 Welcome to the Bitcoin show episode 9000 or how many episodes is it I forget I have lost track There are so many shows this week this month. It's it's internet time. We're working at internet speed and You know I'm Bruce Wagner and I'm Ed Gal and today with us. We have Stefan Thomas live from Switzerland Are you skiing in the mountains right now or are you where do you live? No right now? I'm on your show, but you know I could go swimming in the lake after See that's the answer of a true technical person. He's gonna give you a technical answer He's not actually skiing at this moment. Although you could be you could be if you're good 4g up there 5g so Stefan is creator of we use coins calm Which is probably the most popular video on the internet about what is a Bitcoin right and? We wanted to get you on because I know that that's how people will know of you But you're involved in so many aspects of Bitcoin Let's start with this how well wait let's start with this because I need to thank our sponsors Who make this show possible right? We really really appreciate them We love you all and we love our sponsors And if you like the show, please call up our sponsors and thank them for supporting us Carpe Vium Video marketing sees your market say it with video Carpe Vium does web video marketing. They are professionals They'll have you write the script and make you look great and they'll create a video specifically for your website to sell what you're selling and make you look like a pro and Mezzy grill authentic Mediterranean food meets modern flavor at Mezzy grill M E Z E Grill calm that's our buddy Marwan the best food we met him because we love the food That's how we met the owner and that's how he became a sponsor And that's how he became the first restaurant in the world that we know of that accepts Bitcoin and why he's been interviewed by routers and Al Jazeera English and everybody because He accepts Bitcoin and so on Mezzy Grill support them thank them for supporting us and tradehill.com of course trade hill.com or the the new exchange site online where you can buy and sell Bitcoins instantly in a flash and super super easy with so many options to get money in and out of it Trade hill.com you'll get 10% off of the fees their fees which are actually very very small anyway and smaller than the competition But you get 10% more off of that for life if you use the referral code for the Bitcoin show which is Stands for trade Hill referral TH-R 141 and that's on your screen TH-R 141 we thank trade Hill for sponsoring us and US Gold coins US gold US Gold coins comm is the company founded by Andy Gauss Who is the host of the real world of money? You'll see a Wednesday mornings at 10 a.m. Eastern Time starting real soon now He's already got like millions and millions of listeners and his radio show and he's moving it over to only one TV and Creating a TV show, but we know Andy because he is an awesome awesome trusted advisor for excellent investments in rare US silver and gold coins So if you want to diversify you don't want to hold all your your you know Coins in one basket and so to speak Not just bitcoins if you want to buy gold and silver coins he's the man he really truly is the world-renowned expert in my opinion and We wouldn't have anyone who isn't who we don't absolutely believe in So us gold coins.com. Thank you guys for sponsoring us. All right. So back to Stefan Sorry for that blatant commercial It's great that you have so many sponsors. It means that the show is healthy and doing well and I'm a big fan myself I signed up with your referral code as well as that. Oh, thank you. Thank you, Stefan You know, it was so appreciate everybody in the bitcoin community and you're right about that We have you know, we launched this network. We had three sponsors, which were all three buddies of mine You know marwan at mesi grill charlie at carpe diem And uh andy at us gold coins and they said bruce ed will sponsor everything you do whatever you do We're you know count us in and that was and that was what enabled us to get this studio So now we have the whole fifth floor on fifth avenue studio. We have real tv studios So that's what enabled that but then one of the first shows we started with was the bitcoin show omg That's gonna be my catchphrase. Oh my god. Anyway But what happened is we got like six more sponsors who wanted to do just the bitcoin show and the l show the bitcoin in spanish And they just keep coming in this morning. I checked my email. I'm so excited. You can tell I checked my email this morning I got two more sponsors So we had to bump up our rates a little bit Because we just have we only have so many spots and we're doing it six days a week now five days a week in english and one in spanish So we just got two more sponsors That are coming aboard and uh, it's fantastic. It's wonderful that you know They're and it's because there's so many bitcoin startups. This is such an exciting time to be alive, right? I mean, it's