Hello and welcome to the Bitcoin Dad Pod. Today we're listening to an interview I recorded a few weeks ago with Jameson Lopp. It took a while to release it due to some circumstances, and I'm glad I did because a lot has happened since then and it's kind of changed my perspective on speaking with him. When I spoke to Jameson, I have to admit that I was almost surprised to discover how un-maximalist he was in terms of Bitcoin culture. He's really, in my opinion, a technologist first, and he's stuck with Bitcoin not because of any sort of religious promise or overwhelming belief, but rather on the merits of its technological abilities for advancing human freedom. That's in retrospect incredibly positive and cool. I think that Lopp has a nuanced view of blockchain technology and maybe some points that he makes are not immediately obvious if you're at the beginning of your journey. But listening to him at this point, I'm very sympathetic to his views on keeping an open mind and being a lifelong learner, as well as some of his more practical thoughts about professional certifications surrounding Bitcoin and the stages of multi-sig security. I hope that you find this interview both intellectually interesting and also practically useful. Today, I am speaking with a cypherpunk legend, Jameson Lopp. Jameson is an early Bitcoiner, a technical guy, and he has produced a massive body of articles on Bitcoin technology, adoption, security practices. His website, Lopp.net, is an incredible resource for new and old Bitcoiners. I've used it a lot myself. He also has musings on privacy, on security, and a whole host of other ancillary topics that are of interest to Bitcoiners. Before we begin our conversation, Jameson, is there anything else you'd like to talk about your journey from a technologist to a Bitcoiner to a old Bitcoiner? Sorry. You know, it's actually something where I see a number of parallels with other things I've been interested in over the years, sort of being a technologist and being on the forefront of new things that are coming out. It's funny how quickly you can become an OG in technology if you are on the bleeding edge. And so I've done that before with web app, software as a service development. I've done it before with big data back in the day about 13, 14 years ago. And I've seen these communities build up around technologies and been able to be a part of early adoption. And you never know how the technology and the ecosystem around it is going to evolve. But what I found is, as long as you're a lifelong learner and you keep pushing yourself and pushing the boundaries of whatever it is that you're interested in, it's actually very easy to become an expert or be considered an expert in something after only a few years of being in it. If you get in early and you're basically so far ahead of the curve that everyone else starts looking to you for answers. So this is mostly, I think, an aberration for me because I've stuck with Bitcoin for 10 years, whereas most other technologies you maybe spend three years, five years, whatever, and then something new and shiny comes along. And perhaps that's something interesting to talk about as well, because there are certainly many other crypto and decentralized technologies that have come along. And yet, while I've tried to learn a little bit about them, I've never felt that any of them were quite so compelling that I would want to abandon my journey down the Bitcoin rabbit hole. That's really interesting, because I would say that people who onboarded in this cycle, the 2020 to 2022 cycle, or even the earlier 2017 to 2018 cycle, sorry to generalize, but I feel like there is a Bitcoin first, Bitcoin maximalist identity that almost precludes looking at other projects too closely. But it sounds like after 10 years in Bitcoin, you have looked at other projects and evaluated them and found Bitcoin to be something that's enduring and interesting into the future. Can you comment on that, perhaps, difference in perspective towards other projects? I think that you shouldn't necessarily turn yourself off from learning about other projects that are happening. The maximalist thing is definitely something that I think can trigger a lot of people, and in fact, gets me a lot of flack as well, because I am a technologist. I am interested, I would say, in any technology that helps empower people. So, cryptographic-based technologies are, I think, one very important way that we can do that today, because we're really giving this defensive asymmetry power to individuals to really push back against larger centralized entities that often can manipulate various systems that they control at their whim, at the detriment to individual users of the systems. So, I do experiment and play around with and try to learn about some of these new crypto-based technologies, and I do find some of them interesting. But on the other hand, I do find a lot of them are very scammy, though that's a trigger word as well. They're not all necessarily scammy in the sense that there's one actor or one entity that's trying to rip people off. Some of them are scammy, I think, more from a sense of the people behind the projects are kind of scamming themselves. They're a bit delusional in what they think they're going to be able to accomplish. But it gets into a really gray area that can make a lot of people very angry, and often is a result of me getting raked over the coals, usually a couple of times a year, because I talk about some other technology that I think is interesting, and then due to the financialization of this space, a lot of people get triggered and think that I'm saying that a certain technology is an investment that I am recommending, which I certainly never do. - You have a technological perspective and background that allows you to evaluate different projects and technologies, and I suspect that a lot of Bitcoin maximalists do not. And so, I wonder if Bitcoin maximalism is sort of a shorthand for just avoiding getting scammed, because if you throw darts at a wall full of cryptocurrency projects, you're only going to hit scams, or things that don't work