Original air date: April 8th, 2014 Participants: Adam B. Levine - Host Austin Hill - Cryptography entrepreneur; Co-founder of sidechain company (to be named) Dr. Adam Back - Cryptographer; Inventor of hashcash; Co-founder of sidechain company Adam B. Levine: Today is April 8th, 2014, and this is episode 99. This program is intended for information and educational purposes only. Cryptocurrency is a new field of study consult your local futurist, lawyer, and investment advisor before making any decisions whatsoever for yourself. [0:18] Welcome to Lets Talk Bitcoin, a twice-weekly show about the ideas, people, and projects building the digital economy and the future of money. My name is Adam B. Levine, and today weve got a long one. Back in December, Andreas sat down with Dr. Adam Back, creator of the hashcash concept that Satoshi built Bitcoin on top of. One of the things that struck me about that interview was the concerns held by Dr. Back over digital scarcity the idea that other cryptocurrencies dilute the value of bitcoin by offering the same services but expanding the supply of tokens able to perform that service. In other sectors, altcoins have been described as the experimental laboratory of the cryptocurrency world. But what if you could have an altcoin ecosystem that offered all the innovation, but was still at its core Bitcoin? I ran into Adam again at the CoinSummit event along with long-time entrepreneur Austin Hill. Over our long conversation they share their breakthrough, its implications, and what comes next. Enjoy the show! [1:21] Austin Hill: Im Austin Hill. Ive worn a bunch of hats, but first and foremost Im an entrepreneur. I did a lot of work in the area of cryptography, privacy, anonymity, and electronic cash with a company called Zero-Knowledge Systems that was started in 1997. It still exists, but we moved away from a lot of the crypto in the dot-com crash. There was a period of time when I employed pretty much a huge amount of the core cypherpunks, many of whom had done a lot of the early work on electronic cash systems, including Adam [Back], who worked with me for four years. [1:51] And Adam [Back] recently came to me and started talking to me about a new project. He and a few of the Bitcoin core developers had invented some new extensions to the blockchain. He wanted my help to build a company around it and to really focus on the idea of a Blockchain 2.0 that was forward- and backward-compatible with the existing blockchain but could address a lot of the issues of scalability, pace of invention, transaction throughput, multi-asset issuance, and extensions to the smart contracts scripting language. -So he and I are doing this now, and were working with a number of the core developers to make a new platform available that we feel will be exciting to the community. [2:57] Adam B. Levine: So when you say, to make a new platform available I remember the interview that Adam Back did with Andreas Antonopoulos back in December, and there was talk about, like, a test blockchain that could have features incorporated back into the primary one. Is this the idea that youre talking about? [3:15] Dr. Adam Back: Yes, thats the basis of it. At the time I was talking about a concept I came up with early last year called a one-way peg. And since then, Gregory Maxwell proposed a two-way peg between Bitcoin and a sidechain, which is even more interesting because with a one-way peg youre slightly subject to market conditions and you can only really do it in the context of a planned upgrade as a kind of Bitcoin-current vs. Bitcoin-beta and then a switch-over date (lets say 18 months in the future) and being able to move coins forward into the new network and backwards, either at market rate or via swapping with other people who want to get in. Now, a two-way peg allows you (with a small change to the Bitcoin main [network]) to mathematically peg between the main Bitcoin network and a sidechain network. So then that can be used in a wider context, including ongoing alternative sidechains optimized for different purposes, and there can actually be multiple sidechains which are competing on features. So for example, one could have a larger block size (which may incur some centralization risk, potentially) but gets higher transactions per second, and users would be able to unilaterally remove their coins from it and put them back into the main Bitcoin chain. That would act as a backstop against centralization risk. If you ran into the side-effect of centralization risk, you would have the last resort of removing your coins, so it kind of insulates you from that risk. [4:51] Adam B. Levine: My mind is expanding a little bit here and Im going to try and understand what youre telling me. So what youre saying is that we can essentially have multiple chains that are all Bitcoin, but they dont all have their own type of bitcoin, or rather, they dont all each have their own money supply. The money supply can move from one chain to another, wherever it has the most advantage for the person whos using it at that point. And then it can move back again if its better used in another chain, is that right? [5:16] Austin Hill: The key idea here is to protect the concept of digital scarcity and the 21 million bitcoin limit. And so by linking chains, what we do is we essentially set bitcoin up as a transactional currency for all the innovation and for all new assets. So you can potentially issue shares in a sidechain and have a sidechain thats specifically designed around smart contracts for shares, derivatives, [or] other types of issued assets. And theyre ultimately backed by bitcoin, you can peg them to bitcoin. [5:55] Dr. Adam Back: Right, so Bitcoin becomes Typically, various share-related cryptocurrency ideas or math-based currencies, for example, Ripple has XRPs, Mastercoin has Mastercoins, Ethereum has ethers, Colored Coin has nothing, right? Because Colored Coin is just watermarking on top of bitcoin. (*Inaudible- microphone distortion*) scarcity race. I think its fairer at this point I talked about this with Andreas a lot on my last interview, its fairer if we just use the existing scarcity race because it was a surprise people for the first couple of years didnt have a strong reason to suppose that Bitcoin would succeed and it would bootstrap to a stable value (some volatility, but still a stable, persistent value). Now if you start a new scarcity race, its a known quantity that youre hoping strongly that that process is