web3 stack - bottom to top
March 2022
Web3 is a stack. Each layer is a building block for the next one up.
Today, we’re going to focus on the base, asset, and app layers.
Layer 1 blockchains and scaling solutions
Layer 1 blockchains
In a nutshell, a blockchain is an uneditable list of transactions stored on a decentralised network of computers. This list is called a ledger. The ledger is structured as a series of blocks that get chained together (I’ll leave you to connect the dots here). Each block comprises a list of transactions, a unique cryptographic hash (a string of random characters), and the previous block’s hash to tie them together. A departure from the internet we’ve had to date run from centralised servers.
Anyone can see the ledger as well as the protocol (rulebook) that governs it. Coupled with no centralised control, this gives blockchains credible neutrality as everyone can see the rules and they’re enforced consistently by unbiased code. The ledger cannot be changed without detection because modifying any part alters the hash - making the blockchain immutable by design.
Given their decentralised nature, we can think of blockchains as “special computers that anyone can access but no one owns” (hat tip Chris Dixon). Collectively, the blockchain is a virtual computer running on a decentralised network of physical computers. The decentralised computers are called nodes. Blockchains are completely permissionless because any computer can join the network as a node. Each node runs a copy of the blockchain.
There are two primary blockchains: Bitcoin and Ethereum. The language can get quite muddled, so we need to delineate between the network, the asset, and the product they’re selling. The network is the blockchain - Bitcoin and Ethereum. The asset is the blockchain’s native coin (a fungible asset - more on this later) used to incentivise network participants. Bitcoin (BTC) and ether (ETH) are the respective assets. The “product” that the blockchains sell is blockspace - space in the blockchain for transactions. They strive to produce blockspace that people want. This is the measure of their value. Currently, Bitcoin and Ethereum are winning the race.
Blockchains are essentially computers that can make trustless commitments in code (Chris Dixon, again). Before blockchains, online commitments were trusted (always having to rely on humans acting in good faith). Blockchains enable trustless commitments online because network participants (users and developers) don’t need to trust any single person or institution that commitments will be executed. They automatically run in code.
Computers can be general-purpose or application-specific. Blockchains are the same.
The Bitcoin blockchain is based on monetary commitments for establishing a decentralised digital currency. Bitcoin succeeded where previous attempts at creating decentralised digital currencies failed because it was the first one to establish trustless commitments to capped supply (21 million) and a no double-spend policy (the same bitcoin can’t be spent twice) through its proof of work consensus mechanism (keep reading :)). Previous digital currencies couldn’t get off the ground because they had no way of enforcing the no double-spend policy except through a centralised intermediary, but this meant participants could never fully trust the currency because the rules could be changed at any time. Bitcoin’s innovation was enabling the no double-spend policy to be enshrined in the network through a consensus mechanism. The Bitcoin blockchain is application-specific: optimised for bitcoin (the asset) because its focus is on creating a censorship-resistant store of value.
Ethereum spearheaded general-purpose blockchains that can make trustless commitments to anything, not just monetary policy. The Ethereum blockchain is completely programmable, so it can be a ledger for many different digital assets besides ether. This has unleashed an array of new “digital primitives” like digital goods, decentralised finance (“defi”), decentralised autonomous organisations (“DAOs”), community-owned and operated digital services, and a bunch of others we haven’t cooked up yet.
Being decentralised poses a couple of (age-old) coordination challenges for blockchains. There needs to be a way of getting nodes to agree on the state of the ledger. They solve this through a consensus mechanism. First, the Byzantine Generals’ Problem: how do participants in a decentralised network coordinate without relying on a trusted third party. For blockchains specifically, they need a way for decentralised nodes to agree on transactions and ensure a unified state across all nodes. Blockchain consensus mechanisms enable this by economically incentivising network participants to adhere to the protocol. Second, the “state machine replication” problem says a network cannot achieve consensus if it doesn’t authenticate participants’ identities or know how many participants are in the network. Otherwise, network participants can freely make up identities to gain an advantage - known as a Sybil attack. Consensus mechanisms prevent this by forcing participants to commit resources.
