To Further the Decentralized Web, Think Bigger

To “decentralize the web” is to empower the individual web user to have more control over his or her activities on the Internet as opposed to a small number of large organizations. The effort to accomplish this is by now quite well-documented across the Internet, and in this post I wish to present some additional thoughts on the topic.

The modern decentralized web movement has many components, and one of the most prominent is undoubtedly “the Fediverse”, a multitude of social networking websites (styled “instances”) that all run on software designed for interoperability. Through protocols such as ActivityPub (as well as the older OStatus), users of a given website can interact with users of other websites as easily as they can with users of their own website, assuming each website uses compatible software. By far the most common example of the federation principle is email, a fact often pointed out to those unfamiliar with the concept of federated social media.

A phrase often heard among advocates of the decentralized web is “protocols,. not platforms”, for the simple reason that protocols can be used by anyone, whereas platforms are controlled by a single entity. Platforms have the critical disadvantage of being a single point of failure; if Twitter.com disappears it takes the entire network of tweeters with it, but if Mastodon.social (which runs Mastodon, the Fediverse equivalent of Twitter) disappeared tomorrow most of the network of tooters would be unaffected. Even for an unfortunate former user of Mastodon.social who has to sign up at a new instance the fact that there is a network to reconnect to makes the task of migration much easier than it is today in the realm of the big social websites.

The task of migration, of course, becomes easier as the number of instances becomes larger and the average size of each instance becomes smaller, since the failure of any one node in the network becomes less and less impactful. This is why, for example, Eugen Rochko (the creator of Mastodon software) closed new registrations on the flagship instance of Mastodon.social, so more decentralization would be encouraged. Of course, like email this approach only goes so far, and if one website attains a decisive advantage in user experience (like Gmail has in email) it will grow far larger than the competition. As we see in email, though, there is also a natural limit to how large one node can get in a decentralized network. Ideally, for advocates of the decentralized web, no one node should ever gain such an advantage. How, then, will we discourage this from happening in the future?

It is my view that even within the decentralized web movement, the vast majority are still thinking way too small, at the level of empowering many small to medium sized communities instead of individual users. I would much rather live in a future where the average social website is the size of the average Mastodon instance (or even email instance) than the size of Facebook and Twitter, but this still leaves the vast majority of users at the mercy of other people’s platforms, and needing to migrate accounts periodically. Migration is a much-noted weak point in current Fediverse software, and if a data portability feature were added (so that it became possible to migrate all of one’s data over to a new account with one click) this would help significantly. One-click or automatic backups in case your account is deleted by the webmaster would help as well. This still leaves the disadvantage of everyone you know having to change over the address they send messages to; the example of email is once again instructive.

The most decentralized web possible, and the only one in which the problem of migration is completely obviated, is one in which every user runs their own instance. This is often dismissed by decentralized web proponents themselves as unrealistic, and I concede that it is more of a reach than having people sign up at smaller websites instead of bigger ones. However, I maintain that this process should be seen as an intermediate step towards personal nodes rather than the end goal itself.

How, then, are we to accomplish the goal of giving every Internet user their own node? Presumably, all other things being equal, most people would prefer having their own node, their own server, and their own piece of Internet real estate rather than depending on someone else’s; therefore there must be disadvantages that render the two options unequal, as indeed there are. The most obvious barrier to being your own node is that it costs money to run a website; even if you eschew external hosting and run your server at home, it still takes $10 a year or so to register a domain name. This barrier doesn’t exist for signing up on someone else’s website. Web hosting contracts usually run around $5 per month.

