The hyper-connected world allows people to really screw around with your life if all they really need to know is some of your personal information and they can start screwing with a lot of different pieces of your life that you're taking for granted. I'm Tor Bear from Enigma, and welcome to Decentralize This. Hello hello and welcome to another episode of Decentralize This presented by Enigma. I'm Tor Bear, I'm the head of growth for Enigma, and on today's episode I am speaking with Jameson Lopp. Jameson is an experienced engineer, he's been working full-time in the bitcoin and cryptocurrency space since 2015, and he's contributed to a number of different projects. He's currently the CTO of CASA, which builds best-in-class key management solutions, as well as CASA Node, which is a bitcoin and lightning node that can be used in your home. He's also the creator of Statoshi, a fork of bitcoin core that aims to analyze statistics of bitcoin nodes. Jameson writes very frequently on bitcoin, on personal privacy, security, and a lot of other topics. On this episode he's going to talk with me about what it means to be a cypherpunk, how his own extreme experiences have shaped his perspective on privacy and security, how individuals can be better incentivized to solve systemic issues, and how CASA in particular is empowering users and enabling a more decentralized ecosystem. Jameson has faced down some really difficult challenges, sometimes on the technical side, sometimes on the personal side, but he's always persevered and he's been an incredible advocate for bitcoin and for decentralization, as well as individual privacy. I hope his story and his vision inspires you like it inspires me. So without any further introduction, here is Jameson Lopp. Jameson, thank you so much for joining me on Decentralize This. I'm thrilled to have you, man. Pleasure to be here. So every episode starts the same way, just quickly, professionally, personally. Who is Jameson Lopp? Well, I am a computer science guy, a technologist who got interested in bitcoin a number of years ago, started some projects of my own to try to better understand it, and eventually found myself working on private key security full time for Bitgo. Did that for about three years and now am doing a similar thing, but even more broadly trying to increase personal sovereignty for people who are operating in this space at a company called CASA, where I am the CTO working on managing a number of different initiatives where we're trying to find the parts of the ecosystem where there's a lot of potential, but it's still too technically complicated for most people to fully realize this thing that bitcoin and public permissionless crypto has offered to the world. I want to talk about all of that. I want to talk about the idea of personal sovereignty. I want to talk about bitcoin and keys. I want to talk about CASA specifically. But I want to start at least by saying you're a self-described cypherpunk, and I want to know what you think that means in your own words. What's the definition? And then I want to know if this was something you think that was nature or nurture. Were you born this way or have things happened to you that have solidified this worldview and identity? Sure, it's an interesting topic, and I actually find it kind of amusing when various media publications put quotations around, you know, self-proclaimed cypherpunk. I've actually spoken about this a little bit because there is no set of credentials for being a cypherpunk. You do have to self-proclaim that this is a philosophy that you believe in because a cypherpunk is just someone who advocates for privacy-enhancing technologies because they believe that greater adoption of privacy-enhancing technologies will lead to social change that will make the world a better place for people. That's the very high-level gist of it is trying to empower people against corporate surveillance, against nation-state surveillance, against any type of privacy-harming technologies that have come about with the rise in the internet age and communication era. It's been very, very easy for us to give up our privacy in return for some convenience, and so it's a very difficult thing to push back against that. It requires some conscious effort, but also there are cypherpunks out there who are trying to make technologies that are more user-friendly so that we can hopefully move towards a world where privacy is the default rather than the exception. As for myself, I definitely was not a cypherpunk until I really got into Bitcoin. In fact, I was kind of an anti-cypherpunk. As much as I hate to admit it, the first eight years of my career, I worked for an online marketing company. They were primarily focused on email marketing, but suffice to say that my job was to perform large-scale data analysis using distributed data clusters, actual Google technology with the Hadoop and MapReduce system of distributed data to process, I don't even know how many petabytes worth of data on a daily basis, in order to figure out various actions that people were taking as a result of these 100 million plus emails a day that people were sending out through our system. I was spending a lot of my time on an industry that I was never particularly interested in. It just happened to provide me with some interesting computer science challenges. Once I got into Bitcoin and the privacy space and I found myself able to actually transition to this industry, it's