Steve Mildenhall on Blockchain Technologies
David Wright: My guest today is Steve Mildenhall. Steve is Assistant Professor of risk management and insurance and director of insurance data analytics at the School of risk management in the Tobin College of Business at St. John's University. Steve has 25 years experience in the insurance industry. Prior to joining St. John's in 2016. He was a global
CEO of analytics at AON PLC based in Singapore and head of an Benfield analytics. Steve received his PhD in mathematics from the University of Chicago. He is a cryptographer, which we'll be talking about today, which I only just learned and maybe he did too. Steve, welcome to the show. Steve Mildenhall: Thanks for having me back. David Wright: So this this following are not unreasonable.
bookclub Premier, maybe we'll continue to call this a book club. Although more of a learning club Study Club. This is your idea to do this show. Steven, I really appreciate you suggesting this as our round two because blockchain Bitcoin, these were concepts technologies that I had been to be honest with you call it relatively speaking, dismissive of that relative is relative to the euphoria and intense emotion it stirs up and everybody else, I thought was a little bit overrated. But through my research over the last couple of months, since we've been talking about this, I've come around and I do believe it's amazing stuff. So I'm looking forward to getting stuck in one thing that I always am concerned about when talking and hearing about Bitcoin is how just immediately goes abstract. And we're going to get abstract. Today we're gonna talk about some things that most people don't aren't familiar with. But maybe we can begin with a list of or at least
a quick conversation about some technologies that Bitcoin enables some blockchain examples. Bitcoin is sort of blockchain enabled. So Bitcoin is the number one example this cryptocurrency. But what are some other examples of things that exist out there? Steve Mildenhall: Yeah, so in the insurance space, there's a few examples at the moment. There's a group called ether
risk, which does travel insurance, which is all done on a blockchain database. There's a another company called everledger, which stores information to validate diamond ownership. So the idea here is you've got a database that's immutable, and is certifying ownership of something. And they've got, I think, over a million diamonds in their database at the moment. David Wright: And I'm actually I came across a quote from a guy named Chris Dixon, who is a managing partner at a venture capital fund in California, and he's a real Bitcoin blockchain guy and manages their their crypto funders are calling it and he said in here, here's here's a quote of his so the first most important example of blockchain use is digital currency made famous by Bitcoin. But as we've discovered, over the past few years, many other software components can be constructed using the building blocks of trust. smart contract
platforms, like Aetherium enable the creation of, among other things, application specific currencies, that being the ICOs, you'll hear about digital property rights, which you touched on there a second ago, open financial instruments, software based organizations. And that reference is actually to a coin, which is working as a share in companies and specific coin specification that he's mentioning there, which is interesting. From these components in turn, new infrastructure and applications can be constructed. For example, developers working on upgrading the core infrastructure of the internet, including Storage Networking, identity, distributed clipper computation, stable coins can enable more mainstream user experiences for digital payments and financial services, crypto goods, such as there's, there's funny like little collectibles, crypto collectibles, we hear about those can unlock new experiences and business models for games and other forms of media. Entrepreneurs are developing
crypto powered financial services, with the tokenization of traditional assets and payment services to the unbanked. We expect many web applications to emerge in the coming years. I know some more of the list, I have their loyalty systems, there's digital IDs and equity markets, energy trading medical records, tracking drugs from pharmaceuticals, supply chain management, holy cow, there's so much here. It's overwhelming, isn't it?
Steve Mildenhall: Yeah. So if you, I think in that same podcast he talked about, we've got a new capability that's come along, and it's as powerful as computers were originally it's as powerful as the internet was originally. And we're at the same point, as we were the internet in I don't know about sort of 1980, you know, seven or Yeah, way, you'd log on to a page and it would be a few bits of HTML. And the image would load like pixel at a time. And, you know, what are we gonna do
with this, but it truly is enabling this this authority, Lis trust between individuals who don't know one another and have no reason to trust one another. It's a brand new, super powerful capability. David Wright: And so we kind of coming to listen to the core of our conversation today of what is it and why does it matter? And one of the things that occurred to me over the course of my research or became clear to me is that actually there are precursors to the to Bitcoin. And so we're going to start off talking about Bitcoin, and what is inside bitcoin and how it works. And then that will evolve into a conversation about Aetherium and other technologies and then beyond from that, but what surprised me about Bitcoin was that there were a couple of Have cryptocurrencies that were attempted, and were nearly successful. One of them was called bit gold, which uses and
we'll use this as an opportunity to talk through some of the technologies underlying Bitcoin bit cold, which used the proof of work idea and use it uses. And that being something that computers can, can problem they can work on in order to validate transactions. And so one of the key problems with Bic that Bitcoin solves is when you have to track currency, you need to make sure that everybody knows where everybody else's currency is, and so that nobody steals it. Right. And maybe, Steve, you can talk a bit about how that happens? Steve Mildenhall: Sure, well, I mean, I think it would be best if we, we sort of started at the beginning components and okay, we'll lead up up to that. So when we talk about a blockchain and Bitcoin is an implementation of a blockchain, there's there's four major components to this, it starts off simply, it is a database. So we're all familiar with, with databases, and it's
what's called a chained key value database. And you can think of that as the key value would be like a database made up of index cards, the key is the index on the index card, and the value is the content you're storing in it. And you can store anything in it meal, PDFs, images, text, whatever you like. The chaining is that you link the cards together, so that on the nth card, if you will, you have the index of the previous card, the n minus first card, right. And that's a very
important that's not a new innovation, it's been around for a while, but it gives you a card, naturally a temporal ordering, which you want, for example, if they're tracking transactions, so there'll be a first card, and then on the second card, you'll have the index of the first card on, and so forth. So what that means is I can give you the index of the latest card, and you can go to the pool of all the index cards, and you can pull them out in order. And you can sort of see the connections between the chain the chain, right? So that's why it's a chain, very descriptive blockchain is good.
