 This special episode of the Bitcoin shows brought to you by MtGoxMTGox.com and Bit-Pay.com and mezzegrill.com and bitbrew.net.com And that is the number one technical lead for the Bitcoin conference and his name is Gavin Rayson. Today I'm going to be talking about the Bitcoin, the technical direction of the Bitcoin project and I'm going to start by telling you a little bit about the history, how did we get here and kind of the shortish term technical direction of what do I see as the priorities for the project. Feel free to interrupt me if I say something stupid or wrong and I hope that I'll have time for questions at the end. We'll see how we keep track of that. So as all of you probably know, I mean Bitcoin was invented by Satoshi Nakamoto. He said it took him two years to do the initial implementation after he had his fantastic brainstorm on how to actually solve the double spending problem. So if you work backwards that means he started doing Bitcoin in 2007. January of 2009 he released Bitcoin version 0.1 and started up the Bitcoin blockchain with the name is Genesis Block. It kind of bought the long, very few people knew about it. It was publicly announced on a photography man on this and I think one other place in January of 2009 but it had very little traction all the way through 2009. In November 2009 the very first multi-platform version of Bitcoin was released. It was Windows only to start so he started with this Windows client that he would run that did everything. In February of 2010 the RPC interface was released which really I think that was key for making Bitcoin take off because once you can talk to Bitcoin and not just run this, once you can start creating services that use Bitcoin on the web things like exchanges and things, interesting things can happen. So all the way through February of 2010, Bitcoins were worth nothing. Zero, zilch, bug cut. I'm on the next slide after this one. So in April of April 25th, BitcoinMarket.com was launched as the first Bitcoin exchange I believe. I think that might have actually been an earlier Bitcoin exchange but this was all before my time. In May 2010 a pizza was sold on the Bitcoin forums for 10,000 Bitcoins which was one of the very first Bitcoins for something physical, valuable transactions. And I first heard about Bitcoin from this article which came out in InfoWorld on May 24th, 2010 which was an article about seven interesting open source projects. I don't remember how I stumbled across the article, it was probably one of the many blogs I read linked to it. So about a month later I launched the Bitcoin faucet which probably all got a few, well depending on how early you were either five Bitcoins which is how many Bitcoins the faucet was getting ready to start or if you got them last night then one micro-Bitcoin, as I know the faucet is getting out today. So when I heard about that article in May and decided the faucet would be a great first project to kind of get my feet wet and playing with Bitcoins, I just kind of got sucked in and got more and more involved in the project, got involved in the Bitcoin forums in the community, started to submit patches to Satoshi who would then rip them apart and send them back to me and say no you did it wrong and then re-implement it. All the way through kind of December 2010 when Satoshi started to step backwards. He did it in an interesting way, he actually sent me an email and asked me if it would be okay if he could put my email address as one of the people to contact on the Bitcoin.org homepage. I said sure, yeah, no problem. He put my Bitcoin address there and so he did that and at the same time he took his email address away which I didn't expect to happen but I think it was kind of his way of saying kind of pushing me forward and the last email I got from Satoshi was in April 2011. So that kind of gives you a history of the project so far. So why me, why am I the lead developer of Bitcoin? Well Jeff pushed me. He kind of encouraged me. I think because I have a pretty thick skin so you can call me to do it and whatever. Because I know I'm not perfect so I tend not to rush into things rashly because I screw up quite regularly but I think my virtue is that I will listen to you if you tell me I'm screwing up. And also because nobody else frankly stepped forward and decided to say I'll be the guy who tries to hurt the cats. I should stress it's not because of any prior experience in either open source software or the financial world. My background is in kind of a serial entrepreneur doing a bunch of different startups. Although I did have a prior experience that actually reminds me a lot of Bitcoin and that side was kind of the chief architect of the virtual reality modeling language standard. Which never actually kind of went anywhere. But just dealing with a very diverse community and trying to get people to agree on kind of what the direction would go in that my general experience reminds me a lot of Bitcoin. So I guess I do have some similarity to prior experience. So in my view the priorities for core Bitcoin are first stability and then scalability. So just making sure the system keeps chugging away, processing transactions even though we're getting hundreds of thousands of new people joining, downloading a client, trying to connect to the network every month. That's my number one priority is just to try to keep it stable and keep it scaling up. The second is security. How about security? I mean both the security of the core system and kind of security for everybody's wallets is a second priority. The third is bugs, making sure that things are relatively bug free and down at the bottom of my list actually are usability and new features. Now