Good morning. Good afternoon. Good evening. Welcome to the noon. I'm your host this evening,
Laurence Ray. And today I'm joined by my esteemed co-hosts, Riccardo Martinez and Jerry. And today
we are interviewing the amazing Jameson Lopp. And Jameson, before I ask how you're doing,
I'll give you a quick intro to our audience. If anyone who hasn't heard of you,
I'll come across you so far. So Jameson is the CEO and co-founder of Casa, a cyberpunk Bitcoin Times
editor, creator of some pretty useful beginner Bitcoin resources and overall privacy advocate.
So how are you doing today, Jameson? I'm doing well, hanging in there, just trying to
start to enjoy some summer sun and watching the lockdowns all get lifted, taking advantage of that.
Yeah, absolutely. I'm partying for, well, I mean, yeah, it's been delayed a bit in the UK,
but overall right direction everywhere. So that's positive for sure. But yeah, I guess,
well, we'll just dig in and sort of start asking you questions straight off the bat. So
one of the first things I guess I wanted to bring up was something that's been in the news a lot
recently, and I'm nearly sick of talking about it, but not quite, which is El Salvador. And
yeah, essentially it's all over the Bitcoin news world specifically at the moment, and rightfully
so. But I guess one thing I wanted to speak about was just like getting your thoughts on when it was
announced that El Salvador was going to kind of bring on Bitcoin as legal tender, and then kind
of like how that may have changed or developed over the last kind of couple of weeks, as we've
seen the developments with the president and the volcano power and all these different things.
I just wanted to see kind of, yeah, what you thought about it originally and how that's
changed. Well, interestingly enough, I went back through my tweets, because I felt like
it was a momentous enough event that I had probably talked about something like this
happening before. And I actually had a tweet about four years ago, in which I made a bold
prediction that there would be a nation state that essentially set Bitcoin as their currency.
And I, at the time, I said, I think it'll happen in the next five years, but I think it will
happen in the next five years. I was probably feeling pretty bullish at the time. And just
by sheer luck, it happened within the timeframe that I had guessed. But my main point with all
of that is like, I felt like it was inevitable. Obviously, predicting timelines on these things
is very hard, but it's a logical thing to do, especially if you're a tiny little nation
that is essentially at the whim of other nations or large central banking organizations that are
essentially holding you hostage. If you're not large enough and powerful enough to have your own
currency, then it makes sense to choose a currency that is more predictable, that is more favorable
towards you and your citizens. So from that standpoint, I felt like we're kind of overdue
for it. I think it was actually a little bit surprising that it was El Salvador, which is,
I mean, they're not a large country, but they're also not one of the smallest. I kind of assumed
it would be a micro nation of some sort, basically really bottom of the ladder type of nation that's
like barely even recognized as a nation. But I think this is a very interesting development
because it makes the other nations that are in similar situations start to take notice.
It's really how you get the ball rolling on this type of stuff. Once the dominoes start falling,
that's when I think macro changes are really going to start happening. Even more than just
the announcement itself, the reaction in the days after and really the actions of the president
to go further than just simply make a empty proclamation. He's actually putting resources
into this. I think we're going to see actual boots on the ground type of action to try to form
grassroot movements within this nation to get as many people as possible on boarded to the world's
most sound money. And it's not going to be easy. It's going to take a lot of work,
but if this is a success and we can create a reproducible model for it, then I think you're
going to see a lot of Bitcoiners start to go out to other nations and essentially offer to help
reproduce that and onboard many, many more people. Now there's going to be a lot of technical
challenges, educational challenges and whatnot, but I think that this is the type of thing that
a lot of us have been waiting to see. It's one small step, but one giant leap forward.
Yeah. That's a good way to summarize it at the end there. And yeah, something that I kind of
felt might be a few years on from now, but so they kind of surprised me. I think the other
thing that surprised me is like the speed and efficacy at which like the president's actually
acted on it essentially. It's like, yeah, Bill's going through and it was like, oh, okay. I didn't
expect it to be that fast, which is just impressed me basically. Now, of course, this may be a result
of some attributes of El Salvador that are perhaps less desirable for a lot of us liberty minded
people. Whenever I see a government that's able to take really, really swift action, it makes me
suspect that it's probably more on the authoritarian side. I think this is what you're seeing a lot of
pushback from people talking about El Salvador and the problems that they have and how this is bad
for Bitcoin that they're trying to do this stuff. But I think that those of us who understand the
system reasonably well, we understand that the actual technology, it's a tool, it's neutral.