At the consensus layer, special nodes called miners create blocks for new transactions and verify the transactions within them. Then, all the other nodes in the network validate the transactions and execute them themselves so their version of the blockchain is updated to reflect the block of transactions being completed. The miner receives a fee in the blockchain’s native currency (called a block reward).
There are two primary consensus mechanisms: proof of work and proof of stake.
Bitcoin pioneered “proof of work.” Miners compete to solve a cryptographic puzzle. The first one to crack it gets to create the block and verify the transactions within it by checking the balances aren’t spent twice, each digital signature matches the public key of the transaction message, and the hash reference corresponds to the previous block. Once the other nodes have validated the transactions, the miner receives a small bitcoin fee in return. Miners are economically incentivised to keep the blockchain functioning. The cryptographic puzzles are hard to crack but easy for the other nodes to verify once they’re done. Solving the puzzle is computationally intensive, so miners are deterred from creating false identities because they’d need to purchase more (expensive) computer hardware for each one. This averts a Sybil attack. Because of its focus on computational power, however, proof of work is constrained by slowness and high energy consumption.
Ethereum currently uses proof of work but is moving to proof of stake by mid-2022. Whereas the hurdle for proof of work is computational resources, proof of stake forces holders of ether (called “validators”, not “miners”) to commit their funds. Validators will lock up their ether in a smart contract in return for potentially winning the right to participate in consensus. One validator (likely the one with the most staked ether) will be selected to create the next block. Once the winning validator has created the block, the other validators verify it. Then, all the validators get an inclusion fee. If they don’t validate it, the “winning” validator who created the block may have their staked Ether “slashed.” Finally, all the nodes add the new block to their version of the blockchain.
Consensus mechanisms also give blockchains a security buffer, while avoiding inflated issuance. Greater issuance is the surest way of securing the network as the money raised can go straight into the budget jar. But cryptocurrencies want to retain scarcity value and avoid the inflation of fiat money. Consensus mechanisms square the circle.
Proof of work creates an energy hurdle against an attack that bad actors have to get over. Since Bitcoin has a fixed 21 million issuance policy, it’s limited to a 21 million bitcoin security budget for the lifespan of the network. At some point, this budget will run out and transaction fees will have to replace block rewards as the main contributor to the security budget. The more demand for Bitcoin blockspace, the greater the fees the network will receive. But it’s unclear if the maximum transaction fees Bitcoin can earn through blockspace demand will be sufficient to secure the network.
By contrast, proof of stake creates a value hurdle. More staked ether means a bigger hill for attackers to get over because, to attack the network, they need to control the majority (51%) of staked ether. Ethereum is following a minimum necessary issuance policy, so it will always issue the minimum necessary ether to be able to secure the network. More staked ether means less ether needs to be issued for block rewards. At the same time, with EIP1559 (Ethereum Improvement Proposal), the majority of ether spent for gas is burnt, which adds deflationary pressure to the ether supply.
This comes to the biggest difference between Bitcoin and Ethereum. Bitcoin prioritises limited supply above all else. Ethereum gives long-term security precedence by always ensuring it can issue the minimum necessary ether to pay for that security.
One word on wallets before we move on. Wallets are the vehicle for transacting on the blockchain and connecting users to the other layers of the stack. Digital wallets are based on cryptography. They have a public and private key. The public key is like a postbox that enables you to send and receive transactions. The private key is like a safe that unlocks the assets in your wallet and proves ownership. Since it’s just a random assortment of numbers, you also have a seed phrase to access your wallet. The public key can be shared with anyone, but never your private key or seed phrase. Wallets put power back into the hands of users. You own the assets in your wallet. They’re not held by an intermediary. Wallets are also the way that users connect to applications (more later) and carry their identity throughout web3.
Scaling solutions
Layer 1 blockchains have been hamstrung by limited scalability. Ethereum, especially, has limited blockspace (ultimately a good indicator, since blockspace demand is the blockchain’s biggest value driver) - causing high gas fees and slow transaction times.
