Web3 is not the future of the web

... at least not how it is now.

Posted on Jan 30, 2022

I have spent the last few months exploring the new "Web3" space, and many of the things I have discovered during my short tenure has been very eye-opening with the direction this new movement is taking the internet. I've created Web3 enabled sites, written smart contracts for the Ethereum blockchain, played with the Solana blockchain, been forefront in developing systems that securely use the wallet to transmit data, and have attempted to bridge many aspects of "Web2" with the new Web3. I have a lot to say on why Web3 is not the future of the web, and how I could see it one day becoming the future, but first let me talk about the exciting parts today (because there are a lot).

The Exciting Parts

The Early Days of the Web, pt. 2

As an engineer, and as someone who reads about the early days of the internet and the technological advancements very fondly, I cannot help but to draw parallels between today and the 90s. Web3 is new, novel, and it's mostly uncharted territory. It's a brand new way of interacting with the web and opens so many new flows to using web-apps that were previously non-existent. It really does feel like you are building the future and tackling brand new problems everyday.

Unique Challenges to Solve

That brings me to my second point; There are lots of problems, unique to Web3, that you or I now get to reason about and solve. Most of the "hard parts" of Web3 have no tutorials, no documentation, and it is really up to you to find a way to solve on your own. This is exciting because it can be very challenging and it really makes you use your brain to take what you know from Web2 and translate it to Web3; by that, I mean you are translating your Web2 knowledge and finding strange and brand new ways of applying it to Web3 technology.

Rebuilding Existing Solutions in Web3

And that conveniently gives me a segue to my next point: since Web3 is incredibly new, it has a lot of catching-up to do in many areas. Rebuilding these pre-existing solutions to problems within the scope of Web3 can be fantastic practice and ultimately helps you understand core computer science and software engineering fundamentals significantly more. Take OAuth flows that you may be accustomed to on Web2—those fancy buttons you can click from Twitter, Facebook, Google, and the alike, to use your existing account information to create and sign into an app; these are simple solutions to implement, yet engaging exercises to walk yourself through the design and development of. Your core skills and knowledge-set will grow by working in this space.

Money

Finally, the biggest reason most people want to work in Web3; there is a lot of money in it for engineers. No seriously, a lot. If you are not already aware of how much money even frontend developers (creating standard issue Web2 UI/UX, without ever touching Web3) can pull in for a simple single page application, you are going to be shocked to know it's upwards of many tens of thousands usually. If you are a smart contract developer and can work in Solidity, the standard language for Ethereum and many level 2 blockchains, you are making much more. To top it off, if you're really good at Solidity and you, in turn, specialize in smart contract security, you can consider your pay basically doubled for half of the amount of work developing the contracts initially.

The Problems

Centralized Decentralization

I will not be the first person to write about this, but I am going to tell you exactly how this centralized decentralization architectural design pattern has negatively affected me and why it is going to be one of the major growing pains of Web3. The reality of how the average user engages with the internet is through the path of least resistance; if there is a long sign-up process, a complicated menu to navigate, or an unnatural user experience, the average person is very unlikely to use your app. Now, imagine if you asked the average person to manage the configuration files of running their own virtual machine to host their own assorted nodes to use your app; it's just not going to happen. That is why the market has opted to build and fund centralized providers of otherwise peer-to-peer technologies, like email. It is just easier to have Google or Microsoft deal with that configuration nightmare on the backend while you receive your weekly venture capitalist newsletter about some new podcast they're launching on the front.

We have accepted this pattern in Web2, and for good reasons, but the Web3 space by nature should be avoiding this design pattern since the whole schtick is that it's decentralized. However, they fall into the same comfortable "trap" that is centralization; but with the ugly twist of pretending that they don't. Basically every Web3 enabled webpage uses one of two Web3 providers, either Infura or Alchemy. Now, this is not an attack on either provider; they are both doing exactly what I would do if I was interested in building SaaS in the Web3 space (providing a service that makes the end user's life easier), but this inherent issue of relying on one of these two sole providers brings us right back to being centralized. The only difference now is that these two providers are very young in age and very frequently go down, slowing your flashy new Web3 enabled site to a crawl.

