Lets Talk Bitcoin

Episode 99- Sidechain Innovation

Original air date: April 8th, 2014
Participants:
Adam B. Levine - Host
Austin Hill - Cryptography entrepreneur; Co-founder of sidechain company (to be named)
Dr. Adam Back - Cryptographer; Inventor of hashcash; Co-founder of sidechain company
Adam B. Levine: Today is April 8th, 2014, and this is episode 99. This program is intended for
information and educational purposes only. Cryptocurrency is a new field of study consult
your local futurist, lawyer, and investment advisor before making any decisions whatsoever for
yourself. [0:18]
Welcome to Lets Talk Bitcoin, a twice-weekly show about the ideas, people, and projects
building the digital economy and the future of money. My name is Adam B. Levine, and today
weve got a long one. Back in December, Andreas sat down with Dr. Adam Back, creator of the
hashcash concept that Satoshi built Bitcoin on top of. One of the things that struck me about
that interview was the concerns held by Dr. Back over digital scarcity the idea that other
cryptocurrencies dilute the value of bitcoin by offering the same services but expanding the
supply of tokens able to perform that service. In other sectors, altcoins have been described as
the experimental laboratory of the cryptocurrency world. But what if you could have an altcoin
ecosystem that offered all the innovation, but was still at its core Bitcoin? I ran into Adam again
at the CoinSummit event along with long-time entrepreneur Austin Hill. Over our long
conversation they share their breakthrough, its implications, and what comes next. Enjoy the
show! [1:21]
Austin Hill: Im Austin Hill. Ive worn a bunch of hats, but first and foremost Im an entrepreneur.
I did a lot of work in the area of cryptography, privacy, anonymity, and electronic cash with a
company called Zero-Knowledge Systems that was started in 1997. It still exists, but we moved
away from a lot of the crypto in the dot-com crash. There was a period of time when I employed
pretty much a huge amount of the core cypherpunks, many of whom had done a lot of the early
work on electronic cash systems, including Adam [Back], who worked with me for four years.
[1:51]
And Adam [Back] recently came to me and started talking to me about a new project. He and a
few of the Bitcoin core developers had invented some new extensions to the blockchain. He
wanted my help to build a company around it and to really focus on the idea of a Blockchain 2.0
that was forward- and backward-compatible with the existing blockchain but could address a lot
of the issues of scalability, pace of invention, transaction throughput, multi-asset issuance, and
extensions to the smart contracts scripting language. -So he and I are doing this now, and were
working with a number of the core developers to make a new platform available that we feel will
be exciting to the community. [2:57]
Adam B. Levine: So when you say, to make a new platform available I remember the
interview that Adam Back did with Andreas Antonopoulos back in December, and there was talk
about, like, a test blockchain that could have features incorporated back into the primary one. Is
this the idea that youre talking about? [3:15]
Dr. Adam Back: Yes, thats the basis of it. At the time I was talking about a concept I came up
with early last year called a one-way peg. And since then, Gregory Maxwell proposed a two-way
peg between Bitcoin and a sidechain, which is even more interesting because with a one-way
peg youre slightly subject to market conditions and you can only really do it in the context of a
planned upgrade as a kind of Bitcoin-current vs. Bitcoin-beta and then a switch-over date (lets
say 18 months in the future) and being able to move coins forward into the new network and
backwards, either at market rate or via swapping with other people who want to get in. Now, a
two-way peg allows you (with a small change to the Bitcoin main [network]) to mathematically
peg between the main Bitcoin network and a sidechain network. So then that can be used in a
wider context, including ongoing alternative sidechains optimized for different purposes, and
there can actually be multiple sidechains which are competing on features. So for example, one
could have a larger block size (which may incur some centralization risk, potentially) but gets
higher transactions per second, and users would be able to unilaterally remove their coins from
it and put them back into the main Bitcoin chain. That would act as a backstop against
centralization risk. If you ran into the side-effect of centralization risk, you would have the last
resort of removing your coins, so it kind of insulates you from that risk. [4:51]
Adam B. Levine: My mind is expanding a little bit here and Im going to try and understand
what youre telling me. So what youre saying is that we can essentially have multiple chains
that are all Bitcoin, but they dont all have their own type of bitcoin, or rather, they dont all each
have their own money supply. The money supply can move from one chain to another,
wherever it has the most advantage for the person whos using it at that point. And then it can
move back again if its better used in another chain, is that right? [5:16]
Austin Hill: The key idea here is to protect the concept of digital scarcity and the 21 million
bitcoin limit. And so by linking chains, what we do is we essentially set bitcoin up as a
transactional currency for all the innovation and for all new assets. So you can potentially issue
shares in a sidechain and have a sidechain thats specifically designed around smart contracts
for shares, derivatives, [or] other types of issued assets. And theyre ultimately backed by
bitcoin, you can peg them to bitcoin. [5:55]
Dr. Adam Back: Right, so Bitcoin becomes Typically, various share-related cryptocurrency
ideas or math-based currencies, for example, Ripple has XRPs, Mastercoin has Mastercoins,
Ethereum has ethers, Colored Coin has nothing, right? Because Colored Coin is just
watermarking on top of bitcoin. (*Inaudible- microphone distortion*) scarcity race. I think its
fairer at this point I talked about this with Andreas a lot on my last interview, its fairer if we
just use the existing scarcity race because it was a surprise people for the first couple of
years didnt have a strong reason to suppose that Bitcoin would succeed and it would bootstrap
to a stable value (some volatility, but still a stable, persistent value). Now if you start a new
scarcity race, its a known quantity that youre hoping strongly that that process is going to get
repeated. And each time you have a new scarcity race it creates an interoperability silo your
only way to get into there or to write contracts against it is, at market, swapping coins between
different networks. [7:00]
So by pegging to bitcoin, it turns out that its possible to have sidechains with additional features
faster transactions, more transaction per second, direct support for issued assets, smart
contracts, extended smart contracts all while using bitcoin itself as the transactional currency.
