hey everyone this is Cena with another episode of into the bite code my guest today is Andrew Miller Andrew is a professor at the University of Illinois at arbana champagne he's an associate director at ic3 he's a board member of the zash foundation and he's also currently working with the flash Bots team as a visiting researcher so the topic of our conversation today were trusted execution environments and specifically how we can use them to do a account delegation and access control and how this seemingly simple idea can have far-reaching consequences for the future of the internet we also talk about how Andrew thinks about doing research how he kind of prototypes to get a handle on new directions and we also talk about what he remembers from the early days of Bitcoin as someone who's been around since 2011 or even before that I hope you enjoy yeah so I think today we're going to primarily talk about account encumbrance web two accounts um you know the permissionless delegation of them using tees but I thought maybe before we get into that kind of starting with some background and and origin story and in particular your own kind of path into getting interested in this particular problem because I think it has some history you know especially kind of looking back on the 2018 paper with delegate and but also more broadly you know trusted execution environments and how you kind of got interested in them as a direction of work and research and yeah feel free to weave in as much of your own personal thoughts here I I'm really curious on how you kind of got got pilled on this broader concept well that's awesome yeah I mean because you brought up the um uh Bitcoin boxing videos I can talk kind of about the like longer uh personal path of me getting there I was really early to bitcoin research like uh in 2012 and 2013 and um was really interested in the um I think the uh uh expansiveness and you know disruptive permissionless innovation that you could see kind of being possible with smart contracts there um I think it was pretty clear uh from the beginning that you know privacy is in conflict with the kind of ease of you know um expansion so I spend a bunch of time uh doing you know research directions like in consensus protocols and then in zero knowledge proofs but that only kind of um you know added a little bit of flexibility to what smart contract developers can you know work on and if you smart contract developers is kind of the um you know most interesting unit of um low Authority permissionless um you know contribution you can make a you know defi instrument with nothing but some solidity code and it essentially becomes you know the most decentralized thing that uh that can run so that's really powerful and exciting but um even with um you know ethereum and other flexible smart contract systems without flexible privacy without the kind of full programmable privacy that that te is give you're only able to explore this kind of you know tip of the iceberg of the design space you keep getting stuck in kinds of you know mechanisms or interesting things um you could do um I remember having um I don't know whether I've told this story much before but I I got impressed on really early at this um real world crypto conference in in New York and I think it was Jonathan moan who gave this really like a impassion pitch about ethereum pre ethereum launch to this crowd of you know cryptographers people who you know applied cryptographers but still you know cryptographers and the so funny the dis the the the narrative didn't quite click then because it was you know too early ahead of its time but it focused on ethereum as like host for fully autonomous replicating you know autonomous agents um and you can kind of see you know smart contracts as exhibiting some qualities of autonomy at least they're you know hard to you know shut down on their own um so they've achieved this kind of level of decentralization but you know still the cryptography hadn't caught up the time and then you know for some technical reasons which um I think Quint discovered you know pretty well all of those but you know could recap any of the the trust model around te is they're kind of uniquely good at providing this really um you know flexible way that the full design space of you know stuff smart contract developers might permissionless develop now can handle you know access to private data whether it's private bids that's obviously a fit for mechanisms in amm but also it can be private you know uh account credentials so that opens up all of these uh you know other interesting Avenues and it can also you know you can how flexibly imagine being able to write um you know AI agents with private State as as well and and you know manage those so now even things like that are now maybe uh addressable by the kind of permissionless developer teams um you know that make up the contract developers in the eth ecosystem so yeah that that kind of links the you know interests uh all together H so you kind of from the beginning into it it that that the lack of confidential confidentiality was going to limit what's possible here it's actually kind of crazy that all of the applications we have in in the blockchain world are all entirely transparent right like everything we've built is exist despite that very important limitation yeah absolutely and I mean it either comes across as like um you know an an inhibitor to adoption in some ways so like the premise of healthc Care on the blockchain you know never could get that far without you know a story for how to manage you know obviously necessarily private data I mean in other you know business or businessto business applications I think there are similar uh stories there about actually being an obstacle to adoption but yeah it's also surprising that people go just so far with you know being willing to you know do these applications uh uh in a fully transparent way um I think that there's a sense that you know that party can only go on so long and then there will be a you know Reckoning whether it's um you know AI expanded bulk surveillance or something like that you know it's not exactly clear where are the consequences of oversharing so it's not that there's not adoption it's that there's too much adoption without the Privacy guarantees so um you know who knows exactly how that will end up um but yeah I mean the I guess I would say my my you know sequence of things is I spent several years trying to focus just on what you could do with zero knowledge proofs and then maybe from 2018 to 2022 absolutely bet on MPC being the way to do it and pretty much just you know ignored for the most part um uh trusted Hardware except for me you know observation that you know by combining account credentials with trusted Hardware you can get some really surprising uh applications as a result um and yeah then that wave of uh U you know talking against the T narrative kind of started for me around 2022 and um uh I think that's been you know that's been working now there's more of an interest in these and and I think you covered the the trust model and the the Phyllis the you know thoughts that led to that narrative and the the finder points there you know pretty well so I guess I'm most interested in in you know returning to this like let's say that we have the trustless tees or you know for whatever the scope of this you know it's it's a reasonable acceptable choice to build decentralized systems that are um you know making use of the full expressiveness that tees can do what are the most interesting applications either things that are you know we just didn't think of before or things that are actually readed across some kind of Chasm of usability so they can be um you know good usable products early on yeah like almost take that as an assumption that we have the trustless te and then start to imagine where we can go from here yeah exactly maybe maybe before we get into that just just since you were focused on NPC for so long what do you what do you think of MPC practically speaking when it comes to implementing these sorts of applications I know there's there's kind of um performance questions and things of that nature there's things around okay these uh different participants May collude with each other so you have to kind of update your trust assumptions but you know if you were to give someone who's um somewhat familiar with these different threads that may be able to unlock similar sorts of possibilities how would you how would you characterize where NPC is at and how to think about that so I might break it down this way um you know there there's three kind of components of MPC that are relevant there's the expressiveness like how you program it um the performance which we can talk about obviously that's you know technical and then the um uh the trust model um and you know also there being a short answer that you can always combine MPC with trusted Hardware so um maybe I would just start with the trust model so to me the main concern with MPC is that um you know in in the model there's many ways of doing it but generally you have this dilemma between availability and privacy it's like the more nodes you tolerate for availability like you don't want one node to crash and take out the whole system but the alternative forces you to say well you know this many nodes could collude and undermine all the guarantees I was you know relying on MPC for and so this is the collusion problem in MPC and um combining trusted Hardware with these is a great fit because you can say well our concern about collusion is that these parties might just be tempted into decrypting everything or being easily bribed to help decrypt everything um and all the mitigations kind of against that