A research compilation of interesting trust architecture examples across domains. Organized by category with notes on what makes each compelling for analysis.
Selection criteria:
- Something interesting (often bad) happened
- Unusually successful trust architecture
- Innovative/novel approach to trust problems
| Example | What Happened | Why It’s Interesting |
|---|
| FTX Collapse (2022) | $8B customer funds misappropriated; CEO now imprisoned | Trust concentrated in charismatic founder; auditors failed; “effective altruism” reputation as trust signal; crypto’s trust-minimization ideology failed in practice |
| Bernie Madoff (2008) | $65B Ponzi scheme ran for decades | SEC examined multiple times and missed it; feeder funds provided trust laundering; exclusivity created false trust signal |
| Wirecard (2020) | €1.9B that “existed” didn’t; German fintech darling | Auditors (EY) failed; German regulators protected national champion; short sellers attacked as unpatriotic |
| Barings Bank (1995) | Single trader (Nick Leeson) destroyed 233-year-old bank | No separation of front/back office; trader controlled his own oversight; $1.3B loss |
| LTCM (1998) | Nobel laureates’ hedge fund nearly crashed global markets | Trust in quantitative models; correlation assumptions failed; leverage amplified trust failures |
| Enron/Arthur Andersen (2001) | Auditor complicity in fraud destroyed both firms | Trust laundering through auditor; document destruction; Big 5 became Big 4 |
Common patterns:
- Trust concentrated in individuals/small groups
- Auditors as trust launderers who failed
- Reputation signals (prestige, credentials) substituting for verification
- Leverage amplifying trust failures
| Example | What It Is | Why It’s Interesting |
|---|
| Hawala Networks | Informal value transfer across borders with no paper trail | Works on reputation in tight communities; operates for centuries; trust without legal enforcement (like criminal orgs) |
| Lloyd’s of London | Insurance market where individuals (“Names”) personally back policies | ”Utmost good faith” doctrine; unlimited personal liability created alignment; survived 300+ years |
| SWIFT Network | Interbank messaging for $5T+/day in transfers | Cooperative owned by members; Belgian law; survived being weaponized for sanctions |
| Letters of Credit | Bank guarantees enabling trade between strangers | Trust intermediation allowing global commerce; standardized by ICC |
| Credit Card Chargebacks | Consumer can dispute charges; merchant bears burden | Created trust in card-not-present transactions; enabled e-commerce |
| Credit Unions | Member-owned financial cooperatives | Mutual structure aligns incentives; lower fraud rates than banks |
| Example | What Happened | Why It’s Interesting |
|---|
| Tuskegee Syphilis Study (1932-1972) | 40 years of withholding treatment from Black men to study disease progression | Destroyed trust in medical research for generations; led to modern IRB system |
| Thalidomide (1950s-60s) | Drug caused birth defects; different approval paths in US vs Europe | FDA’s Frances Kelsey blocked US approval; created modern drug approval regime |
| Theranos (2003-2018) | Fake blood testing technology | Already covered—trust without verification capacity |
| Opioid Crisis (ongoing) | Pharma companies promoted addictive drugs | Purdue’s trust exploitation; doctors trusted pharma; FDA trusted trials |
| Contaminated Blood Scandal (UK, 1970s-80s) | Infected blood products given to hemophiliacs | NHS trusted US plasma suppliers; 3,000+ deaths; decades of cover-up |
| Chinese Vaccine Scandals (2018) | Defective vaccines given to children | State-owned enterprise, weak oversight; destroyed domestic vaccine trust |
| Surgeons with high mortality rates | Some surgeons operate for years with poor outcomes | Medical guild protects members; peer review failure; “M&M” conferences insufficient |
| Example | What It Is | Why It’s Interesting |
|---|
| Organ Transplant Allocation (UNOS) | Algorithm-based organ matching and distribution | Replaced corrupt local allocation; trust through algorithm transparency |
| Blood Supply Chain | Volunteer donation → testing → distribution | Trust in anonymous donors; rigorous testing; rarely fails |
| WHO Smallpox Eradication | Coordinated global effort eliminated disease | Trust between Cold War adversaries; verification through surveillance |