been a lot more fulfilling since then. It's incredible to see the journey of people who worked in these legacy spaces, because that's all there was. There wasn't a Bitcoin space to discover, it had to be made. So many of the people who are behind so many of these high-profile projects like Casa is now, they've gone through these sort of similar transitions where the reason they're working so hard on the solutions is because they deeply understand the problems having not necessarily caused them, but they certainly were part of the system that perpetuated them. For a lot of people, it seems like that was a big piece of the journey, is being so close to the problem that they felt even more compelled to seek out the solutions and Bitcoin provided a path for them to do so. Yeah, I mean, I think that it's a lot more interesting to be around people who are more ideologically motivated than necessarily financially motivated. It's especially important for this type of nascent space that goes through so many volatile hype cycles is that if most of us were here just because we thought we could make a quick buck then we would probably give up after a 90 plus percent downturn and it seems like crypto is dead and everybody is tired of talking about it. But it's the ideological motivation that gives us the drive to push through the volatile swings. Yeah, I love that in a space that's trying to decentralize trust, it seems like so much of what gets built is the result of this trust that people do have in the motivations of people who have been in this space for years and who have weathered some of these market downturns and stayed committed to the core principles behind their project. And for somebody like you, who's worked on multiple projects, all connected, I think, by this same cypherpunk ideology, I think it's fair to say that nobody really questions your commitment to the space and to the technologies at this point. Just the trolls on Twitter. Yeah, I've met some and that's fair to say. But let's talk a little bit about that. So you have been, you know, the victim of some really vicious stuff and it's coming into the news cycle again, you know, people who have been doxed or harassed and all these other things. It's a symptom, I guess, of the age that we find ourselves in, this hyper-connected age. And we're all potential victims in this case, you know. So I want to talk about a piece you wrote, it was a great piece. It's so long, but so good, a modest privacy protection proposal from last year. And it was full of actionable, you know, calls to action, very thorough. What made you decide to write that piece at that time about personal privacy and steps we can all take to protect ourselves? Well, I refused to be a victim. That's pretty much what it comes down to. I mean, after the incident when my whole neighborhood got shut down by police and it actually went about as well as it could have, it could have ended a lot worse for sure. And I talk about that in another blog post where I basically go through all the details of what happened that day. But I realized that there is this imbalance. It's the result of the internet age and people being able to communicate anonymously with law enforcement, at least in the United States, people are able to expend a very large amount of public resources and basically direct it as an attack at other people simply by saying the right things. You know, simply by using trigger words like hostage or bomb or gun or what have you. And if they hit the right trigger words, then they're basically performing a successful social engineering attack on our law enforcement departments, which have opened themselves up to this type of social engineering attack. So that's one thing that I talked about in my kind of reminiscing post is that, yeah, I definitely blame the person who made that call and harassed me and tried to extort me. But you know, my root cause analysis actually takes it a step further and says, you know, it's actually law enforcement that is creating this exploitable vulnerability. So we shouldn't be surprised that people are exploiting it. Oh yeah. So the modest privacy protection proposal seems to focus mostly on, like, despite the fact that the weaknesses are with the system itself, it wasn't so much prescriptive as to, like, how do we change these systems? That one was more focused on what can we do as individuals to not become victims. Yeah, and the reason why the post was so long is because I was trying to cover as many different threat vectors as possible. And of course, some of these threat vectors are more common. It's just browsing around on the internet and having all of your data hoovered up by a hundred different advertising analytics systems. Like that's a very common thing that people can fairly easily protect themselves against. And then the other extreme end is what I've done, which is setting up all of these protective legal entities to basically act as proxies to shroud my true ownership and physical location and things that could be used to basically direct law enforcement or other physical attacks at myself. So why is it so important for the average person, and I think it's safe to say you're not the average person, even though in some ways you are, like you're deeper into some spaces that I think have maybe some more bad actors than others, but why is it so important for all of us to be protecting our privacy and concerned about our privacy, even