Masterclass #1 — "Fixing the broken internet" by Harry Halpin
All right, so I think we're live. Let us know in the chat if we are. Welcome everybody.
Hello ladies and gentlemen, so nice to see you all here tonight or this afternoon. Can you see us hear us? Hey. All right, so welcome to the first lecture of Nym Shipyard. Today I have with me Huxian, who is my co-host. I'm Sudo aka Simon. I'm head of community at Nym.
It's absolutely lovely to finally kick off Shipyard as far as the curriculum is concerned. And of course, I also have with me Harry, Nym CEO and founder. Say hi to the people. Hey everyone. Glad to see everyone here.
Hey. So this is the very first masterclass of Shipyard and level one in general is all about the big picture. So we're going to be keeping it high level for now and to really put things in perspective when it comes to Shipyard.
Today we're kicking off with a big picture overview with the first masterclass. Harry will be talking about a problem, a big problem and also an equally big solution to that problem. So basically the problem is how the internet is broken today and the big solution to that is what Nym proposes to fix it. What's your take on this Hux? Why does the big picture matter? I think the big picture matters most because it's often something overlooked or deemed normal so much that we don't actually stop and think in order to assess how daunting the situation is regarding our online lives. And before we begin, I'd like to just chime in some practical stuff regarding this live stream that even this event is being live streamed both on YouTube and Twitch.
The recording will be available on both platforms. The subtitles will be added on YouTube as soon as possible. We're working very hard on this.
So please bear with us. And the translations of Harry's deck today that he's going to be presenting shortly have been shared both on Telegram and Matrix and Discord channels. And by the way, if you have any questions throughout Harry's masterclass, you can leave them in the Twitch or YouTube chat.
You can also keep an eye on the Matrix channel. So especially for people who would like to stay anonymous or preserve their privacy, leave your questions on Matrix and we try to answer them all. For those questions, what we couldn't answer today, make sure to bring them on Fridays AMA with Sudhojaya and myself.
And let me give the mic back to you, Sudo. Oh, thank you. So let's move on to Harry, actually. First of all, a big thanks for doing this with COVID.
Hopefully you're feeling okay. Yeah, I'm a bit congested, but I should be okay. Can't wait to see your masterclass. Now, while people are still joining the stream, I would like to ask a warm up question if that's fine by you. So when talking about privacy with people, we very often get a common question. A lot of people are asking this question.
I am a good person. I have nothing to hide. What is the best way to address this question? Yeah, I mean, it should be remembered that what people consider good or bad at various times can change very rapidly, right? So for example, you can even look at the situation, of course, in Palestine right now, right? So people who think they're being good citizens, either on the Israeli side or the Palestinian side could be, for example, targeted by the other side due to the metadata that they're producing even if what they're doing is totally innocent and legal. And so in general, because you don't know when the government will change or when hostile actors will invade your digital sphere and use that information against you, the kind of the principle, the precautionary principle to some extent should be implemented, in which case the precautionary principle would be do not leak this kind of metadata or data in the first place to possible adversaries.
I think that is a great prelude to your presentation. So without further ado, actually, just take it away. Salazar, please share my screen and then let's go. So, you know, I'm the co founder and currently CEO of Nym Technologies and our mission is to enable privacy for the entire planet.
And you know, we've we're creating a kind of next generation of privacy infrastructure. So this is a mix net, which was invented by David Chaum all the way back in 1979. And we're bringing it into production with some new designs and new theories. We believe that our technology can indeed protect the patterns of communication for all internet traffic.
Next. So for those of you who don't know me, which I imagine is most of you, I got my Ph.D. back in the University of Edinburgh.
And I worked mostly actually at that point on machine learning, not cryptography or distributed systems, what we now call artificial intelligence. And that's one of the things that helped me realize the power of surveillance, how dangerous it was, because with a very little amount of data, you can make vast predictions about people's future behavior. And you know, I did my Ph.D. back in the early 2000s, got my Ph.D. I think in 2011 or 12 worked for the inventor of the actual web, the Web 1.0 Tim Berners-Lee trying to fix
data and particularly add cryptography with the Web Crypto API to all the browsers that work. We all have working crypto in our browsers now for JavaScript environments. But the problem is that I noticed pretty quickly that there was no real alternative to surveillance by Google or Microsoft or even Apple. And therefore, I got kind of excited when I saw Web 3 happen because Web 3 said, well, maybe there's an alternative business model for the Internet that does not involve mass surveillance, which does involve a sort of sustainable economics and which does involve kind of returning power to the people whose labor actually creates the value of the Internet, which is the ordinary people around the world. So how can we make a new kind of Internet where we are not simply the victims of surveillance? And I did work very heavily on cryptography with folks from Google and Apple and Microsoft.
