Hashing It Out
Hashing It Out

Episode 62 · 1 year ago

Hashing It Out #62 – Bolt Labs – Ayo Akinyele

ABOUT THIS EPISODE

This episode, Corey interviews Ayo Akinyele, a former security researcher turned CEO of Bolt Labs. Bolt Labs is a privacy solution for the Lightning Network which allows for an asymmetry of knowledge in the channel. While this is quite useful and interesting, we instead turn our focus on things such as attribute-based encryption, a security researcher’s view of blockchain systems, and much more. Join us for an awesome conversation of where we are as a community, and where we’re going!

Links:
– Bolt Labs
– Ayo’s twitter
– openABE

Now enteringas kind, ocast n Mat work, welcome to hashing it out APOTGASP orretalk to the ATTECH intevators behind blocked in intrastructure anddecentralized networks. We dive into the weeds to get at Wyand how peoplebuild this technology, the problems they face along the way I'me, Listengand learn from the best in the business. You can join their ranks. Oen back everybody in your host DoctorCory, PA you're, listening to hashing it out Colin, is not with us today, sothey came up th last minute that he had to attend to e will be with us nextweek or the week after bepinning on how len it takes him to attend to thosethings H. Today's guest, we have ilock inYella, fropel, bolt lbs Um. Why don't we do the normal introductionand tell us kind of how you got intothe space. We can talk a little bit ofboatbabout bolt lambs, but I think the majority of this conversation issecurity, focused and interesting things outside of kind of bolt labs,but also like angentially, a useful forboat lat, so so hey cory, thanks forhaving me on appreciate the h, the opportunity to talk about the ealsecurity and inpot labs. So my background is in croptography and Uspecifically, grographic engineering and software engineering, so Ibasically combined Um. You know up Ly Chroptography with youknow, Writing Code. AJOHNS hapkins worked on a lot of problems related to transitioning. You know theoreticaladvance Cripto to the real world, so I built a lot of libraries, an and compilers D Aramanlanguage tools to make that easier for croptographers, as well as systemdevelopers. That got me really interested in the applied side andspent a lot of time working on this idea called TATCIB, actually basdencryption and it's a it's a advanced form of publicencryption that allows you to Um, basically combine confidentiality withaccess control. So you can encrypt data in a way that you specify attributesthat describe that data and then later you can give out keys to theindividuals that you want to be able to decrypt with the right Um prudentials,and so it's it's a really nice way to do. You know all kinds of m access,controld based encryption and- and so I spent a lot of time youknow building that academically. Then did it start up around that after Igraduated from Hapkins Um, you know called the opeabe Tol Kid and part of that experience. You know I Ispent Um. You know basically about four and a half years, just understandinghow these advance scriptol primitives can be used in the worldworld and partof that journey was understanding the the practical uses of of the of the encryption, and so I enjoyed you know, essentially the the opportunity to getgovernment funding to build this commercial library. This was work donewith some of my clabrators at Hopkins Um and after that, I you know, gotintroduced to Um bicoin through one of my advisors. Hehad already did a bunch of work in terms of privacy and macmagreen andPutier, and so we, you kno he he had basically done a lot of work in thisspace and I've kind of been watching from afar was sceptical, but I wasinterested I'm and so probably around it. Ut n seventeen, as when I kind ofjumped in you know full time in terms of you knowauditing for Crypographic, sorry for CPL currency related projects and thena transition to working on onbot full time as a result of working withmaccarine and Indian Myers Yeah. So what's bull in Etochsv, alwaswo startthat I guess m. We have a whole interview, basically with you on blockchannel, where we discuss the INS and ounce of Bolt. So if you're interestedin that O', if you're more interested in that further than what you just say,I'd recommend the audience to go. Listen to that on a block channel O toget more details on on Boll yeah thinks of the plugn and there's also anotherUm podcast with epicenter. He perverallowed me to talk about bol from a different perspective Um.