for people who feel like, you know, and this is in quotes, they have nothing to hide? It's quite simply because you can't predict the future and the combination of that with this hyper-connected world that we have created. I think I give an example or two in my post of just normal people who, you know, weren't particularly extreme in their views or their actions, who could make a single poorly thought out post on social media and have a resulting backlash of, you know, millions of outraged people and, you know, once you start looking at the large numbers of people that you can easily reach these days with a few keystrokes, then you start doing the math and realizing, you know, even if only one in a thousand or one in 10,000 people out there has some sort of mental issue that could cause them to try to attack a complete stranger because of something that they read, then you realize that you're actually, you're creating a very large attack surface just by using the internet to publicly broadcast your own opinions. And, you know, some I guess more recent examples around that are really if you look at almost anything in the political space these days, we're even seeing instances of, you know, fairly young children, teenagers, activists who were at various protests and other political actions who are either doing something that gets taken out of context or they're just in the wrong place at the wrong time and something blows up on social media, whether it's a photo or a quick video clip or whatever, and that instantly triggers and outrages millions of people. And that is this triggering action that can result in you accidentally, unintentionally finding yourself at risk of physical harm, of financial harm, and any number of digital attacks and sabotages because of, once again, the hyper-connected world that allows people to really screw around with your life if all they really need to know is some of your personal information and they can start screwing with a lot of different pieces of your life that you're taking for granted. The way I refer to it is with leverage, like we've created a lot of leverage in these hyper-connected systems where a single person can have an outsized impact on another single person or like a network of people with just a little bit of social engineering or misinformation. You know, there are so many, like SIM swapping is another example of something that's happening a lot, specifically in the crypto space. It might happen less often outside it, but inside it, it's not just, you know, it's a threat to your data, but it's also a threat to your livelihood because people are using this to, you know, steal private keys and access exchange accounts and there's a lot of stories of people who have been victimized by this and really the attack vector there is just, if you've got somebody who works at an AT&T store on your side, that might be all it takes to get into somebody's account if they haven't gone through these steps and taken the proper precautions in advance of the attack. Yeah, you know, this is just another problem with trusted third parties and so, you know, the only way that I've found to really guard yourself against that type of attack where you have some sort of account, some sort of system that is administered by a trusted third party, then if you want to take it to the extreme, you have to assume that that trusted third party may get socially engineered, therefore the only way to use them and still be protected is to use them anonymously so that, you know, even if someone does attack that trusted third party, they don't know which account actually belongs to you. Yeah, there's a lot of actionable suggestions like that that you made in this very long post as I said, but one thing that you note at the beginning of the article is that you're looking sometimes at thousands of dollars in costs for putting in these protections for something that's, you know, not certain to happen to you. It's a very expensive form of insurance against yourself. So it's clear that when it comes to privacy, as individuals, we're bearing the costs in more ways than one. There's the cost of, as you're saying, like the data being hovered around the internet by whomever, pretty much everybody at this point, and then there's all of these prescriptions that you're laying out in this article which can be effective but expensive. What can we do to, you know, bring some of these costs down for the individual while still preserving the efficacy of the solutions and do you see any promising solutions that are arising now? I think it's going to be a pretty long road to actually get to like mainstream improvement of all of this. Like ultimately, I think that what needs to happen is we need to break up the data silos. We need, so if you look at Bitcoin and what some of the other public permissionless crypto assets have done is they have managed to strip a lot of power out of the hands of trusted third parties and intermediaries and put them into the hands of the individual. And so Bitcoin did that with money, but if we want to do that for other sectors, then we're going to have to build similar systems whose functionality is meant to do that except for other data, for other important aspects of our lives. And that's going to be a really long road not just to build the technology but to transition to that sort of system because there's so many problems that are hindering adoption, not just like technical