If you are in the NFT space, you'll also notice another massive centralization nightmare: the token URI of your NFT collection tends to be hosted on either IPFS or a Web2 API server. Now, you can host all of your metadata and images on the blockchain, but in practice, for even the smallest images in SVG form, this will cost tens of thousands of dollars and is not a feasible investment for collections that may not even mint more than a handful of tokens before crashing and burning in a fiery death. The next option is IPFS, which is a distributed file sharing protocol and is actually very cool (in my opinion). It just has one flaw; You either need to run your own node to "pin" the files you want to keep in IPFS, so they don't disappear for ever, or you must pay another centralized service to pin them for you. And, to make matters worse, as soon as you stop paying for that pinning service, your files (and your NFT collection) is gone with the wind. I am going to assume I don't need to describe why a Web2 API server is centralized and you get the point of this argument already. There is a chance that the eventual move to layer 2 blockchains, where there is low or no gas, could break this decentralization anti-pattern since people will be incentivized to put their images and metadata on the blockchain, but only time will tell.

User Experience

One of the most important advancements in Web2 and mobile apps as a whole was the great progress made in the user experience. We have made apps accessible, fast, easy to use, and actually enjoyable sometimes. This has only come after years of iterating on designs, compounding ideas, researching users, and testing interfaces. It is truly something we should look back on, and be proud that we've overcome the ugly grey-on-white buttons of yesteryear. Sure, there is more work to be done to make all of this better, but we've come very far. Now imagine if you removed about a decade of UX design philosophy clean off the web; welcome to Web3.

Web3 really does feel like we've taken many steps back in the form of user experience; and even now, when I'm writing this, I can't really put my finger on why exactly this has taken place. There are many aspects of Web3 that are more complicated to use, harder to understand, but there is no reason serious user experience work cannot be done to make it better. I almost think it's like Linux Desktop; those that know how to use it well enough to develop the user experience are also the same ones that will tell you that just learning and using a command line interface is much faster and better than a standalone executable. It's paradoxical.

I do want to say that time should heal these wounds, just as they did for the traditional web we know and love, but this will only come from a culture shift gained from the increased amount of normal people using the technologies everyday. Maybe when Coinbase adds their NFT platform, and introduces their over 60 million users to this new side of crypto, it will push developers to create better experiences for their users.

You, as a Web3 developer, also need to support the large (and ever-growing) array of wallets for your specific blockchain. You likely do not want to turn users away from using your website just because they use a different wallet than the six you already support. You need to be constantly in-tune with what new developments are happening with your specific wallet connection libraries. Also, from the perspective of a user, you now have to make a significant choice on the wallet you wish to use for your Web3 adventures; each with their own specific set of features and drawbacks, different levels of security, and documentation. This can get confusing for the average user (imagine explaining to your mom the difference between Coinbase, MetaMask, Ledger, and Rainbow).

Security Through Obscurity is Lost

One of the very exciting and, similarly, scary parts of Web3 is the openness of the entire technological stack. When you create a smart contract and upload it to the blockchain, anybody can use a blockchain explorer (such as Etherscan for Ethereum) to read the entire contents of your contract. This is fantastic for those knowledgable enough to read Solidity and wanting to avoid scams or sketchy code, however it makes the process of building secure contracts much more difficult. You lose the ability of having security though obscurity, which is an invaluable tool in Web2.

You could make the argument that this will make the smart contracts more secure over time as exploits are identified and fixed, and it also offers a great resource for new developers to see how "the big guys" write contracts securely; you're right, it probably is. This is the entire idea behind open sourcing your codebase. By allowing others to read your code and identify problems, you get the benefit of a thousand eyes reading what you have done and helping you make it better. In Web3, the biggest problem is that there is great immediate incentive for bad actors to exploit the code and make a quick dollar while they can.

Once code is released onto the Ethereum blockchain, it is also immutable. That means that if there is a security flaw, and even if somebody does the right thing and notifies you, there is nothing you can do to fix it. You need to kill the contract and leave it to die a slow and cold wintery death on the blockchain. That means migrating your users to a brand new contract, which, by the way, costs them money. You could always switch that contract to read only and start a new contract for all future developments, but now you need to integrate and maintain both contracts for everything you do. This starts to get unruly.

OpenZepplin, one of the larger collectives in the Web3 space, have developed proxy contracts that let you save the state of your main contract within them so that you can make updates to the underlying main contract at will. These are great tools for developers to use, but it's very easy to screw up while using them, killing the state of your contract entirely (and thus erasing all data stored on it, which belongs to your clients). To top this entire argument off, every single update costs you money for a brand new contract deployment.