| Cochrane Reviews | Systematic meta-analyses of medical evidence | Trust through methodology transparency; conflicts of interest policies |
| Surgical Checklists | Simple protocol reduced surgical deaths 40%+ | Trust verification through process; Atul Gawande’s work |
| Second Opinion Culture | Standard practice to seek independent verification | Institutionalized adversarial verification in medicine |
| Example | What Happened | Why It’s Interesting |
|---|
| Boeing 737 MAX (2018-2019) | Two crashes, 346 deaths; software system (MCAS) not disclosed to pilots | Trust in manufacturer → FAA delegated certification to Boeing; cost-cutting culture; single sensor failure |
| Tenerife Airport Disaster (1977) | 583 deaths; deadliest aviation accident | Communication failures; authority gradient (captain vs. others); led to Crew Resource Management |
| Challenger Disaster (1986) | O-ring failure killed 7 astronauts | Engineers’ warnings overridden; “normalization of deviance”; organizational trust failure |
| Air France 447 (2009) | Crashed into Atlantic; pilots mishandled stall | Automation trust → skill atrophy; pilots didn’t understand what automation was doing |
| Lion Air 610 / Ethiopian 302 | Both 737 MAX crashes | Same as above—systemic trust architecture failure |
| Costa Concordia (2012) | Cruise ship capsized; captain abandoned ship early | ”Captain’s discretion” trust model failed; 32 deaths |
| Example | What It Is | Why It’s Interesting |
|---|
| Crew Resource Management (CRM) | Training to flatten cockpit hierarchy for safety | Reduced authority gradient; anyone can raise concerns; emerged from Tenerife |
| Aviation Safety Reporting System (ASRS) | Anonymous, non-punitive incident reporting | NASA-administered; immunity incentivizes reporting; catches near-misses |
| Air Traffic Control | Centralized management of airspace | Trust through standardization; remarkable safety record |
| TCAS (collision avoidance) | Automated system that overrides ATC | Trust in algorithm over humans in specific context; pilots must obey |
| Ship Classification Societies | Lloyd’s Register, DNV verify vessel safety | Private verification trusted for 250+ years; self-regulation that works |
| Black Box Requirements | Mandatory flight recorders | Trust through post-hoc verification; changed investigation culture |
| Example | What Happened | Why It’s Interesting |
|---|
| Munich Agreement (1938) | “Peace for our time” → Hitler invaded anyway | Trust in adversary’s commitment; appeasement failure |
| Bay of Pigs (1961) | CIA-backed invasion fiasco | Trust in agency over president’s judgment; groupthink |
| Iran-Contra (1985-87) | Secret arms sales funded illegal operations | Trust in “deniability”; parallel trust chains |
| Intelligence Failures (Iraq WMD) | “Slam dunk” case was wrong | Trust in intelligence agencies; confirmation bias; groupthink |
| Cambridge Five | Soviet spies in British intelligence for decades | Trust based on class/education credentials; Philby, Burgess, Maclean, etc. |
| Aldrich Ames / Robert Hanssen | CIA/FBI officers spied for Soviets | Insider threat in trust-dependent organizations; polygraph theater |
| Example | What Happened | Why It’s Interesting |
|---|
| IAEA Nuclear Inspections | International verification of nuclear programs | Trust through physical access; worked until it didn’t (Iraq, Iran, DPRK) |
| Vienna Convention on Diplomatic Relations | Framework for diplomatic immunity | Creates trust through guaranteed safety; enables communication |
| Montreal Protocol (1987) | Eliminated ozone-depleting substances | Trust between nations on environmental action; actually worked |
| Antarctic Treaty (1959) | Demilitarized continent; open inspections | Trust through transparency; 60+ years of success |
| Five Eyes Intelligence Alliance | US/UK/Canada/Australia/NZ intelligence sharing | Deep trust between allies; survived decades without major breaches |
| Hotline (Moscow-Washington) | Direct communication to prevent accidental war | Trust through communication; used during Cuban Missile Crisis |
| Open Skies Treaty | Surveillance flights to verify compliance | Trust through reciprocal transparency (US withdrew 2020) |
| Example | What Happened | Why It’s Interesting |
|---|
