Hashing It Out
Hashing It Out

Episode 99 · 9 months ago

Hashing It Out #99- Taylor Monahan

ABOUT THIS EPISODE

Welcome to hashing it out a podcast,for we talk to the tech, innovators behind Blockcan, intrastructure anddecentralized networks. We dive into the weeds foget at why and how peoplebuild this technology. The problems they face along the way come, listenand learn from the best in the business. You can join their ranks so kicking off our new subseries or something I'm doing so.Video content, where I take more of a personal approach Wen on ones withindividuals, not necessarily like diving into projects like we donormally do it. has you gat out but more like just talking to individualsand getting a sense of who they are where they come from, what Hiy careabout and yeah, so today, cater Monihan. Welcometo the show hello, hello, I'm sure we'll get into what you do atsome point but like to start off like I want to like. I think that, like the engagingquestion that I want to start off with is like what do you care about? Oh God, Aha, I think that's such a hard question.Well, I care about my daughter and my family and my well being like I'm aselfish person. I guess, but I guess like more broadly or like.What's my passion, ind life, I think it's a lot of like I want to do something meaningful. Iwant to help people do things that are meaningful to them like I, I don't necessarily have one thing that, like one like subject or topic, orsomething that I care about more than another, so long as whatever it is, is productive and meaningful and sort ofan overall capacity towards like the globalsituation or your selfish situation or whatever the situation may be. I asked a question because I think it'slike, I think what people care aboutmotivates what they end up doing with their time like where they spend theirattention and their time and their efforts and what they learn and, like I and it's interesting to maybe ask thejust abruptly. Ask that question to see like what is it that you care Habout,that's motivating like you to spend the time doing all this work that you'redoing yeah? No, it's IT's a very! It's a crazy question because it seemslike an should be an easy question like Oh, I care about all these things,but yeah when you ask it abruptly. I definitely am like well, I care about things I care about. Why am I doing this w? Let's Tak les,take you for an example right, like your, I would say: relitively well known, andthis ecosystem an a BLAKCHICO system or web three, whatever you want to call it for someone who cares about security,but it's security from the perspective of not screwing over users. Yei give them the right context to makethe right decisions for themselves and what you should be doing from adevelopers perspective to help facilitate that right right, because at the end of the day,like my passion and the reason I spend so much time doing, security, stuff andthinking about security stuff is not necessarily because I care that thingsare secure. It's because people came to...

...my product. People come to my product to accomplish something whether thats I used to be in wothousand and seventeen it was. They wanted to get rich. They wanted to getint Iyo, they wanted to do whatever it was, and then they would lose all theirmoney, and so it's sort of like the solution to that is security or one ofthe parts of the solutions, or that is security in Crypto. A lot of theproblems like they can't entirely be solved by better security, but it'susually an aspect of it. Almost all wayes yeah it certainly true. It's likeit's almost like a self preservation tactic of like I have to care about security, so I don't have to handle these supporttickets yeah. So I can like fill the productrather than answering jickets, and it's also interesting so from an individualsperspective like I want to get rich and now I'm for so. I can't use yourproduct right, like you're narrowing the market every time someone getswrecked, but then from like a company'sperspective as well, like companies have to be scure becausestodio companies have to especially be secure, and then these new defi quote unquotecompanies, you know where to security, and wheredoes the? I guess the responsibility of security lie with those right? Is it onthe easer? Is it on the larger community, because this thing isessentialized or is it on which traditionally called the company,but it's like the product or the the Dow or the anonymous Developr ontwitter or whatever? You know what I mean where ust the fall guy lie becauselike as as we keep, I don't know if we just continue alongthe lines of the original ideals, which is you don't offload responsibility andrisk to someone else as much as possible. Then the lines getreally blurred on who to blame when something goes wrong right. So I don'tknow if you know this, but my like guilty pleasure is like true crime.Plodo Guess, Oh no! I didn't I we may have talked about that. It's SOMWOT pet,like if I need to get out of Crypto and like I just need to put something on.That's like you know, whatever it's almost always like a true crime podcast,but there is a really interesting conversation where theywere talkingabout the reasons for like criminal punishment, in the context of course,of like gruesome murder. But I think it's really interesting to tie thatback into like what you're talking about with blame, because okay, sohere's the reasons you have the concept of like protecting societyright so, like you, have a rapist or a murderer on the street and you throwthem in prison because you want to protect society, you don't want otherpeople to be murdered. eraped then you have like the concept of likerehibilitation, which were not super keen on here in the United States, butin Europe they're much morekin on that, and then you have retribution which islike as humans like we desire things to befair and like. If you do something wrong, you should be punished for itlike it's just aving yeah, and it is right, it's throughout all time andhistory and culture like IFOR and I was how it used to be now. We considerourselves a Oll, but it really is like I don't know it's a core reason that wepunish people right and then you have very similar that youhave prostitution, which is like. If it's. If it's like a financial crime, thenthey can pay. It back I for an eye actually false sort of into this, and then was that five...

