3rd April 2022 - Web 2.5 is a thing, Axie Infinity Hacked and Robinhood is up on new trading hours

Hey everyone 👋, thanks for coming back to Brainfood, where I take the week's biggest events and try to get under the skin of what's happening in Fintech. If you're reading this and haven't signed up, join the 12,527 others by clicking below, and to the regular readers, thank you. 🙏

Hey Fintech Nerds 🤓

This is a long one, if your email client clips the content, click here to view the substack page.

Crypto did that thing again where everything happened. Decentralized Telco Helium's creator Nova Labs raised $200m, and cross-chain interoperability protocol Layer Zero raised $135m in the same week that Axie Infinity had $625m hacked. Most excitingly for me, Sequoia-backed Eth L2 scaling solution Polygon announced their decentralized identity protocol (Polygon ID covered in more detail below). Crypto is mainstreaming but not without challenges.

Also, in four separate conversations this week, I heard someone reference "Web 2.5" companies or technologies. It seems to be resonating as a narrative. Like how the DeFi mullet (Fintech at the front, DeFi at the back) brings DeFi to normies, could Web 2.5 be a compelling hybrid of the Web 2 world (and business models) we know and the Web 3 infrastructure and business models of tomorrow? 

Weekly Rant 📣

Web 2.5 is a thing.

Web 2 and Web 3 are often seen as mutually exclusive. Where the Web 3 ethos and business model of decentralization and being user-owned attack the vested interests of large centralized monopolies that extract data and value from users.

Nothing is ever quite that simple.

When you're first introduced to a concept, it's helpful to understand why this thing is different. We like to relate a new thing to our existing mental models and world views as a species.

As such, Web 2 vs. Web 3 is often perceived as binary. Like this 👇

But some of the most successful businesses in Crypto are building in the gap between these two worlds. Like this 👇

How do we reconcile this?

We need to understand

1. The principles of Web 3 

2. The challenges delivering that today

3. The emerging approaches (Web 2.5)

Principles of Web 3. 🤔

Chris Dixon and PackyM have written the canon on Web 3. 

When users own a piece of the network, they can participate in how it is governed and benefit from its growth. When users own (control) their content or assets, they can take them to any platform. But how that works is subject to significant debate because in this new world mental models are emerging.

So we need to break down the term "ownership."

I think about three elements; asset, control, and access. Let's use a house as a metaphor.

• Asset: The asset is the house itself, with its roof, windows, doors, square footage, and position on the map.

• Control: The deed to your house gives you control of that house legally. As the legal owner, you can sell the house, apply to extend it, or make any changes you see fit. 

• Access: The key to your house gives you access. You can enter, exit, and use the house as you please. But you are not in control of the asset or able to impact it materially.

If we extend this metaphor into a Web 1.0 and Web 2.0 context, perhaps the asset is content (blogs, audio, video).

• Asset: The media and its metadata. In addition to the content, the metadata like page views, subscriber list, and back catalog of content. In a Web 1.0 context, the asset is hosted on the servers of a 3rd party (e.g., Blogger, Typepad). In Web 2.0, the asset is also hosted by a 3rd party (e.g., Youtube, Substack)

• Control: Is the ability to store, delete or move the metadata in its original form. In both Web 1.0 and 2.0, we see this is owned by the platform (e.g., Twitter has no "edit tweet" feature, and there is nothing users can do about that). Platforms also manage content monetization, making a % (take rate) of anything the creators create. 

• Access: In a Web 1.0 context, the controller is the 3rd party, and the user is given a username and password to access, update or use their content. In Web 2.0, the user may have a single login (e.g., Google account) for many platforms (e.g., Figma, Youtube, Notion, Substack). The control still sits with the platform, but the access has changed, and the cost of using the asset (and creating content) reduced.

Now in Web 3, things get funky. And to understand this, we need to understand wallets. 