out. Obviously, scam is a subjective term. Perhaps maximalism and toxic maximalism has just become a kind of shorthand immune response to the rampant financial speculation and scamminess of the cryptocurrency space in general? - Yeah, I think that a lot of the "toxic Bitcoin maximalists" are not very technical, leaning more heavily perhaps on economic or kind of mimetic aspects of the space. And that maximalism makes sense from an investment standpoint if you're really looking for more conservative type of investments, where Bitcoin is probably the most conservative crypto investment, because it's by far the largest, the most distributed, the oldest, and it has a number of properties that very few other crypto systems have, and arguably some properties that none of them will probably ever be able to achieve. We're kind of talking about how do we talk to newbies about approaching this space, then maximalism is a kind of easy way to wave your hands and say, "Don't spend your time trying to evaluate these other systems if you're not really savvy and can understand all the different aspects." But also, I would say that even despite my own technical expertise, that has not translated into understanding these other systems as investments. And that's because a lot, I would say, this is just kind of pulling a number out of thin air, but probably 80, 90 plus percent of the value of a lot of these crypto token systems are based on speculation as opposed to utility. And there is no level, I think, of technical expertise or understanding that will help you be able to predict what the rest of the world will see within the value of a system. And so, for example, I didn't get in on the Ethereum ICO back in the day. I looked at it, I read all the terms and conditions, and actually when I read through the terms and conditions, I saw that they said that they were not even promising or guaranteeing that they were ever going to deliver any software whatsoever. Now, in hindsight, I know that was all just like legalese and them covering themselves. And there was plenty of other reasons from a technical perspective why I thought it was a poorly designed system, but that didn't prevent it from getting a huge level of adoption. And had I invested in it early, I would have done quite well. But there's multiple ways to look at these different systems. And if you're doing it from an investment standpoint, it's not necessarily going to be from the same rigorous technical standpoint that I would evaluate systems because I'm really, I'm more looking at them from a security and robustness perspective. That's really interesting. And it kind of reminds me of how there's this myth of early Bitcoiners who are these sort of closet OG, they did very well in Bitcoin kind of thing. And that exists to a certain extent. But when we do Bitcoin meetups in the Pacific Northwest, where I'm from, actually most early Bitcoiners are really wrecked in the sense that they were so close to all of these speculations, but then they didn't invest in it because they're not financial professionals. They're early adopters or people who are really interested in privacy technologies or other, they have some other perspective. And so it's really interesting to hear you talk about how understanding the technical details of a system are completely different from understanding the financial implications and the speculative implications of the system. I think you wrote an article called Nobody Understands Bitcoin. This seems to play into that, perhaps. Absolutely. And it's not up to any of the real OGs from the first few years of Bitcoin. There's plenty of well-known stories, of course, like the pizza story with Laszlo. I think he ended up spending 30 or 40,000 Bitcoins for half a dozen pizzas over the course of a few months. And it's because, like I said earlier, there's many ways to look at Bitcoin. And if, for example, you're only looking at it as a way to buy small items from people as a sort of retail payment type of thing, then you're probably not going to want to scoop up a ton of it as a speculative investment. And I've heard countless stories of people who've told me things basically to the extent of something like, "I've snorted $50 million worth of Bitcoin from Silk Road back in the day." A ton of stories like that, because that was one of the main use cases back then. I think the only people who became super independently wealthy were the small subset of people who were looking at it as the digital gold store of value type of use case. And they were the ones who avoided spending it and avoided the huge temptation to trade it as the markets were being really volatile. I would also suspect that the majority of people who were actively trading their Bitcoin probably ended up with far less than they started out with. That definitely tracks from stories I've heard. Now we're getting into a conversation about different perspectives on Bitcoin. And I think you might be familiar with Pete Rizzo's article where he kind of simplifies Bitcoiners into three categories, monetary maximalists, platform maximalists, and network maximalists. I'm wondering if you can talk about your perspective on these flavors of Bitcoin maximalism and which of those perspectives on Bitcoin is closest to your own. I'm not sure if I'm the first one who said it, but I actually wrote a blog post three or four years ago. It was actually in response to the INX token drama that happened because I'm an advisor with the INX exchange. And they spent several years creating and eventually releasing a regulatory compliance security token. And that was one of several different events over the years that has triggered a lot of people and made them claim that I'm not a Bitcoiner or I'm not maximalist enough or whatever. And one of my conclusions in that article where I was talking about the token and its dynamics and why it was not like your standard 2017 ICO token was that I believe that there will be innumerable crypto tokens out there and they will have many different uses. And I don't believe that they all necessarily compete with Bitcoin. There were certainly people who