Trustless systems, and why we need them now more than ever.

Whenever one comes across a new crypto startup’s pitch, or you hear someone standing at an event waxing lyrical about how “decentralised” is just so much better than “centralised”. Should be self-explanatory right? Errr... Meanwhile, 30-100 people in the audience are nodding in unison muttering “yes, yes, of course. Simple isn’t it... when...you think...about it….”.

This may seem an extreme case, but speaking to event attendees that don’t eat, sleep, breath crypto or blockchain, It’s the overwhelming response. So what is the problem? Why are we listening to these explanations time and time again and not understanding the implications?

One reason in my opinion is that blockchain technology and decentralised systems are still new enough for people to be too interested about how they work, than what they can achieve. Does the average user really know how credit cards work? No. Do they need to to understand why they are useful? No.

Another key failure is not focussing on the existing situation, and what problems we are trying to solve. I believe that to understand why blockchains can be so powerful, we need to look at what currently exists, what is wrong with that and how blockchains can be applied to fix it.

One of these buzzwords often thrown around, is “trustless systems”. Example: “This system is trustless, that’s why it’s better than those other non-trustless systems… duh man. Trustless > trusted. Period.” Let’s also ignore that when asked what a “trusted” system is, people usually shuffle and respond with something like: “It’s like trustless, but worse”. So let’s get this straight shall we.

So what do these “trusted” systems look like inside?

To understand what benefit trustless systems can provide, one needs to understand a few things about how the majority of the tech systems look today. A key point is to understand that most of the systems you interact with on a daily basis: Facebook, Amazon, Google, Banks, SARS, Insurers, Police and did I mention Facebook? (Let’s just get them in there one more time, Facebook) These systems are all fully managed by the company or government organisation that provides the service.

When I refer to being "fully managed" by one party, whether it be FACEBOOK or the Police, I mean that they have full control over how the information and records are stored and used. This may seem obvious, but in blunt terms this could mean that employees of this company have a system where they can change whatever they want, view whatever they want or even save whatever they want and take it home.

This is where the trust/trustless distinction comes into play. In these usual types of systems, the users of those services place their trust in the company/system to “look after” their data. Essentially, we trust them to play by the rules.

Okay I get it, they have full access, why should I care?

Good question, in most cases nobody does care. The company has procedures and rules to protect my data and information, and the law also says they can’t misuse it right? Maybe I do trust them. So what are we all worrying about?.

These are all good points, and when companies have their affairs in order, things rarely look amiss from the outside.The problem arises when you look at the ways that trust can be broken, and it’s not always in ways you would think. It’s also good to note that depending on the importance of the service in question, the stakes rise significantly. Banking and crypto exchanges being one of the most heightened cases.

I’m going to skip over the usually punted reasons for why this is important including selling data etc, and focus on one issue that I think are going to be most critical over the next 5-20 years.

Hacking / Cybercrime. Yes, really.

One key point about “trusted” systems is often overlooked. If the trusted party has the ability to manipulate the data as they see fit, it stands to reason that if compromised, anyone with access to their systems could manipulate the data.

This increases the stakes. In most cases, you trust that company not to abuse your data with the access they have. With banks, you trust them to know enough to secure your money as well. Let's be honest here, the average user has no idea whatsoever if or how valid or justified that trust is.

One of the biggest risks that arise from this unchecked level of access, is if that falls into the wrong hands. I've heard arguments to say that companies just need to jack up security, which is valid in some aspects, but by no means an actual solve for these largely human-error driven slip-ups. If you think that better application of security is going to emerge to save the day, I'm afraid you may be mistaken. Cybercrime is likely to explode as more services turn to tech enabled solutions to compete in this rapidly digitising economy. The stats paint a gloomy picture, and are likely to worsen.

Data reference: https://www.itgovernance.co.uk/blog/the-rise-of-cyber-crime/

This, coupled with a decent mix of vulnerable, older institutions struggling to keep up with the digital revolution and hacked-together crypto exchanges and fintech startups setting up to try disrupt the financial services market. Will result in an increasingly fertile hunting ground as time goes on.

Trusted parties are becoming the targets

It’s easy to see why trusted parties will become the target of large scale cybercrime. Especially if they hold items of value, like cryptocurrency etc. It’s much more worthwhile to attack the source than each participant individually.

This will be exacerbated as industries try to move onto newer technology that allows for more fluid movement of funds and greater privacy of participants. The chances of benefitting from cybercrime are increasing at a rapid rate, truth be told in part due to the young and unregulated cryptocurrency market.

So why is "trustless" better?

As the name indicates, trustless systems are systems or services that don’t require you to trust in the actions, security, intentions or motives of 3rd parties.

This has many benefits for both customer and company:

For customers, it may seem silly to think that all of your money could disappear overnight (One of my personal favourites), but this is becoming a regular occurrence and may get worse before improving. There may come a time where customers make a decision on which bank or wallet to use based on if it’s trustless or not.

For businesses it eliminates a massive amount of risk, especially in the financial industry. Not having unfettered access to the information, changing data or moving funds makes you much less of a target for cybercriminals as well as having additional benefits like decreasing the risk of internal fraud.

Okay, so I see why we need to keep an eye out. But where do blockchains come in?

Blockchains, in some sense, are perfect tools to implement trustless systems. The transparent and shared nature of the data and access rights makes the system much more secure and transparent. The ability to set up a system, bake in the rules that determine what can be done by who and when, is appealing for cases where valuable assets or information is being traded.

The company goes from having to secure an entire database and backend system, employee access accounts, physical databases, email systems, while still allowing enough access for them to administer the system as needed, to having to look after their private key. Also tricky, but there is just no comparison.

As with any new technology, there are teething issues and hurdles that need to be overcome to see this technology start performing to its potential in many spheres, including areas that benefit from trustless environments. But one thing is for sure, we need something to plug these gaps more than we realise. Blockchains provide one of our only options.

About the Author : Louis is an experienced tech entrepreneur, leader and speaker in the blockchain, payments and fintech spaces. Louis has co-founded and built businesses in the payment and cryptocurrency space that have attracted investment from banks and listed companies.

Louis likes to share his knowledge as a speaker, writer and mentor. Louis also consults to businesses on strategy and trends relating to fintech, payments and blockchains as well as designing and overseeing implementations thereof.

To learn more contact him directly on louisfbuys@gmail.com