But yes, so bot is really a improvementon on lightning offered bicoyn that focuses on the ability to do privacy tofor two party channels. wher, you are locking up funds in ESCRO and you'removing value using that escrow at a very low cost. So it's a way to do fast.Sheep payments, where you're using the the blocchain as the root of trust andyou're taking m the YOU KN W intermediate updates to that escroaccount Um Olf chain and so llows you to admortize the the cost of movingvalue over a long period of time, and so this is the defacto way to do likeyou know, bit coin, on a on a on a massive scale where you have all ofthese trusted connections between entities or bitteen parties and you'reable to kind of use these. These established channels to move value youknowefficiently and cheaply, and so bolt is building on that by addingprivacy and the the limitation with how lightning is constructed today is thatth the state in the channel is symmetric of both sides of the channel,see you know every State Update Anso. What Bolt is trying to do is make itasymmetric, where one side wheres whois going to be the customer is able to seethat state and then convince the counter party who could be a hub couldbe. Who knows? Who else is connected to that that their party, but you're,essentially proving in zero knowledge each state update? You know thatbitsatisfi certain constraints, which is that, like you, have sufficientbalance in the channel? You are someone that the person that's interactedwithin the past and that you know you have a range proof on the updatedbalance of the channel, and so they don't learn the current balance of thechannel. But they're convinced that you know you are a customer that they'veinteracted with in some past and so you're able to hide um in the in you set up all the over thesite of customers that that acounter party has open channels with then. So, basically, you start off bysaying thes Tis. This is the rop set they were going to agree to and then, when you start Takus, he conversationbetween one other. You don't see what the contents of it, which message isyou only see that t it it within the instraints of what that r initial rulesaid was, and that's kind of the whole idea. A Yer knoege proves right. Yeah,Sosoolis frucs are a way to prove m. You know publicly to a verifier that astatement is true without having to reveal any secret information, and soyou know our variance is like proving knowledge of a secret and so which isvery just traditional, alwas proof, and so it's based on you know the hardnessof the discreet log problem. It doesn't require any. You know any sophisticatedtrust assumptions Um and because of that you know it allows usto prove very simple statements about he, the channel. You know Y, U at avery low cost in terms of efficiency, so it's fast to verify fast to generate,and then you know it allows us to. Essentially, you know build thispayment proof that gives this customer this flexibility to not revealeverything about their wallet, they're, oflting wallet but they're able toconvince this verify, update the state of the channel blindly, and so it givesthem a way to achieve anenymity and it solves the problem of you having totrust the the counter party. L E right now, you know, there's implicit truste,built into the lightning protocol in the sense that, like you're you're,assuming that the Counter Party won't share your data anst, how how you usethat channel with Ha third party, and so both is a wai to take some of thatcontrol back and M and reduce the amount of information that that hub hasto store for each channel, and so I also view it as a way to harden routingnotes. N that their only job is to perform this function of moving valueacross different channels, they can obviously rebalance to make sure thatyou know they have sufficient capacity, but you can learn that information andaggregate, rather than be able to be able to link the identity of aparticular customer. That's making a payment with that actual paintment, andso you know we're able to kind of achievethis. This balance by m by using OAIS fruits and blyingsignatures, andcommitments, that's sorto cool. It keeps kind of thebalance on on what hubs are capable of doing if they get to the point of likehaving too many connections too Mana peersih there too, too much centralityon the graph of what the network is actually doing right right, and so thisis great from a like capability standoing in the guarantees the privacyy guarantees that we have, but the main constrain is that you still requirethat helps to have sufficient liquidity.

So you know who, who are the entitiesat can actually be these trusted third parties, Oror trustless thid partiesthat you know are able to perform. Thi suntial oexcing just come to mind.Obviously becus you know, use a gravitate to their service, O TCproviders, Castodians of decoin qualify, custodians of bicensul entities likeAnchorage, M and and CRYPTOL banks. You know so silver gate signature. Theseare banks that are coming up, that are cryptal friendly and are able to. Youknow, provide Um. You know essential. Essentially, you know serve as as as as lenders for you know, Cripto start ups as well, so I mean, I think,any any any endity that that is sitting on a stockpile of of ditcoin orwhatever the asset is that that you wanted take off chain, can canserve orbe part of this network essentially, and it's Kino be done that realsorryGod th N. I find that interesting in terms of like this is th. It runs withthe theme that I see a lot of what thi this whole technology is doing andthat's a like giving people options to interact withthe people that they want to interact with the way they'd like to interactwith them and not like confining yourself to a a narrow formercommunication right. So, like you can still do all of the things you wouldlike to do like. If you want to have these symmetrica mationships inpeople, you can have them. If you don't. This gives you an option to not do that.Ich Then Te entity that provides these services can then have like a finegrain resolution and and how they interact with you, basedon what the customer needs exactly and then I think that's theoptionalities. I think we need at layer to for blockching just because we don'tknow what will be built on top right. We know we have an idea of the type ofnetwork that we wan to have, but we don't know the m the applications thatwill capture the value from a mainstrein, percesse perspective and sohaving this ability to kind of pick between the two is really the thestarting point, and for us you know privacy is an important ingredient tobe able to achieve us. There's really no other way to do it, and so all allour approach has really been to focus on the business to business usecase.You know, and in talking to some of the exchanges that that are, you know,adopting lightening and thinking of different ways to use it. You know theyhave. You know, requirements to Um. You know not only protect the the coin thatthey're holding but to allow users to move that decon out t side of theirecosystem like outside of their security, boundary, and so lightning isa way for them to to to do that at a very low cost. And so, when you addprivacy on top of that witd Bolt, then you could essentially think of whatwe're doing as a a private network that allows these trusted exchanges to these.These exchanges that that hold a lot of assets to move value privately and hightheir aunching activity from essentially hackers rigt 'cause, I meanthey're um they're dealing with you know having toincrease their security budget to secure hot wallets, and you knowcontinue to try to hide what their aunchingfootprint is right. But it's really a delicate balance and so from aregulatory standpoint versus H. Protecting from you know, hackers thatare trying to Um. You know steal those big coins, I think Wat Po Por now hasdefinitely taught us the idea that Um, the more you aggregate value into asingle place, the more tention yll Dr You'llatract yourself and and Tdatabriches alone, could tell you all the things there, as well as like, wherePeo, where hackers spend to ten tin, to spend all of their attention time andeffert and and with public achainer trust tes blocktang systems they're,inherently public. So if someone does the same type of activity, it onlymakes them worse than maybe a traditional two point: Ot O entit things like this just helpedthem get up to standard in terms of how they would like to protect themselvesfrom Om, having had a valuestoen right right and so F for us. You know: We'vebeen trying to kind of identify m how we an you know best solve these. Theseimportant paintpoints that allow the ecosystem to continue to grow but like allows us to you, know, show the value of whereprivacy can have the most impact. You know for the massive corporations thatexist in criptoltoday that don't seem to be going anywhere right, meaw.Obviously we want the these excanse to be completely desentialized, but youknow based on the trend, you know that's not likely within the next fiveyears. You know deencalize exchange just still too small and to but butthere is an opportunity to have a bridge between you know, sentralizeexchanges and desentralize exchanges, and I think way or two is the best wayfor us to build that kind of network, and you know so, I think, over the nextcouple of years it might not be user facing per se, but I think you knowonce we get through this wave where...

