The “trust is a scaling solution” idea really started to crystalize for me when I heard a talk about Federated Chaumian Mints, aka “Fedimints”.
Fedimints are a method of storing bitcoin, but unlike self-custody (hold your own keys), or third-party custody (Coinbase holds the keys), you rely on a “federation” of administers (kind of like a multisig) to hold your coins.
The trust model of a fedimint is that a you hope a sizable majority of the federation won’t screw you over: an 11 / 15 federation, for example, would fail if 11 of the 15 federation members decided to steal your money.
The upside of a Fedimint is scaling: fast, cheap transactions between you and anyone else who is storing money at the mint. The “Chaumian” aspect means there’s really nice privacy benefits as well: no one, not even the federation members, can see who you pay within the mint.
Your goal in this scheme is “additive” trust: you can’t trust any single one of these members well enough to just have them hold your Bitcoin for you. But by combining fractions of trust together you can hopefully push up close enough to 100 percent for your comfort level.
The ideal Fedimint admins would be people who have something to lose if they collude against the federation. At the bare minimum they should lose reputation — it wouldn’t work to make some anonymous person an admin, but well-established nyms could serve.
An interesting flip side to this trust model is that everyone has some price at which they will defect. Or another way I heard it put during the Fedimint presentation: “The price at which you will betray.”
So the challenge when designing trusted systems is to raise the cost of betrayal, while simultaneously lowering transaction costs. For instance, escrows are a nice system where you trust a disinterested third party in order to raise the cost of betrayal for yourself and your transaction counterparty… but escrowed transactions are more costly and complicated than regular transactions.
Size matters. The honeypot of a Fedimint is smaller than Coinbase, which is similar to the security model of Bitcoin overall. An individual bitcoiner is weak but that security barrier is per bitcoiner so very expensive from a hacker perspective.