| Volkswagen Emissions Scandal (2015) | Software cheated on emissions tests | Trust in certification process; 11M vehicles affected; $30B+ cost |
| Wells Fargo Fake Accounts (2016) | 3.5M unauthorized accounts created | Trust in bank → massive internal fraud; incentive misalignment |
| Uber (various) | Sexual harassment cover-ups; Greyball program | ”Move fast and break things” trust culture; regulatory evasion |
| WeWork (2019) | $47B valuation collapsed to near zero | Trust in founder → no governance; SoftBank enabled |
| Tyco/Kozlowski (2002) | CEO looted $400M+ from company | Trust in executives; board failure |
| WorldCom (2002) | $11B accounting fraud | Auditor trust failure (Arthur Andersen again); largest bankruptcy at time |
| Satyam Computer Services (2009) | India’s “Enron”; $1B fraud | Founder confessed in letter; “cooking the books” |
| Example | What It Is | Why It’s Interesting |
|---|
| Toyota Production System | Andon cord lets any worker stop production line | Trust in frontline workers; quality through distributed authority |
| Franchise Model (McDonald’s) | Standardized operations across independent operators | Trust through process, not people; brand as trust anchor |
| ISO 9001 Certification | Quality management standards | Third-party certification creates trust; “trust through bureaucracy” |
| Kimberley Process | Certification for “conflict-free” diamonds | Trust labeling for ethical sourcing; partial success |
| Fair Trade Certification | Supply chain ethics verification | Consumer trust through certification; market for “verified ethics” |
| B Corps | Benefit corporation certification | Trust through legal structure change; stakeholder accountability |
| Employee Ownership (Mondragon) | Cooperative network, 80K+ workers | Trust through ownership alignment; 65+ years of success |
| Partnership Model (Law/Consulting) | Partners have unlimited liability | Personal liability creates alignment; Goldman, McKinsey, etc. |
| Example | What Happened | Why It’s Interesting |
|---|
| DigiNotar (2011) | Certificate authority hacked; fraudulent certs issued | Single CA compromise endangered entire PKI; company went bankrupt |
| SolarWinds (2020) | Supply chain attack hit 18,000+ organizations | Trust in software updates weaponized; Russian state attack |
| Log4j (2021) | Critical vulnerability in ubiquitous library | Single volunteer-maintained library everywhere; patch chaos |
| Heartbleed (2014) | OpenSSL vulnerability exposed private keys | Critical infrastructure maintained by few; trust in crypto libraries |
| Mt. Gox (2014) | Bitcoin exchange lost 850,000 BTC | ”Code is law” ideology met reality; no recourse |
| The DAO (2016) | Smart contract hack drained $60M | ”Code is law” → hard fork to reverse; trust in immutability violated |
| Equifax Breach (2017) | 147M people’s data exposed | Trust in credit bureaus with your data; no consent, no recourse |
| Colonial Pipeline (2021) | Ransomware shut down major fuel pipeline | Critical infrastructure connected to internet; $4.4M ransom paid |
| Example | What It Is | Why It’s Interesting |
|---|
| Certificate Transparency | Public log of all SSL certificates | Trust through transparency; catches rogue CAs |
| Let’s Encrypt | Free, automated SSL certificates | Democratized encryption; reduced trust barrier |
| Signal Protocol | End-to-end encryption standard | Trust through open cryptography; even compromised server can’t read |
| Tor Network | Anonymous communication | Trust distributed across nodes; no single point of compromise |
| Bitcoin Consensus | Trustless monetary system (in theory) | Trust in math/incentives vs. institutions; Nakamoto consensus |
| Bug Bounty Programs | Pay hackers to find vulnerabilities | Trust through adversarial verification; HackerOne, etc. |
| HTTPS Everywhere | Movement to encrypt all web traffic | Trust through universal encryption; largely successful |
| Password Managers | 1Password, Bitwarden, etc. | Trust concentration trade-off; single point of failure vs. better passwords |
| DNS Root Servers | 13 organizations manage global DNS | Distributed trust for internet infrastructure; remarkably stable |
| IETF/RFC Process | Internet standards development | ”Rough consensus and running code”; trust through process |
| Example | What Happened | Why It’s Interesting |