We feel thats a neutral choice. Its the main choice right now, and its a neutral choice. Its not
starting a cryptocurrency thats owned by one company, one project, a small group of
developers, or early speculators who, if the project succeeds, wildly will become exceedingly
rich. This is more of a neutral stance. So when people talk about building on top of TCP, I think
this is actually the way to do it, which is the interoperability using bitcoins themselves (existing
bitcoins from the bitcoin network) and being able to move them. The example would be I
have a bitcoin I bought on the Bitcoin network. I want to use it for small payments (to buy a cup
of coffee or that kind of thing) from my smartphone. I move it into a sidechain which has a larger
block and so more transactions per second. And when I finish with that I move the change back
into the main Bitcoin network, and then I move it into a different sidechain because I want to
make some investments ([e.g.,] buy some bitcoin-denominated derivative against U.S. dollars or
buy some electronic shares or something like that). So you can use bitcoin as an
interoperability level, moving them across the pegs, basically. And it allows open innovation in a
neutral sense without adding to new scarcity races. [8:54]
Adam B. Levine: Weve recently seen a fairly popular altcoin, Auroracoin, come under a 51%
time warp attack, and this is because the amount of hashing power in the network dropped off
and it was relatively easy for a malicious mining group to go in there and mess up their day. So
when youre talking about adding additional sidechains, do these sidechains get all the security
of the main Bitcoin chain? Or do they each need to be mined, whether through a merged-mining
process or through something separate? Are there security implications here? is the question.
[9:24]
Austin Hill: A large part of what were doing is building the infrastructure so that these
sidechains can come online and take full advantage of the global hash rate through things like
merged mining. But with some additional extensions because theres some core services that
you want. For instance, good PKI for the registry, digitally signing for new asset issuers and
sidechains, clear disclosure. If people are able to move bitcoins in and out of these networks, it
should be obvious to a number of the wallets out there what these sidechains are, what are the
properties of the sidechains, so when you get an asset from that sidechain the wallets are
aware. -So theres a lot of really important infrastructure that needs to be done. But a key part of
that is making sure that (*inaudible- microphone distortion*) we dont see a justification for a
lot of these altcoins switching out the proof-of-work. Aside from Adams contribution in inventing
hashcash, it ignores close to 200, 250 million dollars worth of ASICs, hardware, and data
centers, that Bitcoin is self-funded as a platform for verification. The idea of trying something
new and trying to bootstrap a new global hash rate infrastructure we think is kind of pointless. It
makes a lot more sense to use whats out there, very similar to how Namecoin has achieved 85
or 90% of the Bitcoin hash rate through merge mining, you can do the same thing. But there are
supporting services that need to be built for the ecosystem to be trusted. [10:57]
Adam B. Levine: If this had happened nine months ago, it would have been a whole new slew
of innovative features that Ive just heard you list. But now it kind of comes against a backdrop
of some competition moving into the space. I wonder, what does this do to protocols that have
been building on top of Bitcoin? Does this obsolete their approach? Is this just the way that
everybody should be doing everything when it comes to these things? [11:17]
Dr. Adam Back: I think its a preferable approach because its an interoperable approach. You
can move money around and interoperate between different networks, different sidechains.