Yeah. The second thing that it has is when you use a database, your as a user, if you take a copy of it, you are concerned that you're you have a copy with integrity, that it is an accurate copy of the original database. And the blockchain uses a very clever way of determining integrity using what are called hash functions, right? So hash functions are, they really are a magical ingredient in this whole thing. What a hash function does is it takes an arbitrarily linked input, and it produces a fixed length output. Okay, so the
classic example we all love from IT systems is we're going to make your email address and it's going to be the last five letters of your are the first five letters of your last name and your first initial Yeah. And that's kind of useless, because if your name is Jim Smith, there'll be a lot of J Smith's in there. And you get what are called hash collisions, where two distinct things hash to the same two inputs. So there are more sophisticated hash functions, though, where the chances that different input hash to the same output is extraordinarily low. And I'm not talking low in the one in 100 PML sense here, we're talking about low as in the chances of picking a particular atom from the universe, right? If you said to all practical purposes, it is it is not going to happen. So how is this this used? Well, what you do is, you take your index card, you take the contents, you run it through your hash function, and then you use the hash as the index. Okay.
So now if I download an index card from the database, I can check that I've got a good copy of it because I hash the contents. If my the answer, again, doesn't match the hash of the index on the card, something must have happened in download, and I don't have a copy with integrity. Why do we do that? Why do we need a copy with integrity? Well, because it's money or something. We're always storing bank balances, we need to know that we've got matters Oh, it actually matters. David Wright: Yeah, there is. And I was just mentioning,
before we started, there's a, a metaphor that I was thinking of yesterday, which is, if bitcoin call it this asset of value, the the equivalent kind of real physical idea is if we all took her money, pulled her out of the bank, dropped it in the middle of the town square, and a big pile, and then turned around and walked away. And we're sure actually that it was all going to be there in the right order for everybody, every single person when we got back, and we can use it whenever we wanted, but we're just sitting there in front, everybody, anybody can walk up to it and touch it and look at it and see who's who's in principle. And so like the technology that enables that is is is fundamentally I think, just confusing, not the right word, but kind of mind bending.
Steve Mildenhall: It is mind bending and his. As I was looking into this, this was one of the things that Ben my mind says, So so the next thing that you do that you realize is if you've created your index as the hash of the contents, part of that is the hash of the previous card. Yeah. So what that means is I can right now I can give you 177 digit number. And you can download the entire Bitcoin database, which I checked this morning, it's 250 gigabytes right now. So 250 gigabyte file, you can download it, you can do what is, in essence, a really big ass computation. And if at the end of that computation, you
get the same 77 digit number that I told you is the current key, you can be essentially absolutely certain that you have a faithful copy of the original database, because I find that amazing. So one number 250 gigabytes of data, I'm gonna David Wright: come back to that action in a second. But I just wanted to really put a finger on how important that is. Because
what somebody could do is they could they could give you the wrong copy the database, where at the end of that chain is all Bitcoin goes to me. They say they disagree with everybody. So here, everybody, here's a new block, it's going into all your block chains. And the end of that block chain is all bitcoins go to me, I am now a trillionaire. Right? And then,
and so there are reasons we'll get into some reasons why that's not possible. But that's what's at stake potentially, you could get all that money. Steve Mildenhall: Exactly. So and that that actually brings us to the next point. So we've got, we are sure that data has
integrity. But in in databases, there's a difference between data having integrity and data having validity. Okay, we want the data to be a valid record of what we think is the true state of the world, right, that record validity, as opposed to you can have a copy with integrity of incorrect or invalid data, right? So there's sort of two distinct issues. So the second
thing that happens with David Wright: this, it makes come back to that idea. So that would be it is a it is a blockchain, which is valid in the sense that a true blockchain but it's got the wrong people who have the wrong people have the money is that Steve Mildenhall: it's, it's, if I make up a new block at the end, which is not valid, you can have a copy of it. That's accurate. It's got integrity, but it's not valid. Yeah, right. So I've made I've done your example. I've said all the Bitcoin goes to me, that's not valid. Yeah, you've got a perfect copy of an invalid record, right? Yeah. Yes. Yeah.