And I don't believe it's within their capabilities to fix these problems because their business models to some extent involve the capture of your data and surveilling you. And I'm not just philosophically particularly adverse to advertising. I don't consider that the worst thing that can happen to someone. But I do realize that this kind of mass amount data collection can be used for behavior control, which is very politically useful and this amount of data can also be given to governments to eliminate political dissent.
And that really does worry me. My data was handed to the UK government due to my climate change activism when I was younger. And that resulted in and still results in severe harassment. But what I get is very little compared to what friends of mine like Basel Safadi, a Syrian activist received, who was because he was leaking metadata via his communications was captured and tortured to death by in Syria.
So yeah, it's a really big deal. And I'm glad we're all together here to try to solve it. So next. So there is something which most people don't realize anymore, which is that the internet is to some extent or to a large extent broken. The internet essentially reveals all of the data that you're communicating and who you're communicating to by default.
Next. So what this means is that every time I turn on my computer, the entire planet, anyone who's at least interested knows what I'm doing. If I'm talking to Instagram or if I'm on YouTube or if I'm on Zoom or if I'm playing a video game, they kind of know what I'm doing. And if I'm sending email or messaging, they can even determine more or less whom I'm communicating with. Now, some of these problems are solved by encryption.
So for example, in your browser, there's a little lock button. If that lock button is on, which it should be on most of the time, that means the content between your computer and the web server on the other side of it is encrypted. And that's a good thing. That prevents someone just reading your messages. But what is not encrypted, most people are not aware of this, is the website you're talking to or the server you're talking to and the other people talking to that server.
So who is talking to whom, that data is called metadata, data about data. That's what the meta means. And this leaks even at the network level. And even when you're using encryption, which includes HTTPS, but also encrypted messaging apps like Signal or zero knowledge based cryptocurrencies like Zcash or other kind of private cryptocurrencies like Monero, this data is always leaked. Now there are some techniques you can use to prevent that leakage.
For example, you could use a VPN. I don't know how many people here use a VPN, but they're very common. Now VPNs don't, there's some misconceptions about them. We'll go into those shortly. But they don't provide actual anonymity. They don't let the person that's running the VPN server knows exactly what you're doing.
They know where you're going and who you're talking to because your information is going to them. Centralized VPNs are to some extent dangerous. They may be useful for accessing Netflix overseas, but they just kind of move what we call the trust from your computer to someone else's computer.
And I don't know how much you trust them. Decentralized VPNs just do so in a decentralized way. Now one step better than VPNs is Tor. Tor is a kind of decentralized VPN and it's much more trustworthy than any VPN, but it has a problem which does not provide anonymity against adversaries that can monitor the whole network. So a reasonably powerful adversary, for example, the NSA, but also in terms of Bitcoin, private companies like Chainalysis, Elliptic, or even other governments, China, Russia, so forth and so on, they can monitor all the traffic coming into the connection and out of it, including in and out the Tor network. And that can be used to correlate and attack and de-anonymize traffic going through Tor as well.
So Tor is about as good as we get right now, but we know and we should be able to do better. Next. So, I mean, there is an interesting question of would, does anyone care? Now Fred Wilson from Union Square Ventures, who was a kind of famous venture capitalist, I think he blogs at AVC.com. Even he notes that mass surveillance by governments and corporations will become normal and expected in the 2020s, which I think is true.
When people return to new products and services to protect themselves from surveillance, the biggest consumer technology successes of this decade will be in the area of privacy. And we have seen some success already. DuckDuckGo, which is a kind of anti-Google search engine is doing really well. ProtonMail, which is a privacy enhanced alternative to Google, to Gmail, to adding features like private calendaring is doing very well. And my general hypothesis is that the privacy market could be as revolutionary as the advent of encryption. Remember the lock in your browser, which means you're using TLS or SSL after the crypto wars for the web.
But now a lot of people said that crypto should be illegal or governments are pushing for it to become illegal back in the 90s, way before Bitcoin. But the fact of the matter is without encryption in the browser, you couldn't have banking online because if you sent your traffic over an internet connection, it could be intercepted by a random guy at the Wi-Fi cafe. It was not encrypted and they would get your passwords and whatnot. We used to do this at a hacker conference called DEFCON, who would put everyone's passwords in the email box and their various services on a screen. So it used to be very easy.
Now with encryption, there was a whole new generation of companies like Amazon, eBay, or in China, companies like Alibaba, so forth and so on, that were enabled by essentially privacy technology. So we think, you know, in COVID-19, I think it showed us how dependent we are on the internet for our daily lives. And so the real question we have is what kinds of new enterprises, endeavors, projects will widespread privacy and anonymity lead to? Next.
So the question though is does anyone care currently? So it's obviously like maybe in the future people will care, but will anyone care now? Next. So we have seen that a lot of people use Tor. I hope you guys use Tor. I use Tor every day.
And I run a Tor relay. We should all support Tor. The is imperfect, but is the best we have currently for general purpose internet traffic. So you know, we have 20 gigabytes a day going through 6,500 nodes, we're at 2 million users. And the growth kind of went up and down, but somewhere between maybe 2 and 6 million, kind of unclear. But Signal is interesting.