People like to talk about this TCP analogy, usually quite inaccurately. For example, that theyre
going to build on top of Bitcoin by sending messages that are actually watermarked bitcoin
transactions, and that doesnt really make sense because with TCP youre sending user
messages on top of TCP/IP but thats a point-to-point communication link. If you send it over the
Bitcoin network, its an n-squared broadcast, and the things that go on the Bitcoin network
should be strictly the minimum amount of data necessary to ensure the Bitcoin properties that
the value of transfer can be tracked, the smart contracts can be evaluated (the smart contracts
like multi-sig and so on). It should be minimal data. Any data about this is my email address,
or this is a receipt, or a description of a product, all that kind of thing doesnt belong on the
Bitcoin network and thats what the payment protocol is for. The payment protocol is point to
point between people, and when the payment protocol is done, the transaction purpose
message gets broadcast onto the Bitcoin network. -So I think some of the people who are
talking about building on top of Bitcoin are doing it in a naive way which is likely to cause
disruption for Bitcoin. For example, even Colored Coin, which is quite neutral and cleantheres
no additional scarcity race attached to it [has] scalability issues because if the share trading
involving Colored Coin reached a significant level, it could saturate the Bitcoin network. Right
now Bitcoin is transaction-limited around seven transactions per second, and while the block
size could be increased, increasing the block size tends to incur centralization risk because you
need high-speed links, data center-grade bandwidth to keep up if that gets too large. [13:24]
Austin Hill: When Adam worked with me in the 90s, he had shown me some work he did
(which was essentially Colored Coins) with David Chaums E-cash server. He had come up with
the idea of coloring DigiCash coins and watermarking them. Even last year he still thought it
was the best approach to add extensions. But then we started to look at the ecosystem and saw
with SPB wallets ColoredCoins dont work with SPB wallets and we do live in a world where
mobile phones are a predominant device. If Bitcoins going to reach its full potential of
interacting with billions of people, Colored Coins just doesnt work in that scenario because you
cant have a full node on a smartphone. [14:11]
On top of which, no one had really contemplated How will this capability of watermarking
work? If two different people want to register that a coin is blue, and one person thinks that
means its a share and another person [thinks that] means its a copyright registration, and they
both encode it blue, whos the ultimate arbiter? -So there were ideas, but no one had really
thought out How do Color Coins work in the Bitcoin ecosystem with SPB-aware clients, with
some sort of asset registry? Whether you do that on a distributed basis like Namecoin does, or
you do it in a centralized PKI digitally-signed registry service, there needs to be supporting
infrastructure to make something like that work. And no one had really thought about that. I think
everyone got enamored with the idea of Colored Coins and kind of ran off and said, Lets just
watermark a bunch of things. [15:05]
So Adam, after looking at it, really abandoned that idea and focused on How can we allow for
some of the properties of native marketing, of new asset issuance, extensions to the scripting,
[and] build on a neutral platform? The principles for our new project are principles derived right
from Bitcoin: permission-less innovation, decentralize wherever possible, decentralized and
distributed. And one of the core principles (well be releasing this in more detail once we
announce the name of the project and some of the people involved), but the founding
principle When I flew out to work with Adam after he came to recruit me out of retirement, he
literally came and knocked me on the head and said, Pay attention to Bitcoin. I had played
with it, but I had spent almost four million dollars trying to develop electronic cash so I still had
some battle scars (*laughter*). I was kind of like, Im glad someone did it, but Im not sure if I
really want to get back in that game. Adam came and knocked me on the head and said,
Austin, you need to pay attention to Bitcoin. And once I did and saw what he saw, I flew out
and we spent a week in a boardroom together just mapping out an ecosystem that I really
wanted to get involved [in] and help build. And the number one principle we wrote down on the
board was Cant Be Evil. Thats an important distinction from some of the other people who
have tried to adhere to principles, and is very inspired by what we did at Zero-Knowledge. We
believed in cryptographic systems whereby trust wasnt earned because we were good guys,
but trust was based off the protocols, the white paper, and the cryptography, where we were not
asking for trust. [16:53]
ADVERTISEMENT:
This is Chris Joseph, bringing you news on Nxt for April 8th, 2014. It was a bright, cold day in
April, and the clocks were striking thirteen. The opening sentence of George Orwells 1984
holds as much significance for Nxts creator as the number twenty-one does and on April 4th,
the third and final part of BCNxts essay on Nxt was released. BCNxt has left the Nxt
community, and is no longer responsible for its future direction. In his message, BCNxt says that
Nxt will fail unless the community rallies behind it and keeps it running. He argues that
mathematical algorithms are not sufficient to immortalize Bitcoin or Nxt because math cannot
account for the imperfection of humanity. BCNxt says that Bitcoin and Nxt are stepping-stones,
and that his main project will be released in the future, under his own name. You can read
BCNxts full message (all three parts) on the Nxt wiki at www.wiki.nxtcrypto.org. For more
general information on Nxt, head to www.nxtcrypto.org or www.mynxt.org. And stay tuned for
more news on Nxt in the next Lets Talk Bitcoin broadcast. [17:57]
Adam B. Levine: It sounds to me like what youre saying is that the protocols and the projects
that weve seen to this point are one of two categories. You can think of them either like new
species/derivative spin-offs that are derived from Bitcoin but that dont really add much to it; and
then on the other side, youve got structures that build on top of Bitcoin and try to add more to it.
It just sounds to me like youre saying that blockchain technology, at least in its current
incarnation, doesnt really scale that well vertically and so we need to be very concerned for
efficiency reasons. Therefore it makes sense, rather than building everything into one Bitcoin,
instead we make a hundred Bitcoins or a thousand Bitcoins that all are able to interoperate with
each other. And so therefore we have a lot of redundancy in the system if one or multiples of
them fail, right? [18:48]
Dr. Adam Back: Mainly the idea is that at the moment its partly a technological innovation and
the progress of it. Lots of people seem to be interested in the potential for issued assets and
smart contracts. They can see that that could be a very interesting thing for the future and that
you can do programmable trust, trust-less escrow, and other kinds of innovations built on top of
it. -But the question is, Okay, how do you do that? If youd asked most people early last year
how you do that, Colored Coin was the answer. Then we had the ultimate shares like BitShares,
Ethereum, [and] Mastercoin coming in and adding other stories between Colored Coin. They
were like separate networks, or networks based on watermarking on top of the Bitcoin network.
