Hey everyone welcome Are we having fun at Devcore? This is so so amazing

One of the things I love about this space, is that I just keep learning every single day I learn something new about Bitcoin, and at least once a week my mind is blown So I had that experience again today, listening some of these presentations I wanted to talk about security today, and if you listen to the trolls on Reddit, I don't know anything about security So I decided instead I'll talk about parenting

because I don't have any kids So you know, if I'm gonna talk about things I don't know, I might as well start there, right? You know, parenting has changed a lot When I grew up things were very different Now in the last couple of decades parenting is completely different My sister's just had a baby, and I'm watching her as a parent

I am like a proxy parents as an uncle It's really strange, I'm watching these parents, and you know, when I was growing up, Purell didn't exist It's a miracle we actually made it right? Like we survived Because apparently there's bacteria everywhere And today's parenting involves gallon jugs of Purell

Right? I you watch these parents like their kid touches a bit of dirt, and they give them a Purell shower right there, just to make sure Not the experience I had Right? I grew up in the 70s We used to play in the garden Roll around in the mud

We'd make mud cakes Would our parents freak out? No We'd eat the mud cakes would our parents freak out? No Mostly because they weren't around

They were like, get out of the house, come back when the sun goes down And so you have to wonder, how did we survive without Purell? And recently if you if you read some of the studies, you hear about this really interesting phenomenon The rates of asthma and allergy are through the roof Turns out if you raise a child in a sterile environment, they don't develop an immune system Whoops

And so now there's this new round of parenting that is recognizing this fact And we're going back to our roots So now we realize that eating mud cakes in the garden is how you build a robust immune system Right? You don't get allergies, you don't get asthma And you know, you can take this to the extreme

For example in the third world, children don't have extreme allergic reactions to common medications that we have Why? Because they have even more robust immune systems by being exposed to pathogens all of the time From the moment they're born Before they're born And then in the other extreme, you have this concept of raising a child in a bubble

Bubble boy right? You remember that story? Bubble boy It's a tragic story because it's true About a child without an immune system, and there are these strange cases of medical tragedies, where either children are born with compromised immunity, or they lose their immunity through some kind of problem and then they live in a bubble

and you have to be wondering, what the hell is this guy talking about right now? I thought this was going to be a talk about security in Bitcoin? And here we are, we're talking about bubble boys and eating mud cakes There's a point to this, hang on, hang on So the reason I'm talking about this, is because this has some really important implications in security You see, if you create a system that is isolated from external influences, then it's not that it doesn't have bugs, it's just that you don't know about the bugs that the system has And if you create a system that is exposed to external attacks all of the time, it's not that it has a lot of bugs

It's just that you know about the bugs that it has, because you keep finding them And in the process you fix them And in the process the system gets stronger So this all comes out of a discussion I want to have about an interesting phenomenon, we have now, which is this concept of Permissioned Ledgers, and isolated blockchains Because in my mind an isolated blockchain is bubble boy

Right? It's building a system completely isolated from the world, with the hopes that that's going to make it safer Because banks are like a paranoid helicopter parent they want to shower their kid in Purell, because it touched a booger And guess what these Ledgers are gonna get They're gonna get asthma and severe allergies The worst case is that eventually, the bubble bursts

At some point, you get exposed to the outside world And then you have a scenario where a system that's been isolated for so long, has developed no immunity whatsoever It gets exposed to some horrific deadly thing, like a pollen particle And dies a horrible death because it has such low immunity, that it reacts horribly to something that a properly stimulated, properly raised organism can resist with ease Now this isn't the first time we've had this discussion

In fact, ironically on the internet, this realization that security by isolation, and security by obscurity, and security by control, and perimeter, and security by trying to tamp down security research, fails, and fails miserably When I was first on the Internet in the early nineties, I was talking to banks, and telling them why they should get email servers, and connect to this email thing and they said many of the same things that I hear in Bitcoin today, which is, well, we don't know anyone who uses email None of the other banks use email So who am I going to send email to first place? Secondly, that out there uncontrolled thing might be dangerous

