Lets Talk Bitcoin - Episode 55.

Participants Host - Adam B. Levine (AD) Andreas M Antonopoulos (AS) Allan Reiner (AR) Dr. Stephanie Murphy (DR) AD: Hi and welcome to episode 55 of Lets Talk Bitcoin, a twice weekly show about the ideas, people and projects building the digital economy and the future of money. Visit us at letstalkBitcoin.com for our daily guest blog, all our past episodes, and of course tipping addresses. My name is AD B. Levine and today is satoshi day, on November 1st 2008 the Bitcoin whitepaper was released with little fanfare, and today 5 years later it's humbling to see how far we've come. As teased on episode 54 AR Reiner founder and CEO of Armory technologies and lead developer of the open source armory project joins me today for an in depth interview. Never heard of armory? After this episode that won't be the case. We talk paper backups, fragmented secrets, life as a funded open source projects, features on the horizon and much more. That interview occupies the middle of today's show and is almost exactly 30 minutes long. For the rest of the episode Bitcoin 0.9 is coming soon and it's packed with material that on it's face might be a little tough to understand. Have no fear AS is here, we start going through the list to be completed on episode 56 and making sense of it all, Stephanie and I have lots of questions. Spoiler Alert! Things actually are going to get easier, so happy Satoshi day everybody. May our next five years be as eventful as the first. Enjoy the show! Break --AD: So here on letstalkBitcoin we like to talk about complicated issues in understandable terms, and that's something actually we stopped saying that on this show because it sort of became a thing we've said all the time. But, here I think it's particularly applicable, Gavin Andresen the lead developer of the Bitcoin project put up a blog post on the Foundation's site called Core Development of number 5 that basically goes over everything that's coming in the client .9 update. That update isn't out yet, it's going to be out it sounds like in the next couple of months, I don't think we have a firm date on it, but there's lots of stuff that's changing and lots of stuff that's happening in this update and I think it's very important that we address this and break it down point by point. As always I'm joined by AS M Antonopoulos and Dr. Stephanie Murphy, Hi guys. Hello? DM - Hi

AD - We're going to jump right into this, this is straight from the blog post, we're going to go through this point by point and talk about each of the issues as they come up. And kind of get a feeling of what's going to change in this coming major update. From the article, Since my last update at the end of June, the core development team produced two minor bug-fix releases while working towards a major 0.9 release. Weve reviewed and closed over 300 pull requests, which range from correcting the spelling of a word in a comment to major new features like the payment protocol. Ill highlight some changes that are already in the 0.9 source tree, and then write briefly about some changes that we hope will be ready soon. The first change that they talk about is Provably Prune-able Outputs. There have been huge debates in the past about embedding data in the blockchain; some people feel that the blockchain should be a public resource available to use for whatever people like, as long as they pay sufficient transaction fees to make it worthwhile for miners to store their transactions. Others feel that the blockchain should only contain the data necessary to validate Bitcoin transactions, and any other data should be stored separately. AS: Gavin really talks about provably prune-able outputs and it's a bit confusing because it's not clear what provable prune-able outputs have to do with putting data in the blockchain, so let me very briefly explain this. Because there wasn't an official mechanism for putting data in the blockchain, people created fake transactions. And, these transactions were to addresses that don't exist, so instead of paying Bob at a coffee shop for your coffee and sending it to Bob's address, someone's trying to use it as a notarization service, and they send a tiny payment to a bogus address, and this bogus address is basically an unspendable output. Because, it can be used in subsequent transactions to redeem that money because there is no key, there is no, it's not a real transaction. There's no link to unlock it, effectively the key that's supposed to unlock it, it is the data you're supposed to put into the blockchain, it's does work as a key it only works as a block of data that you put in there. The problem with this is that because you have to keep all of the possibly spendable outputs in a database in order to figure out if you can create a new transaction, what that does is every time someone notarizes something it puts a transaction in there, that's going to stay in the blockchain forever. And will never be excluded from the pool of transactions because you don't know if it can be spent or not, it looks like a normal transaction. This solution is to create a transaction specifically for putting data, and because you know it's for data and because you know it can't be spend, and because you know it doesn't have any value, only fees. You can basically discard it. The only nodes that need to keep that are the nodes that are interested in keeping a full archival copy of the blockchain, and it's no longer needed for normal operation and spending. So this is a great compromise, it gives us an official way of putting data in the blockchain without burdening it with fake transactions that we have to carry forever, just incase they might be spendable. Dr. Murphy - Let me interrupt you for a minute AS, up until this update gets made, and notary type data that's in the blockchain is going to stay in the blockchain, is that right? Or can it be retroactively be pruned out?

AS - No, all of the junk that's in there, is in there and remain in there but, it's really not a problem at today's scale. Because, all of these things are tiny and assent services. So, you know, a far bigger problem was the use of unspendable outputs to signal the results of gambling on specific sites, and that was creating dust as it was called, micro transactions that are not spendable. And in fact most of that came from just a few gambling sites, this actually solves that problem too. Because, now you can send back a transaction that says that "you won" or "you lost" without it being a fake transaction. Dr Murphy - So, does this mean that the rate of growth of the blockchain is going to slow perhaps? AS- Not really, the size of this new thing is about the same as the old transactions, it's not really that different. So, it's not really going to make an appreciable difference in the growth of the blockchain. What it will do however is, it will allow you to create nodes. That are full nodes in terms of transactions, but don't have a full copy of every unspendable output, because they can just ignore things that are not payable transactions, so you can separate the stuff that's in the blockchain for money, from the stuff that's in the blockchain for information content, and some nodes can choose not to carry the information, not to remember it or not to keep it in memory. So, it gives them a way to differenciate. Dr Murphy - But, there's still going to have to be some, like amount of nodes that are dedicated to remembering this information though right? Because AS- Correct Dr Murphy - It seems like there could be a risk of it, becoming too centralized right? Like, if only one person has the notarized copy that Stephanie bought a house on this date with Bitcoin. That might be a problem, but if 100 thousand people have that it's probably okay right? AS- Well Actually No, because these transactions will still be mined, will still be propagated across the network, they'll still have proof of work and they'll still have the same security. The full blockchain will include everything. The only question is whether in the in memory database of spendable transactions you keep in the wallet application, or in a payment application. Whether you have to keep these things. So essentially it creates two types of full nodes, those of the transaction focus and those of the archival focus and just keep a full copy of the blockchain for archival purposes. I don't see it as a problem for centralization. All of this stuff will be in the blockchain, will be mined, and will be just as secure as every other transaction. Dr Murphy - Do you think this will change how people, use the blockchain for things like notary purposes? AS- Well, absolutely it creates a really, really neat solution. Now you can create an output that is clearly

