How to build a decentralized Twitter

Elon Musk’s (apparently successful) deal to acquire Twitter has reignited a long-standing discussion in the crypto community that, at least until now, has centered around a theoretical product category: “decentralized social media.”

“Tweets go on-chain, encrypted; the sender chooses who can access them (i.e. who can decrypt them). In a sense, it combines DMs and tweets — a DM is a tweet with an “Only Jill” privacy setting.”

— SBF (@SBF_FTX) April 14, 2022

Just as Bitcoin is censorship-resistant money, we could theoretically use Bitcoin-like infrastructure to run censorship-resistant social media applications! Technically, at least one proof-of-concept is certainly possible. Back in 2014, Casey Kuhlman, Tyler Jackson, and I proposed a DAO called “Eris” that was basically a distributed version of Reddit that would run on a blockchain backend (Ethereum POC 3, to be exact).

We built this in May 2014, 8 years ago. Notice the “My DAO” button in the top right? People thought we were completely crazy back then.

While this prototype went nowhere, because this all happened in 2014 when the market couldn't tell the difference between smart contracts and egg tarts, and "DAOs" were something discussed mainly among followers of Confucianism, today, some new entrants are cracking this same problem. Given my long experience in the Bitcoin/blockchain space, I admit that it would be tempting to cobble together a funding platform and raise $20 million in pre-seed products to build this shit, given the large amount of venture capital currently available. Fortunately, after my last startup, I vowed not to try to develop or sell software again, so I will stay in my law firm, where I belong.

It’s true that it’s much easier to design a prototype than to design something that people actually want to use. Even on simpler “web 2” technologies, there are thousands of social media applications, but only a few are significant. Creating a social media application is easy, but running a successful social media business is incredibly difficult.

Previous attempts at “decentralization” have performed poorly. The most successful attempt to date, Mastodon, is a federated service, albeit an imperfect one, with single instances not scaling well (as Donald Trump’s company, Truth Social, found when they forked Mastodon in an attempt to shortcut social media stardom, only to find that Mastodon’s backend couldn’t handle their traffic).

By the same token (pun intended), dumping all information into a blockchain and storing it all in the clear, as Bitclout does, is easy but completely unscalable. Facebook doesn’t need to agree on a global state of affairs that would allow people to delete their own data; besides, Facebook generates over 4 petabytes of data per day. Any system that tries to emulate Bitcoin (like Bitclout) will quickly be relegated to a few nodes running in a data center, just like Ethereum.

There are also legal issues. It turns out that social media companies are subject to a host of regulations. With the exception of data privacy, these regulations are generally uniform in the United States, but vary from country to country. In the United States, these regulations cover the destruction and reporting of illegal content, copyright issues, data protection, and the mandatory disclosure of user records. All of these factors need to be considered in the design of any "decentralized" social media application.

Illegal Content

Lawyers working on decentralized storage solutions have long argued that the issue of illegal material is a major barrier to adoption of these services.

In the United States and around the world, the most prevalent illegal content currently available is child sexual abuse material, which law enforcement refers to as CSAM. Despite the severe penalties for knowingly exposing this information, ranging from hefty fines to lengthy prison sentences, the crypto industry’s response to this long-standing internet problem has been more or less to ignore it completely.

Web2 applications that host user-generated content, such as Reddit, Twitter, or Facebook, take a very proactive approach to this type of illegal content. Federal law requires “providers”—a term that refers to “electronic communications service providers,” which courts will likely understand to mean blockchain node operators as well as traditional centralized service providers—to remove CSAM when they discover it, securely store it for 90 days until served with legal process, and then securely destroy it. Facebook and other companies use a variety of software, including Microsoft’s PhotoDNA, to automatically detect, remove, and report CSAM.

Overseas, where there’s no such thing as the First Amendment, the categories of “illegal content” are even broader. Like Germany’s Netzwerkdurchsetzungsgesetz, or “NetzDG,” which requires operators of social media services to register with the government and comply with removal requests after reaching a certain size; French law No. 2020-766, which targets hate content on the internet and imposes fines if illegal content, including “terrorist” content, is not removed within an hour of being posted; or Section 5 of the UK’s Defamation Act 2013, which has a notice-and-takedown procedure for alleged defamation similar to the U.S. DMCA.