I would say are kind of partial or also rely on like you know cryptoeconomic assumptions or setting up like entrapment Clauses kind of more complexity and all this is completely far away from mathematical cryptography or you know hard assumptions anything like that it's pure you know it's more complicated kind it's more cryptoeconomics and all the you know fuzziness that may entail um so why not strap a trusted Hardware on the MPC nodes as well so then they're you know only allowed unless they can break their trusted Hardware they're not even to do able to do anything except participate honestly and only decrypt why they should while they should um so yeah I mean to me that trust model issue May alone have been a good enough reason not to you know pick multi-party computation at least for the full kind of you know flexibility of apps and getting to you know um you know have a shot at staying relevant to this AI you know uh uh agent kind of Direction which you know good luck doing that in MPC then just for performance um I mean and maybe something like we worked for a while on the expressiveness of MPC in smart contract programming and I think that um you know MP speeds is great it's like a Python language that compiles to MPC and you know that's somewhere where you know ZK tools were you know a little bit ago maybe the same way that there were ZK vm's kind of like an expressiveness you know Improvement to the way that develop and smart contracts world use ZK you know it's easy to see that there can be um you know improvements on on that kind of experience for NPC as well so I know um mura and and staffle NPC are working pretty hard on you know some blockchain blockchain capable MPC you know framework um so I think that these are um these are promising too but that there are some limitations that you're run into like I think that um places where you need um private accesses to data sets um it may largely depend on how acceptable you know it is to do sender receiver linking if um you know you're using such a platform to do um uh just say blockchain you know digital asset transfer transactions um basically there's some need for oblivious Ram in a system that's you know FH based or MPC based that's something that's going to be fairly difficult so I think the applications that make the most sense on those systems kind of you know they're clearly accepting some constraints by having to work in this you know MPC domain that may just force them to say well we don't handle you know private access patterns that that's just a constraint on the applications that you know we express and so um you know I think that that that kind of ease of expressiveness is now one of the things that's just really you know in tees the expectations are so far that the concern of Engineers is completely different because now the story is like our expectation is that nearly any Legacy software package just containerize it and it's going to run in a trusted Hardware in a meaningful way like taking advantage of the you know raw Primitives that the trusted Hardware has like attestation and um uh everything like that so you know not only is it like it shifts the discussion but it's like the whole you know you can actually permit yourself to think about applications on what you would build absolutely yeah exactly exactly yeah and before we get into the applications like when you think about the trust model of a te and the thread vectors and the stuff that I talked about with quintis I mean he kind of characterizes it as you know being in these three buckets to think about like remote software attacks uh you know attack vectors physical like Hardware attack vectors where you have access to the hardware and you do side Channel attacks and things like that or supply chain attacks um and what uh what kind of strikes me about the work that he and and others and you are doing is that how kind of clearly you've broken out this road map into sizable problems and you know steps that come one after another but it's also like a very kind of like big ambitious undertaking so when you think about you know okay we can assume that we have the trustless te and then what do we build with it like where are we in practice being able to make that assumption like how how do you guard against that you know especially if we're kind of talking to other builders who are starting to think about building with tees um how do you think about what trust model you're practically buying into what the kind of like timelines behind that are what are the like different things you're watching as they're kind of like getting developed yeah I I I can try to give um my answers probably have like two tangents so one of them will have to be about the software mitigation approaches you know that that's kind of on the software and you know integration Engineers side to deal with and the other one might have to do with I mean I guess the case for um you know compromise in some way so like yeah this effort of trustless T is is I think a pretty remarkable um effort that is super ambitious being able to even um uh you know make it seem approachable and like there might be a path to this that's you know a pretty important you know case for I think you know giving us a uh you know a good reason to believe that we won't build up too much dependence on this just at the you know concept and preparing for teas level there's um I guess I would speculate that it's possible we're at like a really um you know good time for te's where they are effective against bulk surveillance it's impossible to rule out whether um even like bulk surveillance would be uh you know something that's thwarted by these or not maybe that's something that changes even if it is you know good right now it might you know change in the future I think what we can say is that even right now um the tees are being really effective at practically preventing you know protocal designers from being able to uh you know use tees but expect to be able to just actually have a business model that's based on you know surveilling or rugging their customers in a way that um the uh uh you know te catch because it's hard to you know make a plan that relies on you being able to effectively explo te um and then there's a whole host of other mitigations that I think you know suggest optimism for most now to suic approximation they do work and you can't just like assume that you're going to be able to look into them and like have a plan around looking into them it's like very hard to compromise them yeah I mean um I I remember thinking of um I would give this talk a bunch about crypto Kitty is how it's the perfect you know example of disintermediation because you don't have to trust the developers they'd be weighing over their heads for you know all the details of running an auction but if the auction is so simple it automatically runs you know you're you're disintermediating the very low trust actors which are just smart contract Dev shops and lowering the barrier to entry to those that's the best way to get you know uh the full permissionless development of apps and so I think it's the same um you know kind of story here yeah let me pause a bit I think I had something else to say but L my train of thought there I think you were talking about there being two two different ways you think about where tees are practically today so in general it's also early with application developers using tees I guess one thing I'm I'm worried about is there may be a period where you just um you know the xkcd that's just attached you know random garbage at the end of your email and say it's a pgp signature and it looks like you're using encryption and who's really going to you know expect the random thing we may go through a phase where it just becomes oh here's my remote attestation it's an even longer page of you know a 64 junk so um you know there I'm in a te I've done I'm secure I'm un ruggable because I just show this and you know we're not even at that point so even just saying where's your remote attestation for now already you know separates a bunch of te apps but um you know we may go through a phase like that that's not all there is you know to it there's more to catch up so maybe it'll be born out or not whether developer you know actually have to do the right thing you know at least in their design of the protocol and their ability to carry out back doors um so we'll see if that holds but I think that's what's set up to you know do well but we're I don't know developing even software best practices and like release management best practices that work with remote at testation you know that's still ongoing flash Bots is doing a lot of leading in that but um you know that where that goes um yeah yeah that sounds pretty cool like when you where you kind of use an ethereum smart contract as like the version manager and like the te is like following it's like picking up the latest hash from the smart contract and then like installing that program basically yeah I'm excited about anything that involves te software you know with a light client in it that follows a blockchain this is that co-processor model it's really cool I I did want to say something else about the um the trust m is about the the cloud model so I think that maybe one of the most important reasons for optimism now about the use of tees in um you know increasingly you know important applications is the um it is a trade-off with decentralization but it's the ability to basically say you have to be an enclave based node and you have to be resident in one of say the top six you know clouds or uh you know providers is a compromise for decentralization because you're saying you know have to be using these you know white glove you