Signal used to be very small. I'm quite good friends with Moxie. And I remember back when Signal was thinking of even shutting down in 2016. Like Signal went from a few million users in 2016, and then Trump became elected and it skyrocketed up to tens of millions.
And now we believe that Signal may have up to a billion users. That's a huge amount of users. But the problem is that Signal and Tor and a lot of privacy projects are nonprofits, right? So when Trump cut Tor's funding, Tor had to reduce their staff by one third.
Signal almost ran out of money, but the founder of WhatsApp, who's pro privacy came in and helped them out and is now CEO. But the real question is, can we find a sustainable economic model for privacy? Next. And so I believe the answer is yes, that we can have a sustainable economic model for privacy by taking advantage of the lessons we've learned from, yes, that's my t-shirt, from Bitcoin. Bitcoin has given us a true wealth of economic knowledge that we didn't have before. Next. So what we've done is we've taken this economic knowledge of what we gathered from Bitcoin and we've applied it to the domain of privacy, in particular what's called a mix net.
So I'm going to go into what a mix net is and exactly how it works shortly. But a mix net is a multipurpose kind of anonymous traffic overlay. So it runs, it's a part of, but kind of on top of the existing internet. And its function is to prevent traffic analysis by an adversary, an enemy, let's say, that's capable of watching the entire network. And we should be capable of resisting traffic analysis from even the most powerful of adversaries, including the NSA. The problem is that historically, if you're running a volunteer network, how do you know if the network's actually working? How do you get people to run these servers? And we have a Nym token, which incentivizes privacy, uses a reputation token for the nodes in the network.
And it makes the mix net decentralized, sustainable, and resilient. And of course, you're not just sending over packets with the net, you're sending data. So we also have a kind of zero knowledge system called ZKNyms, which allow third party apps to anonymize any kind of value, key value pairs, if you're familiar with JSON, so that users can privately reveal part or all their data at their discretion, you know, as necessary for compliance, authentication, or just making the app work. So if I'm, for example, logging into a VPN, like we're working on, I would need to prove that I paid for the VPN, but I might not need to reveal my identity.
If I was logging into Signal privately, I'd want to reveal my phone number, because that's what uses identifier and signal, or my username, but without my phone number for Telegram, so forth and so on. Next. So to kind of understand intuitively how a mix net works, we have Nym, Tor, and VPNs compared in this diagram. Let's start at the bottom.
So you can see the packets, those little orange dots floating by the screen. And these packets, the size of the packets and their frequency, which is what you could also call the timing and the volume information, is revealed by the internet itself, by the underlying internet protocol, TCPIP, transmission control slash internet protocol. So you can see the VPN just sends all your traffic to another computer, and then that computer sends it right back out to the internet. And if I'm looking at that VPN, let's say the VPN is trustworthy, I just need to look at the data coming in the VPN and out the VPN, and I can de-anonymize packets by looking at their size and timing patterns.
Now Tor, if you go up, you can see in the middle, is much better, because there's not a centralized point of control. The Tor entry node, which is the first node as you go into network, then pops you to another Tor relay and then out to an exit node. These guards, unless the entry and exit node collaborate, don't know what you're doing. And that's good. That's why Tor is always better than a VPN. However, you can see that the fundamental size and timing of the packets is still revealed.
So if an adversary like the NSA is watching all the incoming traffic of Tor and all the upcoming traffic of Tor, they can indeed, with some statistical luck, because the circuits in Tor change every 10 minutes, de-anonymize at least in 10 minute bursts the traffic patterns of Tor users. You can see what a mixnet does is a bit different. So with Tor and with VPNs, when the traffic goes into them, it goes in what's called a first in, first out manner. So the first packet that goes in is also the first packet that goes out of any given server. That's the same with Tor, same with the VPN. Now mixnets change this, because they do, as we would say in English, what they say on the 10, mixnets, not surprisingly, mix traffic.
So when packets go into a server and a mixnet, the mixnet server mixes those packets. If you want to think about the packets like a deck of cards, each packet is a card. Let's say they're encrypted, so they're turned over, so you don't know if it's an eight of spades or a jack of hearts or whatever. And then when enough packets go into a server, those packets are mixed.
You can think about it shuffling, like shuffling a deck of cards. So the first packet that comes in is not necessarily, could be, but probably not, the first packet that comes out. Instead, maybe the second packet that comes in, the mixnets, the second packet that is the first packet that comes out, and the first packet comes out maybe as the third packet. So there's lots, and then we add fake packets, and all the packets are encrypted using what's called the Sphinx packet format. So they're the same size, and their encryption is unlinkable. So this basically makes the packets anonymized.