for storing data. It's got enough space to make a SHA512 hash it has 80 bytes, so you can do a SHA512 and have some room for some additional meta data. Then you can clearly identify these transactions and process them so, they're not just raw data. They're kinda structured, all of that really is going to make for much more efficient use of the blockchain as an information store. I expect all of the notarization services as soon as this is widely available, to switch to implementing it. Because, it's a much cleaner solution. AD - This is a service that's being offered to these people who want to embed information into the blockchain, but they don't have to exactly change what they're doing do they? They can still, the method they've been using will still work. AS - The method they've been using will work, it'll be less efficient and it's clutchy, but what this is, is a oper and transaction, and in the transaction language that is used to build transactions. So, if before you had, you know, 12 verbs for building transactions. Now, you have 13 verbs for building transactions and one of the exotic types of transactions you can build is kind of this kind of data content transaction. Now, keep in mind the vast, vast majority of transactions on the blockchain follow a very, very simple pattern which is, pay whoever has this public hash address. The vast majority is Address A pays Address B. But the transaction scripting language is much much more sophisticated and complicated than that, you can do a wide variety of things. This gives people more language to use when creating transactions. So, when they create these transactions they can be explicit with them being data content rather than (Clugi?) and building custom transactions that are faked. AD - So, how would someone go about using this? Here's the next quote. The core code has no easy way of creating these new transaction outputs you have to create them yourself using the raw transactions API. And there are no plans to display the data in Bitcoin-Qt, so you dont have to worry about somebody sending you a few millibits and attaching a short-but-annoying message to the transaction. AS- This is no different as to what we have today, none of these fake transactions can be created without having direct access to transaction API. Essentially you hand code these with your own code, to build these transactions. It's really not that hard it's actually only 3 lines of code to build a transaction like this, in pretty much any language. There's no difference in those terms from what we had before. You still will need to build custom code to create these transactions, but the only difference is that now you have the explicit verbs to do that and you're not faking it. AD - So the next section deals with auto tools reading from Gavin's blog post, Less controversial (I hope!) but more disruptive to core development: weve switched from using hand-coded, platform-specific Makefiles and qmake. Dr Murphy - Basically make files that are automatically generated with auto tools.

AD - So, AS, when they're talking about auto tools here this is dealing with how they actually roll out new versions right? AS - No this is the build system, this is taking source code and converting it into binaries for all of the various platforms, ya know Bitcoin is a multi platform source base, a single code base that compiles with multiple targets. You can take the same Bitcoin code and compile it for Windows, for OSX, for Linux, for you know, very wide variety of composite compatible operating systems. Up to now each one of those had it's own kind of custom. Like, if it's OSX, version blah do this. Now it's using auto tools which pearl beach systems they use some heuristics to try to identify what type of system is, and what capabilities it has and then automatically generate the appropriate package. This matters for two reasons. One, it makes it much easier to keep the code base generic while simultaniacy broadening the number of targets this code can be deployed to. And two, it's a lot easier to run automated testing suites on the various builds. So, for example new code is released or Pull request is pulled in or patch is pulled in. That immediately needs testing. So now you can run automated tools that only test the linux version, but you can also run testing on every version of Windows, every version of OSX and do regression testing etc. with those. So, it makes it much easier to do automated builds and more importantly automated testing. AD - AS, can I think of this as standardizing the way that the various clients are being built? AS- Yes, exactly. It's standardizing them to the most common build platform which most operating systems support and it makes it possible to vastly expand the targets, yeah. AD - Also, as a standard user of Bitcoin, but not someone who really gets into the technical side, it this actually something I really need to care about? AS - Uh no, but if you had to download the code and say compile it on Linux in order to use it, to test out Bitcoin QT or run Bitcoin Daemon as a node, a full node on your unix system or hosted server. You'd have to compile Bitcoin. Up to now that involved running qmake and a few other things, and it was a bit of a hit and miss thing. Like, Oh it's not quite the version of Ubuntu it has slightly different version of this library, and then you have to fix all these dependencies. With this new system you type three commands, auto gen, configure and make. And it would basically figure that all out and build it for you, and it makes that process a lot simpler and more standardized. It also makes it easier to package and includes in various operating systems using the operating system standard package manager, so for example in linux you might have rpm's for redhat or deb packages for Ubuntu and Debian, on OSX you have D package or DMG for archives for applications. And on windows you have install shields, exe's or whatever they're using these days on windows. So, it allows you essentially to create automatic installers easier as well. Advertisement - Dr Murphy, easy DNS is the swiss army knife for you domain names, helping meet their customer's individual needs since 1998. Easy DNS has been an outspoken critic of SOPA and SIPA. Easy