said, well, you could have done this token on the liquid network or on RSK or whatever. And there were reasons why that didn't happen, but they theoretically could happen. And I don't think that it would really make a difference either way which technological platform a regulated security token exists on because ultimately a security token has a single point of failure, which is the company that is issuing it. So there are many different tokens. There are going to be more than I think anyone can ever imagine. Some of them will hopefully have unique utility. Obviously, a lot of them I think are just going to be complete scams because this is the nature of free market where anyone can create anything they want and can basically hype it and market it. And the scammy ones may do well for a little while, but over the long run, value is only going to stay in the systems that truly provide long term value. So coming back around to maximalism, like one of my other beliefs of why maximalism is sensible is because I've worked for a company that went from being Bitcoin only to supporting pretty much every token under the sun. And I saw that there is friction in the sense that there's overhead for how many different assets that you as an individual are managing or even you as a company and the infrastructure that I was having to manage. And I don't think that the average person wants to own or keep track of more than maybe a dozen assets. So while there will be tens or hundreds of thousands or millions of different crypto tokens out there, it's going to be a very long tail. And I think the vast majority of people are only going to have a handful of them or they may the vast majority may only have Bitcoin. It sounds like your experience is that we're in a multi chain, multi coin world just probably because of the incentives of creating new assets and live with it. The idea that Bitcoin necessarily consumes or out competes all other crypto projects to the point where they don't exist is probably a philosophical point, not a practical one. Yeah, because there's a reason why a lot of these systems are more centralized. There's always pros and cons and trade offs. And something, for example, like a Solana, which is meant to supposedly be highly scalable, it's also run by a fairly small network of administrators that it's small enough that they can essentially coordinate with each other. And that's certainly helpful when things go wrong. And a lot of things do seem to go wrong with that system. But the trade off is that you don't have some of the same guarantees and robustness. And I would say, you know, things like nation state resistance, when you can point to a small group of people that is effectively controlling a whole network. Now, you wrote an article talking about Bitcoin as a trust anchor. And I've personally experienced this because one thing I did was to use Peter Todd's open timestamp projects to anchor a novel I'm writing or an early draft into the Bitcoin blockchain. And this is actually a way of establishing copyright, because in the past, writers would take an early draft and mail it to themselves, and they never opened that envelope, just in case there was ever a copyright dispute, because then they could go to court and they could show this sealed envelope with a mailing stamp date on it. And this established time and time of creation of a manuscript. Can you talk about Bitcoin as a trust anchor and using Bitcoin's immutability to anchor things in time? It all comes down to using cryptography as magic. The cool thing about open timestamps is it has this roll up mechanism, which is what I think a lot of systems that anchor into Bitcoin would essentially be like, where unlike some other systems, you know, you're like your EVM based systems where people tend to put like all the data and all of the, I should say, state transitions into the blockchain itself. That is not as scalable. It means that everyone who wants to validate the state of the system has to validate every little thing that anyone has ever done. Instead, you can use fairly simple cryptographic data structures like Merkle trees, which is just a bunch of hashes that are arranged in a tree shape so that you don't have to put all of that data into the blockchain. You can put one hash into the blockchain and then you can cryptographically prove that any other hashes that are directly related to your data are in fact directly cryptographically linkable to the one hash that's in the blockchain. So you can do that with really any system. You can create a complete other blockchain and network system and you can then have it on a regular basis, put a cryptographic hash, which is essentially a fingerprint, not necessarily a checkpoint, but it is a way where someone can then take all of the other data related to that system and cryptographically verify that the system has had the state transitions that you expected it had and that you're not relying solely on the security properties of this other system, but you're also getting the additional security properties of the Bitcoin network because the Bitcoin network has those different hashes that are kind of like fingerprints or checkpoints between different timestamps or snapshots of this new system that you're anchoring into it. So you don't need to have a distributed network. You don't need to incentivize people to run many nodes and spend a lot of resources on establishing immutable proof of work to create a time chain. You just take Bitcoin's time chain, you pay a little Bitcoin in transaction fees to anchor your data into that chain, and then you point back to it. And we all know that rolling back the Bitcoin blockchain and changing that data is just not economically or physically possible. So your system inherits that trust, essentially. Is that right? Yeah, pretty much. You know, we're talking to really high level here. There's many different ways you can implement any of these systems. But from my perspective, what it all comes down to is, do you provide the means whereby someone can take all of the data from your system and then you cryptographically verify based