As far as I know, services like Reddit and Facebook respond well to all the above requests and requirements, while many blockchain-based services, such as StorJ or Sia, have no such controls (or only very limited controls). They allow the storage of encrypted data without creating user records or the service provider (in this case, the node operator) being able to determine which data is stored or assess the legality of the stored data.

It is quite possible, I would even consider it probable, that decentralized data storage services are currently being used to host illegal content, most likely without the knowledge of the hosting node operators. This level of willful blindness is simply not possible for a "decentralized" social media application, which must be designed in such a way that an otherwise law-abiding user can participate in the network while having the security of knowing that he or she is not violating local laws. To date, no blockchain solution with a storage component has even attempted to address this problem. Any design that hopes to succeed must address this issue. No one will run a node for a decentralized service if there is a risk of going to jail.

intellectual property

Likewise, our intellectual property system is not well suited to being used in a decentralized manner.

Social media node operators—entities that “provide transmission, routing, or connectivity for digital online communications … of user-selected material without modifying the content of the material sent or received”—are “service providers” under the DMCA and “publishers” under the Copyright Act, and therefore have two things to consider: (a) defensively; they must register with the Copyright Office to take advantage of the DMCA’s safe harbor protections, and (b) consider themselves exposed for hosting material that could give rise to a claim of copyright infringement.

At a minimum, resolving this issue would likely require implementing the DMCA’s notice-and-takedown process for any third-party content hosted on a node (which would involve node operators reverting themselves to the Copyright Office if they want to benefit from such protection). Worse, we might see copyright trolls, who have become more emboldened recently by the huge increase in the number of presumably inexperienced defendants, repeatedly and maliciously attack node operators to extort small settlements. In another alternative, applications could be designed so that users don’t host images or videos at all — the kinds of copyrightable subject matter that are most commonly used by those pesky copyright enforcement law firms.

It’s hard to speculate what kind of infringement and enforcement you’ll encounter in a communications medium that doesn’t yet exist. However, from what we’ve seen with web2, it’s almost certain that copyright trolls will exist once web3 becomes profitable.

Data Protection and Disclosure

Another problem arises when we consider that a person participating in a decentralized network may have access to a large amount of user data in the process of operating his or her node.

Let’s assume, for the sake of argument, that a decentralized social media system is built, and that the network will allow users to download the user profiles and posts of everyone within two degrees of separation from them. So, assuming that I follow @A16Z, and @marmotrecovery follows me, then @A16Z will be allowed to download and store my information and posts, as well as the information of everyone who follows me, including @marmotrecovery. Judging from the number of users that @A16Z follows (500,000), it can be argued that if A16Z were to run a node on this hypothetical network, it would likely be a “service provider” under the California Consumer Privacy Act or other local laws, and may be required to implement a compliance program.

Likewise, node operators could become “electronic communications service providers” within the meaning of the Stored Communications Act (18 USC § 2701 et seq.), and thus could be required to turn over records on their computers to the government without the government first obtaining a warrant—at least, to the extent those records relate to third parties owned and controlled by the node operator. Users are unlikely to want to run a network that invites this level of intrusion into their personal lives. Applications will need to be designed to hold as little third-party data on their nodes as possible.

Some rough conclusions about the design of future decentralized social media networks

All of the problems identified above share a common factor: social media does not require agreement on a permanent and immutable global state. Instead, social media requires a certain level of censorship and deletion. Decentralized technologies like Bitcoin are designed in a way that makes deletion impossible or too expensive. Therefore, a decentralized Twitter would not be like Bitcoin.

Whether for criminal liability, civil liability, or simple usability, the need for content removal and moderation will be the single most important factor in the design of any decentralized social media system. The irony that what is considered unfair content control in Web2.0 systems is exactly what drives decentralized social media in Web3 systems is not lost on me. At the very least, the centrality of content control to the social media user experience means that simply throwing everything on the blockchain, as Bitclout does, and then replicating it to every node in the network, and pointing everything else to the IPFS chain, as Sam Bankman-Fried seems to suggest, simply won’t work.

My hunch is that the first truly successful "decentralized" social media system will not attempt to be an all-singing, all-dancing world computer, but rather will have participants replicate the absolute minimum viable information necessary for the network to function. In my opinion, the only opinion I ask of a social network when using it is whether a particular piece of content was posted by a particular person. I have little interest in any other opinion the social network has about the world. If anything, the "blockchain" piece should be relegated to providing a register of usernames and associated public keys, and little else.