DNS was an early supporter of Bitcoin and now they are proud to sponsor this show. Do business with a company that shares your values. Get a 13% discount when you pay with Bitcoin, go to Bitcoin.easydns.com and be sure to use discount code, LTB. DM - You're listening to lets talk Bitcoin, the premier audio cast providing news and insights that cover the rapidly evolving world of digital money. Our twice weekly shows include analysis of late breaking news, updates on key technical, business and regulatory issues and in-depth interviews with the key people driving the new digital economy. LetstalkBitcoin offers sponsors an attractive way to reach a targeted and savy audience. For more information, email sponsors@letstalkBitcoin.com AD - Today on letstalkBitcoin we're joined by one of my favorite guests and entrepreneurs in this space. AR Reiner is the founder and CEO of Armory technologies and he joins us once again on the show. AR, thank you for joining us. AR - Hey AD, Thanks. Thanks for having me. AD - Backing up a second Armory is pretty much my wallet of choice, and I'm not bashful about that at all. It has a lot of really interesting features and you've been developing it as an open source project for the last two years. You've made a lot of progress in that amount of time, and it's become a fairly popular wallet. You just went through a round of funding that saw you upgrade your company that used to be a LLC to a full sized you know corporation. Can you tell us how your journey kind of went about from being a hobbyist open source project to something that's fully funded? AR - Actually for the first year and a half I wasn't anything in terms of companies. I was just a random hobbyist, I still had a full time job working, doing missile defense contracts at a contractor in the DC area. And I was working on Armory in my spare time. Now, as Bitcoin started getting bigger and Armory started getting bigger. And, armories features were in higher demand and people had more money from the growing value of Bitcoin. They felt more pressure to protect that. And Armory has slowly become a trusted choice for those people who are the most paranoid about security. Basically as a part time hobby it kind of got bigger than I could handle as a part timer. I got a first level funding, a very small amount of funding to help convince my fiance to let me quit my job. Within a few months we had trace mayer come along and wanted to give us more funding, and more serious funding. Not just to let me quit my job but to hire other people to do so. Because, he believes, everyone involved here believes that Armory is going to play a big role in helping people secure their money and that there just aren't a lot of other tools that do this. AD - Lets talk about those tools, there hasn't been a lot of development in the wallet space kind of surprising to a lot of people. I sort of attribute this to the fact that when you have something that works, even if it is not super usable. The fact that it works and that it's freely available in the satoshi client has sort of made it so that it's hard to monetize the wallet space, unless you're doing something super

revolutionary. This is clearly a problem you've run into. AR - That's been a topic of discussion, there's even been talk on the Bitcoin forum foundations. People have noted that wallets are difficult to monetize and that it's, we're definitely breaking new ground here and Trace and myself are definitely taking a gamble. In terms of whether we think we can turn an open source project into something that makes money. And luckily Trace and the other investors and everyone closely related to us. We all like Bitcoin, so at the very least we hope that we will be able to develop tools that help grow Bitcoin, even if the company does not find all those monetization avenues. But of course we're pretty optimistic about that too. AD - So, is there an expectation that you're going to monetizing this project from the investors? AR - Eventually AD - Do you have any light to shed on that question, on how you would go about monetizing something like this, or is still definitely in the pot. AR - We have probably dozens of different ways that we can see bringing in money. It's difficult to know which one of those are going to bear the most fruit and how much effort it's going to be to explore those paths. At the moment we're in the mode that we want to get the tools build, keep this thing open source, help grow Bitcoin, and the investors are simply saying they're in no rush on making a return on this. And, we are absolutely planning to explore those avenues but we really want to have a good product before we start on the monetizing. We're a little concerned that if we were to divert resources to build the revenue channels, we'd be hurting ourselves. Because, the product is still not as mature as we'd like it to be. It works very well functionally, but it's usability is kind of lacking right now. AD - So, lets talk about that for a second. Armory on the one hand has all of these really interesting, and I think a lot of them are actually unique as far as Bitcoin wallet's are concerned, features. But, on the other hand it does use a lot of system resources, and requires you to run Bitcoin-D in the background. So, I mean. From a technology standpoint what are the things that you're working on towards improvements of what you have right now. AR - Well, I'll tell you that my core goal of Armory has been security at all costs. And, a lot of people see that, because they find that you have to really want to use Armory to use it. I mean, there's a lot of issues like with RAM resources. People have actually gone and upgrade their computers just to be able run Armory. We're actually nearing very close to solving a whole bunch of those issues, all at once. That isn't resolved yet so at this moment if you're getting excited about Armory and you have less than 8 gigs of RAM. You may have difficulties running the current version. That's because the usability aspect hasn't been our priority. Right now we're trying to fill the niche, something that maximizes security and

