Devconnect ARG Day 5 - Worlds Fair Lighting Stage
Machine-readable: Markdown · JSON API · Site index
Оглавление (40 сегментов)
Segment 1 (00:00 - 05:00)
So what we did is we drafted a new ERC, the ERC 7730. It's a draft. It's available online on Ethereum. So if you want to join the conversation and help us make this standard uh easy to implement and fit for your purpose, please join the conversation. And we're actually talking about this as part of the clear signing alliance that the Ethereum foundation announced on Monday. If you saw Frederick Stalk, we are we actually are working on this with Fireblocks, W Connect, Coursify, they're all joining and are part of the conversation into drafting this industry standard that we introduced two years ago. Um and so the idea is to take the exadimal blob that I showed you earlier and to turn this into this where you have a clear intent review SW uh review this message to swap tokens. You can see that you have the contract in plain English and it's not just in an address. You can see the tokens and the amount and then you can hold to sign or reject the transaction. You understand what it says. Um so you're in control essentially. So it's going from this blind signing to clear signing, right? That's what we're talking about doing this. So how do we make this happen? Right? There are three steps to this. The first step is to uh to create the metadata to create the ERC 7730 file. What it is just a JSON that kind of allows wallets to know what information is what and how to display to the user with the right labels with the right parsing for amounts and all those things. To do this, we're providing a JSON creation tool to actually do a uh so you can actually set the address to the contract and then import all the operations and as a developer you can then decorate all that information. Then the next step once you have the JSON is to have it in a central source of truth for the whole ecosystem to be able to feed from. And today it's on a GitHub repository that's managed by Ledger, but we're looking to decentralize this with the Ethereum Foundation. It's very likely that the Ethereum Foundation will take it but still in discussion with the clear signing alliance and then once you got this you got the metadata now uh is the integration for the whole system. So obviously Ledger implemented it in our products uh Ledger wallet you can clear sign all interactions with key smart contracts out there but it's for everyone to use and wallet connect right now is actually building a library which will uh which will allow all apps um out there in the space to easily parse and integrate this meta data for your wallets should you want to. So those are the key comp uh key components and um so this how it looks like the JSON file that you once you generated it. So as you can see um very simple for a developer to generate it's not actually code it's just uh how to parse the transaction and here as you can see you have a clear label you have a format so that then the wallet knows how to display this in the UI and then the token path going like how do I in the transaction is the first param from 0 to 19 bytes um that should be extracted and this is the actual amount to send um and this will allow wallets to actually show this in a in plain English. So that's the theory and how it's how everything works behind the scene. Uh now let me walk you through what we did with a uh to make a clear signed on Ledger. Sorry. Okay, here it goes. So first up, you go and get clearsign. com. Uh if you have a smart contract, it's already live. You can go online and make it happen. and you start by inputting your contract address. Uh then you you'll be able to fill in metadata so that it displays nicely to the user and you can see that you have a preview on our uh ledger signers to see how it looks like. Uh so here contract owner legal name and that will replace the contract address making it uh clear to the user and then you can pick up all the different methods that you have in your contract the different operations and for each parameter you can then put a nice clearly label uh and how to display this and in real time on the website you can actually see how it displays on our hardware wallets. Uh once you're done, you got the JSON, you take the JSON, you put it on the clear signing repo, uh which will decentralize with the clear signing alliance as I was talking about very likely with the Ethereum Foundation. And once it's there, uh then it's up for any wallet that actually supports the ERC 7730, um they will now then be able to clear sign interactions with your smart contract. So this is how we set up CLA sunning. But the thing is that understanding it is one step forward. Um
Segment 2 (05:00 - 10:00)
but we can do better than this. It can it could still be harmful if you have the wrong metadata put it in. So this is why we introduced earlier this year in our ledger wallet uh transaction check. And the idea here if you remember what happened with the by bit hack is that they had transaction simulation but they had it on the software side. And so the results were on the software. So now what we did is that we actually are showing the results on the hardware side. So done separately and this way it allows you to double check and cross-check with what happens on the software. And so this would have prevented the buy bit hack for instance. So here's how it looks like. Uh you have the transaction that is crafted. We send it to a partners blockade tenderly cyers that are then doing the transaction simulation. this they then package the results, sign it. Um, and then we actually show it on the directly on on the signer. Um, and so if it's verified and is compliant, you're going to get this screen right there. Uh, verify. So, um, which means that we haven't seen any risk. Uh, you can go and proceed to clear signing. But in the transaction simulation, if we actually realize that there was a threat, um we're going to show you the report so that you know and then you can actually then go back to safety and reject the transaction. So it's really clear signing and uh transaction simulation working hand in hand to protect your bag and this works. Um what block what blockade told us is that in the month that we've released uh transaction simulation, we've already prevented $20 million in losses by blocking uh by blocking transactions that were malicious um and raising those to the users. So that's, you know, that's a win for the ecosystem. That's the win for security. And so this happens in Ledger Wallet. Uh but now what we're introducing is a month ago we just announced a new product for developers and for especially for DAP builders which is the ledger wallet button and what it is that it's a simple button that allows direct connectivity uh from DAPs to our hardware wallets. You don't need wallet connect. You don't need um an extension um to this. It allows you to connect to your uh Ledger wallet uh via Bluetooth or USB from your desktop. you can see all your accounts that are actually on that signer. Um, you see the balance and then you go and then you have clear signing straight from the DAP without having to navigate to another software wallet to go through an extension, go through the hustle of wallet connect as well. So, it's a much simpler UX and good UX means good security. Um, so that's that and actually this is live on one inch. If you want to try it out and see this new experience with Claire signing, you can go right now on 1inch. com and try it out with your wallet um and see the flow. And so this is we we're rolling this out to the apps out there really to improve connectivity and experience for all ledger users. And then the other product that we that we recently announced a month ago uh and this one is for any onchain organization. So it's that's a B2B product and is for SMEES and Dows and those kind of guys uh which is multisig. They've been asking for a ledger supported multisig with clear signing for ages. And so what we've done is we've built a new front end on top of uh on top of safe that allows you to have EVM multisig and it allows you to do this with clear signing. So back to my buy bit example uh where they use clear while they're using safe but they couldn't clear sign and then lost their crypto. Um here you have all this integrated very smoothly and it's not uh you don't have to choose in between safe and ledger multisync they are compatible. So you if you already have a volt safe you can import it use it uh try it out with our UI um and see for yourself with this brand new experience to clear signing experience on it and this is ledger multisig for onchain organizations. So proactive defense you have clear signing and it's uh simple super easy to try because there's zero migration. It's not safe or ledger. It's is both together combined for um in our unified dashboard with cliff signing. And that's pretty much it. These are the news. I think the key points that I really want to wanted to share with you today is the uh the risk of blind signing. you signing a exodimal or these big blocks that I showed earlier is just like signing a blank check. So please don't do it. You should be clear signing. Uh clear signing is relies on
Segment 3 (10:00 - 15:00)
an open standard ERC7730 because we want that for the whole industry and not just Ledger. We obviously have implemented it in our Ledger wallet. So it's available for you guys and free for all retail users. We're decentralizing it because we want all the clear signing metadata to be used by the entire industry and we're working with the clear signing alliance to make it so. And then we also are embedded clearance signing on all of our new products. Ledger wallet button for um retail customers using DAPs out there and decentralized uh decentralized exchanges as one in for instance uh but also for institutional uh Dows and onchain organizations with ledger multisig. And that's it for me today. Um, I think we're ready to take questions. Uh, should any one of you have any questions. — Thank you. Thank you, Carl. — Thank you, guys. Um, yeah, any questions, please, you can just raise your hand and uh and a mic will come to you. Got one over here. Mic coming. Hi. Uh great talk by the way. — The um the clear signing is really interesting but for uh like clear signing in um uh like using AI. Are you guys thinking about uh how AI can also be used for also interpreting this message? It feels like that could have been like much easier to do. What's like I guess the difference between doing a clear sign in this way versus just asking hey LLM take a look at this RPC and this transaction and tell me what it does. — Well first of all we're doing it in the secure element on the device so that we're malware resistant. So you can't run LLM in a ledger signer. We don't have you could still run inference right. — Yeah absolutely. So that's the first part. Um so we actually have a PC internally of because there's about if you look at DAP radar there's about 17,000 DAPs out there right smart contracts that we would need a clear sign right and so we have a P internally uh that actually generates the clear signing metadata for those 17,000 smart contracts right so that would be a way to do it and that's the first part that would actually brings clear signing but I think the other thing that the space and the current feedback that we get from everyone is it's not just the metadata it's also So they want someone to verify, make sure there this is not a scammer, you know, it's not a drainer um uh that's out there. And so that's why we have this human component right now. And it's right now it's really about increasing the trust and getting it going and get everyone to implement clear signing in their wallets in our experiences so that us as users when we see one of those blobs, it's like, oh, something is fishy. I'm not signing this. And it's really about developing that first step. And it comes with trust. So um that's why we're going step by step. So we are looking at this actually. You're absolutely right. Um but it's not ready to roll out. Any other questions? No. Okay. Well, feel free to grab Carl afterwards. — Uh we are the I'll be at the Ledger booth all day out there. So, you know, feel free to swing by. We can show you our brand new devices, Ledger Nano Gen 5 and the old ones and we can talk security. — Cool. Thank you everyone. — Thank you so much. — We'll just have a couple minutes break. We're just waiting for the next speaker uh actually. So yeah, Sip from Status if you're around please come to the back here and get miked up. Heat.
Segment 4 (15:00 - 20:00)
Heat. Should we just give it 2 minutes? escape. I'll just introduce you in a minute. Hello. Now, we're going to talk about Status Network and what they're building. How they're building a super app for crypto users. how it's going to be gasletits. It's private. And to talk about all that, we have Sip right here. Welcome him to the stage, please. — Thank you. All right, let's get started. Um, so yeah, I'm going to talk about um how to create gazes and private ecosystems. Um, and I'm Sip. I'm the lead of uh studies network. So one of the first thing is when you think about privacy and when most people think about privacy this is what they actually see in their head and this is a big issue uh because now we need to actually make the industry but also the larger world understand that privacy is not about like hacker in dark uh hoodie. It's actually about people and what has been happening in the last few years and specifically 2024 2025th is literally an attack on privacy. um a lot of um governments around the world have been trying to uh exert some level of control and um you see that in India, the UK, you've seen that in the US, in Europe, in Canada.