Wallets are the most critical and misunderstood part of the Web 3 stack. When Fintech people hear "wallet," they start thinking about things like M-Pesa or CashApp. Those things are Fintech wallets, but they're not Web 3 wallets. 

A Web 3 wallet 

• Can treat any data or metadata as an asset 

• Changes who controls an asset and how you access an asset.

So a Web 3 wallet could see a video, podcast, or blog post as an asset (like an NFT) and allow the creator to sell, change or move the asset anywhere they see fit.

So let's take our content creation metaphor and apply it to Web 3:

• Asset: The media and its metadata. In addition to the content, the metadata like page views, subscriber list, and back catalog of content. The asset could be hosted on decentralized storage like Arweave and viewed with software like Mirror.xyz. Or perhaps the asset is music or artwork, created as an NFT (stored on IPFS and viewed by any marketplace like Opensea or Looksrare). 

• Control: Is the ability to store, delete or move the metadata in its original form. In a Web 3.0 context, the wallet that created the content can completely control this. The blog post creator can take their Mirror content and display it elsewhere; the NFT creator can take their music catalog and sell it on any marketplace. In Web 3, creators control monetization. For example, the creator of an NFT could define the take rate they receive every time the content is sold regardless of the marketplace or platform it is sold on.

• Access: While many marketplaces may allow people to view content, the ability to create it with your username can only be performed by the person with the Web 3 wallet that manages that username. 

In our house metaphor, Web 3 wallets control the deed to your house and the key to your house. The deed is a token recorded on a blockchain, and the key is stored in your Web 3 wallet.

In Web 2, the "data controller" in a GDPR sense is the platform. 

In Web 3, the data controller can be you. When you change how assets are controlled, you change the business model of the internet, from platforms owning and monetizing data to creating platforms for shared ownership of data and assets.

Web 3 is a big deal. But it has some challenges.

Significant ones.

Challenges with Web 3 today. 🤔

Today, there are a few practical realities that Web 3 doesn't solve (yet).

This list is incomplete; there are also countless technical issues like scaling, security, interoperability but the lens I'm using is more market-focused.

1. UX: Web 3 is still hard to use for most people. Installing a new wallet, managing keys, the confusing mess of tokens, and the metaverse. Web 2 UX and design patterns help these users. (e.g., Opensea to buy NFTs, Coinbase to buy Crypto). 

2. Market demand: Some people just want the price action, not the new world; providing this in a Web 2 interface fulfills demand. (Again, Coinbase and Opensea would fit here).

3. Network effects matter: Speaking of Opensea, it still dominates NFT sales. Having a genuinely decentralized technology may help with ownership, but those marketplaces still have significant power if the assets are still aggregated by marketplaces. 

4. Backward compatibility: It's still hard to live a pure Web 3 life; bridging is a huge opportunity. Regulation ties real-world assets into the existing financial system, and where people get their direct deposit (checking accounts at a bank) has a significant network effect. So we see Juno allows users to get paid in Crypto, Molo takes Crypto for a deposit on a mortgage. 

5. Complex experiences or interactions: Web 3 and Crypto have been able to lean into simpler interactions (like buying, selling, trading, etc.) But more complex interactions like live gaming experiences or document editing software (e.g. Google Docs) aren't as common. 

But if anything, these challenges speak to the fact that Web 3 is still early. When technology is still early, entrepreneurs find ways to solve them that may involve trading off some of the decentralization to create better user experiences. 

The emerging approaches. 🤔

The reality of Web 3 is that most consumers and businesses today access it via Web 2. And this is the genesis of the "Web 2.5" term.

But there's another layer of complexity. Not all Web 2.5 businesses do so in the same way. If we take our picture from earlier, you see that Web 2 to Web 3 is a spectrum.

For a better user experience, Axie creates its own wallet (Ronin). Metamask and Uniswap don't speak to Ethereum directly; they go via a node operator (Infura). And on the Web 2 side, PayPal offers some (limited) access to Crypto-assets via partnerships (as do folks like Robinhood or countless Neobanks).