whatever it takes. And part of that is when you talk about running Bitcoin-QT in the background, it's because that is the safest way, and the most secure way to communicate with the Bitcoin network, it could take me months and months and months to re- implement that and it wouldn't be as good, and it would have security flaws. As much as people don't like running Bitcoin-QT in the background, if you're really using the app because you want the security and the privacy, that's what you need to do. AD- So AR, for someone who's never used Armory before or really just has been exposed to the Satoshi client, which is that default client that everybody downloads the first time. Can you explain what some of the base features that differentiate Armory from other wallets out there? AR - I think the most important feature of Armory is the backups. It's kind of difficult to describe what's really going on under the hood. The Satoshi client (Bitcoin-QT) Whatever you want to call it, I wish the came up with a better name than that, randomly generates addresses, they generate a pool of them. And when they run out of that pool, it makes more. But, it's not deterministic which means that if you were to restore your wallet to a previous version and regenerate those addresses, you'd get different addresses. That's a serious problem in terms of backups. One of the things that I think is most important for people's security, both security from other people and security from themselves. Is being able to do backups, and people are very bad about consistent backups. So, Armory implements a one time backup system that's as secure as the method that Bitcoin-QT uses. And in fact Bitcoin-QT and all the other clients are moving to a similar scheme. Armory has had that for two years, where you make your wallet the first time and then you can print off a sheet of paper, or if you don't have a sheet of paper you can write down the data on a sheet of paper. And, that's all you need ever, you can use millions and billions of addresses, send and receive money as much as you want. No matter what happens, that piece of paper will always recover your money. AD- Why are you able to do this where the Satoshi client is not? AR - It's not a matter of capability, it's a matter of priorities. It will be a pretty dramatic change for the Satoshi client to implement that because it involves overhauling their wallet code, which is very very sensitive to code. There's something called Bit 32 - Bitcoin improvement proposal. Bit 32 actually specifies a similar scheme and all of the wallet developers have committed to implementing that, it's just I wrote Armory with that from the start. Not Bit 32, but related. So, I wrote armory from the start with this scheme in place, and I didn't have to modify anything to implement it. In one way that was one of my motivations for starting Armory. Was that, you'd dig through the forums and you'd see people either losing money because of stale backups, or overwrote backups, or something. There's just so many ways for that to go wrong, and that if you're protecting a lot of money, you really just want simple and easy, and it's very easy to just print off a backup once with Armory, then forget about it. Go put it in a safe deposit box, and never think about it again.

AD - So, one of the other things that Armory has innovated recently or it's coming out very soon, is this idea of fragmented backups, and I think you're the first implementation of them right? AR - Yes, I believe so. AD - Is that the right term for it, I'm calling them fragmented backups, I don't know if there's an official term. AR - That's a term that I've used in Armory, the real term for it is Shamir's secret sharing, it's called secret splitting, where you can split a piece of data, and in this case is your data. You'd normally print a single piece of paper and that sheet of paper protects your wallet, you can use that sheet of paper, recover your funds and time in the future. But, people who have concerns about physical security, don't like the idea that there's a single point of failure. That someone who gets this piece of paper can instantly take all of your money. There's a common cryptographic technique called Shamir's secret sharing, and I've labeled it fragmented backups. So that this one sheet of paper you would normally print, instead might be three sheets of paper and any two of them is sufficient for recovering your wallet. And that really, really increases the physical security, you may keep one at home or a safe deposit box or give one to your parents to hold onto or, bury it in your backyard or whatever. That gives you the capability that if someone goes digging in your backyard or they snoop in safe deposit boxes, they still can't get the coins. AD - How does this compare in terms of security to something like a digital backup on either another hard drive or another computer. I mean, do you think that it's just flat out better to have physical copies of backups regardless of whether it's fragmented or just a single piece? AR - Absolutely digital copies are not going to be nearly as reliable as physical pieces of paper and not to mention that digital copies are digital. Which means that they are stored in places that a lot of people want to put it online, or store it in Dropbox or some other place. A lot of issues because, you put to a USB key but you don't know whether in two years that USB key is going to work. So, you make a couple different copies, and you spread them around. It's rather suboptimal to do it that way. We believe that being able to have a physical piece of paper that can't be accessed from anyone on the internet that you can just tuck away in a safe deposit box or you know on your bookshelf. Is really the best way to secure yourself. AD - One of the other things that Armory does that's sort of different from a lot of the other wallets out there is it gives you the ability to maintain multiple wallets and have a lot of control over what each one does. You have individual coin control so that you can, when you're making a transaction you can actually pick which inputs, if you want to get this deeply into it, which sometimes I do. That gets sent out so that you can control your privacy leaks and stuff like that. Do you think that most users, or that a normal user

is going to use multiple wallets moving forward? Because, I mean, I use 8 but I think I'm pretty abnormal as far as most people are concerned. AR - I think the capability of using multiple wallets is very powerful it gives much clearer separation of funds especially if you're talking about the other feature of Armory which is the holy grail feature. Being able to keep some money offline, in an offline wallet for extra security. You have to balance your convenience and your security. You want to keep the majority of your funds in a super secure wallet, which might be an offline wallet, but when you're just online and you want to buy something small, you don't want to have to go through that inconvenience of accessing that offline computer. So, being able to keep multiple different wallets for different purposes is good. We'd like to eventually create a mobile app, and you'd be able to track the mobile wallet from your computer and refill it or sweep the money out of it if you lost your phone or something like that. That's a feature benefit of having this kind of multi wallet interface or design. You can use it not only for your own wallets, you can use it for watching other people's wallets. Like your phone wallet or multi sig wallets (That are not developed yet). But, to be able to create addresses that require multiple signatures you need to be able to see other people's wallets. They will give you those for that purpose, I don't know, do any of the other clients have multiple wallets? I don't think so. AD - I don't think so, no. I think that you can do it, but it has more to do with swapping your wallet.dat file and creating an actual new wallet and just swapping the files back and forth. I've done that in the past, the creating watching only copies of the wallets is really interesting. I just set that up for our CFO to watch all of the accounts that he needs to be watching. It was a very easy process. Did I miss any of the relevant features that we should go over now before talking about future development? AR - I mean, I think it's worth emphasizing the offline wallets feature because it is something that's mostly unique to Armory and it's one of the reasons why people use Armory. It's the core reason people use it. AD - I've never used it for that to be perfectly honest with you, I've used the backups before but I haven't done the signing on another computer. Can we talk about, so, the idea is to get your private keys off of a computer that has access to the internet because if the computer has access to the internet, than that means the internet has access to it, which means that you might be vulnerable to viruses or a hacker or something like that. So, how exactly would I make a transaction with an offline balance in this way? AR - I'm going to skip over the details of setting up the wallet for a second, just so you can appreciate the process. Once it's set up people say, well if it's offline how do you send money? And, the way it works is that the wallet shows up in your online computer, it looks identical. Besides having a different color, and it will be labeled offline, and you'll be able to see all of your balances on your online computer, you'll be able to give out payment addresses so people can pay you, it really behaves exactly like any other wallet