know things maybe that raise costs that clearly puts them you know in some kind of point but it can still at least be essentially a zero knowledge you know membership proof you're in one of these clouds but you don't have to divulge which and you know you may not even be revealing much about that you're even using the trusted Hardware on these especially in a world where like all the new Intel chips have this support or if it just becomes you know totally ubiquitous then that becomes not not so much of a of a restriction um yeah right so it's a it's a compromise on decentralization but at least we know that the the person running the te doesn't have access to the physical Hardware which is like a layer of adds a layer of security yeah and and it kind of maybe even a way to think of this in the framework it separates the physical attack space of it and maybe some way to think about it is that not all physical attacks are the same there's somewhat more you know attack surface the cryptoeconomic reasoning of you know security and reputations of these data centers I do think is relevant and so um you know making it harder to carry out even physical attacks you know counts as well um and they have a lot at stake I mean they're not going to go you know they're going to do everything they can to prevent one of these tees from being uh exploited yeah exactly okay so kind of going back to the the fun question we were beginning to entertain which is let's assume we have the trustless te now what is possible and when you kind of let yourself riff you know go go diverge mode with uh maybe you know not bringing in the the rigorous like what works what doesn't work like tearing these ideas apart with with more of their details like what is possible here like what what space does this open up yeah that's what so interesting it's like what can you you know you can put anything you want into these te's what's the most surprising things you can put into them you can put you know secret thoughts and um I don't know try to make a clone of yourself in it um the I mean I I think that the most interesting you know consequences derived from this idea what if you put access credentials in the tees I mean actually just it's a short connection to the you know trust model from before but one of the easy things to say is like well at least you don't just put all your spending Authority like your entire private keys in the te you know use them for these short-lived privacy kind of applications um you know so managing an auctions one thing holding your wallet in a te on someone else's server maybe that's you know a lot riskier um and if you really open up to well so what you know if you put just private keys in the te what you know can you do with them actually yeah quintis gave a good description of the quantum cache and you know if you're willing to put private keys to digital Assets in a te then you can get these kind of really fast payments and offchain you know interactions so I mean that's sort of interesting that that is also you know it's not um you can see it as an improvement to the performance of just digital asset applications so I thought it was really interesting to start the idea of putting um uh access credentials into into trusted hardware and this is where the um uh I think in this um delegate paper we thought that this would be able to make a really disruptive kind of marketplace like you could you know share your Netflix password but in a way that lets you just share it for one night and for one use so it would be like turning Netflix into you know movie rental and um we explored this in a couple of other directions one way of thinking about it is that it solves this um delegation problem like delegation's really useful a lot of um websites now support delegation that you can make read access read write access um uh but then there's nothing in between you either have no ability to write like a readon access or you have this unlimited ability to read and write but then that's more sharing that you wanted and it's you know risky to give away your Netflix password because then they could even change settings and such um so it's nice to be able to bring this um you know fine grain delegation where I can say I could just give you my password but instead I'll only let you borrow my password and use it in a very limited way um it's useful to be able to have these extra delegation points in between and then what's really surprising and disruptive about tees is it proposes this kind of um uh you know permissionless composition approach to improving delegation because you can say we don't need to wait for Netflix to provide this kind of sharing and for obvious reasons they you know don't want to promote that kind of sharing um but because it makes use of the user's own authority the idea of quitting the access credentials managed by trusted Hardware it allows you to implement this kind of um you know user chosen filter on top of what they could already do and that's enough to carry out these um you know kind of features so it's kind of an interesting way of bringing disruptive you know secondary markets to places where they um you know wouldn't ordinarily be in range of um blockchains and digital assets to kind of manage them yeah it's like a way to to wrap around existing services in a way that they can't they can't prevent right and to like make it super concrete like a really simple example would be that you um well that the teleport example with how you put Twitter credentials inside the te and do you want to just talk through like very concretely what's happening there yeah so um you know so Shin basically working independently spotted this uh kind of cool approach mean people started playing with um you know these smart contracts running in tees for uh uh you know for a while but very quickly wanted them to be able to out and touch you know web2 services and make web queries and other things like that and um okay so you can see this idea of onetime posts for uh onetime credentials for social media posts so this works with Twitter's you know read write delegation ability um but just like the Netflix example for delegate was one night for viewing Netflix Jin's example was you know a token that lets you post once um to Twitter so you can share just a portion of your account with someone essentially you can get a code um that you can just pass around in a URL that entitles whoever is holding that uh that code that URL to post just once from your account and the way that this works is um it wouldn't take much to just make a web service that does this there have been some you know uh products as well that are services that do um you know things like this Twitter supports this read write so you just have to run a service that says you know trust me with this read write ability and I'll um you you know make you these codes what's really interesting is to be able to use the trusted Hardware to lower the amount of trust required to make that you know us actually follow that policy so the trusted Hardware provides this whole remote attestation you can interact with the trusted with that remote attestation before completing that authorization flow um or rely on a kind of deferred audit log um we make use of certificate transparency as kind of a place where all the you know certificates that could serve our domain go and we we have in our GitHub a remote attestation that explains you know the public key it's like an alibi for the public key in every certificate you know associated with um that that domain and so you know either of these allow you to basically get more trust that the service actually does what it says namely that it's not you know rugging you by over by excessive use like we claim to only do one post every time you approve a new a new um post but how would you take our word for it we could just be selling off advertising rights to your account and you know posting secret messages when you're Notting has yeah liking people you know following people without you noticing um but we can provide this audit log and you know proactive defense using the trusted Hardware to you know show that works and you know then the there's something really appealing about the kind of you know actualized decentralization not at the infastructure layer but at the um you know user interaction layer of posting from each other's accounts that's pretty um appealing as well and you know adding yet more to the the uh kind of permissionless innovation permissionless composition that that kind of this fits um we kind of just use base as the append Only log like that the T follows the blockchain with the like client and uh so one post is one Redemption event on a smart contract that tracks these and the smart contract is uh you know 721 nft comp so openc recognizes it so all of these teleports are automatically um transferable digital assets on on openc that are backed by the ability to you know tweet from an account so they're in a sense they're a very um purist kind of you know self-describing digital asset that that you know Blends this um reaches from web three to web two yeah yeah let me let me retrace like exactly what's happening to make sure I understand it so we have a te running on a server some where uh run running a program that is that basically um has this ability so so I go on Twitter I go I log into my Twitter I add this program I give this program the ability to read and write from my account the same way that I would do with any other third party service um this program um basically um keeps that ability to perpetually read and write and exposes it to its own users in in the manner of like you can you're only allowed to post when this particular condition is met and then