Thirdly, our bankers might say something in email, and how do we add a long disclosure form at the bottom And what happens if any of our people can communicate with anyone at any moment in time? That's a recipe for chaos, anarchy Of course they were right They just didn't think of chaos and anarchy is a good thing Many of us in this space probably do

So, what did the banks do with their first attempt to join the Internet? What did large corporations do with their first attempt to join the Internet? Did they connect tcp/ip systems directly to the Internet? And build robust applications that could communicate over tcp/ip? No They built moats and walls, and perimeters They implemented perimeter security They built firewalls, and demilitarized zones, DMZ's, and they use all of these military analogies to wall themselves in And then what did they deploy behind these walls? Did they deploy the common open-source protocols, and capabilities, and applications of the Internet? No, they deployed highly denatured weak equivalence, like Outlook, and Front-page, and they built intranet web sites, that had stale and obsolete content, that was only accessible during working hours, through a VPN, with no influence from the outside, and they said, look we're doing internet! We're so cutting-edge

We're hip And that's how they did internet They built these highly isolated environments And for very long times, the prevailing idea was, that by building these isolated environments, they were more secure because they could control things through the firewall

Because they could control access to data, creation of data, access to systems And now we know that was an illusion Not only can companies not control these things, but in the process of building these isolated systems, they built bubble boy IT They built IT systems, that had no resilience no immunity, because outlook had bugs, and frontpage had bugs

it's just that they weren't tested on the wild internet very often, because a lot of the time, they lived behind walls and when we discovered those bugs, it was bad Right? Because eventually someone gets inside the bubble, or the thing that's inside the bubble, gets outside the bubble See, the problem with bubbles is that you can't trade through them And if you're in business, your business is to trade

So if you're a business, you do commerce, and commerce can't happen in a bubble So the very concept of a bubble is antithetical to commerce You build your firewall, what's your salesperson going to use on the road? A laptop Which they're going to take outside of the firewall for the very first time Plug it into the hotel internet

Contract 72 viruses, and then bring it back into the firewall, and give it to everyone else Bubbles didn't work On the internet it didn't work What are we seeing now? We're seeing a whole generation of companies come to the realization, that in order to be nimble, and effective, they can't be HP, EMC, Cisco, Oracle, Microsoft, havens of secluded little kingdoms, that don't talk to anything else First of all because that shit's expensive and it doesn't work

And secondly because it's incredibly vulnerable It doesn't have immunity And so now we see this generation of nimble young startups that are true internet companies Their products, their internal systems, their collaboration, all of it is out there Naked on the internet

It all happens on github for all the world to see They use Gmail and collaborate with external email systems all over the world Their internal systems are external There's no such thing as internal, in the world of the internet And they're building robust applications

because on day one those applications live in the wild And they're more secure They learn to live out there in the big scary internet And those companies are thriving And they have systems that are much more secure, and much more robust

And that was even before the era of whistleblowers and Anonymous Who came along and prick these corporate bubbles and get inside, and take all of the information, and give it out Now you're probably thinking, well if Permissioned Ledgers, and closed internets are Bubble Boy, then the wild internet and bitcoin are like a kid eating mud cakes Right? A system that has immunity

Something exposed to pathogens Well, almost That might have been the analogy I wanted to go for, but you know me, I'll go a bit further Bitcoin isn't the kid that eat mud cakes Bitcoin is a swarm of sewer rats

Gnarly things missing eyes, and claws, and tails Like those pigeons you see in Trafalgar Square, that are hoppin around, with this mutant arm stump And what do they eat? What do they eat? They eat raw sewage They eat your trash They eat the most virulent things on the planet