...baby sure sure anyways. So when we lookat that and then we talk about blaming people right like it's, I think in this space a lot of timeswe're like okay, we are evolved and we're Jos centralized and it's allindividuals and it's the individual's responsibility to do everything and if they get ragged or if they losetheir money or if they have their money stolen, is their problem. It's theirfault. It's there to blame. They shouldn't have aped into this sor. They shouldn't havedone this or they should have done security better or whatever, but like one were not evolved like we'restill humans and two: that's not how the world works. Likepeople aren't just individuals, they are individuals as part of a communityas part of a society as part of Ha larger world, and just like pretendingthat everything is only for the individual person and there first onlythe fult of the individual person like it doesn't work because it's neverworked. It's not in our nature, we're social beings. So I don't know when Ilook at crypt. I think that's one of the things that I fight against themost is is the blaming of the individual for getting wracked elike,you think about first off, like as we push responsibility and risk tothe edges like teindusers, by having the manage their own data,their own private keys, etc. There's a they're, not the ones who are buildingthe tooling thats, that's facilitating that right and how you built that andthe options you give them. He oftiens s you surface to them. How you, what you call those options, the security implications, whether ornot it does the thing you say it does like all of that is not on tem and has a severe impact in like Ian how they conduct themselves andwhat they're capable of doing and how they make decisions right and that's the that's one of mybiggest sort of like, I think, fundamental issues with crypto over theyears and like when I got burnt out. It's almost always because I see like the notion that it's like it's it's not me. It's the or I don't have a responsibility forthis, or I couldn't have done this or I couldn't have foreseen this or theyshouldn't have done that they shouldn't have risk their money. They shouldn'tlike no N, no, like it's, not a hundred percent on the creator, but it's alsonot a hundred percent on the user and, most importantly again, we aresocial beings, like we're individuals, part of the community, part of a largersociety like it's, not just the individual and it'snot just like the company or the Creator, but it's also the culture ofthe whole. That has a huge impact. So when you see these pervasive notions oflike not being secure like not having any, like, basically like rebelling againstUS security practices that are not that hard to implement, that has an impact on everything thatcomes from it, and so I think all in this case, like those three all share,blame and then there's obviously like other things as well, but all three ofthem shourd blame not one of them not to it. I'm, like all everyone can bebetter. What's an example of like the repelling your cospess practices? Oh just I mean like just like throwingsomething on maynet Bomo marketing it up. Like I mean the entirety by summer.Was this and you know there is an argument to be made, that it's valuableexperimentation, that therare warnings and that there was this and there wasthat and nobody expected it well. Well like yes, but also did you even do this on test napfor like a day right, like the you know, the yamsthing I thought it was, it was cool at the beginning, then it got huge and Iwas like oh no and then what like twelve hours in people are like. Ohthere's, this very basic math hare that...

...would have been caught with a I would say, running running on test tap for a week a day,sorry a day, just going through the process on something that doesn't haveo you. Does it work right because it wasn't. You know theissue with that. One wasn't necessarily that it was some complex thing that hadinteractions with other things and that this perfect edgecase scenarioisnatched up to create this situation like no, it's just the code yeah and then I mean it gets morecomplex because when things are relying on these things, so endi protocolnumber one is we blying on deepiperoe call number two. Ninety five Prodo callnumber. She was relying on number three but they're, relying on the prices fromthis guy over here you know, there's just there's a infinite number of lifepotential mashups and potential things like could go wrong. You can'tnecessarily foresee them. You can't necessarily foresee them exactly likethe the exact steps right and you certainly can't like detect it with awith a basic audit. Ealer yeah the tooling around how you handle composability, like that,like that the pretty term wel use for that concept is lacking and so like how you reasonabout Itic, for it's like Flash Lons, for instance, as an example, and how like the maker issue, happenedbecause of no like real spar contractolnerability, but because they made assumptions when they deployedcontracts based on rational actors of agiven value side.So like what a person who's using that much money would do or like whoever hasaccess to that kind of money would act a specific way and the concept of aFlashloan, which is a reasonable, like a very valid technical thing, blew thatassumption away and thus, like any security, asis implications that camefrom it and that's not something you really getfrom tooling. No, it's not- and I think, makeris actually a goodexample of their a complex system in themselvesand then they're, relying on all these external forces. And then all theseexternal forces are interacting with them and and their entire sort ofsecurity model or threat modeling can be disrupted by like Ollfe waunching. So I've found this I've been talkingwith E, a butdy of mine, Tue he's like askme kind of dephilosophical questionsabout what the point of Crypto is and when I try to explain it, a lot ofit tend sorts like experimetation and new economic models and like real, likecommunity building with value at Ha Foundation. It's notanlit's, not you know. Fake Internet points like most of the value flow of these networks is realand and substantial, and so teten sa like what came up from thoseconversations was the fact that it's very, very, very difficult to model and prepare for emergentphenomenon based on like elatively, like sistence, is really soally, simplethings, it's never its never been in, like thein tlike security Ondea. One has never said. Imagine your scenario where theattacker or the threat has unlimited money like that's not like it's in the same bucket as likeyou know, imagine your situation. If aliens came down from the sky, like you,don't throwh out model against that, because it's so ong likely and by the time that you are like, saya target of like a nation state or something which is was traditionallythe only actor that could have...