|---|
| Replication Crisis | 50%+ of psychology findings don’t replicate | Trust in published science; p-hacking; publication bias |
| Diederik Stapel (2011) | Social psychologist fabricated data in 50+ papers | Trusted professor, no verification; peer review failure |
| Hwang Woo-suk (2005) | Korean stem cell researcher faked results | National hero status created trust shield; Science retracted |
| Andrew Wakefield (1998) | Fraudulent MMR-autism link paper | Lancet took 12 years to retract; anti-vax movement spawned |
| Jan Hendrik Schön (2002) | Bell Labs physicist faked data in 16 papers | Prolific output created trust; retractions followed |
| Duke University Anil Potti (2010) | Cancer research fraud affected clinical trials | Patients enrolled based on fraudulent research |
| Theranos (science angle) | No peer review, secrecy as strategy | Deliberately avoided scientific trust mechanisms |
| Example | What It Is | Why It’s Interesting |
|---|
| Registered Reports | Peer review before results known | Trust through precommitment; reduces publication bias |
| arXiv Preprints | Open access before peer review | Trust through transparency; faster science |
| Open Science Framework | Pre-registration and data sharing | Trust through verifiability |
| Retraction Watch | Tracks scientific retractions | Trust through accountability journalism |
| CERN Collaboration Model | Thousands of physicists, shared authorship | Trust through radical transparency; Higgs discovery |
| Human Genome Project | International collaboration to sequence genome | Trust between competitors; data sharing norms |
| Polymath Project | Collaborative mathematics online | Trust in open collaboration; solved problems |
| Example | What It Is | Why It’s Interesting |
|---|
| Papal Conclave | Cardinals locked in until they elect pope | Physical containment ensures process completion; 2/3 majority; white smoke signal |
| Seal of Confession | Catholic priests cannot reveal confessions | Absolute confidentiality; priests have gone to prison rather than testify |
| Beth Din (Jewish Courts) | Religious arbitration, still used | Parallel legal system based on religious trust; binding in civil law |
| Hawala (Islamic) | Already mentioned—religious roots | Trust based on community/religious ties |
| Waqf (Islamic Endowment) | Permanent charitable trusts | Trust through religious obligation; some 1000+ years old |
| Sanctuary Tradition | Churches as refuge from law | Sacred space trust; occasionally still invoked |
| Truth and Reconciliation Commissions | Post-conflict justice through testimony | Trust through amnesty; South Africa model |
| Oaths and Vows | Sworn statements with religious weight | Trust through divine witness; “so help me God” |
| Kosher/Halal Certification | Religious dietary compliance | Trust through religious authority; parallel to secular certification |
| Example | What Happened | Why It’s Interesting |
|---|
| Watergate (1972-74) | Already covered in trust-across-civilizations | Loyalty-based trust architecture failure |
| Iran-Contra | Already mentioned | Parallel chains, deniability |
| Hurricane Katrina Response (2005) | FEMA failure; “heck of a job, Brownie” | Trust in incompetent appointees; cronyism |
| VA Healthcare Scandal (2014) | Wait time manipulation; veterans died | Trust in reported metrics; gaming |
| Flint Water Crisis (2014-present) | Lead poisoning from cost-cutting | Trust in state oversight failed; EPA failed to intervene |
| IRS Targeting Controversy (2013) | Alleged targeting of political groups | Trust in nonpartisan administration |
| NSA Mass Surveillance (Snowden, 2013) | Secret programs revealed | Trust in “oversight” was theater; FISA court rubber-stamp |
| Example | What It Is | Why It’s Interesting |
|---|
| Federal Reserve Independence | Central bank insulated from politics | Trust through structural independence; 100+ year success |
| GAO (Government Accountability Office) | Congressional watchdog | Trust through independent auditing |
| Inspector General System | Independent watchdogs in agencies | Distributed oversight; mixed success |
| Freedom of Information Act | Right to government records | Trust through transparency; 1966 |
| Administrative Procedure Act | Requirements for rulemaking | Trust through process; notice and comment |