Scaling solutions are designed to deliver greater transaction speed and throughput with lower fees compared to the primary layer 1 chains. Scaling solutions take transaction execution (the slow bit) off-chain, so only the transaction data is stored on the main chain.
The need for scaling solutions arises from the blockchain trilemma. This says that any blockchain can have two of three attributes - scalability, decentralisation, and security - but getting all three is very difficult. There are innate tradeoffs. Scalability means being able to support a large volume of transactions (measured in transactions per second), security means attack resistance, and decentralisations means supporting many nodes (more nodes makes the chain more trustless and less susceptible to being compromised). Layer 1 blockchains need to prioritise security and decentralisation because they’re the foundation of the system. Scaling solutions focus on (shock) scalability.
The plethora of scaling solutions can be boiled down into two categories. First, “layer 2” solutions that piggyback off the main layer 1 chains for security, so retain the same consensus mechanism and security measures. Second, new chain solutions that create their own security.
On layer 2 solutions, transactions are submitted to a server or cluster of servers rather than the main chain at first. Then, they’re added to and secured by layer 1 later. Rollups and state channels are the primary layer 2 solutions.
Rollups execute transactions off the main chain, then they get batched together with a smart contract and added to layer 1 later where they’re validated and secured. All transaction state and execution data is handled by the rollup, so the main chain only stores compressed batch transaction data. Rather than miners validating each transaction individually, in a rollup, they just verify the proof for the bundle of transactions. This proof is called a SNARK (Succinct Non-Interactive Argument of Knowledge). There are two kinds of rollups: optimistic and zero-knowledge. They take different approaches to verifying the transaction batches posted on the main chain. Optimistic rollups assume the batched transactions are valid by default and only run fraud proofs if there’s a challenge. Zero-knowledge rollups submit a zero-knowledge SNARK proof (meaning the proof demonstrates the validity of the transactions underlying it without revealing any of the transaction information) to the batched transactions posted on the main chain.
In state channels, parties make transactions with each other under a multisignature smart contract. The transactions are recorded through signed messages but they’re not settled - no assets are sent or received. When the parties are ready, they close the state channel and the total assets in the recorded transactions are exchanged. So multiple transactions are done, but they’re only settled twice on the blockchain, which is much more efficient.
Moving to the second category of solutions that create their own security: side chains, plasma chains, and validiums.
Sidechains are distinct blockchains that are compatible and linked with the main chain through a bridge which enables assets to be moved between them. Each sidechain has its own consensus mechanism and security measures. The sidechain processes and executes transactions, then it submits a bundle of them back to the layer 1 blockchain at various points.
Plasma chains (to massively oversimplify) are separate “child” blockchains that are smaller replications of the “parent” main chain. The main chain enforces the validity of the state in the plasma chain using fraud proofs. The operator of the plasma chain provides a Merkle root (compressed hash that represents other transaction hashes) of the transfers that happened on the plasma chain. The plasma chains have their own consensus mechanism, but the main chain still ultimately decides on the validity of transactions.
Validiums, similar to plasma chains, execute transactions and store data off-chain, but use zero-knowledge proofs to batch and validate transactions.
Bitcoin’s primary scaling solution is the Lightning Network - a layer 2 state channel.
Rollups are the favoured scaling solution for Ethereum, as they deliver the optimal mix of decentralisation, security, and scalability.
Tokens
Tokens are the assets of web3.
Quoting Patrick Rivera: tokens are the unit of value in crypto. They’re internet native and securely stored in users’ wallets. Because they sit on top of the blockchain, their origin and ownership are indelibly tracked, without needing to be verified by a third party.
Blockchains can’t exist without tokens. Otherwise, they’d be mere databases (shout out Naval). Tokens replace individual corporations and people with markets. Markets need money because they’re powered by supply and demand, and pricing. Blockchains need to have control over the money used in their network so they can distribute it to contributors and punish bad actors. Tokens are more than just money, though…
In real life, we have fungible and nonfungible assets. Crypto mirrors this. Fungible assets are represented by fungible tokens. Nonfungible assets are represented by nonfungible tokens (“NFTs”). Fungible assets are interchangeable - having one is indistinguishable from another - like stocks, bonds, and cryptocurrencies. Nonfungible assets are each unique - owning one isn’t the same as owning another of the same type - like collectables, art, music, and contracts.