why that? Well, stability first because it affects everybody. Who cares if your wallet is secure, if you can't spend the money in it, right? If the Bitcoin network just implodes, the whole thing grinds to a halt. So stability and kind of scalability has to be way to the top of the list. Security second because trust is crucial. We've had a lot of incidents in the last few months, really shaken trust for a lot of people. Core Bitcoin has remained trustworthy and I'm actually really pleased at that. I mean the core kind of payment system network has continued to chug along. I had lunch a couple of days ago with somebody who asked, well who runs the Bitcoin network? Because they're from the Visa credit card processing industry where there are fleets of people. And really it is quite amazing that we have this bottom-up network where there is nobody running the network. It's all of the miners, it's all of the merchants, it's all of the peaks all of the world are just coming together and cooperating and it works. Bugs at the third because buggy software is usually unstable and insecure. So bits and bugs is extremely high priority. It features in use for the last because easy to use but insecure software is a really bad idea. So I think part of what we've seen over the last few months is maybe people spending too much time on making their software easy to use and not enough time making sure that it's really secure in the back end. I get a lot of pressure to add features or make things more usable. When people ask me, don't you care about end users? I mean I do care about end users but I don't particularly care a lot about people who download the Bitcoin software and then run it and then complain that it looks ugly. Really because I believe that the desktop is dying. The whole model of downloading software onto your desktop computer and then running it is just over. I think it's all going to be mobile devices and websites. And so if you kind of track the things I've been working on, I've been concentrating on features that make it easier for merchants. I will be concentrating on features that make it possible to run Bitcoin on interesting devices and live in a secure, scalable way. Don't I care about miners? Well, really no. Quite frankly, I mean mining is a zero-sum game, right? So if we make it easier for more miners to start trying to generate Bitcoins, that really doesn't do a whole lot for the system. So unless it affects the stability or scalability of the system, I don't really spend a whole lot of time thinking about supporting mining pools or making it easier for individual miners to generate Bitcoins. It's not on my priority list. Closer? That is loud. So I want to go for where are we at? What's the status? The network is a little shaky right now. There were some problems we had scaling up. We filled up our IRC channel that was used to connect to each other. We've got a hack-in that kind of split people up into different IRC channels. Jeff did some great work on seeding by different mechanisms so people can connect to each other easily. So that's kind of solved the short-term problems. Finding other computers that are actually listening for Bitcoin connections, that's been a little bit of an issue. And we've done a couple things, enabling universal plug-and-play so people's ports on their routers are opened by default. You can't turn it off if you don't like that. But one critical need that I really hope somebody steps up to fill is kind of a network health monitor. So somebody who, you know, daily or weekly is looking at, is he and who nodding? Kind of voluntary, cool. But somebody who just keeps track of, you know, do we have islands of fears that are not connected? Is it taking a long time for transactions to travel from one part of the network to another? And all those other sorts of things that I really want somebody to take charge of figuring out how to measure and keeping track of it over time so that if bad things start happening, we can react to it figure out why. Core security so far has been really good. I mean, Satoshi did a fantastic job. There's been more scrutiny. I know Jacob Appelbaum of the TOR Project had a tweet a while ago where he said, expect to see a bunch of interesting news surrounding Bitcoin. That tweet was because he knew that there were a couple of really good security researchers who were going to take a hard look at Bitcoin. The good news is they didn't find anything. So there have been, that was actually contacted by a lot and popular a couple of features of the system. But so far so good. Thank you, Minsky. You did a talk at Black Hat where he talked about Bitcoin. He actually contacted me a little bit beforehand because he thought he might have found a vulnerability. It turned out, not so much. So, and he told me that was the eighth vulnerability he thought he had found. It turned out not to be a vulnerability because something in the Bitcoin code prevented it from being taken advantage of. So there have been no significant problems found. As far as we can tell, core Bitcoin is secure. I just jinxed my side of the phone. So what about Mt. Gox, my Bitcoin, viruses, Trojans, all of that stuff is, all of that stuff is not core Bitcoin. I mean there are a bunch of security issues kind of surrounding, you know, services that use Bitcoin. But as far as we know, the core is pretty secure. Now, I do have some, well, I'll get to my worries later, another slide on my worries. Bugs are my biggest headache. Quality assurance is my biggest headache. Right now I think there are something like 30 or 40 patches which are, you know, changes to code that people want to get into core Bitcoin. There's a huge bottleneck because