going to get repeated. And each time you have a new scarcity race it creates an interoperability silo your only way to get into there or to write contracts against it is, at market, swapping coins between different networks. [7:00] So by pegging to bitcoin, it turns out that its possible to have sidechains with additional features faster transactions, more transaction per second, direct support for issued assets, smart contracts, extended smart contracts all while using bitcoin itself as the transactional currency. We feel thats a neutral choice. Its the main choice right now, and its a neutral choice. Its not starting a cryptocurrency thats owned by one company, one project, a small group of developers, or early speculators who, if the project succeeds, wildly will become exceedingly rich. This is more of a neutral stance. So when people talk about building on top of TCP, I think this is actually the way to do it, which is the interoperability using bitcoins themselves (existing bitcoins from the bitcoin network) and being able to move them. The example would be I have a bitcoin I bought on the Bitcoin network. I want to use it for small payments (to buy a cup of coffee or that kind of thing) from my smartphone. I move it into a sidechain which has a larger block and so more transactions per second. And when I finish with that I move the change back into the main Bitcoin network, and then I move it into a different sidechain because I want to make some investments ([e.g.,] buy some bitcoin-denominated derivative against U.S. dollars or buy some electronic shares or something like that). So you can use bitcoin as an interoperability level, moving them across the pegs, basically. And it allows open innovation in a neutral sense without adding to new scarcity races. [8:54] Adam B. Levine: Weve recently seen a fairly popular altcoin, Auroracoin, come under a 51% time warp attack, and this is because the amount of hashing power in the network dropped off and it was relatively easy for a malicious mining group to go in there and mess up their day. So when youre talking about adding additional sidechains, do these sidechains get all the security of the main Bitcoin chain? Or do they each need to be mined, whether through a merged-mining process or through something separate? Are there security implications here? is the question. [9:24] Austin Hill: A large part of what were doing is building the infrastructure so that these sidechains can come online and take full advantage of the global hash rate through things like merged mining. But with some additional extensions because theres some core services that you want. For instance, good PKI for the registry, digitally signing for new asset issuers and sidechains, clear disclosure. If people are able to move bitcoins in and out of these networks, it should be obvious to a number of the wallets out there what these sidechains are, what are the properties of the sidechains, so when you get an asset from that sidechain the wallets are aware. -So theres a lot of really important infrastructure that needs to be done. But a key part of that is making sure that (*inaudible- microphone distortion*) we dont see a justification for a lot of these altcoins switching out the proof-of-work. Aside from Adams contribution in inventing hashcash, it ignores close to 200, 250 million dollars worth of ASICs, hardware, and data centers, that Bitcoin is self-funded as a platform for verification. The idea of trying something new and trying to bootstrap a new global hash rate infrastructure we think is kind of pointless. It makes a lot more sense to use whats out there, very similar to how Namecoin has achieved 85 or 90% of the Bitcoin hash rate through merge mining, you can do the same thing. But there are supporting services that need to be built for the ecosystem to be trusted. [10:57] Adam B. Levine: If this had happened nine months ago, it would have been a whole new slew of innovative features that Ive just heard you list. But now it kind of comes against a backdrop of some competition moving into the space. I wonder, what does this do to protocols that have been building on top of Bitcoin? Does this obsolete their approach? Is this just the way that everybody should be doing everything when it comes to these things? [11:17] Dr. Adam Back: I think its a preferable approach because its an interoperable approach. You can move money around and interoperate between different networks, different sidechains. People like to talk about this TCP analogy, usually quite inaccurately. For example, that theyre going to build on top of Bitcoin by sending messages that are actually watermarked bitcoin transactions, and that doesnt really make sense because with TCP youre sending user messages on top of TCP/IP but thats a point-to-point communication link. If you send it over the Bitcoin network, its an n-squared broadcast, and the things that go on the Bitcoin network should be strictly the minimum amount of data necessary to ensure the Bitcoin properties that the value of transfer can be tracked, the smart contracts can be evaluated (the smart contracts like multi-sig and so on). It should be minimal data. Any data about this is my email address, or this is a receipt, or a description of a product, all that kind of thing doesnt belong on the Bitcoin network and thats what the payment protocol is for. The payment protocol is point to point between people, and when the payment protocol is done, the transaction purpose message gets broadcast onto the Bitcoin network. -So I think some of the people who are talking about building on top of Bitcoin are doing it in a naive way which is likely to cause disruption for Bitcoin. For example, even Colored Coin, which is quite neutral and cleantheres no additional scarcity race attached to it [has] scalability issues because if the share trading involving Colored Coin reached a significant level, it could saturate the Bitcoin network. Right now Bitcoin is transaction-limited around seven transactions per second, and while the block size could be increased, increasing the block size tends to incur centralization risk because you need high-speed links, data center-grade bandwidth to keep up if that gets too large. [13:24] Austin Hill: When Adam worked with me in the 90s, he had shown me some work he did (which was essentially Colored Coins) with David Chaums E-cash server. He had come up with the idea of coloring DigiCash coins and watermarking them. Even last year