So validity is is the more important in many ways. Yeah, sure. Right. And this was, you know, the brilliant idea, you talked about proof of work. And the issue that we have here is
computing all these hashes and what have you, very quick and very easy. So if we imagine we've got our key value database, and you want to go back and you want to change your card in history, so that it transfers all the money to you? Well, there's nothing to stop you doing that calculation, you can then re compute from that point forward to all the subsequent keys. And you can then present this to the world as this is the state of the world, okay. And people could download two copies with integrity with integrity, but they wouldn't know which is which. So we need a way to build
sequentially, and at each step, have everyone agree, and then have a way for that not to be able to be changed. David Wright: And so let me let me pause there for a second and talk about bit gold again, which is probably a better way of inserting that we're under big gold. What the The inventor of that game, Nick sabko. His idea was we're gonna have everybody vote. And so everybody who's in this network now is going to have a vote in a very complicated voting mechanism for which one is true. And, and it has some kind of consensus that was developed and is really complicated idea and complicated piece of software. But bitcoins solution, Satoshi Nakamoto, will
probably get in touch. We'll talk about that in a second about who that maybe person was, had a different idea for, how do you how do you all agree? Steve Mildenhall: Yeah. So his idea is as follows. Let's suppose we're in a situation where everybody agrees on we've got a stack of cards that everyone agrees on. And they basically tell us who owns what, from this pile of money that the village has put into the square? Yeah. And now we've got a number of new transactions, and we want to sort of lock some of those down. Okay, so people can look, they've got the existing record, which we all agree on, they can look at the new transactions, and they can check. This is, you know, person A transfers to
person B $10. Well, the person may have $10, yes. Okay, that's a valid transaction, right. So we can assemble a number of valid transactions together, we're going to write those on our index card. And then here's the secret sauce. Normally, we would just then take the hash of that, use that as the index, and that ensures that we can and we can guarantee integrity, the extra step is as follows. We want to actually add a little
extra piece to the card, so that when we hash it, we get a small number, the hash that comes out is a small number because these hash, they're just numbers, right? You can it's just it's literally a 77 digit decimal number. And they're essentially randomly distributed, right? So if I start with a payroll load has gotten me a bunch of PDFs of transactions in and I just add an integer at the end and I increment it, I keep I do that often enough, eventually, I will get a hash that comes out that small it begins with a bunch of zeros, okay. And by adjusting how small it has to be, you can make that problem more or less difficult. Okay, so So what we do with the peer to peer validation is the group agrees. Okay, at the moment, we can perform so many hashes a second. So we want the number to be
below Whatever the threshold is, and people scurry away, they try and find that it's called a nonce, a number used once that you add to the card, they try and find the nonce so that the hash is small. As soon as they find one, they broadcast it to the network. And they say, Okay, here's a card list of transactions with a nonce that locks it in. Everybody looks at it, and they can then all valid Yep, all those transactions are valid. We all agree with that. All right, that's now a valid
card, I put it on the pile. And now we will start working on the next card. Yeah. Okay. And the reason that this works is, now if I want to change, let's say, I want to go back to cards, and I want to change a transaction on that card, I need to find the hash for that card, then that changes the next card, because remember, the index comes through onto the next card. So I need to find the nonce for the next card, and, and so forth. But meanwhile, everyone else is working from the sort of front of the caterpillar, if you will, and they've moved ahead, and you'll never catch up. Okay, so in that way, it becomes
essentially impossible for someone to go back and change history, because you've made it difficult to kind of min the new costs. David Wright: But let's keep dwelling on this topic. It's just really important. There's a lot of interesting complexities
to it. So another, the solution that we're talking about here is to what I, if I remember this, right, maybe you know more about this to me, but the Byzantine generals problem, which is if you're all sitting on a battlefield, right, and you're surrounding the enemy, it your ally, some of them are pretty far away. So how do you coordinate? So if you're the general, and you have a bunch of allies that are somewhere else in the battlefield, how do you get the message to them to attack now attack now attack later or wait? Right, so they can act an uncoordinated fashion, I'll go the wrong direction and lose the battle. And so what's amazing about this network is that so back to the village square idea, we have a stack of index cards, which tells everybody who owns what and the big pile of money, and but everybody is now trying to try to validate the next card that's going on. So we all have a card, we're writing something down on, and the first person to get to the stack and put it on top gets the right stack. But
what if we disagree? So now what if there are two messages that are getting circulated to the Byzantine generals, army? Which ones right? And so I think that the way, the way that Bitcoin solves this problem is that everybody shares with everybody else. So you have this network, this sort of multi connected network, where, you know, I'm looking at the last stack from from computer a over here, and there's computer D, which has another last stack, and they're all kind of agreeing, but if two consensus is emerge, so there's one group, which is saying this is true, this is the new car to go on the stack and other groups is disagreeing with me, you have a split, and it's happened a couple of times in bitcoins history, how do you resolve that, we resolve that by eventually one of them is going to overwhelm the other one, because they're gonna keep adding more stacks on top of theirs. And then one of the like, you're saying it's very hard to to add cards to a stack, because deliberately solving this little cryptographic puzzle costs resources. And so people may have heard of the 50 plus 50% plus one attack. And that is you need to control 51% of the resources of the whole network, because you have to be able to keep resolving what the next card in the stack needs to be.