It can be used for good things and bad things. And we're going to keep an eye on it and see exactly
how this gets rolled out in the country. But just because there may be some people with
questionable backgrounds or whatever using it, that does not at all detract from the utility,
the value of this protocol. It kind of all goes back down to one of the original, I guess, concerns
that a lot of people have about Bitcoin, which is that it's good for criminals. But my pushback to
that is that at the end of the day, we're all criminals, one way or another. You just choose
your flavor of criminality. Speaking of criminals, did you ever get to the bottom of who swatted you
and were the perpetrators ever brought to justice? Not really. So suffice to say,
I got a number of clues. Some good leads came in. But it was never enough, I think, to
actually get law enforcement to step in. And, you know, the burden of proof is pretty high
on a lot of these things. And I think the short version is my interactions with law enforcement
basically led me to come to the understanding that I was not a high priority. You know, they're
more concerned with people who are in imminent danger or people who are serial major criminals
that are basically stealing millions of dollars from lots of folks. And I did not fit in that
category. So the only thing that I can really hope for at this point is karma that, you know, whoever
is out there, this is not the only bad thing that they've done. I suspect that this is kind of the
life that they live and that eventually it's going to catch up to them. There's a situation where
obviously you've been swatted before, and obviously anyone who's listening that has occurred,
just in case anyone wasn't aware. I know that obviously with the way that you've been since or
has been to kind of focus a lot on privacy and safeguarding your data and your personal
information, which makes sense to me. But I guess there's people out there who probably will be
listening and think, well, you know, it's not happened to me. I've not had anything really bad
happen to me. Essentially, why should I care about my privacy to the similar level or even
half the level that you do? Why should I make an effort basically? And I didn't know if there was
any kind of words of wisdom or warning that you had for people who may think, well, you know,
like, I don't need to worry. I've not got tons of cash or it's not happened to me yet. I didn't know
there's anything you kind of would have to say to those people basically after the experiences
that you've been through in your life. Well, you know, my particular situation was an extreme case.
Obviously, only a very tiny portion of the population is ever going to have a SWAT team
show up at their house because they're being extorted and targeted by some criminal on the
internet. However, there are many, many other things that can go wrong with regard to having
privacy leaks. And this is really just common cyber hygiene, cybersecurity is that over a long
enough period of time, it's basically a guarantee that any information that you're sharing with
other service providers, other websites, other apps, whatever, some of that is going to leak.
Some of those databases are going to get compromised. Ultimately, that data is going
to end up getting sold on various dark net markets. It may even just get simply dumped
into the public. And then the question becomes, what is going to happen as a result of that?
I think the most common thing that happens is identity theft. You know, if your personally
identifiable information gets leaked, then savvy criminals will be able to essentially
leech off of your credit and, you know, pretend to be you, open up various lines of credit.
And that will be a very long and arduous process for you to try to clean up. It can easily take
years to clean up that type of mess. So I think just from a simple, protective type of perspective,
if you just limit the amount of data that you're putting out there in the first place,
that's really the best thing that you can do to prevent a whole slew of things that you may not
even be thinking about that can go wrong. The stuff that I talk about is more extreme and edge
case. My type of threats that I'm trying to protect against are not your sort of garden variety
scammers. But if you at least understand how this information can get propagated and used against
you, then perhaps you will be a bit more judicious in handing out your data all over the place.
Unfortunately, you know, this takes work. There are a variety of different levels that you can
end up at of how much effort you want to put into it. But I tell people the very the simplest thing
you can do is not put out your real information. If it's at all necessary, I would say like 95%
of the forms you come across on the internet are asking you for things like telephone numbers and
physical addresses and stuff that is not even necessary. They just want to collect that
information perhaps because they can monetize it later. So like the vast majority of time, if you
can't leave something blank and you absolutely have to fill out a form, you can put fake information
in there. It's not illegal to do that. In many cases, it's not even illegal to give pseudonyms,
you know, fake names unless you're signing a legal contract or unless you are actually
engaged where your counterparty is some sort of government entity, then it's usually perfectly
legal for you to lie about your name and identity and whatnot. And, you know, that's sort of getting
into the misinformation, disinformation type of thing. But like I said, if you're not giving
your real information away, then it can't be used against you. So, you know, pay attention to the
fact that if you're not giving it away, then it can't be used against you. So, you know, people
will have to decide what their own threat level is, how paranoid they want to be. But I consider it
to be like an insurance policy. And the example that I usually give is, for example, there were
the woman, she was a social media manager. And she was flying, I think, from New York to South
Africa. She boarded the flight to South Africa. She posted a somewhat racist tweet. It was, you
know, not in very good taste. But she thought she was being funny. And then when she woke up 12
hours later, that one tweet had gone viral. And even though she only had like 200 followers,
that one tweet had pissed off like 10 million people and had resulted in actual, you know,
physical repercussions where people showed up at the airport to watch her get off the plane.