...quoneunco unlimited money. You would be in a different positionand you have to handle it, but, like I mean these defi things, yeah like allby lunches and that's suddenly, a real threat like aliens are now right. GoFix Yourself, go, go, reassess what you've done yeah from the ground up.Every assention you made is wrong. That's crazy, andit's just getting started right.It's like this is like, if any oflon say, is true or like. If any SI thistuff that we've done and pushed for and worked on over the past decade orso has real potential. Then these things arehere to stay, and it's just beginning right and I don't have like I don'tknow. I don't know what the answer is, but I feel like there's really smartpeople in the world that are not part of crypto that probably have insightsinto how to like Manag risk and really complex systems. It probably has to dowith like building resilient systems andadoptable systems, which the resilience runs up against the experimentation,like it's very hard to just throw money around an experimentwith things while also prioritizing being extremely resilient and then being adaptable or beingreactionary or being flexible or being able to like react very very quickly toa new threat. That often runs up with, like the courttenents of dissentralization and authority. So because t e, it's Alr, because theeasiest way to like adapt something is to have someone press a button and ifit, the things completely disentualize right- and this is what we saw withWhith. The AM situation as well was like it very quickly turned into like a social coordinationgame. Where you know, everyone myself included, were being reached out to go down the list of influencers and seeif they can signal goose this, so that peepe lot got racked. That's a that's,a fundamental consequence of what happens when you distribite power and so like, and that's not necessarilybad. It's just something you have to take into account, and if is thatsomething you want to be a part of your system and like what's more importantand I don't think those Af. Those like risk assessments ever happen. s like like. Oh this happens now. Whatis the? What is the like plan, the scenario of actually fixing this thingand what is the obblect? How does that change as we distributepower across things and so right and we started going out, need to start itlike. I mean your your spot on right, likenobody's thinking about this. It's not that we haven't perfected. The balanceright like we haven't even addrussed it at all part of that my opinion, which is a Quam that I'vehad so far, is a lack of like monitoring an yeah yoall. Do a good job of this atmy crypto, but like there's the the amount of effort and money anddevelopent work that goes into watching value after its bitaccumulated his miniscule and compared to the amount of work that goes intotrying to build the things that Ar cruwvalue yes, and so, like all this work, if you look at all thelike prep stuff for had a STLC like securior softwaredevelopment, like lifecycle, stuff right, what eve the health called is like, how do you prepare tests andso on and so forth to deploy and the none of that they just stops? And it'slike so a I a know. How do you watch to make sure the thing you deployed isdoing what you think it does because like because you have limited power inyour ability to stop things. The time in which you know an something's goingon is crucial, but we're not looking at no you're. Just like hoping hat,someone will notice...

...yeah. So we wecrippled ourselves in ourability to stop things, and then we d haven't done that other oother part ofthat which is like figure rout it's happening before itgets too late. Yeah I mean this was most evident and Ibecause I was so close to the situation, but the parody multisig where so theyhacked one of them. I can't remember it's the third one that I don'tremember, the name of always the casino one or whatever the hacker got thosefunds and then like eight hours later or something they did eternity and thenswarm city and then hours after that storm city happened tosee the balance of their account was zero. how Ar to like? How does twelve hourspass in your entire treasury? Like a d? Nobody, nobody noticed,except for the hacker. What's one of those situations where, like you, don'tyou assume, secure and then based on how often you usethose funds an like the more Li Itin, a lot of itstances a lot of those typesof funds weren't supposed to be used? That often- and so you don't you, don'tpeople don't monitor them or look at what's happening on the block chain, aspeople try to do stuff exactly the one th. The problem with that argument isthat these were all ICO funs. So in theory the investor should have noticedbefore I mean the Tam Hould have noticed first,but if the team didn't notice, you would think that the investors whoinvested into this company would notice, because that's their money and like oneof the hugest issues in this space besides, a lack of security, is also alack of diligence and so a lot of these seams. You just run off with the money like exis sfamming is Hugei, it's aproblem, and so that was like. Also like thewhole other thing I don't like, so it turns out that these seemsweren't malicious, but nobody would have oticed if they were yeah. I don't like don't don't be soquick to assume or like assign something with a maliciousnessif it can be attributed to ignorance like or really you know so that I meanthat Adand by the way. The most remarkablething about that situation was the fact that then a group of people got on a scype callhack, the rest of the multisigs and then return the money before. I think there might have been like amaybe one, black hat, that got like some little ones or something but the white hat group and then also atleast one other White Hathacker, who is now part of the White Hut, crew, draind,all the rest of the multisags and then return the money like. So it's especially hard- and we see thisINDEFITO- that that we're not punished for the stupid shit that we do well Si.Well, you have to watch the contract. U Don't notice the Moneyi's missing then,when the money's miss everyone scrambles around and then somehow, likegenerally speaking in the broad scope of things, everything ends up. Okay,you can't be too mad because, like okay, let's Lik of it,this way like maybe this gives maybe a bit of perspective on why that is, isbecause, like it's Greenfield for potentials on what you can build andnew things, you can do in the sece system, because it's so young andeveryone's excited and focus on the cool thing that they coul. Do that noone's done instead of actively looking at the things thatwe've done and making sure it works, and I think that there's like as anebalance right there, that the pool of things you can do to potentially likereally innovate, something or dot so thing Thi at as that's a that's asubstantial value or...