in terms of verifying payments and all that. The difference is when you actually go to send money, just like you would with a regular hot wallet, you'll still be able to fill out all the recipients and everything but there will be no send button, because the data that you need to send the transactions is not on that computer, and that's the power of it is, you can still do everything you would do with a regular wallet, but you can't send money. Which means that someone who accesses your computer can't send the money either. Instead of sending them money, the button will save the data to a USB key and you just take that USB key to the offline computer you hit sign, you bring it back and you hit broadcast. And that's how the transaction's completed. If you have the computer's right next to each other, this computer that's never touched the internet that has the wallet on it. You can do it in literally 60 to 90 seconds. It's very quick, rather than hitting send, it's just going to save to the USB key, pop it out, put it in the other computer sign it bring it back and hit broadcast. Once you do it probably 2 or 3 times it becomes a breeze. AD - That does sound easy actually, I assumed it was a much more difficult process. Yeah, that does sound really simple. Are there any weaknesses to that approach besides the fact that you actually have to do steps that involve something outside the computer? AR - This is definitely better than anything else out there. AD - So the founder of Armory wallets says that based on current available technology, secure way to store your Bitcoins and still have them available to transact in a relatively hassle free way. AR - Absolutely, there just really isn't anything better. This can be improved incrementally by improving your processes for setting up your offline computer, also USB keys are not the best thing in the world for accessing secure systems. I would much prefer people use USB keys for Online/Offline computers and have them just keep it online because it's too inconvenient otherwise. Although USB keys, the mechanism for moving data back and forth between the computers is not ideal, it's still far better than saying, oh this is too complicated, I'm just going to keep it online because it's easier. We're actually working on developing some other mechanisms for the people who desire even more security for moving the data back and forth without the caveats of USB keys. AD - What do you think of the hardware devices we've started to see appear? The first one would be the Trezor which I believe either just came out or is just about to come out. Is this a good replacement, is this a different technique or is it just an improvement to the technique because instead of having a full blown computer you just have a dedicated device. AR - I would say that they're 70% solution. I believe that they're an advancement for Bitcoin technology. They will be very easy with a Trezor or, I know at one point Butterfly Labs was creating something called BitSave, but I haven't heard about that in a while. With those devices you get most the benefits of an offline computer, and if the application is set up right, for instance Armory will be supporting Trezor. It

should be very simple, however it doesn't quite have the same confidence level of setting up your own system. In this case you'd be using Armory and you'd be using this hardware device, there's a lot of concerns that the device may not actually be secure, or may not have the same firmware or software that the developers have said it does. Whether maliciously or accidentally, I don't want to discredit them at all, it's just that from a purity perspective you want as simple as possible, a process of moving your money and the more pieces you bring into the process, the more places you've opened up security vulnerabilities. AD - Right, the more places you have the potential for something to go wrong, so even if they have good intentions, it's still because it's a standardized piece of hardware that's specifically intended for this purpose could be compromised either internally or externally. AR - Don't get me wrong, I still believe that it's going to be dramatically better than keeping the money on an online computer, there's just so many ways for that to go wrong. And, I think it's fine for a little bit of cash, and it's convenient and all that, I think the hardware wallets are going to fill demands, something that's in high demand. Which is a nice compromise between getting the full offline computer and keeping everything online. The next thing about the offline computer is you get a whole lot of extra flexibility, you can do a lot more management, you have a lot more control over the wallets with the recent vulnerabilities in Random Number Generators, we'll be adding something like Dice or card shuffling to reduce your reliance on the random number generator in your computer. Which has been found to not be as secure as people have hoped. AD - You took the recent revelations about the random numbers not being so random, as a reason to work towards implementing solutions that don't even use a random number generator, that's very cool. AR - And part of that comes from our users, as soon as something comes out, news that says Bitcoin's were compromised, the first thing that happens is, I get 20 emails saying, Oh my God is this a problem with the Armory? Are you secure, did you know about this? Some people are holding a lot of money. AD - Yeah AR - And, they want to make sure they're covered, so I've had this idea for a while actually then all this NSA revelations and security vulnerabilities have really pushed it up on the priority list for us. AD - What has it been like going from having this be an open source project that you're working on in your spare time by yourself, to something where eventually you'll be able to make it your full time job and then now, are bringing on additional people. I mean, how is that been, is this where you expected to find yourself a couple years down the road when you started this?