...we've established this this network.For for these, you know xchanges to kind of move value cheaply and and bebetter custodians of of cryptol assets than you know, N. obviously, OTCproviders nd custodians are in this bucket W O, but it gives us anopportunity to you know, look at the user consumer side of things, and youknow kind of you know, extend these ting capabilities to them, and so myphilosopy's, really the the BTA B case, is the the best chance for m. You knowgetting arthecology embedded and then B to c will come. You know, after that.That makes sense. So I was I've said this quite a few times in onagether pokcast, that I do it the bicwinpotgast and it's. I think themain thing that we're doing here, um in the block Chan space in total, is Um, really really pushing and said devisingresearchers and businesses to make Um cytography usable right right. None ofthis none of these things are remotely capable of of existing. If we don'thave these strong security guarantees around the croptography, that e use,that is like the primitince of building these things up right, um when youentered this space and especially coming from it like making theoretical, crotography andencryption applicable to to systems and having a a deep understanding of howthis works and what and what constraints co you use this particularthing when you won't go outside of it h. How did you view all of this, and how do you do thisspace Comi Otcoming? From that background, so I think the the greatthing with academic you know cryptographies that we have it's likewe're, always ten years ahead, like a lot of the e technologies that Um thatare being deployed today have been well researched over the last. You know acouple of decades, and so I think, back to ECASH. You know that was originallyproposed, like in the early ninetey nineties, by David Cohn right, a he wasproposing. Ou Know blying signatures with RS A, and so we kind of see itdidn't take off because of th the problem of like trust, Rin y, he wassoing, trusting, inaar a bank right yeah. You had to trust the intermed ARYand so know, bicoin removed that right. It's a desentialized way of doing itand- and I think, since Bitcoin M, we've seen more academic,cryptographers kind of switching to this space and, looking at the problemof how do we continue to innovate around removing trust, and so privacyis really where a lot of that effort has been directed. And so, if you lookat Zcash, you know they started out as a you know, as a a just trusted setup type ofapproach to Generaly, these Um h the this k material, which they call like atoxic wasn Aus boot, strapping Diso, Kowlege proops, so that you cangeneratly very m compact and M and a and easy to verify proofs. Youknow for the consensus layer in a way that, like Um, that B T, but the main problem is thatthis themitr comes out of Thi stretch to set up an this truss es set up. IsYou know, depending on how you run it? And you know it was running away thatwas polarizing or ND. So there's been a lot of innovation around improving. Youknow how we do trust it', trust, trust to set up and making it moretrustworthy, and you know making it possible toupdate these initial parameters for Zca narks over time, and so we've seen alot of work from Yo Ow, very talented cryptographers in this particular space,because it's you know the the Zecash ecologys starting to spread or has beenspreading. You know to other chains and N S, for example Veryon Um, you know soas cocconsidering adopting sapling and so on and on. We we go in terms ofhow this technology continues to spread, and so I think croptographers arestarting to focus more on. You know the the points that we trust intermediariesand you know removing that trust and looking at solutions that allow us todo that, and so this also involves like distributea key generation. A all ofthis stuff is is related to, I think in my opinion, you know m making thingsmore, making blockings more trustless, yeah manefficient and the Lov o stuffis nt es like striving 'cause. We had here OGE proofs or for starks for so long, but they just wereinefficient and his like this type of thing, pushes for t the applicabilityof a lot of thet, stuff and reilward system, so that you know ind users canactually benefit from the Cool Ponte. You can do with with numbers an thatsense like I I did my PhD and and B, more or less quatimechanics and based in that ere it', a tremendousamount of information theory ecause t's, it's a probabolistic based Um theory, right and com kind to find out.I really really really have like a...