...altar. The current the currentfinancial system in such a way where, like the power gap, is less in a lot oflike the original ideals of Crypto is so large in comparison to like, let'smixture, we did it. Okay for the things of JE, there's like people who have like decades of experience securingcomplex systems right like what do they, let's learn from them and we're like?No, that's the old system well to be fair, trying to trying to be fairer. We've only now. Only now, maybe justgot to the point where, like we've reached Thi threshold of legitimacy,wor people who have those skills are willing to spend time contributing orlike right, yeah Fuccess, that's! No! It is true, and- and I don't know theone question that I've asked myself again in Ta Guin is like how doesKrypto or how does defi specifically, but even you know, going back to theparody hack would fall into this like. How do we keep getting so lucky? Where arethese really potentially detrimental things like somehow it's like we just like, instead of just getting completelywrapped, we just like skirt around it br I don't thake hack for DFI. Theamount loss is miniscule, so they meunt stolen, which is minescule contered totheg mout. That should have been lost or solen. That's insane. Maybe wo still got a pretty good balance ofgood people. To assholes I mean that's. The only thing I've comeup with is that is that, at the end of the day, even especially it's if I right- even thehackers or in this ecosystem enough to like notwant to fully destroy it like they want money, but they don't want to likeactually screw up. LHAT's kind of a point right is to build systems where,like it's within your best interest, tocontribute in a good way to the community than C I try and break it, and we try to limit t e the emergentpooling of large plarge pools of value, so that, like there aren't these reallyreally awesome targets to steal money from we try and it's that you're alwaysgoing to do it some somestince son extent, and and- and I think that, if we do that,then we end up creating this community of developers and people who do things where that's that thit's always goingto be the case. We're always going to have more good people than bad people because, like this is why this issomething that I was recely talking with. I forgot someone else about andthen is like there's always that argument right:We're not because boobork it status. We do privacy like it said so, people likewhat do you, what, if like people, use your tool for something bad and you can't do anthing about it right,yeah people always say like well. Dick coin is bad because people buy drugswith it and you can't do anything about it and so, like and my argument to this-and this is the best one that I've go up with so far is whenever someone creates a tool thatcan be used for good and evil. Yo know bad and good bike by communitystandards, lkeit's going to be done always likesomeone's going to use it for whatever possibly way they can, if it benefitswhat they're trying to do, regardless of they're, good or evil person bywhatever metrics Nou Jus have for good and evil. I think it's important that the peoplewho build these systems and these tools are doing it from the most ethicalplaces possible, because in the indiaviduality thatsomething bad happens, those people exist that can help mitigate the issueas best as possible. Ot Ereas, if you look at the other wayaround, if, like you choose not to build it, because bad people can use it,...

...there's andividuality that bad peoplewill build it and those good people who understand the system. Aren't thereright, yes and there's also like the so. If you build something and it doesgood for the world and then it gets like, let's say coopted for people at least there was good that came fromit. If you assume that the other potential outcome is that someoneewill builds it and it's ony is for evil right like option. One is: is fromthat persective objectively, better, because something could right. You hadin both iyotions, you have people but Thi's. When you have some Good Tho andyou've, like maybe a fighting chance, you have people who can make it lessevil. For example, right, like the people leading the people leading theLIK, a fear of understanding like, if you think about, like all the peoplewho understand the technology and its ipplications, there's a larger portion of people whowant to use it for good if they're, the ones that created it, which means that,in the event, inthividuality F that something bad happens, there's a largerpool of people that have any intuition about what todo about it or any like care right like because the facto was truly only usedfor evil or even like for drug dealing. Then I probably woauldnt't, be hereright, an D iaouing about anything, and I wouldn't be. You know what I mean Ye.There's there's someone like you here to shout about it and right, and sowhen people ask Mo that question because, with like the within Tha Concept of privacy, I say no,you can't get that information anymore, but you can't do these things yeah likebecause of this. This and this you could. This is where your new FOCspeaks to be because te traditional ways of doing things aren't going towork anymore. So stop wasting resources on it. This is where you need to belooking and yeah, and those types of conversations have to behave to be had because, and does people need to exist, to beable to like an inform those who would like to stop bad whatever the Holl? That means yeah, andI think that the biggest problem, with almost all of the sort of the thingsthat get coopted for evil, though its the fact that the builders often have not even considered the fact thatit could be right like there is this huge, huge ignorance about the fact that what both about the fact that they couldbuild something and and something could go wrong andtherefor bad things like their their thing, could impact people negatively,but also that the technology that the whatevercould be used by someone bad for a bad reason. Youdon't think Youe Hick about that, I mean so. Have you read line Fuck Chrisopher Wily's, theCambridge Analydica Wistle, lower sory? Okay. He has this quote in there wherehe goes. He ise basically like the originalatack and like the Dona lining, was being used God. What was it to be being used to understand like voting demographics andemerging economies and like small islands, and these very like very tinylittle things, but they were very quickly like able todetermine the likelihood that's along would vote, for example, and thislittle tiny like sample size, and then they just like scaled it up hugly tomanipulate the entire world, but he has this quotein there where he goes like yeah. I...