Being on the Ethereum blockchain makes tokens completely programmable. Chris Dixon (yes, I know for the 3rd time, but he’s the OG) describes “tokens as webpages” because they’re general primitives. Just like webpages started out as pictures and text, and have evolved into social networking sites, databases, docs and more since then, tokens will do the same. They’re incredibly versatile. Armchair critics write them off as a “toy” and gimmick because they seem trivial (witness NFTs getting mocked for “right-click, save as”). But over time, they’ll move up the improvement curve and down the cost curve to cross the chasm into the mainstream with more generalised use.
Cryptocurrencies (like bitcoin and ether) are the primary fungible tokens - they’re internet-native money. To be effective monies, cryptocurrencies have to satisfy three money qualities: (i) a store of value (so people will hold their value in the money for future use), (ii) medium of exchange (so the money can be traded in transactions), and (iii) unit of account (so the money is used as a reference point for goods and services). Bitcoin and ether fulfil these.
Besides crypto money, fungible tokens can be deployed for other uses: equity tokens give token holders an ownership stake in an asset in return for providing a scarce resource (such as content, capital or custom); utility tokens give token holders access to functionality in a smart contract or off-chain, and governance tokens give token holders voting rights in a community. In practice, many tokens straddle more than one of these use cases.
Ethereum changed the game because its general application blockchain (not just hosting its native (fungible) cryptocurrency like Bitcoin) enabled NFTs. As Naval says, most of the world is non-fungible (fungibility is predominantly confined to the financial world where it’s used for efficiency). Couple this with the fact creating tokens is permissionless - anyone can create an asset, “tokenise” it, and slap it on the Ethereum blockchain - and it’s pretty revolutionary.
NFTs are packaged representations of digital media (art, videos, music and games to name a few) that include the origin and history of the object. NFTs are completely programmable. So, code can be attached to them to enable anything (for example, creators commonly code in a right to receive royalties from secondary sales of their media).
Humans love to signal and belong to a community. NFTs play to this. NFTs are a massive unlock for creators to directly monetise digital creations with fans. The key piece is that they enable digital scarcity. So far, the internet has been defined by abundance - anything can be copied and infinitely replicated. With NFTs, a finite number of an asset can be “minted” (produced) and tracked on the blockchain with authenticated origin. Provable scarcity = value. The popular misconception is that just because NFTs can be copied and pasted, they’re worthless. Actually, more copying means more distribution, which increases the value of the original NFT. Authenticity matters.
For the first time, creators can establish a direct economic relationship with their fans without an intermediary imposing itself in between and capturing most of the value, as in web2.
Moreover, as Eddy Lazzarin describes: converting an asset into an NFT means to financialise it (as it becomes tradeable) and make it composable. Being composable means that all media will become open-sourced and possible to build on top of. This has compounding effects as creators can leverage and iterate each others’ creativity ad infinitum. Hence, NFTs as “media legos” (word to Jesse Walden).
Most fundamentally, tokens enable digital property rights. When an asset is tokenised, it can be truly “owned” by users in their wallets. Until crypto, everything on the internet (besides domain names) was borrowed. Web2 platforms are owned by shareholders (not their users). Data and content generated inside the product are owned by the platform. And when users interact with media online, they’re merely renting it (Li Jin). Internet users are divorced from any concept of equity in web2.
With tokens, users can own parts of the internet, including a slice of the applications they use. There’s an expectation for web3 applications to progressively decentralise by distributing tokens to their users (see Jesse Walden’s progressive decentralisation playbook). This realigns incentives. Applications become more accountable to users, and users have skin in the game to drive appreciation of their token through product evangelising.