AR - Well certainly when I started this I didn't expect to end up here, in fact when I started this, I wasn't even planning to release end user software, I was just creating tools for analyzing the blockchain, analyzing the network and playing with various concepts I was learning. And, it's slowly evolved into what it is now. I anticipated it would just be a long term open source project, there's a lot of them out there, that are developed by just a couple people that persist and people are happy with them. Not major projects, but little projects and I had anticipated this to be a little project, but I didn't see Bitcoin getting as big as it is getting and it definitely deserves full time attention to me now. I will admit that things have been very slow, I've definitely been a lot more distracted than I expected to be, there is so much legal process and so many steps in going through the incorporation, especially when you're doing an actual corporation rather than just an LLC. And you're setting out different share classes and such, there's a whole bunch of agreements and legal stuff, and also doing recruiting, getting your books set up stuff like that has been just a lot more overwhelming than I expected so. I know a lot of users have been disappointed that I haven't been able to get our the latest release which solves a lot of resource issues, but I promise you guys it's coming soon. A lot of those things are out of the way now, so we can focus on the actual development and we have a couple new guys who are helping out, although they are still in the learning phase, they are accelerating what is happening on, on the development phase. AD - So, what are you working towards right now with the team how it is, what are the priorities you are focused on at this point? AR - The current version of Armory, 0.88.1 it's been there, it's been on the website for the past six months, that version will take about 6 gigs of RAM, which is enormous and it'll scan the blockchain on every load. Which can take anywhere from 3 minutes to 30 minutes. So, remember when I was talking about convenience and security and maximizing security at the cost of convenience, Well, you can see you need a strong computer and you need a way to, every time you start it. We're finally getting around to fixing that, things like Satoshi day and just the general growth of the network has accelerated this problem much faster than I have expected. So now this has become the priority. The new version for which there's a testing version out right now, uses 200-300 MB of RAM. It uses probably 1/20th the amount of RAM and it should be very constant. So you could even use it on "regular computer" and it saves all the data between loads so it can start up in less than a minute and frequently much faster than that. This is a huge improvement for Armory, it's just that at the moment there's still some usability bugs in there that we have to get worked out, with some crashes and new data structure is corrupted or something like that. So, we're working on getting that out we hope in the next couple weeks, of course no one's going to believe me when I say in the next couple weeks, because I've said that a lot of times. AD - Just say soon, just say it'll be out soon, (laughing) AR - It'll be out soon

AD - So once the RAM problem's dealt with, so, why exactly has this been such a problem, because I don't think it's a problem for many other wallet clients is it, what are you doing differently that turned this into a problem? AR - Remember when I said this was really more of a hobbyist project? It wasn't even intended to be end user software when I started it. The way the engine was written was not meant to be scalable. And, it worked great for the first year of actually being an end user product but, it just didn't have the scalability there. I was okay with it because the growth of the network didn't look like it was that fast so I said, Okay, I'll have plenty of time to get all these great features developed you know, then I can upgrade that. The network grew so much faster than I anticipated. And, it really was not designed for that from the start. So, it was just a decision that was made early on in the development process before I even knew this was going to turn into a widely used application. And before I realized how fast the Bitcoin network was going to grow. AD - So, in the next couple of months we're going to see the release of Bitcoin .9 or Bitcoin-D .9 which is kind of a major release that among other things incorporates a new payment protocol, essentially lets merchants make payment requests and instead of having a Bitcoin address show up, it'll actually reference a third party who will send back a name. And so, if I had a payment going to me instead of it going to one of my addresses, it would show up for the person paying me as just send to AD Levine or whatever my moniker is on there. Can you talk to me about what the significance of this is and I mean, are there any things you see wrong with it, or is this the right way to go? AR - Well I'll tell you, I've assigned one of our new guys to basically be the guy that deals with payment protocol, I'm only aware at the top level what it's doing so I can't speak too intelligently on it, other than I'm all for the gist of what it's doing and the idea of adding confidence to the payment process. Being able, when someone sends you an email that says send money to this address, you really don't have any confidence, I mean you have confidence that it's right. But, it's easy for an intelligent attacker to manipulate the system and this really dramatically increases the amount of effort to manipulate the system and redivert funds. There's a lot of debate and I want to call it controversy, but a lot of concern that it's being built on technologies like SSL. When you go to an HTTPS website a secure website it's build on the same thing, which hasn't had the best history especially in recent light of all the NSA activities. But, is really the best thing out there in terms of widespread use and adoption, and so we're just piggybacking on that to improve the confidence of money being moved around. AD - One of the things I thought was interesting about it was that in the payment protocol there are third parties that verify the address and name of the person basically. Which is what you're talking about, there are some problems with like, the certificate authority has been accused of not being a tremendously effective system. One of the things I've noticed is that just about anybody who has trust can become one of these certificate authorities. So, I mean does that mean like, letstalkBitcoin with our listeners and all

this stuff could start issuing certificates to people based on, I mean like could we do that, would that work with this system? AR - Unfortunately I can't talk too much about that, that's a little lower level than I know, but what I will tell you is that it's intended to basically piggyback on the existing certificate authority system. So that any certificate authority whenever you go to any secure website, HTTPS and you don't get an error showing up there, it's because there's a certificate authority somewhere, some company that has vouched for the identity of that website and technically you should be able to do the exact same thing with the payment protocol, is that merchants should be able to go and essentially get a signature from the same certificate authorities to vouch for their identity, however I know that it was also designed to be extensible so that you can have other webs of trust used. I don't know that much about how easily they'll be used but I know that I have brought up some of my own used cases for authenticating merchants which we plan to do at some point and we were told that it is extensible for that, and that's one of the reasons why I got one of my guys looking at that now figuring out how to implement and how to extend it to do what we need it to do. AD - So Armory will support payment protocol at some point in the future then? AR - Yes AD - Well the time always flies AR, but can you share with us the plans that Armory technologies for the longer term development of your product and I mean, is this going to be the only product that Armory technologies develops? Or will there be others. AR - So, we definitely have plans for developing a mobile app, not just an app separated from everything else, I mean we want to have kind of a continuous system where all of your devices are aware of each other. And we have some ideas of how to do that so that you can have your wallet on your phone and you can have your wallet on your computer and you could have perhaps multi-signature, you have accounts that are shared by you and your wife or you and your friends or board of directors of a company kind of thing. This is all in the future, but we see it as all part of armory, armory itself is going to be simply expanding to absorb all of these new use cases. One of the big things we're working on is, we're going to do that hardware wallet integration, we want to be supporting those hardware wallets as soon as they come out. I don't know if we'll make it in time but shortly afterwards we'll have support for that. And you'll be able to go to the Trezor website and get a Trezor and it'll work natively with Armory, longer term we plan to innovate the multi signature transactions and we believe this is absolutely critical for bigger companies, more wealthy parties to get involved because as it stands the only way to use Bitcoin is with money that requires single signature to move and that's just too fragile for companies or individuals that are holding very large sums of money. They want separation of duties, the increased security of having to require multiple pieces to come together to move money and so far it looks like Armory will be the one to