Other people started harassing her and her family and her employer. She ended up getting fired.
And so the reason that I bring that up is just to show that there's this, there's an asymmetry
today due to the information age, where you can go from being a nobody to being somebody that has
the ire of tens of millions, if not billions of people directed at you overnight, because of,
you know, a couple hundred characters that you put out onto the internet. So that's why it's so
difficult, I think, to try to tell people what their threat level should be. Because any of us
who are on the internet, who are on social media, who are putting information out there that could
be potentially consumed by billions of people, we are in a position where something like that
could happen to us. And it is kind of a lottery thing, you know, I think the vast majority of
people won't have that happen to them. So if you treat this as sort of an insurance policy,
then I think the question really comes down to, you know, how much effort do I want to put in
to protecting myself from these various edge case risks? Hard to quantify, but it can happen. And
I was one of the unfortunate lottery winners. Yeah, I guess one of the examples I can think
of as well be like the ledger breach, for example, where people just innocently buying a hardware
wallet, nothing crazy. And then some of the repercussions of that have been pretty, pretty
horrific, really, to be honest, I mean, with some of the threats and things that people have gotten.
And so that's a kind of, I guess, an example for the everyday person, like, hey, it can happen and
it can compromise quite a lot. Yeah, nobody thinks about, oh, I'm buying something off the internet
and getting it shipped to my house. And this is a threat, you know, it's, it's a, it's definitely
a new paradigm that people are not used to. And this is, this is just how it goes, I think, with
technology making things much more convenient. The vast majority of people are just going to rush
headlong into using whatever is placed before them without taking an adversarial perspective of, well,
what could go wrong? As someone who's put a lot of time and energy into becoming very knowledgeable
about privacy and security, what would you say is like the best takeaway for someone that's new to
the topic? I think that people can get overwhelmed, especially if they start digging into some of the
things that I've posted, because most of what I talk about is the extreme edge case. And like I said,
it is, it is a spectrum and you don't have to dive into the deep end of going extreme
mountain band off the grid type of thing where you're protecting yourself from absolutely
everything. It's possible to just spend a few hours just trying to improve one small aspect
of your privacy and see how that goes. Try to, you know, set up various things to automate
protecting your privacy. You know, even, even just something as simple as installing a bunch
of ad blockers in your browser will get you pretty far ahead compared to a lot of other people. You
know, that will at least help protect you from a lot of the surveillance capitalism that happens
just as you're doing your day-to-day web browsing. You're going further to the extreme of trying to
protect your home address is a lot trickier because then really for any type of privacy,
you have to set up some sort of proxy or some sort of intermediary that essentially acts as a shield
between you and your real information and the rest of the world. And doing that type of stuff
for internet type of proxies is simple. You know, if you want to protect, you know, your actual
internet connection, you can get a VPN set up and that doesn't take a ton of work or you can, you
know, set up new accounts, new emails, whatever, you know, we're just talking about a few clicks
at that point. But once it comes into the world of the physical things, that's when I would say
I would say the amount of effort and resources required really start to ramp up. So, you know,
if you want to protect your home when it comes to getting things shipped to you, then you have to go
get a box somewhere else that's not in your home and, you know, that's going to cost you money
anywhere from probably 50 to over a hundred dollars a month to start receiving packages on
your behalf. Even more if you set it up far away and it's remailing stuff to another address.
But most of the time, I tell people, you know, check out the privacy resources on my website.
You can start off with some beginner stuff and just keep chipping away at it at your own pace.
For me, I did dive into the deep end. I would say I basically burned down my entire life and
started it over again, which was a very intensive process, you know, both for my time and money and
other resources. But you can learn from me doing it the hard way and figure out, you know, which
pieces of the puzzle would you like to attack? See how that goes. If you get used to it and you're
feeling hungry to do even more, there's always more that you can do.
