Rethinking System Reliability
The boundaries aren’t where you think they are
Rethinking System Reliability
The boundaries aren’t where you think they are
We tend to think of system reliability as something that exists inside the system.
A reliable system is expected to:
execute correctly
remain available
resist corruption
preserve integrity
enforce its rules consistently
And within those boundaries, modern systems have become extraordinarily good. They can validate signatures, order events, replicate state across continents, and enforce deterministic rules with astonishing precision.
But there is a problem hidden inside this model.
It assumes the boundaries of reliability are located where the computation is happening.
They are not.
The real boundaries lie elsewhere.
There is a limit to what digital systems can establish on their own.
They can demonstrate correctness. They can show that rules were followed, that data remained unchanged, that a signature mathematically corresponds to a key. But there are things they cannot prove from within, no matter how sophisticated the protocol becomes.
They cannot prove:
who is trustworthy
when something truly counts
whether an action was meaningfully intended
These are not implementation details. They are structural constraints.
What emerges, once you separate these concerns clearly enough, is a different model of reliability altogether.
Systems provide correctness. Reliability comes from outside the system.
Correctness is the easier domain to understand because it is self-contained.
A signature verifies or it does not. A hash matches or it does not. A state transition follows the rules or it is rejected. These are determinate questions. They require no interpretation and no judgment. Correctness is mechanical because it is built on logic operating over fixed assumptions.
Correctness rests on axioms and rules.
Axioms define the primitives and assumptions of the system. Rules define what transitions are valid within it. Once these are established, everything else can be derived and verified mechanically.
Correctness is therefore indifferent. It has no opinions, no incentives, and no stakeholders. It does not care who benefits from an outcome or who is harmed by it. Logic simply executes.
This is precisely why correctness is so powerful and also why it is insufficient.
Reliability belongs to a different category entirely.
Reliability asks questions correctness cannot answer:
who stands behind this action
when should this action count
was this action intentional
should this outcome be accepted beyond the system itself
These are not logical questions. They are questions of recognition.
Reliability rests on anchors and recognition.
Anchors are the external reference points systems depend upon but cannot derive internally. They include actors who attest to actions, timekeepers who anchor sequence and chronology, and the contextual recognition that gives actions meaning and standing.
Unlike correctness, reliability has stakeholders.
A signature is the simplest place to see the distinction clearly.
A signature proves that a key was used.
It does not prove:
who used the key
whether they controlled it exclusively
whether the act was deliberate
whether the action reflected genuine intent
The system can verify the structure of the action, but not its meaning.
Systems can prove that something was done. They cannot prove that it was meant.
Intentionality exists entirely outside the domain of logic. It cannot be computed because meaning itself cannot be computed. It can only be inferred, attributed, and recognized.
Time reveals the same boundary.
A timestamp inside a system is merely another internal assertion unless it is anchored to something recognized externally. Systems can sequence events internally, but they cannot independently establish that their notion of time corresponds to reality.
Bitcoin approached this problem in a profoundly important way.
It did not attempt to prove exact time. Instead, it established a globally agreed ordering of events through proof-of-work and chained blocks. This created a durable consensus around “before” and “after,” even if the timestamps themselves remained approximate. Bitcoin solved enough of the time problem to make distributed ordering practical, but in doing so it also exposed the underlying limitation more clearly. Time itself is not proven. It is only agreed upon within constraints. The Bitcoin timestamps remain bounded by protocol tolerances and network conditions, accurate only within a relatively coarse window. What Bitcoin ultimately provides is consensus about sequence, not certainty about time itself.
Nostr reveals another side of the same boundary. By reducing identity to a keypair and a signed event, it strips away centralized authorities and restores the ability for actors to create identities and publish claims without permission. There are no institutional chokepoints through which legitimacy must pass. No platform grants authority on behalf of others.
But Nostr does not solve reliability. It does not tell you who should be trusted, nor does it attempt to. Instead, it removes the illusion that systems can solve this problem for us. What remains visible, once the intermediaries are gone, is the underlying reality that was always there: actors still make claims, and those claims still require recognition.
What both Bitcoin and Nostr ultimately reveal is not a complete solution, but a boundary.
Bitcoin demonstrates that time can be approximated through ordering but never fully proven. Nostr demonstrates that identity can be generated freely but never made trustworthy through protocol alone. These lessons are both practical and humbling.