on these hashes that you put into Bitcoin that everything lines up and that no one has been screwing around with the history of what has happened in the new system? If I can go on a small aside, you mentioned that Ethereum layer twos deposit their data on-chain, which requires Ethereum nodes to validate it. By that logic, are Ethereum layer twos actually scaling Ethereum if they're still adding to on-chain data? How do you think about that? Well, any layer two has what I would say is like the capability of scaling. So the zero knowledge roll ups on Ethereum certainly have the capability of scaling because you can do more on the layer two and you don't have to put everything, all of the activity on the layer two back onto layer one. Similar to the way that Lightning Network works, where you anchor into layer one and then you can do a lot of stuff on layer two without having to settle back to layer one. The scalability of these systems really comes down to how much activity are you doing on the layer two versus the layer one. I think of it almost as like a ratio of like you're creating one transaction on layer one. Well then are you doing one transaction on layer two, 10 transactions, 100, 1,000, 10,000 because that's kind of the magnifier effect of the scalability properties of that layer two. Right. I guess what I'm getting at is that the Ethereum roll up solutions, they seem to require keeping all of the layer two data for validation. And so over time, it seems like the data requirements increase. And I mean, I see in their new roadmap, they're talking about how to safely throw away this data. It just seems, I don't know, very fragile. It's certainly not the way that Bitcoin would do it. You mean if you also want to validate the layer two activities? Well, my understanding is that with ZK roll ups, you create a proof and the proof can be validated very easily. But if you want to use the roll up to perform additional transactions, then you need the data that also produce the proof. Yeah, I mean, I think that's also, I mean, that's somewhat analogous to Lightning. It may not be quite as individualized. Right. So for example, when you're doing Lightning transactions, you still need to keep every state change, like every HTLC for any of your channels where any payments are sent or received, like in order to be able to then make another transaction, you need to know what the previous channel state was. And this has been something that the Lightning teams have also been continually optimizing. In fact, like with the recent LLD release, I was hearing that some people who had a channel database sizes that were like 30 gigabytes have seen them shrink down to, I think, a few hundred megabytes as a result of some of the optimizations with how much of that off-chain data needs to be stored. But the cool thing about, I think, any of these second layer solutions is that they tend to be a lot easier for you to improve because you don't have to get consensus from an entire network in order to make changes. Right. That's a good point. Now, one thing we discussed before we started recording was Bitcoin cycles. And we're currently in a cycle that seems to be trending downwards. And my listeners and my co-hosts are really enjoying this. We have the popcorn out. We're enjoying all of the highly speculative projects and platforms that misrepresented their fundamentals. They seem to be exploding. And this is always a moment of intensely satisfying schadenfreude for those of us who didn't participate in the hype cycle. Obviously, everyone who did is in distress and that's too bad. But this happens time and time again. Now, one thing I'm interested in is your perspective, having lived through so many cycles, on what gets thrown out every cycle and what technologies or ideas remain and grow. And your thoughts on that. The technologies that don't make it tend to be the ones that have weak fundamentals. Perhaps they have weak security properties and they get completely demolished. Or in the case of some of the things that we've been saying with various algorithmic stablecoins blowing up, these are the systems that they may work well in theory in the happy cases, where the various variables that are inputs into the system remain within tolerable ranges. But when there's high volatility or when actors come in and they really push the envelope, if the system gets pushed past the breaking point, then the real question becomes, is that enough to cause a loss of confidence in the system and cause people to stop working on it and investing resources in it? Or is it something where people look at it and say, "Oh, this is a learning experience. We can fix this, improve upon it, and soldier on." Any of these crypto protocols, networks, whatever, I believe they're very hard to kill. You really have to crush people's optimism and belief that the system is going to be able to work in the long term. Because if you want to kill one of these systems, you basically have to cause everyone who is interested in it to become apathetic. That's how the system dies. And this is what I've said to a lot of people when they say, "What is Bitcoin's greatest threat or greatest weakness?" And I usually say it's apathy. Because it's once all of the Bitcoin proponents become apathetic and stop trying to work on it and improve it, that is when the system will stop improving. And when it comes to software and networks, if you're not improving, you're degrading. And so eventually, everything is going to fall apart. So there are systems, plenty of systems that will get crushed but bounce back from this cycle just like any cycle if they have a sufficiently motivated group of people behind them. But the systems that aren't going to make it are going to be the ones that have failed so spectacularly that nobody thinks it's worth their time or money to continue trying to work on them. So there's some of that in every cycle. And of course, it comes down to, I think, fundamentals. And every system is different. So we're kind of talking very generally and hand-wavy here. Yeah. I mean, one thing I was thinking about just because I've