...just never realized that what we wouldwe were doing like if we could do this here, that someone else could do it against what we believed in, and I waslike. How did you not know that, like you're from the US, you have Democratsand Repubblians like today, you're on this side, you're building it for thisteam? Of course, the other team can do the exact same thing to you, but also how do you sit there and saythat that what you you are doing is right and then say that they're, whatthey're doing is wrong like you, you can't have it both ways Yodon't have to Answr or that yeah,like a is no like the question of like what does this look like in the in thepotential that this is successful. Hik kind ofs this scale and what does itmeans like from a socieal standpoint, is never asked rig or if it's asked it's thappen.I have I su late yeah and it's just never. It's just never yeah. It's like it'sjust, never considered. So that's what so very early on someone someone asked me like, but if I M, if I'm monitoring like thebalance in my address and all my funds get Sol and like Oh, my funs got so,and so why does it matter, and I was like Okay Tat's an argument right yeah. I guess then, don't monitor youraccount doces like don't get a notification for your account. Ol Oanswer o that question is set. Your account set your accounts upas such a way where they can't just be stolen. Without things happening thatyou can see, it was like. I was just such aperplexing way of looking at it right right, yeah, it's like it's like.What's the point, the kids lay I'm like S, I mean, what's the point ofreading a book, Wath Sompin on like thinking with your pra like knowledge,a and information, and it influences everything like you, cant, Not KnowRight, yeah, it's a it's such a strange thing: Liuay Lik! If you don't have the informationyou can't you can't like tecisions, bret or you're, making I'm like you'relike if you don't know that your balance is zero and then you make in adecision based on the fact that you have a hundred million dollars only tolearn that you don't like you've made a very bad decision hm well. I guess the decision may not bebad, but your decision making processes shit because you cu informator and thenyou will oly ignore it. Well, that's that's like. I think this is somethingthat I'm one of the read one of the reasons why I like I, this the Secosystem is that it's forcing people to start thinking about risk. It had a had to manage it,whereas, like previously, like, I said a few times like t the tendency andtraditional infrastructure and finances to offload responsibility, O rich tosomebody else so like you, don't need to moder something because someone elseis doing it and you assume that they're doing it in a way where they they can.They can manage things in case something bad happens and then now because they well, I itdoesn't matter because wer theyre, like the individual, isn't thinking about it. Yeah yeah, I mean that's, that's Ithink most of the problems in this pace. In terms of users. I think you can put them like almost ahundred percent in in the category of like just complete, not ignorance in a badway, but just like complete and utter ignorance, right and Wen someti Telwere taught yeah because your entire life, you put your money in a bank andeverything's fine and your parents did your cramparented and your bloss andyour coworkers, like you watch that, but also, like I mean even down to likegemail span, filtering everything like...

...people don't even like. If you don't see spam, you can'tyou can't become resiliant against it. You don't like build up the skillthelike question, what you're reading and be like? Oh, that might not be true right and that's why I like. I think I honestly think that, like lessgrandmothers fell for ICO or like general like today, I guess but noticos, but there's just like a different flavor. I gengenuinely. I think that,lest grandmother fell for those than like Jenzes and millennials, because Idon't think a Gen Z has ever seen like a true like scam span email, becauseit's just auto filtered out of their life, that's possible and and what'simportant, is that that skill needs to be cultivated because, as you as you have this increasingtrend of moving risk and responsibility to the end user, as opposed to likecentralize powers having it over them, they're forced to have to understandhow to mitigate it an an mad decisions with the rightassumptions. Yeah you need to you need to be thinking about this a little bitand granted. It's t e developers,responsibility and part to try and provide them with the right tools thatmake those assumptions and make those decisions and enact accordingly, butlike it's, in my opinion, better for society.If people are spending more time, thinking about where their value lies in their lifeand how it's accessed and or like in, if you think about it, fommy financial investment terms. What is my money doing for me right, which is, is something likefinancial education. You get from traitional finance Relat until you'relike KTHAT's, not a poor person's mentality, yeahit's. Never it's yeah! That's Imean that's probably one of the number one reasons for for the gap, justgrowing, larger and larger, because it's not just that you have thisfinancial gap. You also have like I mean it's everything. It's yourexperience. It's your ability to question I's your is it's like the entitlement that comeswith that you Yeou to build those skills over time and Youd need that thethings that you do in your day today, life have to kind of reinforce youneeding to make those decisions right and that's. Why Wen like a like asomeone who, like a VC or like a long time, investor who, like you know, wasa kind of normal person and then they somehow got an ammes access tofinancial knowledge and also money, usually other people's money. Wheneverthey say things like like nobody wants to manage their ownmoney or nobody can manage their own money. I don't even manage my own money. I letso and so manage it right. Like I invested with so- and so I put it inthis fun- I'm like right, but you're, you're still making that decisionresponsibly, because you have the knowledge and experience to be able tomake that decision where, if you say that nobody can and nobody wants to, they will never have that skill.They'll. Never have that experience. You have that experience. Now you madethat decision. I'm not saying that, like holding your like everyone musthold their private key because that's the best decision for them. I'm sayingthat, like we have to create a system that where each person decides howthey're going to hold their money or who's going to hold their money forthem that has to be made like they have to have all theinformation to be able to make that decision soundly right. It's like, ifyou didn't know your account balance as empty and then you made like a decision.Thank you hand. I Col, you know like you, it's not necessarily that you madethe wrong decision. Is that you,...

