Who watches the watchmen? Crypto may not be as trustless as it seems

Crypto is often seen as trustless and failproof. But as more regulation, venues and developers come aboard, just how trustless is it really?

Blockchain technology is great because it cuts out the middleman, removes the need to trust third parties, and gives users full agency over their finances, or true ownership of their wealth. From Bitcoin (BTC) to decentralized finance, blockchain technology has been delivering on this promise for quite some time now — but just how trustless is crypto really?

Cryptocurrencies were created as a result of a lack of trust in the legacy financial system, but as crypto continues to evolve and change, more trust is required: in the developers, miners, exchange operators and other network participants. To some degree, crypto is changing the recipients of trust rather than eliminating the need for it.

Ilya Abugov, lead analyst at DappRadar, told Cointelegraph: “There are still a lot of centralized elements, where users need to trust a particular entity or a group of entities. Even things like delegated voting relies on the delegates acting in the best interest of the community.” So, below is an outline of different areas and examples in which crypto perhaps falls short of its promise of “trustless” technology.

Developers and companies

Satoshi Nakamoto created Bitcoin as a pseudonymous developer and released it into the world, so to speak. Today, Bitcoin is backed by millions of users, thousands of miners and nodes, and much more. To an extent, Bitcoin is the closest thing to “trustless” that crypto has to offer, as no single entity holds “too much power” and the code has been reviewed and used countless times.

There are also thousands of different cryptocurrency projects. From altcoins to initial coin offerings and decentralized finance protocols, crypto comes in all shapes and sizes. Complex smart contracts are the name of the game, and in this case, users must trust the developers creating the applications.

Faulty smart contracts have led to numerous losses, including the hack of The DAO in 2016 and the recent hack of Andre Cronje’s Eminence project. Users can always count on auditors to bring them more security, but once again, trust is required, either in the developers or in the auditors. Abugov told Cointelegraph:

“Sophisticated users and entities may perform code audits. Otherwise, the user just assumes the risk. Trust is an incomplete term here. The developer may be trying in good faith, but still miss vulnerabilities that are then exploited and result in a loss for the user.”

The same can be true when updates or changes to the code are made and users can’t be 100% sure that an update will not lead to a flaw or change the project completely. In the past, this has led to forks such as Bitcoin Cash (BCH), which aimed to keep SegWit out of Bitcoin, or Ethereum Classic (ETC), which was created in protest following the hack of The DAO and subsequent fork to retrieve stolen funds.

So, while some trust is required, this can be somewhat instilled through confidence. When using Bitcoin, there is confidence that it just works due to the amount of peer review the code has received by the community and developers. The same can be true for other projects in crypto; however, the effort and time put into reviewing newer projects will be considerably less than that spent on Bitcoin.

However, it’s worth considering that while most people are not able to review the code themselves, open-source crypto projects offer that possibility, as the technology behind them is completely transparent. Jordan Lazaro Gustave, chief operating officer of Aave — a DeFi protocol on Ethereum — told Cointelegraph:

“Users and developers must trust coders completely and all the time when it comes to everything they interact with daily. However, the difference for DeFi is that everything is auditable and open-source, not like traditional finance.”

Exchanges and tokenization

Arguably, crypto’s biggest point of centralization is the popular exchanges. These account for the main methods through which people acquire and exchange cryptocurrencies, so they are a vital piece of the crypto ecosystem. However, they are reminiscent of banking, where one must trust the exchange operators to hold their funds while trading. Moreover, users also need to trust the exchange with their personal documents and information after the Know Your Customer verification process is completed.

Needless to say, there have been multiple instances in which users would have rather not trusted an exchange — for example, the infamous Mt. Gox collapse, which led to hundreds of millions of dollars in losses. Since then, there have also been countless hacks of and exit scams on exchanges and projects.

Related: The unluckiest DeFi protocol? A personal take on bZX’s tumultuous year

While people need to trust exchanges, this trust has become spread thin as the community constantly monitors exchange wallets to keep an eye on suspicious activity. The same is true for other parts of the crypto ecosystem, including tokenization. Wrapped Bitcoin (WBTC), for example, requires the user to trust the people in charge of minting the token and the custodian that will keep the BTC.

While the majority of exchange representatives believe decentralized exchanges will not overtake centralized exchanges in the near future,“Uniswap already has more daily volume than most centralized exchanges,” according to Gustave.

While this is one of the main issues when it comes to crypto centralization, it is also one that has been heavily tackled. Decentralized exchanges allow users to trade cryptocurrencies freely without the need to trust a centralized party to hold their funds and also keep their privacy intact. However, when it comes to converting cryptocurrencies to fiat and vice versa, users must always trust a centralized party to receive or pay out fiat currencies.

Regulation and governments

So, trust is required when interacting both with smart contracts and centralized parts of the cryptosphere such as exchanges. However, crypto users must also be aware of regulation and how it can affect their experience with cryptocurrencies. While in theory crypto can be used by anyone, anywhere, there are multiple restrictions in different countries that can prevent users from using crypto freely.

This means that there needs to be a certain degree of trust in regulatory agencies when investing in crypto. While crypto may just continue to be “tolerated” by governments, that could change in a heartbeat. For example, privacy coins have recently been under fire, with exchanges delisting them preemptively to ensure compliance.

Related: Dash claims ‘inaccurate categorization’ as ShapeShift delists privacy coins

More recently, the United Kingdom’s financial watchdog, the Financial Conduct Authority, banned cryptocurrency derivatives for retail users, which means either trading has to stop or decentralized exchanges have to be used. While this may be a possible way to circumvent the FCA ban in the U.K. and other regulations that may follow, it seems that unless exchanges can find a way to enforce KYC and Anti-Money Laundering policies, they can still be taken down, one way or another. Adam Cochran, partner at Cinneamhain Ventures, tweeted on the matter, citing the precedent established by the recent BitMex lawsuit in the United States:

“DAO or no DAO you can find that developers with admin keys, users who create front-ends, companies hiring individuals to work on the protocol and others who enable or profit from the contract, to be in violation on the BSA. That can lead to seizing domain names and hosting servers, shutting down front-ends, and arresting developers.”

Is crypto trustless?

To put it shortly, it seems “no” is the answer. Cryptocurrencies require a certain degree of trust either in the people creating and maintaining cryptocurrency networks, in on- and off-ramp operators, or even in the regulators that oversee the legality of cryptocurrencies.

However, they require much less trust than any other alternative, and they do so without compromising security and efficiency. Most importantly, Bitcoin users don’t need to trust anyone with their savings. They have full ownership of an asset they know will not be inflated at will and that is the biggest value proposition crypto has to offer.