scalability problems but usability problems, security problems. This is why I've been working in this space for four years and there are a lot of amazing people who are doing a lot of really cool cutting edge technology that it's really pushing the envelope of what's even technically possible, but I'm still sitting here after four years just doing private key security and management because I think that this is a fundamental problem that has not really been fully solved in a way that is usable for the average person. Yeah, I mean a big focus of our project like at Enigma is this whole data privacy issue and building the technologies around it, but the point of having a podcast, the point of having this opportunity is to kind of tell this story about how hard it actually is to make this stuff get mainstream adoption, and that's not just on a cost basis like making this stuff cost effective for the end user, but just getting into the hands of as many people as possible, making it usable and so on, like that is such a difficult process. And as you said, as we go through these various hype cycles, people not only overestimate the value of some of these technologies or maybe they overestimate the speculative value of these technologies and they're underestimating the amount of time it takes to build things the right way, things that don't have so many attack vectors, things that work, right? And it's like such a crazy position to say like I want these things faster when all that's going to do is make them less secure. Well there's also, there's this fundamental problem that, well, we're trying to solve systemic issues and it's really hard to sell an individual user on solving a systemic issue. And whether that's solving money by creating sound digital money or whether it's by solving ownership of various data so that they don't have to keep it in the cloud. And that's because a lot of the time when these things fail, it's somebody else who gets hurt. It's almost like it's hard to sell someone on it unless you're fear-mongering and you don't really want to take that type of approach when it comes to like sales and marketing. Not generally, but if the problem is terrifying enough, it's really sometimes hard to avoid. In the sense that, I'm not going to go down this road very far, but in the sense of climate change, if you want people to act on a systemic issue, sometimes you have to talk about the catastrophic potential of ignoring it less so than about the incremental gains to be made for the individual by putting some of their own resources toward the solution. We are facing, I would say, some real existential threats based on the erosion of privacy. But also just based on, like you're saying, these systems that people are learning to exploit in a systemic way. So what do you think is the role of the people who do create and maintain all these systems that we use? And this could be anyone, right? What's the role of technologists building these systems? What's the role of business people marketing these systems? And what is going to end up being the role of people in government who are designing and enforcing these systems? Who fixes the police? That is a very broad and hard to forecast type of issue. Certainly when we start getting towards that type of discussion, I've had this conversation with a few different people about crypto-anarchy and my beliefs and my goal of how we can use this technology to create a more voluntary society. Because basically I see that various social services and goods that are provided by nation states, technically there's no reason why pretty much all of them can't be privatized. But there is a huge gap between how we get from this hierarchical command and control structure that has been built up over millennia to a more sovereign structure where you can actually manage these goods and services that you want yourself. That's because what governments have done is they have offloaded quite a substantial amount of cognitive load from the individual to have to worry about those things. So the individual, they just have to pay their taxes and follow the guidelines that the government imposes upon them and they get all of these services in return. But if we're going to move to a system where you're really only paying for things that you want to use that you're interested in, now you have a huge coordination problem. And that's one of the areas that I think this type of technology needs to be built up in order to help people with that. Otherwise, there's going to be too much work for people to find much value in it. So there's a lot that needs to be done in order to make these solutions actually attractive to people. Because people are lazy. If it involves much more effort on their part, then they're more likely to stick with whatever the incumbent thing is, even if there is a lot of good reasons of why the incumbent thing is harmful to them in various ways. There's substantial switching costs, and I guess one of the costs to all of this is the risk that you try to change things and you make them much worse in the meantime. And I guess one of my personal worries is that we get to these tipping points along the way, as we're transitioning from, as you're saying, this very hierarchical world to a more decentralized, self-sovereign world, and along the way we do something that actually tips us all into total anarchy, and everything breaks. Is that a concern that you have, or is it relative