“No way. A ‘decentralized Twitter’ would have self-hosted content. The chain should absolutely be a registry of users’ public keys and usernames so you can verify that a specific post was made by a specific user handle. https://t.co/UF5vnb0tbX”

— Preston Byrne (@prestonjbyrne) April 14, 2022

It’s also likely that the first successful decentralized social media service will limit the kind of data hosted by users to plain text, in most cases.

Firstly, hosting only the texts you and a select group of followers write is a low liability proposition from a criminal, copyright and data protection law perspective. It also has less of an impact on bandwidth and is easier to transfer peer-to-peer.

Secondly, video and image hosting, simply because of the amount of data involved, if for no other reason, will likely be outsourced as it is now. There are a number of third-party platforms (Bitchute, Cozy, Odysee) that have lax content moderation policies for video content, but they are not non-existent. This could fill a gap in the market currently served by established sites like YouTube, while also removing the responsibility of node operators to police content - which would be particularly useful if users were to be kept away from copyright trolls. To serve this content, all a decentralized system would need to do is not block links to these services (link blocking is a practice that both Facebook and Twitter engage in), or allow users to control what they see by manipulating whitelists/blacklists of third-party content providers (e.g. Free Library could block all right-leaning sites, while the anti-Free Library Media could block all Free Library Media). A decentralized system would be another source of traffic for these sites.

Of course, I could be wrong. As we speak, some genius somewhere is probably writing a six thousand word blog post about a social media proposal for “Zk-Dork proof shark sharding” that would be built on some all-singing, all-dancing, Ethereum-like Rube Goldberg machine that promises to solve all scaling problems by simply running the whole thing on AWS magic by ConsenSys. However, my hunch is that a simpler answer to this question is more likely to be correct. “Decentralized social media” might be more like RSS than Ethereum.

While this sketch describes an imperfect solution to the censorship debate, an imperfect solution can be an adequate solution. Most of the politically motivated “censorship” that occurs on Twitter and Facebook is not directed at images and videos, but at links to third-party websites, plain text expressions of false ideas, and digital identities themselves.

An effective “decentralized” solution to the social media censorship problem might simply require ensuring that text, links, and identities are uncensorable — text and links are self-hosted, and identities are irreversible. If we orient the problem toward solving this limited set of problems, I think a usable version of a decentralized Twitter with a half-baked user experience is achievable in the near future.

postscript

*A lawyer friend asked, “Wasn’t it a design goal of those who want something like deTwitter to undermine censorship laws and allow the network to continue functioning despite hosting illegal content?”

It depends on what your design goals are. In terms of resistance to third-party censorship, a network that allows all legal speech will have exactly the same design features as a network that allows all illegal speech. Users should not be able to shut down any other user.

However, censorship resistance to third parties does not require censorship resistance to oneself. This is the most obvious difference between decentralized social media solutions and systems like Eth and Bitcoin, where censorship resistance to the world includes censorship resistance to oneself (you can’t delete your own transactions). Users will need to become more or less absolute dictators over their own hardware and their own speech, consistent with the First Amendment and the legal obligations of anyone who connects a server to the public internet. If a user chooses to host illegal content, law enforcement should be able to take that user down without bringing down the entire network. This would allow high-value speech that constitutes protected speech to flourish across the web by being hosted from places like the United States, while allowing law enforcement to respond to speech that is, for example, threats of violence and other zero-value speech.

While governments could hold people accountable for their speech in such a system, they would not be able to “remove” someone’s identity by using legal process or by exerting unofficial pressure on private companies — pressure that, I suspect, was behind the blanket bans of right-wing figures like Alex Jones or Milo Yiannopoulos from nearly every mainstream tech product, which, for those of us who remember, were enforced on dozens of companies across the entire internet in the space of 24-48 hours. That’s why the only truly immutable part of the system would be decentralized identity — as far as I know, it’s not illegal to own a copy of an address book, even if some of those addresses belong to bad actors.

**After publishing this article, a reader pointed out that the decentralized blockchain service Sia has actually begun to introduce such controls, albeit seemingly limited ones. Rather than attempting to tame the entire decentralized protocol, these controls split the protocol into two parts - paid services (SiaPro) and unregulated free services (SiaSky), which utilize separate domains, with the paid services operating according to the rules and the unregulated services remaining unregulated.

Original author: prestonbyrne

Contributors: Demo

Reviewer: DAOctor

Original text: How to Build Decentralized Twitter