...really I'm very interested in it. I loveinformation theory how it works and promabilities and of these things tendto kind of work. INROL life systems, but had I known that this world of croptography would haveblown up and on Oins, are like tin, open, opened up in a lot of ways forfor a lot of interests, tat new innovated technology, I probably wouldhave done that instead right, Vian Fri Li, I'm Kinda envious of all of thelike potography researchers out there thatare like Oh shit, like yeah like now no longer have to even like stay withinAcadania to be relevant right, ther we're starting to build a lot ofbusinesses and systems that then incentivize people to go out and doresearch, Im and fund it in a lot of ways, and I think that's one of thereally great things that's happened in this pace as well. Yeah Yeah, I thinkit's the perfect alignment for cryptography in general, because youknow so for me. When I started out my focus really was on data security andkind of preventing making harder for data breaches to happen. RIGHANDbuilding Ou know systems that that do that M and, and so obviously siarsecurity is a huge field in itself, but you know with with with Cripto orcryptal currency, I mean it's. It's like the perfect blend of all of thesedifferent concepts and distributed systems to cryptography to m. You knowcryptoeconomics Righ, I mean there's just so many different layers to do itand I think it's just provided te perfect application for Um for all ofus. I think, are you familiar with the pyramida pain? No, I'M NOT! Okay! So permitopain isthis Bas blong that came out. I forgot howmany years ago, it's a sypra security, a concept and that, like it's they'retrying to move up the pyramidof pain to kind of it's Li e. As you move up thisthis, like ladder basically of things you can detect and mitigate within yourown infrastructure Um, you slowly start to make it more and more and moredifficult for the attacker to continue attacking and basically underthe SA, under the premise that hackers are lazy, they're going to go after theeasiest things that don't that don't make them change their behavior. It's areally interesting a'll put in a show pee to check it out, and I wasinterested because, from from a traditional web security point of view,thers very specific things you move up like th, like the things that youchange, tha things you can therdae for things you could you C A protect against MHM, H to to basicallyprotect organization and make it attaccroafuckit? It's not worth it inso, but atually at the very end, it's it's making of changes behavior in alot of ways. I was always curious if people have heard of this and ifthey've thought about it in the context of Cripto or Web r web three and howthat Changonethin Tha t the term that that I'm I'm more familiar with, butyeah like the yeah. I think. That's that's definitely very true. Justbecause, like the waying, the space is involved like we want things to bedecentralized, but we keep coming back to central, like gateways en that thatstill um require on boarding users an an one of the things that that Iremember from David Tom's a like experience, an I think I read this OnbiCpedia when I was digging into this a little bit but like his opinion on whyyou know, didy cash didn't succeed and he felt like at least the limiteddeployment that they had, that Um. That users didn't really understand thevalue of privacy, and it was like too soon and it's kind of ahead of its time,and so this this this. This brought up the idea that, like you, know, we'restill in this space where Um you know, these gateways stillrepresent the easiest way for users to so so what I'm getting at isthe convenience of of of cripto and so those ore. The entities that seemed toyou know, capture the. I guess the attention of of users inHinso. This might be a little off topic on your commen. Just got me thinking aboutat least about that and how we've got to do a better job of youknow, making things more usable, H, re, here's a thing about that B t I have alot of trouble with this 'cause, I I mean a security engineer for a companytrying to have enduser facing customers who or reabstract away a lot of thosestuff, but like Um, it's a fundamentally different way ofthinking about how you interact with a different within ittet ee. The channelof communication is fundamentally different, no longer offloadingresponsibility to someone else, I'm responsible for it the whole tenant of a lot of Li ePUTICAR systems and decentralization, and especially with focus on privaciesthat I'm no longer making someone else responsible for anything. I one value Iam, and with that there's a different lsocial contract associated with it that people aren't used to MHM. If, if, if Ioffload all this stuff, then my what I...