Segment 5 (20:00 - 25:00)
And the answer to most people is like, okay, sure, but what do I have to hide? Like, I'm a good citizen. I pay my taxes. um I don't have to to showcase anything to the government that should be bad for me. But actually most of current social order is based on privacy. Governments run on privacy. Banks run on privacy. Hospital run on privacy. Literally mo most of the social layer needs privacy to exist. Imagine if all your uh health data was available publicly for everyone or if your tax everyone. I don't think people would be super okay with that. And the fundamental reason is because privacy underwrites trust at scale. Like you can't have trust if you don't have privacy. And it's a very serious topic of course but it needs to be dramatized. We need to talk about privacy as we talk normally about literally any social or technical uh topic without making it seem like oh we all super criminals. So I would argue that it's a human rights and I would even say that it needs to be normalized but even more it needs to be anchorage and uh that part is actually critical for me. Um and how to make it work is one of the idea is to say like hey how about we make it fun seamless and how about to make it actually rewarding. So I've been talking about like we need to encourage it uh we need to reward it. Um and before getting more into like how we going to do it um very quick word about who we are. So we are Status. Uh, Status is kind of an OG Ethereum um aligned ecosystem. We've been around since 2017. Um, we have been building a mobile app um that does uh it's a privacy first super app with mobile um support, desktop support um and it gives you two key elements. The first one is a secure wallet and the sec and the second one is a decentralized peer-to-peer end to encrypted chats with your communities. Uh sister company is Logos. Logos is building um privacy first um full stack uh with storage uh messaging and of course the consensus layer. And talking about status in particular, we have been building uh what we call the privacy stack. So what is the privacy stack? It's at the top you have the security. So we need to have a airgapped uh stateless open source hardware wallet um so that you can use it with literally no need to trust anything. You can verify the whole code. You can actually build it yourself if you want to. Uh that works with standard cards. It's very easy to uh make it work uh in a fully open source manner that is closely integrated within status super app. So the super app is an open source crossplatform um wallets with private communication um that is deeply um focused on Ethereum of course but is open is multi-chain and is open to all the communities that want to have that private space for them. And then below that you have the chain layer. Um so why did we build a chain? It's because we wanted to provide a gasless way for uh the app users to actually be able to you know invite people to their communities uh like give them access um have people be able to transfer value between them without them having to charge a wallet with ET and so on. So because we have so many services running on EVM chains, initially the idea was how about we make it just a Gaz chain just for status but actually while doing that we stumbled upon a way to do it at scale uh and to do it in a generalized way. Uh I will talk about that just later. And finally at the bottom of that we have a client. Um so for those who have been to uh the ETH client day yesterday, Nimbus presented their integrated um single binary uh code for cons clients and so yeah it's to turn out cache but what actually happened is like most of those fees sorry most of those ETH is kind of a legacy. It has been going around for a while. Uh no one is actually using like depositing and um withdrawing from to turn cashache that much. So it just is laying around. Then the second top is real gun and red gun. Uh actually that picture was taken two days ago. So I think it's
Segment 6 (25:00 - 30:00)
way it's way lower now. Um but yeah, if you have 50 million here, which is nothing. I mean 50 million on the 300 billion valuation. Basically, we don't have any ETH that is really shielded except for tornado cash. And one of the main reason is because it doesn't do anything. And so for us, private yield is the key. We need to be able to provide a composable shielded ETH that earns yield that you can uh collateralize in different applications as you would do with literally any other ETH. So this is where Stious Network enters. So we are a gasless, private, and rewarding L2. I'm going to get into each of those topics. First, gasless. So what we do is we provide free transactions to all users and to all apps based on reputation, not gas. So you don't need to have ETH in your wallet to be able to interact with the status network. How we use ZKPs um to prove for each user to prove that they're not spamming the network. So every transaction you make, you just say, "Hey, I'm within my throughput and so I'm good. " Um, and as your engagement with the network increases, so as you deposit more assets, as your LP, as you use the apps, your reputation goes up and your throughput of free transaction goes up as well. It's private. We have an optin composable privacy layer that people can use to shield if they want to their ETH and to interact with D5 protocol straight from the privacy pool. And finally, it's rewarding. Um, we have a sustainable shared native yield. Uh, I'm going to get into that right now actually. So, how does it work? Um, remember the reputation I was mentioning? So, that's Oh yeah, it's not working here. Um so if you stake our token or provide liquidity, use the apps basically do anything that uh is beneficial for the network then you will get karma which is our soulbound reputation token and that will increase your reputation. As you increase your reputation you unlock more free transactions. And how does the chain make money? Because most of the chains they make money through sequencing fees. Well, we make money through bridge yield. So all the assets on the L1 that are deposited and that can earn yield are actually productive and all the yield is bridged to the L2. And we also make uh fees through native app fees. So we have a native DEX, native CDP, stable coin, uh native lending markets, native token launchpad um and native um privacy layer and all of them generate fees and all those fees feed into the native yield pool. That native yield pool gets voted on by reputation holder to allocate them to different projects, to different assets and different uh LPS. And part of it of course pays for the L2 operation that allows the uh guest transactions. It's private. So remember I talked about that optional privacy layer. This is where it lives. So we have a very regular vanilla ZKVM L2 network that is public of course. On top of that as regular we have the EO accounts, smart accounts, multisig and so on. And then from there of course you can interact publicly with uh the apps. So that's normal but you can also decide to go through that native privacy layer basically deposit into it and then from them interact with the D5 protocols either using the adapters straight from that pool or leveraging the gasless um the gas infrastructure to basically create fresh new accounts. we call them ephemeral accounts and uh that can use also ephemeral relayers that are fully gasless so you don't have that gas trail that is going to link those accounts to your original accounts and then interact with the defy protocols and all the apps through those uh ephemeral accounts and finally it's rewarding so um the strategy that we after is to focus on assets uh we think assets are the key to understand the differentiators between network. Um now you are not going to bridge to a network just to try unis swap. Why? Because unis swap is on most chains. So apps are not really diff differentiator anymore. What is actually differentiator are the assets like the native assets that were minted on that chain and that you need to bridge to that chain to actually get access to them. So I'm not going to get too much into the details uh because we don't have much time but basically the idea is that we create concentrated liquidity pools directly within the privacy layer and we pull together assets that are
Segment 7 (30:00 - 35:00)
earning exogenous yield and on top of that we add our native yield. Um so the cool thing is that suddenly you have assets that are non-leveraged that don't have any liquidation risk but that are yielding about 1. 2 to 1. 8 eight x what you can earn on the main nets. So you have actually kind of high yield uh but with pretty much low risk on shielded assets. So you have assets that are private and that are ear earning yield and that are providing liquidity at the same time. So you have kind of a three uh three advantages into a single asset. Um and so what are the benefits? Yeah, you increase your liquidity. Uh you actually are earning superior organic yields. it's not leverage. Again, you increase the privacy sets. One of the biggest problem that I was mentioning about uh ETH not earning yields is not really because people don't earn yield. It's also because it reduces enormously the size of the privacy uh sets and the anonymity sets. So it means that you need to have much many more people using it and many more ETH to be deposited into it so that suddenly your privacy set increases and you have a kind of a decent privacy at this moment. So doing that kind of asset first strategy is a way for us to offer a very simple way for users with a kind of a zap in zap out very uh kind of one click interaction offer users a way to get access to those yields and to those previous assets without needing to like have a PhD in cryptography to understand what's going on behind the scene. Um and finally this is uh actually something very new uh which is it unlocks private bridging. So because we have that native privacy layer, it means that uh bridge operators can basically deposit um deposit their LP directly into the privacy pool and uh bridge across chains going through that privacy pool. So it's kind of a very nice unlock also by that um uh by that model and for solvers it actually solves a lot of issues for them uh because it's guesst because it's it has yield so they are not um you know for traders or for market makers that uh are really preserving that privacy because it's a competitive edge uh they can basically trade directly from the pool here when um so key card is open. Uh the hardware wallet, you can pre-order it right now on kickout. te. Status app. There's a new version that just went out in on the app stores. So download it, try it out. And finally, for the L2, uh we are opposite the we are opening the prosits in the next two weeks. Um uh S&T token, Lineia, ETH, and USD. Uh and then we launch mainet early next year. Oh, it's 2026. Yeah, I'm missing a six year. Um so yeah the main goal for us is privacy for everyone. Basically uh put private apps in the hand of everyone. Um and if you're a developer join us to build status uh an open source privacy focused unified ecosystem to communicate through the messaging browse through our private browser trade as you can see within the pool if you want to uh privately and finally earn uh together. Okay, I kind of added a few slides because I knew that I had more time than usual um that I want to review why gases is so important for privacy and how it is it and it's a fairly new topic in the sense that gasless are not blockchains have not never been thought in the concept in the concept of gaslessness but here we think that with that new way to build chains uh we unlock kind of key features uh for example um for more guests accounts. I also already mentioned it. Gaz bots uh is actually something very interesting that we after. So if you're building bots, please come talk to us. We have a bunch of use cases for that. It also supports time based execution which is something that in blockchains has always been a big issue. Uh because if you want to have a chrome for example running and or have uh some like time lock contract that needs to take action after the time lock expired, you need to have gas and then you need it means to you need to have an account probably a pay master account is going to pay for that. You need to already have kind of a whole architecture behind just making a very simple chron with a date at which it needs to be activated. Um, and so here because it's gasless, you can have gasless relayers that are going to take offchain instructions and directly put them on chain without worrying about gas fees and pay master accounts and so on. So it really reduces a lot the um the overhead cost to run that and with um you've probably seen all the talk about X42. Um the problem of X42 if it's made for stable coins. So you need to have a stable in your account to be able to use
Segment 8 (35:00 - 40:00)
uh X42, but it's still on chain. So you still need ETH. And then you need to operate like a whole range of services on the side just to be able for your bots to have some gas to trade with. So here because it's free, your bot can basically just have USD and nothing else. And finally, uh this is something very new uh I think which is uh free noise creation. Um so one of the biggest problem as mentioned is the size of the anonymity sets in privacy pools. If you have bots and uh basically Gaz accounts that are just doing round trips between the privacy pool and uh the public uh network then suddenly it's become harder and harder to track uh what um what money enters and then goes out of the privacy pool. for you really increases the the size of the anonymity set. Okay, one last word about compliance because we all love that. Um so the reality is that in 2025 now we have multiple tools to enable compliance. Uh we have like the most known for like privacy pools for example is uh association set provider ASP. Um if you look at ZK protocols, most of the time they use uh viewing keys or selective disclosure. Um you can also have proof of uh proof of innocence POI. Um ZKQC if you used a ZK passport or if you participate into the AXC sale for example you have been using a ZK QC you can also have like privacy modules adapters simulation uh like all the tools around monitoring in real time and so on. So we don't have a problem with compliance. It's not a problem to be compliant. The actual problem is why at which point do we stop, right? Like and then um of course we're going to be compliant with OFAC because otherwise we're going to prison. So cool. Then we probably going to also be uh with the DeFi hacks. We're not going to let them happen. Sure. AML, so anti-money laundering. Of course, we're respecting the uh counter financial terrorism. Uh yeah, sure. All right. Fine, we're going to comply with that. Uh activism, uh are we going to actually open our code to the government so that they can go after activists? Yeah, I'm not sure anymore. So that's kind of my last word around that topic is it's a spectrum. Decentralization is a spectrum. Privacy is a spectrum. Complaints as well. And the problem is the moment we give a back door or way for regulators to have access to certain data, they will use it. and they probably abuse it. Well, um so if there is nothing technical stopping them, it will be abused in the future. Um if a god mode view exists in the network, you can be sure that at any point in time it will be used. Um so to achieve real privacy, we need system that can't be forced to comply. Um so actually Vitalik did a whole talk about that. It's like, you know, the whole like don't be evil, can't be evil. That's the core of it. Like if we can't be compliant or if the the government can't have access to certain data, then the developers shouldn't be in a position to be put in prison because they just wrote code. So decentralization and credible neutrality are necessary for privacy. Um so all the blockchains that are focusing on, you know, faster server and so on, that's cool. But the moment they get a swapina, their entire thing goes down. Um so if we don't do that we're basically building the panopticon uh so everyone everything is observable by the government uh and we are just handling the keys to the most elaborate sovereign system ever done uh so that's not the point of what we're doing here so that's why we need to have that in mind when we build systems uh focus on privacy all right I'm done — thank you S we have a little bit of time here for some questions so if you do have a question just raise your hand. There's one over here I see already. Um and Mike will come to you. Don't worry. And thank you for the talk. It's a very nice to get an update on status and the whole privacy stack that you're building out. — Yeah, thank you for the talk. It was really good. I really like your last two slides, but just based of that curious how you will actually look at implementing any OFAC kind of regulations like what's your plan where you're going. I kind of agree like we don't want to be funding Lazarus to you know wash transaction L2s but then again we also don't want our devs to actually go to prison for just building tools. So what's kind of your approach on that? — Yeah, thank you. So, uh, I kind of joke with my team that my wife will kill me if I go to prison. Um, and she would be right, so I'm not going to prison. So, the way we've been thinking about that
Segment 9 (40:00 - 45:00)
is, um, we need to be compliant with the most basic rules that everyone agrees on. Of that, that's why it was kind of the top of the list because it's the most agreed on list. So the way we are doing it at the moment is basically at the sequencer level we just implement uh a block list and all the address that get added to that uh we update that list once in a while when commits something and those addresses can't so they can't um have access to the sequencer but they can't even bridge so they basically stay on the other one. The tricky part is when we go down the list, right? Um because then there's not a kind of internationally agreed list of addresses that needs to be blocked. Then it's mostly based on a threat models. Um so you look at oh we think Lazar is founded that few addresses then yeah all the addresses that are downstream from them need to be um taken out. Um so that's why also we uh when thinking about the privacy layer we want to implement a ZK protocol that allow us to do um discrimination at the point of withdrawing meaning that we can't filter for everything because we don't know what's happening in the world at any point in time. But if something happens later we need to be able to say hey by the way that address that enters with like five ETH it's bad. So all the things that are downstream on that need to be excluded and the way it's going to work. So there's actually two ways. First way is how privacy pool handles it where you separate yourself from the the bad address. So like all the people in the pool are just going to move pool and going to another one. The UX is terrible. It will get better. But that's the first way. The second way is uh and I had like a nice talk with Aztec about that because they are thinking about implementing similar things is you just can't withdraw. It's just blocked and so um so it doesn't benefit anyone except ETH uh because it's basically a burned asset. Um so yeah, this is how we're thinking about that. So Logos, our sister organization is going way more kind of uh intense into that route like super cipher thing on my end. I want to provide something that is compliant uh that anyone can use and where people don't feel that they're criminals because they're using it. — Great. We got another question right here. Hi, nice to uh love the talk and I think the this is so needed but my concern is like you know when when people know that you build private systems then yes you're right they come after you and I was curious like you know with private systems and with the world and how it's changing today do you think we have to release something that is powerful like how Satoshi released Bitcoin to the world is that we have to do the sort of the zero knowledge version of the same thing so like the Zatoshi version of this and I guess do you have any opinions on how to release this kind of technology in a compliant way where you at least disclose the dangers of these sorts of systems but then you at least provide some architecture or some uh some guidelines on how people could start to use this regardless of who ends up using it for malicious reasons. like what's your thought on enabling people um like standards of operations but for decentralized network management regarding private compute? — Yeah, thank you. Um I spent years thinking about that and the first network who did well was Aztec uh ZK money a connect in 2019. Uh that was a great implementation, but it was still too centralized to be fully compliant and also fully protect users. And this is why they shut it down. They were like, "Yeah, actually it's a good tech, but we still have too much access to it that if at some point the government comes after us, we're done. " So that's why they spend so much time building the new version of Aztec that is honestly like okay I'm going to shield a tech here which is not good for me because I'm doing like another layer too but Aztec I think built the best way right now to do it because of two reasons. First, they don't run any sequencer. Literally, the Aztec team doesn't run a single sequencer. All of them are run by the community. Second, they don't operate um a standard bridge in the sense that there is no canonical bridge to Aztec. There are multiple bridges and bridges are super key into privacy because L2s are basically just bridges. It's just like an L1 contract that has some offsh computation happening. That competition can be private or public. Um in their case what they decided on uh ultimately on the design was to have multiple different
Segment 10 (45:00 - 50:00)
bridges that all share uh a computation layer but they don't share state which means there is no global state in Aztec which means that if you enter with dirty money and your money gets flagged the bridge is resp is responsible for that not Aztec and that completely changes the way we see complaint science because then we see it really as a as a spectrum because you you're going to have bridges that are extremely strict into what they accept and you're going to have bridges that are extremely centralized and just don't care about anything. And I think this is the best system because it allows for multiple use cases without putting the Aztec team uh in a problem. — Yeah. And you're not afraid of like central relayers in this case like that maybe leak the um the private compute over this channel because — you know speaking networking wise like do you think there's any kind of problems there? Like you might want to bridge but maybe that's the moment of reveal because I know in zero knowledge it's still not private if it's still trusted based on the way that it reveals — like the actual accumulation phase of a for example. So — uh we don't have much time. So I'm going to answer very quickly. The idea is that um what you're leaking is metadata mostly. Um and that metadata can be uh erased if you're using tour based network or if you're using kind of somewhat decentralized relayers that have a trusted part of tees and so on. Uh personally the way I'm looking at it is through the waku perspective. So, Waku is a peer-to-peer decentralized uh messaging system that is soon going to be able to run gaz relayers on our network and so if you can make the calls to those relayers using a tour based network then your anonymity is pretty high. Um also because the moment the the relay system catches your message it can just pin out a new address and trade from there. uh which again like increases a lot the anonymity sets. We are not a perfect solution in terms of uh metadata erasing. Um but I think we're good enough so that it's extremely hard for someone to track it and um and we think it's a good enough privacy. — Yeah. — Great. If you have any more questions for feel free to catch him afterwards. And you have a booth uh over here as well, right? — Yeah. Yeah, we have a booth but actually it's not manned right now. Uh but uh just find me on Twitter and uh otherwise just find me around. I I'll be around the whole day. — Great. You can consider him the walking booth. Uh so try and find him. Um perfect. Thank you so much. — And um yeah, stay tuned. In a minute or two, we'll be talking about Nimvpn. So if you're interested in that, just stay right here. We keep the privacy topic going. You got this bracelet. We'll just introduce Stand. Heat.