So the packets are mixed up, they all look the same, they come in and out a different order than they came in to the first nodes of the mixnet from your computer. Next. So I guess the interesting about mixnets is that we have a different design than the classic Chameon mixnet, it's called a stop and go or continuous time mixnet, so that the, we'll go into that in a second, but essentially these mixnets are scalable. The latency is a bit tunable by the user per app, so some apps can be faster or slower than others, they can make their own decisions about how much privacy they want, and they're generic. So it's not just for blockchains, any application, including web browsers, instant messengers, crypto, any, you know, signal or telegram, they can all use a mixnet. You don't have to be a blockchain or cryptocurrency, use a mixnet.
Again, how mixnets work is that to some extent, they're similar to Tor. Traffic is routed through multiple nodes, and this unlinks the origin and destination of the traffic, which is identified by what's called the IP address. An IP address looks like something like 255.0.147.33, essentially four numbers dotted together,
using a high PV6, something much larger. And you know, by the IP address kind of can track you down more or less to your neighborhood, even down to your router if you're very unlucky. And then like Tor, we basically delink the IP address of the user from the IP address that any kind of service or website sees. Now one problem is I want to be anonymous, but let's say there's not enough people using the mixnet.
Or would it just using the mixnet reveal if I'm anonymous or not, if I'm trying to hide my identity? So to some extent, we can hide that by adding what's called cover traffic, also called dummy traffic. And this prevents traffic analysis by essentially adding fake packets, fake information into the network. In Tor, no one else does this. It does, you know, and so we can essentially add more privacy, even if there's not as many real users sending packets to you because the users are always sending some packets there even if they're not actively using the network, at least if they're online.
So this is if they're not online, we obviously can't send cover traffic through. Now the nice thing about cover traffic is that the more people that use the network, the less cover traffic you need, because you have a larger set of people you can hide among. As someone will explain at some point, you know, privacy is related to large extent to how many people use the network. So if only three people are using the network, you're private among a set of three people.
If 30,000 people are using network, you're private among a set of 30,000. So I think that it's much better, you know, to have more users than not, because you have more people to hide among. Now if you don't have that many people, you could add more cover traffic that can make you more private. But essentially you can maintain the same level of privacy and reduce cover traffic if more people join the network.
That's a really nice feature of our system. So the more so, you know, with blockchains, the more people that use a network, the higher the transaction fees get, and the slower the network gets. It's a kind of form of congestion because blockchains are essentially kind of like an auction for limited or finite block space. But you know, MixNet is like a more like a classic web server.
So this is what we call horizontal scalability. Unlike blockchains, MixNet can expand to allow for more traffic, and that makes them more like the traditional web. And the other point is the timing of the notification. I'll describe a little bit about how the MixNet works. So when packets come in, they aren't just shuffled. They're delayed.
They're delayed by a process called a Poisson process. It's kind of random delay, let's say. But this is a kind of special kind of random delay. We can predict, we don't know in any particular packet we'll go to the network.
Some packs may actually never go out, in which case you have to send them again. But we know the average rate of a packet going out of the network. So we, and that basically means that these packets reordering at each hop between each server prevents traffic denormalization. Next. So just to explain a little bit more detail, you're the user, you're sending traffic into the network that can be either TCP IP or UDP packets. You're running the Nym client on your machine, which currently is Nym Connect, if you want to download it from the website.
These packets are all transformed, the Sphinx packets all made the same size, maybe some cover traffic is added on. They're sent into the mixnet. The mixnet has some active mix nodes, some others may be inactive, but at any given time period we have currently I think 500 or so active mix nodes. They mix the traffic up with three hops. Each packet is sent through three.
So they're all treated the same. If packets were sent through a variable number of hops, then you could use that information to de-anonymize packets. That's for example, what other some other peer to peer quote unquote mixnets do. And as the packets come out, they're anonymized, each makes the same amount and they're all the same size and they go to the internet, apps, services, friends, whatever.
Next. So I guess the other question, what does the Nym token do? So the problem is we need all of these mix nodes. And someone has to, you know, computers aren't for free, someone has to pay for them. And so the idea of the Nym token is there should be some price for using the service that matches the demand.
And of course, in the beginning, like many things, there isn't much usage. So the packets, the packets that are mixed may not be enough, may not provide enough rewards to reward the mix nodes. In that case, essentially there's a sort of inflation and there's a kind of inflation schedule that's decays over time. So that there's 1 billion tokens, so they're ultimately deflationary. But there is an inflation pool that rewards them a bit like the Bitcoin mining rewards for those of you familiar with that system. We're similar to some extent, but we have staking, right? So mix nodes and validators can stake Nym as part of the reputation.
And we have delegated staking. You may not want to run a mixnode, but you may want to delegate stake to that mixnode. By delegating that stake, you show that you trust that mixnode, you trust that they're going to be up, they're going to be mixing packets, and you get some of those rewards from that mixnode.
We have proof of mixing. So the delegate member of the mix nodes, their job is to mix packets. So we have a kind of novel proof of work scheme that samples network traffic, rewards mix nodes for mixing traffic. It guarantees fairness by taking advantage of the anonymous Sphinx packet format. Some of the edge cases of this are still under work, but we'll go into those later with Claudia Diaz.