Yeah, I suppose there's like a trade-off, isn't there, with privacy between like convenience and
privacy. Obviously, there's a scale, which I'm sure many people would kind of want to be really
private, but not kind of take those last steps to, you know, completely destroy any kind of
convenience, I guess, in their lives. And other people may want to go the full way or whatever it
may be. I guess it's a personal preference and decision. And you mentioned the different
resources that you have online that you've made. And one of them, for example, Bitcoin page was
something that I was given when I first got into Bitcoin. And it was like, you know, huge part of
helping me learn about it, basically, and setting me off on the right path. So I'm ever appreciative
of that. But I guess something that I'd be interested to know is kind of like, when it comes
to Bitcoin, when you discovered Bitcoin, what was it? What were the things I think, I guess,
that kind of made you interested in it or excited about it per se? So rather than just like the
story of, you know, how you found it, what is it actually kind of gravitated towards you about
Bitcoin and kind of made you think, okay, well, this is, you know, important or interesting,
and then maybe even made you think, okay, well, I'm then gonna step into this as like,
almost a career opportunity. Like, well, what was what the things that kind of went through
ahead at that time? Well, I was a computer scientist. So obviously, the technology was
intriguing to me, I had never thought about these problems before. And once I read the white paper,
I realized that the solution was rather elegant. It was kind of backwards of how you would probably
try to attack a problem like that. And that's why it was, I think, so much of a leap forward
is because it turned a lot of things on their head. And I actually ended up giving a whole
talk about this a few years ago, where I basically was making the argument that the
the type of system that Satoshi Nakamoto created, it's basically a bureaucratic system,
except it's an inverted bureaucracy, where instead of being this top down hierarchy,
it's actually a bottom up type of organic consensus process. And, you know, that's what
I think a lot of people misunderstood during the scaling wars, like trying to understand how
governance in this type of system works. But at the time, I wasn't, I wasn't thinking about
governance, really, at all. Other than the technology, the thing that was just most
intriguing to me was thinking of money as an open source project. And the reason that I found that
intriguing was that, you know, money is a concept that does not or at least should not belong to
anyone in particular, it is this collective agreement upon everyone who is using the money.
So it makes sense to me that anyone who wants to should be able to essentially chip in and voice
their opinion about what they believe money should actually be, what should the attributes
of a sound monetary system be, if you want to contribute to working towards improving
a monetary system, then I don't think anyone should be able to shut you out from that.
So I think over the long term, that turned into this very interesting paths where we
learned more and more about how the governance of a system like this works and your government
governance probably isn't even a good word for it, because it really is more of an anarchic
system where it's a system of rules, where there are no rulers. And you know, that really throws
a lot of people for a loop, because there's, there are not really many other systems that
are analogous to that unless you're talking about kind of like meta concepts like language or
even religion is not a really good one, because most religions have some sort of hierarchy
to them. But something organic, like I think language that is more spontaneous and how it
evolves over time, you know, from a sort of mimetics type of viewpoint, I think that's
a better type of organism that you can compare this to. It's just this organism is better
defined. I mean, it is, you know, there is code in which we try to define it. But once
again, I think that confuses people because a lot of people think that the rules that your node,
for example, are enforcing that, you know, that is the definition of Bitcoin. But I think that
the definition of Bitcoin is actually ephemeral. I mean, it's just sort of floating out there. And
the rest of us are trying to figure out what it actually is and codify it as much as possible.
But I don't think that we'll ever actually be able to say for 100% certain, you know, this
the current rule set is Bitcoin or it is what the sort of optimal form of sound money is. I think
that it's always going to be evolving over time.
Well, so it's interesting to hear like the perspective you initially had and like how that
grew as well, and what you thought upon it. So I mean, were you would you have thought about
were you would you have considered yourself a cypherpunk before you discovered Bitcoin?
Was that something that came about because of your discovery of Bitcoin? I guess which came first?
No, I was almost the antithesis of cypherpunk when I learned about it,
because I was actually working for an online marketing company that was essentially just
hoovering up raw analytics data. And my job was to build large scale cloud infrastructure systems
that could analyze all of this data as quickly as possible, so that our clients who were mostly
online retail companies could better target people to sell stuff to them. That was not
something that I found ideologically interesting. It just happened to provide some interesting
technical challenges due to the scale of the requirements that as the company kept growing,
as the data that needed to be ingested kept going up by orders of magnitude. So if anything
if anything that experience, I think gave me an even greater understanding of exactly how much
surveillance is happening on the internet, just as you're going about your day to day business
clicking around, because I was the guy on the back end who was receiving a lot of that data,
and then helping people slice and dice it and use it to come up with new inferences about
who you were and what you wanted. Jameson, I wanted to ask you, what are your thoughts on
privacy wallets like Wasabi? Do you see a use case for them?