And you could have two card two stacks that are racing each other is the point. So when, when they when the cards disagree, sorry, when you have two different ideas for who owns what stuff, they start, they start a race. And eventually one of them's gonna win, because their staffs gonna grow faster, and then they're going to spread more through the network, and the secondary stack becomes totally invalid. So all their cards in the disagree become discarded, and they just go away and they disappear, and then a stack that gets largest wins. And then there's that becomes the truth. Yeah. Well, who owns what the longest chain defines the longest chain to find the truth? Exactly. And there's this sort of, and as the one of the
things I, I was reading about in this research for this was there are two pages of the eight of the Nakamoto paper, the Bitcoin white paper was to find the protocol which deal with this, and that was the innovation. That was an evolution from Big Gold to Bitcoin, because they had this voting mechanism, which says, who got into the question of who owns what, let's all vote on who owns what let's look at Townsquare unless ways are handled it this way complicated to implement. Bitcoin says, we're gonna we're not going to think about who's right, we're just gonna make sure that we're going to ensure that the only the one who is right is the one who has the biggest stack, the one who has the biggest stack is the one who controls the most computing power to solve these solve these cryptographic puzzles. And that's the only value that's the only arbiter of truth Steve Mildenhall: it said unforgivable on. You can't, you
could pretend to vote or you could, you know, vote not your true intention. You can't make up computing Pat, you actually have to have it. There's no substitute for Yeah, so another thing that we didn't cover, but it's very important on this validation is so why do people why do they want to be the next person that add the top card to the stash? And the reason for that in Bitcoin is while you get paid for it, yeah. Okay. And that's that's an important part of the incentives that when we think about applications of blockchain in other areas, you need to think about well, if you're going to want some equivalent to miners, how are they going to get paid and people often miss in paid David Wright: in two ways, and I learned this recently only, only recently, one they get you get rewarded coins as they win once you successfully mine a new card. So once you've successfully put another On top of the stack, you're handed some coins, right? And the second actual way is you do get paid transaction fees on the Bitcoin network. So it costs Bitcoin to send bitcoin to somebody else. Right now the transaction fees
for Bitcoin is 50 bucks to actually send a transaction of I think I have that right. And so there is a fee element baked in which the miners also get over time, and that they can grow or shrink or whatever, there's a market price for all that, as well. Steve Mildenhall: Yeah. So the the way, you may have also heard this, there's going to be 21 million Bitcoins. So how does
that happen? Yes, well, the whole network is calibrated to produce one block every 10 minutes. And it started off that you got 50 Bitcoins for for minting a block. And then every I think every two years that halves is currently down to 12 and a half Bitcoins per block. And it'll keep having and obviously you know, you some the geometric series, it's going to told max out at about 21 million Bitcoins will be issued.
David Wright: And so let's just briefly recap now on the technologies that we've talked about, because I don't know how good of a job we're doing it explain this, because it's one of the things that really gets to me about learning about this is that if you're unfamiliar topics, not used to thinking about stuff like this, this is not, oh, my computer's faster than it was and therefore I understand the implications of that. Now, these are these are genuinely surprising ideas. And so we have we have the public key cryptography, which is one idea here, right, which is, how can we secure that the transactions that I sent money to you, and you know, it came from me, and that's a valid transaction. And we have these, these puzzles, the nonces, you're talking about which make adding a card to the stack hard arbitrarily. So those are adjusted over time to make sure that we only get 1010 transaction 10 sec. Was it 10 minutes, patrons? Sickness, six
per transaction, any other key technologies here that we're missing, like, genuine technologies that are Steve Mildenhall: so relevant, right? So that the nonce is is relying on the hash functions yet, which are magical, there's a digital signature concept, which means that you can sign a document in such a way that you can tell it hasn't been tampered? Yeah. But that's essentially uses the same ideas as public key encryption. Yeah. And then, you know, the whole the fact that relies on the network, and yeah, you know, peer to peer and the rest of it social organization. It is it's
an extremely clever and ingenious combination of existing technologies. Yes, no new technology or concept produced for this. But the parts were pulled together in an incredibly imaginative and creative way. David Wright: Yeah. And, and I think that the idea of, as I said, before, throwing your money in the village square, and then knowing that it's safe, is so surprising that it's, I think that one of the reasons why folks, including me, have a hard time understanding implications here is like what else is possible in a world where that can be true? Steve Mildenhall: Yeah, so So we've sort of discussed on the on the blockchain, we've just got it's a database, it's a chain key value database, we've got the hash enforced integrity, we've got the peer to peer validation. The missing piece
that we haven't discussed yet is okay. So just what is it that the Bitcoin network stores in this database, right, that that's kind of all like a container is like a SQL database? Well, what are we putting in it? Yes. And what we're putting in it is ownership of the Bitcoins. And the way that ownership is sort of asserted and transferred, is if you you own some bitcoin, and you're going to send them to me, the, the way that works is I give you a puzzle to which I know the answer, but it's very hard to determine the answer.
And what you do is you you've similarly when you got the Bitcoin, you had some puzzle to it, you know the answer, and you essentially sign it over, you can almost imagine it as being like dollar bills. And there's the puzzle on there. And you your puzzle was given, you know, when it was given to you had your puzzle on you write the answer on. And that's what everyone, when they validate the blocks, they validate that your answer is the answer to the puzzle on the car, you know, on the dollar bill at the moment, and then I give you my puzzle, you write my puzzle on there. And then the trick, though, is, it's not like $1 bill in that you give it to me, you've just broadcast it to the network. So there is it's called the UTX O