lived through these cycles is how in 2017, there was this ICO boom. Most of them were using this lazy ERC-20 standard on Ethereum. And then this cycle, it's pretty clear that ICOs on Ethereum never work out. So we didn't see too many of these ERC-20 coins, though we did see a few come up this cycle. But the new hotness was DeFi and NFTs, which was funny because NFTs, of course, had been a thing that had been discarded from Bitcoin in an early Bitcoin cycle with the CryptoPunks and things like that. So I was sort of getting at that idea of how every cycle, there's kind of a new hot idea. And then later, maybe it shows up again and maybe you see some potential in these currently overhyped ideas. Yeah. I mean, that's because this is not all about technology. Really, like I said early on, being able to evaluate the technology does not mean you'll be able to evaluate the investment potential. And so there were, I guess, like the MasterCoin and Omni protocol on Bitcoin like eight years ago, maybe six or eight years ago, where there were like rare Pepe's Bitcoin NFTs that were using the opportune functionality on Bitcoin. And I found that amusing at the time. I never got into it. I suspect there were probably only a few thousand people who were even interested in Bitcoin NFTs. And then we saw, I guess you could probably say that like CryptoKitties was probably the next big NFT kind of incarnation, though it had some other aspects to it that kind of gamified it in 2017. And that became such a huge thing that it actually like bogged down the whole Ethereum network on a number of occasions. And then the marketing and narratives on NFTs continued to get honed and refined. And we saw another kind of evolution of NFTs this past cycle. And now it's on the downtrend and we're going to see which of these projects is going to be able to last. I'm sure at least a handful of them will last and considered to be kind of like OG NFT, good, valuable art projects. But there's, as usual, there's going to be this long tail of projects that were just riding on the coattails of the wave that are going to lose so much interest that they're not going to be able to retain any value and they're going to die because nobody is going to spend any of their resources even playing around with them anymore. Which brings us back to your idea that what really kills Bitcoin is apathy or what really kills these technologies is people no longer interested in them. And I think that kind of gets to the complexity of what we're dealing with, because these are social technologies. The code on the blockchain, which is running on nodes, is a software approximation of the social consensus of the network. I think that's something you said before. What are these protocols doing? They are creating machine consensus, which, well, it's meant to reflect the meat space consensus of whatever it is that any given system is supposed to do. So we get into interesting situations where we find conflicts between the machine consensus and the meat space consensus. And then also when there is no longer any meat space consensus of interest in continuing the machine consensus, that is when the network dies. Now you've talked a lot about potential new technologies. Can you share any technologies or applications on a blockchain that you think have promise today or you see future development in? Well, the sort of self-empowering functionality that these cryptographic protocols give to us are the ability for us to manipulate a database with very special properties. And we can manipulate that database solely off of signing transactions, aka state transition functions with these private keys. That gives us all kinds of interesting attributes, which people will refer to as permissionlessness and immutability of the data and so on and so forth. To date, that has mostly been used to just sort of update records of ownership of crypto assets on these different blockchains. So I think what's interesting at a very high level from what we can do with these protocols is we're essentially creating a new economy that is devoid of gatekeepers. A lot of the pessimists or the haters out there you'll find are constantly talking about how crypto is basically going through the entire history of human finance, but at a like 100x or 1000x rate. So it's relearning a lot of the mistakes that happened over the course of human history. I think that's apt, but that doesn't make me pessimistic. I think it just means that we're getting to the point where we're going to surpass what the traditional financial system can do. We already have in a number of ways, but not in every way. One of the missing pieces from all of that, I think, is the idea of reputation. Reputation plays a very key role in a lot of aspects of finance, and we haven't really been able to do that in the crypto ecosystem because if you're staying purely within the cryptographic protocols, then there is no concept of identity, government identity, and then the reputation and credit scores and various risk factoring that happens in traditional finance. I think that one of the root missing pieces to being able to continue to surpass what you can do in traditional finance is to have this concept of identity within these new systems. Of course, this is going to be a very different type of identity. It's not going to be a government-assigned identity. It's going to be a self-attested identity, perhaps a sort of web of attestation identity where you're initializing your own identity or even multiple identities, and over time, your interactions with other people and other identities in the space will then add or remove reputation from your own identities that you've created. And then you can point to those and cryptographically prove that you are somewhat trustworthy when you're seeking out other types of financial opportunities. This is really interesting because on the one hand, the lack of identity in digital asset markets means that a lot of decentralized protocols like MakerDAO require over-collateralization of lending. And this means that I don't really care who you are. I'll lend to you if you over-collateralize