Segment 11 (50:00 - 55:00)
Great. Like I just said, we're going to keep the privacy theme going. And next up, we're going to talk about NIMVPN. Max and Jana here is going to talk to us about NIM's uh noise generating network. Mhm. — And uh I'm just going to pass it right over to them and we're going to learn more about Nimvpn. — Cool. Thanks, dude. — Okay. Hi. So, we are I'm Max. I lead the DevOps side of stuff and I also lead on our integrations front. And — I'm Jana. I'm a software developer at NIM. And I do represent NIM and explain our very uh complex technology in very simple ways. — So, little bit of an overview of the talk, right? We're going to go problem solution and then kind of continue to like focus down further. So the problem is that at the network level so before you start thinking about zk proofs or anything that happens on chain this is the thing that happens underneath that it's as data travels between computers right and in that regard generally like privacy digital privacy at the moment has a couple of big flaws that's because of metadata and because of how then metadata is used in surveillance how we solve it and then we'll talk about the nvpm so the problem right like the big problem like the talk that just happened before someone was talking about someone had a question that was I think you discussing leaking stuff at the network layer people were talking about tour and people have been trying to solve this for like a long time right so we're not new in identifying the problem um but the problem has changed over time and that's because of metadata so metadata is data about data and you can think of that in terms of whenever you send traffic between two computers you want to make an RPC request best you want to just even like boot your computer up and connect it to the internet and get like the time from like an NTP server, right? You're going to be leaking if you're kind of unprotected by default. You're actually leaking like the origin, the destination of like where the request both sorry, where a request originates from, where it's going. This is in the packet header. This is obvious for anyone to see if they're surveilling the network. Kind of the length of the packets, what you're sending, when you're sending it. Basically, think about metadata as like a set of patterns. And for people that are surveilling a network, patterns are what allows you to make inferences about stuff. This is exposed, as I said, by default. TCP IP, HTTP, UDP, FTP, like all of these things were not really designed with the threat model of someone can capture massive amounts of internet traffic and scrape them and then start finding patterns and making inferences in them, right? Like an easier a very kind of simple way of thinking about metadata rift is say if you can see that there are two people who message each other but you only message each other at like 2 a. m. on like a Friday and a Saturday night. What can you infer about the relationship between those two people? Right? You don't need to see the contents of any of the messages they're sending each other but you can already make pretty like big inferences about stuff. Um and who are these people who can like pull this stuff out, right? basically anyone who runs or maintains internet infrastructure. So your internet service provider, the exchanges, routters, basically all of the kind of internet like backbone that we just kind of have taken for given at this point. Um they can passively see all of this stuff because it's traveling through their infrastructure. In terms of more let's say aggressive attacks, what maybe you have like maybe your Wi-Fi router is running a botnet, maybe there's someone eavesdropping. And although this sounds very over the top, actually there are multiple NSA programs that the Snowden revelations showed are focused on just metadata, right? Uh this is not just something that governments do. It's a business as well. And you know, Stuart, there's this quote by Stuart Barker here, the NSA former general counsel. If you have enough metadata, you don't need content. So the idea that encrypting your messages is like making you anonymous or protecting you is maybe it was true at one point but it's no longer really true now. And so how are we solving this? With there we go by combining the use of some of the security properties that blockchains give you with a decentralized network like decentralized node infrastructure and a lomerated together. We refer to this as the noise generating network or the N the NIM NGN. This is an overlay network. So this is like nodes similar to tour that are
Segment 12 (55:00 - 60:00)
running on servers all around the world that basically protect your metadata from surveillance with uh mixing an anonymous credentiing scheme which we'll get into later. And basically what we refer to as cover traffic, but you can think of as like producing white noise in a network, right? There are two ways that people can interact with this. One is via the NIVVPN app which Janna will be talking about in a second and the other one is the NIM SDK. So the there are a couple of ways that we do to things that we do basically when traffic is moving between these computers moving through this overlay network. We'll go into each of these in detail in a bit, but the mental model going forward is think of it as filling the network traffic with white noise and trying to hide any pattern of data which is leaving your device from that. So I will pass over to Jana now and she can talk about the NVPN app. — Yeah, thank you so much. So let's look into detail how it works, how our noise generating network works. We've came up with a VPN solution which you can actually download on any of the platforms and on top of it we have actually two modes which is a very private mixnet or noise generation network mode and a speedia one. I will explain you the difference in a bit. So let's have a look and to start let's just look at a normal traditional VPN. So what happens um besides the fact that it's centralized, it means it has all the data about you. It has your let's say uh email address. It has your real name. It has maybe the physical address where you have sent the invoice for payment. Uh it also holds the IP addresses, your real IP address and the IP address it gives to you. So let's say if the law enforcement um agencies is coming to them and they ask to hand out the IP addresses, the centralized VPN is able to hand out not only the IP addresses but the all the information about you and they have to abide to these rules. But even if no one is coming to them, it's just enough to look at the entry point of this VPN and exit point. you capture this traffic in some time and then you compare their patterns and then you correlate how and then you can actually see exactly who is talking to who without even asking for those IP addresses. So let's jump quickly to our uh solution for the NIMVPN the mixnet. So before your traffic is coming into the entry node into the entry point it gets already uh changed into something that we call sphinx packets but it's not only our format the lightning network is using it as well. So basically what it does it takes a single packet each single packet of your traffic and makes it of the same size. So all of them look the same. On top of it, we also add noise which is make it unclear when you're actually using the network and when you don't. And then the three layers of mixing is happening within our NIM nodes. This is what Max was talking about. So the packets get shuffled on each node on each hop. It means that the sequence when they come in and come out of the server is being changed. These packets are shuffled with the packets of other users with fake packets. And this is how we actually fight the pattern analyzation. And when it comes outside then the exit node can decipher all of it. And when you say okay but at the end it's the original pattern of the usage which is also fine because even if you capture this pattern you have nothing to compare it to. And then of course the very legitimate question. So maybe this is a bit slow and we do understand that there is always a battle between private and speedy. But if right now we have only the centralized speedy solutions. Um we have come up also with our own solution which would be a decentralized VPN with two hops. uh and um it would also mean that you do not leak your data, your payment data and your personal data to us. So what actually means when your data is coming to the first server uh yes it can see you then the first server is sending it to the second server it means the second server sees the first one and it knows the destination but it knows nothing about you. So this speedy DVPN mode write runs on the wire guard protocol and I will explain you why we have decided to use it in a second. So um let's compare really quick. So centralized VPNs do not protect your metadata. They do not have independent
Segment 13 (60:00 - 65:00)
servers unlike for example tour. tour has already independent servers but he doesn't protect your metadata which is basically al also the solution of our speedyVPN that's why the most private solution would be a mixet which is the noise generation network when do you use which if you need something like browsing streaming video conferencing you choose the fast wire guard mode if you need something more private for crypto transactions emails uh chats you can choose our mixnet mode. So let's talk about something different now that actually the problem of metadata inspection is not uh just the problem of the cipher punks uh is a problem of the lots of countries. It al also can be a problem uh which results into life or death question. For example, like in Ukraine, I come from Ukraine and we know that the Russia is using metadata surveillance techniques on us but actually uh on all over the world and they do their hacker attacks on different countries around them. Uh so what do we do with this? Uh and let's say we have already learned how to protect the metadata but what about the blocking because very often the VPNs get blocked and you might have already experienced go to some country and then you cannot use it. We have came up with a censorship resistance road map for this year and we have accomplished quite a lot. Let's look into detail what we've done. We start with the Amnesia wire guard protocol. So you remember I was talking about the speedy mode. So it doesn't use the mixnet in between. It used the wire guard protocol. But the problem of the wire guard is that it has very recognizable packet patterns especially in the handshake. So what happens before your phone or your device can send some uh information between uh you and the protocol and the server they exchange the handshake kind of saying hey I'm here. They then exchange the keys and then uh they uh agree onto how they're going to encrypt the data. So this happens really quickly. This is automatic function and so basically wire guard has a very recognizable pattern. So what the sensors do they find this pattern oh it looks like wire guard and they block it. So what amnesia wire guard does and amnesia is actually let's say a fork of wire guard. It actually amongst other functions also changes the handshake. It changes its structure. So it's already on a higher level. It's a bit more difficult to block it. The next feature that we have also implemented is the stealth's API mode. What it is and what we use it for. So imagine a different problem because um VPNs can be blocked on different levels. So if the VPN is used by a lot of people, their API endpoints get known and actually the uh sensors go and actually block the API. So what happens if your app cannot connect to its server uh to its API endpoint it cannot login it cannot download any configurations it uh cannot actually connect so your app just doesn't connect it doesn't work so this is done to a lot of uh VPNs out there and so what we've came up with we use the stealth API mode so how does it look so basically instead of uh sending the API requests to our own VPN endpoint, we send it to some well-known uh cloud provider domain which looks very familiar, something really big that lots of people use. So in order to block if you if the sensors block it, they will block a lot of internet. So what we do, we send it there and then in an encrypted way, it gets uh rerouted to our original uh API. Well, this is a built-in feature. We do not want people to switch or switch off, switch on or switch off because uh we will switch on it. It it's our fallback mechanism. When the API requests are blocked, that's when the stealth API mode kicks in. And another uh thing that we've done, we have wrapped our wire guard uh traffic, our wire guard protocol into the quick wrapper. What is quick? Quick is actually word uh it name is quick UDP internet connection and this is the protocol that lots of companies and uh internet sites are using for example YouTube, Instagram, uh Google. So it basically looks like a big chunk of UDP streaming. So what we do before uh you connect to the entry gateway usually if uh the uh deep packet inspection can see the wire guard packet structure and it can block you. So what we do we exactly
Segment 14 (65:00 - 70:00)