he still thought it was the best approach to add extensions. But then we started to look at the ecosystem and saw with SPB wallets ColoredCoins dont work with SPB wallets and we do live in a world where mobile phones are a predominant device. If Bitcoins going to reach its full potential of interacting with billions of people, Colored Coins just doesnt work in that scenario because you cant have a full node on a smartphone. [14:11] On top of which, no one had really contemplated How will this capability of watermarking work? If two different people want to register that a coin is blue, and one person thinks that means its a share and another person [thinks that] means its a copyright registration, and they both encode it blue, whos the ultimate arbiter? -So there were ideas, but no one had really thought out How do Color Coins work in the Bitcoin ecosystem with SPB-aware clients, with some sort of asset registry? Whether you do that on a distributed basis like Namecoin does, or you do it in a centralized PKI digitally-signed registry service, there needs to be supporting infrastructure to make something like that work. And no one had really thought about that. I think everyone got enamored with the idea of Colored Coins and kind of ran off and said, Lets just watermark a bunch of things. [15:05] So Adam, after looking at it, really abandoned that idea and focused on How can we allow for some of the properties of native marketing, of new asset issuance, extensions to the scripting, [and] build on a neutral platform? The principles for our new project are principles derived right from Bitcoin: permission-less innovation, decentralize wherever possible, decentralized and distributed. And one of the core principles (well be releasing this in more detail once we announce the name of the project and some of the people involved), but the founding principle When I flew out to work with Adam after he came to recruit me out of retirement, he literally came and knocked me on the head and said, Pay attention to Bitcoin. I had played with it, but I had spent almost four million dollars trying to develop electronic cash so I still had some battle scars (*laughter*). I was kind of like, Im glad someone did it, but Im not sure if I really want to get back in that game. Adam came and knocked me on the head and said, Austin, you need to pay attention to Bitcoin. And once I did and saw what he saw, I flew out and we spent a week in a boardroom together just mapping out an ecosystem that I really wanted to get involved [in] and help build. And the number one principle we wrote down on the board was Cant Be Evil. Thats an important distinction from some of the other people who have tried to adhere to principles, and is very inspired by what we did at Zero-Knowledge. We believed in cryptographic systems whereby trust wasnt earned because we were good guys, but trust was based off the protocols, the white paper, and the cryptography, where we were not asking for trust. [16:53] ADVERTISEMENT: This is Chris Joseph, bringing you news on Nxt for April 8th, 2014. It was a bright, cold day in April, and the clocks were striking thirteen. The opening sentence of George Orwells 1984 holds as much significance for Nxts creator as the number twenty-one does and on April 4th, the third and final part of BCNxts essay on Nxt was released. BCNxt has left the Nxt community, and is no longer responsible for its future direction. In his message, BCNxt says that Nxt will fail unless the community rallies behind it and keeps it running. He argues that mathematical algorithms are not sufficient to immortalize Bitcoin or Nxt because math cannot account for the imperfection of humanity. BCNxt says that Bitcoin and Nxt are stepping-stones, and that his main project will be released in the future, under his own name. You can read BCNxts full message (all three parts) on the Nxt wiki at www.wiki.nxtcrypto.org. For more general information on Nxt, head to www.nxtcrypto.org or www.mynxt.org. And stay tuned for more news on Nxt in the next Lets Talk Bitcoin broadcast. [17:57] Adam B. Levine: It sounds to me like what youre saying is that the protocols and the projects that weve seen to this point are one of two categories. You can think of them either like new species/derivative spin-offs that are derived from Bitcoin but that dont really add much to it; and then on the other side, youve got structures that build on top of Bitcoin and try to add more to it. It just sounds to me like youre saying that blockchain technology, at least in its current incarnation, doesnt really scale that well vertically and so we need to be very concerned for efficiency reasons. Therefore it makes sense, rather than building everything into one Bitcoin, instead we make a hundred Bitcoins or a thousand Bitcoins that all are able to interoperate with each other. And so therefore we have a lot of redundancy in the system if one or multiples of them fail, right? [18:48] Dr. Adam Back: Mainly the idea is that at the moment its partly a technological innovation and the progress of it. Lots of people seem to be interested in the potential for issued assets and smart contracts. They can see that that could be a very interesting thing for the future and that you can do programmable trust, trust-less escrow, and other kinds of innovations built on top of it. -But the question is, Okay, how do you do that? If youd asked most people early last year how you do that, Colored Coin was the answer. Then we had the ultimate shares like BitShares, Ethereum, [and] Mastercoin coming in and adding other stories between Colored Coin. They were like separate networks, or networks based on watermarking on top of the Bitcoin network. [19:02] I think the pegging analogy is the next step of technological improvement, which allows you to get the effects they were after and reach the objectives that people are interested in, but in an interoperable way. It is building on top of Bitcoin and its not starting a new thing. Its directly interoperable with Bitcoin, but in a way which doesnt result in basically spamming or watermarking bitcoin transactions so that every single share transaction, or bid, or ask, ends up being a message on top of Bitcoin and saturating Bitcoin. It turns out you dont need to do that; you can make a sidechain which is pegged to Bitcoin. So youre still dealing with real bitcoins with no counterparty risk and theres no escrow agent holding your bitcoin. Your bitcoin is just able to move between