the loan because I don't need to trust you. I'll just take your collateral if things don't work out. Obviously, this is capital inefficient, and so this almost gives rise to the algorithmic stablecoins which promise this magical blend of capital efficiency and somehow it magically always maintains a dollar or something like that. But I think there's another side to this, which is some criticism of Bitcoin and things that are happening in the crypto space include an idea of the lack of privacy, the blockchain panopticon, or being a peasant on the blockchain. I've heard these terms all thrown around. And I wonder how digital identity becomes something that improves human freedom and potentially privacy without sort of centralizing identity and being used as a tool to surveil and control people's interactions on these open systems. Well, yeah, I mean, as usual, I think we're going to see a whole spectrum of different implementations and cryptography at a fundamental level is a double-edged sword. I would say if you look across the ecosystem, the vast majority of usage of cryptography and these protocols is using the attestation aspects where you're creating digital signatures, you're using public-private key cryptography to prove ownership and prove transfer of ownership of things in the system. The flip side of cryptography is, of course, using it to actually encrypt data, using it for privacy purposes. And there's only a handful of protocols or functionality within these systems that is using that side of things. And so that's why there is a huge potential for the Panopticon, as you'd say, because a lot of these systems are quite surveillable. And in an optimal scenario, the default for using any of these systems would not be broadcasting all of your data to the entire world. Unfortunately, there's some trade-offs there. And I think that's one of the reasons that Bitcoin base layer protocol has not implemented stronger default privacy. One of the trade-offs is that it tends to require a lot more data, and so it's less data efficient. That creates issues around scalability. The other is that it can make it difficult to fully audit the monetary supply, which is one of the most sacred properties within Bitcoin. And so that's why I think we see more potential of privacy improvements coming in at layer two solutions. Also, because you don't need consensus, as we said, to make improvements on second layers. Now, if you don't mind, I'd really appreciate your opinion on some second layers that exist. I mean, if you're willing to share it. In particular, one second layer that I found interesting has been the liquid sidechain, the implementation of confidential transactions, the ability to create additional tertiary assets on liquid seemed interesting. It seemed to me like something that might absorb, I don't know, brokerage accounts or something in the future. Of course, liquid has some security trade-offs. It's a federation. And so a federation is custodying the Bitcoin on layer one, and then users of liquid have to trust that the federation will allow them to peg out of liquid Bitcoin back into Bitcoin. Have you looked at this system and do you have thoughts on its efficacy, its trust, its security? Yeah, I mean, it is a federation, similar to RSK. I guess kind of stepping back one level, like just talking about sidechains in general, we still don't have what I would say is like the holy grail of sidechains, which is the trustless two-way peg, which is something that was, I think, briefly mentioned in Blockstream's sidechain paper back in like 2014 or something. And so unfortunately, your default sidechain is a federation, which is basically a multi-sig pegging mechanism for converting Bitcoin into whatever that sidechain's Bitcoin peg token is. And so as a result, that's never going to have quite the same security model or trust minimization. But if people are willing to accept that security model, then of course you can take advantage of much more functionality, scalability, so on and so forth on these other systems. So why hasn't it taken off? That's some interesting speculation, I guess. Maybe it comes down to narratives and marketing. It's hard for me to say what the average person even thinks about these systems. You and I may find confidential assets and confidential transactions interesting, especially if we're talking about privacy. It seems to me that the vast majority of people just don't value privacy at all. And so while we find these systems to be valuable, they don't get a lot of adoption because it's just not a big selling point. This kind of comes back full circle to the whole issue of scamminess and hype and stuff in the space is that it seems to me that the mainstream person is going to be far more enticed by marketing and narratives that are essentially get-rich-quick schemes, as opposed to secure yourself and keep yourself private from various attackers that they never even think about type of schemes. Has the average person changed in your 10 years in Bitcoin? Or has every cycle of Bitcoin hype and then dump resulted in the same sort of get-rich-quick schemes dominating the space during the bull market and then deflating during the bear market? Do you see, to use a startup term, consumer training? Are people changing with every cycle? Or is it the same old, same old? Yeah, people are changing in the sense that every cycle, these technologies become easier to use. And I mean, that is really what my focus has been on for the entire time I've worked in this space, though I've only really focused on self-custody and private key management. But across the board, all of these technologies continue to get easier to use. The user interfaces have lower and lower bars that you have to jump over from a technical sophistication standpoint. And so the result is that the level of sophistication of entrance into the system with each cycle trends lower and lower and lower, which means that they care less about the ideals, the fundamental values and whatnot, and they probably care more about being able to click on something and feel like they're going to make a lot