I think the difficult thing, especially if we're talking about on-chain privacy,
the difficult thing is it's very easy to screw up. Even if you are using a wallet that is primarily
focused on protecting your privacy, then it almost comes down to the UTXO level of how well are you
managing those UTXOs and how easy is it for you to accidentally correlate them together? So I don't
know, I think that a lot of people may think that those wallets give them more privacy than they
actually do, because I think it still somewhat comes down to what you're doing with the funds
after they're leaving that privacy-based wallet. So it's hard to quantify. I certainly don't think
they're bad, but it's not really something that I use myself except in rare circumstances. And
really the way that I tend to advise our own clients is that you probably are wasting your time
if you're just constantly mixing your funds and thinking, oh, I'm becoming more and more and more
private. Rather, the way that I tend to approach it is if I want privacy for a payment, then I send
that payment to the mixer, and then directly from the mixer, I send it to the target destination,
make the payment from the mixer. Other than that, I think a lot of this constant mixing and
constantly doing on-chain transactions is probably not buying people quite as much privacy as they
might think. I'd be interested to hear what your opinions are on Monero as an option, because
obviously it's considered a privacy coin. And so I'd just be interested to see what you think of
that or the future. I guess how usable that is for people, especially over something like Bitcoin,
which is pseudonymous and has some kind of privacy and security built to a degree into it, but not
as much as Monero does on-chain. I think that Monero is more user-friendly. If you want a really
high level of privacy, then you don't have to jump through as many hoops, basically. I think that
whenever it comes down to a user having to actually think about UTXO management, then
we've really lost a lot of the UX on expecting mainstream people to ever be able to use something
like that. So I am a fan of Monero. And if anything, I'm disappointed that it hasn't
been adopted more than it has. And I'm not surprised though. I don't consider it to be
a problem with Monero as a project. I think it's rather a reflection on society and just the fact
that the vast majority of people don't think about or don't care about their privacy.
I certainly wish that we would see a lot more adoption of networks that have stronger privacy.
But I think for the time being, we're just going to have to be happy with the privacy conscious
individuals that put in the time to do their own research and figure out what tools are acceptable
to continue pushing these projects forward. Well, I guess while I'm on the topic of altcoins,
I might as well go down this path. Something I saw recently, because I follow you on Twitter
on my personal account, and something I've been seeing fairly recently was that you were looking
into Solana and trying to be a validator or node, whichever way you want to go about it, on Solana.
And I guess I wondered why you chose to look at Solana. It's something I looked into myself
a little while ago, just to try and understand it, like what they're up to and what the aim was.
And whilst I can understand pretty much what they were trying to do, what the aim was,
what it did, I couldn't understand how it did it. Like proof of history, for example, this
kind of consensus they bring up, I couldn't work out how it actually worked, or I could understand
what they're trying to do. So I guess I just was interested in like, why you chose to look at it
and kind of what you've learned as well from looking at it. Yeah, I mean, I'm not singling
them out. This is actually a part of an annual series of performance tests that I run. Now,
this is the first year that I've ever run a Solana performance test, though I'm not sure
if it even really existed a year ago. But obviously, the reason that I'm doing is because,
isn't it? I think it's a top 10 coin now. I basically, I try to cover,
it's like top 15. But I basically try to understand, you know, all of these networks that,
basically, all of them in the top 20 have market caps over like 20, or $10 billion. So, you know,
if you're supposedly securing over $10 billion worth of funds, then I'm interested to know,
what is your security model? What can an end user expect with regard to their self sovereignty in
this system? You know, how much power are they actually ceding to a third party or perhaps some
sort of coalition? You know, basically, the model that Bitcoin has created is very well distributed
in terms of power. And I think that people talk about decentralization a lot in this space,
without talking about what we're actually trying to decentralize. And it's the power,
we don't want kings, we don't want tyrants, we don't want small cabals of people operating
behind closed doors to make decisions on our behalf. We already have that, it's called the
banking system. So why the hell would we re implement the same broken system or the same
broken system or the same broken architecture? And that's what fascinates me with some of these
coins, because it seems like they're basically re implementing the same type of architecture,
and essentially using this, what I would call either security theater or veil of decentralization,
creating enough obscurity that for the average person, they're not going to know any better.
And they're going to think, oh, this thing basically operates the same way as Bitcoin,
it just has these other additional features, which make it even better. And, you know,
that's just kind of one of the things that I think that we need to push back against is a lot of
claims that that all of these altcoins are on the same tier as Bitcoin. And of course,
there's a million different ways that you can slice and dice and try to compare the different
networks and projects and so on and so forth. But to kind of bring it all background of what I was
doing, this particular series of tests is a preferably full history validation of a given
blockchain performance test on a benchmark machine that I built a little over three years ago. So
I've been running these tests for at least three years now. And the it's a very simple,
straightforward test. Can I download a node for this network? Can I download node software?
And can I configure it so that it's syncing the entire history of that network and validating it,
you know, not just downloading data, but actually downloading the entire history
and checking every transaction, every block to independently verify that no
shenanigans have happened on the network. This is the what I would call ultimate security model
that Bitcoin offers. And not all of these other networks offer it, or if they do theoretically
offer it, it is already outside of the realm of possibility for most people to actually do it.