that condition can be anything that you want you know it could be a secret code that someone has and puts into a URL or it could be that you have to prove that you hold this particular nft and I could you know I could go and mint you know create this NF that says whoever holds this nft can make one post from my account per day and then you know the te inside of it would run a light client with basic which basically gives it the ability to read the state of this nft smart contract and once a day you know it's like okay like the buffer has refreshed you're anyone's allowed to post when someone goes to post they have to sign and somehow prove that account is the holder of this nft and then and then they can make this post and um B and because the te can do this remote attestation uh you know I know that this is exactly how it's operating there there's no kind of like third party that I'm trusting here and it's this very kind of like elaborate expressive uh mechanism that I've just encoded into a program that's running on the internet and interact with my Twitter account um that's kind of crazy that was a perfect retrace of it but yeah exactly that's yeah so yeah so where does this go I mean so we're doing this with Twitter that's pretty cool I'm kind of uh intrigued by doing this even for my own Twitter account but slightly scared about what what people might do but also what's cool is that you could you could add an additional step in this program that does like some level of filtering and it's like I will only allow post to go through that you know meet this regular expression or use an llm to say that it it can only be about this particular topic when someone's posting so we have full expressiveness around what this program can do but I feel like this is only kind of like an evocative toy example uh like what does this really mean where where does this go when we play it out you know a couple of steps from here oh man I mean um so I I I think that the most important mode is just that there is this expansive design space and I think a lot more surprises you know yet to uncover these you can kind of play the game of going through any possible account type it's like all of web 2 becomes open and you go kind of one data silo or you know provider of Authority or you know composable service in a way and then see you know what can you get if you can make private digital assets you know uh uh on top of it or otherwise you know combine them in some way and I I can try to um go through um you know a few different ones there's one that's at the top of my mind because it's a really good um you know gentle entry point clearly a lot of these are more spicy than others um in in terms of playing it out there there's like reactions of um you know Web Two providers or especially identity providers that you know might be spooked by this so um I think there's definitely an interesting like line to you know follow of uh basically advocating for the most constructive uses you know while there's still a chance for that to you know be the ones that that uh you know catch hold and set the the pace for it so there there's a category that I think is interesting that's like compliance oriented ones and um the the one that I think is the nicest example because it's like uh this is pretty non-controversial is this package supply chain um subd delegations so I can give like two kind of discuss these applications that were um Twitter thread jams that this npm one on package supply chain is from will fucker. eth the uh TM guy and you know npm the JavaScript ecosystem is you know pretty usually like it's earned it's you know being mocked for you know shoty supply chain qualities so npm is this you know service that's the you know package manager you know manager and um you know you can have accounts on that to manage a project that's on npm they actually do provide a whole bunch of tools for setting up you know 2fas and role-based accesses you know they actually do a fairly thorough job of subd Delegation and you know good or authorization expressiveness but um there's still some limit to what they've um provided and so the ability that you could add additional covenants or additional restrictions on the developer account by putting the developer account in a trusted Hardware that's super interesting it kind of follows this pattern of it's not that I'm giving away my account it's really just I'm accepting you know restriction more constraints on Authority that I already had um and this way you can attach a you know a plausible policy that it could range from you know I ran this static analysis tool on the code I'm about to check in and it didn't say anything to um things that are like smart contract you know um like I have a notice period it has to be on a data availability layer and pending for 7 days as measured by a te like client watching ethereum chain and you know after that time window then it can switch to being you know published or not um yeah exactly a cool way super interesting so it it's like making me think that this idea is maybe as broad as just like I don't know smart contracts like just basically any any kind of like contract that I'm entering into with the world some of these can be expressed as like you know blockchain oriented distributed programs that run on this like distributed virtual machine but this allows us to does the idea of account delegation kind of um is it is it as just by kind of like uh constraining uh what this account can do I mean that's in some ways constraining what programmatic actions can be taken right that that feels like a like a very expressive like broad uh ability to have yeah it is Broad I mean maybe then um a way of tracking towards you know more Nuance is um you know the following so first of all there's lots of cases where you you want to prevent this and then things that you could do to you know inhibit this ability to do delegation and there's also a notion of um limits to encumbrance so I think the right way to think about it is that all uh account incum an um is partial in some ways and this isn't even about tees being fragile now but it's about you know we're talking about encumbrance of web 2 accounts so web 2 is characterized by Brick and Mortar somewhere there's a CEO of every Web Two And so you can call the CEO of any web2 account and get your account reset somehow they they really vary in terms of their policies of how they do that and um a bunch of services are just known for being like Oh you lost your GitHub codes like enjoy your new GitHub account you won't like we just don't provide recovery as a service it's easy enough to create new ones they just leave you on on your own um and so you can imagine taking measures to basically improve The eum Rance like in a in a way even the story with um say Twitter is that Twitter has mandatory um recovery set up like you have to delegate some external recovery ability either a phone number or an email account with Twitter never just password alone so to encumber Twitter essentially requires you to also encumber either a phone number or an email address and you have to you know encumbering proton mail or some other email provider you know you have to do the same thing until you get to a route there's kind of a encumbrance graph covering you know problem if you view these kind of composed that way but you know it's all um you know uh at the end of the day for web two accounts there's some subjectivity that just comes from the way that you know web two accounts work so that limit you know this is imperfect but you know it's a a question where the I don't know where it's an appropriate use for the you know risks that are involved yeah how how how kind of um deeply coupled do you think this direction of ideas is with AI agents existing on the internet because because in in some ways I feel like um yeah the like the the substrate that an agent exists on feels like must have these kind of integrity and confidentiality guarantees that a te provides and to and to also I mean I you know if we're talking about alignment and things like this but but at least like somehow constraining the the space of like what's possible this these incumbrances feel like a potentially important tool there yeah definitely I mean I there's um we kind of fork the conversation there there's um the role that encumbered accounts plays for um AIS it's totally um I think shins pointed out for a while that we should think of these um accounts as like a really interesting substrate for agents to use so having agents associated with Twitter accounts is already a pretty um uh you know a trend that has caught on and um can imagine that the ability to delegate to AI agents makes a lot of sense in that AI agents with accounts may be delegating to others and pick up on the you know more complicated kinds of composition so um you know that's One Direction so account encumbrance of web 2 um data sources for example might be really interesting for you know a to to use these accounts I think there's also a story that some uh is pretty clear that AIS are useful with access to sensitive data and also that there are use is where an aggregate view of sensitive data from users would be really useful and where the distrust you know is actually one of the Inhibitors to getting this kind of um use so I think that the trend will basically be that for AI applications in general it will just become ubiquitous that there's this level of uh you know integrity and some privacy and isolation assurance that you get from it I mean and this comes from just the um you know the the Nvidia GPU support some kind of te that works in conjunction with the CPU drivers te as well so those come together as a you know Assurance compute system