this connection to the first uh entry point we wrap it into quick. So think of it as a disguise um it looks as if it's just a big streaming uh network. So, we've done it and it helps us a lot. Uh, but let's say that's still not the last problem. Oh, by the way, yeah, it this is um a feature which you can toggle on. So, if you feel like the VPN has been blocked, you cannot use it. You just go into our anti-ensorship resistance uh settings and you toggle it in. And then as I said the entry gateway will have this small tag on it that it's enabled with quick and that's the one you will select and be able to connect. We continue for with another problem. I will talk really quickly about it. So basically uh we unlink your identity from usage because usually if you buy a VPN let's say even if your email address and your payment details are not being stored by the company they still give you some kind of uh account number. So every time you connect the um VPN provider proxy will check with you if your account is actually valid if you have access to use this VPN. it will create the temporary session token for you and you will be able to use it. So basically each time you connect the provider knows your account number and this is bad. So what we do, we've implemented uh zero knowledge proofs payment system. It works the uh the following way. Once you pay for the subscription, it doesn't matter it's a credit card, NIM token or crypto. Under the hood, we buy the NIM token. But it's not the most important part. The most important part that our validators receive an order to create zero knowledge proof keys for you. And this is like a huge amount of keys that you receive. So every time you connect to Nimvpn is not checking your account uh address or your account number, it's checking one of those keys. And the only thing that's happening that our validators then check is this key valid. And this is how we know that someone with a valid key is using our network. But who it is, we have no idea. So basically we're not going into detail because that's a lot. But good thing is that now you can also pay for the NVPN with Ethereum because this is a really fresh feature. We've worked on it exactly for the dev connect so that the Ethereum uh community can also pay in ease and we will go to something more that Max will tell you about our SDKs. Uh before I do the SDKs, I'll also quickly introduce a feature that's going to be coming out in the next release of the Nimvpn app. And what that is that is a private RPC endpoint that runs locally. So this you could um essentially use for something like MetaMask. You could also it's designed for MetaMask, but you could also use it in general. Why? Because if you're using metam mask or using whatever it's using a centralized RPC endpoint like infura you know a couple of years ago now uh metamask changed their terms and conditions everyone knows that like as they get HTTP requests in they can see and they are having a look uh for their own kind of like legal reasons at where an IP is maybe coming from and all of this kind of stuff. So actually using their built-in RPC endpoints which is what the majority of people want to do um leaks your metadata right this is obviously in the context of this talk not a very good thing so what we've done with this was built by a um by a community member um what we actually have is now within the Nimvpn app itself when you toggle on this kind of additional local proxy mode it actually starts up a it uses our sock 5 client socks is just like a set of proxy protocols and basically it will start a sock 5 nim client locally that you can run to that will then give you a local host address that you can basically just put into your MetaMask. So then you can configure it once to this local NIM network and then all of your RPC traffic even though it's actually being signed and sent from the MetaMask app itself will actually be going through the NIMVPN sock 5 client and it'll be proxied through the MixNet to whatever endpoint you want to use. Right? In doing so, you're unlinking the sender and receiver. You're no longer leaking any of this metadata like your, you know, whatever user agent, your connection type, all of the kind of stuff that comes with a like a bog standard HTTP request, right? And um this is actually going to be like I said, it's going to be bundled into the next release. So, it will be another toggle in the next release. You can just toggle it on. If you're already running the NVPN, then you might be running it in the kind of in the speedy mode. this a wire guard tunnel in a tunnel
Segment 15 (70:00 - 75:00)
mode, but this will actually then be giving you the full protections of the mixet for your RPC transactions as well. And yeah, it's in the next release. And very quickly for anyone here who's also a builder, we also do have two SDKs. So at the moment, we've been talking about the Nimvpm product, the downloadable app for all of the different operating systems and platforms, but we do have two SDKs as well. If you want to bundle the capabilities of a mixet into an existing application, we have two of them. We have a RS SDK one. This is kind of broken up into a set of modules. If you want to build, you know, if you want to get really deep, we have some of those as well. And we also have a couple of, let's say, more like plug-and-play abstractions as well for maybe developers who just want to use the mix, but they don't necessarily want to kind of fiddle around with building their own connection logics. And then we also have a TypeScript SDK. And the TypeScript SDK basically we take our NIM client, we bundle it as a WM blob. And what that means is that actually it can be imported into apps in the same way that any other uh dependency can be pulled from npm. Right? So it does work in a browser. Browsers are very restricted environments for arguably good security reasons. Um and what this basically does is this will sit inside a web worker. So what it means is that you can actually embed a NIM client onto a web page if you want to and then actually be sending traffic through the mixnet from a web page and your user you know there's no kind of special configuration or anything that the user themselves has to do. Um if you go to our documentation there is a playground as well for the TypeScript client. So you can actually send and receive data through the mixet and you can also use our um our library which is called mix fetch which is a mixnetified replacement for the browser's fetch API. So you could again you can do from your browser you can do HTTP requests through the mixnet and protect yourself from there without really having to do any additional configuration. Um we're almost out of time and we want to have time for questions. So download MVN here. This is all of our information and thank you for listening. — Thank you Max. Thank you Jana. Um we have time for a couple of questions. So if anybody got a question, just raise your hand and a mic will come to you. One right here in the first row. — Hi, how are you? I'm Valentine. Nice to — Nice to meet you guys. Um my question is how can we get involved and how can we support NIM's mission because running an oath it's expensive and you know like the plutoaucracy around that — but how can we like I believe in the mission of freedom of speech — that NIM provides. So, how can we also like help with the mission of NIM without having to actually spend on a super complex machine to run a node or — Yeah. I mean, so um on the side like on the side of node operations and stuff then because so we didn't have time to get into it because it's like a talk in and of itself, but basically part of the reputation system of nodes which is how they're selected to be involved in the network, right? which is also part of a civil defense mechanism to stop someone just spinning up a thousand bad nodes is partially wasted on delegated staking. So there is this that you can do as well. You can kind of you can stake on good nodes. You can support good nodes as well. There are with I mean you could have a look on the forum. people have already kind of started building with the SDKs stuff like this and a lot of the way that attention and grants are also kind of like moved around from the forum is based on what the community wants to do as well, right? So there is also that on top of that we increasingly have more and more uh communitydriven events um and a lot of community translations as well for both like the website, the blog, all of the information as well. So there's a lot of kind of different ways that you can quite easily start kind of getting involved or just start building with it as well. Um yeah, we have a bunch of people here. There's a bunch of us who are going to be at the cipher punk gun cyplunk event later today as well. to just come see hang out and yeah — there is something I want to add but even if you do not build run the node even if you do not stake the name token on the nodes which is pretty easy to do actually you still can use NVPN and you will be supporting the system because you remember about that noise that Max was talking about so imagine this that actually the more real traffic we have the less noise we need to produce so you're using yourself and you being private in MixNet but also you're protecting others because you add uh additional layers and additional packets which are taken into the computation. So you can support us by using NVPN. — Yeah, thank you. — No worries.
Segment 16 (75:00 - 80:00)
— Got one over here. — Um I'm excited that this exists and I'm happy to discover it. I have two questions. Um, what's the overhead for noise generation over networks? Um, is this a way that you're unlocking unconditional privacy? The overhead cost is roughly I mean, I mean by overhead, okay, so like NIM is very client-based, right? The clients are doing the majority of the work here. The clients do your encryption, they do your rooting, they do all of this kind of stuff. that does add somewhat of a computational cost. However, that said, I have also run like 20 MixNet clients at the same time on like just a fairly normal ThinkPad and like it's fine. So, you're not talking about, you know, you turn on an M client and all of your CPUs kind of like start worrying, right? Um, so computationally, it's not like that heavy. Obviously, it's more heavy than like whatever an HTTP client, but you know, looking at the like looking at the NIVVPN especially, then you could also have that there's, you know, it's it's negligible, I would say, right? It does affect your battery life a bit, but like it's fairly negligible. Um, almost out of time and the phrase unconditional privacy is a talk in and of itself. I would say looking at what we're essentially building for which is how do you defend yourself against a god's eye view? like a global passive adversary, right? That can watch the ins and outs of a network and try and trace packets through it. That is essentially what the mixet is an answer to because surveillance is at this point a um I'm completely blanking on the word. It's a numbers game, right? You're making inferences about patterns that you find in data. What we're trying to do is hide all of those patterns itself. Okay. From a, you know, a GPA, someone like a government, a very large company like Amazon, someone like this who can actually capture all of the packets that are moving through a network and then start trying to do this linkability. That's what this is an answer to basically. And really quick is um for builders out there are like for like NIMs specifically um I guess like what are your uh opinions about the use of TEES uh for enabling um sort of like my own personal uh confidential rail that would still enable uh NIMVPN. Is this something that you've seen? — I mean the T is the privacy party will continue. Tyson from Sora is here. He's going to talk about the role of privacy controls in um in scaling crypto adoption. And uh I'm just gonna pass it right over to him and take it away, Tyson. — Cool. Thank you. Um yeah, hi. Uh I
Segment 17 (80:00 - 85:00)
threw these talks together like 30 minutes last night, so we'll uh we're just going to run with this and see how this goes. Um I uh I've been thinking about privacy for a long time, especially at Zora. Um, for those of you who don't know, Zora is a uh social market uh built on crypto where every post, profile, and project is a coin. — Very big belovever verse. If any of you guys are here, um, work only with partners that have similar values as you. Uh, and do not abuse the user data. Use open standards and always give user the choice. Do not just impose partnerships and integrations. uh to them. So getting to the practical stuff that you should do as a builder, um don't take the easy way. Don't go SAS the SAS way, but um start by defining the data life cycle and where it's stored. It's really important to make it obvious that data is local and show that to the user. Think and iterate who your users are. Make a profile for who uh is supposed to be using your product and relentlessly iterate and build your app to optimize for this. Find a business model. Don't be free and um really get used to the idea that people should pay for what you are doing. Also, don't be afraid to price your product high enough. You are worth much more than you think. And do not sell yourself short. Like this is really important. I have made this mistake. It cost my company. It cost my personal life. Really, really do not sell it yourself short. Uh do make uh the pricing high enough. Users ask where your data lives. Every single application that you use, can you use it if the internet goes down? If the website goes down or the coin list and the coin trackings of the world, if they just switch like flip a switch, will you lose everything that you have been working years for accounting like to make it nice? You will. I'm telling you. So, so do not use such applications. Make sure that the app can survive its creator and that it can work offline. And if an app does um satisfy all these criteria then support it and seal it to others. The vision is a network of aligned applications with the users in control and genuinous feedback loop. Happy users are supporting the applications. The applications get enough funding to become better. The users become happier. They become empowered. And then we have basically many such small aligned applications that are all working for users and are not just three big data uh mining giants that make all the apps. So remember build aligned applications. Alignment is punk. It's basically a rebellion against the people that just build SAS to mine your data and sell it to you as free products. Um that's all. Uh please stay aligned. Uh use rod key. We welcome open source contributors. This is a QR code with uh link tree for all of our uh stuff. If you like buy premium, you can sponsor a release and generally spread the word and come by our booth later. Thank you so much. — Thank you Leris. Um are you running out left? We — can you take a let's see if there do we have any questions left is running for another talk in about 20 minutes or so. So uh — but I'm good I have time for questions. — Okay. If you have any question just raise your hand and mic will come to you magically. Okay. It doesn't have to be about the presentation. You also have a guy here who's been working on Ethereum since 2014 and has been involved in many different things. And left there is you've been to every single DevCon? — No, Dev Connect in Amsterdam. I missed it because I thought it wasn't the Devcon, so I was like, I'm not going to go. — I see. Okay. So, every Devcon and almost every Dev Connect. — Yes. — Okay. Well, that's a strong track record. Okay. Hugo. — Hey, thank you. Thank you for remembering by name, Martin. Um, I have a question on value. I know we talk about a lot of privacy. Um, and I didn't catch maybe you mentioned this in the beginning. I couldn't catch it yet, but do you have any idea or feeling of how much users price privacy? I know it's very difficult and diffused to actually think about like the price of privacy and how much value it brings. Certainly Apple, for example, is pushing privacy as one of their selling props. Um, at Peanut, we for
Segment 18 (85:00 - 90:00)
example, we do fees, right? We're like we there's fees on the transaction. So my question like hey how much more expensive am I as a user willing to pay for something as long as it's private? Is it like double? Is it like just 5% more? Uh do you have any idea like how to make this a number a concrete number? — It really depends on the user profile. There is users who think that the stuff that I build are not private enough. Uh there is because privacy is not like boolean. It's a spectrum. uh I think that the majority of users would not be willing to pay more than 10% uh majority like if you take like the average as a prop app of a normal uh other app but there are users who would pay you the world if you can do specific things uh for them. — Okay. But yeah, it's a it's a very difficult thing to put a number on. — Okay. Thank you. — Any other questions before Leerus runs off? Otherwise, they can catch you at the booth later in the afternoon. — Yeah. Yeah, I will be the booth and at the I will give basically I think the same talk uh there in the privacy district. — Okay. So, if you can't get enough, you want to hear it twice right over there in the at the privacy stack event. Okay. Thank you so much, Leurus. My pleasure. Thank you guys. — We'll have a couple of minutes break and um and then we'll be talking about CK identity and how to prove your identity without giving up your passport and so on.
