When sophistication is required

The Philosopher Developer

January 04, 2024

This is a post I originally authored over 5 years ago, while learning and writing about cryptocurrency. Since it wasn't published anywhere other than GitHub, I figured I would port it to my main blog.

The post has been very slightly modified to reflect my current views and make it a bit more general.

QR codes are interesting. They are a great example of almost maximum obfuscation: a visual representation of information that is easily readable by machines and incomprehensible to humans.

In chapter 2 of Mastering Bitcoin, the author provides a hypothetical example of a transaction wherein Alice purchases a cup of coffee from Bob's coffee shop by scanning a QR code. In the example, upon scanning the code, Alice is able to see a human-readable description of the transaction before confirming. But it got me thinking: if this type of exchange were to become truly commonplace, people might grow accustomed to scanning QR codes to perform transactions without even worrying about the encoded information.

We do this all the time, actually. When's the last time you read the full text of an EULA before checking the box saying you agreed to the terms? We have become quite comfortable with skipping over information that's opaque or overwhelming based on trust.

The thing is, I think part of the conceptual appeal of cryptocurrencies is that you're not supposed to need trust. You don't need to trust central banks because the ledger is decentralized. You don't need to trust individuals because transactions are cryptographically signed.

The more I read, though, the more this starts to feel like the same tune, just a different song. In practice, many participants in the crypto market are already trusting corporate entities like Coinbase. In theory you have total control of your money, if it's been delivered to an address for which you (and only you) have the private key. But I am skeptical that most people are doing it this way because most people do not even understand what a private key is or what it does.

In fact, there are already people in the cash world who have this same amount of control, because they hide piles of cash under their mattress. We tend think of these people as a bit paranoid. But it's true that no one can take their money without physically entering their house, just as it's true that no one could steal your Bitcoin without stealing or hacking whatever device has your private key on it.

The problem is that the system is complicated. You cannot reasonably expect the average person to understand how it all works, and so those who want to participate will seek assistance from those who do (or who claim to) understand it, in exchange for some amount of control. This creates opportunities for exploitation, as people will enter into agreements they don't understand.

This is pretty much the way I think capitalism itself has played out thus far: in theory, it's great and works to everyone's benefit, as long as consumers are sophisticated. But most consumers are not sophisticated, and so they are taken advantage of. I suspect that is a fundamental inevitability for any large-scale system. To make it work, some amount of technical sophistication is required; this forces less technically sophisticated participants to depend on trusted providers; and therefore you cannot fully decentralize and eliminate the role of trust (or the risk of manipulation or abuse).