This week on the interview episode of The Vergecast, Verge editor-in-chief Nilay Patel interviews cryptocurrency expert Amber Baldet, co-founder of blockchain startup Clovyr and a non-profit financial privacy board member Zcash Foundation.
Nilay and Amber discuss where cryptocurrencies on the blockchain go, the potential of Facebook's Libra project and how the blockchain can restore our confidence when putting our data online.
Below is a slightly edited excerpt of the conversation.
Nilay Patel: I just read some of the things you wrote. You have this rule here: "We may not be able to stop the rise of the machines, but we can at least create a more consensual system, a fair daily wage for a fair daily data." How would that work?
Amber Baldet: Well, to be honest, that kind of tongue-in-cheek jab was a fair day's work for a fair day's wage because I don't know anything about you, but it hasn't worked for many of the world's population.
That's kind of what I'm asking. But the example you just gave – "I want you to have a photo I took. So I sent you a photo. Now we have two copies of the photo." – The value of my single photo is reduced in a way if I had a printout before, how do you prevent things from being copied infinitely and a system designed around that specific mechanical task?
That is a slightly different problem. Have something that looks like a dollar. A dollar is fungible. A dollar in my pocket is as good as a dollar in your pocket. But if I have $ 100 in my pocket in singles, I can give you part of it, and then I just don't have them anymore. The challenge with file distribution is something called digital rights management. People try to watermark photos & # 39; s and somehow stop their distribution for 15, 20 years. I worked at a company that did its own research. How do you prevent people from simply forwarding through the newsletter? And all solutions are relatively hacky or not elegant and are easily undermined. At the end of the day, your short-lived photo app can tell you that it prevents screen shots, but it doesn't stop you from holding another phone up and taking a photo of that photo.
So there is a difference between data privacy (which is the data that you have and that you want to keep and prevent you from leaving your view) and the concept of confidentiality (that you have shared something with someone consensually, or that is a point-) sms & # 39; and or with a seller where you have signed a toss that I am sure you will read (100 percent of the terms of service) that, once they have it, in a way that is theirs. There is no way to withdraw that. However, there is now privacy research on ways we can coordinate and collaborate on things without disclosing that data, where you can say: & # 39; Bring an application or an algorithm for data that stays with you, and we can model train together, and we can agree on things without revealing things. "It's very exciting.
But it has now also become this kind of silver bullet from a technical solution that tries to solve a social problem that we have, namely that we do not trust each other. But all legal agreements that have been made also have this power asymmetry where it is just … I can no longer do anything if my data is lost. It's gone.
So I think there are many different tools in the toolkit when you design systems that offer people more freedom of choice. But right now they are either in the R&D phase or incredibly complex to communicate with, or you need a PhD to be able to install and perform these things that you are going to sign up for medium for most people. I mean that's what you do.
So my position in terms of service agreement must be legal. You certainly can't say no and still use your iPhone. You are just sewn a little. For me, that is a very powerful idea that you would somehow get power back to the individual, and they would be able to express a market signal. "I don't want to give you so much information." But it seems very difficult to get from what we are talking about, which sounds great to you, namely that the application sources are still very complicated, still far away from the consumer.
Yes, and to your question about what a fair daily wage is for fair day data, half the world's population will come online in the next 10 years, and not all data is worth the same. And we run a considerable risk of looking at population groups that are even less aware of what their data mean and how it is used than people who have been on the internet for some time. Applications come to them and say, "Hey, we're going to pay you for this. You're not necessarily involved in understanding the market conformity of this, but we're going to pay you for something." What is the value of having them in it? It is very likely that privacy will become something that the rich can afford and that the rest of us simply cannot because you need the compensation or you have access to a network that you otherwise could not afford, as long as you give your details away.
So it would be better than the system we have now or if you have no say, maybe, but it could just be related to the underlying and growing kind of technical inequalities that are occurring.
So we talked about a lot of things that blockchain could do or different systems that might be the basis of it. But now, when most people think of cryptocurrency, they think specifically of its financial aspect. Why is that? Why isn't it broken? What is the app that makes people think about blockchain in a way that is relevant to them, except "I'm going to keep bitcoin."
I don't really think people should hope that blockchain is relevant to them, just like somebody said, "Hey, how is the relational database good for me?" That's just not a question we ask. It was all the applications that were built on top of this new type of architecture that allowed the emergence of the web 2.0 to happen, that suddenly there was something you wanted to do. And it wasn't because you were able to store and connect follow-up databases in a whole new way.
