Blockchain is essentially a signature

Blockchain is essentially a signature.

You need to think about the value of a signature. What is the trust value of of a pen on paper signature? At the local grocery store, they don’t accept checks anymore. That should tell you that. Although it’s not just the quality of the signature, but the cost to verify, and the quality of the verifying authority in this case.

What about a PGP signature? From 512-4096 bits — pretty much verifiable, as long as you can keep your key secret — but there isn’t a good trusted authority, and no standard acceptable interchange. You can put on your tinfoil hat about this.

How about TLS? HTTPS with 2mB is good enough for most transactions, usually with a tolerance of a few hundred dollars. Browser manufacturers and SSL certificate authorities are good enough here for almost everyone. You can get that for around $50 but some people pay thousands of dollars for greater peace of mind. There’s no accounting for psychology.

So now we have blockchain currencies — which try to solve both the problem of the trust of banks, and the monopolies of browser CAs. But do both poorly. And they don’t solve the fundamental problem — that of a clearinghouse for exchange. You still need a trusted central source of exchange. Mt Gox proves that. And using the blockchain to clear a blockchain is a obvious mobius strip paradox.

What you need to do is figure out the tolerance for risk at certain value. Or stated another way, the cost of “breaking” the security of a certain signature. For personal checks, that used to be around $200, before banks became ineffective at both security and clearing funds.

For cash, the risk value is about $100. If you’re at a gas station that says “we don’t accept $100 bills”, you’ve experienced this.

In truth, a simple public MD5 sum should be approximately equivalent in risk to a paper signature or money. It’s not worth trying to break — or counterfeit for less than about $100-200. But since there’s no medium of exchange, maybe half that value — MD5 should be safe for up to $50.

A SHA1 signature should probably double that. With an additional byte count checksum, it should double again. So call it $200.

PGP should be as good as SSL — sufficient for transactions up to $1000. What’s missing is a CA. PGP with a CA should be good for several times that. Maybe $10K transactions.

Obviously something more is needed for large sum transactions — bank accounts, vehicles, property. But all we have in place currently for these sorts of things are contract paperwork, wire transfers — and here’s the barrier to entry — government enforcement. Try lending money over $100K without being a part of the system and see where you get.

The force of law includes both your lifetime earnings, and your freedom. That’s the collateral. This is what enables transactions over $10K. And you have to have control over the law to enforce that. You have to be a “bank”.

For smaller amounts though, below $100, possession of a cell phone is sufficient. Think venmo, uber. With paypal, they have your identity, so you can get larger amounts, gradually increasing as your trust — and stake in paypal increases. Up to where you need a merchant account — where you are back to providing collateral for the powers that be.

So it comes down to three things:

1 – trust
2 – risk
3 – collateral

Blockchain cryptocurrencies only address #1, and do much more inefficently, and only marginally more securely than a simple cryptographic hash. And the real show stopper, is that there is no means of exhange, to enter or exit the system. It requires total buy in from everyone — in other words, to be declared FIAT, for it to even succeed as a medium of exchange. While still not solving the obstacles of risk or collateral.

Advertisements

Alternatives to WordPress?

I’d like to find an alternative to WordPress.  But I want a CMS, not a hosted WYSIWYG website builder (like Wix), and not a static site generator (like Ghost).

Here are some of the features of WordPress that I see as most valuable:

  1. Editing pages / posts — for convenient content delivery
  2. Admin interface — for management by non-developers
  3. Themes — for consistent and changeable layout and appearance
  4. Plugins — for added functionality
  5. Analytics — for tracking visitors and conversion
  6. SEO — for improved search engine results

Here are some things that I think WordPress is lacking or weak:

  1. Development — WordPress is spaghetti code and developing themes and modules is clunky
  2. Customization — Because it’s so clunky, it’s difficult to customize layout and functionality.  A WordPress theme / module developer is a special niche.
  3. Backups & Versioning — WordPress still doesn’t have a reasonable solution here.  The root of the problem is that all content is stored as blogs in a (poorly designed) MySQL database.  Keep content out of the DB and put it back in files.
  4. Static — WordPress is always run on PHP with MySQL.  You should be able to export your site, and it should still work (with graceful degradation) if either your database or your CGI module goes down.

I would like a tool that is good for building documentation heavy websites, blogs, business sites, marketing landing pages, and some e-commerce capabilities.  You should be able to connect to APIs, build modules with templates that connect to those APIs and embed components on pages easily.  A plugin architecture for sharing modules / components is also desirable.

The site should consist of static HTML pages that can be generated from templates / markdown / other tools etc.  So having a route / map is important — but the site should be able to function using file / directory structure from a static webserver at it’s most basic.  Some functionality, some data, and some layout and dynamic content may not work, but your site should still be up, you should still be able to navigate and access content even if everything except static web serving is down.

Then there should be a front controller that is injected before each page that can add additional functionality such as analytics, dynamic routing & content, etc.  This controller would also enable not just modules but the admin interface.  Ideally, as much as possible is handled via javascript added to the pages (optionally even to the static pages) to handle things like analytics, dynamic interaction, fetching content / data via services, etc.

Then there should be the tools that manage compiling templates, incorporating modules, etc.  This should be able to be done offline, or on demand while the server is running — for instance while editing a page / layout / content / plugin via the admin UI.

Is this too much to ask?