...your decision making process was Wad.Weer o never had the opportunity to make it right and that's the thing isthat we're not sending people up for success to like to level up. I guess right, likehow does someone today who gets INTA CRYPTO? How do they level up right because,like when I got into crypto in whatever the T, thusnd and eleven thsandy?Twelve sorry, not two thoandyaeven, two thousand and thirteen that runup right? When I got in a tripto like I don'tknow it was there was the culture and and what people talkedabout what people cared about like it was, so it was everything right, Loike, theprivacy, the little the the Crypto, Libertarianand archism. Like you know what I mean, and then it was the main that was themain stay of why People Li for the majority F, the people who got into it.That was why I got into it. There was a vehicle for expressing those thosethings right, but I got into it because I heard about this big quein thing froma smart person and also the money thing. You know what I mean, but then I turnedinto not turn into but like then my views were shaped by the community andbuy that culture, and then I levelled up, but I thinkeveryone did right like even if you were already say like an anarchist, Ithink your views evolved and, like you know, ige more Neu, wance, just fogavto get more newance yeah, but today, like I'm, not sure thatwe're doing anything to help that evolutionin any sense right like not necessarily like. Oh, we need. We need to instill the crypto anarchismin the nubes like no, no, like anything, you know like whether it has to do withsecurity, whether has to do with like the General Culture or privacy or selfreliance or whatever. Like I don't know, it's just. I feel like people just don't talkabout it as much like maybe EAN. I try to you. Try to yeah EAH You'e been scrimer for the mountaintops for years now, but part of that, maybe due to tefact that you can't really doanything on a therium right now or like where a lot of these projects areoutside. Of I e Defi, and so like the attentionbased on transactional volume is on things that don't tend to look at thisstuff because threthey're, like things are happening so fast people aremaking so much money that they don't care because they need to focus onsomething else, and you have a limited somethingt attention span now. That'sthat's not sustainable, but it's how it seems to be yeah and thatand if there was a larger, thriving ecosystem that wasn't basicallysheltered out by the fees. If te fee structure which is risen, becausethat's all you can do in the CEDRO system Ik, that's the only economical thing todo right now, at least of a tinetherium yeah the stuff that would normally pushthat there at ever. Try to experiment with that type of stuff has to kind ofo elsewhere yeah or if there was nothing going on, thenwe could talk about our politics and personal beliefs, ind religious beliefs,whatever you want to call them the anarchism right, an there's, nothing todo. We coul talk about that all day, but when Theie'r stuff to do yeah,there's when they'r stuff to do, but it's alimited it's limited to these really. I don't even know how toexplain like what you have to have to get to be profitable and defy. Besides,like a pile of money and a pileof marage, I I don't know its ManorDapsire. I honestly I don't yeah, I don't know you have to have a crop lot of money,be making money ndfy right now with...