I don't know if they've been tested properly. I don't know if they're secure. You know, if it's a really simple, like, fix a comment, kind of patch, no problem. I can read that code, pull it. If you're looking larger, you know, I really need a quality assurance manager who will take care of looking at the bug list, closing bugs when they get fixed, who will take care of looking at patches, pulling them, testing them, you know, sending feedback to developers saying, you know, I found these six bugs and your patch doesn't fly. If you know anybody who would be a good quality assurance person, somebody who's passionate about Bitcoin and who knows about quality assurance testing, talk to me. I think we can find money to hire that person, to be the person who, you know, is responsible for telling me, you know, here's a test plan. It's been tested. This patch is ready to go because quite frankly, I'm not the right person to do that, but we need somebody who will step up and do that. The other big thing that's happening is we're getting alternative Bitcoin implementations, right? So we started with Satoshi's code. That was the only thing that Bitcoin was. Other people are re-implementing Bitcoin in all sorts of different languages and all sorts of different platforms, which is a fantastic thing. I fully support that. We just need to have a good test plan to make sure that the alternative implementations don't screw things up. So usability and features for the very next release, 0.4 release, which will happen as soon as we fix the bugs in it, has wallet encryption so you can enter passphrase and the private keys in your wallet will be protected by that passphrase. So even somebody gets your wallet file unless they also get your passphrase, your Bitcoins will be secure. The next couple things that actually are on the short list because we already have code for them are importing and exporting private keys. This is the idea of, you know, I have some Bitcoins in this wallet here instead of sending them over the network to export the private keys and import them into some other wallet. People have been asking that for a long time and doing some usability stuff. So John Smith has a graphical user interface that uses a different toolkit and it's just much nicer. One of the problems we've been having is nobody likes the user interface toolkit which he chose. WXWidgets I don't know of anybody who scans up and says, yeah, that's the one we should be using. So after the 0.4 release, the plan is to move to this nicer, prettier Bitcoins. Yeah, I want to talk a little bit more about wallet encryption to make sure that people don't get their votes too far up. Like I said, it's a wallet with a passphrase and to spend the coins, you must enter a passphrase. So it's, you can look at your Bitcoin balance, have your Bitcoin running. You don't enter your passphrase until it's actually time to quote that send button. You can receive Bitcoins no problem. It's just the send side. It protects from dumb copy wallet trojans. It protects from backing up your wallet someplace unencrypted and having somebody find that backup because the wallet piece will always be encrypted on disk. And it protects also from kind of casual I left Bitcoin running on my desktop computer and a co-worker noticed and so he decided to run over and send himself my whole Bitcoin balance and then ran away. So it'll protect from that kind of casual theft. It will not protect from a trojan running on your computer because as soon as you type in your passphrase that trojan can see what keystrokes are typing and get your passphrase, get your wallet and compromise your Bitcoins. So it's theoretically impossible for kind of a computer to protect itself. You can't install some software on your computer that no matter how complicated you make it will prevent other software running on that same computer from stealing your Bitcoins or stealing your private keys. It just is not possible. And I'll talk about what is possible in a little bit. So top of my wish list is two device transaction verification. So if the private keys aren't stored on your computer, if they're stored on your computer and also on your cell phone or on your computer and also with a web wallet service then you can get secure a very secure wallet where a hacker would have to both hack into your computer and hack into your cell phone to steal your Bitcoins or hack into your computer and hack into your online wallet service provider. So that's very high on my list just from a security standpoint to enable not to happen. Dynamic transaction fees is another thing that's very high on my list. We've had a lot of complaints about transaction fees and we were kind of frankly we were taken by surprise by the huge run up in Bitcoin prices from under a dollar last year to over $30. And so the hard coded transaction fees that we have just were inappropriate, right? It was 0.1 of the Bitcoin, is that right? Excuse me, 0.011 BitPenny which turns out if Bitcoins are worth $30 a piece that's a fair chunk of change. That's so that could happen again. I think we all hope that Bitcoins will go from $10 to $1,000 but if it happens too quickly we're going to have exactly the same problem with transaction fees and that the current transaction fees we can have won't be right. So there's a bunch of design work that needs to be done we need to figure out how we create essentially a market between miners and clients that makes the transaction fees work themselves out to the right level so that, you know so me and the three other people who have access okay? Yeah, that's better. So me and the other people who have you know, the clients shouldn't be deciding what the transaction