Segment 19 (95:00 - 100:00)
Yes. Privacy. privacy. We are keeping it the privacy party going. And um next up, we're going to have what I think is going to be an very interesting talk about identity, how we bring privacy into identity. Michael is going to come up here and talk to us about CK Passport and um something called face match. So, please give it up for Michael. — Thanks, mate. Okay. All right. Thanks everyone that came to watch this talk. I'm Michael from ZK Passport and I'm going to be talking about our brand new feature called private face match. Um, first I'll go over what it is that we're building and talk a little bit about how it works and then towards the end I'll explain private face match. It's a really exciting feature uh and it's in production. So everybody in this room uh on your passport or national ID there's an NSD chip and the issuing government has embedded on that chip your personal and then over that information there there's a digital signature by them uh which is essentially a an unforgeable seal and so this allows us to now verify the signatures from your government uh signature on the passport to be able to verify your identity in a private way. And so the user flow here essentially is you will scan your uh your passport or your national ID via NSC into your phone and then you will scan a QR code uh on a website or a service connecting um to the phone and then you'll be presented with a credential request. essentially whatever it is the service is um wanting you to prove about yourself. So this can be super granular. It can be like a proof of country. Uh you know, it could be just proof of humanity. It could be um proving that you're not on a sanctions list uh or any kind of combination of those. And then importantly, everything is proven locally on device. So we put a lot of effort into this part of it. All the um ZK proving is done client side. And it was a very big
Segment 20 (100:00 - 105:00)
task to essentially allow it to be done uh within the memory constraints of a mobile device. So we can't really go beyond say like 2 GB because then we'd be excluding how many devices would be supported. And another important point to um go over here is this concept of preserving the provenence. So you have the government signature on your passport and you're not trusting us at all. We're basically just um providing the circuits to allow that trust to be uh retained and the provenence from the issuing government all the way through to the verifier. Uh and this is uh in contrast to traditional KYC where you'll be taking a passport of your photo something like this and you'll be sending it to a centralized KYC provider and then they'll be reattesting to it by observing it using whatever you know algorithm they have to go oh this looks genuine I guess. um and then giving you the the service yay or nay and it's a real shame because you have this provenence from the signatures and you're losing it along the route. So they're reattesting to it. Um the the yeah the trust is broken essentially. Um but with ZK and what we've built you can retain that and that's a very important concept and so we're building an open platform uh for digital identity and this is available right now. So we launched uh about a week ago on mainet um and base and we got to go multi-chain. We have like a universal address for the reverifier uh which is also pretty cool. So it's the same address no matter what the chain is. And yeah we um very soon we'll be having like um like a form where you can any service can specify and select what are the credentials that they want um whether it's proof um that you're from a European country, proof that you're not from a sanctions list, which sanctions list there might be. So there's like the OFAC SDN, there's several others. Um or maybe just want proof of um uniqueness of being a human and then it'll be a code generator that will generate the code that you'd need. Um although it is also quite simple to plug into the SDK as you can see here. Um but yeah, it'll then generate the solidity code for a smart contract um or for the front end and you can just plug it in. And so here are some interesting use cases um some of which have already been put into um production. We have the first one is uh token sales or even airdrops. So this is actually a world's first we're really proud of. This is the world's first ZKYC was fully private. Um and this was uh launched last week for Aztec's token sale. So you had the fallback here with predicate as the traditional KYC where you'd have to send your documents to them. But with Zik passport you can completely privately verify uh through a Zika circuit zik proof that you're not from one of four different sanctions lists and you're not from a sanctioned country like say North Korea and several others. So the services themselves, they pick the um the criteria what it is and then you'll scan a QR code as you're um using the service or for in this example participating in the token sale. Uh and yeah, you get to preserve your privacy which is the whole point here and why we're building this. So you also have uh proof of country. So we've um partnered with uh the slides were in the wrong order but we partnered with Dev Connect um this year and also last year at DevCon. So you can prove uh that you're from a Latin American country, reveal nothing else about yourself, and you can get a 50% ticket discount. And this is a good offchain use case. So there's no chain needed for this. It's you send it to the back end. A database sees the unique identifier and it'll allocate you um a ticket code, a voucher. And if you were to do it again, you would get the same unique identifier for your passport um for that given service. So it would just issue the same uh the same voucher code again. Uh and then we have proof of these slides are a bit messed up but we have an integration with Gitcoin uh with a passport uh Gitcoin passport u coming up soon. This is really handy for Gitcoin grants where they have the um the need for super resistance because of the quadratic funding. So this means that you don't spin up a thousand different EOAs. Uh it's limiting it to one person or one passport. And so, sure, you might have two passports. It's a bit more common. Maybe you've got three. It's very unlikely you have four. Um, if you have 10, your government's probably looking at you suspiciously and you know, you might end up on a different list for that reason. Um, so this is strong se resistance. We also have uh another example could be proof of age, which is increasingly important um given the you know regulations that are emerging from the UK, even Australia. So, you want to be able to prove that you're over 18 without even revealing your age um or any other information. Just the
Segment 21 (105:00 - 110:00)
fact that you're over 18. That's the only credential that's being asked of you here. Why would you submit a photograph of your passport and all this information to that service? And especially sensitive considering what kind of service it is that you're sending it to, like an add website for example. Uh and then a great use case here is uh private and compliant stable coins. So we believe that to get real world adoption, you're going to need privacy for everyday transactions, this kind of thing. Um, but if you offramp or businesses accepting this, so you need to have some kind of regulatory compliance, uh, proving that you're not on the sanctions list, for example, but you don't want to reveal your identity at the same time, just that you're not one of the bad guys. And so this is sort of an extension I suppose of the proof of innocence used by rail gun um or privacy pools but instead of it being an address that you're proving that you're not one of it's your actual identity if your name so we can check uh against the STN sanctions list that your name does not appear there um and we transliterate different characters uh we convert um other character sets into Latin um so your passport number is not present there. It's a really nice extension on just a kind of a dumb EO approach. And onto the um I guess the name of the talk is private face match. This is a really exciting feature. And what we're essentially doing here is uh allowing you to prove that you were the same person on your passport or ID card without ever revealing your face. So this provides a really nice guarantee um mitigates like scammers or maybe you've lost your passport. So only you can use it. Um, and this is something that's requested by the service for, you know, additional layers of security. And so the user simply scans their face using the mobile device. It'll generate um, and this is all on device. Nothing leaves the phone. Um, like your face never leaves the phone. a face print is derived and then with an ML model and then the similarity is compared against a face print from your passport photo which is signed by your government and this is all secured using uh what's called app test. So it's kind of like it's a mobile TE guarantee. So everything up until this point is a cryptographic guarantee through our circuits. And then this is like a nice layer on top where you don't get a full strong cryptographic guarantee, but you get very close to it, especially on iPhone. So it's proving in our circuits that it's um a valid that it's a genuine iPhone that hasn't been jailbroken. Um and there's like, you know, hundreds of efuses that exist in the phone. If any of those blow, Apple will refuse to attest to it. And the way this works um under the bonnet is on the secure element on the iPhone uh there's a private key that's generated uh a key pair and that key pair is only usable by Zigga passport app and then that key pair is attested to sent back to Apple servers and there's also a corresponding device key that's linked to this and at the factory when Apple or even Google or Samsung generate create these devices. They know which ones are genuine based on this key pair. It's a public key essentially that they store and so there's this way to keep this provenence from the factory to the device and so Apple will sign over this. Um Google will sign over this and then we ver and then we in the app logic will do the comparison of the face print with what's called a cosign similarity. Essentially, if it's above a threshold and you look similar enough to the the photograph on the passport, then it'll pass and we embed that information and then we sign our app signs over it through the secure enclave on the device. And then we verify all of the signatures all the way through the um the chain from Apple and from Google through their version which is called play integrity. And at the end of the day, you get all of this uh all these proofs in a very robust system inside the ZK circuit proven locally on device and then what emerges is essentially one proof uh only revealing uh what is essentially like a root hash and that root hash is the um the source of truth the um essentially yeah the trust anchor that has Merkel trees and all this other stuff but nothing private is revealed and all of these asurances are there within the proof and looks like my laptop timed out. So, uh let me get that going again. So, yeah, crucially um with Z passport, what we're building is ensuring that all of the proofs are generated on device. This is very
Segment 22 (110:00 - 115:00)
important. There's other um ways to do this that are a bit of a cheat code and a shortcut where they'll have a TE and they'll encrypt the data um for a key pair that the TE has and then they'll send that data to the TE. The TE will decrypt it then they'll do verifications normally. The issue with this is it's possible to ease drop on the TE u which is what's called a side channel attack. Um this has been revealed very recently. It's not very difficult to do and Intel have acknowledged it and they've said yeah we're not going to fix that. It's not actually a design flaw. Uh we weren't designing it to be private. We were designing it to um have integrity like a ZK circuit but through hardware. And so the engineering effort was yeah was quite a lot but uh we have 600 different circuits for all of the different signature algorithms which is one of the biggest challenges. And we have these four subproofs that we generate locally. uh the first three verify the signature and obvious other um uh like the root signature, the intermediate and then finally the passport data itself. So those three subproofs can be generated immediately as soon as you scan your passport and the fourth subproof this is like a essentially a pivot subproof where you disclose whatever it is you want. um we can c those first three and then whenever you're proving uh for a particular service then we you're just generating that last one with a time stamp that makes it fresh. Then those four are recursed into a single proof um all locally um although sometimes if the memory is uh requirements aren't enough we can send those four subroofs to a cloud prover to recurse into one proof but crucially again none of your data is sent off because they're already wrapped in these subproofs. Um this just basically allows them to be combined into one proof. We call a compressed proof making it more compatible for the EVM. So you can send it to the chain to a smart contract, have it verified. Um and this unique identifier can also be used in that context for example um limiting registrations to like a one passport or ID card um per signup. So, this is all live in production right now. And we haven't actually properly announced sort of through any announcements the private face match feature yet. But if you go to this URL, you can try it out for yourself right now. So, you can load your national ID or your passport in. Um, crucially that the question mark FM equals 2 is the part here that you need to add. Although this will be published to the main demo. zport. id website uh very soon, maybe after dev connect. We're all very busy right now. Um, and then this is kind of like a choose your own adventure. So, to give you an idea of what it looks like, this is the demo website. So, you can, you know, choose proof of age, proof of country, and then if you add that, you can do private face match. So, yeah, that's the flow. Um, I'd love to take questions if anybody um has any. — Great. Thank you very much, Michael. Yeah, if you have any questions, please just raise your hand and um we'll get a mic over to you ASAP. — Oh, [ __ ] — Oh, good. — Perfect. Okay, we got a question over here. — All right, — Mike is incoming. I think ah you know you can get my mic real quick. — Thank you. Very interesting. Uh do you have a SDK for integration? — Absolutely. Yeah, you can go to docs. zkasport. id. — Um — and you have a list of countries currently uh implemented or all the countries are included right now. — Yeah, there's really wide support. So any passport that has an NFC chip will be supported. Um most national IDs um there's some root certificates we don't have yet for some national IDs um but some use the existing infrastructure uh pass root certificate system. So yeah there's a very high coverage. We also have a coverage map that you can view if you go to registry. zigasport. id and you can see the support and like a big map of all the countries. — Okay. Thank you very much. Uh follow up. Uh do you also support like uh other type of ID like uh driver's license in United States — currently? No. — No. Okay. — Uh but we do have plans to add this uh later on. So in the in California um in the United States the system's different depending on the actual state. They do a different implementation. — But yeah, we can do the um probably California would make sense next. They don't do a fully um decentralized uh model where there's reach certificates. you'd have to kind of like send a request to the um the government website and then you get back this signed JWT. — It's a way to prove ownership of the um of the ID and then from there it's possible to do it. Yeah. But it's an
Segment 23 (115:00 - 120:00)
interactive process. Um so we'd have to do that every time but you'd still be able to prove it in circuit which is what we're trying to achieve and so yeah we can add that later on depending on demand. Absolutely. — Great. Thank you very much. — Thank you. Appreciate it. — Can just skip the mic right there. I guess if you do that you might have to consider whether you need to change the name. I guess seek get passport if you do more types of uh identity. — Right. We have thought about that but now I guess we have enough brand recognition. It's kind of locked in at this point. — Makes sense. Um any other questions? No. Okay. Well, you can catch Michael right after this and maybe at the CK Passport booth as well. — Yeah, please come and visit us. We have a booth in that direction in the privacy village. happy to answer any questions you might have there. Please come and see us. — Perfect. Thank you so much, Michael. — Thank you. Appreciate it. — We're taking a quick little break here at the stage. I think we have our next talk in um 40 minutes or so. So, uh yeah, if you need something to drink, something to eat, feel free to go and get that. Um, I highly recommend if you're going to the food trucks and getting something to eat, try to pay with crypto and see these cool receipts coming up. I also heard the might be a po related to it. So, check it out if you're hungry and you're going to the food trucks. Hello. Can you hear me? Hi. Yes. Hi. Hi everyone. Welcome to um afternoon session of the stage lightning talks. My name is Abna. I'll be your MC for this afternoon. Super excited. We have a lot of interesting talks about privacy, identity, etc. And I hope you are with me. The format is like this. Each speaker will come. He has 20 minutes time. And then after 20 minutes, you have five minutes Q&A session. Whenever you have a question, just raise your hand and then the mic will pass to you and on the each seat you have a headset in case you don't hear very well because of the other like audience behind you can just put your headset on and you hear the speaker very clearly. So it's up to you. I think we are ready to start. Um I'm happy to announce the next speaker. The topic is about Dex renaissance about privacy identity and the future of web three. You have a pleasure to welcome Zack Williamson from ATSE. Welcome on stage. — Thank you. — Uh thank you. — All right. Hello everybody. Good afternoon. How are we all doing? — Uh last day of the conference. Let's all power through. Eh. So I'm Zach. I am the co-founder of Aztec. And Aztec is a privacy preserving layer 2 built on top of Ethereum. So we are recreating the permissionless smart contract ecosystem of Ethereum that world computer and we're making it private where you can put private information inside your smart contracts and you can reason about that whilst maintaining all the cononical security benefits of blockchain. Uh, and I'm going to talk a little bit about why I think this kind of thing is so important, why privacy is important, how it's linked to identity and the future of web 3. Uh, yeah. There we go. So, okay. So, I think the information age we all live in, it's brought immense benefits to the world. You know, the information superighway. Think about how easy it is to learn new material, new resources. However, there's been a very large downside to that, which is that it is eroded a lot of the foundations of trust that bind us together. These networks of obligation and responsibility um that connect us to each other in the