| Civil Service System | Merit-based hiring vs. patronage | Trust through professionalization; Pendleton Act 1883 |
| Independent Counsel / Special Prosecutor | Investigation independent of executive | Trust through independence; used for Watergate, Clinton, Trump |
| Example | What Happened | Why It’s Interesting |
|---|
| Tragedy of the Commons (various) | Overfishing, overgrazing, pollution | Classic trust failure in collective action |
| Carbon Markets (early EU ETS) | Over-allocation crashed prices | Trust in self-reported baselines |
| Easter Island Deforestation | Civilization collapsed | Long-term commons failure |
| Aral Sea | Soviet irrigation destroyed sea | Central planning trust failure |
| Example | What It Is | Why It’s Interesting |
|---|
| Maine Lobster Fisheries | Self-governed fishing territories | Trust through community; Ostrom case study |
| Swiss Alpine Meadows | Community grazing management for 500+ years | Long-term commons success |
| Acequia Water Systems | New Mexico irrigation cooperatives | Trust through tradition; centuries old |
| Wikipedia | Collaborative encyclopedia | Trust through radical openness; edit wars resolved |
| Linux Kernel Development | Thousands of contributors, one dictator | ”Benevolent dictator” model; Linus as trust anchor |
| Creative Commons | Standardized sharing licenses | Trust through legal clarity |
| Quadratic Voting/Funding | Novel voting mechanisms | Trust through mechanism design; Gitcoin |
| Example | What Happened | Why It’s Interesting |
|---|
| Abu Ghraib (2004) | Prisoner abuse by US soldiers | Trust in military discipline failed; chain of command |
| My Lai Massacre (1968) | US soldiers killed civilians | Trust in rules of engagement; cover-up |
| Blackwater Nisour Square (2007) | Private contractors killed 17 Iraqi civilians | Trust in private military; accountability gaps |
| USS Vincennes (1988) | Shot down Iranian civilian airliner | Trust in automated systems; 290 deaths |
| Friendly Fire Incidents | Ongoing issue in all militaries | Trust in identification systems |
| Chelsea Manning / Snowden Leaks | Massive classified disclosures | Trust in security clearance system; insider threat |
| Example | What It Is | Why It’s Interesting |
|---|
| Geneva Conventions | Rules of war respected (usually) | Trust between adversaries; reciprocity |
| Prisoner Exchanges | Trust between enemies | Simultaneous exchange problem; how it’s solved |
| NATO Command Structure | Multi-national military integration | Trust across languages, cultures, doctrines |
| Rules of Engagement | Constraints on use of force | Trust through procedure; varies by context |
| Security Clearance System | Background checks for access | Trust through investigation; periodic reinvestigation |
| ”Two-Person Integrity” | Requires two people for sensitive operations | Trust through mutual verification |
| Example | What Happened | Why It’s Interesting |
|---|
| Florida 2000 | Hanging chads, Supreme Court decided election | Trust in counting process; butterfly ballot design |
| Various Disputed Elections | 2020 US, Belarus 2020, Venezuela, etc. | Trust in election integrity; what makes elections credible? |
| Diebold Voting Machines | Security vulnerabilities demonstrated | Trust in electronic voting; no paper trail |
| Cambridge Analytica (2018) | Facebook data used for targeting | Trust in social media platforms; election influence |
| Russian Interference (2016) | Social media manipulation, hacking | Trust in information ecosystem |
| Example | What It Is | Why It’s Interesting |
|---|
| Estonian E-Voting | National online voting system | Trust through cryptography; digital identity |
| Risk-Limiting Audits | Statistical verification of results | Trust through sampling; Colorado model |
| Independent Election Commissions | Nonpartisan administration | Trust through independence; varies by country |
| International Election Observers | External verification | Trust through third-party oversight |
| Ranked Choice Voting | Alternative voting system | Trust through mechanism design; reduces spoilers |
| Paper Ballot Backups | Physical records of votes | Trust through verifiability |
| Example | What It Is | Why It’s Interesting |
|---|
| Prediction Markets | Bet on outcomes to aggregate information | Trust in incentive alignment; Polymarket, Metaculus |
