Boot.dev Blog » Security » Trustworthy vs Trustless Apps
betrayal of trust, distrust

Trustworthy vs Trustless Apps

By Lane Wagner on July 23, 2019

Curated backend podcasts, videos and articles. All free.

Want to improve your backend development skills? Subscribe to get a copy of The Boot.dev Beat in your inbox each month. It's a newsletter packed with the best content for new backend devs.

In the wake of the hearings about Facebook’s new Libra blockchain, it is more important than ever that we all understand the difference between trustworthy and trustless apps.

A trustworthy app is an app whose developers are known and trusted by the community. The developer’s reputations and businesses are on the line, so it motivates them to make sure their applications have few bugs and no malicious code.

A trustless app is an app whose code is open-source so that the community can see for themselves that the code has few bugs and no malicious code. Trustless apps are cryptographically signed by the developers so that users know that the application they download corresponds to the open-source code. Trustless apps also don’t move user data unless it is encrypted by keys only the user holds.

thumbs down

threatpost.com

Facebook is at best a trustworthy app. They say they will keep our information secure, and our only choice is to trust them. When they inevitably fail to secure user data, congress comes down hard on them, but fails to understand the problem. User data should be trustless.

Which is better? 🔗

Ideally an application is trustworthy and trustless. It is open source and manages user data properly, which can be verified by the users and community. It also means that the developers aren’t anonymous and are available in case something goes wrong.

However, if you have to choose between a trustworthy and a trustless app, trustless is better every time. “Don’t trust, verify” is the best motto when it comes to your private data.

Bitcoin is better than banks, and open-source security software will always be safer than proprietary solutions. Stay safe out there and always do your own research!

Find a problem with this article?

Report an issue on GitHub