These are hardly formidable barriers, though, and quite a few web hosts make it very easy to get started with one’s own website. WordPress, in particular, can be installed in one click (and even comes pre-installed by some hosts!), requires no coding to be set up, and can support most kinds of websites more or less natively. The process for getting started is no more difficult than that of many social media sites. WordPress is also free and open-source software, which brings us to another important point: whatever your view of the philosophies associated with the free software movement, it is hard to dispute that the most effective means to lower the barriers to being your own node is to make the software involved free of charge and open source. Free and open source software will be the lifeblood of a decentralized web, as it already is for the components of it that exist today. A free price point encourages adoption, and open source is critical to avoid a single point of failure; for example, if the organization behind WordPress disappeared users would keep using it and developers could continue to work on it regardless.

WordPress was a great leap forward in lowering the barrier to getting your website online; this blog runs WordPress, and it took me perhaps an hour of work in total to get it up and to select and customize my theme, all without having to even look at one line of code. This represents the standard which all decentralized web software needs to meet in the future if the goals of the movement are to be achieved, as this standard is already met by the big social websites. None of the federated social networking software comes remotely close to meeting it, which is one of the reasons why even within the decentralized web movement self-hosting your own blog is still much more common than self-hosting your own social networking. As far as I know all the software also needs to be run on a VPS (virtual private server) hosting plan, which generally costs a few dollars more a month than ordinary hosting, or on one’s own equipment; this is one area that perhaps should be looked into, though is far from the most formidable obstacle. A one-click code-free installation or even pre-installation like WordPress needs to be the number one priority for Fediverse software. This would greatly accelerate adoption of the technology at the individual level, thereby decentralizing social networking most effectively and efficiently.

Social networking is of course not the only feature of the decentralized web. The other great success story in this stable of technologies is cryptocurrency. Arguably the greatest selling point Bitcoin had to its early adopters was the ability to “be your own bank”, to execute financial transactions digitally with no need for any intermediaries such as banks or payment processors. This was, and still is, quite revolutionary, and has obvious synergies with the other parts of the decentralized web. The (free and open source) software required to run what is called a “full node” that stores a full copy of the blockchain, complete with cryptocurrency wallets and addresses, is very easy to set up for the average person, and once installed and synchronized with the blockchain such a user can exchange cryptocurrency with anyone else in the world almost instantly.

We have only tapped a tiny fraction of this technology’s power so far, but pointing toward the future is the OpenBazaar project, which aims to create free and open source software enabling people to conduct commerce digitally “out of the box” without any need for intermediaries, and uses cryptocurrency to do it. The implications for decentralizing the web in the area of e-commerce, an area that needs it about as much as the more social part of the web does, are at least as great as they are elsewhere. The first parts of the Web to feel the effects of this development will be the darknet markets, since their users have been burned by scammers and law enforcement takedowns too many times for their own comfort. A peer-to-peer decentralized alternative that doesn’t have a single point that can (and in that environment certainly will) fail is very attractive to this demographic.

The cryptocurrency community too has high demand for these sort of solutions, since the fiat-to-crypto exchanges face extreme pressure to identify their customers under the police-statist “know your customer” and “anti-money laundering” laws, thus negating the anonymity advantage of cryptocurrency at the fiat-to-crypto gateway level. Obviously at the crypto or crypto-to-crypto level anonymity is much easier, but many cryptocurrency users would prefer to be anonymous all the way through. Peer-to-peer exchange means there are thousands or millions of points of failure instead of the small number of exchanges active today, which will be virtually impossible to pressure into compliance, thus enhancing anonymity. Decentralized exchanges already exist today, no doubt among the same people who run their own full nodes, and will likely transact with software like OpenBazaar as it becomes more usable and commonplace.

With this, for the decentralized web of the future we have OpenBazaar and cryptocurrencies for commerce, WordPress for ordinary websites or blogs such as this one, and all the various Fediverse software for the social web. All of these are free and open source, so in principle one could combine them into a unified one-click installation, WordPress-style. This would also have to include the software needed to run a server, such as already exists in the form of the LAMP stack and the like, what you might call a “home server in a box”. An additional feature that would be useful in such a unified package would be free and open source self-hosted substitutes for cloud storage, such as Nextcloud, thus obviating the likes of Google Drive, further decentralizing the web and promoting privacy. Such a package of software, properly configured and developed, would be very effective, as it would mean decentralized technologies would have a key advantage over their centralized competitors: everything in one installer and controlled from one place from one account. No one else can match that.