[19:02]
I think the pegging analogy is the next step of technological improvement, which allows you to
get the effects they were after and reach the objectives that people are interested in, but in an
interoperable way. It is building on top of Bitcoin and its not starting a new thing. Its directly
interoperable with Bitcoin, but in a way which doesnt result in basically spamming or
watermarking bitcoin transactions so that every single share transaction, or bid, or ask, ends up
being a message on top of Bitcoin and saturating Bitcoin. It turns out you dont need to do that;
you can make a sidechain which is pegged to Bitcoin. So youre still dealing with real bitcoins
with no counterparty risk and theres no escrow agent holding your bitcoin. Your bitcoin is just
able to move between networks which are tied in the sense of being merge mined. And then
people can do their innovation in an interoperable way. [20:32]
I think the loose analogy would be, in the early days of TCP/IP if every time somebody wanted
to make media streaming, web pages, [or] online shopping, [then] each time they made a fork of
the TCP protocol, changed a few parameters so that it was an incompatible network, and said,
Great, weve done online shopping. And then youd find out that none of these things talk to
each other and youd have to pull them out and put them back in again to even achieve
anything. -So you get a network effect by having interoperable systems. If we can have different
people innovating on different aspects micropayments, online shares, high frequency trading
[and] to do all these things in different networks but that are open networks, [then] we
preserve the freedom to innovate and [be] fully interoperable at the Bitcoin level across two-way
pegs. I think we kind of get the best of both worlds we get the open freedom to innovate and
we avoid the silo effect where each network is separate. And we avoid these kinds of possibly
self-defeating, selfish new share issuance situations that some things end up being built on.
[21:44]
Austin Hill: Part of whats critical about this is, for the community as a whole, we dont want to
see another Mt.Gox happen. And it wasnt only Mt.Gox. Exchanges have had an incredibly high
failure rate, either to theft, incompetence, or internal malfeasance. We need to see the entire
infrastructure. Although there are new players in the industry who are standing up and saying,
Were doing security audits, or Were investing more in security and were doing things
different, theyre still operating off-blockchain on a trust-me model, usually holding private
keys or security in a trusted entity. We need to extend the trust-less infrastructure of the
blockchain to more parts of the ecosystem. But you can only do that if the blockchain can
actually scale to have more of every interaction dependent on the blockchain. Because some of
the exchanges, for instance, internally were doing more than seven transactions per second.
And so, aside from how they designed themselves, there was a very practical limit to what they
could do on the blockchain. It became just easier for everyone to do things off-blockchain, and
that leads to an IOU situation where you dont own your bitcoins, you just agree that someone
promises not to run away with them. And thats not good for this ecosystem. [23:08]
Dr. Adam Back: Its actually not really using the features of Bitcoin. What Bitcoin and smart
contracts offer is the ability to build infrastructure, services, exchanges, payment-processors, to
build all these ecosystem components in a decentralized way, in such a way that you can get
service without having to trust the service operator. As I see it, that is the interesting new
property of smart contracts and the Bitcoin model. And almost all of the system players are not
using it. Partly thats because its more complicated and they were just trying to do some simple
Web 2.0 stuff, but its also (as Austin said) somewhat an artifact of the transaction rate limit. So
if we can get sidechains running that can support higher transaction rates and avoid the
centralization risk by the ability to remove coins back to the other network, you should be able to
build, for example, a bitcoin exchange which doesnt hold your coins. It is possible for the users
to atomically swap coins using an atomic swap property (which is a known property but not very
widely used). And then the exchange can just be matching orders. That can basically remove
the need for audit. Audit is after-the-fact reactive. If wed had audits every six months on
Mt.Gox, that doesnt necessarily mean that the situation would have been avoided because the
situation probably arose within a six month interval. The point of Bitcoin is that you have real-
time audit, basically, that if someone tries to do something outside of the smart contract (like to
have an exchange that tries to take the money, or you agree to an order [and] somebody [tries]
not to fulfill their part of it), its a priori prevented and real-time audited so that at the end of the
transaction, you know whats happened rather than finding out six months later that an
exchange lost all its money. By architecting these things in a way where you dont have to trust
them, you can basically trade with air gaps (like offline wallets, hardware wallets, Armory
wallets, [and the] Armory offline wallet) on the user side. And also the server, if its hacked, it
doesnt really have any assets at play. As long as you spot check the prices that youre agreeing
to, theres not really that much bad that will happen in this model if an exchange is
compromised. [25:41]
Adam B. Levine: The exchange never has your keys. They just handle the order matching
now, in this paradigm. Is that right? [25:45]
Dr. Adam Back: Thats right. [25:47]
Austin Hill: Thats right. They can compete on marketing, on building liquidity, and volume.
They can compete on customer service, regulatory compliance (based off the new IRS ruling,
making it easier for you to file your taxes). (laughter) Theres a whole bunch of things they can
innovate on. But the basic security model isnt, Trust us with your assets. Its Trust us to
deliver a great marketplace where you can find the best liquidity and the fastest and best
customer service. But you never need trust us with your assets. [26:20]
Adam B. Levine: I think I mentioned this to you, I have like ten projects that Im consulting on
that are all in the user-created-asset space. Theyre on a variety of the projects that were out
there. I dont pick favorites, I dont pick teams on this stuff Im looking for the best solutions.