to your other concerns? It seems like a silly thing to worry about. I guess I kind of take a somewhat fatalistic view on it. Kind of like with the climate change stuff as well, right, is that we have these very huge problems, and some of them are like tragedy of the commons type of problems. And if humanity can't figure out how to solve it, then humanity deserves to become extinct. So from that standpoint, it is kind of up to all of us. But I'm generally optimistic that even like with climate change, that there are a number of technologists that are working on trying to reverse climate change, and it may not be as simple as we need to all stop using carbon-based fuels within X number of years. We may even see some technological breakthroughs that allow us to revert some of the harm that we are doing by being so slow at switching over to more renewable and eco-friendly type of power sources. So engineering society, on the other hand, I guess I also take just more of a market-driven approach of like ultimately this is all people deciding what it is that they really want, like how they want to interact with other humans in their society. And so whether that's through governments or through some sort of other technologically constructed mechanism, I mean we need to experiment, and hopefully it doesn't blow up in our faces and destroy the world. But if you want to start thinking about catastrophic scenarios, there are so many ways that we could use our power today to accidentally destroy everything, not just by accidentally creating World War III and a nuclear holocaust, but there's, from a technological standpoint, so many things that could go wrong with, for example, biological engineering creating something that wipes out all of humanity or even nanotechnology. I would say I'm actually most afraid of nanotechnology. Have you ever heard of the Grey Goose scenario? Oh yes, and the nanobots, oh yes. So it's just there's so many different ways that humanity could screw up and just completely destroy our entire civilization that I'm not sure it's worth spending too much time worrying about either we're going to make it or we're not. But on that standpoint, I do think that the folks like Elon Musk have a pretty good idea that we need to further distribute humanity across multiple planets so then even if we do screw up Earth, there's a little bit of hope that some humans will survive. The ultimate decentralization project. Exactly. So this is a good transition because now we can talk specifically about the relationship between decentralized technologies and all of these kinds of risks that we're talking about. You know, I want to talk about specifically Bitcoin, you know, what is the relationship between a decentralized technology like Bitcoin and everything we've kind of talked about so far? To what extent do decentralized technologies contribute to solutions? Is it just that they're an alternative to current systems or are they a valuable form of experimentation or are we currently building the foundation for a new type of society where self-sovereignty is possible for individuals? I mean, I think it's all of the above, you know, different people who are using the system or interacting with it are basically viewing it from different angles. And so not everyone in the Bitcoin space is trying to build a new society. Some of them are just there because, you know, they can trade numbers on exchanges and make larger numbers or, you know, some of them are there because they see a slightly more efficient payment rail or some of them are actually using Bitcoin for various like data anchoring, data integrity type of services. But this much more like long term view, I think, is only held by a subset of people in the space. And everyone's going to keep working on whatever interests them the most. And you know, sometimes that will result in clashes. It's I think the nature of having a system that no one controls is that because there are such a diverse set of perspectives of people who are using the system and want to see it evolve in different ways, that that's ultimately why we see so many arguments and toxicity and drama in this space. But that's I think the nature of, you know, anarchy or lack of governance or whatever you want to call it. So that's that's my next question is, you know, is this diversity of motivations, the diversity of opinions about the purpose of Bitcoin or the nature of Bitcoin? Is that part of how Bitcoin is decentralized? And as a broader question, right, to what extent is Bitcoin decentralized versus still an example of a centralized system? It's very hard to quantify decentralization. You know, a lot of people tend to just use it as like a binary attribute. But you know, I think that if we're looking at one of these systems, they're extremely complex and talking about centralization or decentralization is this like multivariable set of spectrums. And so, you know, you can say that, you know, along certain attributes, it's more decentralized than some other system or whatever. But well, give me an example of like one way in which you can definitively say it's more decentralized and then maybe one one dimension, because I completely agree with you that this is a spectrum and it's and it's multivariate. So but but I want to be specific about like, in what ways do you think like it is decentralized to its benefit and other ways in which it might be like one specific attribute where there there