A Web3 bill of rights

This is an idea I’ve been tooling around with for a while. It’s primordial, but I’d love to share it and hear your feedback. I think, as a community, we should produce a Web3 Bill of Rights so that we have a statement of shared values and intent - heavily inspired by the Cypherpunk’s Manifesto, the Crypto Anarchist Manifesto, and the Declaration of the Independence of Cyberspace.

Here’s what I’ve got so far:

  1. The right not to be censored.
  2. The right not to be tracked.
  3. The right to own one’s own data, to move it or remove it. This data cannot be altered without one’s consent.
  4. The right to self-sovereign identity.
  5. The right to transact freely with anyone at any time.
  6. The right to see and modify the code.
  7. The right to compose apps and libraries.
  8. The right to create, edit, and run apps at any time, permissionlessly.
  9. The right to access the network affordably.
  10. The right to have one’s data and transactions included at the same preference and likelihood as someone else paying the same price. (No front-running, no selfish mining. Basically, “net neutrality.”)
  11. The right to strong, end to end encryption.
  12. The right to immutability of the ledger. (is this desirable? universal? misleading?)
  13. The right to be fairly compensated for my data and for my contribution to the network.
  14. The right to own part of the network and exercise a proportional governance role over it.
  15. The right to know if another account is human or machine.
  16. The right to know the provenance of data and whether it is human or machine generated.
  17. The right to fork (i.e., take a snapshot of the entire network and exit peacefully).
  18. The right to filter, i.e., to filter out unwanted or unsolicited inbound messages.
  19. The right to go offline.
  20. The right to participate in consensus formation with a suitable stake, on the same terms as all other validators.

It’s here if you want to propose a change: https://github.com/lrettig/web3-bill-of-rights.


Oh there it is, nice. I’ll fork :wink:


It might be interesting–and a ton of work–to map these rights to specific stakeholder responsibilities to better understand what we should expect from each other to move these rights from the symbolic towards the non-excludable.

It’s clear a lot of responsibility falls on developers, especially in these early days. Many of these rights are enforced or violated intrinsically by implementations of code which are oft intended to be persistent, decentralized, valuable, and capture network effects – thus making them “unstoppable.” If intent meets reality in these systems, it’s a recipe for high consequence social outcomes that could cause or result from violation of these rights.

  • How do these rights map to specific software requirements for different products/protocols?

  • What obvious design trade-offs exist today that violate these requirements?

  • Are these trade-offs avoidable/fixable? If so, how? More aggressive innovation road-maps for scalability/UX/zero-knowledge proofs/WASM/formal verification? Incremental improvements via upgradability? (arguably a trade-off itself)

There’s a lot that can only be done off-chain though. Let’s say for someone using/investing in a DAO, rather than

it’s “The right to developer provision of human-readable documentation about the extent to which the DAO is mutable.”

And maybe for the developers, it’s “The right to not be chastised by other stakeholders who didn’t read the documentation and are now upset about the extent to which the DAO is mutable.”

~“The right to human readable documentation/developer intent” is probably a sensible right to strive for when building new experimental institutions.

Another exercise could be to identify attack surfaces for particular rights categorized by on-chain vs. off-chain attack vectors. Using a DAO example again, The ĐAO, AFAIK, wasn’t explicitly intended to be mutable, but because #3, #12, & #14 were so severely violated on-chain it ended up being corrected by another violation of #12 because enough people coordinated off-chain to invoke #17 with the eventual hard fork.

I bet there’s a whole bunch of other predictable scenarios where these rights collide, as @ephemera pointed out. Which rights are absolutely mutually exclusive? Which rights are only mutually exclusive relative to certain conditions?

Risk models could be developed to assess and rate products/protocols based on their adherence to a given right or set of rights. Perhaps related products/protocols could be ranked somewhat objectively in terms of their ratings.

In smart contract security, intent-based analysis is often necessary to assess the security of the code/game theory, but typically there aren’t “rights” per se to draw from. Usually, the canon of intent is localized to the project, like a specification, white paper, or other documentation.

If the specifics are worked out and these rights are somehow “ratified” at scale, a legitimate set of rights could certainly be an invaluable beacon that informs peoples’ decision making while these systems are built, reviewed, and used.

1 Like