Segment 24 (120:00 - 125:00)
real world. The more of our lives move that move into a digital space into online spaces, the more this erodess because we're not interacting with individuals anymore that we know that we have personal links of accountability towards. We're interacting with random people online who um can be anyone or anything. Um you don't even know if the person you're interacting with is a human being or not. Nowadays, it's probably a bot. You don't know what their agendas are. You don't know if they're lying. you can't hold anybody accountable anymore. Um, this is all very much tied into the rise of uh the digital slop we're all encountering. And I think that we need new coordination mechanisms online that allow us to build trust infrastructure uh into the internet into web 2 as well as web 3. Uh we need new information networks to bring back what we've lost and privacy is an existential part of what this is about. Privacy is going to eat the world. Uh in the same way that software at the world 10 years ago where you had brick and mortar stores that were um like okay so it's the year 2000. You have brick and mortar stores. You know you got filing cabinets with with paper in them and information. You have data lying around on floppy discs on hard drives. And all this information processing that an organization is doing. It's all very manual. It's all very primitive. It was all happening via people, perimeter machines, onsite and software at the world because all this data got moved into the cloud and all the information processing happened in digital spaces. Uh and that led to the current world where we have web two giants who hoard our information like a dragon on top of a treasure horde treating our data as their property. It's led to massive efficiencies, but it's also created these um very negative externalities because that data can be monetized against our own interests. And I think privacy is going to eat the world in a very similar way, process where we're going to be building products and services that mimic the outcomes of web 2, mimic that information processing. However, the data will be staying with the user client side. It won't be shared. that data instead will be um computed via zero knowledge proofs and permissionless distributed transaction networks like Ethereum like Aztec will be the settlements and execution layer for this information processing machine in the same way that the cloud and AWS is for web 2. And I think that we're going to have because of the benefits of permission composibility um the efficiency of these services is going to be higher than the web two. That's the bet. And that it's we're going to start to see a process of all this data leaking out and falling out of these web two giants and going back into the hands of users. I think this is the world that a lot of people in this building want to create, want to build, want to participate in, and Aztec is no exception. Okay. So, how the hell is this all linked to privacy? Well, uh I want to pose you something. You know, everybody says blockchain is a casino. No crying at the casino. And I love the casino, you know. Don't take Poly Market away from me. It's it's absolutely hilarious. But we all want it to be more than a casino. And I can explain very simply why we are in where we are today. The fundamental value sources on blockchain today only come from two sources. They come from dollarback stable coins and economic consensus. By economic consensus, I mean um how much are people willing to pay to get transactions onto a blockchain? If the value of Ethereum, if the Ethereum token went to zero tomorrow, every single token on Ethereum would also go to zero except USDC and USDT. I think we all know that this is broadly true, which means they're all coming from the value is coming from the same sources. The value is all being derived from the value of Ethereum, which is the value of economic consensus. And what I want to highlight is what's missing from this saga. platform is all the sources of monetary value that we use in our day-to-day lives with the exception of the US dollar. Where are the mortgages on chain? Where the where are the treasury bonds on chain? Where are the um where the supply chain certificates on chain? Where are the insurance is the entire goddamn capital markets that powers the modern world? Where is it? It's not on chain. And it's not on chain because blockchain is fully transparent. If you are mediating or settling an asset that is anchored to the real world, then for a smart contract to perform that settlements layer, that smart contract needs to know who the owner of the asset is. It's not enough for me to say I am ox 3A BB112, you know, whatever my
Segment 25 (125:00 - 130:00)
address is. That's not enough. I need to be able to say, "Hello, I'm Zachary Williamson. I'm 37 years old. I'm a British citizen. I'm not on a sanctions list. I'm not a terrorist. And right now on Ethereum, on other platforms, you can't do that without doxing yourself. This is why you need privacy. Privacy is identity. Identity allows permissionless decentralized smart contracts to understand who somebody is and can therefore become the trustless medium on which we can execute our real world transactions and exchanges. And so, how do we pierce this web three bubble? You know, how do we turn blockchain from digital Las Vegas into digital America? And I think it's fairly straightforward to be honest. Step one, we need to be able to interface with web two systems. take information from Web 2 servers, from the internet, from emails, pipe it into smart contracts trustlessly without disclosing information to the world. Um using that you can do things like solve account abstraction with her two authorization techniques. For example uh in Aztec you can write a smart contract that performs a Google authorization flow sign in. Uh so you're basically saying hello I have a certain Google account and the world can't see that you're doing this. They can't see that contract is linked to a Google account. Um and for a casual user in a hot wallet that would definitively solve the the account issue. um because it's tied to your Google account. There are obviously certain centralization risks there that need to be navigated, but that's just a token of how of the simplicity of user experience that you can get with privacy. But the main thing is you can prove data provenence from the outside world, from the real world in web 3 um trustlessly via these kinds of zero knowledge oracles. And then once you have that, you can start to link accounts to identities. You can link personal information uh to web3 accounts like your citizenship, your web3 credentials. Even things like if I can prove in a smart contract that I possess a Twitter account with over 100 followers, that means I'm probably not a bot. I might be, but I'm probably not. And that itself that is useful. Um, and if you have more advanced identity systems, you can unlock decentralized apps that can interface with the real world, bring real world assets on chain and use them as liquidity inside DeFi type applications. That is the holy grail. And once you do that, you can meaningfully start to establish digital sovereignty. The idea being that a digital ownership of of a digital asset on chain represents a claim, a legal claim to property in the real world. That's the miss that's the final stage of bringing the world's transactions and exchanges on chain. Um so building a missing link I'm going to talk about this in a bit. Uh this is Aztec. Basically you need a private blockchain. You need a blockchain with private information that's powered by zero knowledge proofs that abstracts us all away from the developer and the user. So as a developer I can write a smart contract on Aztec using noir our programming language but it's just a regular rustl like programming language. I don't need to know ZK or Moon Math or anything like that. I just need to be a web3 engineer and I can build and deploy into Aztec. Um, and you know using our technology the networks users they're generating these transactions using zero knowledge proving client side using our state-of-the-art technology but they again they don't really know this. It all just works. So the final thing I want to talk about is I want to explain identity in more detail or how we're thinking about identity on Aztec. I mean, what has digital money got to do with identity? Well, identity is all about credentials. In the same way that right now, Ethereum is the cononical source of assets on chain, our goal is for Aztec to be the cononical source of credentials. If you have to issue a token which says something about somebody, what they've done or their future intents, I think ASIC is the natural place to do that because it's all private. it's easy to query and use partnering with organizations like wormhole um you can very efficiently bridge into and out of Aztec to basically use Aztec as a privacy shield for any other blockchain platform. So how do you do identity in the traditional way? Well, traditional identity like let's say if whoever was going to go to you know the state government of Nevada and say let's do ID they would first you develop an identity standard you know it would be a very complicated document few hundred pages long very refined by multiple stakeholders uh approved by some authoritative third party like NIST and then that standard would be used for years without any kind of changes because the coordination cost for changing things is far too high. Uh to give an example, social security numbers in the US uh was made in the 1930s is woefully insecure, but it's still used
Segment 26 (130:00 - 135:00)
because it's just too damn hard to change. Um and this means that a lot of potential use cases of this digital identity aren't captured because they would need slight tweaks. changes that were not considered by the original designers. So here's how we want to do it on chain, the distributed way, the holistic way. The idea here is that well if you want to build an application on Aztec and you need privacy then and you need some kind of like identification process it's going to be very custom to your application. bespoke and so we want to create the tools and the resources to make it easy to develop. Um so you can build uh an identity system that's very specific to your needs. And in a thriving ecosystem, you'll have hundreds, you'll have thousands of entities doing this for their specific asset types, their specific user types. And what will happen eventually is twofold. One of them is that popular protocols that stand the test of time. their means of identifying people will become will might become standardized either formally or informally uh in the same way that for example ZK Starks and ZK snarks cryptography um these things don't have formal standards but they certainly have informal standards that the whole in like industry is very well aware of but then what I think is very important is this concept of holistic identity the idea being if you have thousands and thousands of different products and applications and services issuing digital credentials that are custom to their use cases. You can start to then create meta credentials, you know, you wrappers around multiple of these um of these credential types that start to say something more about somebody else, something more interesting, something more complete. And in doing so, you can get I believe very strong um understandings of somebody's identity without having some kind of grand central issuer of that identity that has a lot of control um through this kind of this distributed permissionless process. In the same way that you can build diverse applications on Ethereum which can tap into a large number of other applications that other people have built, you'll be able to do the same with identity. Um and this is a very different way of operating to the existing real world where you know uh I have a passport you know again it's like centrally issued centrally specified um any problems with that specification from you know 2000 or whatever well you just have to live with them. This is much more flexible. Um, and it plays to the strengths of blockchain. strength of decentralization. And so next year when ASX live, anyone will be able to issue a credential in the same way that back in the day anyone could make a digital asset. And I think this is going to be revolutionary. Um, ah yes, I've I preempted I front run my own slide. Um, so for example, let's think about identity. I want to bootstrap it. Um, in countries like the UK, probably the US, where you don't have strong unified ID standards, how do people do it? Well, you do things like, oh, you know, you might need to provide uh a couple of utility bills to do proof of address. Well, there's no reason why you can't take those PDFs, put them in a ZK proof, um do some basic languid, yeah, okay, this is a utility bill from a known provider and it's got my name, it's got my address, and you can basically just create a ZK proof of that proof of address without disclosing information. Um, which is great. It means you don't need to do and it's like create things from scratch. We're just bringing the existing process into the onto the world in the world and bringing them on chain. Um but this is like a massive coordinated effort that will need to be engaged with by hundreds thousands of people because each identity system is very bespoke and very unique. Okay. So I've been talking a lot about identity making blockchain real making it useful but there's something much deeper at play here which is that blockchain right now is suffering in my opinion a spiritual death of sorts. uh and you and we can analyze this by looking at the mythologies of blockchain from the past and the present and the stories we tell ourselves about how blockchain will evolve. You know the old tenants of blockchain the old cannon was all about um uh censorship resistance decentralized governance coordination radical privacy. It was a technology of protest. You know you go back to 2008 2010 uh and like you know people today like to talk about being anarchists or cipher punks or whatever blah blah. Back in the day, they were building things like Silk Road and using Bitcoin to settle like extremely illegal payments. I mean, regardless of the gall the gality of that, they actually practiced what they preached. Um, it was very hardcore, perhaps not very scalable, but it was hardcore. And the whole point about blockchain was that it was a combination of a financial technology and a social or technology for organizing ourselves, coordinating ourselves. Today, we've lost that social aspect. blockchain is becoming more financialized where we're entering the era of the institutionalization of
Segment 27 (135:00 - 140:00)
crypto uh where you know you have things like the London Stock Exchange Group you have Ethereum ETFs um and uh more and more enterprise coming in and participating on blockchain which is a good thing but also a bad thing because it slightly degrades in my opinion the the value proposition of blockchain. Blockchain was always supposed to be a technology where we could create new institutions that could contest existing financial elites using the efficiencies of blockchain of trustless composability. And nowadays what we're actually seeing is more of a drive to see how blockchain can serve those existing institutions and not disrupt them. And I think that's a that's a difficult change because the end state of this is that if things like um if it becomes fully institutionalized if for example all the transactions and exchanges move to networks like Tempo then all blockchain has become is a slightly more efficient settlements layer than Visa which is not why we're all here. We're here for something more than that. And so I believe that the missing link is privacy. Once you add privacy into blockchain's mythology again, you can start to build meaningful technologies, products, institutions that get back to the core of what blockchain is supposed to be. I think Aztec is a living testament to this. We're launching, we've already launched really, we've done our mission. We're producing blocks on Ethereum and we're launching fully decentralized right now. Aztec like the institution has no control over the governance of our network and it's fully unkillable like Ethereum. you know you can start to actually create DeFi compatible real world assets. You don't have to rely on the traditional titans to like to syndicate stuff on chain and do this complicated financialization. Random people can do it. You can do it on Aztec. And this is what we want to see. We want to see distributed ledgers, permissionless ledgers become the global payment infrastructure layer, the global layer for settlements and exchanges across all assets in the world. So privacy I think is the missing link. I've been talking about this a lot front running my own slides again and I think it's the core value required for blockchain spiritual revival. We're seeing this with Ethereum and the and Vitalic pushing privacy hard you like and the Kohaku uh team integrating privacy into Ethereum. They understand it's a core value and it's being used to build the future of web3 today not in the part like it's not a future thing. You can use ZK today. You can build an Aztec today. You can use Noir today. Um uh and you know um so this is uh something which recently happened was a bridge from Solia from base to our devet. Again this thesis that we can use Aztec as a privacy shield for every other blockchain layer and that it's very val it's very positive sum. Aztec is um in development since 2009. We're like technically like fully launching early next year with transactions, but we already have block production on chain today. Um, and yeah, we're gonna make Ethereum Cipher Pug again. You know, I think uh like not just we Aztec, but us, the whole community is pulling in this direction that this privacy tech will be used to develop systems and protocols that increase human autonomy and agency that make us the custodians of our own data again instead of just being these commodities that are farmed for our information on chain. Um so something which uh I also need to add before I finish. Um so yeah as I said ASC is live today on mainet. It has been the culmination of seven years effort been doing this for seven years. Um and as you may have noticed uh online we are currently doing a token sale. Uh it the public sale starts on December the 2nd. Um and I must fulfill my responsibilities uh as a as director and executive to uh to say that. But um yes, I think the future's bright. Uh you know, we're going to revive the core values of what blockchain what made blockchain great. Thank you very much. Thank you for listening. — Thank you so much, Zach. — I think the key takeaway that we have is that privacy is not a nice to have feature but a core for the future digital identity. Thank you so much. Um are there any questions in the audience? Yes, over there please. — Um, I thought it was really interesting when you talked about the sort of mythb building aspects. Uh, I guess what do you feel like were the core engines of the early stage myth building that you admired versus some of the engines that are maybe missing now to sort of build better myths in our contemporary time?