networks which are tied in the sense of being merge mined. And then people can do their innovation in an interoperable way. [20:32] I think the loose analogy would be, in the early days of TCP/IP if every time somebody wanted to make media streaming, web pages, [or] online shopping, [then] each time they made a fork of the TCP protocol, changed a few parameters so that it was an incompatible network, and said, Great, weve done online shopping. And then youd find out that none of these things talk to each other and youd have to pull them out and put them back in again to even achieve anything. -So you get a network effect by having interoperable systems. If we can have different people innovating on different aspects micropayments, online shares, high frequency trading [and] to do all these things in different networks but that are open networks, [then] we preserve the freedom to innovate and [be] fully interoperable at the Bitcoin level across two-way pegs. I think we kind of get the best of both worlds we get the open freedom to innovate and we avoid the silo effect where each network is separate. And we avoid these kinds of possibly self-defeating, selfish new share issuance situations that some things end up being built on. [21:44] Austin Hill: Part of whats critical about this is, for the community as a whole, we dont want to see another Mt.Gox happen. And it wasnt only Mt.Gox. Exchanges have had an incredibly high failure rate, either to theft, incompetence, or internal malfeasance. We need to see the entire infrastructure. Although there are new players in the industry who are standing up and saying, Were doing security audits, or Were investing more in security and were doing things different, theyre still operating off-blockchain on a trust-me model, usually holding private keys or security in a trusted entity. We need to extend the trust-less infrastructure of the blockchain to more parts of the ecosystem. But you can only do that if the blockchain can actually scale to have more of every interaction dependent on the blockchain. Because some of the exchanges, for instance, internally were doing more than seven transactions per second. And so, aside from how they designed themselves, there was a very practical limit to what they could do on the blockchain. It became just easier for everyone to do things off-blockchain, and that leads to an IOU situation where you dont own your bitcoins, you just agree that someone promises not to run away with them. And thats not good for this ecosystem. [23:08] Dr. Adam Back: Its actually not really using the features of Bitcoin. What Bitcoin and smart contracts offer is the ability to build infrastructure, services, exchanges, payment-processors, to build all these ecosystem components in a decentralized way, in such a way that you can get service without having to trust the service operator. As I see it, that is the interesting new property of smart contracts and the Bitcoin model. And almost all of the system players are not using it. Partly thats because its more complicated and they were just trying to do some simple Web 2.0 stuff, but its also (as Austin said) somewhat an artifact of the transaction rate limit. So if we can get sidechains running that can support higher transaction rates and avoid the centralization risk by the ability to remove coins back to the other network, you should be able to build, for example, a bitcoin exchange which doesnt hold your coins. It is possible for the users to atomically swap coins using an atomic swap property (which is a known property but not very widely used). And then the exchange can just be matching orders. That can basically remove the need for audit. Audit is after-the-fact reactive. If wed had audits every six months on Mt.Gox, that doesnt necessarily mean that the situation would have been avoided because the situation probably arose within a six month interval. The point of Bitcoin is that you have real- time audit, basically, that if someone tries to do something outside of the smart contract (like to have an exchange that tries to take the money, or you agree to an order [and] somebody [tries] not to fulfill their part of it), its a priori prevented and real-time audited so that at the end of the transaction, you know whats happened rather than finding out six months later that an exchange lost all its money. By architecting these things in a way where you dont have to trust them, you can basically trade with air gaps (like offline wallets, hardware wallets, Armory wallets, [and the] Armory offline wallet) on the user side. And also the server, if its hacked, it doesnt really have any assets at play. As long as you spot check the prices that youre agreeing to, theres not really that much bad that will happen in this model if an exchange is compromised. [25:41] Adam B. Levine: The exchange never has your keys. They just handle the order matching now, in this paradigm. Is that right? [25:45] Dr. Adam Back: Thats right. [25:47] Austin Hill: Thats right. They can compete on marketing, on building liquidity, and volume. They can compete on customer service, regulatory compliance (based off the new IRS ruling, making it easier for you to file your taxes). (laughter) Theres a whole bunch of things they can innovate on. But the basic security model isnt, Trust us with your assets. Its Trust us to deliver a great marketplace where you can find the best liquidity and the fastest and best customer service. But you never need trust us with your assets. [26:20] Adam B. Levine: I think I mentioned this to you, I have like ten projects that Im consulting on that are all in the user-created-asset space. Theyre on a variety of the projects that were out there. I dont pick favorites, I dont pick teams on this stuff Im looking for the best solutions. So is this a solution that is available or will be available in the near future? And if I have these ten projects some of which are like Kickstarter-type tokens, others are more like IPOs or equity sort of things, and some are charity projects would each one of these get its own chain? Would I launch a chain for all of my projects? Would I use a specific chain that youre thinking is going to be out there? How would this work? [27:01] Austin Hill: (inaudible- microphone distortion) We have focused for the last two months on the core science. We gathered a number of the Bitcoin core developers from around the world, many of whom hadnt even met each other. We set up a house in California