um it's a reasonable prediction that just clouds will you know have this for especially if you're willing to pay for it or if it's AI tier and you know already expensive then it's maybe even more likely that that will be early adopters of this and will buy up you know there'll be the ones that are buying up all the you know the secure you know instantiations of that so it may be that it just be come something that's pretty quickly um expected and deployed everywhere I guess that to some level we'll see um I'm really interested in the and this is I think kind of open I'm still not sure quite you know best how to think about it but um I'm really intrigued by the way that these contests have evolved that are like uh te agents that have some kind of you know there's some contest quality like um frasa is the really popular one right now so cool and it's kind of an instance of some other games that you know academics had talked about or news research had this Turkish rug salesman kind of game that wasn't like loaded up as a as a contest in exactly the same way over Twitter and with payments to enter but it's you know either try to be persuasive figure out how to be persuasive by you know getting an AI to reveal information that it has but or uh or essentially prompt break it you know somehow um but there's some element of of privacy so typically the Arrangement is that there's a developer who has the hidden prompt or it's like proprietary components of the prompt and even if the rest of the agent is you know open source in some way even the prompt is what's you know hidden that's the thing that's um uh you know that holds the secrets that if you knew them would make it a lot easier to know how to break it in the case of frasa I was just reading this thread today so this is why this is on the top of my mind but haven't um you know fully digested it yet but um the winner of fras has now gone through a couple of ation so this was a tweet thread from the winner of I think the third of them and it was like two sequences of breaking it the first sequence was a friend of his that got it to Output it system prompt so the system prompt was initially you know private only the dev obviously knew whatever admins of frasa um knew but um it wasn't publicly visible you get little details about the system prompt I guess just through ordinary interaction with it but if you you know really get it to you know delimiter Escape whatever you can get it to Output the system system prompt if you have the system prompt you can grind because the way the phasa game works is you have to pay a little to chat with it in public um so you're limited in how many shots you you can run the system prompt on your own on your own server yeah you can grind like an offline attack if you have the system prompt and then you can figure out what it's you know what's secret you know what things work on it and that um yeah and then the second step is then you know actually saying the right things to get it to actually carry out the action of you know sending the transaction so that's how that was broken but I'm fascinated by what role tees can play here so the first thing that stands out at me is that there is still this information asymmetry where the developer is not like the mechanism designer of a smart contract auction they're more like well I mean they they have this you know obscure prompt hidden prompt and so at a minimum the dev has this Insider information to begin with they could give people a head start on hints so if there are like a lot of you know continuing demand for games of this kind actually say well we're going to use tees and the tees are going to guarantee that it's you know unrug in some way or the game is not rigged then um we have to be more thoughtful about that sort of thing and it's not clear how you can just take frasa and make it a fair game with no Insight or information I mean yeah these feel like kind of good threads to pull on because I mean as the saying goes things start out by looking like toys and then before we know it there there's like a lot more on the line and these Twitter games I mean it's just so cool also I I realized I think yesterday that frasa might be a riff on fresa which is like strawberry which is is that true which is like kind of a meme right now that's news to me just strawberry in general is a meme well uh I I don't know exactly what the backstory was but open ai's uh latest model was kind of nicknamed strawberry for a long time so like Sam Alman was like tweeting photos of of strawberries in his backyard and being like coming soon or something like that so it it might be a nod not to that Meme oh it went over my head but that's pretty cool um one one more kind of um technical kind of like architecture question that I feel like might have interesting ramifications is I saw you you you're you've been working on this project called daack that that kind of puts tees into more of a peer-to-peer architecture so why why have you been doing that and and and why is that an interesting direction to go in oh yeah this is fun to talk about so yeah I mean um I would say this is the third uh kind of architecture thing I've worked on since starting my uh sabatical I mean I I guess we didn't go into after the MPC the the you know topic I was most interested in was specifically smart contract based uh programming platforms using tees so worked on this 2019 paper Eiden which became the basis of Oasis and so this is TE based smart contracts it's kind of just you run virtual machine for smart contracts inside of a trusted hardware and now you pretty have to add encryption of some kinds in it there's more to it but you pretty readily get you know a a private smart contract system smart contracts with confidentiality and then there were a bunch of instances of these um like secret Network especially and um also PHA and a couple of others um and these really developed while I was still kind of betting on MPC and then only you know came came after these but then became really interested in how to improve the architecture of these especially to do their part of you know the platforms built on these have a lot of the burden of mitigating the problems with tees it's not all just you know expect Intel to fix everything there's a lot of you know integration work to do um so I was really interested in improving the um best practices of the smart contract platforms um then I helped with um uh flash Bots do this um Suave surra uh like evm based co-processor I also helped um the informal systems and Cycles team do this quartz um side car kind of architecture which is a bit like the km wasum you know related uh approach being a side car versus a co-processor have some like really nuanced differences but it kind of is you know how much of the package and instruction set does the app developer bring versus is already done and um pretty negotiable on both of those sides um but for a bunch of reasons one of which is just going with the tide of um like the move from sgx to TDX and the fact that um TDX and AMD and uh the you know Amazon Nitro T are all Container based rather than process based it's like sgx and the first cohort of these you know fully programmable T's based in sgx that's process based so it's like untrusted OS kernel and trusted Enclave you know process and now the trend that's you know far more adopted now is um the confidential virtual machine so it's like untrusted hypervisor um and other M tenants but you can have a VM that's running in this isolated mode and there's a whole bunch of nuance in the different you know burden of software developers and how the auditing responsibilities break along different kinds of you know modular lines but really the thing that matters is just that it has a much easier developer experience and you get a lot further if you set your you know you want to have access to remote ATT testation and you want a legacy code based to be running in this Enclave that generally works pretty directly with TDX and with with those other systems as well especially if you can containerize your application then you can share a common base image um maybe this is hard to explain but maybe I try just to get in this level so the basic structure is like TDX and these other systems at their low level they're the secure support for secure virtual machines so you have to bring a kernel and you know everything that fits in a virtual machine Ram disk drivers and such um and that's the unit of a secure you know um you know thing that this requires you to then essentially audit the kernel so um flash Bots is specifically using yako which is like a tiny security oriented embedded kernel so it's great for a VM and it you know it makes sense for this approach and it comes along with its reproducible build scripts and um you continue using these but then the idea is to say well we're going to make a base VM that is application neutral it's just a a yakob based Bas VM and it has a couple of raw utilities built in like the guest driver so you can ask for remote attestations um not a whole lot else um mainly it then just also has an implementation of a container driver so podman gvisor um something capable of running kind of standard containers and now application developers can just you just have to worry about packaging up your you know system service node whatever into a Docker container um you have to bring reproducibility for how you do that if you have a whole build chain you know you may need to make your app binaries reproducible and you know put them in a standard base image that's the level that has to be specialized so um it's a good way of factoring out the you know things complicated to um do these and so in a nutshell uh daack is this kind of