And what's called value. So again, the Nym network, Nym token is approximately valued in an ideal world to the usage of the system. So more people use the system. It would in theory have some effect on the price.
And so a Nym token, if you're thinking of it as a VPN, will give you access to the VPN for some period of time. And we'll go more into that later. Next. So again, there's users, it's a complex system. There's mix nodes, which are mixing traffic.
And there's validators. And the mix nodes rewarded proportionate amount of packets they mix. And the validators ensure that there's a blockchain running. Why do we need a blockchain? We need a blockchain because we need users need to locate the mix nodes. And you find out their IP addresses and their key material, cryptographic key material that is. And the blockchain is to keep track of the reputation in terms of Nym token of every single mix nodes and reward people.
That's done via a smart contract and what we call the NICS blockchain, which we'll go into more later. And there's service providers, which are just people which provide Nym enabled apps. We don't imagine that most people will buy Nym token directly to access the network, but they can buy the ZKNym credentials, have their, you know, send signal. I could buy a ZKNym credential, embed that ZKNym inside signal and the signal would let me access the network. For what appears to be free, but actually signals paying for it or brave or whoever.
That's how we imagine this working. Next. So just to go into that a little bit more detail, ZKNyms are essentially, you know, you can add what you call an anonymous authentication credential or something called an attribute based credential.
And they use the access to mixnet. So obviously if the mixnet was just free and open to use, people could spam it. Tons of network traffic come through and you would need, you know, that's why Adam back invented proof of work in order to prevent spam through mixnets, including anonymous email remailers, which were a version of mixnets.
We have a similar system. It's an anonymous credential system. It's a bit like privacy pass on Tor, but it's decentralized and it lets you have a lot of kind of utility. You can basically say I get a zero knowledge proof. That's the ZK that I have paid, for example, for using the mixnet, just like I paid for using a month of a VPN.
And now when I pay for something, the danger is that that payment de-anonymizes me. The very fact that I'm paying for something might reveal that I'm using it or when I'm using it. We don't want that. So the ZKNym credential system is essentially zero knowledge. So I can have a zero knowledge proof that I paid for something without revealing who I am or even which user I am. I'm just revealing the fact that I paid for it.
And these are cryptographic, these credentials are cryptographic and unlinkable via re-randomization. And they work not just with Nym, but with any kind of currency, including fiat. They enable selective disclosure. So you can produce not just proof that you paid for something, but you can produce other things in zero knowledge, including KYC AML information, unlinkable pseudonyms for accounts, so forth and so on. And it's decentralized, unlike other anonymous credential systems.
We're decentralized. No centralized third party is required to issue these credentials. Just uses what's called a threshold signature for those who fill in the cryptography issued by a majority of the validators who are maintaining this blockchain anyways. Next. So this is kind of an overarching flow diagram.
And the way you want to think about it is that there's a blockchain, that's the Nix blockchain in the middle. When you're a user, I get some token somehow, or maybe a credential for some token. These create a credential that shows I have this much bandwidth to use. I show it to the first node in the Nym mixnet.
It's called a gateway. The gateway checks to make sure it's a valid credential, but doesn't know who or what payment that's connected to, because again, it's done in zero knowledge. Then once that's done, it accesses the credential as you access the network. You can then get rewards. You access network, your traffic goes to the network, each packet is mixed, comes out through another gateway, and then goes to service provider. At the end of every time period, the mixed nodes and the gateways are rewarded based on how many people have used the network and any inflation pool.
Next. So this is a kind of exciting system. So we have lots of people that were backed us in forms of all sorts of funding and whatnot.
It includes Binance Labs, Andreessen Horowitz, Digital Currency Group, Polychain, lots of interesting other firms from Europe like Kryptonite, Tioga, 1KX, Swiss Staking. We have exchanges that everything is on, such as Kraken and so forth, that we're also interested in us. And lots of validators that are running nodes. I won't go into each of them, but they're all really wonderful for doing so, including some of the people that backed us like Eden Block also run their own nodes. A lot of Asian funds, NGC Ventures, Finbushi, Hashkey, and some national ones from where we're based in Switzerland.
So Swiss Staking, for example. And yeah, we have lots of different partners and we're a pretty large ecosystem, I would say. Next.
So we don't know approximately how much this ecosystem is worth, but we can say it's pretty undervalued right now. General Data Protection Market is about $70 billion, growing pretty rapidly. And it mostly goes to lawyer fees. So what if technical solutions could make those lawyer fees go down? We mix that's not exactly a VPN, but it's pretty close. We know the VPN market is at least $25 billion. One in eight people on the entire planet uses the VPN and about 30% of the VPN users say they're interested in privacy.
