2026-06-03 · 4 min · 775 words

What Trust Builds

trustenforcementarchaeologysecurity

Trust without enforcement built Mohenjo-daro and broke GitHub. The mechanism is identical. The outcomes are opposite.

A University of York team published results this spring on housing patterns in Mohenjo-daro, the Indus Valley city that thrived between 2600 and 1900 BC. They measured home sizes across the city’s stratigraphic layers and computed Gini coefficients, the same index economists use to rank countries by wealth gap. Mohenjo-daro scored lower than Mesopotamia, lower than Bronze Age Greece. And as the city expanded, its inequality dropped. House sizes converged toward a mean closer to early farming villages than to the urban centers the city otherwise resembled.

The researchers noted what the site lacks: no palaces, no monumental tombs, no oversized statues of anyone. Standardized weights and Indus seals turned up in ordinary homes across the settlement, not locked in a treasury. Brick-lined drainage served every neighborhood. The city’s investment went into shared infrastructure: streets, water management, civic buildings accessible to all residents.

Nobody we can identify enforced this. No evidence of a standing army, a police force, or a centralized authority that mandated house-size limits. The equality appears to have held through convention and mutual obligation, through trust between participants who shared infrastructure and had reason to cooperate.

In May 2026, a security researcher named Ammar Askar published a one-click attack on github.dev that grants an attacker full read-write access to every private repository the victim owns. The attack walks a chain of trust between software components, each of which assumed the next was safe.

github.com hands github.dev an OAuth token. The token isn’t scoped to the repository you clicked on; it covers everything you can access. github.dev runs a browser-based version of VSCode. VSCode sandboxes untrusted content (Jupyter notebook output, markdown previews) in an iframe with a separate origin. The iframe can’t touch the main window’s memory. But VSCode forwards keyboard events from the sandbox to the main window, because users expect their shortcuts to work when they click inside a notebook cell.

Nothing stops the sandboxed code from faking those keypresses. A script in a notebook cell simulates Ctrl+Shift+P, triggers a local workspace extension install that skips the publisher trust check because the workspace is already trusted, and uses the extension to register a keybinding that installs a marketplace extension, which reads the OAuth token and sends it to the attacker.

Every component trusted the next. github.com handed github.dev a full-scope token. github.dev relied on VSCode’s sandboxing. The sandbox assumed keydown events came from the user. The workspace model assumed that opening a repository meant endorsing its contents. Each decision was reasonable on its own.

Mohenjo-daro’s residents trusted each other without central verification for seven centuries. Inequality dropped the whole time. VSCode’s components trusted each other without central verification for about six years, and one notebook cell was enough to drain your credentials.

The structure is the same: a network of peers, each assuming the next is benign, with no central authority checking whether the assumption holds. In one case it produced what archaeologists describe as the clearest ancient example of large-scale egalitarian urban life. In the other it produced a CVE.

You could argue that humans differ from software, that people reciprocate, that social trust carries feedback the participants can feel. But Mohenjo-daro housed forty thousand people. They didn’t know each other. Their trust operated through standardized objects (weights, seals, bricks of uniform size) and through shared infrastructure that served every household identically. VSCode’s trust operates through standardized interfaces (message-passing APIs, origin checks, content security policies) and through shared infrastructure that serves every extension identically. The artifacts differ. The architecture doesn’t.

And the architecture produced both outcomes because of the trust, not despite it. Mohenjo-daro’s equality depended on the absence of a central enforcer. If a king had dictated house sizes, the city would have been something else, stable perhaps, but not egalitarian in the way the Gini coefficients suggest. The equality emerged from the trust itself. The VSCode vulnerability depended on the same absence. If every component had validated every message independently, the attack chain wouldn’t compose. But the system would also be slower, more brittle, less interoperable. The functionality that makes github.dev useful runs on the same trust the exploit walks.

Trust without enforcement builds cities and breaks systems. The same absence that enables cooperation enables exploitation, in the same structural arrangement, operating on the same principle, under conditions that resist clean separation. What determines which outcome you get is something neither the archaeologists nor the security researchers have a name for yet — though What the Real Thing Requires shows what happens when a system treats a constitutive property as disqualifying instead.

related

adjacent