There is nothing in this world that has more strength in its immunity system, than a New York rat, or pigeon, or even, god forbid, a squirrel, those things are horrible And so, a rat is not going to have allergies It's not going to sneeze because of a bit of pollen This thing is already carrying three variations of the plague And it shrugs it off

that's exactly what bitcoin is Malleability? Attacks? DDoS? Out there in the open Port eight three three three, come and get me And is anybody trying? Hell yes, everyone is trying For six years, the best of the brightest, the meanest, and the most malicious are throwing everything they can at this deformed swarm of sewer rats, out there

These six thousands nodes that are listening, and God knows how many other nodes, that are exposed to the vagaries of the wild internet And it survives So what do the banks do? They're gonna build bubble boy blockchains They're going to build Permissioned Ledgers Do you think permission Ledgers suffer from transaction malleability? Hell yes they do

Do you think altcoins suffer from transaction malleability? Hell yes they do they just don't get those things fixed right? And neither will the Permissioned Ledgers And that's just one of the thousands and thousands and thousands of bugs and weaknesses, and weird exceptions and edge cases that we're going to find, while living out there in the wild And we're going to build this incredibly robust system, which is already taking shape today

I mean beyond the idea that you could have a decentralized consensus system, the idea that that decentralized consensus system could actually survive for six years, is kind of ludicrous And the only reason the banks have now gone to the point of thinking about Permissioned Ledgers, is because they finally reach the stage of bargaining the third stage in the five stages of grief, for the industry, they're about to lose They start with denial And the basis of denial is, well this thing isn't gonna work

It's gonna die any day soon and it doesn't And then they say, well it's just silly money and it doesn't have any value Until it does And nobody else is gonna play with it, except that they are

And serious investors won't possibly put money in this, except that they did And it still refuses to die So we go from denial to bargaining Somewhere in between there might be some anger There's going to be some depression

And eventually they're going to reach acceptance But it's going to take a long time Because if you look at the internet, we're now on maybe twenty five years into the Internet, in terms of really beginning to broaden its use Twenty five years in, and there are plenty of companies out there, that think that as long as they put their Oracle EMC, HP, Cisco, Microsoft shit behind a perimeter firewall, all is going to be well are still building bubble boys, and intranets on the Internet

They haven't learned that lesson after 25 years It's going to take longer in finance not only is decentralization, open protocols, open source, collaborative development, and living in the wild a feature of Bitcoin That's the whole point And if you take a Permissioned Ledger, and you say, well that's all nice

we like the database part of it Can we have it without the open decentralized, peer-to-peer, or open source, non controlled, distributed nature of it, well you just threw out the baby with the bathwater You're never going to build a bubble strong enough, to keep financial information Ironically, this is all happening at the same time that as banks have finally gone onto the internet, they're leaking They're leaking so much from every oriphice they're leaking

Anonymous, WikiLeaks, insiders, all of that stuff They don't have confidential transactions They don't have encrypted this They don't have privacy They don't have zero-knowledge

They have completely open Ledgers And what do they overlay on top of them? KYC and AML So they attache identities to everything they're doing So that when that database gets leaked, it will have a completely rich history Not only of every transaction, but of every participant in the system

that's what they're building Their building panopticon's They're building a panopticon of financial information, and it's leaking Because the truth of panopticon's is, when you build a panopticon, it stares back And when it's the internet that's staring back, that's four billion eyeballs

I'm not so worried about my financial information from my bank leaking Because maybe a couple hundred people are gonna stare back But when Angela Merkel's phone numbers and phone calls leak, whoo, everybody's staring Three days ago the internal presentations and powerpoints of the Department of Defense about their drone assassination program leaked Four billion eyes staring back

You built a panopticon? It's staring back And so the real question we should be asking about Permissioned Ledgers is: do you really want to put KYC, AML on Bubble Boy? because you go, and add all of that information, when that database leaks, four, or five, six, ten years into the future, you're going to give Anonymous and WikiLeaks historians a complete record of every transaction you ever did The secret slush budget of Lockheed Martin The black budget of your government The bribes that you paid to depose a democratically elected government, or to install an oil well in a pristine rainforest