there's a bunch of people working on a close enough you know related goal that um this is kind of a uh yeah I made this kind of quick prototype and baited phet into spending a bunch of time you know developing a full version of it and meanwhile flash Bots was doing you know complimentary work on kind of doing this hardened yako image and um making sure it's you know performance capable and able to run the Builder and so um you know broadly collaborating on these and in turn there's a bunch of other projects like confidential containers and um uh uh what else was I going to mention um well other things that are based on you know containers as a kind of development interface for this I would say that our version is focused on being fairly um approachable and um it's meant to be able to be you know looked at and um you know it's not about hiding everything behind just an interface but making the whole thing fairly straightforward to follow because we have to upskill security Auditors and even um you know people critically minded like that anyway as part of the you know whole effort for the for this to work um yeah yeah that makes sense so in a way kind of like abstracting away more of the low-level complexities and allowing the the application developer to just bring their Docker container and their build script and only have to worry about that yeah exactly yeah very cool um uh for for our last 30 minutes I I had some kind of like more fun personal questions if you're if you're up for it relate related to these topics yeah um but the the first thing I thought to ask you is about research and kind of um making progress on new directions of work that are you know very kind of like undefined you kind of like intuitively sense that there's something there there's this like curiosity pulling you towards them but it's it's very unclear you know if there is something there how it's going to work out what even the step to take are um so I'm curious as someone who's been doing that for a long time and maybe if you kind of put yourself into the shoes of you're talking with a new kind of grad student who's setting out to do this and they they not only want to do research but want to make an impact eventually with with this direction of work like how um what what have you learned about this process and and the more kind of like concrete and specific you can be the the better like how where how you work solo how you work with other people like how what your your philosophy on it is um very curious yeah these are really good questions I do like trying to talk about this but I find it super difficult because I do think that I have a fairly I don't know different approach and um I don't know that my experience is so replicable so I think about that a bunch but um yeah there's a bunch of here I mean the first thing is kind of the split I think you you kind of may have already talked about this before it wouldn't surprise it comes up but there's this pretty recognizable split of the parts of science like you've got rigorous validation but also like Ingenuity and picking a direction forming a hypothesis is not like derived from a recipe that requires this kind of uh uh whatever it takes to build the conviction to go you know choose a direction based on that has to come from this like picking out of possible uncertainties that that's hard to really pin down I think that um because I started in the in in graphics before switching to um uh you know crypto insecurity in the first place so I still I think have a lot of um uh uh I guess I would say I I'm interested in like gameplay mechanisms and kind of pursuing you know a concept until you find you know what's surprising about it and I think that's a a lot of like a good research intuition feels like well some things that are really motivating are when you know someone's wrong on the internet you feel like motivated as soon as it's really great in research to be motivated by a contrarian thought um because this is even just exp explicitly the language and um you know it's desirable to refute common wisdoms and you know point out that a you know prevailing direction is actually wrong for some reason it's hard to say what it's like to get an intuition that something like that is um you know available but once you do that's like U guess it's like trying to pick a trading Insight like you want to go short on something you think everyone's pricing incorrectly and then um I'm trying to be more attuned recently to the way that um you know product people operate and I guess I've observed what is this you know product roast sessions that are a lot like you know research discussions or debates that are in some way speculative because it's it's you know what you do before committing the effort to you know fulfill a hypothesis so it isn't some ways you know can you can you cheaper than actually carrying out the expensive validation you know have good reasons to you know predict it or something so I mean there's a lot of like um pitching ideas to VCS as part of the crypto startup space um people who can do creative direction that is product informed has to do with anticipating what a consumer Market will react and then you know teams of researchers or a bunch of Professor colleagues kind of picking directions are writing a proposal they'll be in a way anticipating you know what's going to be you know reviewer committee Grant committee Market fit for the the research ideas so I mean in the same way there's like a need for um I'm interested in this difference of like products have Market realities that they have to face as kind of their validation and then in science you have this peerreview process where your validation gets checked and you know you're supposed to pick methods that are kind of naturally falsifiable like you do an experiment carry out the you know structured Theory analysis um so I mean those are kinds of um I view these as kind of systems with some overlap that's kind of yet to be determined you know what best to do with it um so I am really interested in this kind of um for me personally I spend a bunch of time in I guess high school and undergrad before doing research you know thinking that my destiny was to lead an open source project or be a maintainer of it's really interested in you know the open source like G and and you know open source things broadly um but you know it was all tempting to burn out because there's no end and you know can't really do anything except just admit defeat once like it's spiraled to you know irrelevance trying to start some project you know really tough research is kind of nice that it has a natural Cadence like you fire off the paper at the end of the you know semester or at the conference deadline and you have a relief and you're you're kind of allowed to go pick the next thing that's like way healthier in a way um so I'm kind of intrigued by how I guess product life cycles you know more or less carry that smart contracts are supposed to be sent and you know be forever does that mean that any defi project like only has a failure condition or stuck with it forever um I find that kind of interesting yeah yeah there's definitely a parallel into the bite code is sponsored by splits are you tired of sacrificing security for usability splitz believes is still way too hard for teams to self- custody their onchain assets they're building a new kind of Internet native Bank on top of ethereum splitz makes it easy for teams to manage the whole life cycle of their finances from structuring revenue sharing agreements using payment flows like splits and waterfalls to managing those earnings once you receive them using Pas keys and smart accounts splits is being used by teams like protocol Guild Zora song camp and others I'm a big believer in them and recommend checking them out you can learn more at splits. org when you when you're talking about kind of like having you know having a a feel or an intuition for what's a contrarian what's the seed of a contrarian idea that that like goes against the common wisdom um is that is is that like a mindset that you actively hold also I'm kind of it makes me think think that there there like that's one way of thinking about potentially interesting directions but it's still kind of defining itself in opposition to something that's out there right and then there's like another way that this might happen which is like it's purely out of like curiosity and there there's like more of a blank slate like you're I mean I don't know like if you think about to the beginning to when Bitcoin you know kind of first came along I mean if we if we I I guess like Bitcoin itself was building on a lot of Prior work as well so like no nothing is like net new to the extent that we think it is yeah I I I do think about this a lot in terms of like is like being contrarian isn't always um a virtue it does sometimes go well with um you know Finding disruptive or in general it relates to novelty seeking in research so a lot of research structure and a lot of the role is like an adviser really is just separating the you know tasks of different grad students so they all have individual work of you know right sizes to be able to you know graduate and get published um so I mean collaboration is preferable generally a lot of the things that I think are rooms to improve on in how the you know startup ecosystem functions is a lot of redundant like either overbuilt infrastructure that doesn't address the right problems or is too much redundancy when you know picking a winner early on might have been better off for everyone just in you know projects conventions languages to follow that sort of thing um Academia has a lot of explicit pressures for for novelty the whole way that citations