Because Web 3 is early, it's hard to say if these models will stick or if we'll progressively decentralize over time. The temptation is to think the right long-term model is purely Web 3. That Web 3 kills Web 2. 

But the world is never that simple. 

Some things are changing, and some things are staying the same.

• Regulation is coming: Europe is passing a law that requires "unhosted" wallets to be KYC'd. This will require pragmatic, backwardly compatible solutions on some level.

• Humans will always be humans: UX vs. security is a trade-off as old as time itself. The biggest weakness in any system is the human element.

• Incumbents rarely die quickly, but they may stop growing: Fintech hasn't killed banks, Cloud hasn't killed IBM.

I'm hopeful that "more pure" Web 3 solutions will win out in time. But the pragmatist in me says that could be a decade or more away. 

In the interim, solving users' UX, scale, and security challenges is a massive opportunity. But Web 2.5 businesses also face the existential risk of being the next Myspace. The Web 2.5 businesses that win long term will be thinking a decade out and baking in the knowledge of Web 3 today for tomorrow. 

e.g., Creating Fintech companies that build assets that interact with Web 3 wallets. Creating financial assets using token standards from Web 3. Progressively decentralizing. Supporting open-source projects and protocol development. Baking decentralized identity in for privacy and security.

Cool shit.

Web 3 doesn't fix the internet overnight.

But it could make it more user-centric and private and have us all own a piece of the platforms we use every day. These new business models are what make it so exciting.

And the new business models require a lot of Fintech and finance knowledge.

Nerds, we have our work cut out.

Let's do this.

ST

4 Fintech Companies 💸

1. Unstoppable Finance - The consumer-grade DeFi wallet 

• Unstoppable is a DeFi wallet whose design pattern is built for consumers used to Fintech and Web 2 apps. The team wants to help users discover assets (like NFTs) and games to play. The wallet will also allow instant P2P transfers via "whatever route is fastest and cheapest." 

• 🤔 This team gets regulation and Crypto. The team is ex-Solaris Bank (which, if you're not familiar, is the full-stack partner bank powering European Neobanks like Vivid Money. They're a bank and a BaaS provider.) Solaris quietly powers several Crypto wallets/debit cards available in Europe. I like their thesis that Web 3 wallets are tomorrow's super apps for trading, shopping, and identity. Many people are building consumer-grade Web 3 wallets, but Metamask keeps rising. Perhaps it could be Unstoppable's focus on discovery, multi-rail support, and asset routing? 

2. Openstock - Stock management platform as an employer benefit

• Openstock is a B2B2C platform that enables employers who have issued stock or options to their staff to "unlock their stock." This enables staff to buy a home, fund a startup or grow their family. For companies, the benefit is retaining their best staff. Openstock matches lenders 

• 🤔 Where Forge or Equityzen are direct to consumers, Openstock's positioning as an employee benefit is interesting. I've seen examples of startup wealth management banks partnering with startups but not secondary options sales (or lending). If it worked for earned wage access, why couldn't it work for the options-rich but cash-poor startup landscape?

3. Debbie - Get paid to pay off debt

• Debbie allows consumers to aggregate their credit and checking accounts and work towards paying down debt. Debbie provides rewards like $5 for completing a savings learning module or $5 for spending less than $100 eating out. Debbie partners with FI's and generates revenue from those partnerships. 

• 🤔 Every major bank is trying to build this themselves, so, interestingly, Debbie is also funded by FIs. We need more apps like this, and there's so much room for innovation beyond cash rewards. Imagine merchant partnerships, points, and the design pattern from fitness apps. 

4. Benjamin - Merchant funded rewards card

• Benjamin offers up to 30% cashback from 1 million "venues," including Target, Uber, Burger King, and Nike. Benjamin also offers a $10 reward for referring users and $100 for referring businesses. They claim to provide "cashback marketing to 100m cardholders for businesses?"

