) is a fundamental quality that suggests that, when using an app, there’s less of a requirement to trust any third party or intermediary.
TrustLess requires less private information and has fewer points of failure. Therefore, apps that adopt TrustLess principles demonstrate a higher degree of consideration for their users’ freedom, autonomy, and digital rights.
TrustLess apps are founded on five pillars: decentralized name registry, end-to-end encryption, decentralized network, decentralized storage, and open source code. These pillars aren’t new; all I’ve done is organize a framework that presents a clearer path for building a better internet.
Let’s dive into the five key pillars of TrustLess:
1. Decentralize the name registry
A name registry is a list of usernames and passwords, often owned by the app you’re using. The drawback of any one app owning their name registry is it locks users into the platform; you can never leave. Further, any user-generated property — be it followers, content, or influence — also remains confined to the platform.
When an app decentralizes their name registry, it’s an opportunity for users to own their names and thus more of the property they create.
A decentralized name registry enhances user resistance to censorship. It also improves findability; if a user is banned from an app, their followers can still locate them through the decentralized name registry. For example, my latest links are always available at my ENS name, castig.eth, and no one other than myself is capable of deleting my ENS records.
Here’s two examples:
- Substack authors have control over their name registry. Unlike traditional news and magazine outlets, which control access to their readership, Substack boldly revolutionized ownership by decentralizing the author’s registry. This model allows authors to cultivate a direct relationship with their audience. Should Substack cease to exist, or an author decides to move to a different platform, they can seamlessly transfer their audience’s emails, thereby preserving their established value.
- Ethereum Name Service (ENS) acts as a global name registry. Creating an ENS name means no single person or entity owns it. Instead, it’s stored on a decentralized blockchain. Apps that integrate ENS, such as Warpcast, Console, Coinbase and more, champion a future in which app owners are unable to delete or reassign a user’s name. With ENS (or BNS on Bitcoin), ownership of the name lies with the user, not the platform.
2. Client-side Encryption
First things first, store less private data, and earn your users’ trust more easily. Before requesting sensitive information like phone numbers, birth dates, and mothers’ maiden names, consider whether it’s truly essential.
For apps that collect user data, aspire to use client-side encryption (CSE). This encryption method ensures the privacy of user data, making it inaccessible to developers and website owners. Absolutely no one can access it.
Web3 wallets (such as Ledger, MetaMask, etc.) give users a client-side encryption key, preventing app owners from accessing the data. This private key is the basis of the “cryptography” in cryptocurrency. Encryption, however, is not new to Web3; it has been used for decades. For example, Google and Amazon also provide client-side encryption solutions.
The most privacy effective way to store messaging data is with a specific type of encryption: end-to-end encryption (E2EE). End-to-end encryption ensures only the intended recipients can read your data. Even if your database is compromised it’ll be impossible for unauthorized parties to access your users’ most private details.
Sometimes when designing software, I wonder, how can we future-proof our data? For example, perhaps today we believe, “the CEO of Slack is a good guy, I don’t have to worry about him.” But what about his next appointed replacement? With end-to-end encryption, you no longer have to question credibility.
Encryption isn’t typically listed as a type of decentralization, but it should be. E2EE means the right to read messages moves away from the central owner and into the hands of the people who wrote and received those communications. Users with client-side encryption thus enjoy the advantages of privacy and ownership.
3. Decentralize the network
The network is the lifeline that connects users across the internet. In a traditional, centralized network model, platforms like Facebook and Instagram become the gatekeepers of this flow, with the power to dictate what messages are transmitted or blocked. This places a significant amount of trust in the hands of a few.
However, a new wave of innovation is challenging the concentrated paradigm through the advent of decentralized networks such as Farcaster, Nostr, Bluesky, Lens, and Matrix.
Decentralization makes the network more resistant to censorship by distributing control across numerous nodes so it’s exponentially more challenging to suppress any individual’s voice. It also makes communications more resilient.
4. Decentralize storage
Storage is where your data lives. Every tweet, email, photo, and web page resides on a server, which is a computer owned by someone you are (perhaps unknowingly) trusting. Today, Amazon is one of the largest owners of our data. Instagram, Reddit, Airbnb, Netflix, and more than 50 million websites rely on Amazon Web Services to store their data.
Resilience is a significant benefit of decentralized storage. Distributing multiple copies of your data worldwide makes it significantly harder to remove content from the internet. Here’s two examples:
- InterPlanetary File System (IPFS) is a popular decentralized storage service. When data is stored on IPFS, it’s fragmented into smaller pieces and distributed across more than 50,000 nodes. This decentralization enhances data redundancy and resilience.
- Own your data, in spite of the cloud. Local-first software is a set of principles that enable both collaboration and ownership for users [1]. In Evernote, for instance, all your notes are saved locally, and they sync with the cloud storage periodically. But, even if you’re collaborating on a note with someone, and you get on an eight-hour flight, when you return online, Evernote handles the merge so you can properly back up to the cloud. Even if the entire internet is nuked, with local-first storage, you’ll always have access to your data.
5. Publish your source code
Open source code liberates code from the grip of central ownership. If the original founders, the development team, or the company vanish, the project can continue to survive and evolve thanks to the community’s ongoing engagement and contributions.
Consider a scenario where Elon Musk decides to shut down Twitter. In such a case, the platform would simply disappear. End of story. Because we the people of the internet don’t possess a copy of the site’s source code, Musk is a singular point of failure for the platform’s continuity.
Supporting open source code (or at the very least publishing source code) ensures its resilience and sustainability over time. Transparency is a primary benefit of open source code. Having access to the source code enables users to verify the integrity and security of their data, fostering trust in the company’s commitment to responsible data management.
Open source also means your project will be more resilient. If there’s disagreement with the founder’s vision, open code enables the community to diverge from the original project if they wish. This freedom to fork or clone the project facilitates its continuity or adaptation by others, thus providing a safeguard against the project’s termination and enhancing its durability.
Final analysis
Trust is a spectrum. There are many ways to build it into an app, but it’s up to each of us — app builder and consumer alike — to decide to what degree we will support it.
Anyone passionate about building in this manner should have the opportunity to contribute to the TrustLess mission without feeling pressured by an all-or-nothing commitment. Building on even just one of the five pillars is a worthy improvement.
As a founder, one immediate action you can take is to pledge to develop software that embraces the TrustLess pillars.
As a user, one immediate step you can take is to support applications that are advancing one or more of the TrustLess pillars.
Just as the organic food movement revolutionized agriculture, leading us toward healthier and more sustainable practices, the TrustLess framework offers a vision of a better internet, where privacy, and user freedoms are woven into the very fabric of online interactions, inspiring a future where we all thrive in a safer, more connected world.
—
Thanks to Talha Bugra, Sabir Alizada, Tidus.eth, Jonas Gerber, Gina Abrams, Blaize, the Console team, and more for reading early versions and providing feedback. A Google docs of this post is available for further comments and refinement.