So we eventually hope that Nym can be built in the core internet protocols and routers. And of course, cryptocurrency, a lot of people very interested in privacy and cryptocurrency being at least equivalent to privacy in the traditional fiat system. We don't want currently we use cryptocurrency by default, unless you're using something special.
Your cryptocurrency transactions are completely linkable to who you are. So I can look at your ETH account and see how many NFTs you have and see what your ETH balance is, see what your Bitcoin balance is. I can determine that pretty quickly. And that could be dangerous. So I can't just get someone's bank account balance by looking something up on the internet.
So we think that there's a huge possibility and a lot of projects are very interested in integrating against Nym in the cryptocurrency market. Next. So we hope all sorts of people jump on board. We need of course app developers. So developers, we have a grants program.
We're very interested in getting people to build on top of Nym. There's all sorts of people building things like file storage systems and whatnot on top of Nym now. So I want to share a file privately, something Chelsea Manning, for example, could describe. We need people to run nodes, mix nodes and gateways. We're going to need a lot of gateways in particular.
And Validator is going to open up pretty soon. So there's a lot of different kinds of machines you can run. And we need people just to use the network, people who actually want privacy. You can currently test the network using the NymConnect app, which I'm sure will explain to people how to download and use.
Next. So our current plan, you know, just for the last few years, we've launched our original system at the Chaos Computer Congress way back in 2018. You have a white paper. You should read it for all the technical details.
I skimmed over a lot of stuff. We launched our main net. We got lots of funding from Binance, A16z, and Polychain. We launched everything on CoinList 2022 after our main net launch.
We've had integrations with Electrum, Keybase, Telegram. We have lots of apps, mixed nodes. We started the Shipyard Academy. This is the second round of it.
We did another round last year. And now we're interested in scaling them, including launching something that more or less looks like a paid VPN. We've opened offices in different countries, particularly Paris is the latest.
And we're in Switzerland, for those of you who are Swiss. We're trying to have larger communities in different parts of the world. China, Asia in general is a big focus.
But also a lot of countries, South America, Africa, the Middle East. And if you want to develop, we have a great Rust and WebAssembly SDK. And we hope to really launch this VPN by the end of the year so people can really get a use of the Nym network to access anything they want. And after 2024, we're going to focus on scaling, making the system easier to use, looking at places that are under censorship like Iran. We're going to try to make sure the mix that's really, really secure. We still need to use a few more audits on it and make sure the validators get rewarded and eventually go to millions of users and integrate with browsers, operating systems, apps.
And again, I used to work on this stuff under Tim Berners-Lee's, so I'm familiar with the whole ecosystem, including standardization at Internet Engineering Task Force and use secure key management and hardware optimization as much as possible. So this means just as people would buy, for example, ASICs to do Bitcoin mining, we can eventually imagine people buying special hardware to mix more packets that could speed the network up 100 times. So that's a really big deal.
And that's what Chelsea Manning is working on right now. So we have an ambitious roadmap and I am open to answer any questions. Next. Yeah, if you want to follow us, maybe go back and show them all the following information because they may not know. Excellent presentation, Harry.
Thank you very much. So that's all you can stop sharing my screen. I think maybe we should jump into the AMA. We have quite a few amazing questions from the community.
Once again, I will say that we will only have time for a few. We're going to keep it to the less technical ones because this is after all the first masterclass of Shipyard. So if you have any further questions or maybe your question is not answered today, then make sure to come to the AMA with Jaya, myself and Hux on Friday. And there's going to be an AMA all over Shipyard every Friday, I believe, or at least one per week. All right. So our first community question.
I'm not sure who asked it. Our data is stored by other applications, no matter how much it is said that it is not. Does Nym store our data? Because our data will first go to the NymVPN to be anonymous, then will NymVPN store this data? Yeah. So I think it's important to remember that with Nym, your data is encrypted on your computer. That's why you have to install this kind of NymConnect device on your machine.
This program encrypts the data locally. And once it's encrypted and put in what's called the Sphinx packet form, where it all looks the same, then it's sent into the mixnet. So the nice thing about that is that given the encryption happens locally, even though the data is technically stored by other servers in the system, those servers have no access to data and everyone's data looks the same.
So as long as multiple people are storing packets on the same server, like the system has only one user, it is a little bit ridiculous. But if the system has more than one user, which it currently does even today, then you cannot... The servers, they store data, but given they stored an encrypted form where everything, all the packets look the same, they don't get any knowledge from storing your packets. That being said, when you send packets to a system through Nym, the server, the other side does decrypt those packets.
So you are trusting the server at the end. So let's say I'm using Nym to access a Google service. Nym would prevent someone who's looking at my computer from knowing that I'm accessing Google. But at the end of the day, I'm sending information to Google, Google would still have that information. It's just Nym wouldn't know. Actually the last server would know that some information is going to Google, but they wouldn't know exactly what.
Makes sense, well, Nym is just a part of the puzzle when it comes to privacy. We solve the network layer and then there's all kinds of other solutions for other parts of the puzzle. Intuitively, you want to think of it as a pipe. So you're sending...