For this reason, Chris Dixon sums up tokens as a “breakthrough in open network design.” All network participants (users, developers, investors, service providers) are incentivised to work towards growing the network and driving appreciation of the token. This is powerful at the nascent stage of the network in helping it to get over the bootstrap problem (often referred to as the “chicken and egg problem”) of getting a network effect business to critical mass when there are no users. Tokens give early network participants financial utility which offsets the low network value - thereby rewarding early users to come in and help establish the network. Later on, when the network breaks through escape velocity, the financial upside on the tokens diminishes and the network value becomes the main attractant for users. Platforms go from being extractive to cooperative. Contributors get a share of the gain.
Linking back to the first layer of the stack, tokens facilitate the opt-in nature of blockchains. Buying tokens is the entry point for joining the network. Users can just as easily exit the network by selling their tokens. This is in stark contrast to the traditional financial system which is default opt-in and incredibly hard to opt-out of without becoming a pariah citizen.
Applications
Programmable blockchains enable decentralised applications (“dapps”) to be built on top. Ethereum pioneered this functionality with its general-purpose blockchain - a true computer, compared to Bitcoin “the calculator.”
As Chris Dixon says, “blockchains are the new app stores.” Mobile as an application platform has become saturated in the last few years. Blockchains are the white space for building applications.
Let’s zoom in on the dapp stack… what exactly goes into building a dapp. Ethereum is the dominant blockchain for dapps (I’ll explain why later), so we’ll focus there. I’m going to borrow liberally from Preethi Kasireddy who wrote a fantastic piece on dapp infrastructure.
In traditional web2 applications, the full stack is hosted on centralised servers: the backend database storage, backend code logic that dictates how the application runs, and frontend code that runs the user interface. Users engage with the application via an internet browser.
The backend for dapps is the Ethereum network. This comprises the Ethereum blockchain which stores the dapp data, smart contracts which define the application logic, and the Ethereum virtual machine (EVM) which implements smart contract logic and processes state changes on the blockchain. Adding new data to the blockchain requires users to pay so, to avoid this, some dapps store data on decentralised storage solutions instead.
Smart contracts give dapps their application logic. From the Ethereum white paper: smart contracts are “systems which automatically move digital assets according to arbitrary pre-specified rules.” Think of them as “if-then, then that” statements. Smart contracts sit on top of the blockchain and are often called protocols (not to be confused with blockchain protocols). They run exactly as coded and once they’re deployed on the network, they enjoy immutability (as they can’t be changed). Not to belabour the point, but being able to codify dapps based on automated coded rules means they can run without being manipulated by a corporation. This makes them credibly neutral.
On the frontend, dapps can run the code on centralised web servers (aka AWS) like web2 or on decentralised storage solutions if they want to dodge centralisation. Users engage with dapps through web browsers - no change there.
There are a bunch of connecting tissue parts that enable the frontend to query, read, and write to the blockchain. The frontend queries the blockchain through indexing protocols that makes it easier to call smart contract functions and convert smart contract events into actions on the frontend. For reading the blockchain, the frontend links to it through “provider” nodes. The dapp can either create these nodes itself or use a third party node provider. Using a third party avoids a lot of heavy engineering work. Wallets enable writing to the blockchain - which is necessary for all transactions. So to execute a transaction in the dapp, users have to “sign” the transaction with their private key, which is stored by the wallet provider in the browser. Wallets also enable users to carry their data and tokens with them between dapps, and ensure their privacy. Users can stay anonymous and access all dapps through one wallet, rather than having to create separate accounts for each application.
Dapps are distinct from ordinary applications because they’re permissionless (any user or developer can build and run them) and perpetual (as long as the blockchain is alive, the dapp can’t be removed). Combined, this gives developers and users confidence to invest their time and energy contributing to the dapp because they know it has longevity and they won’t be cancelled.
The beauty of building dapps on the blockchain is that all the application code is open source. This gives dapps composability and interoperability. Application code is accessible to anyone, not owned by a centralised corporation. Rather than being independent walled gardens like web2, dapps are building blocks for each other. Developers can leverage existing code, build on top of other dapps, connect them, and users can port their data between them freely.