| Futarchy | ”Vote on values, bet on beliefs” | Robin Hanson proposal; trust through markets |
| Quadratic Voting | Square root of votes to reduce plutocracy | Trust through mechanism; Radical Markets |
| Harberger Taxes | Self-assessed property with forced sale | Trust through aligned incentives; experimental |
| Dominant Assurance Contracts | Refund + bonus if threshold not met | Trust through guaranteed downside |
| DAOs (Decentralized Autonomous Organizations) | Code-governed organizations | Trust in smart contracts; mixed results |
| Liquid Democracy | Delegable proxy voting | Trust through flexible delegation |
| Conviction Voting | Time-weighted voting | Trust through commitment |
| Example | What It Is | Why It’s Interesting |
|---|
| Anonymous (hacker collective) | No leaders, fluid membership | Trust without identity; coordination without hierarchy |
| Burning Man | Gift economy, radical inclusion | Trust through cultural norms; temporary society |
| Kibbutz Movement | Israeli collective communities | Trust through shared ownership; evolution over time |
| Amish Rumspringa | Youth experience outside world, then choose | Trust through informed consent |
| Alcoholics Anonymous | Peer support, anonymity, sponsor system | Trust through shared vulnerability; 12-step model |
| Witnesses Protection Program (WITSEC) | New identities for informants | Trust created through dependency |
| Dead Man’s Switch | Action triggered by lack of action | Trust through mutually assured disclosure |
| Example | Type | Key Insight |
|---|
| Boeing 737 MAX | Failure | When regulator delegates certification to regulated; cost-cutting vs. safety |
| FTX Collapse | Failure | Trust in “effective altruist” founder; crypto’s trust-minimization failure |
| Crew Resource Management (Aviation) | Success | How to reduce authority gradients; anyone can raise concerns |
| Wikipedia | Success | Trust through radical openness; how 300M+ articles mostly work |
| SWIFT Network | Success | How $5T/day moves on trust; what happens when weaponized |
| Prediction Markets | Innovative | Trust through incentive alignment; alternatives to expert panels |
| Papal Conclave | Unusual | Physical containment, 2/3 majority, centuries of operation |
| Certificate Transparency | Success | Trust through mandatory disclosure; catching rogue actors |
| Replication Crisis | Failure | When “published” doesn’t mean “true”; trust in science |
| Example | Type | Key Insight |
|---|
| Hawala Networks | Success | Trust without legal enforcement; centuries of operation |
| Toyota Production System | Success | Trust in frontline workers; andon cord |
| IAEA Inspections | Mixed | What verification can and can’t do |
| Tuskegee Study | Failure | Destroyed medical research trust for generations |
| Truth and Reconciliation | Innovative | Trust through amnesty; post-conflict justice |
| Geneva Conventions | Success | Trust between adversaries; reciprocity |
| Mt. Gox / The DAO | Failure | ”Code is law” meets reality |
| Snowden/Manning | Mixed | Insider threat; security clearance failure |
| Risk-Limiting Audits | Innovative | Trust through statistical verification |
Everything else in this document—interesting but less compelling as standalone pieces.
Based on this research, the most promising next documents would be:
-
Boeing 737 MAX: When the Regulator Trusted the Regulated — FAA delegated certification; cost-cutting; organizational trust decay
-
Wikipedia: Trust Through Radical Openness — How 300M+ articles mostly work; edit wars; vandalism defense; neutral point of view
-
FTX and the Crypto Trust Paradox — Trust-minimization ideology; “don’t trust, verify” met “trust me, bro”; effective altruism as reputation shield
-
Crew Resource Management: Flattening Authority Gradients — From Tenerife to modern cockpits; how to let juniors challenge seniors
-
Prediction Markets vs. Expert Panels — Different trust architectures for aggregating information; when each works
-
The Replication Crisis: When Science Wasn’t Trustworthy — P-hacking; publication bias; registered reports as solution
-
SWIFT: Moving $5 Trillion a Day on Trust — How interbank messaging works; what happened when weaponized for sanctions
-
Medical Trust After Tuskegee — How one study destroyed trust for generations; IRB system as response