• 🤔 Ad-tech is now Fintech. For decades, cashback and merchant-funded rewards have existed, but linking those to cards has always proved difficult. Perhaps the most well-known attempt was TrialPay (later acquired by Visa). Still, they have always struggled for traction at the network level. Card data is unclear and relies heavily on merchant and bank support. Now it's faster and cheaper to build debit card programs than ever before with BaaS infrastructure; Ad-tech has a better revenue model: card interchange.

Enjoying this content? 👇

Things to know 👀

1. Sequoia-backed Eth L2 scaling solution Polygon is launching a decentralized identity solution for Web 3. 

• Polygon will allow claims and attestations that are private and happen on-chain. Polygon is building developer SDKs, native apps, and white label solutions to work directly with the infrastructure. Polygon says this approach is better than NFTs and verifiable claims for identity. NFTs are "not private," and verifiable claims require expensive on-chain transactions and are not composable for developers.

• 🤔 Imagine you need to prove your date of birth, but you don't want to send that data in the clear. Polygon ID would allow you to prove you are (for example) over 21 without revealing your exact date of birth. A 3rd party can verify you are who you say you are while you still privately hold that data on your device. As more and more 3rd parties verify you, those attestations "hey, we verified this person" add up on-chain and compound. This is elegant and private; digital identity is the critical primitive for Web 3 to be a success.

• 🤔 Private, compounding, individually owned data, and identity are the key to Web 3 and the entire digital economy. I don't know where to begin articulating how important this stuff will be. Refugees or the global poor that don't have a government identity can be included. Individuals can be sovereign of their data. Businesses can build algorithms that can use all of their data to hyper-personalized without ever seeing it. If you want to build a network state, you would make it using something like this as the basis.

• 🤔 When you change the center of gravity to the human, you get a much bigger data set. Imagine combining everything Google, Meta, Block, Apple, the government, and your device knows about you into one big data set. Except you own it. And the algorithms come to you. That's so exciting it makes me tingle. That's before you even think about the enterprise use cases (which might be the wedge here, especially in the age of cyber warfare).

2. Crypto Game Axie Infinity Sidechain (Ronin) Hacked for $625m

• Play-to-earn Crypto gaming company Axie Infinity's sidechain Ronin has been hacked for more than $625m. The size makes it the largest DeFi hack to date. The attacker used hacked private keys to forge fake withdrawals from Ronin to the Ethereum network. Axie Infinity has more than 2.9 players who battle with characters (Axie's) and currency (SLP) in-game but can also trade this outside the game in the Axie marketplace or on the Ethereum network. 

• 🤔Key management matters. Crypto changes ownership, and it does this with key management. Some wallets or keys manage software and can move large amounts of value. The attacker looks to the network like the authenticated user using the hacked private keys. Key management is hard for consumers (in Web 3 wallets) but extra important for network creators or administrators when so much value is on the line.

• 🤔 The gap between networks matters. The attacker hit the weak spot between networks by targetting the bridge between Ronin and Ethereum. As we see more networks emerge, from alt L1s (Solana, Flow, Avalanche) and L2s on Ethereum (Polygon, Optimism, zkSync), the security model of the ecosystem becomes exposed. Each network may be fully secure, but we already encounter issues bridging between them. This is proposed by some as a reason why Eth L2s may be a better long-term answer to alt L1s because they borrow Eth L1s security, but that's a complex debate for another day). 

• 🤔 But UX matters too. Axie had to build Ronin, and Dapper Labs had to create Flow (for NBA TopShot) to improve the user experience in the game they wanted to make. If it takes 90 seconds and costs $30 for a transaction, getting the daily active user base a game needs is difficult. UX vs. security is a trade-off that hasn't gone away with Crypto; if anything, it has become much more complex. 