...have to do is is not a lot, it's veryeasy inconvenient for me to use them. So by that nature, I'm I'm offvotingsecurity for convenience in a lot of ways. Ist and people take that as afundamental thing in which in which like what is convenience like who needsto do that, I don't think you have to do that in thes spaces, but there's a trade off there in which,like I need to be responsible for these things. I need to understand that, likeif I lose this, it's gone, there'snosothing else that anything Odo like. Do you think that we can get to the ease of use inconvenience ofWebto? Point O with the way in which we're building systems and web through yeah. I think we can, I mean so there'sthis Um there's this wave of services that are coming out that make it moreeasy for users to maintain custody of their assets and still be part of theecosystem, whether for payments or trading or whatever, whatever M and andone of the the things that like is really really challenging, is the keymanagement problem. MEA like if t there's just so many ways you could youknow you? Can you can screw that up and and shoot yourself in the foot, and Ithink that scares a lot of people, but I think there are approaches to to makethat easier. That leverages, you know, M Ou, know cloub storage, you knowthings like dropbox Google cloud in which you can encrypt things. You knowstore t you just use those services as dumbstorage to back up your most. You know: ssensitive m, an thingslike Shimor secret sharing, realase Tebrt, break the encryption up in themultiple pieces and then store it on different places. So no one entity hasfull control over it right and funny. They should mention that that's one ofthe underlying building blocks for atubased encryption helike, it's it'slike secret shareing, combined with with Um with a u over. You know, pairing base, electiccurs and combined with Um Whatar, effectively called Um. Yes, so those are the suprirmitivesyeah sosecret, sharing N N overpairing, and it allows you to kind of break up asecret. You know so that's iit could be the thing that that's protecting yourwallet in such a way that you can, you know, attach specific policies or orconditions for when that secret can be reconstructed, and so these policiescan be anything so it can be like I have my you know. Device also have a anattribute of my device. I have an attribute in the cloud have anattribute. You know in this other application, and so only when I'mactively logged into all three can I reconstruct a secret that allows me todecrict my wallet and is it a more efficient way of botifactorauthendication? It would be yeah, it could be. In myopinion, it could could definitely be. I mean theye are some so so the the oneproblem with with actuabasing Chryptian is that it still requires a you know: atrusted third party. You know for the key generation part of it. But if youare, you know applying this to your own data than you are serving as your own.You know trusted entity right, okay, so, like let's thane get in the context. F,are you familiar with what universal Loganis ind the etherium space? Not as so, it's basically a smart contractthat exists as your identity, and it ends up being like your management, Identido, where you then delegate thereis levels of trust to variousdevices that that can sign off oneof therose things right. It seems asthough this would be something Um, something useful there and maybe that'sactually how it works underneath yeah, so iink, that's the analogy forsignatures. Um, you know. For for what I'm describing is more for encryptionand so s I think they are equivalent. So I mean for signatures.It's usually called threshold, cryptography. U, AH, okay! Yeah! I'm trying to think of. Like it also'cause, I work for I work for status, which is a like, which has a lot ofprivate messaging associated with it, an in the contexts of group, chats mencryption of messages and how you you sinned, 'cause. Most of thetime when you do group private group chats it's it s, it's the same thing ashaving a one on one group Chap just scaled parwives to everyone in thegroup which doesn't scale very well in terms of managing keys or andrevocation for that matter, an I'm very interested in new types of chrotographyor butting types of chroptography than alow. A scalabl group check that has avery good user experience in terms of adding and removing people from a group.Right right I mean it's a very difficult problem. I kno signal hasdone a lot of work to make this mort usable, but like there's still a lot of innovation to be done there and I think,like evucation is as another problem you know, especially when you thinkabout you know people losing their devices and you know being able to recover. Youknow the the history of a group chat, and you know how far back you know so,there's a lot of practical issues that that make it you know make it heard to build a trulyusable, know, group an that's the difference between Kindo, like thatEser experience of of centralize verses...