and unspent transaction output there is on the network, there is this puzzle sitting there. And it has the rights to claim so many Bitcoin outputs. And it's accessible by anyone who can answer the puzzle. Right now, I know the answer. But in theory, somebody else could figure the answer out, and they could whip it away. Right? I mean, did he use the idea of private and this is this is your, your private key. And
it's, it's quite, you know, part of the the design is it's sort of protected by about three layers of concepts so that, you know, if if someone figured out how to reverse engineer a hash, well, there's actually it's actually double hash with two different algorithms. So you'd have to solve two different algorithms, not one, and then you'd have to solve something called the discrete logarithm problem which is widely regarded to be an impossible problem to solve with current technology, David Wright: hashes per second. So the magic of a hash function, so and you could and the way you would start to me as I was researching this is, you could take a whole novel, and you could hash that into this was a 72, integer number 7777 integer number, right? Or you could hash the Word doc into a 77 integer number. Steve Mildenhall: So yeah, and so when I started playing around with this, I was like, Well, I don't believe that that's seems like believable. So I took a photograph, and I hashed the
photograph, and I got a number and not quite right. And I went into Photoshop, and I changed one pixel, and hash it again. And it isn't like the last digit of Yeah, it's completely different number, right? Totally different number. Yeah. And you know, the way sort of underneath they work is they take your input file, it's divided into chunks. And then on the basis of
each chunk, it sort of does some shuffling, it's like doing some riffle shuffling. And maybe, you know, you divide the stack of cards into little bits, you shuffle the blocks around. And it's just a sufficiently complicated thing, that as far as we know, you can't reverse engineering, it's called the one that there's a number of them. Big Bitcoin uses one called Sha 256, which is secure hashing algorithm, the 256, is it works with 256 digit binary numbers, which then transferred leads into a 77 digit decimal number. And so David Wright: there are two different keys that were used as a public key and private key. And I think of them as a lock in a key, right? So your public key in some ways operates like a lock, where it says, in order to get into that lock and open it up and use the Bitcoin or take it, you need to have your private key, which is kind of more like a key. And I think
that if I can get this metaphor, right, what we're saying here is that you know, every key is defined by some some kind of what's the password, I guess, right? And changing a little bit will completely change the configuration of the walk. And so the key looks nothing like the key you had before even though you've changed it only a little bit, you have to have that key. If somebody can steal your key. Steve Mildenhall: Yes, this is this is a much underappreciated fact is that you can't solve the problem. But people can't remember 77 digit numbers, so they need to write them down somewhere. And they can be stolen. And they can also be lost, right? I put them on a flash drive. I know, you know,
that got thrown away. I live in Silicon Valley, the guy left in his jeans, pants pocket. Yeah. So that, you know, that's again, and we'll probably get to this but there's sort of interface between the real world and the digital world. In a closed
digital environment. Yes, it's all perfectly secure, and what have you, but the keys do live somewhere. And if you get that key, you can transfer that money and you can not get it back. Right. It's a it's a gone. David Wright: And let's let's come back to what actually is stored on the blockchain in mine, my kind of understanding of it is that it's a list of transactions. So what's
interesting about the Bitcoin Blockchain as distinct from say, Ethereum, which I'm sure we'll touch on here is that Bitcoin doesn't actually say this person has this much money, this person has that much money, it says, throughout history, here's all the transfers, starting with the first transfer, here's a giant list of all the transactions that have occurred, which is not the same thing as saying, Here's a list of the accounts and who has what it saying, Here's where the money flowed, it's not stocks, Steve Mildenhall: correct. There's no notion of an account an individual can have multiple addresses, it is simply a tally of the the problems to which your private key is the solution. Yep. And then you pull it and people match them up. And you know, that's it. David Wright: And one of the things that you know, we've been playing around with some some some blockchain software and you know, in preparation for this mostly, and you can get you can get I call it a plugin for your browser or whatever it is a wallet application. And that you say, I own this much Bitcoin and you can put in an address you just copy and paste this giant number and you say, send it to this address. And that might be the first time that the blockchain for Bitcoin saw that address. That's okay. Right, that address doesn't exist
somewhere else it's usually made up this number and now on the blockchain just says this number has this many Bitcoin or sorry, was transferred this many Bitcoin. And if you have access to the key, which can which can decode that number, you can then send it to somebody else. Steve Mildenhall: Yes. If you want to in the same way, they will give you the their problem, you and you just sign it up, you're very much can think of it as it's like a check that you keep endorsing. David Wright: Yeah. And one of the key ideas here is that you can have security without ownership. And in the ownership
here is where you have your thinking, like distinct from bank, and I was just coming to my mind to second ago now where if I want to send money to somebody else, and I'm back at TD right, and if I want to send money to somebody else, they have to open a TD Bank account in order for me to send them a TD, send the money on the TD network and other bank accounts, of course, to be at the open account first. With blockchain, you don't you just send it to an address and as long as somebody can grab that address, you don't have to open an account or close it account or monitoring account because nobody actually owns the account. Yeah, Steve Mildenhall: it's a somewhat surreal experience. I I taught in my class last year I Talk about how Bitcoin works is sort of part of a FinTech module. And I thought, well, I