you know reviewers have to reject things that were just published you know a while ago tiny grace period for concurrent work but then you have to disclose it that's like super novelty that's an explicit mechanism that fugly fuels novelty seeking startup companies aren't under the burden to do that except to the extent like oh you're just doing this for that you know you see p but they're not obligated to you know not publish it fund it because something's already you know similarly published that mechanism isn't present there so is that good or bad to kind of include you know I'm not totally sure um I mean picking a thing and going along with it is a little bit different than than you know being contrarian but that that seems like one of the best ways of generating I guess novel directions all and um it's interesting how the NSF funding experience goes because there's this weird um you know incremental is the dirty word and transformative is what supposed to aim for and I guess one way I try to explain this I'm not sure how good this is but is like you know an ideal research portfolio is some kind of you know like pyramid with like some chance of a breakthrough that's you know really exciting and impactful that would have that kind of contrarian changes everything kind of VI and you know maybe you're okay having a bigger chance of you know some sustained contributions and maybe a pretty good chance of having you know a few important papers but if you can't even articulate what a breakthrough would be um then you know maybe you're not exposed enough to the you know chance of a you know really impactful kind of thing to find but I also suspect it kind of just comes to preference and then maybe I have like a high um uh interest in that as like a I don't know enjoy the contrarianism for its own sake I guess it's just a part of preferences yeah totally what about the actual like Pro process of making progress on a on a kind of like difficult open-ended research question like if you introspect on that is it is it like reading and consuming kind of like adjacent works is it uh kind of like having collaborators that you're bouncing ideas off of is it like Theory versus like prototyping things like how how what does this process look like for you yeah for me I would say it's probably for three things um I would say the first one is rapid prototyping um maybe this comes from um like a preference for me but um I mean I started to do a bunch of theory related things in cryptography not by cryptography standards theory always applied but you know to me very Theory but that came later it was like comfortable as a programmer and doing you know research engineering for graphics um before doing that so there's an element of being able to do quick prototypes and simulations or just working prototyp types in in uh cryptography and distributed systems that I'm fascinated by the difference between proofs and test cases because you don't make an example illustration and that proves that there aren't other cases and yet it's also the most you know useful thing for making something more concrete and then making anything concrete as a demo builds so much more understanding that it's like the right thing to do in almost every case you know do an implementation even if you're just doing it for research because it will just by making it concrete it unlocks you know much better thinking in terms of what can come afterward so I highly value doing um implementation and if you have a hunch as what a thing is but it's hard to formulate the research question then you know at least building in some direction you know a little bit can be helpful as well um I'm really interested in like the mode of of work that I see a lot of companies do and then also some of my grad students acclimated to this but hackathon driven development where you do these kind of coordinated bursts of of development work and present them kind of micro research projects I mean they tend to do these by traveling around to the different conferences which is kind of um you know difficult to do for ordinary uh grad students but you know somehow that pace and um you know really time boxing yourself to you know do do something quickly but it's got to work at least well enough for a demo I think that's a great um it's also a good unit for fostering collaborations because it's a good like you know we'll team up kind across Institution for pretty narrow banded duration but we're you know so I've had a bunch of experiences now where like doing that kind of Rapid prototype for a research project like all the all the great experience was done in a pretty short you know maybe two we period for an intensive one and then you know probably several months to write the paper and do formalism afterwards but that's you know I think a pretty good flow yeah that makes sense okay NE next uh fun question is I mentioned I went down a big rabbit hole with your YouTube last night and I feel like a lot of people don't know about this YouTube but it's a it's a gold mine and I felt like I I I felt a kind of a spiritual kinship with how you're kind of a troll inside I would say uh and these videos like there's these like three to five second videos I think one of them has like a 100,000 views I forget which one it was but uh there's one of Ralph Merkel mixed to some music um so um I had I had I had more of a light-hearted question and then more of a sincere question the the more light-hearted question is like one um yeah how how did you get into YouTube because that's like pretty early on like I think you know you were definitely an early adopter there given some of the videos you have and then two maybe adjacent because I feel like it maybe also dates back a long time what is the what is the story behind the rooster profile photo all right well I mean the rooster is a local um a local celebrity for my hometown there's it's um there's like a rooster in an area of town that had a lot of roosters but this one flew to the other area of town and hung around the cool Boardwalk with restaurants and his name's Herby Hancock and he's in some um you know newspaper articles so there's even evidence that this isn't just entirely made up but that's that's a photo I took of the you know Hometown mascot and um yeah I've adopted it as such nice yeah and um I'm sorry what was the one right before that okay yeah just how on YouTube in general oh nothing super interesting there I think I got into um Twitter pretty early like in 2009 just by following I had more cool and plugged in friends in undergrad and uh they were pretty early to things like iPhones iPhone development I was pretty slow to get a smartphone all my friends had it I was pretty slow to join social media all my friends had it so it's like a semester behind on that for all of those but yeah that's still pretty early and then the kind of more more sincere question that I wanted to ask you was um I watched I watched your Bitcoin unboxing video and this is I mean it's so worth watching uh one because it's hilarious so you're basically trying to make the case in 2011 that there's useful things that could be done with Bitcoin and you've bought a bunch of random things online including uh bit Jerky like this be homemade like beef jerky that's you know made by someone and you paid Bitcoin for it and you're like eating it on camera and unboxing it uh which was really cool um but to me it was also like kind of captured just this like Spirit of um I mean it's like it's it's it's hard to imagine that Bitcoin really started as like like nothing right like people were like just mining this like you know kind of useless internet points and sending them back and forth and the fact that someone's like willing to take pay take payment with this with these things and like do something in return was like a mindboggling concept and like the the kind of like playfulness and the earnestness of people just kind of like tinkering with things and like when when there's like nothing when there when there's like no expectation I me there's some maybe sense of like where this could go but like you know in one's wildest imaginations it's like hard to imagine where we are today uh so I I really kind of like respected and and admired that but it it made me think to ask you the question of just what was it like back then like what was yeah what what was the what was it like being in bit in Bitcoin back then um you can even go I spent a lot of time on the Bitcoin Dev and Bitcoin Wizards IRC channel so I think those are all logs so you can probably go find a bunch of embarrassing conversations that I would have had before during the whole like switching to that as a as a research topic I was so expecting Bitcoin to fail throughout I guess not anymore over you know a few years but probably also way longer was skeptical then you know that it would I was pretty happy of having carved out what I thought would be a good theoretical Direction on these like you know puzzles and anonimity for you know organizing a consensus Network without assuming a pki and that that would still be a good theory Direction even when Bitcoin would inevitably you know stop but I mean useful has always been tough but I became really satisfied with like it's at least doing weird different not the same thing you know kind of thing obviously there was PayPal and eBay um but it's pretty easy to see Bitcoin being you know actually different and um there was a pretty crazy time period of Bitcoin development on um IRC with some things that I was a huge fan of and Tred to write research papers about at the time I don't know how many of these are still um available to read but like there'd be a developer Channel and there'd be a trading Channel with a little