Or if you're familiar with academia, it's called an anonymous channel. So you're sending data into a pipe, that data pipe makes it anonymous. But then when the data comes out the pipe, it's not anonymous anymore. But the pieces of the pipe don't have any access to what you're doing.
And they prevent people that are looking at you from knowing what you're doing. And that's really the value that we give. Thanks for that answer.
Next one is a common question that we get fairly often. So that's why this one was selected. Nym projects, so Nym is a truly great revolution, but how will you make big states and organizations accepted? I guess the question here, the most important part is states.
Yeah, I mean, the important thing about nation states is they want to spy on their own citizens almost across board universally, but they're afraid of other nation states spying on them. So originally, Nym comes from a European Commission research project called Panoramics, where the European governments were upset, in particular Merkel's German government at the time, that they were being spied on by the US. So they said, can you produce a VPN that's spy proof that can defeat the NSA? We said yes, because I was actually working for the French government at the time. And we did produce this system.
I don't think they're using it right now. In fact, we had more interest in terms of funding from Binance and others. But the fact of the matter is that we currently still have interest from governments using the system to defend themselves against other governments. So smaller governments, for example, like Switzerland, who are very pro-privacy, would like to defend themselves against larger governments. So I do think governments at some point will have to make a choice.
Will they let their citizens have privacy in that case they won't be spied on by other governments? Or will they want to be surveilled? And the fact of the matter is, if I can surveil my citizens, other governments can surveil my citizens. That's quite dangerous. So we haven't had any pushbacks from governments yet, although we have a lot of lawyers. In case we do, we're very well prepared. Can you hear it? We can't hear you, Hux.
Hux may be muted, unfortunately. Yes. We still can't hear you.
Oops. All right. So until this turns that out, I'm going to... Yeah, I'll go to the next question. The next question is, how do apps know who is sending info if the data is anonymized? The data, the way you think about it is you choose the app. You can see this with NymConnect when you use NymConnect.
And that app is a talk to by the Nym network. So while it's in transit, it's anonymous, but you kind of bundle up the data for the particular app you want to talk to. When it gets that last node in the network, which is called the gateway, that gateway kind of sends that final packet to the app. And the app debundles and they get the exact same data you send on your computer.
So as long as the app supports them natively, they get the exact same data you would have sent without using them. So that they know everything that you're going to send. But again, in between, the data is kind of wrapped up. It's like I'm sending a mail package.
So I wrap my, let's say, birthday gift locally using a box I sent to the post office. The mailman doesn't know what the birthday gift is. And using the power cryptography, you cannot open it.
He just ships it, ships it, and when he gets to the friend's house, my friend opens it and it's their birthday gift. And that's kind of the same way the Nym network works. Now that being said, that does depend on you, the user, having the Nym software installed and the app having the Nym software installed. That's not going to be the case for all apps. For apps that do not have the last Nym, the Nym software installed.
There's kind of the last hop in the network. We'll have to kind of open that packet, open that encrypted packet, open that encrypted package and they will get to see the data and send it out. But you know, assuming that data is encrypted, they shouldn't see that much. Thanks for that answer. I think they would know where it's going to be precise. Hux is back.
Let's see if if the mic works. We still can't hear you. Unfortunately. Another distinction. So this is an important distinction you might want to make between apps that have native Nym integrations where the app actually speaks to the protocol and apps that you can access via Nym, but they don't speak the Nym protocol.
So for example, let's say Zcash integrates against them directly. Then the Zcash, let's say nodes, wouldn't really know too much what's going on. Or let's say Signal integrated directly, that Signal itself would not know too much what's going on until they get the last hop. But you can also access apps that aren't integrated Nym. But these in that case, the last hop of the Nym network does get to see which app you're going to because they have to open that packet up and send it to the right server.
The subtle point. Okay, next. So this stuff like this guys will be explained in way more detail over Shipyard. So if you're interested in the technical nitty gritty, then make sure to stick around for the upcoming master classes and lectures as well. I think this is going to be our last question because we also need to do an outro with some important information. So if your question was not asked, then make sure to bring them to the AMA on Friday.
The question is how easy it is to monitor someone online for a regular Internet user. That's pretty easy. I mean, it depends who you are, right? So if you're using, let's say, Wi-Fi Internet Cafe, I can turn on a program called Wireshark. And then if you don't have your, I can watch all the packets and where they're going.
If you don't have them encrypted, I can like look at your password and get into what you're doing. And we actually did that live. This t-shirt is from Lugano, Plan B. It's a Swiss city.
We'll be there again next week to demonstrate our software and talk to folks. But we did a live demo last year in Lugano where we were in a room full of Bitcoin people and we showed them that we could track their Bitcoin transactions using, just sitting in the same room with them. And if they shot something across the network, we could see it. So it's pretty easy. You don't have to be the NSA to sort some of this stuff out. Now the NSA or governments or Chainalysis or Google, they can watch much more than we can much more detail because they can watch all the servers, the internet, which I can do using a simple program like Wireshark for my home computer.
