One of the key “blockchain buzzwords” is “trustless.” For many, the entire point of using a blockchain-based digital currency was to eliminate the need to trust actors with control over your wealth and how it may be used. It’s a noble goal, for sure, and one that I support wholeheartedly. However, at the end of the day, true trustlessness doesn’t really exist, even (especially?) in the world of peer-to-peer digital currency.
A truly trustless life does not exist
While the concept of trustlessness holds true, its practice in purity remains elusive. Even with a completely open source peer-to-peer digital currency, you have to trust developers to create an airtight system, and you probably have to trust someone else’s review of the code for you (since it’s unrealistic to think each and every user will be able to do this themselves). You have to trust developers to maintain their previous standards, and trust reviewers to quickly let you know if any of that changes. Wallets, merchant services, exchanges, and any number of other services in the greater ecosystem of a cryptocurrency upon which we rely, all require an element of trust, even if that amounts merely to trusting someone else to tell you they’re trustless. A significant degree of trust is simply inescapable.
Peer-to-peer systems can involve more trust than more centralized ones
With centralized projects, required trust is very clear: you know who’s in charge, what they can do, what they have done in the past, and what kind of incentives and pressures they face that may influence their behavior, and therefore the end product. With a decentralized system that allows anyone to participate and theoretically take some manner of control, you have much less stability. On paper this is an advantage, as no single entity or group exists to be attacked and influenced, but in practice this can go bad quite quickly as the barrier to entry for a single bad actor is incredibly low. Through a concentrated enough campaign, a large distributed project can become infested with members interested in an entirely different, and downright harmful, vision, with little to no recourse for those who trusted the original project’s goals and function. It happened to Bitcoin, once a cheap and efficient peer-to-peer digital cash, now no longer useful for small transactions and effectively shut off from use by the world’s poor. Decentralized projects only work with rigorous participation from a core group committed to a specific path that is willing to go to war to protect the project’s integrity.
Trusted systems often win out of sheer practicality
A big killer of trustless projects is atrophy, and one of the biggest sources of this atrophy is lack of use due to trusted systems frankly doing a better job. Simply put, people use what works for them, and centralized projects have a much better control over the end user experience. In a competition between peer-to-peer and centralized services, many (most?) times the latter will win. If a trustless option is available but everyone uses the trusted one, the user is trusting two things: the centralized system with their real world day-to-day activity, and that the decentralized system will still be fully operational in case of emergency. More likely than not, when a crisis happens, many beautifully open source projects will be in no way usable or well-maintained.
While never completely removed, trust can be minimized and decentralized
While perfect trustlessness doesn’t exist, what can be done is that trust can be minimized, diffused, and decentralized. Use a peer-to-peer digital currency whose developers you trust, whose code has been rigorously reviewed by experts you trust, which can throw out bad developers if they breach their users’ trust, and whose community is energetic, productive, and trustworthy. Participate in a second-best project in case the first becomes compromised. Use wallets and services that require the least amount of trust to use, which are highly trusted and well-reviewed by those you trust. Place your trust in as many different individuals and systems as possible, preferably those who have been worthy of trust in the past, and which have strong disincentives against betraying that trust, as well as an easy mechanism of identifying it and moving on if they do.
In other words, don’t trust trustlessness: verify, always.