where they all came and collaborated (some of them lived in the house). A number of them came into the we were calling it the Bitcoin Mansion, it wasnt a mansion but it was a big house. A lot of them came into the Bitcoin Mansion and said, This is not possible. We dont believe in this approach. The ability to do a two-way peg and retain all the properties and build the security firewall around Bitcoin is impossible. Weve now proven it is [possible]. Weve gotten sign off and support from a lot of the Bitcoin core developers. -But even that change is going to require some time because theres a community at-large that needs to understand it, theres a proving period that needs to be there, and these guys are incredibly overlooked, unfortunately, by the ecosystem that depends on them. Theyre volunteers by and large who are controlling some of the most important code on the planet, I think. Next to Space Shuttle If we have a whole bunch of space shuttles and space stations blowing up, it can ruin space exploration. If they [the Bitcoin core developers] mess up, they can ruin math-based currencies or set them back incredibly far. So they have to be very judicious and patient in adopting changes. [28:35] Dr. Adam Back: Right. And that point tends to lead to contention. I saw it myself last year. When I was talking to Andreas, I explained a whole bunch of ideas that Id come across and some that Id invented myself that would make interesting new features for Bitcoin. And once you get in that mindset of Okay this would be cool, it seems to work (inaudible- microphone distortion) after a while they [the Bitcoin core developers] cant really afford to entertain your pet project, even if its a very core project, because theyre protecting ten billion dollars worth of assets. If they accidentally introduce a bug while adding your core feature, then everybody will have a bad five years in the cryptocurrency space. So it means that innovation on the core is actually slow. Literally, the pace of innovation is slow because its conservative, and value preserving, and focused on robustness, fixing minor bugs, and very careful, gradual change. -So the idea with a two-way peg The two-way peg itself requires a moderately-high risk change to Bitcoin itself. So thats a bootstrap problem, that they have to evaluate this change or set of changes and be very sure that its safe. But once thats done, it allows people to do innovation on sidechains. Different people can explore different properties on different sidechains. So if ZeroCash wants to do something, they could go do it on a sidechain. If somebody in six months starts to have a big argument about increasing the block size, they can go do that on a sidechain. And maybe the main Bitcoin network wants to even reduce the block size to increase decentralization. If somebody wants to do something with changing the contracting language, [or] explicit support for coloring (i.e., tagged issued assets, which are SPB-compatible), they can do that on another sidechain. And people with different views about what [the] contracting language should be can do that on different sidechains. -So it basically frees up the space to allow open innovation more rapidly without creating risk for Bitcoin Main, because the security firewall guarantees that if you elect to move coins into a sidechain, you are exposed to bugs on that sidechain that affect value (obviously people will be very careful). But the people with money in the main Bitcoin chain and other competing sidechains are unaffected by that bug there is an absolute firewall. So the way that works is you can only move coins back that have been moved out if somebody puts one bitcoin into an experimental sidechain and something goes wrong and somebody takes it, well, they lost a bitcoin. But the main Bitcoin network is unaffected and cant be affected. [31:30] Adam B. Levine: The value of a bitcoin, regardless of what chain it currently resides on, is still one bitcoin, right? The value does not float against other chains of Bitcoin? [31:38] Dr. Adam Back: Right. Theres an actual implemented protocol where you can move the bitcoin Youve got bitcoin on one chain, you want it onto another chain. Now for efficiency, when theres sufficient market demand floating around, you might swap with somebody who wants to move in the other direction. But you have the ability to actually move the bitcoin you possess directly onto the other chain. [32:00] Adam B. Levine: So this is a flexible money supply implementation then, yes? [32:05] Dr. Adam Back: Its still fully preserving the twenty-one million [bitcoin] cap and the supply function. Its only the main Bitcoin network that is mining and creating new coins. The other sidechains are just repositories for coins so you can move bitcoins out of the main network, into them, and back out. [32:22] Adam B. Levine: Is there a financial motivation for someone to merge mine one of these if theres no reward? [32:29] Austin Hill: Good question. We believe there will be, but some of those details were not exactly disclosing. Were in discussion with a lot of the large miners and mining pools on making sure that they have good incentives and good reasons to merge mine this. There will be an economic model that supports participation and follows a lot of the same model of Bitcoin. It just wont be based off mining rewards, so obviously that leaves transaction fees. But there is a transaction model that is flexible, thats market-based, that would allow each of these sidechains to have their own innovations. Collectively all of them together can increase the transaction fee revenue for people who are merge mining this. [33:15] Adam B. Levine: I see. [33:17] Austin Hill: And one of the other key points to remember is Whats great about this idea I enjoyed looking at it from a large-scale, complex systems design, and emergent property [perspective] is it will actually drive demand for bitcoin and increase the utilization of bitcoin. Because now you have a whole bunch of other interesting assets or contracts that can be written against bitcoin. And so you can imagine Weve had some discussions with some very, very large financial institutions who are looking at volumes of transactions, contracts, derivatives, and future options contracts that are orders of magnitude larger than the entire bitcoin asset base. Huge. When you start to be able to embrace or extend the functionality to include part of their asset base encoded in blockchain