[uneventual]

I continue to think that /the/ critical problem with web3 as pitched is that users cannot be trusted to maintain private keys in the long run. Either the keys need to be in HSMs and easy to rotate (à la Urbit's identity-as-NFT scheme) or you need a social/institutional escape hatch when the cold logic of cryptography fails you so you're not completely hosed. Maybe you need both.

[enos_feedler]

Definitely users cannot be trusted with private keys. Why? Because when I worked at Google on the Play Store I learned that even sophisticated developers cannot be trusted with their app’s publishing key. How could the end user ever be trusted with something similar?

[warkdarrior]

What’s Urbit’s identity-as-NFT scheme? Does that mean I can sell my identity to someone else? Where can I read more about this?

[yosoyubik]

https://urbit.org/understanding-urbit/urbit-id