innovate that. We're already the company that produces the product that people trust for security and that that's a very natural transition is to kind of innovate that aspect of things and give people access to this very valuable tool. AD - AR, if somebody wants to get involved with the project or download your software, what are the means to do that? AR - Well you can go to www.Bitcoinarmory.com in fact we got a new website so it looks snazzier, you can go to Bitcoinarmory.com on the front of the page there's a big orange button that says download now it's available for Windows, Linux and most of Mac, if you're on a Mac I can tell you that, flip a coin and if it comes up heads it'll work flawlessly for you, and if not you might have to wait. AD- Yeah, I actually wanted to ask about that, I tried to install that on a mac yesterday and I had mixed results, is that something that you're going to be focused on in the next couple months, I mean like is that like. AR - Yes, we actually have a couple leads on how to fix that issue, it's on the list we have some resources devoted to it so, it definitely works on Windows and Linux and it might work on your Mac, I'd say 50% of people report flawless, flawless functionality and the other 50% say that they can't even start it so if you're lucky you can use it on mac, a new version should be out soon, so if you're on a system that doesn't have as much RAM you can wait a little bit and we'll have a version for you soon. AD - Have you finished your hiring since getting funded, or are you still looking for any positions? AR - Actually no, we haven't finished the hiring, we have a pool of applicants, I guess I can use this opportunity to advertise that we wouldn't mind some more applicants who have a strong technical background and seriously committed to solving fun problems, we think that there's a lot of fun problems to be solved here and get on the bleeding edge of this emerging new technology and if that's the case if anyone out there has super hero developer status and you're looking to change jobs we'll be happy to entertain and you can send your resume to support@Bitcoinarmory.com or info@Bitcoinarmory.com. And we'll get in touch with you. At the moment we have about 4 or 5 people involved but we're still looking for a couple more. AD - AR Reiner founder and CEO of Armory Technologies, Once again thanks very much for joining us, and look forward to continuing to see your work! (Music Plays) Dr Murphy- Hi Stephanie here.

AS - Most commands are remote procedure commands so, Bitcoind gives you an abstracted API into the Bitcoin's ecosystem that's very easy to program against a vast majority of clients that sit on top of Bitcoind communicate with it using this simple API. Dr Murphy- AD hasn't read this yet but it says the RPC client code is eventually going to be removed from Bitcoind? AS- It's putting a separate executable so basically a lot of this is about modularizing and containing these things into their own systems, the problem is that right now Bitcoind is one big hairball of code. Let me clarify that. It started off as an enormous big hairball of code and has gradually been getting better and better in terms of modularity. This is great news because if you modularity these components it allows other systems to reimplement them to replace them or to only run the bits that they need, and that would spur lots of innovation. It also means that there's a lot less dependency on having the full and complete reference client for anything you need to do and will allow you to gradually perhaps move to a more multiplatform, multi client system. Dr Murphy- Okay that makes a lot of sense, I just have one more question, why would someone want to run the Bitcoin client without running a wallet? AS- Actually I run the Bitcoin client without a wallet all the time, for example if you're running a payment service you don't necessarily want the wallet on the node that's processing transactions from the outside which is facing the internet. You might actually have 2 Bitcoin implementations, one that's simply acting as a node on the network, passing information back and forth, it's your gateway into the network. An edge router as Gavin put it. The other thing is that the Bitcoind system is the defractal reference client for validating transaction, a transaction reaches consensus if all of the current versions of Bitcoind says it reaches consensus, so the only thing you need to know as a developer is whether consensus happen, does the Bitcoind thing like it? Great, then it's acceptable. That means you have to run Bitcoind to do all of the transaction validation but you don't always want the wallet on the same system for security reasons. This allows you to separate from a single teromonolithic application that does everything to making a multi tier application having an edge router with Bitcoind that only does node work, then you have an RPC client that's sitting further inside the network can only be accessed from internal systems, gives you a programmatic interface and then way in the back of the network protected with firewalls you have the wallet application that isn't running any of the other things and only handles wallet functions like signing transactions with keys, and that gives you three tiers you have nice separation of functions, it's good for security it's good for performance and it's good for scaling. AD - You can also kind of think about it like the way that Apple used to do their hardware relative to the PC market that we know today, right now the way that Bitcoind is set up, you can buy computer or no computer, but what we're moving towards is a system where you can, you know buy RAM, a different