And what I'm referring to there is specifically any quote unquote high performance blockchain
networks. There's really no way around the fact that if you are creating a ton of data,
if you're allowing people to create, you know, hundreds or thousands of transactions per second
on an open network, then the resource requirements in order to validate all of that stuff are just
going to go through the roof. And so what I am trying to understand in a lot of these cases
is, you know, what are the trade-offs that they've made? How expensive is it? Or is it even
possible for a normal user to independently verify that no one is breaking the rules on this network?
And some of these networks are really interesting in how they've set stuff up. But most of the time
what you're going to end up finding out is that they are creating much weaker security models
and doing various things that they will call like fast sync or snapshot sync, or perhaps this proof
of history that you were talking about. They understand that it's no longer feasible to
actually verify the entire history. So instead they come up with a way that it's usually some sort of
semi-trusted, if not completely trusted, checkpoint that is, you know, in recent history. And then you
just download that checkpoint and verify a few attributes about that, and then start rolling
forward. And so with Solana in particular, I think when I tried to run that node, it downloaded
a checkpoint that was about two weeks old. Only took about an hour for my machine to get through
all of that. But then it was never able to actually catch up with the tip of the blockchain.
And Solana was doing like 500 transactions per second. And I was basically watching it get
further and further behind until eventually my machine crashed because it ran out of RAM and
swapped space. And to be fair, my machine does not meet the very high minimum technical recommendations
required by Solana. I was just interested to see how far it could get. But, you know, some of these
other networks I've been looking at, they don't even make the software available. Or if they do,
like I was looking at the internet computer network, because I think it's also gone pretty
high recently in the stats. And they didn't have any built releases of their node software. And
then when I tried to build it myself, the build failed. And then the further that I even looked
into it, it's like even if I am able to build the software, they're not going to let me connect to
the production network. And there's, you know, they have a bunch of reasons behind that. And
they seem to have created a security model for their network that is fairly unique. We've never
seen anything like that. But as far as I can tell, it basically requires gatekeeping by the foundation
that has built this network and this protocol. And I think that that is a common theme that we see
across a lot of altcoins is that, you know, I wouldn't try to put a number on it, but a
non-negligible number of these altcoins are really more like venture-backed startups,
and a lot of the aspects of the network architecture and control over the rules and the
code and whatnot are essentially centralized at a single point of failure, which is one company
that has raised a bunch of money. And, you know, maybe they make various promises or plans about
how someday it's going to become less centralized. But I don't think there are very many good examples
of networks that have become less centralized over time. Usually, it goes in the opposite direction.
So I would suggest that you want to start out as decentralized as possible.
Appreciate that. Yeah, it's one of the things that when I look at, because you often hear these
fantastical ideas and genius thoughts, etc. But then when you go to look at the project
in the get-go, it's like, apply to be a node or apply to be a validator or something. And I'm like,
well, I can immediately strap the bat. That's a red flag for me. And that was, I think, when I
looked at Solana, you had to apply, I think, at the time. I don't know if that's still the case, but...
Yeah, I think it is. And, you know, that's another thing, right, is that as far as I'm aware,
basically none of these high-performance networks are proof-of-work based. So they tend to either be
proof-of-stake or some sort of proof-of-authority. This is why you find the gatekeeping coming into
play. Because if it is basically setting up some sort of white-listed consortium of validators,
I think that that's kind of like the ripple model. And I think that a number of these other
networks are essentially doing the same thing. Then, I mean, this is basically just a new type
of social consensus, except, you know, you have what is essentially a cabal that is saying, you
know, we are allowing these people to be a part of our social group. And if anybody else wants to
join, then you have to convince us to let you in. And that sounds eerily familiar to some other
systems out there. So I don't know. I mean, obviously, the market has said that there is
some value in these things. I just think it's not what I value. And I don't think that they're
going to be able to offer the level of permissionlessness and censorship resistant that
we can find in Bitcoin. A lot of these proof-of-stake blockchains, they have a lead investor,
which is like a hedge fund. And the hedge fund will buy up the majority of the tokens so that
they can stake and that they can control the governance. And then once they've pumped it,
they'll dump the tokens on retail, and then they go find another one to repeat the process.
Yeah, I guess with Algorand, I remember when I discovered it, I thought, oh, this seems like a
really cool idea. It seems to work efficiently or whatever. And then I read into it. And on their
own website, they admitted quite a few faults. Their entire white paper was built upon the fact
that two thirds of the validators, I think more than two thirds of the validators, were completely
honest. I'm like, well, that's quite a lot of people you have to believe are completely honest
just to make this thing work. And so I remember bringing it up with some Algorand people on
Twitter. And essentially, it just got shut down. But yeah, I guess there's a lot of that in the
altcoin space, especially the proof of stake. Well, I was just going to say, you can create
whatever security model you want. And if you can get enough people to buy into it and believe that
it's safe, then you can accrue a decent amount of value. And maybe they are safe, as long as
that hedge fund behind it keeps holding on to all of the governance tokens and doesn't act poorly.