All of that shit is going to be on WikiLeaks and all over the internet And you're going to provide the rich KYC metadata that you painstakingly attach to every transaction Meanwhile, we're going to build Bitcoin with encrypted anonymous private transactions and you'd better rethink this panopticon, you'd better rethink this bubble boy Because building resilient systems is about exposing them, exposing them to continuous attack

That's how you build resilient systems So I'm not scared of Permissioned Ledgers Denature, defang, centralized weak systems behind bubbles… Those are not going to scale, they're not going to survive, they're not going to be secure, they're not going to be providing privacy And they're going to backfire badly But the funny thing is, that lesson is going to take a long time to learn

I can see it now Sir we had all of the drone assassination things behind a firewall, but someone burst through the bubble All right, call the general Get me two bubbles, we're going to double up Bubbles within bubbles

Sir they burst through our double bubble Titanium bubbles If we pay Lockheed Martin a hundred million dollars, maybe they can build us a double titanium bubble, that we can hide all of our data behind Sir it lasted 30 seconds before Anonymous ripped it to shreds, and threw all our data on the internet Hmm I wonder if we can build more bubbles

They think, that having your data on the internet, without controlling it centrally, is weakness It isn't weakness That sewer rat out there isn't weak It's the strongest thing we can build because it's constantly under attack And wrapping it in a bubble, it doesn't make it stronger

it gradually denatures and weakens it until what's left is a pale immunosuppressed little lab rat with red eyes that dies the first time it's exposed to the flu and so that's what security is Security is a process, it's a process of openness and exposure, it's a process of continuously adapting to new attacks and in that process dynamically becoming more and more robust Less and less fragile We're introducing Bitcoin in a world full of fragile systems Central banking, centralized banking, monetary systems that can't manage to achieve liftoff in the economy

In that environment we're introducing a robust global decentralized system And it's robust today It's not perfect and it's got bugs But we don't hide those bugs, we announce them, we glorify in them, we discuss them We invite people to attack it, and we take that information and we make it stronger every single day

And that is why we win Because while they're building Bubble Boy, we're building a swarm of sewer rats, thank you So I'm happy to take questions from the audience we have quite a bit of time, so please go ahead Andre –What you're trying to communicate is that private blockchains are insecure by design

I mean, blockchains that are built within the banks Okay we can take another software that is being used, I mean, as an example, like open source projects, okay so like HTTP server, let's take NGINX or Apache It's been used by big corporations like Google, Oracle, whoever, including banks that have a lot of private information, and so what prevents the banks from taking open source grown copy of the Bitcoin code and launching it inside –Well, I'll tell you what stops them and I think here's the problem: what happens if you take Apache and you install it in a bank and you put it behind an intranet, and you use it internally? I'll tell you what happens: you fall behind on the patches You stop doing vulnerability tests

You stop exposing it to external vulnerability tests that you didn't order, that just came your way Okay so… And as you do that it gets denatured, it gets weaker and weaker and weaker and weaker, until eventually you're running Apache, but it's three versions behind it's vulnerable to anything and someone comes in, breaks through the bubble, breaks through the perimeter and takes that Apache for a ride And that's because you weren't under pressure to live in the wild and when the pressure goes away so do the standards –I would be happy to see Bitcoin as the one-world currency and you probably know that I've also been working towards this direction during the last five years or so, but meanwhile we have big banks and corporations, existing within the countries and Google is a good example of, like, using a lot of open-source software and using it properly right? Do you agree with that? –Yes, our stuff runs pretty much out there

–So while we have not yet shifted to, like, completely decentralized anarchists like picture of world with only one currency, we will have the banks and Bitcoin solves some problem for them I mean private blockchain solves problem of synchronizing synchronizing transactions between the branches like not losing transactions and so on So they they have a choice either to like not solve this problem or try to apply this solution -They have a lot more choices of that I mean just today Greg was talking about liquid, which is a side chain for doing exactly that between exchanges