bot I mean not AI just scripted just IRC carefully hand scripted IRC Bots but they would take take your order they would authenticate you um using gpg interactions um You' talk cryptography in a DM with the bot and it would authorize you to you know post and buy and sell orders this was just a very free form Message Board Bitcoin OTC with this ircbot integration and um it had a reputation system a little like graph that would show you like who you've rated and that you're you know contemplating taking up this OTC order with someone who traded with someone who you traded with and you know your Gra this deep of trust ratings um and people were doing their best to set up these um e-commerce websites and I mean the it was pretty obvious that like the Silk Road was capturing all of the attention of you know people and maybe that was what was useful about it but besides that there were all of these just really Earnest early adopters that were like have some weird Niche product there was like alpaca socks and these um custom lollipops with all sort of weird flavors and then just a long tale of weird stuff being traded from Bitcoin early adopters but they would post with the ircbot they'd register their little order you could talk to them by DM and you know trade Bitcoin and ask for a delivery and so um yeah I feel like uh I can still continue to think and it's come out on a couple of things with like you know rapid prototyping but um you know making things real making things a demo actually interacting with them making it as visable as possible that that goes I think a really long way towards um you know fueling your inspiration you at least want to like save your checkpoint on you know fueling the reality of everything that's you know in range of being real so um uh yeah I'm fascinated by by how those go I think the first unboxing was just Bitcoin the second one focused on um uh what was available for zcash I probably have to think of another one next you had some spicy hot sauce yeah yeah exactly the hot sauce vendor that was good yeah yeah um what were the people like at that moment in time with Bitcoin like do you do do you have are there any like memorable characters that you can think back on or like people you you were like friends with or are still friends with like I'm just curious like what the the social I mean it's just like such a such a weird like interesting thing to be into I think I pretty quickly filed into my academic you know subset of those but I I there was um uh this like Bitcoin development and research and Bitcoin talk forum and a bunch of things from there I think there was a period of time where that was like super um uh interesting I mean I guess there were a couple of things like I thought that um there was this transition of I think um interesting contributions to research like applied cryptography and consensus protocols and the like that really started to come from these developer areas where they were previously areas that I thought you know that were you know universities had dominated like reflecting on the you know virtual reality augmented reality research direction from before that was something where you know universities maybe weren't doing The Cutting Edge and you know industry was in some way doing a much better job of the innovation of um you know virtual reality and stuff maybe that's continuing now um on the other hand in cryptography it's like all of the cryptography Theory work is done at universities and companies are mainly you know organizing uh things that had already you know been put together univers would be the innovators in cryptography especially regarding formalism and you know anything ZK for example and so um there was a ton of collaboration a ton of really Innovative posting on the Bitcoin talk forum and Bitcoin developer mailing list became really interested in The Interchange between Academia and the developer Community around that time a lot of which just ended up coming in the form of like writing survey papers on all the interesting topics the Bitcoin talks forum is doing trying to do translation of um you know things crypto people are looking at into these different fields and I would say I noticed one by one um field sub Fields within computer science mainly catch on to bitcoin and basically you know accept it go over all of the open problems that are open try each of their tools from their discipline and see you know what they do there I think it started with um the financial cryptography you know applied cryptography kind of crowd immediately picked it up I think then distributed computing and um cryptographer Theory and then algorithmic uh Game Theory and other things like that maybe but there like different subfields of Cs kind of all time staggered but you know going on in some way the the smart contract you know failures you know got a whole visit from the formal methods community and so on That's So the a lot of these have then continued and not just been pick it up and leave but certainly go through an onboarding of the research field to um you know the new viewpoints of web 3 so you know that that's been pretty interesting and and um yeah I'm intrigued Now by I think how um the you know various ecosystems and whether Port Co or like aligned but separate uh you know industry participants kind of collaborate and or compete is I think Super interesting I mean and it um it relates in some ways to I think how you know research and development work in Academia there's you know some differences in the incentives and you know limits to what they can do but um I think continues to be something that's like a you know a pretty active area I've also seen a ton of people basically you know conclude Academia exit it go to uh Professor coins or you know heavily involved in the you know startups in some capacity um so that that flow and and correspondence is there but I I guess I I kind of think that there's still some lwh hanging fruit of some kind um that would be opportunities to do an even better job of this kind of organization um yeah tough to say MH um well and and as a last question I thought we would Zoom way out and uh I asked quintis uh beforehand what might be interesting things to talk about together and he said to ask about your overall vision for where all of this might be going and that you've been thinking about Cipher Punk lunar Punk like these sorts of things I don't know exactly what he's he's referring to but what's there W I'm sure I don't have one coherent vision of this but um I don't know evolving a bit bits or pieces I'll try out an answer so I mean I think that where the the direction that all of this heads to me and I think it's been pretty consistent through all of these is I think most fits in with coordination or like the the real goal of this is to be able to do much more effortless coordination of humans across the globe and that you can see bits and pieces of this promise from a lot of existing you know Cipher Punk systems whether it's public ledgers that make cooperation good or like anonymity makes it easier for people in different jurisdictions to be able to cooperate um doing decentralization also relates to robustness of networks so essentially the ability to cooperate even in the face of you know people trying to uh inhibit cooperation or set up gatekeeping roadblocks you know whatever decentralization in then inid or good kind of inputs to that um the the vision somehow has to be that where this is headed is that you can much more easily form teams make um you know productive trades between people across the globe um longtail of matchmaking for things like um being able to bring expertise where it's needed and and kind of a sign I think that some of the most interesting experiments of these have been um Dows especially the ones that focus on um I mean I think a lot of them basically get stuck on like token oriented governance and like choosing proposals which is kind of pushing the actual work of Performing to you know the recipients of the grants although that's already kind of cool you know structured onchain supported decision making I think that the ability to draw in these new kinds of resources and sensitive data um and even that it's going to turn out to be useful to focus on you know AI agents for these but what they suggest is like how you can do better organization of you know competitive people with their own sets of unique resources and abilities but um some ability by aggregating together can do better you know constructively and um you know the ability of smart contracts especially privacy enabled ones and especially ones with the ability to um act on other you know kinds of assets like web to accounts that's like really what's going to turn out to be able to unlock that so I think broadly that that vision is kind of shared by um I really like the people people to talk about coordination in these views so anyone working on um you know decentralized organizations and governance I think are are pushing in those kind of directions I think that um the ability of privacy um tools that you get from the te kind of experiments especially isn't yet priced in in these so I think that's going to be really you know useful for making more clear where that can go um but yeah that probably amazing well I think we can bring to a close there thanks so much awesome thank this is a great shot thanks hey I have a small ask here if you've been listening to these conversations and want to support what we're doing here I would really appreciate if you leave a rating and a review for the podcast it might seem like a small thing but it actually makes a big difference to help other people discover the show also thank you and I'll see you again soon Back To Top