...to centralize, right and at's, with Wth with privacy in mind Um, but as we, I think, as time continueson and we keep having data breaches and instances of companies who hold thistat are taking advantage of it and profiting from it. People are going to Wisen up andrealize that privacy is really important to Thore, to look for thingsthat that give that, but at the same time it's a really hard problem.There's not a lot of people trying to solve it because because theabilityis so bad, so growingin business out of it very hard. MHM. Ah- and I find myself like when Istruggle wath signal- I you know revert to using things like telegram, O rgroup Chat, you know and it it's frustrating you know, but it is what itis and I think M, I'm hopeful that at least with more innovation in thisspace, you know we be able to have a truly usable h. You know group chat type at with encryption Bilton. Wheredo you like wh? What do you? What are you excited about when you think aboutall F, this stuff 'cause? I we're having a tremendous amount of focus on kind of rebuilding the web in adesentiralized manner. Um, you think that's going to work. Are youexcited about it or do you see obvious problems that we're going to hit andthen hit real hard? A D? Maybe it's a wall yeah, so I I'm I'm interested to see how it plays out,but I think you know there is a lot of potential to Um to to build in in a way that allows us to do more. I don't I meanit's hard to to identify the winners. You know. There's there's definitely alot of interesting work going on, but I haven't paid as much attention as as Ishould to Um. You know at least a Ou playerthrick, but that's th the kind ofconcept that it onp. Think people get a lot. A lot of people understand is that, as things get bigger and broader andpeople start to specialize into a specific field Um, I I think there's acartoon basically like PhDs, basically just dig in holes, it inteestspecialization and the further downe you go, the harder it is to lift yourhead and see, like even a ground level, see what's going on to keep up thisthat S. another thing: it's really really hard, there's so much going onin this space lik, I remember whe. We started this pockcast or, like the Bikinpot cast proper M. I understood everything that was goingon. I knew everything that happened with in the Pickuin' SFACE, becausethere wasn't that much. It was very easy to keep up and give people thepulse of it. Now it's just it's with Everya all the different networks, allthet innovation within a single network. It's impossible and so yeah, so I was interested in inblocksback for for a bit Um but, like I mean I'm not entirely sure m howthey're doing in terms of you know mainstream uses, I mean I know theyhave like sample applications that are web. Three friendly. You know likethings like google dogs and or Google dock equivalents. You know opdesentralize way and Um. You know I I've paid attention to some. You knowsocial mediae related projects like you know they tried to reinvent. You knowfacebook in in a you know, sentialize way and with privacy built in Ou know.So I I've seen those ideas just don't know how well Um they're going to dowith users and yeah. It's like the people who need to use them if they'recoming they're coming to them with the same idea that they're using the samething then they're going to have a bad time. Tars O dosther experience they'regoing to go back to it right, yeah yeah for sure I just got a question. I forget what itwas Tamin, Oh yeah, aribu BAS in cryption. I see it. AI T T it's based on in cryption, soyou're want to GE, trying to aduscate date on the MHM public key encryptionAlho. I I advance a form of public ingretion AXC, I'm thinking about likewhat how co set a potential use foror, something like esentially storage? Yes,absolutely so M, so one of the so there're two flavors for and we cancall it Abe, just that'stul T um. So there's a there's, a kee policy Tarin,which basically means that you know the policy that you want. Um, that you havein mind for your accin control is attached to the key materia that yougenerate and then attributes are are used for encryption, and so you canessentially give specific people. You know keys that have specificconditions that allows them to access certain content, so it moremapps tolike electronic medical records where you have a diverse set of informationand that you want to chop it up into data objects, andencrypt each thingdifferently, based on the attributes that best describe that piece of data,and then you have another variant...