should know about this in, you know, in reality, rather than just in theory, so I should go and buy some bitcoin. So down on Prince Street here in New York, there's a bitcoin cash station, and you Trundle up to it with your, I put 200 bucks into it, and you have your address, and it's one of those quick response codes, you hold your phone up to the camera, it scans the code scans the number in, you put your 200 bucks in. And that's it. It's not it's actually not quite, there's a little more regulation in New York, you actually have to provide a cell phone number, so they can tie ownership, which is I mean, that's the whole sort of the security apparatus of money. Different different thing. But I don't have walked away from this. And I'm thinking well, so where did you know? Where did my
200 bucks just go? Yeah, what happened is now gone. And, and one of the confusing things is, is a lot of the Bitcoin software will provide you with, with what are called wallets, and wallets are ways of managing your, your private keys, managing if you want to send money, they figure out what outputs you've gotten, they built the transactions for you, whenever you but your money does not live in your wallet, your money is your ownership of your money is from your having this number, which corresponds to a problem on this distributed ledger. Yeah. And you can kind of see that the money doesn't live in your wallet, because you could put the same money, the same Bitcoin into the hundreds of different wallets. But you can only spend it once, if you try and spend the same Bitcoin, twice what will happen, this is where we go to the validating transactions. So I could take my same private private key, I could put it into two different wallets. And then I could simultaneously try and spend it
to two different places, or what's going to happen is as people assemble the next card, they will pull one, they'll pull one of those transactions maybe as the first one. But when they get to the second one, they'll go no, this one's not valid. I'm not putting it in because they can see that right there. And so, you know, on the incremental building the new card, you don't you solve the double spend. David Wright: So the key doesn't actually give you necessarily ownership in some conventional way. It gives you the ability to send it somewhere else. Yes. Which is kind of ownership. But
in other ways it you know, because it gives you control greater control over that. Yeah, but it's not it's not. I feel like it's only slightly, it's subtly different from what we think of typically as ownership, maybe, but in name, but maybe not necessarily in effect. Steve Mildenhall: Well, and one of the it's interesting to ponder that. From a state and legal perspective, could you prove that someone owned some bitcoins? Right, right, that so essentially, the only way that you could do that would be to find the key. Now, the person if they had a good enough memory, and they were confident in it, they could literally just remember the number. Yeah, and there was nothing physical written down. So at that point, it would be impossible to prove
that you actually don't so you've got only you've got effective ownership, you can control it, you can you can spend it, but an outside third party could not prove it. And you know, for example, there's an address out there, I think it still exists that had 450,000 bitcoins in at $6,000 plus or minus each. That's $2.7 billion right which some guy could be walking around with literally the key to that in his head. Yeah. Or so blows your mind and he got hit by a truck right and
then it's well I mean that that's what happens is that now it's gone and it's gone forever. It sits there on the blockchain is it's out on the blockchain, but it never moves and never get stable. Never. Yeah, there was actually an article in the journal I saw the other day about a company helping people try and recover lost Bitcoin, but they're not doing it by solving the problem. They're doing it by someone's got a wallet that's encrypted, and they try and decrypt the wallet to get into the underlying coins. Oh, wow. Easier. Yeah. It's basically just password cracking. So that's an easy David Wright: I see, yes. Because you have to come up with
a passphrase or a password to get into the wallet itself. The wallet holds the key. Steve Mildenhall: The wallet holds the key. Yes. This is like a you know, password.
David Wright: It's a less secure version of the same thing. Steve Mildenhall: Yes. Very much less secure. David Wright: Yeah. Yeah. Isn't that amazing? So maybe we can talk a little bit about, about other Bitcoin technologies in particular Aetherium. So Ethereum is is this is another,
it's another blockchain, which is created now. Cerium is very different. So Aetherium is the metaphor that the founder of Aetherium this guy's like, 22 years old and Vitalik Butyrin. Really interesting guy came up with it when he was a teenager, Canadian, Russian Canadian, but growing up, grew up in Toronto, and his Ethereum is he looked at Bitcoin and he saw that actually, within Bitcoin, there's a tiny little scripting language, and maybe we can talk a bit about that first, and so that the scripting language says, do this so you can send it money here and you get when you actually sending coins or when you're executing a transaction in Bitcoin, you have to specify a few specific parameters. You can talk a bit about that.
Steve Mildenhall: Yeah, so so so this the scripting language for Bitcoin is how you express the puzzle. Yeah, so the the most common script in in Bitcoin is paid a public key hash. So the idea there is, I'm going to send down the wire, a few numbers, and this scripting language is going to execute a few transactions with them. And what it's essentially going to do is it's going to take my public key is going to hash it. And it's going to check that the answer is the answer that was given when the Bitcoin was transferred to me. And then it's also going
to validate, I'm going to, I'm going to sign the transaction. So I'm signing that, you know, this is I'm the only person who could sign Yes, I have, I have to prove that I have the private key that goes with this public key. So it was kept deliberately simple. In particular, there's no, there's no looping and no
branching in the Bitcoin is essentially a stack, you push things onto the stack, there's operators, and then eventually they collapse down. And when it ends, you know, if there's anything, not that it doesn't evaluate to true, the transaction is not valid. With Aetherium, they build a much more sophisticated scripting language, it's a Turing complete language, you've got loops and what have you. So you can you
can really express anything in it. And it allows you to have much more complicated ways to unlock ownership. But just going back to on Bitcoin, you can already do some fairly sophisticated things there, right? So you can set up a bitcoin address, and you can say, this bitcoin address will pay if three out of five of these addresses are great, for example, which is, you know, that's quite the end of and I forget what the exact limits are. But it's sort of within
bound, but you can get quite creative with that. Ethereum, on the other hand, full programming language, so to the extent you can sort of get inputs in that everyone trust, you can do much, much more sophisticated issues, things with that. The downside of that, of course, is all of this stuff is is non reversible.