Now where are exchanges today? Today they run a mySequel database that stores entries for the account value of every customer We saw what happened with Willybot and Gox with that particular issue, right? This is an incremental improvement Now how does that differ from a Permissioned ledger? well the main difference is that if you think Citibank is going to run their Permissioned ledger on internet-connected machines and open to everyone to scrutinize, you're sorely mistaken What they're going to do, is they're going to hide it behind the tall wall, and they're going to run it among their five six seven eight bankly friends And what that's going to do is it's going to mean that that software is going to be weak

and it's going to get weaker because all of the lessons we're learning in the wild won't get applied there, until a whistleblower runs a little Trojan and malliates the transactions of their running exchange and then they're going to have a bit of a problem –What I was trying to say that as long as big institutions still exist, they will hold some amount of private information, inevitably, about their customers, right, and since blockchain solved some problem for them they will they will be using it And they really have a choice to either use open source developments like launch a copy of Ethereum within their network or try to build something known So you'll have two worlds of blockchains again Like commercial blockchains built by Microsoft and open source block chains built by open source community

and both will be used by large organizations –Absolutely I mean, we are going to live in a, thank you, we are going to live in a world with a lot of diversity We are going to have completely closed systems that are Permissioned Ledgers that have so little decentralization functionality that effectively all they are is Three– phase commit on top of a database with audit logs And instead of having audit logs in a log file they have audit logs based on Merkle trees and hashes So that's not innovation, that's 20 year old technology applied in a slight twist to what they're doing now

And on the other end of the scale you're going to have completely open systems, open source systems, you're going to have sophisticated cryptography, and we're mostly going to be living on that end now if that's the environment and that's the competitive landscape, that's great I mean because that's an environment in which not only can we win with Bitcoin and with other technology Or rather it's not a matter of winning, it's a matter of building robust solutions that have use and value for people all around the world that changed the world That's something we can do

You know I'm not worried about competing against the Microsoft blockchain –You know you described Bitcoin is an army of sewer rats but I'm going to disagree I think Bitcoin is a single sewer rat and because of that it's vulnerable The sewer rat is named Bitcoin core If we really want to be a army of sewer rats we have to have more implementations so that if one rat dies, their army remains

–You know I don't think you will find a single core developer who will ratify the idea that the best approach is to have only one implementation I think the real difference is that implementing more than one implementation in creating software diversity on a consensus sensitive system, is something that's never been done before and it's bloody difficult Because you have to run bug and you get the May 2013 26 block fork because of Berkeley DB which wasn't even part of the consensus rules I think, if you look at the development roadmap of Bitcoin core you'll see that there is an enormous effort underway with lib– consensus and lipcec 256k to modularize and isolate the elements that modulariseren en de elementen te isoleren die are consensus important, and to make belangrijk zijn voor de consensus en om die those available for libraries for other beschikbaar te maken voor libraries voor andere implementations and there are other implementaties, want er zijn andere implementations Year six is a toddler right, and so already there are three or four competing implementations that are fairly good, and are able to keep up in in some ways

Is it still very much a monoculture? Yes we still have some biodiversity issues But I don't think anybody wants that It's just they recognize that it's very difficult to move away from that in a system that is consensus critical Okay question, Michael –and how much of it is the question of competence

I mean looking at operating systems, iOS is a lot more secure than androids and that kind of breaks down your analogy –I don't think it's a matter of competence I think what it depends on how you define competence If you think of competence simply as an internal and intrinsic attribute of a single person, then perhaps but competence isn't to me an attribute of a single person, it's an emergent aspect of a team or collaborative behavior Right? Competence is not you writing code alone