So is this a solution that is available or will be available in the near future? And if I have these
ten projects some of which are like Kickstarter-type tokens, others are more like IPOs or
equity sort of things, and some are charity projects would each one of these get its own
chain? Would I launch a chain for all of my projects? Would I use a specific chain that youre
thinking is going to be out there? How would this work? [27:01]
Austin Hill: (inaudible- microphone distortion) We have focused for the last two months on the
core science. We gathered a number of the Bitcoin core developers from around the world,
many of whom hadnt even met each other. We set up a house in California where they all came
and collaborated (some of them lived in the house). A number of them came into the we were
calling it the Bitcoin Mansion, it wasnt a mansion but it was a big house. A lot of them came
into the Bitcoin Mansion and said, This is not possible. We dont believe in this approach. The
ability to do a two-way peg and retain all the properties and build the security firewall around
Bitcoin is impossible. Weve now proven it is [possible]. Weve gotten sign off and support from
a lot of the Bitcoin core developers. -But even that change is going to require some time
because theres a community at-large that needs to understand it, theres a proving period that
needs to be there, and these guys are incredibly overlooked, unfortunately, by the ecosystem
that depends on them. Theyre volunteers by and large who are controlling some of the most
important code on the planet, I think. Next to Space Shuttle If we have a whole bunch of
space shuttles and space stations blowing up, it can ruin space exploration. If they [the Bitcoin
core developers] mess up, they can ruin math-based currencies or set them back incredibly far.
So they have to be very judicious and patient in adopting changes. [28:35]
Dr. Adam Back: Right. And that point tends to lead to contention. I saw it myself last year.
When I was talking to Andreas, I explained a whole bunch of ideas that Id come across and
some that Id invented myself that would make interesting new features for Bitcoin. And once
you get in that mindset of Okay this would be cool, it seems to work (inaudible-
microphone distortion) after a while they [the Bitcoin core developers] cant really afford to
entertain your pet project, even if its a very core project, because theyre protecting ten billion
dollars worth of assets. If they accidentally introduce a bug while adding your core feature, then
everybody will have a bad five years in the cryptocurrency space. So it means that innovation
on the core is actually slow. Literally, the pace of innovation is slow because its conservative,
and value preserving, and focused on robustness, fixing minor bugs, and very careful, gradual
change. -So the idea with a two-way peg The two-way peg itself requires a moderately-high
risk change to Bitcoin itself. So thats a bootstrap problem, that they have to evaluate this
change or set of changes and be very sure that its safe. But once thats done, it allows people
to do innovation on sidechains. Different people can explore different properties on different
sidechains. So if ZeroCash wants to do something, they could go do it on a sidechain. If
somebody in six months starts to have a big argument about increasing the block size, they can
go do that on a sidechain. And maybe the main Bitcoin network wants to even reduce the block
size to increase decentralization. If somebody wants to do something with changing the
contracting language, [or] explicit support for coloring (i.e., tagged issued assets, which are
SPB-compatible), they can do that on another sidechain. And people with different views about
what [the] contracting language should be can do that on different sidechains. -So it basically
frees up the space to allow open innovation more rapidly without creating risk for Bitcoin Main,
because the security firewall guarantees that if you elect to move coins into a sidechain, you are
exposed to bugs on that sidechain that affect value (obviously people will be very careful). But
the people with money in the main Bitcoin chain and other competing sidechains are unaffected
by that bug there is an absolute firewall. So the way that works is you can only move coins
back that have been moved out if somebody puts one bitcoin into an experimental sidechain
and something goes wrong and somebody takes it, well, they lost a bitcoin. But the main Bitcoin
network is unaffected and cant be affected. [31:30]
Adam B. Levine: The value of a bitcoin, regardless of what chain it currently resides on, is still
one bitcoin, right? The value does not float against other chains of Bitcoin? [31:38]
Dr. Adam Back: Right. Theres an actual implemented protocol where you can move the bitcoin
Youve got bitcoin on one chain, you want it onto another chain. Now for efficiency, when
theres sufficient market demand floating around, you might swap with somebody who wants to
move in the other direction. But you have the ability to actually move the bitcoin you possess
directly onto the other chain. [32:00]
Adam B. Levine: So this is a flexible money supply implementation then, yes? [32:05]
Dr. Adam Back: Its still fully preserving the twenty-one million [bitcoin] cap and the supply
function. Its only the main Bitcoin network that is mining and creating new coins. The other
sidechains are just repositories for coins so you can move bitcoins out of the main network, into
them, and back out. [32:22]
Adam B. Levine: Is there a financial motivation for someone to merge mine one of these if
theres no reward? [32:29]
Austin Hill: Good question. We believe there will be, but some of those details were not
exactly disclosing. Were in discussion with a lot of the large miners and mining pools on making
sure that they have good incentives and good reasons to merge mine this. There will be an
economic model that supports participation and follows a lot of the same model of Bitcoin. It just
wont be based off mining rewards, so obviously that leaves transaction fees. But there is a
transaction model that is flexible, thats market-based, that would allow each of these sidechains
to have their own innovations. Collectively all of them together can increase the transaction fee
revenue for people who are merge mining this. [33:15]
Adam B. Levine: I see. [33:17]
Austin Hill: And one of the other key points to remember is Whats great about this idea I
enjoyed looking at it from a large-scale, complex systems design, and emergent property
[perspective] is it will actually drive demand for bitcoin and increase the utilization of bitcoin.
