How To Build a Decentralised Website - Part 2
— How-To — 5 min read
How to Build a Decentralised Website - the Ultimate Guide:
- Understanding Decentralisation
- Understanding Blockchains and Funding (via tornado.cash)
- Decentralised Domain and Hosting (via the Ethereum Name Service aka ENS and IPFS aka the InterPlanetary File System)
- Full Walkthrough: Building a Website on ENS
- Update: Definitely Just Use Fleek
Update!
I guess in retrospect it was always a possibility, but as of 8th August 2022, OFAC has officially sanctioned Tornado Cash. So it's now considerably more risky to use this method, actually I would now strongly advise against it.
As I mentioned in part 1, one of the challenges we have in building a decentralised website is paying for our domain name without that payment going through a centralised service (Stripe, Paypal etc).
Before we get into Tornado cash, I'm going to do a quick blockchain basics refresher for those of you who are newer to the space. I encourage you to read it even if you think you understand these concepts, so you can be sure we're on the same page (and so you can correct me if I'm wrong!).
What is Blockchain?
The best analogy I've heard for understanding a blockchain is that it's like a database but with certain special properties:
- Writing is costly. Like a normal database, reading from a blockchain is free. Unlike a normal database, writing to a blockchain is not free - you must pay a fee to miners in return for them including your transaction in the next block. This fee varies depending on demand for block space and which blockchain you're using, see 'The Scalability Trilemma' on Vitalik's blog.
- It's distributed. Where normal databases exist in just one (or a few) locations, properly decentralised blockchains allow any user to run their own node and independently verify the state of the chain. As I type this, I'm running my own bitcoin node - with a can-do attitude, you can too (here's the code). The nodes come to consensus on the state of the chain, meaning that if one person/node tried to claim some bitcoin that wasn't truly theirs, the rest of the nodes would immediately identify the fraud and refuse to include the invalid transaction in the block.
- It's immutable. There is no such thing as a delete function on a blockchain - once a transaction is accepted by miners and included in a block, there is no option for a user to take it back. If an attacker obtains your private key and steals your funds, there are no take-backs, no refunds and no-one to complain to.
This immutability property is both a bug and a feature. With the traditional banking system, where fraud or user error occurs the consumer has means of retrieving the funds. Trusting the blockchain as a means of storing value implies trusting yourself to do a good job of keeping your private keys/seed phrase secure.
Is Blockchain Anonymous?
While many have pointed out that the relative anonymity of the blockchain potentially provides a safe haven for tax avoidance and money laundering, fewer people understand that the immutability of the blockchain actually means that once you compromise the identity of your accounts, they stay compromised and there is no means of un-doing it. For example, let's say a user gets some cryptocurrency from a centralised exchange/friend/whatever, then swaps it for another token on a decentralised exchange. Is that money now held anonymously?
Absolutely not. If/when the exchange seeks to comply with regulation in whatever country, they will of course provide all the relevant KYC/AML information demanded by the government regarding all the accounts on their site. It will then be easy for authorities to use a blockchain explorer such as Etherscan to track the movement of these funds around whatever chains/tokens.
I recently explained this to someone IRL, who responded to the effect of "the government is too incompetent to do that". This is a ridiculous response. Even if you believe that the current day government won't investigate you in particular, perhaps because the amounts involved are small, you have to consider that in the future, it's inevitable that even the most incompetent governments will acquire software tools that can unpick the connections between accounts without much human input, and so de-anonymise the blockchain.
With that said, there are tools that allow a thoughtful user to obscure their identity.
Tornado Cash
Tornado cash is a service which functions like an anonymous deposit box for the blockchain. In units from 0.1 to 100 ETH, users can deposit Ethereum into the service and receive a cryptographic receipt (in the form of a simple .txt file). The receipt is a claim on the equivalent value of the funds (less some gas costs), but it is not tied to any specific deposit. In this manner, an ethereum wallet with no history and no ETH to pay the transaction cost can cash in the receipt and receive ETH to their address, without any way for an observer to know for sure which deposit funded the claim.