So you've kind of debug your little program very, very carefully. And there was a very well known example, when Aetherium first started, have someone ran a script in some untoward way. And it blew up, you know, hundreds of millions of dollars worth of Aetherium. And I think they actually went back and forked the network to undo that that transaction. David Wright: Maybe we can actually pause for a little longer on Bitcoin before we go to in theory, I mean, we'll we'll get to it, I'm sure and talk about Oracle's because the the idea here is that you can trigger a transfer of Bitcoin, if, as you say, this other wallet here agrees. And so that other wallet can just be or the address can be some other program that that will flip to true. But through any condition,
so it can be a computer somewhere, you can say when it's midnight, or when when Johnny just hits Yes, on the machine or or anything else or, you know, let's talk a bit about Oracle's and how they might be able to affect Bitcoin. And then we'll talk about the most for Oracle or for theorem two. Steve Mildenhall: Yeah, so we're getting here into this, you know, the real world digital world kind of interface. Which, when you're within the Bitcoin or Aetherium worlds, you you don't have to worry about that, right? There is no real world. And to the extent Bitcoin, or a theorem encapsulates value, you sort of got everything you need for a lot of financial transactions right there, you don't have to worry about connecting out. As soon as you connect out, though, yes, you
need some type of an Oracle to be an arbiter of the truth. It's called Oracle. So ether is, for example, the travel insurance, I think they sort of tack into TSA, and they're sort of not the TSA that f is the FAA, that does all the flight delay. So you can get pretty much globally a definitive listing of you know, was this flight on time? When did it take off? When did it land? When was it scheduled? And they use that as the article to pay out travel insurance, right, you know, I buy 100, if my flights delayed one, two hours, 100 bucks. And it's then all handled through this oracle. So that's it. That's a nice
example. The building good Oracle, so very difficult, right? And as soon as you get to something that's not definitive, and black and white, is going to be a problem. And that's going to be a path that needs a lot of work. David Wright: Well, what's interesting to me about this is that all this public key private key, all this stuff, all that ensures is that everything inside of the Bitcoin system is true and trustworthy, right? It's, it is it is the truth. But once you start including Oracle's now you're introducing outside elements, which may or may not be trustworthy, and so it's nice. You had this little walled garden here that that you can trust. So the money in the pot in the Village Square, we're
okay with that. But as soon as you start relying on external parties or external systems to start helping adjudicate what money goes where now we've introduced security concerns, let me summon now can can hijack the Oracle and steal the money. Steve Mildenhall: Yeah. And you, you get to I mean, sort of a classic example that people are thinking of using this for an insurance is contract certainty. And so you, you get to well, who
needs to agree who needs to be the Oracle right? You you, you can get to contract certainty using some of the capabilities that we've discussed digital signatures in particular, right that the parties could circulate a PDF, they all agree they can digitally sign it, you can then tell whether the document has been forged or changed in some way. And you can do that using just a piece of the capabilities here. But you do need to rely on, you know, somebody needs to become the keeper of the contract and the keeper of the signatures.
David Wright: So means to own it. Yes. And I want to, I want to pause here and dwell on this for another second. Because the part here that I wrestle with, is I'm not used to thinking about security. I'm not used to thinking about what is safe, but we live in a pretty safe society for the most part. And in particular, the only things that really hit the mainstream on the internet are things that are pretty secure. And so the and the reason why they're secure is that there's a trusted authority, which owns it or manages it or ensures its security. And we just, even if only implicitly, we more or less
trust all these authorities and and that's a part of our society, which some people lament, in particular, the kind of folks that start cryptocurrencies lament that kind of thing. Because you have all kinds of knock on problems such as like too big to fail banks, where nobody actually really scrutinizes whether these organizations or institutions deserve our faith, we kind of just assume everything does and if they don't the government come in and wipe it up and the ultimate backstop of security. And we live in a society. I think that because we don't think too much about security and safety. I think a lot of the the ideas that that that
blockchain pulls out, or uses or changes are just unfamiliar to us. We're not used to thinking well, what if we didn't need an institution to ensure the security of our money? What what does that mean about the things and you know, it's taking me a long time, and I'm still kind of working through it, of what the implications of that are. And I don't know where I'm gonna wind up there. And I think that it's easy for people's eyes to glaze over when we talk about oh, it's tricky. I remember mind doing this to first few times I heard about all this. I don't even
know, like, why do I care? Why do I care that the public key cryptography works. Steve Mildenhall: So that I think another interesting point about one of the reasons we trust security is if something's wrong, you can generally get it fixed. Yeah, right. So you have some credit fraud and someone opens a credit card in your name, you just sign your affidavit. No, this wasn't me. I
never show up at this place. I was you know, a different city at the time. And it all gets reversed out and you're good to go. Blockchain sort of Bitcoin in particular work doesn't work like that, right? Someone spends you bitcoin is gone. You know, there's no one 800 Number. Oh, I lost my keys one 800 Number?