Because now you have a whole bunch of other interesting assets or contracts that can be
written against bitcoin. And so you can imagine Weve had some discussions with some very,
very large financial institutions who are looking at volumes of transactions, contracts,
derivatives, and future options contracts that are orders of magnitude larger than the entire
bitcoin asset base. Huge. When you start to be able to embrace or extend the functionality to
include part of their asset base encoded in blockchain technology, you can start to see where
the demand for bitcoin will far outpace the availability and will ultimately drive up the price of
bitcoin, I believe. [34:29]
Dr. Adam Back: Right. So remembering that bitcoins price has a speculative part, which is
looking at the future potential utilization. But largely, bitcoins value is its utility value (the fact
that you can make transactions for flat fees and so on). Once somebody is able to bring to the
market an open network for supporting smart contracts against other assets, that opens up a
wider set of transaction types. So you would expect the transaction throughput to go up, the
dollar value being transacted to go up, and as bitcoin is the neutral transactional currency with
these sidechains, therefore the amount of bitcoin-denominated transactions goes up, which puts
up the utility value of bitcoin. [35:19]
ADVERTISEMENT:
Bitcoin Expo 2014, presented by the Bitcoin Alliance of Canada, is just a week away. The
conference will feature the key players behind Ethereum, CaVirtEx, Litecoin, Open
Transactions, Seans Outpost, CoinTalk, Mastercoin, Dark Wallet, CryptoKit, Blockchain.info,
QuickBT, Bitcoin Magazine, and many others. With special guest Andreas Antonopoulos as the
master of ceremonies. Bitcoin Expo 2014 Toronto, Canada, April 11th-13th. For tickets, visit
www.bitcoinexpo.ca. [36:10]
ADVERTISEMENT:
The BitGive Foundation is a non-profit, charitable giving organization, leveraging the power of
the Bitcoin community to improve public health and the environment worldwide. Help us
demonstrate the significant impact of bitcoin in addressing these critical issues on a global
scale. Support international giving in bitcoin. Please visit our website at
www.bitgivefoundation.org. Thats www.bitgivefoundation.org. [36:48]
Adam B. Levine: I definitely see the argument for value here. One question I have about
potential limits to innovation in a system like this since youre still utilizing Bitcoins mining,
that means that the block time should still remain at about ten minutes. And for some of these
decentralized trading applications like weve talked about in the past, that actually winds up
being kind of a long time because its the amount of time it takes between the time that you say,
Id like to do this action, and the time that the blockchain actually has included it and it actually
has happened. -So is there the ability to try faster block times, or is ten minutes the low-bound
limitation? [37:29]
Dr. Adam Back: You can potentially do different clocking tools on a sidechain,
counterintuitively, because when youre merge mining with, lets say, Namecoin as an example,
because Namecoin has a (inaudible- microphone distortion) of the hashrate, that means that
some Namecoin, when it blocks, are not Bitcoin blocks and vice-versa. So you can have a
different target, you can have smaller, faster blocks if you want. So it is possible within the
framework. [37:58]
Austin Hill: In addition to that, two of the members who are working on some of these ideas
with us have had some really great innovations around how to scale to hundreds of thousands
of transactions per second, while retaining all of the properties of a blockchain security model.
And those innovations will allow for high-frequency trading, very, very high-speed liquid markets
and exchanges, that are using blockchains security model and blockchain trust-less
infrastructures, but meet the business requirements that are necessary to do high volume. And
that is definitely part of our project scope is to make those platforms available for someone who
may come in and say, Hey I want to compete with Visa. I can see myself hitting twenty, thirty,
forty thousand transactions per second. Where am I going to process those and be able to get
instantaneous transaction verification without having to wait for the limits that are in the
blockchain? -So we believe that that is very possible while retaining the trust-less security
model of the blockchain. [39:18]
Adam B. Levine: Two questions left from my end. So is this a project that were going to see
results from in 2014? 2015? 2016? I know that the Bitcoin development team is rightly
conservative and so it seems like it might take a while to see this. And then the other thing is,
this sounds really exciting and this sounds great. What else should I be asking about that I
havent known to ask? [39:42]
Austin Hill: Well, Ill tackle the first one. Were right now combing our hair and putting on our
hats and our fancy ties (although we dont wear ties), but were getting ready to announce and
give some details to the project so that people who are interested can track the project, and
reveal it including announcing the name and whos on the team. That will be happening in the
next 60-90 days. So a very short term. And we are going to be releasing One of the principles
that we adopted from the cypherpunk principles is (and its one of the founding principles of the
project) something called we speak in code. We really want our products and our software
releases to speak. So well be releasing software very quickly that is necessary software for
bootstrapping this type of ecosystem. Theres a couple different parts of the existing blockchain
and Bitcoin ecosystem that have huge gaping problems that we can deliver immediate value
without needing to wait the 12, 18, or 24 months that it might take to get some of these changes
adopted in Bitcoin core. Some people are aware of these problems, but we feel that we can
deliver immediate value based off that. Get out there, start releasing very useful, open-source,
free software, some software stacks that other people can adopt in the ecosystem to secure
their users accounts and secure parts of the Bitcoin ecosystem that are operating on a trust-me
model. We think we can deliver a lot of value by helping them move to more of a trust-less
infrastructure. So were going to focus on doing that.