...these really right. I don't know, Idon't know. Ibe like the Teviccin podcast elect dos. It seems to do apretty good job in the defi channel of like doing good things and makingreasonable profits whath the stuff they're doing so. That's that's theother question I had was you see people supposedly making money, but are theymaking money thats? Where that's nat, where myattention is? It seems as though, because they're all happy and thet okay,so my friend Mark said we were talking about a similarthing. He said it's like the casino where you walkinto the casino with two thosand dollars and then you spend all nightthere and you get drunkand of a blast, and then you walk out of the casinowith like five hundred dollars. Thinking that you won five hundredolars just I have e okay, that's not what Idon't think that'swhat's happening like I, I've catched out a few times likejust Fino you cash out on your long term, Holdin yeah. Definitely but likeI know other people who have cashed out on defi stuf yeah. That's what I'mwondering I guess like for the dyself like. If they I don't even know, because if you like, take your thing tostake your thing and then you get another thing over here, because youstaked it here because all these need. I don't understand it all. The new GFIprotocols they'll do like a airdrop based on your activity on other DFIprotogols right thanks you to womp Jordas, like you t, go check yourbadgers and I'm like what and then I literally like type in whatever word dot finance and like it'san actual thing and it like connects O my Meno ass and says. If I eveerwords,I don't just like Wa of Badger folks in the in Te Dic Cen podcast, like I don't understand it neither on, butall I know is that it seems like you're making money,because whatever you did to get that initial alotment of dodgers is so farremoved from the badgers right. There's truck I'm going to have somefolks on the Dicwin podcast talk about that because I don't know- and I need to askthose questions- ask them if they have actually like see, and this is thing I don't thinkthat there's if you were to ask them, how do youknow that you've like made money like when you you know when you say that you're likeup on dodgers or whatever? How do you know that you make money? They're goingto say: Well, I didn't have dodgers, and then I had dodgers and then I soldthe bauters four thosand dollar. So I have a thousand dollars, but they didn't just like all cut holes,Antot argument all day, long yeah, because you had to claim the badgersyou to do something to even get an a lot man o badgers. It cost you gas toclaim them and then youre to like steak them and then you to unsteak them. Well, let's per this way, basied onwhat you just said, because I'm pretty ignorant about it. Regular people aren going to do this so its moving in a direction that Idon't really care about. Yeyeah I mean I can't keep up with it, but I don'tcare to keep up with it, like I'm, not bothered by the fact that I can't keepup with it once a week. I got on a call with my whole team and I ask themwhat's going on and they try to explain something to me and I feel like the'll,be part in the room and tey're like Kayer, just go to bodeur NOP piniims. You know, and I'm like what is this okay? Should it just tell me that mything? Oh there's a claim, let me click the button and then I click it and likemetamas lags out and then the new eyes different than the metamask and the MItransactiolly won't get mine, and I'm just like how bell are you guys doingthis and how anyone that that could...

...benefit from this doing? Yeah, here'sso lat! That's it's! Maybe it's good as an experimentation of like playing withthe stuff, so that eventually, the the friction that exists now gets keeworkedout so that doing interesting. Financial things is available to peoplewho want to do it later on now the line but like when, I think about sorry ifwe learn how to learn Omar P that'. What so this is where I was going toGECO was GOINNA, go for it like, like you, have to kind of wrap up, because Iknow you have meetin coming up. Okay, something that you've experiencedfirst hand. Is We've created a technology that givespotentially gives people value or a lot more control over their value and then, as you watch them fumble with the with the interaction,the user experience of doing this thing, and then we watch it kind of blow up invalue. We see a tremendous amount of opportunities for people to come in andtake advantage of those of those both those frictions by like trying to trick the user through a lot of traditional methodslike fishing Okat, like every single step,introduces points in which people can come in to trick the user to best stial theirmoney, yeah or I music could just screw up or in my case like if I and I feel like for the first time,maybe I'm sort of more of a user perspective with the DFI stuff. I don'tunderstand badgers, but someone told me to like go check this thing and when Iwas having that conversation, it seemed riskless right because, like you'rejust claiming them, you can't nothing can go wrong right, like you're, notdoing anything, you're, not making a bat you're, not betting, that thebaddger price is going to go up like all you're doing is just cleaming. Thisthing that they give you for something that you did in the past, but that president of just doingwhatever they tell me and not questioning it and not and and trulybelieving like. Oh nothing, there's no risk here, because I already don't havemy badgers and if I don't cave my badgers in thefuture, I'm still at like the same state or Hia Bagger. So that's anupstate, but there's no like down state. But when you start establishing that, Idon't know when that becomes the norm, even with quote unquote legitimateprojects, it's so much easier for malicious people to sort of like dothes same thing and like push people in that same pattern, except now that thep now people do have like a negative, a dalancy right like they're, taking anaction they think is riskless because everything else that respect peopletold them to do as riskless. Oh, but now it's not! You know yeah, there's abrisk or now now I'm just going through the floor. Idon't really understand Asso, I'm clicking the Buttond, I click thebutton and then I send all my money to the to the hacker oops you know, and so,like the patterns, the patterns that were setting the like,like the auto pilot type things that we just do the culture the questioning like. Ithink those are the areas that are that are so complicated and so nuanced, but could have a huge one. If we, if weactually address the issues and like become aware of them, it could have a huge positive effect onthe community, and I don't think we even realize thenegative effect that it's happened. That thatit's happening right in thesame way that like like, when we launched me in the earlydays and like put private keys on the web like at no point was I, like Ohyeah and thit's, going to blow up into...