It is the social graph there, and now we are going to perform various types of operations on it. So I think money is a fantastic application. And people have worked very hard on making, whether it is Bitcoin or another coin that can be used. I think what would be great for people to understand is not "How does the blockchain help me?", But rather that we are currently seeing a huge push in society, in general, without cash. Scandinavian countries are now almost completely cashless. They trust their government. They have a very different opinion than anywhere in India that tries to demonstrate and go without cash where they have a very large cash economy.
So it's really a radical idea that people don't have cash in their pocket. Thirty years ago, I remember my mother telling me when I was a kid, "It's illegal not to accept cash." Credit cards are only accepted in some places. That is optional. But cash … cash is money. Now you can definitely go to a bistro and they will say "We are cashless" or your farmer's market where you can buy asparagus for five dollars, they prefer to use Square. And what does that mean? It means that every financial transaction, every time you make a purchase, actually requires a third-party service: "Is it okay that I do this?" And you don't really understand how many different providers are part of it, yes or no decision that happens so quickly. And many people say, "It doesn't matter. I buy asparagus. There's nothing wrong with that." But you know, what if you'd buy an engagement ring. Would you like that broadcast to your Facebook feed?
What if you were to pay a health insurance bill or a medical bill, so that you know for sure that your employer does not necessarily see … We have these divorces of worry. And there are enough legitimate reasons that people expect financial privacy. You may want to donate to one political issue versus the other. We can't really look at "If you don't do anything wrong, you don't need privacy." It is really privacy of who in which context. And that context is constantly changing.
So what could be good for you today may not necessarily be good for you tomorrow, and certainly not good for a vulnerable population that is difficult to absorb daily.
So that conversation is very similar to the bitcoin argument, right?
However, it does not necessarily have to be bitcoin. And I say nothing good or bad about bitcoin. I am not a bitcoin maximalist, but I am also not an anti-bitcoin. I'm just someone who knows things.
That's why I want to go into it.
But there is certainly something to be said for a version of digital money, where we now go to a cash machine, withdraw money that you have, you can do something with that money, and if you do not have all cash, you can return it to the cash machine . What happened to that money in the meantime? Banks have decided jointly, as long as you do not deposit more than the X amount in X days according to the customer profile of the X customer, everything is fine. We're taking your dollars back.
In a fully cashless ecosystem, every transaction – no matter how small – would be on that grid. There is no escape hatch where you can get something out of it, and a publicly accessible cryptocurrency does. It can be more seamlessly integrated into the banking system where you have certain digital wallets that you open at a bank, just like a bank card. There is no reason that this type of hybrid solution cannot be investigated, other than the current market share regarding market share and discussions with regulators about what is or is not acceptable.
So you are on the board of the Zcash Foundation. It's around bitcoin in a way that cryptocurrency sits around.
Zcash was originally a fork of the bitcoin project to which additional cryptographic privacy was added, yes.
What do you think about the ecosystem and what Zcash is trying to do in that role?
They really stick to their idea of a technically pure privacy solution for digital money as their northern star. There are certainly people who can blaze each other on Twitter about whether that goal is being achieved. Most transactions in the Zcash network are just as public as bitcoin transactions. For people who do not participate or play with bitcoin, they may not realize that it is actually not as private as the news may have claimed. It is a pseudonym. So as long as you keep some information private, it's hard to trace back. But actually a public ledger, a public blockchain is completely visible to everyone.
For example, you could go a few years ago when the NHS was hacked and there was a ransomware attack where all their files were encrypted and they said, "Pay us bitcoin and we'll unlock it," with the address to deposit that bitcoin. It's in the malware. You could look at it. You can go to your favorite blockchain explorer, enter the address and see how money flows into that wallet. And then you can trace those funds afterwards. There are ways to split and hide that course over time, but in a sense, those are forever infected funds. And so the Zcash project is working to ensure that privacy is not only on that network layer and on the layer "we can all have an unlimited number of keys". Sorry, I don't want to get too technical here, but they actually generate so-called zero knowledge tests. And as I said before, that's a way for two people who don't trust each other to prove something without actually exposing the input to the question.
A simple example of where that could be used in everyday life is … let's say you had five people in a room, and they all wanted to know if they got the same for the same job. How would you solve that now? You would probably find a person and everyone would say, "What is your salary?" And that person would say, "Okay, it was you," but without revealing what all the numbers were.
So you can make zero proofs to do that essentially in a black box way. So that you can solve that problem without having to have an intermediary. Again, it's about removing some sort of intermediary … Let me go back. It's about removing unnecessary central actors and achieving something technically that we couldn't do before.