Very few people can exhibit competence across scale and time as coders Competence and quality of code is something that emerges from the collaboration of many people because the area that I have competence in is different from the area that you have competence in, and if we're sharing then there will be someone out there who will notice the one thing that I missed And so I don't think that's really the case I think… what is the issue with Android? I think the the fundamental difference between Android and iPhone is not about code quality or security of the underlying code It's about the difference that iPhone runs on 20 – 25 different platforms if you take all of the versions of iPhones that exist out there, and Android runs on 500 different platforms by different manufacturers all of which creates subtle variations

It's a matter of uncontrolled diversity in a system And there is Android that is extremely good and there is Android that is extremely bad whereas with iPhone it's a much narrower band of higher quality That's a specific choice to align hardware software quality control services under a single umbrella, and that works in some cases but it also slows down innovation and how do I know that? I know that because I had a Bitcoin wallet a year and a half on my Android before it was available on iOS, and that's a perfect example of how it slows down innovation walled gardens, mini bubbles, they reduce your ability to trade outside the bubble

and so you pay a heavy price for that and over longer scales of time that price may be insurmountable –I love the the sewer rat analogy, that's awesome And the helicopter parents that's equally awesome Still trying to wrap my head around how the sewer rats see the helicopter parents, and how they relate to them, and whether they ignore them completely

–they live on the […] –it seems like the common element of these semi cooperative entities, and rats don't really collaborate –listen I'm not gonna… okay let's not attempt to do a formal proof on the internal consistency of my analogies I can tell you right now –I'm just saying I love it, I'm going deep on it so… –the point is not about the specific biology of the rat @ it's about the difference between robustness in an environment with stimulus versus weakness in an environment that lacks stimulus or has isolation And so use whatever analogy as you want, I thought that starting a title of a presentation with Bubble Boy and the Bitcoin sewer rat, as I announced on Twitter last week would at least brings the people here thinking what the hell

–absolutely But in addition I think that control is the medium that where the perception of control is the medium and when you said rats I immediately thought of pizza rat in the New York subway system and the helicopter parents like pizza So maybe pizza is the control –well here's the thing The control is going to be a big issue with these Permissioned Ledgers

The illusion of control or the use of hierarchy, authority and control, in order to effectively change the future That's an illusion that all of us can fall into right? The assumption that we control our destiny and that if only we control a few more variables we'll have control… that's what drives people crazy, if you want to be neurotic Now, if we wanted to make the analogy that many large corporations are institutionally neurotic I'm all with you because effectively that's what that element of control is That's being terrified to open yourself up to the outside world because you are a hierarchical institution that has authority and control in its very DNA And that being a fundamental and perhaps extinction-level weakness of large hierarchical organizations, I'm with you there, because that is the end result of this

It is an issue of control We're not infected All right let's take one more question here I think maybe we have a bit more time Go for it

–thanks a lot Also I do agree with everybody: cool analogies But I just would love to hear your thoughts about whether Bitcoin has actually been attacked in all the ways or in the most effective ways Because one thing that makes sense to me as, you know, if I for example had an attack that was very effective, right, I wouldn't use it now when I can't profit from it I would wait until I could profit from it, namely when a short market appeared where if I successfully executed the attack, I would make ten million dollars, twenty million dollars, you know, any millions of dollars

so I'm just not… I get the analogy and what you're saying makes sense compared to distributed ledgers I'm just wondering on your perspective of what happens when much more economic incentives via short markets appears for somebody who might have an attack, to actually use it –That's a really good point and I think we should recognize, and let's be realistic here, Bitcoin has not been attacked in every way possible and as much as it possibly can yet, and it certainly wasn't in the early days Bitcoin had one unique advantage, which was this two-plus year honeymoon period, when nobody thought it was important or relevant, or even would work if at that time people had attacked it, it was much weaker, right, there were some horrific bugs in the early days

right? And there are plenty of core developers here who can talk about some of the hilarious things, like for example being able to create coinbase with billions and billions of bitcoins in them oops You know some of the validation rules slipped through blocks that had infinite coins in them And many other bugs we got a honeymoon period then, to fix the most egregious bugs and we still have a honeymoon period now, because here's the hilarious thing: most of these banks, most of these large organizations in finance, most of the central banks, they look at Bitcoin the way Walmart looks at a lemonade stand