But that's so similar to the existing system of everything works fine until it doesn't.
And you've created so much systemic risk that the potential for this edge case catastrophe
is just constantly looming overhead. And unfortunately, unless that actually happens,
it's really hard to argue with people that they should be more worried about it.
Can you tell us what's new with CASA?
Let's see. I mean, the most recent thing that we've rolled out is our most highly requested
feature, which is sub accounts, basically letting people reuse their existing hardware devices to
create separate buckets, to be able to manage their Bitcoin. This is a common request for people who
they may have different Bitcoin from different sources or have has different cost basis,
different tax implications, or maybe some of it is owned by different entities. Just things
that you need to keep logically separated. We've managed to build that into our system,
the tricky thing, I think, compared to a lot of other wallets that make it possible to create
various sub wallets is that we have essentially a key rotation feature in CASA so that if you
lose a device, you can actually swap it out, go buy a new one and plug that one in. And that was
one of the things that created a lot more complexity for a feature like this is because
now, if you do that, you're going to have to do more than one Bitcoin transaction, essentially,
in order to migrate those funds over essentially from the old set of keys to the new set of keys.
And we want to make that as seamless and user friendly as possible. Looking forward,
we're excited about some of the new hardware devices that are coming on the market.
In particular, the thing that excites me from a usability point of view are the air gapped
QR code based devices, where you're not even going to have a USB cable to have to plug them
into anything, but rather, there's a camera built into the device. And all of the data gets
exchanged back and forth via QR code standard. It appears that we have landed on the blockchain
commons standard for animated QR codes. They have a 1.0 and a 2.0 version. The 2.0 version
is much more performant. And I'm hoping to see all of these hardware devices in the future.
All of these hardware manufacturers essentially add support for that. So when I talk about
these devices, some of the examples are Keystone, formerly known as Kobo, Blockstream, Jade,
and Foundation, I think are three of the first ones that are coming out.
Now, a downside I think that we're seeing is that because these devices have more hardware,
they're going to tend to be more expensive, at least early on. So some people may be a bit
off put by the higher price point on some of them, though I think Blockstream Jade is quite
inexpensive. But I think that this is going to really be the next step forward in air gapped
private key management. And so we're looking forward to being able to support as many of
those devices as possible with CASA, because one of the bigger pain points that our clients
experience is having to plug in a device to their computer and do the signing there, because
it's basically a lot of complexity. You know, different operating systems, different browsers,
different network settings, there's just so many things that can go wrong when you have to plug
the device into the computer. We feel like being able to get rid of the computer completely will
make the user experience a lot more seamless, it'll make our support load a lot lower. Looking
forward more to next year, that's when we're thinking about things like Taproot support,
thinking about possible, you know, more complex type of Bitcoin scripting. I think one of the
common examples that I give is something like a gracefully degrading time locked multisig where,
if so many years go by, the threshold requirements for spending from it will decrease.
This is theoretically, it's doable today, but Taproot will make it much more private,
much more performant, because you won't have to reveal those scripts unless you actually use them.
However, there's a number of trade offs because you end up creating
redeemed scripts that have nondeterministic data in them, and whenever you start doing that,
that means your backups are going to have to be essentially refreshed every time you generate a
new address. So I think there's still a fair amount of work and perhaps some new standards
that will need to be formed around that. Everyone's excited about Taproot and being able to create more
complex scripts, but I gave a talk at the MIT Bitcoin conference actually last year where I
was warning that we need to be careful as developers not to backslide and not to throw out
all the cool stuff about having deterministic wallet backups just so that we can have fancier
type of Bitcoin scripts. So still, I think a fair amount of work to be done, even at the protocol
and wallet standards level for that stuff. It's a two-part question. I guess the first part is,
I'd really appreciate if you could just give a really quick summary of what we do, basically,
and what the product is, because obviously people out there listening can understand that,
and maybe if they're interested, check it out. And then the second part of my question
was, I guess, where did the idea come from? What sparked the idea in you, I guess, to go ahead and
work on it, basically, as a project? Yeah. So the very short version of CASA is that we help
people secure their Bitcoin. And really, what we're focused on is people who have a significant
amount of Bitcoin. So we are aiming to provide a level of both security and redundancy and
robustness, not only against attacks, but against all forms of loss. Because to be quite honest,
even though I think what you probably hear about in the space is various thefts or criminality,
the majority of times when people lose their Bitcoin, it's because of their own mistakes
and simply just losing the keys due to ignorance or natural disaster or what have you. And so
what we've built at CASA is a system that its main goal is to eliminate single points of failure,
so that you can't shoot yourself in the foot and make one mistake and have that one mistake
be catastrophic for your Bitcoin holdings. The way that we do that is with multi-signature
technology, which means that when you deposit your Bitcoin into your CASA setup, you cannot spend it
with a single signature. We have multiple different ways of doing that. And so we're trying to
have multiple different setups with different levels of security. Some of them require two
signatures, some require three. And then the key set is distributed as well geographically so that
if your house burns down, you don't lose all your keys. Really, you should be having your keys
in multiple different places. We recommend like home or office or safety deposit box
for our premium tier customers that generally have a three out of five key set. Then they'll
have one key on their phone and three different hardware devices of different manufacturers
so that you're not creating a single point of failure with supply chains or software or hardware.