of money off of it. Sorry, I jumped ahead. To return to the holy grail of sidechains for a moment, the idea of a trustless two-way peg, the ability to move Bitcoin trustlessly into the sidechain and then to move the sidechain asset trustlessly back into Bitcoin. These would be transactions at a protocol layer. There would be no exchange or intermediary. It would just be a permissionless transaction both ways. The only implementation of this that I'm familiar of is Paul Stork's drive chain concept. Have you looked at this proposal? Do you have thoughts about it? And are you aware of other proposals for a trustless two-way peg construction in Bitcoin? Oh, absolutely. Because I think he's been writing about that probably since 2015 or 2016. And I think a lot of people would push back on saying that it's trustless. I think one of the major criticisms of drive chains, if I recall correctly, is that what it really does is it puts a lot of the game theory onto the miners to cooperate and act somewhat honestly with regard to the drive chain pegging mechanism. However, at this point, I think it's something that's worth trying. And it seems to me like Paul's not giving up on it and that there are other people that are interested in it. And I know that they have had some testnet drive chains up and running for a few years. But once again, there's kind of the question of apathy and adoption and whatnot. So no one can stop anyone from trying to get some drive chains out there in a production setting. And I'm certainly interested to see the continued evolution of it. Great. I actually have one more question about a project that you're involved with, the Bitcoin Certified Professional. I'd never heard of that before. I'm an advisor on the CIFOR cryptocurrency certification consortium, though I've been focused more on their new auditor exam. The whole idea there is that CIFOR has been around for quite a few years and it's really meant to be a set of best practices and standards, generally for enterprises, custodians, to say these are the different ways that you should be managing your private keys. It's all been good and well, but there's never really been any attestation around that. And so what we've done now is we've created a path for people to be certified as auditors for those standards and then essentially be able for enterprises to pay to be audited and then be able to finally have some level of attestation that different custodians are actually following best practices. And there's like three different tiers of best practices that you can get audited for. And of course, the higher tiers are much more onerous, but much more sound against a variety of different attacks. The Certified Bitcoin Professional thing has been around since the inception of CIFOR. And I think I originally took the exam in like 2016 or so. And I would say anyone who's interested in the space should do it. It's pretty easy. I think it's only about 100 questions. If you've been studying Bitcoin for a few years, you shouldn't even really have to do much preparation for it. It's just an interesting little tidbit certification that someone can claim to have. Yeah, I mean, the cryptocurrency security standard auditor exam actually seems pretty interesting because one thing that my co-host and I, I'm not sure if you're familiar with Chris, he's the creator of Jupyter Broadcasting, which is a network of Linux podcasts. But one thing we've talked about is how the overlap between the Linux community and the Bitcoin community is much smaller than we feel like it should be. And so we're interested in ways to sort of merge these two groups. And this auditor certification, it almost seems like something that you'd get if you were a sysadmin type professional and you wanted to sort of pivot towards cryptocurrency or Bitcoin or something like that. Can you comment on that thought? There's certainly network effects issues here where right now there's only a handful of people who've gone through the auditor exam and are thus certified to even be auditors. And once we have a decent pool of auditors set up, then it's just a question of building more demand around custodians getting audited. The pessimistic side of me says that that's going to be really hard to do because for example custodians have always been able to show proof of reserves if they really wanted to. That was even a feature that BitGo offered for a number of years while I was there. And eventually there was such low demand for it, I think only one or two exchanges ever even actually did it, that it just kind of fell off by the wayside. So it's a tricky question of how do we kind of create a new narrative within the ecosystem that you should probably stay away from exchanges that don't prove that they follow best practices. That's an interesting case. I recall listening to an interview, I think it was CoinFloor in the UK that implemented proof of reserves and they did a very interesting setup where you could demonstrate that your particular account with them was always funded but it revealed no information about other people's accounts. It was very clever. And like you said, I'm not familiar with any major US exchanges that have bothered doing that. Actually Kraken, I think implemented it late last year and I know I went in and I basically ran the attestation for my own account, made sure it worked. But if I recall correctly, it basically required running some stuff on the command line. So 99.5% of people would probably immediately be kind of technically pushed out from being able to do that. Yeah, that's a good point. It has to be very easy for it to gain adoption. I wonder if interest in attestation increases after a cycle where things fail. One interesting aspect of this cycle is that the rise of these DeFi lending protocols seems to increase contagion in cryptocurrency ecosystems and I wonder if exchanges will get caught up in that simply because they offer yield products now which tie in with all of these open lending protocols. Yeah, maybe. I mean, you know, any of the yield generation platforms, they're rehypothecating assets. So they're, from a