...called Sycresex policy that has therelationship reversed. So you have attributes on the key and then you havea policy attached to the data and then what tdisallows you to do is you know:Roll based, ax control, so youre, janitor or or building assistant. You know youwould only get pridentials or the credentials can map to your key. A ndyou'll only be able to access whatever your rule is allowed to access, and soyou can kind of segment data accordingly and so, and so youbasically encrypte data with h the p policies that map to you know whateverth, that Datah's been used for, I wan to try and make I ike intuitive analogy here: Um people who used to discord basically have a GP, a bunch of peoplein a chat room all right and and then you have different channels withdifferent permissions around who gets acceent at those chance right andthat's all done through like role based access. Each each role can havespecific permissions on various channels, so on and so forth. So likethis channel can only have you know this roll this Rorle, this role, O ac,that's to it o and so forth. It's the same thing with data: If we just treatthe text living in Ha database somewhere, MHM, that's the data, thenthat's and then the different roles associated with access permission tothat data um to different channels and that's basically the same thing: I'mtrying to L, Ke picture it or get in an Algy for someone else ov, and so thisthis tring crestion is always best when there's an established way ofexpressing the access control properties, you know. So if it's youknow, there's there needs to be an access, central Aracle, something thatyou can ask you know, for you know H. Whenever you're trying to you know,provide confidentiality, you know and and that's really the the the best way to kind of deploy it, andso when we were working on this as a start up, you know our focus was on protecting the navyes Um. You knowclassified an classified data n with all the different crlovery, very good,obvious uscases sothing like that yeah. But the challenge, though M, was Um th,the key management number one and then number two: How to M generate these?You know AC central policies in a way that doesn't reveal too muchinformation about the data, and so that's an environment where, like, ifyou, you know, you know, think some keyword is not sensitive like, but withEnunoug medadata around this encrypted. You know piece of information you couldesfentially figure out what it's protecting and so hiding the policiesis, is something that is needed in some an in a process of making m the stuffencrypted yougowant. To say this is our bucket of Super Supersupur, viablestuff, right right right and so that that's the the trade off like you haveto m. There are other techniques that you can. You know apply on top to kindof hide t the MEDIDATA, but it just it's it's another trade off. It makesthings a little bit more inefficient and it makes um just the overall ability to deploy this. YouKnow Theye more challenging, and so what we ended up doing was just KINDOF,making the the the libra open source we weren't able to deploy it within thenavy at the time just 'cause they didn't have the right. So so. First ofall, it wasn't Um, it wasn't Asioinchrystian that had gone through like Na revans. They werefamiliar with you kN W. They don't use anything without hard standards aroundthem, except for my experience and government contracting companes, and soit took like an international body to standardize a be around two thousandand eighteen that we were part of, not andso. That was like when I switchedfrom. You know, Um that workd to ou, knowsolyorself or crypto yeah yeah, butI'm still like you know interested in in you know, companiesbuilding around this. You know a and I continue to you know to support youknow the library, but it's one of those things where I think it's still going to take time.You know for us to see why deployment of Aybe and it it's kind of dependenton you know finding these maybe cripocrency might be the best o knowstarting point. You know expectially think Oboth, not just CRIPTPO curency.So this is where I guessed. This is m. This is my. I guess I argument withBeoi. Maximalus is like what else can it do mm right? And it's? If we thinkabout blockchains in general, it's just basically complicated permissioncontrol in a lot of ways. If you look at Smart Contracts Right Das, smartcontractinatherium, outside of Value Movement and th, and the logic aroundwho gets to move value or access value in a lot of ways. Um, it's a lot ofpermission, control our access control on certain things, and if you can build in some of thesecryptographic, primitives t e actual, like you know,...

...hepographic computation, MHM in atrustless way, and you can build a lot of these permission systems and accesscentral systems and then layers on top and below that. Actually do reallyreally novel things without trusting an Intermediar to do them MHM. So it'sbasically L Ke, almost like a multiparty computation on access,yshess control, right right, and so that's an interesting thought. So oneof the things that it's challenging WATH A B is: is that, like once you'veencrypted that data, you can't really operate on it. You have to sentallydecryptid to to do things and ou know so in the in the conseqentverium. It seems like that would be problematic because you kN W you, youwould need to your homework concription a exactly so so the perfect combinationwould be, you know, being able to Incriptin that way and being able to operate on, and sothis is where you know, partial and fully homemorfric encryption come intoplay, but they aren't, as so partial homeorphin. Encryption is definitelyeffiicient, but fully homemorpic is still you know, waygs away, but I thinkthat's where we need to get to h to be able to do this wag cause. What we'reexpentially describing is functional compentation over you know, encryptedata right, an so the the less you have to decrypt things, to do things withthat data, the better off, and so this is why you know Mbe is best for likefiles and and databases Um versus like things that that are stowed on a blockchain where you need to be able to Um. You know process that data before youdo things. You need todthat date before you yeah the obviousthing that comes tomine, but this is, as you built stacks of technology ontop ofh, each other ytend to have trade offs at each level.You go up, that's tr Um. I can't think of a situation where, like the next layer up is the exact samething in terms of all tha, all the guarantees you have about Um Wat, jus call like Daa how tat datoesmanage and access the security at's on Owort, and if we keep building playersand leaters and layers nd to make it essentially usable to the in user. How much are we going to have to giveup l e? Are we going to be able to maintain any any any guarantees fromthe bottom layer? That's a correct question mean the goal is to you know,preserve those guarantees as we build these layers Um. It's just really. Ithink th. The the bigger challenge is hiding the complexity. s Um approacheslike just change the paradime and require the the prarticipation from youknow. The user and or SI require interaction and and those kind of potocolls areharder to deploy because more things can go wrong right and so um, it's a delicate balance, but I you know,I I think the best we can do is Um. You Know Trie to Um, just understand the threat modelsand and and try to match you know the the best solutions for the problmversus just you now deploying a complex solution just for the sake of deployingit g have we have to solve these these problems, itratively Inan ways that westill preserve some amount of useability. You know- and I think that's you know, tha. Theusability side of things is where a lot of these ideas break down. You know'cause, it's like wow, so the U as to do Xnd C in order to get property x andso or it increases the the bandwith of of communication. So there's more data,that's being tent back and forth, especially if you're talking about likeMulti Party compensation, type protocols and that's another set ofSichniqus that allows us to. You know solve some of these problems, but, likeI mean it's yeah straight off, all the way. E'll tank, for example, like thelightning network, is a great example of this Um. It's privacy, preservingMHM. What does that mean and what it means is that you're not publishingevery single interaction, your due on chain mm you're instead giving thatinformation to the Counter Party, the channel you have right, and so I guessit's, it's n. The privacy is just more fine graine to who you're sharing itwith right and then ye didn't trust that person to make sure that they'renot using it appro like they're, using it appropriately right and so how wesell this stuff or how we talk about it, especially if we build things on Popa,mighting, network and th that those things those type of situations thenpropagate to the next level. It's GOINGTA it's Goin, to make. Basically,each stack is going to be a very, very fine, vrain, specific set of like relationships that you apply to or or you're, okay with MHM,and maybe that's maybe that's how it ends up is that you know we keepbuilding different things for various types of communication, and then you choose what you're what you want tosubscribe to 'cause IFA Day, I can still use bedcoin mhm I just there justit just may be an associated cost with it instead of using something else that is correct, yeah and and part ofTha. For us, you know trying to make a distinction between Um. You knowprivacy and anonymity when it comes to...