But the less we can expect that, you know, the world, the future will be a bit cyberpunk. So that these capabilities, which were once in the hands of the NSA and only the NSA, maybe you trust the American government, but you don't trust others will go into the hands of other governments. Right. So we have a big nation in China now having probably greater and greater cyber surveillance capabilities. We can imagine like, you know, in the Bitcoin network, it's private actors like Chainalysis. We can imagine that these kind of capabilities will eventually get in the hands of like almost ordinary people to do mass internet gathering, data gathering.
There are whole companies such as, what was it called? Team Simru, who weirdly enough are on the board of Tor, whose entire business models we capture lots of data and we sell it to people. And they claim that they could do these kind of mass data gathering attacks to de-anonymize even Tor, then sell that data to folks like the, I think they sold to the US Navy or CIA or something. I'll have to check. But we can imagine that these kinds of companies and kinds of surveillance capabilities will become more powerful over time. We haven't had something like the Snowden leaks recently, so we don't really know. It's fair to say that we're just in time with them, right? Yeah.
Well, I wish we had done the software 10 years ago. We kind of knew how to build it in the 80s. We just, no one had the funding or the time. I think the wonderful thing about cryptocurrency is that a lot of talented programmers could be working at Google or other places are now working on privacy. And we think this is a much better and more ethical use of their time and that we do believe that the software is probably the last hope we have against mass surveillance. I very much agree.
All right. That was the last question. And one last time for try for Hux. We still can't hear you. That's okay.
We'll have to fix your mic for the next meeting. Yeah, technical problems, technical problems. Hux has all the support he does for now. And I hope to see you all again soon. Thanks for the whole meeting and congratulations on getting in the shipyard. Take care.
Don't sign off just yet, Harry, because I will have two more small questions for you. Sazer, can you please share my screen once again? All right, folks. So thanks for joining the first masterclass of NEM Shipyard, at least for this year. Your secret phrase is cypherpunk. So this time around, you cannot use this in Galaxy because like I explained during the opening ceremony, we ended up ditching the level one and level two Galaxy campaigns due to the recent hacks. We take the security and privacy of our community very seriously.
So this time around with capital C, you can use cypherpunk, the word, to unlock your pop, which I'm going to be sharing you in a second on how to do that. But Harry, this word was selected to basically represent a little bit of your talk. To summarize it, why do you think that is? Why is this word relevant? Who are the cypherpunks? Well, the cypherpunks, and maybe we'll do another talk on them later, were the people that took the concepts of David Chom and other academics working on mixed nets and made working code out of it. And the cypherpunks work on mixed nets and anonymous credentials, just like us at NEM.
But they also work on digital cash and they invented Bitcoin. But the way you want to think about it is that the other parts, the other software the cypherpunks were building who believed that it would be technology and not government laws that could save people's privacy and freedom. The other parts of technology they were working on were mixed nets and anonymous credentials, which is exactly what we're working on. All right. Thanks for that. So moving on to claim your pop, you need to click the link that is also shown on screen here.
It was also shared in chat and just sorry, go ahead. I said, tell people do it fast. They have 15 minutes. Yes, exactly.
You only have 15 minutes so far because this is a POAP, so a proof of attendance protocol after all. So we want to commemorate those who are here with us live. The next steps for you, we're still waiting for your introductions on Telegram, Discord or Element, whichever you prefer. We've seen some truly amazing introductions.
I also shared my own. So if you're interested in who I am, then make sure to check out our channels. Also do the readings. So after every one of these master classes and lectures and all of that stuff over Shipyard, we're going to be sharing a reading list with related articles and other content that Nym or others produced. And this is my other question for you, Harry. Do you have any reading for those who want to learn a bit more about our mission and vision, which you would suggest? I would read the Nym white paper, which is on the website, basically.
I think that's the best thing to read. If you're interested in fiction, there's a good story called True Nyms, T-R-U-E-N-Y-M-S by Victor Vang, which I'd recommend people can read. But it's just for fun. I would read the white paper first for more technical detail. One fact back in the day before I joined Nym, why I fell in love with Nym was the white paper.
So I also highly recommend reading it. It's a pretty good overview of our tech and what it stands for and why it's important. And also, as we mentioned, this video will remain on YouTube after we live streamed and subtitles will be made available soon. So please bear with us until our poor CMs are translating this whole bunch of text for you. We want to make sure that the shipyard is inclusive and everybody gets to participate regardless of the region they are from. And also, like I mentioned a million times by now, there will be an AMA on Friday.
So if your question was not answered, then make sure to join us there. Thanks so much, everyone. Thanks everyone for joining and see you on Friday and also on the channels.
Bye, everyone. Take care. Bye.
2023-10-18 07:18