...a huge product and we're going to setthis horrible concident of people couping and Pacesintheir private keys in or website. Nothing could go wrong, like I literally didn't think thatwhatsoever, but that's what we did and then thefishers get along we're like Yey, just hoping pease your play e Cunit thiswebsite to keep your ir drop and then people just did it yeah yeah and it's aSusin like Buthis Poli, also built something that was that was that wasneeded at the time and good right. You did it, you did it quicklyand maybe you did it based on, like ignorance of these security best bit,you've learned a lot about security along the way from those thakes thatyou mad yeah, because I lik jet by the way I wa Jut, thought the reason youdot use a weblaw. It was at the lebwallet creators would take yourmoney and since, like I was the Webballaccerder I was like well yeah. I can't take my money and, like Ican't take my best friend's money. You know what I mean like at that in theearly days it was just like basically was me and Cosla mark was esin it and then, like we posted on bread. Itand, I think Iot like out half dozen UPBOWS. Are you, sir, like it was just? It was so it was so smalland again that's why I say I don't think product creators in Youre an longterm because, like I wasn't thinking about it right, eahit's interesting because,like that's not something that you would, I would think you would get atraditional security background like because value wasn't so quickly. Access digitally yeah the implications of doing things likethat weren't, nearly as bad and so like Ti, like general breast practices, n, theintuition that kind of stims off of those general bestpractice. The community did't exist for that type of thing, because it was lesslikely that you put something on a web wallet or on a Webon a webap and all your money's gone right and that's. The thing is that the auditors said so like the first, not the firstauditors, but like the first security people that we talked to everyone told us like. No, you needed,like private keys, can't be on the web, but that was like by the way this likemay two thousand and seventeen like. We already knew that, but I waresurprised that of like the various security people who talked to they allsaid it, but only the auditors that we actually went with cure. Fifty threeactually gave the real reason. All the rest just said: Yeah it's aprivate key. You can't put that in a website, because that's a secret, youknow what I mean like it's just it's a secret and it's you shouldn't do that, likethey just like somehow fundamentally like we're, like that's sad, but theydidn't necessarily understand that one, its controling it semmensive value that you couldn't rotate the keys right like if ihad called it something besides aprivate key. I don't know that they would have necessarily recommendit against it. Yeah. Yes, yeah! That's really! I don't know that'sreally interesting, but it's also terrifying, and I still think that the the real damage was not like it had such trickle own. A facts.Ri like the fishing sites were bad fishing ice got a lot of money, but Ithink also like every airdrop site that commence people to just like mindlesslypace. Their private g like that was bad. I think all theother sites that then like Supportedr private keys on the web, Ta, then Exan,scammed or hacked or like had some boll like those losses,are also like a tirkle down.

We got a lot of more lessons to learn,but I think we've come somewhere from the start like and and there's you know:murbering o security communities with the VECA system, trying to build andbuild, like General General Best Practices that are differentiated fromTraditional Security, and so I hope that over time we canbuild those things and not yeah screw people over. So much were like give them the technology thatgives them the portential destru himselv so easily yeah. I think the biggest thing I meanI think, like we can do best practices all day. I think that will make a majorimpact because we're not doing it right now I idealy thoug. I think the bestthing would be if, like all, the builders were just generally like more like more questioning or more scepticalor more aware or like seeking out the unhappy paths right because, like wefocus so much on like we're going to build this Stann Embero's going to useit and we're going to Thaink the DIK Trad and we're all Gona be rictoyet andlike nobody's like, oh, but if this goes wrong, you know or like watching,what's happening in front otheir face right, because if I had it, if I had it, if I just ignored everysupport box question or if I just vicim blamed and like well, they shouldn'thave entered their key on a fullon fishing site. Then I wouldn't havelearned any of this. I would have just like it wouldn't have come into me. Iwould just like shoved it out and I'd be the same person. I was four yearsago, so I don't know, that's like the the seeking out of likeinformation and realizing that, like nothing that we're building. No nodecision we made four years ago, like you, should probably be unhappy withmost of this decision that you made four years ago, because you should be afastly, smarter person today, all right. So if you don't hit yourselfyour four year old for years in the past cell you're doing something wrong,biuse that that the that's a lestdifference of it yeah. I mean right, there's things that, like I read tweetsthat I wrote like six months ago, where I'm like you ignorant little child Yan.I also read stuff that I rode a long time ago and I'm like fuck yea man,good job yeah, there's thereis yeah! Oh, if you haven't reread it in a while myfuture, the future of a theorum doesn't have wallets article from like twsandeighteen. I think I just rerud it randomly it's so good, not totio. Iwill try and remember to add it to the description for those who would like toread it, but it's good, because I was igterant good desclimer, all right Taylor. You want to shout out or say anythingbefore you leave just think more, just like seek outknowledge, more seek out information, more question like just ask yourselflike what could go wrong. That's all and then follow us on twitter at mycrypto and then we're actually like launching a product right now, it's inslow roll out mode. So if you haven't been using Bata Dot Micrypcom so far,you feill be ordared hours, crrtulationsbut, it's super cool and I hope I hope everyone likes it. I loveit changes hard, though, so we are expecting the normal that lush. Well, congratulations and thanks forcoming up yeah thanks for having me.

In-Stream Audio Search

NEW

Search across all episodes within this podcast

Episodes (109)