• 🤔 Crypto networks are live bug bounties worth hundreds of millions of dollars. TradFi banking infrastructure may be slow and expensive, but it's also tough to hack at scale. The day of the bank robber has also long gone as society reduces its reliance on cash in the West. But in Crypto, if you manage your own keys, you are (to some extent) your own bank. Which has a consequence: Dealing with your own bank robbers.

• If you want to go deeper in cross-chain bridging, this is a great (if slightly technical) piece to read deeper into

3. Robinhood stock up 25% on news of new trading hours

• Stock trading app Robinhood will extend its trading hours from 9am - 6pm ET to 7am - 8pm ET. This move follows lower than anticipated growth and a stock price down 70% from IPO. Investors seemingly believe this increased window will lead to more trades and more revenue.

• 🤔 The retail customer base has a day job that isn't just day trading. Markets were built with systems and processes that had "market open" hours. But that doesn't work for the consumer. So much of Robinhood's business is about engagement. The more hours they can engage, the better. If someone ever figured out how to properly tokenize stocks into Web 3, they'd be 24/7. That would be a game-changer. Hard problem, though.

• 🤔 Stocks have made a comeback, and bull markets suit Robinhood. Stocks go up, and retail rushes in, leading to more activity on the platform. You have to wonder how long it is until this goes horribly wrong in a big market correction. The SEC was originally set up for a good reason. If retail loses all of their money, we've consistently turned stocks into gambling. That's not financial inclusion; it's financial irresponsibility. 

• 🤔 What if stocks aren't back? Markets are weird. Inflation is up, yield curves are inverting, and stocks should be plunging. Yet investors are piling into risk assets. Perhaps as an inflation hedge, but as interest rates rise, you'd think inflation would come down, and less risky assets like bonds would suddenly look more attractive. But that's assuming inflation does come down. (Or worse, we fix the supply chain and then have a demand shock and a glut of supply).

Quick hits 🥊

• Apple is working to bring its payments, fraud, and credit risk services in-house and expand internationally. It may also be working on BNPL for Apple Pay. Today Apple relies on Corecard, Greendot, and Goldman Sachs for its P2P payments, Apple Pay and Card. Apple has not built similar partnerships internationally, and its Card and P2P payments are not available externally. 

• 🤔 This was what I had assumed they were doing when they acquired Credit Kudos. CK gives them credit risk scoring and account data access (for other solutions). Apple loves to vertically integrate; I wouldn't be surprised to see them look at further M&A in the future. Who's building Lithic / Highgate (ultra-modern issuer processors) for Europe?

Good Reads 📚

1. Hands-on-the-wheel money

• In this post, Alex questions if the future of finance is self-driving money or "hands on the wheel" money. Fintech companies filled the gap left by incumbents like; speculating on stocks, child accounts, or P2P payments but created an explosion of apps and an admin nightmare. But money is fun, money is culture & new Fintech infrastructure makes creating products and services faster and cheaper than ever before. People want more control, not less.

• 🤔 As Alex points out, Money can be engaging, driving up daily active use and user growth. There's a risk to making money too fun. It can be too fund, gambling, and losing it. But that's not what Alex is saying here. As I read this, the words that came to mind were: Design has taken dealing with money and finance from being an admin burden to something rewarding and engaging. Done right, that can lead to better outcomes for consumers and businesses.

• 🤔 The old finance wisdom of "save early and often, retire comfortably" doesn't work when real incomes are lower than in previous decades. Asset prices have grown at a much faster pace than real incomes. We were in a hidden cost of living crisis before the inflation, which has only worsened the misery.

• 🤔 Gen Z does not believe they will achieve financial security unless they grab the wheel and drive. So I think we need to update that financial advice. The laws of finance still work, compounding is still a great idea, but consumers can't be passive in how that happens and hope for a good outcome.

Tweets of the week 🕊

That's all, folks. 👋

Remember, if you're enjoying this content, please do tell all your fintech friends to check it out and hit the subscribe button :)