technical standpoint, they can't prove reserves because they're giving the funds away to third parties. Proof of rehypothecation. That could be a new standard. Yeah, I mean, ultimately, very few people bother to look under the hood on anything and they kind of just take whatever is presented to them on the screen at face value, which is why we're going to continue to see these cycles of people getting burned by poorly thought out, poorly architected solutions. Now that's actually a great quote to end an interview with. It's so dark and kind of fatalistic. Would you like to speculate on the positives you see in the future relating to Bitcoin and these cryptographic technologies that have the potential to empower individuals? The optimistic side is that no one is forcing you to use these custodians. If you're at least interested and sophisticated enough to look under the hood and understand the power dynamics of which of these systems empower you and which of them disempower you, then one of the interesting things about all the stuff that's been going on the past few weeks with all these different protocols and lenders, part, you know, the meme Bitcoin user unaffected, though it's a little bit more complicated than that, really, it's Bitcoin self-custody user unaffected. So those of us who are holding our own keys, while the critics would say, oh, we're losing our money because the exchange rate is going down. If your unit of account is Bitcoin, you're not losing anything. We're just kind of standing by the wayside watching all of these other things burn down. And meanwhile, we're presented with an opportunity to perhaps pick up the pieces of some of these gamblers who have lost everything and have been forced to sell at discount prices. I completely agree. Bitcoin moves from weak hands to strong hands. And I think that the killer technology that will be identified in this cycle is self-custody because there's a lot happening in the wider traditional financial system that really emphasizes how the lack of self-custody, the lack of the ability to withdraw assets to your own custody enables poor behavior by custodians and large institutions that really don't affect individual users of these systems particularly well. And that's why everyone should go to keys.casa to learn how self-custody is made easy. That's a great finish. Actually, I was looking at the Casa website because we have a mix of listeners from beginners to intermediate and advanced. And we've done some episodes on starting self-custody. And Casa has a guideline to sort of determine how much security you need, you know, multi-sig versus single-sig, depending on how much Bitcoin you're holding. Were you involved in creating those thresholds or do you have thoughts about at what point it's a good idea to move from, say, single-sig on a computer to a hardware wallet to a multi-sig with a hardware wallet? Absolutely. I mean, pretty much all of the best practices and advice that is on our website and our documentation has either been written or at least reviewed by me based upon things that I wrote many, many years ago. But I've always put it into like three different tiers. You know, you should have your pocket money, your spending money. That's fine to be in a hot wallet. You shouldn't have more money in a hot wallet than you would carry around in a traditional physical wallet because you might get mugged. Then there's your checking account. This might have a non-trivial amount of money in it where it would hurt a bit if that got lost. This is really an amount of money you should not have on an internet-connected device. So perhaps buy yourself a hardware device so that it's in "cold storage." However, this is probably still going to have some single points of failure where you could lose it. You're probably a lot less likely to get hacked and have it stolen from you. But there's probably some fragility where certain edge cases or disasters could cause you to lose your key material. And then finally, there's the life savings. You have a substantial portion, a non-trivial portion of your net worth in Bitcoin. That's when you need to go to the extreme and make sure that you don't have any single points of failure. That's when it makes sense to start using multi-signature wallets and basically distributing the keys around geographically on different hardware and software so that you give yourself the ability to experience a failure without that becoming a catastrophic failure. And that's what our various multi-sig products provide. Kind of the final tier, which it's not necessarily a different tier, but the final thing to worry about then is inheritance. And that is just mainly tricky because it requires you to walk a very fine line between making sure that nobody can access your Bitcoin versus making sure that somebody can access your Bitcoin if you get hit by a truck. Right. That is tricky. Suddenly all your children collude against you and drain your cold storage. Sort of the worst case, I guess. Yeah. And we've thought about this extensively. We've spent years working with clients on it and we have several different inheritance solutions available as well. Well, thank you so much for a fascinating and wide ranging conversation. Is there anywhere you'd like to hand off our listeners to learn more about you or projects you're interested in? Well, pretty much everything that I have done or am doing is available through lop.net. An alternative domain, which may be easier for you to remember, is bitcoin.page. And that one goes directly to my educational resources, which is great to hand out to any of your friends and family who want to start diving down the rabbit hole. Yes, I actually do that. And I found so many useful things on your bitcoin.page resource list. So I can personally attest to its quality. And that's it for my interview with Jameson Locke. I hope you enjoyed it. And please remember to reach out at bitcoindadpod@protonmail.com or on Twitter at Bitcoin Dad Pod. Or you can always send a boost with a podcasting 2.0 app like Fountain.fm, Podverse or Castamatic. Thanks and hope you come back. Bye. (upbeat music)