fees are what should be the market based. Another thing I'd really like to see is a semi-trusted kind of network backbone where, you know, the big miners and the big merchants connect directly to each other and exchange transactions and have more trust that the transactions they're exchanging are actually valid transactions and aren't somebody trying to hack into the network that somebody trying to perform some attack on them by controlling all of the nodes that they're connected to because one of the big things I might worry about is there are denial of service attacks of various kinds I said for Bitcoin to secure what is, but believe there are potential denial of service attacks where you know, you could target a particular node and maybe combine with a civil attack which is where you try to control all of the connections to that node you could you could really mess it up you could have it spend all of this time verifying both the transactions or you could have it spend all of this time doing other useless work just because you decided you didn't like where it was running that to go to Bitcoin nodes the third thing on my worry list actually is incentives for relaying transactions so, I mean, right now kind of everybody, you know, you take transactions in you send the transactions back out everybody's being good network citizens relaying all the transactions that they get but really, there's nothing in the system that says you have to so, if I wanted to, I could take transactions in and just drop them on the floor that happen to be convenient for me that would be bad for the network and as we get alternative implementations happening, I'm worried that maybe somebody will take a shortcut or maybe some miners will decide well, maybe it would be better for me if the other miners know about this transaction for myself and I won't tell anybody about it so, I think there's some work to be done to work out some either incentives or disincentives for relaying transactions to make sure the transactions make it to all across the network I think that can be done what am I actually personally working on? so, recently I've been working on cross-infinitation test suite so the idea is as we get new implementations of the bitcoin protocol, how do we know that they're behaving themselves and how do we know that they won't misbehave themselves if they get weird inputs or whatever so I've actually been working on a framework to test the different bitcoin implementations at a high level and of course I'll test the bitcoin we have now at a high level which will be a really good first step too if you have started up a new bitcoin mode and tried to download the blockchain it's a horrible experience it's terrible, it takes days or can take days so, I've also been working a little bit on a faster initial download so Satoshi had a design for you know, you can join the network and just download the block headers and it's much, much, much faster so, making the initial download faster is certainly high on the list on a meta level watching for more talented trustworthy people to help out so if you know anybody if you are talented and trustworthy start submitting patches let them know that you'd like to help pull patches because we do need more people in addition to that QA person who I really, really want and then just in general embrace and encourage responsible implementation diversity so, you know encourage experiments encourage, you know, different clients because I expect specialization I mean the Satoshi bitcoin client was this Windows executable that did everything they accepted transactions, it sent transactions they could create bitcoins it was, you know, everything in one package we should expect and we are seeing a lot more specialization so, we'll see specialized versions of bitcoin for mining pools, for big merchants for big e-wallet providers and even for end users I expect to see, you know, lots of diversity and the version of bitcoin that you're using on your cell phone or whatever and the general idea for core bitcoin is to make it smaller to move towards, you know a really well defined little bore that everybody can be confident that does everything correctly kind of a reference implementation that people build on top of so, we're taking small baby steps towards that it won't be perfect but I think we'll get there eventually so, that's kind of the state of the project at a pretty technical level feel free to send me an email tell me I'm an idiot, tell me I should care about miners whatever you like and let me just take like five minutes to answer any questions burning questions the question was, who is Satoshi? anybody? I really don't know well, he's not the author of bitcoin but another fellow by the same name is Sagan it's an old joke about who's Shakespeare Shakespeare's not the author of the works on the library called works of Shakespeare but another fellow by the same name is Satoshi Backout he said he was busy doing other projects the current QA system is random it is me pulling a patch trying to judge how much testing has been happening based on what other people are saying by email and for me to personally do some sanity tests to make sure this is actually work for me for example I am running an encrypted wallet on the bitcoin crossover right now which gives me some confidence to send out transactions it needs to get better and that's why where would you like to see bitcoin for 5 years in terms of its use within the economy and the real world how people who aren't into the tech people can use different source projects bitcoin in 5 years I hope in 5 years bitcoin is really boring that I am not getting called by reporters because bitcoin is old news