Tech Stack Complexity

Just like the user experience, the current web has spent years perfecting fault-tolerant systems that can scale and be highly available for their clients across the world. This is only possible through distributed computing, which is the process of removing as many single points of failure as possible from application architectures. When you introduce Web3 into your app, you now introduce multiple single-points of failure that could slow your entire application down dramatically. This is a very complicated problem to solve, and even Web3's arguably largest and most well-known website, OpenSea, has difficulty keeping their systems from crashing regularly.

Many of these systems are also entirely out of your control. Ethereum is going to be as fast as Ethereum will be, and there is no begging, pleading, or deploying hundreds of servers that will change that. You are now at the will of the Ethereum blockchain and how much gas (effectively the unit of priority on Ethereum, which translates to real money) your user decides to put forward for this transaction. Of course, Ethereum is just an example, and you could use other chains, but many other ones have massive flaws as well. Solana, for an example, is a no-gas blockchain (it is effectively centralized and ripe for abuse) that you could use as well, but now your users need to have a Solana wallet (dramatically different and less popular than Ethereum wallets), and you're still at the will of the Solana blockchain's speed.

Javascript has also seemingly become the choice language of Web3 developments in Web2. I don't know who decided that Javascript was going to become the official language of Web3 libraries in Web2, but here we are. Sure, there are libraries in more scalable and performant languages like Java, but have you actually tried to use them? The main ones are rough and use an insensible amount of memory due to the dependent nature on polymorphism. These libraries are open source, and I'm very thankful that some individuals have taken it upon themselves to thanklessly build this library out, but it has not seen anywhere close to the amount of work that the Javascript library has. Javascript just cannot deliver the same performance as Java, and I can tell you that I have run into many issues where Node.JS instances have crapped the bed where Spring otherwise wouldn't have.

Privacy

Web3 is funny, in the sense that you can be entirely anonymous hidden behind a random 42 character long hash, and yet everybody can see exactly where you have been, what you have been doing, and what assets you have in your possession. Every transaction you have ever executed against the blockchain is recorded and preserved, forever. This makes certain types of privacy, like what you are spending your money on, very complicated to maintain. There are solutions that exist now, and I'm sure there will be many more as time goes on, but for the average user it is too complicated. You could make the argument that at least your data is not frivolously thrown around like it is in Web2, but then I'd just say that 90% of the time you are still using some form of Web2 and have the opportunity for your data to be taken just as it is today. In fact, you're also connecting your wallet and all of your financial history to that site. This remains true even if the site is entirely Web3 based.

How it will become the future

With all of the above being said, I still do think many aspects of Web3 will be the future of how we interact with the internet. Many of the above issues will be addressed with time, effort, and years of iterative design, just as Web2 and the web before that experienced.

Sensible integrations into existing apps

Not everything needs to be Web3 enabled; Not everything needs a blockchain integrated, and you probably do not need your Calendly appointment verified on the blockchain. However, there are many interactions that could be very sensible to have included on the blockchain. Take online identity, as an example. By having your online identity independently verifiable on a blockchain, you can conduct business with others and feel a sense of security that you're dealing with someone that is real and honest. You could continue to integrate the blockchain into applications that act as "membership cards", similarly to how NFTs work now, for real world and Web2 enabled apps.

Publicly visible and verifiable data

Building off of the point above, having data like who has access to a certain website or dataset, or who you're conducting business with in a peer-to-peer and independently verifiable manner is incredibly powerful. There is now effectively a central database that anyone in the world can edit, contribute, and verify data. This is both incredibly cool from an engineering and practical point-of-view. This opens the doors to new modes of verification that otherwise was not possible since this creates a decentralized source of truth.

Commerce

The ability to purchase, transfer, and request funds from others on the blockchain without having to interact with banks or central authorities like Visa or MasterCard is incredibly powerful. This introduces a new age of commerce where you are in full control of your funds. Of course, there are many drawbacks; like the ability to send a crypto coin to the wrong address and have it disappear forever. However, the ability to make the choice to take these matters into your own hands is incredible. You also do not have to worry about central authorities, like the federal reserve, changing the value point of the currency. The crypto-currency will fluctuate, as any other currency does, but this is independent from any one source.