And they are still laughing, which is great I hope they keep doing that for two more years, three more years Give us a bit more of a honeymoon period, so we can get even more robust Because we really don't need concerted attacks right now, although, from another perspective, I would rather have some of the attacks materialized now, before we have mass adoption and a lot of users being disrupted But this is @ a continuous process in a race

the real issue here is the time scale, right? And the interesting implication what we're saying here, is that a lot of altcoins don't get that grace period anymore Which is why it's a lot harder to build robust altcoins because, one, you don't get a grace period on mining If anybody thinks it's going to be valuable they're there, so it's not just like nobody noticed And you don't get a grace period on security anymore So if you've implemented things sloppily someone's gonna find it

In fact just the other day I was reading this fantastic article about 42Coin Are you familiar with 42Coin? it's an altcoin that was designed to only ever have 42 coins it currently has 48 it would have taken two lines of code to constrain the mining algorithm so that after the initial process of mining the first 42 coins as promised it stopped and in fact several people noticed that this was missing from the code and they wrote to the developer who had since abandoned the project

And so nobody patched it, nobody upgraded these systems because they were really running in an isolated environment and not really participating in a real economy so nobody fixed them and then coin 43 was mined And at that point you have an existential crisis for this altcoin because it's no longer 42 coin This is going to keep happening and it happens because there's not enough people interested in fixing the bugs You know, this is the other the flipside of this idea

It's really hilarious to me when you talk to companies and you say: hey how about you open-source your code and they say: oh my god if we do that people are going to see it and they might use it without paying us And the hardest thing to explain to a company that's doing software is, you wish people would see it and use it Most likely if you open-source your code like the other 700,000 projects on github, no one will give a shit And no one will use it And you will not create a community

If you actually manage to get people to see it, use it, and create a developer community around it, congratulations you're in the 1% of projects that have achieved that it is a rare and difficult achievement and in fact Bitcoin has succeeded more in that, than any of the alt coins, or to go back to my previous analogy, any of the Permissioned ledgers would ever hope to have, when they closed themselves down from external scrutiny do you…? Pass it to the person next to you please Thank you

–okay so I really like sewer rats too and I see them in New York City screwing around the subway and maybe they could survive a nuclear apocalypse or something, more than the bankers up above but they're also living in muck and dirt in these little small passageways, while the bankers up above have huge buildings, and they get… they have also have a lot of power and they could go live in Bermuda Their bubbles give them a lot of ability I'd like Bitcoin to have a lot of power too how do the sewer rats get power? –well here's the funny thing six hundred and fifty million years ago 650 miljoen jaar geleden there was a big lizard species or a series of big lizard species on this planet

And they were big and they were proud, and they trumped around, and they stomped around, and they usually stuffed on little furry mammals that were scurrying among the tree trunks below them They didn't pay much attention to them But guess what… they died, and the little furry things became us, and we won So don't underestimate the little furry mammal among the trees, because someday meteors happen And here's the thing: when the dinosaurs see the meteor, they go through the same process of the bank seeing Bitcoin

They look up and they go: well that's not happening, that can't be real and then they start screaming at it So to me the banks at the moment dealing with Bitcoin, the ones that have begun to realize what is happening are now braying at the meteors, trying to make them stop falling on their head And you can't really do that Don't underestimate the tiny scrappy, the little competitor scurrying around the tree-trunks

Because eventually they become the dominant species And remember where and how the internet developed in the beginning Because I went into phone companies and did presentations explaining to them why they needed to address and understand and adapt to the threat of decentralized communications We didn't call it that then, but tcp/ip, and you know what they did? They laughed They laughed at the Internet, these massive companies like AT&T

