The virtual airwaves have recently been dominated by the fallout from two big disruptions. The first is Elon Musk’s takeover of Twitter, the subsequent exodus of its users, and the attempts to create new, alternative online “town squares” such as Mastodon. And the second is the ongoing turmoil in the world of crypto, particularly following the collapse of former golden-child Sam Bankman-Fried’s crypto exchange FTX.

In both cases, we’re seeing new players try to disrupt established systems that have grown up over years – centuries, in the case of traditional finance. In both cases, there are teething troubles, issues where those disruptors find themselves unable to replicate some basic competency of the system that they’re disrupting, often with embarrassing or alarming results.

In the case of emerging social networks, that basic competency is generally an ability to handle “free speech” issues and content moderation. In the case of crypto, it’s generally an ability to keep track of customers’ money and not get hacked. These seem like basic issues, solved problems, and that’s because the incumbents handle them so smoothly and make it look so easy. You don’t generally stumble upon horrific imagery while casually browsing Twitter and you don’t generally lose money that you deposit in your bank account.

So why do disruptors find it so difficult to develop the same levels of competence?


Denise Paolucci used to head up the Abuse team at LiveJournal, back when the site was one of the most popular in the world and served the function that social networks tend to serve today: connecting people, for good and for ill.

Paolucci’s observation is that abuse on the modern internet has become more widespread, more industrialised, more perfected in the past ten years, which creates deep implications and responsibilities for new startups:

“The era where college kids could set up a minimum viable product and figure everything else out as they go, without a splash radius the size of a neutron star in human lives, is over.

“The world has moved on from 1999. Your service will be used by sophisticated, organized, coordinated actors who share the best tactics to hurt people with each other. Your service will be used by hostile nation-states. Your service will be used by people to do genocide.”

Mike Masnick, who founded influential tech website Techdirt, made a similar observation, outlining the various stages of content moderation that online platforms inevitably go through, from permitting all speech at the outset to eventually having teams of thousands of content moderators and lawyers who must respond to horrendously complicated legal and moral issues at lightning speed.

Twitter, like LiveJournal before it, has been at the forefront of this explosion in the scale and complexity of online abuse. Because of that, it’s had the luxury of growing with it, keeping up with an arms race and gradually developing its own responses to the continuing escalation of abusers. New entrants like Hive and Mastodon are having to try to catch up to that best-practice with smaller teams, smaller budgets, from scratch, and while doing a million other things. It’s no wonder they’re finding themselves caught out, embarrassingly behind the best practice, trying their best but falling short.


In the second example, crypto exchanges have found themselves struggling to replicate what might seem like some of the most basic functions of a financial institution, such as keeping track of their customers’ balances and recording transactions.

Take Celsius, for example, which imploded earlier this year. It recently filed a report about its practices when dealing with customers’ deposits:

“Due to time pressure and lack of engineering resources, Celsius chose to rely on manual reconciliations and transfers of crypto assets without robust controls for the Custody program, with aspirations of developing a more effective process later.”

As Matt Levine commented, “Every decision here is understandable, but annoying. There is no horrific malfeasance; there are just, like, Google Sheets.” Although the crypto world is full of outright frauds, often these cases involve honest people, trying their best but falling short.

Just like social networks with abuse, traditional financial institutions have had the luxury of years to hone their processes. They dealt with deposits and withdrawals when that was a pen-and-paper process; they were defrauded and learned how to spot and prevent that fraud; they adopted computerisation gradually and learned what the benefits and limitations of that were. Crypto and DeFi startups find themselves having to incorporate all of that learning and complexity into their new systems, built at high velocities and with small teams. It’s no wonder they, too, often fall embarrassingly short of best-practice; it’s virtually impossible for them not to.


Both cases share the same underlying dynamic. In both cases, complexity has emerged gradually, and incumbents have been able to grow their own, equally complex, ways of dealing with it. They’ve had the luxury of starting from a simple system that works and growing a complex one that also works, as per Gall’s law.

Often the result is processes that seem cumbersome, slow, and unfair; that’s usually what inspires the disruptor in the first place. “I’m going to make a bank that doesn’t rely on a central actor to keep track of transactions,” or “I’m going to make a social network that really values free speech.”

Sometimes the disruptors are wrong, as I suspect they are with content moderation; what might appear to be crusty and inhibiting to some is actually just the only reasonable compromise in a world full of difficult choices and impossible trade-offs. Sometimes they’re right, though; businesses and industries can get stuck in their ways, monopolies can breed complacency, and sometimes we do need a bit of good old creative destruction.

Regardless of whether they’re right about its necessity, the point is that the complexity itself provides its own barriers to entry for the disruptors. It creates a benchmark that’s difficult to reach from a standing start, and it creates a moving target that can be difficult to keep up with while trying to build a new business and a new model. It forces new entrants to try to design a complex system in one go, rather than growing one gradually; and, as ever, that’s a risky business.