I recently read Igor Shadurin's article Dive Into dApps. In it, he defines a dApp (or decentralized application):
The commonly accepted definition of a dApp is, in short, an application that can operate autonomously using a distributed ledger system.
From Dive Into dApps
Referenced 2023-11-12T15:39:42-0500
I think that definition is too specific to blockchains. Blockchains are an implementation choice and there are other ways to solve the problem. That said, if you're looking to create a dApp with a smart contract, then Igor's article is a nice place to start.
Let's start with the goal and work backwards from there. The goal of a dApp is to give people control over their apps and the data in them. This is not how the internet works today. As I wrote in The CompuServe of Things, the web and mobile apps are almost exclusively built on a model of intervening administrative authorities. As the operators of hosted apps and controllers of the identity systems upon which they're founded, the administrators can, for any reason whatsoever, revoke your rights to the application and any data it contains. Worse, most use your data for their own purposes, often in ways that are not in your best interest.
dApps, in contrast, give you control of the data and merely operate against it. Since they don't host the data, they can run locally, at the edge. Using smart contracts on a blockchain is one way to do this, but there are others, including peer-to-peer networks and InterPlanetary File System (IPFS). The point is, to achieve their goal, dApps need a way to store data that the application can reliably and securely reference, but that a person, rather than the app provider, controls. The core requirement for achieving control is that the data service be run by a provider who is not an intermediary and that the data model be substitutable. Control requires meaningful choice among a group of interoperable providers who are substitutable and compete for the trust of their customers.
I started writing about this idea back in 2012 and called it Personal Cloud Application Architecture. At the time the idea of personal clouds had a lot of traction and a number of supporters. We built a demonstration app called Forever and later, I based the Fuse connected car application on this idea: let people control and use the data from their cars without an intermediary. Fuse's technical success showed the efficacy of the idea at scale. Fuse had a mobile app and felt like any other connected car application, but underneath the covers, the architecture gave control of the data to the car's owner. Dave Winer has also developed applications that use a substitutable backend storage based on Node.
Regular readers will wonder how I made it this far without mentioning picos. Forever and Fuse were both based on picos. Picos are designed to be self-hosted or hosted by providers who are substitutable. I've got a couple of projects tee'd up for two groups of students this winter that will further extend the suitability for picos as backends for dApps:
Support for Hosting Picos—the root pico in any instance of the pico engine is the ancestor of all picos in that engine and thus has ultimate control over them. To date, we've used the ability to stand up a new engine and control access to it as the means of providing control for the owner. This project will allow a hosting provider to easily stand up new instance of the engine and its root pico. For this to be viable, we'll use the support for peer DIDs my students built into the engine last year to give owners a peer DID connection to their root pico on their instance of the engine and thus give them control over the root pico and all its decedents.
Support for Solid Pods—at IIW this past October, we had a few sessions on how picos could be linked to Solid pods. This project will marry a pod to each pico that gets created and link their lifecycles. This, combined with their support for peer DIDs, makes the pico and its data movable between engines, supporting substitutability.
If I thought I had the bandwidth to support a third group, I'd have them work on building dApps and an App Store to run on top of this. Making that work has a few other fun technical challenges. We've done this before. As I said Forever and Fuse were both essentially dApps. Manifold, a re-creation of SquareTag is a large dApp for the Internet of Things that supports dApplets (is that a thing?) for each thing you store in it. What makes it a dApp is that the data is all in picos that could be hosted anywhere...at least in theory. Making that less theoretical is the next big step. Bruce Conrad has some ideas around that he calls the Pico Labs Affiliate Network.
I think the work of supporting dApps and personal control of our data is vitally important. As I wrote in 2014:
On the Net today we face a choice between freedom and captivity, independence and dependence. How we build the Internet of Things has far-reaching consequences for the humans who will use—or be used by—it. Will we push forward, connecting things using forests of silos that are reminiscent the online services of the 1980’s, or will we learn the lessons of the Internet and build a true Internet of Things?
From The CompuServe of Things
Referenced 2023-11-12T17:15:48-0500
The choice is ours. We can build the world we want to live in.
According to AI:
The best article to read for understanding the digital trust model of the Trust Link Contract Network (TLCN) is "Getting the Digital Trust Right" by Timo Hotti. This article is the first part of a three-part series that discusses various aspects of digital trust and its applications in the modern digital ecosystem.
In "Getting the Digital Trust Right", Hotti delves into the fundamentals of trust in both the analog and digital realms. The article begins by establishing the importance of trust in interactions between individuals and entities, acknowledging that trust has been a cornerstone of human interactions for thousands of years【16†source】. Hotti then breaks down the trust-building mechanism into three functional components: Identification, Proof Presentation, and Issuance Verification. These components are essential for understanding how trust is established and maintained in any interaction, whether analog or digital【17†source】.
The article also contrasts "analog trust" – the traditional way of establishing trust before the digital era – with "digital trust", discussing how trust is established in each case. In the age of analog trust, identification was often through state-issued ID documents, proof presentation through written documents signed by third parties, and issuance verification by ensuring the legitimacy of document issuance processes【18†source】.
In the context of digital trust, Hotti emphasizes the confidence and belief in the security, reliability, and integrity of digital systems, networks, and interactions. This form of trust is critical for digital transactions and is based on the security and reliability of digital technologies, the trustworthiness of digital actors, and the transparency and accountability of digital processes【19†source】.
The article also addresses the missteps in the journey towards establishing digital trust, such as silo-based trust systems, blockchain-based trust, and governance-based trust built on self-sovereign identities. Each of these approaches has its limitations and challenges, which Hotti analyzes in detail【20†source】【22†source】【23†source】.
Furthermore, Hotti discusses the concept of transaction spaces within the network of trust. These spaces are crucial for facilitating verifiable interactions and are represented in the network by agents. These transaction spaces, as part of the digital network of trust, need to be able to advertise interaction logic, execute it verifiably, and invite persons into interactions【30†source】【31†source】.
The article concludes with the proposition of building a privacy-preserving network of trust, where participants are linked to the real world and can present dependable proofs about themselves. This network is based on verifiable interactions, addressing the challenges of digital trust in a practical and legally compliant manner【34†source】.
To read the full article, you can visit the following URL: [Getting the Digital Trust Right](https://timohotti.substack.com/p/getting-the-digital-trust-right)【15†source】.
Here's an alternative view, how applications should be thought of in the fully digital world.
timohotti.substack.com
In short, we should think of the digital world as a network of private persons and public places. The persons gather to places to execute transactions that result as legal contracts. Both the places and the persons have self-sovereign digital identities. The transactions executed should be private between the place and the participating persons. The transactions should also be verifiable by their participants.
That's how the analog world has worked for centuries. I think that the digital world should just copy that model and move on.