monitor, or buy various things that allow you to take that technology and integrate it with something else or create something yourself and then build on top of it using the numbers that you want as opposed to just having the option of having all or nothing. AS - Yeah, the problem with the all or nothing, is really nothing isn't really an option because you can't do anything on the main network without referring to Bitcoind's validation capability. So effectively if you did anything you did everything, it was always all, and that was a problem. You had to take the Bitcoind and run everything in one place. And now most people would do that with an empty wallet which is better than having a wallet with money in it but it still means you're running all of the overhead of the code plus if there are bugs in that code you're now exposing that to the internet to be exploded. The less code you expose by turning it off, the better. AD - Plus for the average user, I mean, I run Armory wallet and I have to have a copy of the Satoshi client running in the background because it was simply so much easier for them to just use the existing client for that type of functionality connecting then it was to build it into their own system because there was a lot of complexity with that. Additionally, what they're talking about isn't the only implementation of Bitcoin out there. There's another one called libBitcoin that hasn't seen a lot of distribution but is in the final stages of development that Amir Taaki's been working on for the last two years that basically already does this, already has looked at the problem and has said, okay rather than having one monolithic, we're just going to build from the ground up the idea that all of these things are individual modular pieces that can be plugged together as you see fit, but that ultimately each one is it's own separate piece, so it's good to see the core development team catching up with this and moving in that direction too. AS - Yeah, and in fact it's really important because even if you have competing options which are more modular and better designed in order for these competing options to remain relevant they have to follow the main reference client in every quirk and every bug from every block from the Genesis block 0, in August of 2009 to today. Every bug that was ever in the client has to be replicated precisely so that you validate in exactly the same way and you arrive in the same consensus at the end of all of these blocks, that means that when you had to adopt the client and you had to adopt all of it or none of it, essentially it was killing innovation development of alternative clients because there was too much work to keep up with a moving target. Modularity will greatly, greatly help the cause of a multi client Bitcoin network. AD - AS, you know that bug comment that you made earlier where every bug has to be replicated because everything has to recon back to that one genesis block, is it possible to make retroactive changes to the Bitcoin system? Like if we wanted to effect transactions that happened a year ago, is that even possible? AS - Not really AD - Okay

AS - Well you could if you basically arrive at the consensus to ignore what's in the blockchain or ignore certain transactions, for example in the blockchain there are transactions that really shouldn't have been validated and shouldn't have ever made it into the blockchain, but because there was a bug in the client, they did. And now in order to validate that transaction in the future, you have to reintroduce that bug or simulate that bug in every future client, so that when it reaches that broken transaction it behaves exactly like the broken client did then, and accept it. So, you have to repeat the mistakes of the past in order to arrive at the same consensus of the present. That's a problem, we have to re-incorporate all the blogs. now another way of doing it is checkpointing. And this comes to the next topic in the list which is headers first parallel download chain sync, but essentially what we're looking at is summarizing parts of the blockchain and being able to operate faster with a smaller part of the blockchain so you don't have to replicate everything. AD- This one is entitled headers first parallel download in sync and there's some text here but the idea of headers first sync is to download the blockchain in two stages, one download just headers from your peers which is very quick because each block header is just 80 bytes and two, once you have got one or more chains of block headers pick the one with the most proof of work and then fetch the full block for that chain. So basically this is trying to make the initial onboarding process where you download the Bitcoin client for the first time and you have to go through that, right now it's like a one or two day process depending on how fast your connection is to the network. DM - One or two week. AS - It's now several days because it's already reached 15 gig AD - oh, really? AS - Yep AD - So, that's what this is an attempt at right? Is it's trying to take that initial problem of having such a huge amount of data that has to be downloaded before a user can even make their first transaction on an actual wallet that's on their computer. It's trying to make that a much faster experience that's much more efficient right? AS - Yes, I think the best way that I can describe this is that while Bitcoin's network looks much like the Bittorrent network because of the constraints of the blockchain the fact that in order to validate the block you have to have the previous block for it's hash, etc, etc. We haven't been able to fully exploit the Bittorrent like capabilities, you can't just go out and connect to 100 nodes and download the blockchain parallel from all of them. Because, you'll end up with multiple blockchains including ones that have been

orphaned and various other things, and you can't figure that out until you've downloaded everything, so what this proposal does is it allows you to incrementally download parts that are required for validation, the hash of the block header for example. And then not download the bulk of the transactions inside until later. That means you can validate all of the chains up to today in terms of consistency and continuity you still don't have all of the transactions that are in the past and you can then incrementally download those and you can get them from multiple clients because now you have one unbroken blockchain, you can just ask anybody for each one of the blocks. You know it's the true one and that means you can now start behaving a bit like Bittorrent, going out asking lots of nodes and getting a much increased bandwith of returned data, so this is great news and will greatly increase the speeds with which new full nodes will bootstrap with the blockchain and will be able to start processing things much faster. AD- In our current system we have then, there's no parallel downloading. Right now when you're downloading the blockchain for that first time you are literally downloading from a single node out there? AS - No, not necessarily from a single node, but you only download one block at a time, you start with block zero which is encoded in the source code of your client, you already know what block zero is, it's in every client it's coded statically in there. You start with block zero and you say okay. AD - It's chronological AS - It's chronological, you have to bootstrap, today what you would say is give me block one and you download the entire block with all of it's transactions, validate it and add it to your chain then download block 2, now you can say give me all the headers for all the blocks from 0 to blah, calculate the chain, and then start downloading the transactions later. And then you can potentially paralyze that function and seek out for many nodes, many different block simultaneously. It's like making the edges of the puzzle first, so then once you've got the edges of the puzzle and you know what shape and size it is, now you can start filling in the center much faster and you don't need to follow any specific pattern anymore. DM - Right, so this is different than what something like Electrum does which is kind of like pick a checkpoint and kind of sync the blockchain after that point, this is not ignoring portions of the blockchain it's basically just making the outline of the puzzle like you said. (Music Cues up) AS - Yes, and in fact the Electrum client is a lightweight client delegates it's processing to master nodes that have the full blockchain, it doesn't keep a copy of the entire blockchain, in fact it doesn't keep a copy of any part of the blockchain, just checkpoints. What this is is a full node but one that bootstraps faster, it's not a lightweight node.

AD - Thanks for listening to episode 55 of Lets Talk Bitcoin, content for today's show was provided by Stephanie Murphy, AS M Antonopoulos and AR Reiner, music was provided by Jared Rubins, any questions or comments? Email adam@letstalkbitcoin.com. See you next time!