The fatal errors plaguing the internet, and how we can fix them

Trust is killing the internet, but decentralization could save it

OPINION
article-image

Artwork by Crystal Le

share

The internet is built on a fragile foundation of trust assumptions — and it’s breaking. Every time we browse the web, make online purchases or share personal information, we rely on unspoken assumptions about how platforms manage our data and ensure our security. But trust assumptions are inherently flawed.

A trustless internet, grounded in decentralized technologies like blockchain, can reduce these risks by ensuring that actions are verifiable and secure without requiring blind trust. If we don’t act now to address the internet’s trust problem, we’ll continue to see data breaches and manipulation that undermine both personal privacy and societal stability. By developing new trust protocols and adopting decentralized solutions, we can secure the future of the web.

What are trust assumptions?

A trust assumption is a condition that you blindly assume is true. While that may seem vague or overly simplistic, trust assumptions are actually a critical component of security audits, and form the bedrock upon which security assessments are built. 

Imagine a security auditor tasked with evaluating a simple iPhone game. There are hundreds of components to consider, from the device running the app to the compiler processing the code. Not to mention the app itself, which likely contains thousands of lines of code and dozens of interactions with other systems — think connecting to GameCenter for multiplayer or using Google to let users sign in. The auditor cannot realistically verify every single component or piece of code; instead, they are forced to make trust assumptions.

Read more from our opinion section: Blockchains still aren’t great at communication

The auditor might decide to make the trust assumption that GameCenter is secure and will function exactly as indicated by Apple, or that the iPhone hardware will match the stated specs for the operating system and compiler to function as indicated. By assuming certain conditions are true, the auditor can concentrate their efforts on probing other aspects of the system that are more likely to harbor risks. However, once a trust assumption is stated in a security audit, the accuracy of the audit hinges entirely on that assumption being correct. If any trust assumption proves to be flawed, the entire program could be compromised.

Trust assumptions aren’t limited to security auditors; in fact, users make scores of trust assumptions everyday when navigating the web. When you log into a social media site, you trust that it won’t harvest and sell your data to untrustworthy third parties; that it employs adequate security practices and will keep your account and data secure; and that it won’t simply pull up stakes and delete all of your content. 

But modern society is built on an increasingly complex web of trust assumptions, and avoiding them simply isn’t possible. It’s why many users continue to get burned by data breaches, most recently like that of national public data, which led to the breach of 2.9 billion people’s sensitive information. It’s also why search engines like Google can convince you you’re browsing “incognito,” while actively gathering and selling your browsing data.

Encoding sociology

It’s clear that trust assumptions breed vulnerabilities, so how can we reduce room for error with a more secure solution?  

Read more from our opinion section: Without decentralization, our data will never be safe

Countering the trust assumption are “trustless systems.” Operating on the principle of, “don’t trust, verify,” these systems allow every action performed on the network to be easily authenticated. Between cryptographic algorithms and decentralized consensus mechanisms, trustless systems establish security and integrity without needing participants to know or trust other network participants. This method has been especially novel in improving tasks like verifying payments or transferring digital assets, where actions are straightforward and can be easily verified.

However, while the cypherpunks got it right with Bitcoin, not all online interactions can or should be made trustless — at least for now. Consider, for instance, the Better Business Bureau, which helps resolve disputes between companies and their customers. The site must filter out illegitimate complaints, which involves subjective judgment and layers of context, making it difficult to fully automate. Given the complexity of language and the current limitations of AI, discerning clear-cut rules to determine a valid complaint is challenging, so human moderation is very necessary.

Read more from our opinion section: Stop calling them audits

Because some processes will always require a degree of trust, it is crucial to develop protocols that effectively monitor and manage trust assumptions, so as to identify their potential blind spots and fortify them against manipulation. These protocols can pin-point dependencies, reveal potential vulnerabilities and assess the trustworthiness of network participants. For example, users could see how many others trust a website before sharing their personal data, turning blind trust into an informed, measured decision that enhances security.

Leveraging the power of trust

There has never been a more critical time to rethink how we handle trust online. As our digital and real-world identities become more intertwined, the consequences of misplaced trust grow increasingly dire. And while embracing trustlessness is ideal for certain use cases, a more effective solution for others may lie somewhere on the spectrum.

By developing and leveraging better tools to monitor and evaluate digital trust, we can gain deeper insights into online security and create a safer environment for everyone. Strengthening these trust mechanisms is not just important — it’s necessary. We deserve an online world where reliability and safety are the standard, not the exception.


Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Explore the growing intersection between crypto, macroeconomics, policy and finance with Ben Strack, Casey Wagner and Felix Jauvin. Subscribe to the Forward Guidance newsletter.

Get alpha directly in your inbox with the 0xResearch newsletter — market highlights, charts, degen trade ideas, governance updates, and more.

The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.

Tags

Upcoming Events

Javits Center North | 445 11th Ave

Tues - Thurs, March 18 - 20, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

recent research

Research Report Templates.png

Research

An overview of the Base Ecosystem, with a focus on market leaders.

article-image

Stanford professors David Mazières and Dan Boneh will lead the lab alongside a cohort of graduate student researchers

article-image

With more companies holding BTC, bitcoin yielding strategies could become “a new corporate finance norm,” CoinShares posed

article-image

The proposal comes after Polygon governance considered a controversial use of bridged liquidity for yield

article-image

Can the community balance its decentralized ethos with the need for inclusivity and constructive debate?

article-image

DAWN is positioning itself as a decentralized protocol for gigabit-level internet access

article-image

VanEck Ventures and VanEck’s Digital Assets Alpha Fund invested $2.5 million in DAWN through a strategic funding round, the teams exclusively told Blockworks