are still centralized elements? Well, the one of the most decentralized attributes is just the the node ownership. And that is fairly obvious to look at on various graphs where we can see geographic distribution. But of course, even that distribution is it's not, you know, equal across all countries or even like equally distributed across populations or what have you. But it is certainly decentralized, at least in the sense of like legal jurisdictions, which is, I think, one of the most important components if we're talking about general security, because the ultimate level of security is against basically nation state attacks. You know, if the most powerful country in the world can't take down your system, then it's pretty secure. And so, you know, that's like internet level security. You know, we've created a system that even if large swaths of it are taken down and censored or whatever, you can route around those affected regions. That's a really that's a really interesting perspective. And it sounds like your argument would be that's one of the most important elements of a system to decentralize if you want it to be sustainable, if you want it to be resilient. And that is, you know, assuming that all of these nodes are individual actors and not coordinated by some central organization. That is, you know, the important part there. Right. But there's mining. So what is a mining pool, right? We don't have to like put value judgments on any of this. It's just like we're describing the structure of a system. We're describing the collective motivations of individual actors and also coalitions of those actors. Yeah. So, you know, from a different perspective, one of the more centralized aspects of Bitcoin is the collection of hash power, though, interestingly enough, I just tweeted something about that earlier today where you can actually look over time and see that, you know, there have been swings in hash power concentration across mining pools. Generally, the level of increasing concentration of hash power has occurred while technological changes have happened. So when we went from the CPU to the GPU era, GPU to FPGA era, and then I think finally the ASIC era, there were, you know, a few different tiers in there. But over the past year or two, the advancement of ASICs in mining technology has really plateaued. And so miners have had to compete over other variables, such as electricity costs and ability to get like favorable contracts, both with data centers and power creation facilities and in some cases, even local governments getting tax breaks and stuff. And so we've actually seen that from that aspect, it has, at least from looking at the mining pool, hash rates has become more distributed, but, you know, still a long ways to go from, you know, a miner in every house type of distributed. I think I wrote an article in 2015 called The Future of Bitcoin Mining in which I was really hoping that we get to the point where we have tiny little embedded miners, kind of like the 21 computer project a few years ago, where, you know, you might even have a tiny little miner like in your water heater or something where, you know, it's the excess heat is actually getting used for other purposes. And you're essentially buying your Bitcoin through your power bill, but in very tiny increments. So, you know, ultimately, the fact that like mining has become industrialized is not great, because that does tend to create a smaller number of entities that are operating at large scales and therefore can be targeted by nation states. I think the biggest example of targeting has actually been happening in Venezuela, where from what I've heard, like a number of agents of the state have come in and actually seized mining equipment and not just destroyed it, but actually confiscated it and started mining on their own to their own benefit. And so we would definitely hope that that doesn't happen in China, for example, because that could create some problems. Though I've heard various arguments about, you know, even in China, how decentralized the mining farms are and that, you know, a lot of them are like out in the middle of nowhere would be really hard to get to all of them. But it's a lot harder to quantify that type of thing. But you know, suffice to say that, kind of like with full nodes, the ultimate level of decentralization would be a node in every home. And that, by the way, is actually something that we're trying to do at CASA. But the same thing with miners. The same thing with miners is a miner in every home would be the ultimate level of decentralization, because ultimately what we're talking about is we want it, we want there to be so many doors that, quote unquote, have to be kicked down that even powerful nation states don't have the manpower to do that. Yeah, this is where I really wanted to get to, which is CASA. And we talked about, like, specifically, like, what are we doing to bring the cost for individuals down in terms of, like, how they participate in some of these systems that help us all in protecting privacy and creating decentralized systems and so on and so forth. So what is CASA? Why are you building it? And what do you think CASA is contributing primarily to this space? So our mission at CASA very broadly is to help increase personal sovereignty. And the first product that we put out was a key management product. It's our key master. It's basically a vault, this three of five multi-sig product. And