And then all of those will be in different secure locations that are as far apart as you want.
There's a fair amount of flexibility and customization that can come into play.
You know, it's all about trade-offs between security and convenience here.
And then finally CASA will hold one key offline, which we then have our own recovery procedures for
if you want to request a signature from CASA. You'll have to hop through various types of
authentication depending on what type of client you are. But the whole idea here is that if you
lose one of your keys, that's fine. You still have a threshold of keys in other places that you can
use to spend those funds and then perform a key rotation, like I said, where you just go buy
another device and plug it in and essentially reconstitute your key set. So that's just like
a really high level, but we do a lot more than just provide the software. We're also really high
service level components. So especially at our premium tiers, like we'll actually get on the
phone with our clients and walk them through things. We even have emergency phone call support,
emergency like big red button in the app if you want to lock everything down and you think
something has gone wrong. And it's really about peace of mind, I guess, from a sales standpoint,
the people who come to us are the people who have a lot to lose. And they, in many cases,
don't feel comfortable with the really high learning curve of setting up your own key
management system. Now, the beauty of Bitcoin is that no one can stop you. You're free to
do everything yourself and essentially recreate the same type of setup. But I would argue that
we've made things very streamlined and it's possible for a novice to come in and essentially
get onboarded in a number of hours, even if they're not familiar with the Bitcoin multisig
or not familiar with different Bitcoin hardware devices. So I think that this is a necessary
requirement in order for Bitcoin to really go mainstream and do it in a way that is not
recreating the banking system where everybody is keeping their money on third party custodians
and exchanges that for me to help people help themselves is a way for me to actually strengthen
the ecosystem as a whole to help reduce the systemic risk of too much concentration of Bitcoin
in the few hands. So it is a personal mission, I think, for me to try to help protect the whole
system by helping individuals empower themselves. And it's also it was spurred on by a personal
need where I had been working at Bitco for three years doing multisig enterprise, private key
management, helping secure exchanges and other large providers. And I realized that my own cold
storage setup was just really onerous. And I was spending essentially a weekend every year updating
my cold storage. And I felt like, you know, if I'm supposed to be the expert, and it takes me this
much time to do it right, or at least to follow the best practices that I consider to be important,
if you're trying to secure large amount of funds, then I felt like the vast majority of people were
not going to be able to go to that length. And so helping lower the bar of requirements, helping
get the steepness of the learning curve a bit flatter is really just going to be good for
everyone. And if we can run a profitable business while we're doing that, then great. But even if
not, then it's going to be helpful for the ecosystem as a whole.
I gotcha. I appreciate it. And so kind of came from fixing a problem that you kind of forsaw for
yourself or something that was, you know, a pain point or a frustration, you know,
it was, you know, a pain point or frustration. And then realizing, well, obviously, that probably
impacts a lot of other people or will do anyway. So building that out for them and offering that
as a product. That's pretty cool. I appreciate the answer. And well, I guess we've also been
going for about an hour approximately as well. I don't know, Ricardo, did you have anything
else you wanted to ask? No, no, I'm good. Thank you for
participating in the interview, though, Jameson. Yeah, I really appreciate your time and,
and also some of your answers. You've kind of brought light to quite a few things I've had,
I've wondered. So I really appreciate it. You bet. Thanks for having me.
And also thanks to everyone out there listening. And yeah, if they have any questions, obviously,
feel free to send them through to myself or Ricardo, a bit of a refilm. We can always
try and pass them on to Jameson or answer ourselves. But yeah, I appreciate,
appreciate everyone. And everyone have a lovely day, evening, morning, afternoon,
week, whatever it is where you are, take care and buy Bitcoin.