Segment 28 (140:00 - 145:00)
That's a great question. So what engines were active in the early days of blockchain to build myths compared to and what's missing today? I think a lot of it is basically um cynicism and jadedness. If you think about what happened like the early cipher punks, people like David Charm, how Finny, they were like very ideologically driven, you know, they're talking about literally they wanted to contest the right of the nation states to issue fiat currency. Um and they succeeded in that regard. Uh, you know, if you went back to 2007 and you asked the American government, "Hello, could I mint my own currency? " They'd tell you to get lost. Um, uh, sometimes it's better to ask forgiveness than permission. Um, but what honestly happened was a legacy of failure to I think one of the problems of blockchain is when sometimes we're not the most self-aware community. Um, and I think for example, the the scene was set with the Dow hack. you know the DAO was a very ambitious project to do decentralization decentralized investment funds and it broke uh it broke pretty spectacularly um and I think that the ultimately the problem is the technical base layer that everyone's building on top of is a little bit too weak to realize the grand ambitions so the original cipher punks yes they could build technology that could handle that could do money but turns out governance is a lot harder human beings are a lot harder to coordinate I think for example things like if you make a Dow today you can't easily like do a private payroll and you can't pay your contributors privately. Like what the hell? Um if you're doing a vote on chain, you can't have private voting. So it's open to brigading and manipulation. Um the governance modes of a DAO on chain are putoaucracy or oligarchy as in putoaucracy tokens vote. You can buy tokens. Oligarchy, it's a multisc. These are terrible governance models. You know this like who here wants to like institute plutoaucracy in their own country or oligarchy? um you need to like onchain institutions need to know who their stakeholders are. They need an understanding of who the people are that are contributing to that DAO and that requires privacy tech. It's not the full solution but it's an ingredient that's required to make it succeed. And so what we need to revive that engine is we need more success. We need we need to build products and systems that actually fulfill that original like thesis of blockchain as a social technology to create that spiritual revival. Thank you so much. Next question over there, the gentleman. — Yeah, thank you. Amazing presentation. Um, what are the tradeoffs that you see between layer 2 or layer 1 privacy versus protocol level privacy that Kohako is building, right? And where do you think we will see more adoption first and maybe cascading after later because you know you have similar solution EDK connect before Aztec connect. — So curious on your thoughts. — So what's the difference between like the privacy of like something like Kohaku and or a more like network level like a like Aztec. I'd slightly turn that around. I would say that Aztec is the protocol level privacy and Kohaku is application level because it's something you layer on top of your application. Um, but it's not going to be something mandated by the protocol to be used. And I think, um, what's really needed for this to really take off is you need private composability. As in, I need to be able to write a smart contract that has private data and that my smart contract can call another smart contract that operates on private data that somebody else wrote and then that thing can call another smart contract and it all just works out of the box. And at application level privacy, you can't have that. not easily because every app has their own custom tool chain to create that privacy to make the zero knowledge proofs to reason about private states um which creates this explos uh complexity explosion if you're trying to coordinate multiple privacy solutions that are all coreated at the app level. It needs to be brought into the protocol in my opinion. It needs you the protocol needs to have an understanding of private state so that the actual core node software can handle like all the requests and queries to manage private states where you can easily call private contracts to call private contracts. Um uh it's basically just makes the developer experience a lot more uh effective and efficient. Um and I think that's required for privacy tech to scale. — Thank you. Yeah, afraid I think I've got to run. But um in case you have more questions, I think Zack from Attack, they have a booth out there, so he's around. And um yeah, thank you so much. — Thank you so much everyone. — Like short minutes, five minutes break and then the next speaker will come.
Segment 29 (145:00 - 150:00)
Nice to meet you. — Your name? — Rodrigo. — Yes. Should we start now? Okay. Our next talk topic will be Guerilla interoperability by Andreas and he will talks about apps using um build on the Ethereum and thus reducing the centralization of the internet. Welcome on stage Andreas. Hello. So, thanks for coming to the talk. I think I'll be quite uh quite direct with my presentation. I'll go straight to the point. So, the title of the talk today is Gerella interoperability. I'll explain very quickly what it is. Just uh quick introduction. I'm Andreas. I'm one of the co-founders of Fiverr. We're the ones behind DDOX. D sheets. uh we're alternatives to the Google workspace and we're providing end to end encrypted and decentralized alternatives. So let me get to the talk. The premise of my talk is really that a good majority of the internet is now filled with hostile architecture. We're building uh of course none of — definitely. Um how's the energy are here? All good. How was Ravi last night? Did you recover? Well, great. I think the guys are still setting up
Segment 30 (150:00 - 155:00)
but uh Mike can already announce them. The next talk will be about 0x address parity and they will talk about how to make private addresses as good as public addresses. And the presentation will be presented by contributors of rail gun. Guys, the stage is yours. — Yay. Can you guys hear me? We're good. Audible. Sick. Um, so we are contributors to the Rail Gun Privacy Project. Uh, I got a couple of us up here. Uh, we're going to try to not get too in the technical weeds, but but, uh, we'll try to share a little bit about what it is that Rail Gun is, uh, and how it works and show off some cool new tech we've been working on for several years. Um, so, uh, I'm Allan. Uh, and then we have Kai. Zion. Um, I'm basically, uh, Tweedle Dumb. And these are our two tweedled D's who are highly technical. And um to tell you a little bit about rail gun, it uh got started back in 21. Uh it's a privacy mechanism for DeFi. And what it allows you to do is have a private address as you can interact with DeFi without doxing yourself. So if you want to take and send people tokens, receive tokens, do swaps or uh lending or farming or provide LP and not dox yourself, you're able to do that. And I think that that's a really cool uh functionality. And I think that one of the um one of the key things about rail gun that makes it really unique in the privacy space is the architecture of uh the contracts. And I think that I want to let Kai maybe talk a little bit about that if uh you wouldn't mind. — Sure. Um, so the um really cool thing about rail gun is um it's a full private address system, right? Um and what that entails is um there's not like you know in the past maybe the uh approach has been like all right well you kind of have some note here you save some um some private value right uh and then like you go and redeem it later. What roll gun allows you to do is, you know, have a uh private balance uh private address um you know like a private history um that you can go and view uh with your private key uh send and receive, right? And um while like uh in the past like it might have been good enough to just have this uh this private um note that you maybe like save in your like notes app somewhere or whatever. Um there is a full uh private key within real gun. That means you can do uh cool stuff that um probably about to be uh demoed here um that you could do with like uh regular signatures. — Yeah, I think that's kind of a key point and effectively um having this sort of like key separation and zero knowledge separation. What it allows you to do um is um I guess it allows a lot of flexibility for signing, right? So you can do uh well, we're going to show it off here. You can do uh hardware support. So you can have a message signed on a piece of hardware and then perhaps on a more performant say laptop or something like this do all the ZK stuff, right? — Yeah. So um there's kind of like this separation uh in the real gun design. Um so the actual step which um is like the authentication right so signing the transaction uh happens separately to uh the step which uh enables uh privacy preserving aspects right um so you can sign a transaction um in a hardware wallet and then take those outputs um and go prove them uh where you have more compute um like on a laptop or like mobile or whatever other um client device. — Yeah. And so I guess Zion, you know, we've been doing a lot of this research for uh quite some time and uh more intensely in the last couple of months than years. Um I guess tell us a little bit about um the way that um we've been using this flexibility to sort of like unlock hardware wallet support and multi support for private addresses. — All right. So it all really started with a multi-yix support and uh once we had brought that process along of understanding how we would ask the uh external signers to interact with the wallet and then bring the signature to the prover. Uh it was more of just like a fall-in line method with the hardware support. It basically worked upon the same aspects. we're doing the signing somewhere else and just sending it back to the wallet that desires the signature.
Segment 31 (155:00 - 160:00)
— Um — yeah, and I think that that's really um it's really cool. Uh I kind of want to drive it home a little bit though, but like priv privacy is a sort of big deal uh in the land of finance, right? I think one of the really cool features of this is what it allows you to do is have a multisig where you're not doxing the signers or the balances. uh which is a really big issue in crypto. Um if you're a known signer on a on a multisig, this is a pretty dubious thing for it to be known of you. Um and so it's sort of a very interesting unlock in the space. — Um I guess do you have any final thoughts before we take a look at it? — No, let's uh let's get to the multi-IG part or this is the multi-party computation of your shares. So this is the uh application that we are uh producing for handling and managing your signing events. Um this login here is just a authentication system to access your underlying private database of shares within the local storage. Uh so it's not related to your underlying shares at all and it's not doing any signing under the hood to produce any of these signatures. Um so in this process it's a coordinated coord coordinatorless uh DKG system. Uh DKG is — distributed key generation. Um so one party creates the session uh gets the encryption keys and then passes it off to the desired parties who are going to be participating and owning a share of this wallet. So the creator decides how many people he wants in this wallet and what the threshold will be and then the participants join in and receive that. And then once everyone finishes the join process, the coordinator reaches back out to everyone and says, "Hey, here's your ID in the sequence. Let's move forward. Let's start creating our shares. " And uh we'll get to see that here in a moment. And it's quite fast actually. — So I guess uh while we're taking a look at this, maybe Kai, you can tell us a little bit um about the Schnore uh based signatures that we're using here. Frost. — Yeah. So um in Real Gun um there's two private keys that get uh derived. Uh one of them is a viewing key which allows you to um to decrypt uh your private balance. Uh the other one is a spending key. Uh the spending key is um using EDDDSA signatures over uh baby job job. So um really cool thing that you can uh do with that is because it's a fairly standard fairly well-known signature algorithm um you can do things like uh the frost or uh musig um like bitcoin one or any sort of like schnor like signature scheme. Um over here it's a uh implementation of frost that's being demoed. Um but any of those should work. — Yeah. So, uh, what we see here are the secret keys that will be passed into the rail gun wallet. Um, the sharable viewing key. Most of you, if you're already a rail gun user, you would know that you can pass this off to some external firm or accounting software system to actually read your private uh, transactions and then not be able to sign with them, but just do accounting for you. So, the viewing key has nothing uh, no part of spending. Um the personal multi-yc key is an adaptation of that ease of use just one entry like load of your new wallet. Uh this key has the symmetric key and the ID encoded in it and along with your private ID. So the last uh value there is your ID. So it's 01 and 02. These are the signers of this multi-IG. Um and uh we'll move on to actually demonstrating using these here. So here we've already loaded up the wallet to save time. It takes roughly about five minutes to load a fresh rail gun wallet. Um, we're signing into this the share signer. Is this
Segment 32 (160:00 - 165:00)
So, now we're attempting to connect the ledger. Um, it's a lot of handwaving here and magical stuff in the background, but what it's doing is getting your uh sharable public key from doing some EDDDSA uh signature stuff in the background and then producing your viewable public key that can be used in the rail gun wallet. Um, so what we're going to do here is from the ledger, we're going to send the new multi-IG wallet that we just created uh a little bit of funds. The receiving wallet So I guess — I'm curious like what you think of like you know so the name of this talk right is like uh public address parody right and the whole point of this is a lot of like uh privacy systems don't have uh robust functionality and so what this leads to is um a sort of problem for people wanting to leave funds private for an extended period of time or be able to deploy funds from a private address uh however they might see fit in DeFi And I guess I'm wondering like in terms of like unlocks, well, how would you say like this is for um you know for like usage of rail gun? — I see it as a huge unlock um because it allows multiple people to take ownership over a single account. um that brings to the table a lot of different styles of usage uh funds um Dows — of a ZK address right um and so with the hardware wallets uh support and — uh not only a um I guess a software signer but then also having a piece of uh hardware alongside of that because I believe that's sort of like the status quo of like transacting in DeFi today. Uh which this sort of enables, right? — Yeah. Uh that and uh also just being able to shard out a single private key that you already know. You can then have backups anywhere in the world. Like you could take a sing single private key, make it a one of five shard, and then store these out in separate places. Then if you lose your pneummonic or any of your private keys, you have access to that wallet completely with just one of those shares. So it's forward future holding of your assets. — Yeah. And so I guess with rail gun there's a lot of really great onchain privacy associated with the mechanism, right? Uh but whenever you have something like multi-IG, uh you effectively have to take and like communicate and coordinate the signature of this. Uh I'm wondering if there's any sort of like consideration for like privacy for like sort of like passing these messages around to each other and coordinating and setting these keys up. — Yeah. So uh it's a fully private messaging system in the traditional way that multi-IGs are operated. Um no uh no shadows on safe over there but uh that signing process is on chain or in a public ledger that other signers can see and know what's happening. This whole process happens behind uh like a an encrypted session channel uh using Logos messaging. Um and with that the parties are able to interact with asynchronously in the moment. Um one due to the fact that rail gun transactions are they happen live and when you're using a broadcaster there's a uh window of time that this transaction is actually valid. So the waiting aspect is not really uh rail gun give me a word here uh it doesn't really work well with rail gun but it does uh so what we've done is have this asynchronous encrypted communication between all parties allow us to do this and nobody's the wiser. The only people that know who's signing the messages are the actually are actually the participants that are partaking in the signature itself. — Yeah. Which is sick. Um we're super excited about this stuff. Um so what do we have here? So here we are actually
Segment 33 (165:00 - 170:00)
loading up the multi-IG wallet that we just funded with the hardware wallet and uh we're going to use the two signers uh to send a transaction back to the hardware wallet. So this works on your mobile device. It doesn't it's actually relatively fast. Um this changes the way that we could think about rail gun wallets. So your the signing process can happen on a trusted uh local device and the proving can happen in a more uh in a higher grade computer that you own or it can be passed outward to be proved. Sorry, I'm uh running out of smart things to say here. So now we're waiting for me to uh do the approval on my phone. Um that video didn't actually save properly. So uh we'll just wait here and watch it all happen. So I guess while we're checking this out, I'm very curious um like where I guess this is a really sick proof of concept and there's definitely a lot of uh potential here. I'm curious, Kai, what are your thoughts on like moving this forward into like a full-on production uh style um architecture that people will see in the SDKs. — Yeah. So um there is a um an effort at the moment uh called uh reloaded uh which sort of takes um uh takes a lot of the uh sort of monolithic uh design of uh the current community SDKs um and makes it a lot more uh like pick and choosable um sort of Lego composable um and what this allows is also um with things like this uh to swap out like just a traditional uh same device uh software signer uh with um you know alternative uh signing backends, right? So uh like the multisig or the um hardware wallet um and you know uh you could also take this and sort of like port this out to um other hardware wallets too and maybe even like uh if you're really paranoid about your security combine a couple of different hardware wallets, right? Don't like rely on just uh a ledger. Do it with like a ledger um and whatever else. — Yeah. Get your ledger treasure keystone signing setup — ready. — Go old school here. Not your keys, not your coins. — Yeah, totally. Well, we appreciate you guys coming to listen to us talk. Uh this is a lot of fun to work on. Um this sort of work is um I don't know, three years in the making. Uh figuring out multisig for uh private uh mechanisms in DeFi was a big pain in the butt. But um there it is. It works. And if you want to hear more about it, uh you can come and check us out in the privacy section over there. We're all hanging out and coding stuff. — Thank you. — You hear me? Thank you so much, guys. Awesome presentation, live demo. Any questions from the audience? We have time. Heat.
