The crypto industry has a trust problem.

We keep calling crypto trustless, but it isn't. Users just choose to trust smart contracts instead of humans. Objectively, the industry's track record isn't great.

Outsiders don't trust smart contracts because they read headlines look like... 

Wintemute's $162m profanity hack. Beanstalk's $182m flash loan hack. Rari's $80m fuse pool hack. Compound's $150m drip hack. Poly's $611m contract call hack. Etc, etc, etc. It never ends.

Hell, I'm not sure how many contracts I *really* trust aside from a handful of the largest blue chips with the greatest value-at-jeopardy like Gnosis Safe, Uniswap, Curve, Aaave, Lido and some others  

Hackers have had HUGE incentives to break them for a while

Until smart contracts are fiercely really battle tested with tons of value at risk and tons of time live and vulnerable to hacks... how can someone feel great about a smart contract? A handful of audit firms gave it a seal of approval? You heard your friend used it?

The crypto industry has to ask ourselves really hard questions:

1. How do we make our systems genuinely more trustworthy than existing rails?

2. Is it fair to expect people to trust a system that regularly experiences multi-hundred-million-dollar hacks with no recourse?

Increasingly certain that arbitration is necessary. Deep in research and something in the pipeline

Not yet compelled by any of the existing designs/incentive structures I've seen so far

Would love to know who's taking about this, links to research, or names of related projects

3. How do we expect new users to safely interact with new smart contracts that haven't been ossified? Are contracts eventually just "safe enough"?

4. Are there novel ways to protect users from malicious activity that we haven't considered?