At that point even the sort of people who couldn’t care less about whether they control their own part of the Internet will adopt these technologies; once that happens the cause of the decentralized web has won the day, for the same reasons the cause of end-to-end encryption has already won in some sectors of private messaging in recent years.

The final frontier of the decentralized web, as has been pointed out, is the IP address and domain name system itself. One effect of decentralizing the web is that it also makes deplatforming much harder; in the Fediverse, if one node bans your node you can still talk to the ones that still like you. Gab, after it joined the Fediverse last year, faced as much deplatforming as it’s possible to dish out, and yet it still communicates to many other servers without incident. Once the entire web becomes so decentralized, the only avenue left for the censorious crowd who wish to kick others off the Internet will be to target undesirable entities’ hosting contracts and domain name registrations. To date this remains rare and freakish, but such incidents have been climbing in recent years along with other forms of corporate censorship. If this part of the Internet remains centralized this is a major weak point in the Web of the future, thus kicking the censorship problem upstream unless something can be done.

Fortunately, the solution already exists in the form of the infamous Dark Web, specifically onion services that can only be accessed with Tor software. Tor is a very underrated component of a decentralized Web, because it is already a decentralized network running on free and open source software, in this case for security reasons. Onion services, formerly called hidden services, are servers that only operate over the Tor network; a randomly-generated address of 16 or 56 characters ending in .onion (instead of .com, .net, etc.) functions as the domain name. This guarantees webmasters anonymity, but by necessity also means domain names on the Tor network are decentralized down to the individual level, even if for various reasons they must be randomly generated rather than chosen by the webmaster. Domain name registrars cannot deplatform an onion address because there is no registrar, other than the individual (assuming you don’t create a stealth onion address, but that’s a topic for another time).

How this helps webmasters in our decentralized web of the future is that the aforementioned unified installer should add Tor into the package, generating and saving an onion address that corresponds to every clear web domain. This I believe should be done automatically by the software, so that, for instance, a Mastodon instance running on example.com can also be accessed on example.onion, unless the user opts out during installation. To be even more adventurous, the installer could also set up the server to be a Tor relay so that the network doesn’t become over-strained from so much extra activity. Onion service support would also encourage adoption by users who do not wish to pay for a domain name, who may increase in number if there is a multitude of dark web Fediverse instances available to talk to (which there are not today). Dark web support also helps the rest of the software package to harmonize with the cryptocurrency components, which generally already have it now.

Hosting is the other bottleneck remaining, but home servers can easily overcome this, as can using strong encryption for all data uploaded to third-party hosts. Indeed, less censorious hosting companies may adopt it as standard in the future, as it would involve renouncing the technical ability to remove particular content from their servers, much like Tor relays and exit nodes have always done with dark web traffic. This would relieve pressure on them significantly, and I suspect this may also be the motivation for Facebook’s “pivot to privacy”. The barriers to carving out an exception to encryption are much harsher than carving out an exception to a culture of free speech and tolerance.

Concluding, what we need for a real decentralized web is a unified software package and one-click installer containing a LAMP stack, WordPress, Fediverse software, OpenBazaar or equivalent, a cryptocurrency wallet and full node, Nextcloud or equivalent, and Tor software or equivalent (such as I2P). This will enable an individual user to run their own website, blog, social media, cloud computing, e-commerce, and financial transactions from their own server without any need for an intermediary. This is so far beyond what most in the decentralized web movement are trying to promote to the masses it might seem like a fantasy, and yet most of the components needed to realize this vision already exist. All it needs is visionaries to build the remaining pieces and put them all together in an easy-to-use package.

One Reply to “To Further the Decentralized Web, Think Bigger”

Leave a Reply

Your email address will not be published.