Segment 34 (170:00 - 175:00)
Heat. Heat.
Segment 35 (175:00 - 180:00)
Hello guys, you're still with me. Um, Friday evening. I think we have the last talk for today. But last but not least, hello. Can you hear me? um we have the last pres the next presentation of Petra and he will talk about the state of the art of a prediction market. Petra is from the company Preco. The stage is yours and we have 20 minutes time and after this you have we have five minutes Q&A. Um yeah so take notes so they have questions. Petra the stage is yours. Thank you. Thank you for coming. Well, we did a little change. Uh we were going to talk about privacy, but we switched to go a little bit more h zooming out on why we are doing prediction markets today. So, we're doing the state-of-the-art of prediction markets. Until now, decision making has been done with narrative vibes and biases. But we want to do something different and break markets enabled us to do that with skin the game and rewarding truth. This we consider is very important for society because we want to overcome the post trust area and enable truth seeking behaviors. We think that will enable a lot of better decision making and improve our quality of life. And one of the big questions is what's the difference between prediction markets and gambling? And I know this is a fair question so we will address it. Basically is because prediction markets are part of info finance. And the main difference is that it has it can be learned. People can learn, study, get better at predicting the future. And it's not just random things. And the second part is that it generates positive externalities. What we mean by that? People not only trade and buy and sell options about the future for fun, but it creates very accurate predictions about the future. And that's the whole reason why we are creating prediction markets. Well, oops. We're going to look into the good, the bad, and the ugly from prediction markets. So, it's a little bit of an fun introduction. The goal is that anyone can publish a signal. This means that it's open for anyone to participate and also h it enables transparent consensus. H it uh enables collective truth seeking mechanism. So basically as I was saying it's part of infopi but it's also part of infoi info defense that is a important feature within the act basically it enables people and groups to avoid group think that is everybody like thinking the same thing and also it helps h to diminish biases. The bad is that right now we have to solve resolution systems. We have to improve a lot how we resolve the markets and there is a lot of research going on here. But still we have a long way to go because if you don't have a good way to resolve you start not rewarding good predictors and people looking for truth and the system is not rewarding what you want to reward. And also the second part that is bad is that institutions are fearing and control truth. And it's something that we should change culturally for institutions to start embracing truth and embracing tools that showcase truth openly. And the ugly part is that as we know prediction markets are very fun for some people but also they drive a lot of dopamine. So designing these systems in way that are not making people draw on dopamine and make them focus on long-term decision making, long-term erh
Segment 36 (180:00 - 185:00)
research and focus to get better decisions. And the other part that is not so good is when we only focus on trading. It's a very important part of the process but it's not the only part. We have to also focus on good forecasting on accurate results. H that is basically why we're here to create good forecasting outcomes. Okay, these are the problems that we saw and there are some non-intuitive design choices that we can make to improve some of these issues. The number one is early glossing to avoid obvious markets. Basically obvious markets is when you have 99% of an outcome that is it's obvious already like there is no nothing that you're predicting. So a way to avoid this is to close the markets early. For example, in a soccer game or a football game, h you don't want to close it at the end of the game because it's already obvious who is going to win. You want to close it beforehand. And this is important so people can h so people can earn from predicting well and it's not just earning for being fast at reacting to reality. Then another one is that resolution systems and oracles h and we have two parts from this design space. One is the problem that is that when oracles is the only option and basically we have a very interesting use case which is that they were betting on Selinsk's using a suit or not in a conference he were something that looked like a suit but because the resolution system was only based on game theory and it was the only place to solve it there was a lot of problems, a lot of come and go. And basically the solution is to have a two-stage system. Something that we implemented at PRCO is having reality as a first stage that is similar to the system that resolved this thing for from the Siliski suitcase but suitgate but we also have a second part that if people are not happy with that resolution, they can use Clearos as a dispute resolution. And the second case for resolution systems and oracles is that oracles deploy the layer resolution. This happens when the oracles want to take advantage of the market. A market is already like the reality already happened. Everybody knows what happens. It's already an obvious market. It goes to 99. 9% and then the oracles start delaying the the resolution. So nobody can cash out. And the problem with this is that people start selling at a discount. let's say 98 97 cents and then the Oracle people h basically whales can take advantage and get those shares at a discount and then solve the market and profit that 3% 2% over a couple days which is huge and the way to solve this is to stop trading markets after they close. So once it closed nobody can sell nobody can lose and so there is no incentive to delaying Another of these h these design choices is to use multi outcome uh pools to avoid arbitrage. Basically nowadays when you see many outcomes in a prediction market each one is a pool and something that we are doing different is we have one pool for all the outcomes. When you have different pools as in traditional prediction markets, when you buy one of the pools, there are bots that arbitrage all the other options and that's profit that the trader or the predictor is losing. This happens in the binary prediction markets. But with multi outcome markets, basically you have one pool with all the options. So if you want one, if you buy one, all the pred predictions, all the probabilities of the other markets of the other outcomes decrease and this is basically very efficient because there is no arbitrage opportunity in between. Then another one h that we think is very important is how we align incentives through market profit. At the end of the market when it closes basically you have the whole uh pool of liquidity. First you pay to the people who predicted the right second you pay to LPS and third you pay to the people creating the question and then to the people who and to the protocol. So in this way everybody participates from the same profit pool and everybody's aligned to create good outcomes together. It's not like different part of the system having different incentives. And the last one is the one that I'm
Segment 37 (185:00 - 190:00)
most excited about that is the centralizing editorial power. Basically we have like this meme of like web one you can read in web two you can write and in web three usually we say you can own but I feel something that we're missing all the time that is super important is that you can own and deploy. We have seen this with ICOs and with NFTs and now with TGES basically you can deploy a smart contracts you and in this case you can deploy markets which is insane like you can now deploy a microeconomy about the question and reward people for being right and that's something that we're quite excited and that's why we have created a launch pad. Okay, this and we are trying to do these transitions for content creators to market creators. We think that people can create their own market and they can put like very good h information out there from this process. That's why we say a lot of the traditional or incumbent prediction markets are more like New York Times or were more like Reddit or for Argentinian Taringa that is basically this grassroot and more community oriented way of creating information creating content and well let's basically the closing idea is that preox northstar why we're doing this is because we want to reward signal accuracy and coordinate And if you're excited about these things, I invite you to follow us, join our journey. And yes, and ask questions now if someone wants to ask something. Thank you. No, — I can moderate myself. Can you hear me? Okay. Sorry. It works. Um, yeah. Thank you so much, Peter, for your presentation. Um, time for questions. Don't be shy. No question. But did you pay attention or did you listen? — Oh, Jose, do you have question? No. I know some people from the audience. Yes. The gentleman down there has a question. Um, can you please pass him the mic? It's coming. We can't hear you. — I know. — Oh, do you want to use mine — now? Right. Yeah, — now it works. — Um, any airdrop for Zillinski voters who got wrecked? Erh, I'm I don't have anything to do with that protocol and yeah, we're not doing an order drop anytime soon. We could create a prediction market if they will do that on pre-cool. Another question unrelated. Um I have been thinking about high frequency prediction markets like for example as the game is going uh agents could actually change their estimation of a probability of the outcome throughout the game like every second basically which humans cannot do but agents could. Uh is that something we should be trying to like innovate at already or is it kind of too early yet? So innovating what? Sorry. — Like creating high frequency prediction markets basically. — Not the bots but the markets themselves. I think — both. — Okay. Because it's quite different. I feel that the for the break markets the shorter you make them is the part that I was referring to that it leads to dopamine. If it's just for ancients maybe yes but many times that people are trying to do very short prediction markets and it's just for gambling basically. It's just for fun and it's not trying to predict anything because you cannot gather enough information for most of these things. It's like it price or bitcoin price. If you're doing like a 5, 15, 30 minute uh window, there is not enough like if you could do that, you probably wouldn't do
Segment 38 (190:00 - 195:00)
it on break markets. You would like just buy the underlying asset you're predicting, right? — But if it's like a football game, — if it's a football game, that's yeah, we shock internally that those are description markets because they are just reacting to reality and they are not predicting anything. So it's I feel there is a use case for that, but it's not what we are trying to do. do is build something that you can predict and you can reward people who predict well very well to make decisions. So — do you think that the role of agents will uh eventually flip the role of human predictors? — I think that yeah trading in general is very hard for most people against a very fine-tuned mechanism. It doesn't even have to be. It's like me on blockchain. Yeah. — Does is your Does it answer your question? — Yes. — Or you can talk more later on. I think Okay. Thank you. — Um I think the lady you have a question. — Yes. She's next. — Where? — Hi. I have a meditation center in China. We have nearly more than 80,000 members offline and this year we have a plan. We wanted to uh we wanted to yes create our brand overseeing I want to know whether or not it is has possibilities to create our own brand on this platform to support us to do this part. — Yeah, we have great question. Thank you. We have branded markets for communities and for protocols. So if you have your own token h we're not like we're not enabling meme coins or very fluctuating tokens but we yeah we are interested in some protocols tokens to predict their own communities yeah information KPIs and different things. — So it need KYC or not? — Sorry — I don't — KYC KYC. — Ah, KYC. No, we're not doing KYC right now, but we're mostly like handh calling people. We're like on boarding people one by one. — Can I connect you more later? — Yes. — The gentleman behind there has a question. — Hello. Um I am seeing that prediction markets and especially preop can be a good building block for what coming next in the future in the same way that you are using claros as a building block. Uh so one very interesting use case for prediction markets will be the creation of a foot or um bas which basically is a mechanism in which um the governance um is bettered first like who is going to be the best uh governor from now on. Um the one that uh is predicted to be the best it's the one that is going to govern. uh but I am very worried about how it can be manipulated like if you want if you have a big back uh you can predict that you are going to be the best governor um how do you see that it can be prevented to be this manipulation on a prediction market — yeah thank you yeah I think that's a great questions we have all asked that question at some point and first yeah I'm very excited about future I feel that we should bring futur to the EVM. I feel that on we don't have many future gear projects and I'm excited to have more of that and regarding that the qu the specific questions I feel that it depends a lot on the volume of the market if you have enough volume and someone tries to manipulate it that's profit for another part as long as you have good resolution at the end and that's why we focus so much on having good resolution systems like you are sharing with clos and reality is because if you can resolve something well and you are like is not going to be manipulated. H the incentive is always to bet on what's going to be true and not bet on to try to manipulate it because on the other side if there is enough liquidity they will eat your your bet and you will just like lose all your money. — Yeah. Also otherwise uh politics is always um putting money in your political campaign. So it will be a very similar system at the end, right? If even if uh it was this way. So thank you for your question. Thank you.
Segment 39 (195:00 - 200:00)
— Any other question? The gentleman over there has a question. Now the questions are flying in. — Hello. — Nice talk. Uh — thank you. — In your um presentation about some non-intritive design choices, you were talking about closing some markets early when they are trading at 99 cents for example. But there is poly that there are two different types of markets which are trading at 99 cents. There are some 99% probability because of the time value of money and for those markets it makes sense to close them early. But there are also some markets which are trading at 99 cents just because there's actually a real 1% probability that the opposite of the events happen. For example, I'm thinking about earthquake markets which uh were some markets on poly market which uh were trading at a very low value — and then the earthquake happened at the end of the month. So could you explain more what types of markets you will decide to close only — and uh how will you know if the market is trading on 99 cents because of the time value of money or because of the 1% real probability that the opposite of the event happened. Thanks. — Thank you. Yes. H basically when you design the market you decide that it's not that you wait until it's 99 and you close it. more when you're designing the market and that's why we are on boarding people to create their markets and handholding them because it's there is a lot of a steep learning curve at the beginning on a lot of these non-intuitive things and one of them is when you decide to the closing and opening dates you need to take this into account at that moment it's going to be obvious market or not at some point and some most of the time h you know in certain dates it's going to be obvious so you close it before — so it would be uh it would be something that u that is included in the rules for example like the rules would say if it is obvious for whatever reasons the market would be closed — sorry what — um only because of something that is included in the rules to say it's obvious for that reason it wouldn't apply for all markets, right? — Exactly. It's not for all markets. There are specific markets there. There are like two types of obvious markets. Ones that are collapsible that is like for example you have many dates and it's like okay if it's hits before it's going to become obvious and it's just part of the game. You cannot do anything. But there are some that if you close it like an election, soccer, like many like sports in general, many things that you can close it right before the event starts and you avoid that problem. And it's also a tough decision because probably is where you get most of the trading volume, but also you have two positive outcomes. One is that you don't incentivize a lot of dopamine like last minute dopamine betting. And on the other side is that you are really rewarding good forecasters. You are not rewarding someone who acts fast because they betted because they have like some bot or something. But it's like okay you studied you research it and you get that profit h because you are good at forecasting the future and not just because you're fast. — Thanks. Thank you. — Thank you so much. I think time is up. No more questions. I mean, Petra is still around at the booth, so you can reach out to him. Thank you so much for the presentation. Thank you. — I think that's a wrap. We are done with all the talks for today. Um yeah, it was lovely being your MC for the stage this afternoon and yeah, enjoy your time. Thank you. Bye.
Segment 40 (200:00 - 201:00)
Heat. Hey, Heat. Heat. Heat. N.
Другие видео автора — Ethereum Foundation
Ctrl+V