At the same time, were going to be investing very heavily were putting together a really good
team of cryptographers, programmers, working to support some of the volunteers in the Bitcoin
core community to provide them resources and allow them to really accelerate some of the
things that they know need to be done. Call it a criticism, call it a comment for the community,
you need to remember that most of these guys are volunteers. They have day jobs, they carry a
huge amount of weight on their shoulders. And they do it because they love the community and
they love the technology. They have not, I think, in many parts received a lot of support. The
community has come together and it pays Gavins salary and others, but a lot of these guys are
still volunteers. I think supporting them and providing them with more tools, more infrastructure,
more testers, more documentation resources, travel vouchers so they can actually get together
and meet face-to-face once in a while these are all things that were going to be doing, and
we hope the community will participate in that as we announce details of that. [42:44]
Dr. Adam Back: Yeah, I noticed at the CoinSummit conference that some of the ecosystem
players on the payment-processor side were asked a question from the audience about
supporting core development. Everybody in the Bitcoin ecosystem is relying on the Bitcoin D,
right? And they were asked in what way they were supporting that and if they would be able
to For example, if they have core developers or senior developers on their staff who are very
familiar with the Bitcoin protocol, have them contribute time to Bitcoin core testing, maintenance,
[and] development. And the answers were mostly aspirational. There were some actual
comments to suggest that their staff were already working on that, so I think thats good. But I
think that the business community should really step up and, in the Linux-like model, have
people on staff (as they can afford) who are working on the Bitcoin core because their entire
business model depends on the reliability and scalability of the Bitcoin network. [43:52]
Adam B. Levine: Im hearing a lot of people these days talking about Bitcoin 2.0. And Im very
curious here guys is what youre working on the real Bitcoin 2.0? [44:00]
Austin Hill: We are a blockchain technology company. Although I personally care for the
success of Bitcoin, its important to distinguish between bitcoin the asset and the blockchain as
a programmable, distributed, trust infrastructure. Were interested in blockchain 2.0. And
blockchain 2.0 using bitcoin as a neutral transactional currency we believe offers great promise.
But I want to build a blockchain that could support a nation state putting its national currency [on
the blockchain] and phasing out paper dollars. And theres a lot of reasons to do that
counterfeiting, utility value, conducting commerce in separate geographic distances, auditability,
trust. Theres a whole bunch of potential to reinvent our financial services infrastructure to better
serve humankind, and weve only begun that journey. Im interested in a platform that is
distributed, neutral, has all the principles and properties of Bitcoin, has embedded and imbued
in it the principle of Cant Be Evil, and allows the world to migrate into math-based assets and
math-based currencies. Thats going to take time. Were interested in building that blockchain
2.0. But doing it in a way that is an extension of the existing blockchain, not running off and
building our own alt ecosystem, pre-mining it, and watching Adam and I get rich off having the
first coins. Thats not our intent. [45:45]
Dr. Adam Back: Right, so no altcoin race attached to this. Its purely neutral, using the bitcoin
as the transactional currency. Austin was mentioning systemic risk issues. You can see with
bitcoin, if more business starts to move their accounting and business-to-business payments
into bitcoin, cryptocurrency-issued assets, and cryptocurrency-denominated national currencies,
you get the benefits of this zero trust [and] immediate auditability features. So if you are
receiving an insurance contract for your car from the insurance policy, and theyre about to
exceed their reinsurance limit, that would mean that your insurance policy would be immediately
failing the audit and be considered invalid by your client. So you can start to remove systemic
risks from the system and avoid Enron-like situations. Even in the long-term there would have to
be a number of iterations of smart contracting before we get to those kinds of things. But even in
the long-term you could imagine a national currency issued where they would have a smart
contract like an issuance contract that specifies their monetary policy [E.g.] theyre going to
have no more than 2% quantitative easing or may be subject to some internally-measurable
market metrics. And that applies to them. So even being that they have the key to issue more
coins in some redundant hardware air-gapped key manager, they would be physically unable to
bypass their monetary policy rules because their monetary policy rule is bound into the genesis
of the coin. And so all recipients of the coin would immediately reject them if they tried to exceed
their own monetary policy. I think that if we can get to a system like that, we can have real-time
auditing, agree to societal rules, and enforce them a priori rather than finding out six months or
twelve months later that somebody has hundreds of billions or trillions of dollars of undisclosed
assets and then you have an AIG or all of these cascading failures of the system. [48:04]
Austin Hill: I think one of the important things thats at ZeroKnowledge Its kind of funny
because a lot of history of ZeroKnowledge isnt as archived as todays media and internet
companies (YouTube didnt exist when we built ZeroKnowledge). But at the time we were very
thumb our nose at the face of authority. We were fighting the Edward Snowden-type battles.