As alluded to earlier, Ethereum is the dominant blockchain for dapps. This is primarily attributable to the EVM. The EVM enables developers to launch dapps irrespective of the underlying coding language they used. It also has development kits and application templates which make building dapps cheaper and easier. Network effects are at play as developers want to build on the platform where other developers are to benefit from composability, which in turn attracts more developers. With Ethereum’s token economics (fungible and NFTs), developers have a clear line of sight to monetize their dapps.
The first wave of dapps was oriented around decentralised finance (“deFi”) - breaking out in “deFi summer” 2020. DeFi applications are rearchitecting the backend of finance for “money verbs” like lending, saving, and trading to be based on automated protocols instead of centralised banks and fintechs. The aim is to build more inclusive, equitable, and transparent financial services. By way of examples: Uniswap is a decentralised exchange for trading fungible tokens; Compound and Aave are protocols for lending fungible tokens and earning interest in return, and MakerDAO is a protocol for generating Dai stablecoin (soft-pegged to USD) against crypto collateral assets.
In 2021, art and collectables, gaming, and marketplace applications emerged. Art and collectable dapps are focused on digital ownership and connecting creators and fans. For example, Foundation is a platform for investing and trading digital art. Gaming dapps are built on virtual worlds where in-game objects are NFTs that players can trade and port to other games. Examples include Axie Infinity - a play-to-earn game where players accumulate and trade battle creature NFTs (“Axies'') and Gods Unchained - an NFT trading card game. Finally, marketplaces have sprung up to aggregate pockets of activity, such as OpenSea for NFTs and Gitcoin where developers earn crypto for working on open-source software.
We’re still in the first innings of dapps.
Wrap up
Blockchains are the foundation of web3. Scaling solutions have proliferated to help get around the blockchain trilemma. Blockchains need money tokens and Ethereum has enabled any real-world life asset to be represented through NFTs with digital scarcity and ownership. Decentralised applications are a product of open, decentralised blockchains and their composability is a catalyst for innovation. Wallets plug into the base and application layers - enabling users to transact in blockchain currencies, hold tokens and move around applications.
With the new blockchain model, protocols are accruing value for the first time. Joel Monegro’s fat protocol thesis is the mental model for this. Crypto protocols get “fat” as they soak up the value in the stack (expressed through the native token price), and applications make do with the residual.
Historically, internet protocols (HTTP, SMTP, and TCP/IP) have been free, and apps built on top (the likes of Google, Facebook et al) captured all the value. But the new blockchain model turns it upside down. This is driven by two factors. First, the protocols have more power because all the user data is stored on the open, decentralised blockchain network, not closed walled-garden applications. Blockchains, not applications, hold state, identity and scarcity - they provide the functionality. Second, there’s a positive feedback loop between blockchains and their native tokens. Initially, speculation on the blockchain token drives building at the application layer. Then, when successful applications start emerging, demand for the blockchain token causes it to appreciate. The protocol’s appreciating market cap attracts new application builders and the flywheel keeps spinning.
We see this now. Coinbase’s market cap is $35 billion. Ethereum’s is almost an order of magnitude greater - $312 billion.
So value accrues to the blockchain protocols. But there’s also an inherent rate limit on how concentrated that value capture can be within the protocol. Protocols typically issue tokens to users and developers and keep some for themselves. Since the code is completely open-source, blockchain protocols can always be “forked” (split into two parallel chains). See Bitcoin Cash and Ethereum Classic. If the protocol creator is perceived to be retaining too many of the tokens (and monopolising the benefit of the value capture), other people are incentivised to fork the protocol and make sure the value capture is diffused through broader token distribution. As Taylor Pearson says, this could lead to a fat protocol layer composed of many thin individual protocols from forking.
Writing this has helped me immensely in visualising the building blocks of web3. Thanks Michelle Bailhe at Sequoia for the inspiration. As I said in my first piece, I’m still a web3 newbie. No doubt I’ll want to update a bunch of this as I go further down the rabbit hole.