it's meant to be the most user-friendly and most high-security cold storage wallet that is available on the market. So basically, the way this works is you have an iOS app or an Android app. So it's as simple as using a mobile app. And it visualizes your key set on the app. And when you want to actually interact with your wallet to create a transaction or check the health of your various keys or whatever, then you have to go and find your hardware devices that are used to actually secure the keys and plug them in and cryptographically sign messages or transactions. Now what we've done with that product is, like I said, it's a multi-sig wallet. There are other multi-sig wallets out there, but it is also a hardware-based wallet. So we're talking about multiple treasurers, ledgers. We want to support any well-vetted hardware key management devices. And then finally, it's meant to be multi-location. So the idea that you never have multiple keys, multiple devices in the same location. And really, what we're trying to do is we're trying to be the experts who think through all of the edge cases and all of the different attack vectors and loss vectors so that the user doesn't have to, so that all the user has to do is follow the directions on the screen and the app, and that will get them to a level of security and self-sovereignty that is possible to do on your own but requires a lot more technical knowledge. So one thing that I try to stress to people is that, yes, we're protecting you against attack, but in my own experience and in some of the reports that have been done by companies like Chainalysis, it's actually far more likely that you lose access to your private keys than someone takes them from you. And so we're trying to make this a system that is also robust against loss. And one of the ways that we do that is we actually have gotten rid of the need for the user to have the recovery seed phrases. And this is a much more dynamic type of wallet where if you lose a device or a device gets stolen or whatever, all you have to do is go buy a new Trezor or Ledger, plug it into your app, and we actually have key rotation mechanism built into the software itself so you don't even have to call us up and talk to us. It's a much more flexible type of vault product. It's such an interesting thing to be building for this space just because it seems, and I want to stress that I don't believe that it is, but it seems contradictory in that you've built a product that's helping people become more self-sovereign as long as they trust CASA to have told them how to do this all correctly. And at the same time, it's like I said, I'm stressing that I agree with you. Reducing the cognitive load on the user is the only way in which we get these technologies into as many different hands as possible. There's just also this other component where, again, it's not completely trustless. So how do you communicate when you're thinking about your building these products? How do you communicate to the user that they can trust essentially what you've built? Yeah. So there's multiple parts to this problem, and ultimately what we are aiming to be is a service provider and a support provider. We are making this software available to our clients, but it's not just the software. We're also bundling in almost like concierge level service where you have a personal account manager who is available for you to call at any time. But from the trust aspect, there are multiple components where, for example, one important thing is that we are not creating our own hardware key management devices. We are using other common off-the-shelf ones like Trezor and Ledger. And so we are at least distributing the trust around. So when you set up a vault wallet with us, we recommend that you get a Ledger Nano S, a Trezor Model 1, and a Trezor Model T. It's things like that to reduce any single point of failure and further distribute trust across multiple reputable brands and entities. So that, like you said, it's not trustless, but we're minimizing trust as much as possible. And then we take this trust minimization idea and build it into the app as well, where we're trying to offload as many queries as possible from our server so that it's not a single point of failure. Right now, the server is basically acting as a coordinator for doing the multisig transactions, applying one signature at a time. And it's also acting as a balance and lookup mechanism. But that's actually where the CASA node starts to come into play, is that we're trying to create complementary products, such that if someone who is a premium tier user at CASA with our vault product, they're going to automatically get any other products that we're also creating. And if you have a node at home, then we're going to support you pointing your wallet at the node so that you don't even have to trust us for balance and lookup stuff. And ultimately, I also want the node to be able to act as the multisig transaction coordinator. But there's a lot of different ways you can take this. And ultimately, it's trying to reduce the need for our central server as much as possible. And so at least from the security standpoint, you don't have to trust CASA with regard to keeping your keys safe, because we only have one out of the five sets of keys. And we do provide, when you come on with us as a user, we actually provide you with the mechanism for what we call the sovereign recovery process, which is a set of