The NSA and CIA tried to shut us down. We were on 60 Minutes advocating Crypto for all! Tear
down the System! And I think part of my own maturing process is when we started to realize
that may not be the best way to interact with these guys is Im coming for you, Im going to
burn down your system. The financial services industry, the people weve talked to, have real
problems themselves. We talked to a very large buy-side financial institution who literally has
hundreds of billions, if not trillions, of dollars worth of assets under management. And they said,
From a pure compliance point of view, we dont even understand our risk. Weve got entire
teams holding binders of contracts and systems and were trying to figure out how to even
understand what we own, what the risk is, and what the underlying asset is. So if you can help
us If [you] can digitize some of this, if [you] can have it be encoded in a way that we can
actually make representations for compliance reasons and for our own risk management, we
would welcome you in. So I think there are some opportunities to show both governments [and]
financial institutions that this technology is not about wiping them out or destroying their
business. This technology is about imbuing the entire ecosystem with verifiability, trust based off
distribution and math, and some real good foundation levels that they can then reinvent their
businesses. And yes, it will drive some competition in the industry and hopefully some more
efficiencies. But just like news and media organizations are readapting to the Internet and
learning new ways to rebuild their businesses, we want to encourage these people to look for
efficiencies. And those that do will be much more like the Netflixes of the future versus the
Blockbusters of the future. We want to help them figure out how to rebuild their businesses as
the Netflix, not the Blockbuster. And if they dont want to adapt, they face extinction. [50:38]
Dr. Adam Back: I just wanted to say another thing about this public auditability. A typical
objection to public auditability on a commercial basis is that companies and individuals do not
want their business model to be public knowledge. Their profit margin, their volume of trades,
their market movements You know if somebodys selling a large number of stock they like to
keep that to themselves and not have that readily available to the market. And so that tends to
present a barrier to the public auditability. Theyll say, Public auditability is nice, but weve got
to preserve commercial confidentiality. It turns out, you can have your cake and it eat [too]. Last
time when I was talking to Andreas I was explaining this concept of homomorphically encrypted
values. It turns out that you can have the blockchain validate that the inputs add up to the
outputs without disclosing the values involved. Theyre encrypted in such a way that addition still
works on them. And that actually at a lower level includes a zero-knowledge range proof. So
you can actually prove that an encrypted value A is less than an encrypted value B, or even
that an encrypted value A is less than a multiple of an encrypted value B. You can actually
use it to prove leverage ratios and things like that. -So you can do a lot of things in a way that
preserves commercial confidentiality and still have public auditability. I think theres really a
scope that we can preserve the traditional (and necessary even) financial privacy for individuals
and commercial sensitivity for companies while having full public auditability. [52:30]
Adam B. Levine: The way that you describe that makes me think of pseudonymous numbers,
right? Because they still represent real value but not their necessarily true identity, right?
[52:40]
Dr. Adam Back: Yeah, its kind of analogous. Youre just saying that I can see that two parties
engaged in a currency swap (or whatever kind of instrument theyre dealing in), their identities
are not apparent to me at the blockchain level. But they will have business records saying who
they bought it from, if theres ever a need to investigate that. [53:01]
Adam B. Levine: Right, it could be unwound. [53:03]
Dr. Adam Back: There are two networks involved in bitcoin- or blockchain-related transactions.
Theres the blockchain, the actual broadcast peer-to-peer network. Things that go on the peer-
to-peer network are byte-minimized because its a scarce resource. You dont send to that more
than you need to send to ensure the correct interpretation of the transaction. The auxiliary
information about nX509 certificate identifying the seller, a receipt and an invoice, all that kind of
stuff goes on the payment protocol level, which is point to point communication between the
buyer and the seller. And if one of them is a business they will be keeping business records. Or
if youre an individual you will be keeping your receipts so you can prepare your accounts at the
end of the year for taxation purposes. I think there is identity, but the identity is managed
between the parties of the transaction, not broadcast to the peer-to-peer network. Theres a
problem with Bitcoin that its so open that people do network flow analysis and figure out too
many things. [54:00]
Austin Hill: Yeah. [54:01]
Dr. Adam Back: So if we keep the identity out of it- its already bad enough without adding
identity to it. Going back to the value idea: Basically were saying that if you look at the Bitcoin
right now, the Bitcoin network flow analysis, you can see that this address paid to this address,
and probably this was changed, it went to this address. It preserves a different kind of privacy if
you can hide the value. So one example people give of that, why you need financial privacy, is
some people are paid their salary in bitcoin. Maybe you can figure out who this guy is because,
you know, he bought a pizza in the shop or he paid you back a small amount that he owed you,
or something. So you see an address. He shouldnt be reusing addresses, but still there are
links between them. So if he was paid his salary and the amount of the salary was encrypted,
you wouldnt know how much he was paid. And if he paid you personally ten dollars, you could
see that the change that he received plus ten dollars is equal to his salary for the month, but you
still dont know what his salary for the month is, you just know that he hasnt exceeded the value
of the transaction. [55:00]
Adam B. Levine: Guys, this is a really, really fascinating project. If people want to learn more
about it, it sounds like theyre going to have to wait a little bit. But are you looking for help or
applicants to help you build this thing out? [55:13]
Austin Hill: We will be launching a website with some information as well as some job postings
that were going to be doing, and well certainly reach out. For now, I think that if people keep
track of us on Twitter, Im @austinhill and Adam is @adam3us. If people keep watch of our
Twitter accounts we will be at least announcing the name of the project and the website in the
coming month. There will be at least a placeholder website where we release some more details
and list the jobs available. [55:48]
Adam B. Levine: Austin Hill, Dr. Adam Back, thank you very much for your time. [55:51]
Austin Hill: Thank you, Adam. [55:52]
CREDITS:
Adam B. Levine: Thanks for listening to episode 99 of Lets Talk Bitcoin. Content for todays
episode was provided by Adam Back, Austin Hill, and Adam B. Levine. Music for this episode
was provided by Jared Rubens and General Fuzz. Any questions or comments? Email
adam@letstalkbitcoin.com. See you next time! [56:13]