technology, you can start to see where the demand for bitcoin will far outpace the availability and will ultimately drive up the price of bitcoin, I believe. [34:29] Dr. Adam Back: Right. So remembering that bitcoins price has a speculative part, which is looking at the future potential utilization. But largely, bitcoins value is its utility value (the fact that you can make transactions for flat fees and so on). Once somebody is able to bring to the market an open network for supporting smart contracts against other assets, that opens up a wider set of transaction types. So you would expect the transaction throughput to go up, the dollar value being transacted to go up, and as bitcoin is the neutral transactional currency with these sidechains, therefore the amount of bitcoin-denominated transactions goes up, which puts up the utility value of bitcoin. [35:19] ADVERTISEMENT: Bitcoin Expo 2014, presented by the Bitcoin Alliance of Canada, is just a week away. The conference will feature the key players behind Ethereum, CaVirtEx, Litecoin, Open Transactions, Seans Outpost, CoinTalk, Mastercoin, Dark Wallet, CryptoKit, Blockchain.info, QuickBT, Bitcoin Magazine, and many others. With special guest Andreas Antonopoulos as the master of ceremonies. Bitcoin Expo 2014 Toronto, Canada, April 11th-13th. For tickets, visit www.bitcoinexpo.ca. [36:10] ADVERTISEMENT: The BitGive Foundation is a non-profit, charitable giving organization, leveraging the power of the Bitcoin community to improve public health and the environment worldwide. Help us demonstrate the significant impact of bitcoin in addressing these critical issues on a global scale. Support international giving in bitcoin. Please visit our website at www.bitgivefoundation.org. Thats www.bitgivefoundation.org. [36:48] Adam B. Levine: I definitely see the argument for value here. One question I have about potential limits to innovation in a system like this since youre still utilizing Bitcoins mining, that means that the block time should still remain at about ten minutes. And for some of these decentralized trading applications like weve talked about in the past, that actually winds up being kind of a long time because its the amount of time it takes between the time that you say, Id like to do this action, and the time that the blockchain actually has included it and it actually has happened. -So is there the ability to try faster block times, or is ten minutes the low-bound limitation? [37:29] Dr. Adam Back: You can potentially do different clocking tools on a sidechain, counterintuitively, because when youre merge mining with, lets say, Namecoin as an example, because Namecoin has a (inaudible- microphone distortion) of the hashrate, that means that some Namecoin, when it blocks, are not Bitcoin blocks and vice-versa. So you can have a different target, you can have smaller, faster blocks if you want. So it is possible within the framework. [37:58] Austin Hill: In addition to that, two of the members who are working on some of these ideas with us have had some really great innovations around how to scale to hundreds of thousands of transactions per second, while retaining all of the properties of a blockchain security model. And those innovations will allow for high-frequency trading, very, very high-speed liquid markets and exchanges, that are using blockchains security model and blockchain trust-less infrastructures, but meet the business requirements that are necessary to do high volume. And that is definitely part of our project scope is to make those platforms available for someone who may come in and say, Hey I want to compete with Visa. I can see myself hitting twenty, thirty, forty thousand transactions per second. Where am I going to process those and be able to get instantaneous transaction verification without having to wait for the limits that are in the blockchain? -So we believe that that is very possible while retaining the trust-less security model of the blockchain. [39:18] Adam B. Levine: Two questions left from my end. So is this a project that were going to see results from in 2014? 2015? 2016? I know that the Bitcoin development team is rightly conservative and so it seems like it might take a while to see this. And then the other thing is, this sounds really exciting and this sounds great. What else should I be asking about that I havent known to ask? [39:42] Austin Hill: Well, Ill tackle the first one. Were right now combing our hair and putting on our hats and our fancy ties (although we dont wear ties), but were getting ready to announce and give some details to the project so that people who are interested can track the project, and reveal it including announcing the name and whos on the team. That will be happening in the next 60-90 days. So a very short term. And we are going to be releasing One of the principles that we adopted from the cypherpunk principles is (and its one of the founding principles of the project) something called we speak in code. We really want our products and our software releases to speak. So well be releasing software very quickly that is necessary software for bootstrapping this type of ecosystem. Theres a couple different parts of the existing blockchain and Bitcoin ecosystem that have huge gaping problems that we can deliver immediate value without needing to wait the 12, 18, or 24 months that it might take to get some of these changes adopted in Bitcoin core. Some people are aware of these problems, but we feel that we can deliver immediate value based off that. Get out there, start releasing very useful, open-source, free software, some software stacks that other people can adopt in the ecosystem to secure their users accounts and secure parts of the Bitcoin ecosystem that are operating on a trust-me model. We think we can deliver a lot of value by helping them move to more of a trust-less infrastructure. So were going to focus on doing that. At the same time, were going to be investing very heavily were putting together a really good team of cryptographers, programmers, working to support some of the volunteers in the Bitcoin core community to provide them resources and allow them to really accelerate some of the things that they know need to be done. Call it a criticism, call it a comment for the community, you need to remember that most of these guys are volunteers. They have day jobs, they carry a huge amount of weight on their shoulders. And they do it because they love the community and they love the