...payment channels, because whiw, youknow the interaction. What you said is private. You know the ananymity isfofor the network I being able to e part of the network and not you know,have to trust the the N points that you're connected to n and having totrust them with your information nd. So everything Yo said is it's completelcorrect, and so I find that some people that I talk to that come from the you,no bitcoin and lightning is private enough. You know, don't see the valueofblt and- and so I trie to kind of at least explain. What's going on at th atthe lowest level in terns of the interaction within a channel and thepayments setter, I o n the channel Um to try to at least Um. You know clarifywhat privacy properties that we're talking about and where it's valuable,but I think you know there there is: u a way to have both coexisting in asense.That you'll have you know, um channels that don't have bolt d but not, but notnecessarily like interact with channels that do have bul. You C have to thingsthat was separately an options as options yeah, and so that would be theideal for us a in a way that's still kind of comparible interruptibleintoperable with Stin eeo man, the is there we have to wrap up from here. Arethere any questions that Um you wish? I would have asked you orthat you would like to have talked about that I didn't get around to. That is a great question. Actually Um, not really I mean I think you knowwith with the other potcast and then and this one I think, we've Um, youknow, we've talked about more things, tha. I didn'tget a chance to talk about inthe other Bont, clockcast, yeah, Um ourse, thanks for coming on and divinginto more things that I'm fascinated by. I, if I told my my wife the other daythat if for some reason, there's another massive Bullrunan, we couldcash out a bunch of money that gives me Ab allows me to sit somewhere and not care. I wouldjust go back to school and go to Phdin cropography, because all thes stuff isso fascinating and I just want to have. I don't want to have any responsibilityoutside of focus on this stuff to see how it works an where I can go, I'mexcited for a lot of the future. I just hope that we're able to do it in theway hat it's useful. I totally agree yeah. If I could do itagain as well, I would probably Um folks on economics, t's likethat, Iknow just another one yeah, that's going to be that's going to be a majorat somepoint right, you're, going to have like you, K, ow computer science,economics cryptography as like you'rcor, coarse load. WOC is going to besomething but because itseto be like the crypto currency, your block,chained, specialty, absolutely S. I just recently found out thatcrypto economics was o thing M. I mean I'v. I've been aware of that idea, butjust I was at a summer school Inviana t it's Aplug for the first internationalUm h summer, School for blocking and security privacy, and, and so there wasa session on just cript economics and understanding if ficient markets andand that just blew my mind in terms of you know how the the depth and thebreath of of what that means and arbitrage and all of the things thatthat that has been happening in this space for the last m several years. Alot of the same tradeoffs you think about in terms of like privacy andsecurity, when you think about like value flow and and and then risk andtrust on who gets the hold that value right right and the economics AF Securi,the big oint network, fors other other chains out. It's really really fascinating, butthat's one thing: I'm you get di dig in Somemore, Bi Wel. Where do people go toreach? You find out more and an contact, so Im Montwittr at Ja, underscore ackanyelling M. I basically have a blowall. The companyhas a blog on medium that you know we're going to be pushing ut, morecontent and our website is Bot labs dotech and you know where you can findinformation about. You know the TDEVISION and you know, links to aredesign document and you know updates that were we're looking to pushout inthe next few months also, and if they all like this episode to have theSubscribe Button share up with your friends, tell everybody play your doget Cetera, join a slack. You can have conversations with me and everyone elsewho talks about these things on the regular I'm always availablethere and here's a few and special bonuses there hahe only given ESSLAC,eon, Giv anywhere else, so a listening in o thinks to come on, showMexagancord.

In-Stream Audio Search

NEW

Search across all episodes within this podcast

Episodes (108)