So I want to bring that all the way back to the first thing you said, namely the first group of people – the cypherpunks, the people who caused the technology – they not only had a technical problem they were trying to solve, but a huge social problem. There was a philosophy behind it. And what you describe, we must be able to put so much salary information in a black box and get it out without finding out who made what known to whom. That has never been possible before. And now it is mathematically possible. Did you spend a lot of time thinking, well, should maths enable us to do things that people themselves could not do that way?
Well, basically, in the beginning, the challenge or one of the things that was so amazing about the early cypherpunk work is the advocate for strong coding and the work there. And we all use strong coding every day. We probably don't know. But every time you visit a website that uses SSL or TLS, you get the little lock in your URL bar. This part of the PKI, the public type of key system around which the internet is really built. And we take this for granted that there is a possibility to trade securely end-to-end on the internet. And it just didn't have to be that way. In fact, those first algorithms that you can do this with, and what is in terms of laymen, what is interesting about strong coding, is that you can publish the entire algorithm without getting weaker because you did it.
There is no golden key or secret information that must be kept in a vault that someone manages to keep the algorithm safe. And this is actually very important. For example, it becomes important when, after the San Bernardino recording, when the iPhone was used, and the FBI went to Apple and said, "Can you open this phone for us?" And they simply said, "No, we just can't do that. There's no back door to this coding. We can't do that for you." And so you see it coming up again in Congress, the question is, should we have strong coding? Should it exist? Well, it does exist. And if we as a society decide that we only want to use backdoored coding, then other people will just use the strong coding.
And now we use something that is deliberately in the way, and it becomes a threat to security, a threat to national security, essentially, to our financial systems, our internet, our daily banking, everything else that we do. And so advocacy was very important in the beginning. But where we have now gone much further than saying that, our daily privacy from our ins and outs simply cannot be separated from our digital life. IRL no longer exists. IRL is digital. We are all online, always.
If The edge has a thesis statement, that's it.
Yes, the internet is IRL, is life. I'm from the internet. And because privacy becomes something that you simply cannot separate from your digital privacy, we need tools to help us maintain our freedom of choice and simple human dignity.
So that brings me back to something that you mentioned earlier, which is very complicated right now. Installing many of these apps and services is very difficult. It is hard to even fully understand which one to participate in, apart from bitcoin and possibly Ethereum, and none of them have really achieved that network effect scale where they are valuable to everyone, not just early adopters. What do you think is the inflection point? And I realized that you said it wasn't important to you, like it's a follow-up database. But at some point, follow-up databases took over the world and now I can point them everywhere. I can't quite do that with block chains yet.
The main project I am working on at Clovyr is about infrastructure orchestration and coordination. And ultimately, user discovery of apps that exist on a decentralized non-curated by Apple in the Apple Store. But in the beginning it looks a lot like great developer tools and engaging developers. So we first have to walk before we run there. But I think for every app in the retail space or the normal user space where we sign up for a service, it says that they will give you your astrology chart or let you blog or go to tell you where the restaurants in your area are , there is probably a highly motivated group of college children trying to get a Y Combinator grant to solve that problem in a decentralized way.
It has been very frustrating in recent years to suddenly have that ICO and token, instead of thinking of "What would this mean as a self-hosted application, something that I could run?" For people who do not necessarily code themselves or deal with infrastructure, that is probably a meaningless sentence for them. But to go back to the "let's put a floppy disk in a computer" model, one of the reasons we all wanted to move that to the cloud was that you wanted to access your document from a number of different machines, maybe your telephone, maybe your work computer, maybe your home computer. And so you need a so-called server to sit in the middle and serve that data.
And it is much, much more efficient to collect all those servers in one place, to virtualize them, to slice them, to dice them. Now we're going to a server list model where you don't even know where the hell it is … it gets crazy out there. It's a challenge for new developers entering this space, you don't have to understand the technical stack like you used to, because you never see these things isolated. It's just a connection of services that you merge into a kind of application. But for ordinary people, what you wanted to do was run the app, I wanted to run QuickBooks or whatever.
So there should be a way to disconnect the infrastructure and the piece "Where is this thing and how does it work, and how do I get access to what you wanted to do here?" The use of the app and the content creation and the data that it stores? And this goes into what people would call the web or decentralized web-like projects. There is a whole group of people looking at how we can create new types of self-hosted applications where you just don't have those other intermediaries, but they can connect with each other, exchange data, share information, just like you have a central coordinator. To do that, you have to be able to make that infrastructure work as seamlessly as if someone else is doing it, and that's one of the things I'm working on.