technology. They have not, I think, in many parts received a lot of support. The community has come together and it pays Gavins salary and others, but a lot of these guys are still volunteers. I think supporting them and providing them with more tools, more infrastructure, more testers, more documentation resources, travel vouchers so they can actually get together and meet face-to-face once in a while these are all things that were going to be doing, and we hope the community will participate in that as we announce details of that. [42:44] Dr. Adam Back: Yeah, I noticed at the CoinSummit conference that some of the ecosystem players on the payment-processor side were asked a question from the audience about supporting core development. Everybody in the Bitcoin ecosystem is relying on the Bitcoin D, right? And they were asked in what way they were supporting that and if they would be able to For example, if they have core developers or senior developers on their staff who are very familiar with the Bitcoin protocol, have them contribute time to Bitcoin core testing, maintenance, [and] development. And the answers were mostly aspirational. There were some actual comments to suggest that their staff were already working on that, so I think thats good. But I think that the business community should really step up and, in the Linux-like model, have people on staff (as they can afford) who are working on the Bitcoin core because their entire business model depends on the reliability and scalability of the Bitcoin network. [43:52] Adam B. Levine: Im hearing a lot of people these days talking about Bitcoin 2.0. And Im very curious here guys is what youre working on the real Bitcoin 2.0? [44:00] Austin Hill: We are a blockchain technology company. Although I personally care for the success of Bitcoin, its important to distinguish between bitcoin the asset and the blockchain as a programmable, distributed, trust infrastructure. Were interested in blockchain 2.0. And blockchain 2.0 using bitcoin as a neutral transactional currency we believe offers great promise. But I want to build a blockchain that could support a nation state putting its national currency [on the blockchain] and phasing out paper dollars. And theres a lot of reasons to do that counterfeiting, utility value, conducting commerce in separate geographic distances, auditability, trust. Theres a whole bunch of potential to reinvent our financial services infrastructure to better serve humankind, and weve only begun that journey. Im interested in a platform that is distributed, neutral, has all the principles and properties of Bitcoin, has embedded and imbued in it the principle of Cant Be Evil, and allows the world to migrate into math-based assets and math-based currencies. Thats going to take time. Were interested in building that blockchain 2.0. But doing it in a way that is an extension of the existing blockchain, not running off and building our own alt ecosystem, pre-mining it, and watching Adam and I get rich off having the first coins. Thats not our intent. [45:45] Dr. Adam Back: Right, so no altcoin race attached to this. Its purely neutral, using the bitcoin as the transactional currency. Austin was mentioning systemic risk issues. You can see with bitcoin, if more business starts to move their accounting and business-to-business payments into bitcoin, cryptocurrency-issued assets, and cryptocurrency-denominated national currencies, you get the benefits of this zero trust [and] immediate auditability features. So if you are receiving an insurance contract for your car from the insurance policy, and theyre about to exceed their reinsurance limit, that would mean that your insurance policy would be immediately failing the audit and be considered invalid by your client. So you can start to remove systemic risks from the system and avoid Enron-like situations. Even in the long-term there would have to be a number of iterations of smart contracting before we get to those kinds of things. But even in the long-term you could imagine a national currency issued where they would have a smart contract like an issuance contract that specifies their monetary policy [E.g.] theyre going to have no more than 2% quantitative easing or may be subject to some internally-measurable market metrics. And that applies to them. So even being that they have the key to issue more coins in some redundant hardware air-gapped key manager, they would be physically unable to bypass their monetary policy rules because their monetary policy rule is bound into the genesis of the coin. And so all recipients of the coin would immediately reject them if they tried to exceed their own monetary policy. I think that if we can get to a system like that, we can have real-time auditing, agree to societal rules, and enforce them a priori rather than finding out six months or twelve months later that somebody has hundreds of billions or trillions of dollars of undisclosed assets and then you have an AIG or all of these cascading failures of the system. [48:04] Austin Hill: I think one of the important things thats at ZeroKnowledge Its kind of funny because a lot of history of ZeroKnowledge isnt as archived as todays media and internet companies (YouTube didnt exist when we built ZeroKnowledge). But at the time we were very thumb our nose at the face of authority. We were fighting the Edward Snowden-type battles. The NSA and CIA tried to shut us down. We were on 60 Minutes advocating Crypto for all! Tear down the System! And I think part of my own maturing process is when we started to realize that may not be the best way to interact with these guys is Im coming for you, Im going to burn down your system. The financial services industry, the people weve talked to, have real problems themselves. We talked to a very large buy-side financial institution who literally has hundreds of billions, if not trillions, of dollars worth of assets under management. And they said, From a pure compliance point of view, we dont even understand our risk. Weve got entire teams holding binders of contracts and systems and were trying to figure out how to even understand what we own, what the risk is, and what the underlying asset is. So if you can help us If [you] can digitize some of this, if [you] can have it be encoded in a way that we can actually make representations for compliance reasons and for our own risk management, we would welcome you in. So I think there are some opportunities to show both governments [and] financial institutions that this technology is not about wiping them out or destroying their business. This technology is about imbuing the entire ecosystem with verifiability, trust based off distribution and math, and some real good foundation levels that they can then reinvent their businesses. And yes, it will drive some competition in the industry and hopefully some more efficiencies. But just like news and media organizations are readapting to the Internet and learning new ways to rebuild their businesses, we want to encourage these people to look for efficiencies. And those that do will be much more like the Netflixes of the future versus the Blockbusters of the future. We want to help them figure out how to rebuild their businesses as the Netflix, not the Blockbuster. And if they dont want to adapt, they face extinction. [50:38] Dr. Adam Back: I just wanted to say another thing about this public auditability. A typical objection to public auditability on a commercial basis is that companies and individuals do not want their business model to be public knowledge. Their profit margin, their volume of trades, their market movements You know if somebodys selling a large number of stock they like to keep that to themselves and not have that readily available to the market. And so that tends to present a barrier to the public auditability. Theyll say, Public auditability is nice, but weve got to preserve commercial confidentiality. It turns out, you can have your cake and it eat [too]. Last time when I was talking to Andreas I was explaining this concept of homomorphically encrypted values. It turns out that you can have the blockchain validate that the inputs add up to the outputs without disclosing the values involved. Theyre encrypted in such a way that addition still works on them. And that actually at a lower level includes a zero-knowledge range proof. So you can actually prove that an encrypted value A is less than an encrypted value B, or even that an encrypted value A is less than a multiple of an encrypted value B. You can actually use it to prove leverage ratios and things like that. -So you can do a lot of things in a way that preserves commercial confidentiality and still have public auditability. I think theres really a scope that we can preserve the traditional (and necessary even) financial privacy for individuals and commercial sensitivity for companies while having full public auditability. [52:30] Adam B. Levine: The way that you describe that makes me think of pseudonymous numbers, right? Because they still represent real value but not their necessarily true identity, right? [52:40] Dr. Adam Back: Yeah, its kind of analogous. Youre just saying that I can see that two parties engaged in a currency swap (or whatever kind of instrument theyre dealing in), their identities are not apparent to me at the blockchain level. But they will have business records saying who they bought it from, if theres ever a need to investigate that. [53:01] Adam B. Levine: Right, it could be unwound. [53:03] Dr. Adam Back: There are two networks involved in bitcoin- or blockchain-related transactions. Theres the blockchain, the actual broadcast peer-to-peer network. Things that go on the peer- to-peer network are byte-minimized because its a scarce resource. You dont send to that more than you need to send to ensure the correct interpretation of the transaction. The auxiliary information about nX509 certificate identifying the seller, a receipt and an invoice, all that kind of stuff goes on the payment protocol level, which is point to point communication between the buyer and the seller. And if one of them is a business they will be keeping business records. Or if youre an individual you will be keeping your receipts so you can prepare your accounts at the end of the year for taxation purposes. I think there is identity, but the identity is managed between the parties of the transaction, not broadcast to the peer-to-peer network. Theres a problem with Bitcoin that its so open that people do network flow analysis and figure out too many things. [54:00] Austin Hill: Yeah. [54:01] Dr. Adam Back: So if we keep the identity out of it- its already bad enough without adding identity to it. Going back to the value idea: Basically were saying that if you look at the Bitcoin right now, the Bitcoin network flow analysis, you can see that this address paid to this address, and probably this was changed, it went to this address. It preserves a different kind of privacy if you can hide the value. So one example people give of that, why you need financial privacy, is some people are paid their salary in bitcoin. Maybe you can figure out who this guy is because, you know, he bought a pizza in the shop or he paid you back a small amount that he owed you, or something. So you see an address. He shouldnt be reusing addresses, but still there are links between them. So if he was paid his salary and the amount of the salary was encrypted, you wouldnt know how much he was paid. And if he paid you personally ten dollars, you could see that the change that he received plus ten dollars is equal to his salary for the month, but you still dont know what his salary for the month is, you just know that he hasnt exceeded the value of the transaction. [55:00] Adam B. Levine: Guys, this is a really, really fascinating project. If people want to learn more about it, it sounds like theyre going to have to wait a little bit. But are you looking for help or applicants to help you build this thing out? [55:13] Austin Hill: We will be launching a website with some information as well as some job postings that were going to be doing, and well certainly reach out. For now, I think that if people keep track of us on Twitter, Im @austinhill and Adam is @adam3us. If people keep watch of our Twitter accounts we will be at least announcing the name of the project and the website in the coming month. There will be at least a placeholder website where we release some more details and list the jobs available. [55:48] Adam B. Levine: Austin Hill, Dr. Adam Back, thank you very much for your time. [55:51] Austin Hill: Thank you, Adam. [55:52] CREDITS: Adam B. Levine: Thanks for listening to episode 99 of Lets Talk Bitcoin. Content for todays episode was provided by Adam Back, Austin Hill, and Adam B. Levine. Music for this episode was provided by Jared Rubens and General Fuzz. Any questions or comments? Email adam@letstalkbitcoin.com. See you next time! [56:13]