Yeah, re please reset my password. Yeah, no. Proof. So it's, it's a very different technology security model. David Wright: And, you know, there's the important, most important uses for Bitcoin, as I've observed them in the world do emerge, where you have those trusted institutions are failing. So think, for example, you know, the main use of Bitcoin, some will say, and I think I probably am sympathetic to this idea is it exists to evade currency controls. So you
have Venezuela you have hyperinflation, you have China where you have currency controls, you can't money can't leave the country. And when China crack down on Bitcoin, the price collapsed. And so the uses of these in for that matter, you have drug trade, right? Steve Mildenhall: Didn't someone describe Bitcoin as solving math problems and getting drugs? David Wright: Yeah, right. Right. So these are, these are instances where you don't you don't? Well, you either don't trust the authorities or the authorities don't trust you. Now
the case, if you're a drug dealer, you don't trust the authorities, because they're, they're out to get you. And so Bitcoin exists where there is there's a breakdown in trust, and it supplements that trust with a secure network that you can then trust yourself. And so in a society like we live in, where trust is pretty functional, in most institutions in the United States, where Steve and I both sit, although both from other high trust countries, the UK and Canada. What's the point? Like? Is it really going to do anything for us? So maybe we can pause on that question. Maybe in switch
to Aetherium. For a second, we'll come back to sort of the bigger business implications of Bitcoin and some are sorry, Blockchain, but Aetherium. So Aetherium is not a list of transactions. Ethereum is a list of accounts. It's a it's a, it's a list of what they call this the state. So it's a list of state instances where this account has this this account has that this gun has that which is a different conception of the blockchain. Steve, any any thoughts or comments? Steve Mildenhall: Correct. Yeah. And you know, it was actually
forked off Bitcoin originally. Right? So if you go far enough back was the was the same thing. And I guess one thing to mention taking off that is that the Bitcoin database, that's the ledger of who owns what is a completely useless database, other than for determining who owns what it is, you know, it doesn't maintain state. So if you actually want to see, you
know, accumulate transactions by address or something, you need to take all the information out of that database and put it into a much more sensible database format. So it really is just a solution. It's very narrow to determining the truth. Yeah. And I think it's a good question you bring up is, you know, in a world where by and large, we don't have a problem determining the truth, you know, where's that application, but I think where it is, is, in part, you know, you talk to banks, you talk to insurance companies, people spend an ordinate amount of time coming to agreement on the truth. I've got my books in my account. And I think it's this and you did it, you think it's that and then we'll back and forth. And so there actually
is it's not exactly a trust issue. It's a it's an efficiency in getting to the truth issue. And I think that's where, you know, Jamie Dimon is obviously very down on on Bitcoin, but pretty bullish on blockchain, because I think he sees the technology as helping with efficiency of transactions behind the scenes, David Wright: because he can trust that something has happened. That is a transfer has happened of some sort, and so reduces the cost. Steve Mildenhall: Yeah. And we can all we all I can, I've got
my own copy of it, but you've got your own copy of it. And we're all assured that we're all looking at the same thing. You're all on the same page. David Wright: Yes. Because it's so expensive to hijack that network and make your own stack of cards. Yeah, that it's hard
to do that. So maybe we can talk a bit about what this means for the business world. My you know, I spent some time in researching this building a D app on Aetherium. When Aetherium, having this Turing complete programming language, you can more or less program, anything you want. And what I discovered
was that so my, my idea that we were talking about was what an insurance company that looked like there was sitting on the blockchain. And what I found myself doing was more or less re implementing a policy management system, but on the blockchain, and it kind of kind of sat back and occurred to me, this isn't one way of looking at Aetherium is, it's a very slow, very, very junky computer. It's a as the the founder made the point in an interview, he said, if you're running a program in Aetherium, though, it's a Turing complete programming language, it's kind of like running it on a smartphone from 1999. It's got terrible memory capacity, it's really, really slow. And the reason for that is that the transaction needs to be run simultaneously by 1000s, millions of different computers.
And so it's really expensive way to actually achieve something in some very weird ways. It's actually very primitive technology. But yet it has this, this component of trust, which is which is new, which is different, and we're trying to still figure out what, what it means. So which so back to the insurance company idea, what parts of an insurance company actually are worth doing more slowly, but worth doing any more open, trustworthy fashion, likewise with other technologies too Steve Mildenhall: Well, okay, so I think there's a few more related technologies to blockchain that I think open up a huge vista of opportunity for us, right. And I would call this what we sit in a world where you've said, We all trust one another and sort of the thing basically functions, okay. But then on the other hand, we have Equifax sure sitting there with all of our credit information. Yeah. Which was all stolen and
costing, yo. So it doesn't, I mean, it costs us let's face it, right? It the cost is socialized, but it comes through in the in the fees and what have you. Yeah, um, I, there's the capability here for us to kind of reassert ownership over our own private information. This actually goes back to our last
chat about is data labor or capital? Yeah, that we can we can pull it back. And we could imagine a distributed ledger database that contain, for example, a credit information to which would all be encrypted to which we would hold the encryption keys. And it could be managed in such a way that if you wanted to apply for a credit card, then you would give the credit card company you could give them a one time read only access to essentially look at your record, right? Couldn't and you can manage it so that they can not write anything down. They could sort of get a yes or no answer. They would like run a script against it. which would give them a yes or no answer as
to whether you're approved or not. But without them actually seeing the underlying information. And they could only do it once, it could only be called within a given time window, right? Let's compare that to the current situation currently, what do you do, you write your social security number down on a piece of paper, and you give it to them? Yeah, they have now got access to your credit record in perpetuity. And I know there's laws around you know, when they can do it and when they can't. But it's not quite as reassuring to me as the idea that now I'm going to give you a key, which will let you look at it once in the next 30 minutes and make a decision on this particular thing that I know about. And it seems to me
that we need to think bigger than, Oh, we're gonna get all our contracts in sync, we're gonna have contracts. That's fantastic. That is right. I mean, the insurance industry's been working for 300 years without perfect contract security, I think we can continue to manage with that be great if we could get there. But you know, this private ownership of private information. And if we do it like this, you, you, you, you physically couldn't have an Equifax situation, right. The database is already quote, unquote, being hacked,
it's already out there, anyone who wants it can download a copy of it, all the information is protected behind sort of rock solid, cryptographic algorithms, and there is no central repository of all the keys, each individual keeps their own keys. Now you've got, we're back to our Oracle problem of how do we get the information in there and you know, you can do sort of interesting peer to peer validation. So and that was a good, good person, they're part of this network, you could get your traditional kind of credit transactions and what have you in there. But it's solving this trust vacuum, I think, is just
an enormous potential for the technology we're looking at. And you might say, Well, Steve, why aren't you you know, out there raising money to do it. There's a few times contained as the business model that sits behind this is not quite clear, because he's going to be business model that would require every individual to pay a sort of small amount to maintain a system. And we're very much gotten ourselves used to, we get service. We get paid in service for our data, but we give up our data. So it's sort of sort of a ship. People don't like even paying you one or $2. You pause. People I pause before I sp