open source software and guidelines for how you can completely route around CASA server and basically sweep your wallet and move it to another wallet without ever talking to our servers. This is all so cool, man. It's so cool to think about all these things that are being built now. And as a final topic of conversation, it sounds like all of these things are going back to, as you said, CASA's mission and maybe your personal mission about increasing this self-sovereignness, like giving users the way that I heard Zuko describe it was consent. Consenting to how data is used is a big piece of self-sovereignty, but consenting to the systems that you use to protect your privacy and your sovereignty, you're providing people with more choice in how and who they trust. So my final question would be, whether it's on CASA's roadmap or not, what do you think is the most valuable thing that you're not already building that somebody could be building right now that gets us to this future that you want to see, where people have more agency and more control? Well, ultimately, and I think there are a few people who are working on it, but the internet itself needs to be re-architected. We still have far too many gatekeepers with regard to actual internet access. And so as long as we're reliant upon one or two gatekeepers for internet access, anything else that we're building on top of the internet is potentially compromised, at least at an individual level, not necessarily at a global level. And so a true mesh network internet is something that I really hope to see in my lifetime. And I know there are a few projects that are working on it. That's really cool and completely essential. I think it shows that you have a very strong understanding of systems and how they're layered and how they're interconnected. And while most people in this space may not agree on what necessarily needs to be built when and how, the one thing everybody kind of agrees on is that the whole thing is very complex and the worst thing you can do is nothing. That we all need to be trying these new technologies. If we're not qualified to build them, we at least need to be adopting them and helping test them in the wild so that we can get to this future that you're describing, where each of us is safer, has more agency, and hopefully happier. I see the connection, of course, very strongly between increasing self-sovereignty and just being fully realized, happy individuals that have a real place in the world instead of feeling as though we're just sort of at the mercy of whatever attack vector is in vogue, right? Yeah. And I mean, I consider myself to be very fortunate that I am well off enough that I can worry about these type of problems. I mean, the vast majority of people out there have many more pressing issues, just day-to-day survival, paying the bills and all of that, that they're not even thinking about any of this stuff because it is the very, very bottom of their priority list. So it's great to be able to even think about these somewhat trivial problems. They're somewhat trivial to most people, but I think from the sort of 50,000-foot view and over a long enough timeframe, I think that it will have a very large impact upon society. Well, I feel very fortunate that people like yourself are thinking deeply about these issues and have the ability to do so and have the ability to build what they want instead of, as you were, working for insert email marketing firm here. I'm glad you've ended up doing what I believe that you and people like you were meant to do. And I'm glad that you have such an ethical and humble perspective toward the space. So I'm thankful to you for that. And as ways of closing, can you tell listeners anywhere they might want to go to learn more about you or learn more about CASA, use the technologies? What's the next step? Yeah. I mean, generally, people are asking me, how do I know what I should be investing in this space or whatnot? And I almost always say, invest in education. Don't ask me what crypto assets you should buy. If you have to ask me, then you shouldn't buy anything at all. So that's why I have a Bitcoin resources page on my website, which is lop.net, L-O-P-P.net. And as for CASA, our web page is keys.casa, that's keys.C-A-S-A. And this space is constantly evolving and it is a full time job for me to even try to keep up with a small fraction of it anymore. It has grown beyond, I think, the capability of any single one of us to try to keep up with. But you and other people who are trying to distill this information in a podcast is providing a useful service for a lot of people. Well, I appreciate that. We do try to bring on a diversity of perspectives, but the one thing I try to keep in common with my guests is that they are trying to build meaningful solutions to all of these problems that we've described and find ways in which all of these different people, as you said, with different perspectives, different motivations, can collaborate, can work together. And I think the shared focus on, at the very least, education and advocacy is a useful one. We can always teach more and learn more. So for all you do there, I thank you. Our listeners, thank you as well. I'll add those links to the description of the podcast so they can look into yourself and CASA and all those resources you mentioned. But Jameson, again, thank you so much for joining me. I look forward to another conversation soon. Thanks for having me.