Reliable actors must still be recognized. Reliable time must still be sourced. Intentionality must still be inferred. None of these emerge automatically from computation.
Everything else, by comparison, is merely validation.
This reframes system reliability in a profound way.
The real boundaries of reliability are not located inside the system where logic operates cleanly. They exist at the edges, where systems encounter actors, time, and meaning.
This changes how enduring systems should be designed.
The goal is no longer to embed trust into computation itself. The goal is to make reliability explicit:
who is attesting
which time sources are recognized
what policies govern acceptance
where accountability resides
Inside those boundaries, correctness can operate with extraordinary precision.
Outside them, recognition and responsibility take over.
Trusting a system blindly is, in many ways, a modern form of magical thinking. We begin attributing agency to the system itself, as though reliability were an intrinsic property radiating from the machinery. It is not so different from believing that a wand possesses power independent of the wizard holding it. The object becomes mystified because the underlying actors, intentions, and anchors disappear behind layers of abstraction. But systems do not act. Code does not intend. Protocols do not assume responsibility for outcomes. They merely execute according to their structure. The moment the actors behind the system become invisible, the system itself starts to acquire an almost supernatural authority in the minds of its users. This is precisely where the most dangerous failures emerge, and not from incorrect computation, but from misplaced attribution. Reliability was never inside the object. It always lived with the actors standing behind it.
There is a useful analogy here from physical construction.
During our own house renovation, we discovered that the most important problems were not cosmetic. The visible surfaces looked fine. The deeper issue was structural. Hidden behind the walls were supporting beams that were no longer up to code. Until those supports were corrected and certified by engineers, nothing built on top of them could truly be relied upon.
Digital systems are no different.
The structural beams are not the interfaces, dashboards, or polished protocols. The real supports are the reliability anchors:
the actors who stand behind actions
the timekeepers who anchor events
the recognition structures that give actions meaning
If those are weak, hidden, or assumed, the system may still appear correct while remaining fundamentally unreliable.
This is the boundary most systems attempt to hide.
Not because the systems are malicious, but because we are uncomfortable admitting that the most important properties of a system are precisely the ones that cannot be computed.
But once the boundary is acknowledged, system design becomes clearer and more honest.
Large language models (LLMs) make this tendency toward magical thinking even more acute. They present as fluent, responsive, and authoritative, and it becomes easy to treat them like a kind of wand: ask a question, receive an answer, and assume the system itself carries understanding. But what sits behind that surface is not reasoning in the human sense, nor a structure that can be inspected or validated in any complete way. The internal state of these models lives in vast, high-dimensional parameter spaces that no one can meaningfully perceive or fully interpret. There is no tractable way to prove their outputs are correct across all contexts; at best, we can sample, test, and observe patterns of behaviour. And reliability is even further removed: there is no accountable actor standing behind each response, no clear anchor of intent, and no stable notion of when an answer “counts.” To treat such systems as inherently trustworthy is to substitute opacity for assurance. It is not that LLMs are useless. Far from it. But that relying on them without explicit anchors of accountability and validation turns their apparent authority into a risk.
What becomes visible, once the layers of abstraction are stripped away, is that systems are built on two fundamentally different kinds of foundations. One foundation is formal and internal: assumptions, rules, and logic that permit mechanical validation. The other is external and relational: actors, timekeepers, and institutions whose claims are accepted because they are recognized and relied upon. Confusing these two foundations is where many modern systems lose their clarity.
Correctness rests on axioms and rules. Reliability rests on anchors and recognition.
The two are related, but they are not the same.
One belongs to logic.
The other belongs to responsibility.
Prove correctness. Anchor reliability.
Because in the end:
Correctness tells you something is valid. Reliability tells you it matters.
What this ultimately reveals is that the true boundaries of systems are not computational: they are relational. Logic reaches only as far as its axioms and rules permit. Beyond that boundary lie the anchors that systems depend upon but cannot generate for themselves: trusted actors, recognized timekeepers, intentionality, and the willingness of others to accept claims as meaningful. The mistake modern systems repeatedly make is attempting to erase this boundary, treating reliability as though it were simply another problem of computation. But enduring systems are not the ones that eliminate boundaries; they are the ones that recognize them clearly, expose them honestly, and build around them deliberately. Once you see the boundary, you stop asking systems to perform magic. You ask them instead to do what they are actually capable of: prove correctness cleanly, while making the sources of reliability visible and accountable.