And in my case I went to the Greek national phone company OTE Doesn't really exist anymore Fell apart But they laughed at the idea of the internet Because the idea that through this messy process of decentralized routing where you drop packets all the time, that's not a bug, that's a feature, dropping packets, it's messy, it's nasty, that this could actually compete with these carefully constructed hierarchical systems of these global spanning copper, and increasingly digital networks

it was completely laughable They went off and designed ISDN, and said better than the internet, it can do videoconferencing The internet can't scale to do video conferencing or voice or any of those things Fast forward 20 years, now they're running their entire voice network on top of the internet things change much faster than we anticipate and the power and scalability of decentralized systems and the robustness of systems that initially appear to be messy and sloppy, like the internet was, can often surprise

But what doesn't or shouldn't surprise you, is the hubris of those who think that the little scrappy competitor won't amount too much All right, I'll take one more question and then we'll wrap it up, thank you There you go –Alan Turing and Enigma demonstrated that any form of cryptography can eventually be broken all through history, when you had Navajo, and various types of cryptography, there was always something that nobody imagined that would crack it

Do you believe that to be true or not? –yeah absolutely All forms of cryptography can be broken, are eventually broken, that is a truism –including that behind Bitcoin? –including that currently behind Bitcoin, yes The question again is time scale You see, the real secret of the Enigma was the secret of the broken Enigma

the reason Bletchley Park was successful in essentially winning world war II, at least for the North Sea and the British forces, was because they managed to hide the secret of breaking Enigma Because what would have happened if the secret that they broke Enigma leaked? Enigma would have been improved and changed And the damage that they had managed to cause which at that point was complete and systemic capture of all of the cryptographic communications of the Germans, would have been contained And so they would only be able to capture the Enigma machines that hadn't yet upgraded isolation was the downfall of that system because by definition it had to be isolated

So the lesson we need to learn is, we expect cryptography to be broken, we expect every system and subsystem within Bitcoin eventually to be weakened And what we need to do is, one, make sure that any such weaknesses are not systemic and complete, and then identify the weaknesses early enough to start addressing them so that they don't become systemic and the best way you do that, is by existing in an open collaborative environment where you learn about those weaknesses If ECDSA (Elliptic Curve Digital Signature Algorithm) @ gets hacked today, or becomes weak today, what does that mean does that mean that every person in the world can suddenly crack ECDSA at any scale? No It will mean that for a certain class of very well-funded attackers, certain types of ECDSA with an enormous effort can be cracked at which point our friend Greg back there will be building a side chain that doesn't use CEC 256K1, SEC P 256K1 in fact the example of the Schnorr signatures implementation on elements alpha already shows you the possibility of having a Bitcoin subsystem that allows for a variety of signature technologies to be used within the Bitcoin ecosystem

There's no reason why we all need to use ECDSA We can add a patch to the system that recognizes, let's say, Apples curve, that they use I don't remember what it's called, it's a long number Or that uses a completely different cryptographic system I probably select something created, verified, audited by Bruce Schneier

but the bottom line is that you could create in fact an ecosystem where you don't rely on any single curve, and therefore the system is robust because every customer can pick which curve they want to use, or which signing system they want to use, so that even if one of them was compromised that only compromises a subset That's possible to do today The real question we need to ask is, two weeks ago SHA-1 was shown to be weak eventually SHA-256 is going to be week and at that point we had better have reached the point in the curve where fees matter more than rewards, otherwise the consensus mechanism won't let us upgrade But there are always weaknesses

No cryptographic system lasts forever Which is why you don't want to bake it into a Permissioned Ledger behind a wall that nobody ever inspects, maintains, or updates Because then it's going to become weak And in fact those systems are going to become monocultures They will lack security biodiversity to use a to use the term strangely, but they will lack the diversity required

Bitcoin is not very diverse today, but it is getting more diverse and will continue to get more diverse and more robust All right thank you all, appreciate your time and thanks so much for coming [Applause]