Ethereum co-founder Vitalik Buterin wants to redefine how developers and users should think about blockchain security.
The Canadian prodigy has argued that the traditional boundaries between "security" and "user experience" (UX) are largely an illusion.
"The goal is to minimize the divergence between the user's intent, and the actual behavior of the system," Buterin wrote on the X social media network.
The illusion of "perfect security"
Buterin pointed out that what a user wants to achieve is rarely as simple as the buttons they click.
"[P]erfect security is impossible," Buterin explained. "Not because machines are 'flawed', or even because humans designing the machines are 'flawed', but because 'the user's intent' is fundamentally an extremely complex object that the user themselves does not have easy access to."
He used a basic transaction to illustrate this dilemma: I want to send 1 ETH to Bob. The user understands who "Bob" is in the real world (a "meatspace entity"), but translating "Bob" into a mathematical public key or hash introduces massive threat vectors. Abstract goals of the likes of "preserving privacy" are even harder to define.
Buterin argued that developers must rely on overlapping safety nets.
"[T]he common trait of a good solution is: the user is specifying their intention in multiple, overlapping ways, and the system only acts when these specifications are aligned with each other," he noted.
Buterin wants the principle of redundancy to be standardized in Ethereum wallets and decentralized applications (dApps).
AI as a "shadow" of human intent
Buterin believes that large language models (LLMs) could be used for verifying what a user actually wants to do.
"LLMs done right are themselves a simulation of intent," he wrote. "A generic LLM is (among other things) like a 'shadow' of the concept of human common sense. A user-fine-tuned LLM is like a 'shadow' of that user themselves, and can identify in a more fine-grained way what is normal vs unusual."
However, he has also stated that LLMs "should under no circumstances be relied on as a sole determiner of intent." Instead, they offer a completely different layer of verification, thus enhancing redundancy.
Vladislav Sopov
Dan Burgin