and I talk to a reporter who was trying to do an article about wikipedia which was big news 5 years ago this idea of an encyclopedia that everybody is editing now his editor said wikipedia is boring I would like bitcoin to be at the same place where we all come to this conference and the world is still interested in it but everybody else, oh yeah bitcoin is that internet currency that just kind of works and is used in these 5 or 6 niches maybe to continue to grow and be stable that's what I would like to see in 5 years future of bitcoin is in standing alone by itself and has many types of currency or do you think it will grow potentially with your video currency that I have heard about and so I would like to find that out do I think bitcoin will be an immediate currency or a stand alone currency I don't know so you mentioned what Dan Kaminski said of black hat and he didn't find any like very flaws but he did kind of give a grim prediction for future scalability for bitcoin where he said he thought it was going to end up with these sort of mammoth, just sort of like banks who are supporting you what's your thoughts on that? well on one level if that happens that's okay with me as long as there's enough competition across the world and I think there will be I think it's hard to imagine that in a bank of America will we leave bitcoin process and some bank in the UK and some bank in Asia and some bank in Africa and I think we would still have a system better than the system we have today so on one level even if that comes true which I'm not sure it will I think that would be okay scalability is funny because it's one of those good problems to have if we really do have the problem of too many transactions for our own DSL line to handle cool, great that's a fantastic problem to have so I tend not to worry about problems that are really good to have randomized keyboard for the key logger problem and on screen randomized keyboard for the key logger problem do you ever play whack-a-mole? you whack down that guy and then the Trojans get your keys out of memory of the running process after you've done your typing or they hack the screen display routine so that it says you're sending 10 bitcoins to your grandma and really you're sending 10,000 bitcoins to some guy in Russia right and you don't know you've still entered your passphrase using whatever complicated name so you know I I try not to find whack-a-mole solutions because you just get on this path of always trying to fix the next hack so I think it really needs to be fixed at a more fundamental level which is why the idea of having your private keys stored on different devices than having verification on different devices is really the way to go are there any concepts from the Tor network that can be ported over to Bitcoin? are there any concepts from Tor that can be ported over to Bitcoin? well the whole anonymity thing would be an interesting research project so I would encourage experimentation with mixing of Bitcoin transactions and I'm sure people are going to be they're probably PhD students who write PhD pieces on the optimal mixing and architecture of anonymity networks involving Bitcoin transactions but again that theoretically interesting to me but practically there's so much higher priority that I don't really know you mentioned the problem of finding other nodes on the network through the IRC channel I'm just wondering if the Tor network has that problem solved I don't know the answer to that that's a good question I don't know how Tor nodes find each other does anybody know? I don't know we can look at that there are a few ways of bootstrapping and anything will work it doesn't really matter which one you choose I should probably stop here and let the next speaker speak Jeff Garzik is a a new technology into a BGA structure somebody here needs to work out a better way to do that a special thanks to our sponsors the first MtGox MTGOX.com you know them by now they are the largest exchange for Bitcoins the British pound, Australian dollars and Canadian dollar should be here any day now the Euro is now here with the BitOmat Acquisition MtGox mobile app is now on the Android market it allows you to take Bitcoins on the go and finally with the USB security device the UB key it protects your account even on compromised computers and brought to you by BitPay that's BIT DashPay they are the official merchant processor for the Bitcoin conference they allow you to accept payment in Bitcoin and receive US dollars instead super simple to integrate into your website we did it and finally they allow you to generate QR codes invoices and more just a full inclusive merchant solution for Bitcoin and Mezzy Grill where authentic Mediterranean food modern flavor they're now serving breakfast they're right here on 8th avenue at 55th street in New York City just a couple blocks south of Columbus circle they are the first brick and motor to accept and sell Bitcoins in New York City there are also worldwide franchising opportunities available and we did eat there for the conference and it was delicious and bitbrew.net all coffee orders are roasted in order to guarantee the freshest possible product they do have organic and fair trade coffees as well as rare and exotic high end varieties like the Jamaican blue mountain that's not a blend and Darwinian delight from the Galapagos island estate if you are in the Bitcoin conference the first few people were able to get free samples of Darwinian delight some decaf and other varieties that do have whole bean or ground ready to order now shipping internationally at a flat rate and everything is sold exclusively for Bitcoins using static pricing again that's bitbrew.net