just amazing bitcoin hasn't even had a hiccup in the price you look at it Trade hill and mount gox. I was just looking at it. They're like pennies apart. It's so stable It's almost exactly the same price as it was before the mount gox hack And they say bitcoin is over. I don't think so I don't even close So tell us stefan now i'm gonna let you get a word in how did you discover bitcoin and when was that? My first thought about bitcoin through the website stumble upon and I was in june 2010 And I sort of looked at it and I was already, you know, very Let's say open and very positive About the idea, but it didn't really have time or you know, the interest to to get very deeply involved But I sort of monitored it. I learned about it read the viki, you know lurked in the forums and then when I in in early 2011 I saw the bounty about the Animated movie and that's when I thought, you know, I've been you know marketing Project manager in in London. That was my you know job for one of years So I thought, you know, why not go ahead and And make a video and just call up some context, you know See if we can't put something together and that's how, you know, we use coins came about Wow, so many things that was like the beginning of the story and the end of the story kind of like Left out the middle because there's a whole year But the beginning of the story was because I got so much to say about all these things The beginning of the story how much was bitcoin six tenths of a cent, right? Yeah, yeah, but I didn't invest back then unfortunately. I only invested in in december And you sell all your personal belongings and your clothing and everything to buy bitcoin at that time No, I don't know No, and what was the bounty for what you were looking at at that time? The bounty as posted was um, you know a bit complicated because there's lots of different people involved What we eventually got was 9,052 big coins. Whoa Hello You know then that was by the way, but that was not in july that was early this year And I remember that thread very very well and it was it was about uh worth 70 74 cents a coin back then 74 cents a coin Wow, I hope you held on to them, but I won't ask that that's a personal question But but let me let me say this I remember that thread very very well And in fact, I was like, yes, this is so needed. This is so needed And I didn't know I knew somebody would do it lots of people would probably do it But in fact, I contacted, um, nina paley I don't know if you've probably never maybe not if you've heard of her, but nina paley has is an animator who Created this amazing full length feature animated film called nina sings no cita cita sings the blues Nina created cita. So anyway, cita sings the blues and it's really really really fun cool animated film It's a full feature length film and um free open source. Well, yeah, but it didn't start that way It was a it was a hollywood film kind of idea and she was going to try and sell it for distribution and theaters and all that stuff But when she got in she had so many battles legal battles about Intellectual property rights to these old songs from 1920s That were locked up that were owned by huge companies like sony and stuff and nobody would even return her calls Much less give her the permission So finally she just the whole experience turned her into an advocate for free open source, which is a whole other thing We actually have a show called the free culture show So stay tuned for that coming up. It's one of our 31 shows. We're rolling out over the coming weeks But the free culture show is all about free open source everything architecture animation Education software everything. I mean we're on the cutting edge, you know This is only only one tv because we're we're all only one. We're all connected. So all right. So back to this Uh, what was the point? Oh, yeah, nina the bounty. Oh, I tried to get a hold of nina I emailed her and I said you should do this film You should do this animated film because you know she could probably do it or sleep But i'm so glad you did you did a fantastic job. Yeah incredible. I loved it The thing is that I wanted the the it's not really a criticism because I know you're a developer You're a hardcore developer. We'll get to that in a minute But I saw in it that you know, because I'm coming from bitcoin me.com the bitcoin for dummies, you know I want fred and margine to understand the first side that where I thought I understood bitcoin was bitcoin me.com. Yeah, oh, wow That's great. I'm so glad this it's all synergistic, right? We give and learn and I mean give and receive and learn and Teach all the time constantly. Well The thing that threw me a little bit was the mining. I mean I understand it and it was it was very well done But it I think it really was so much information that you were trying to get into a little tiny video that And probably someone uh, that was probably part of the bounty. I'll bet you now that I think about it It was probably somebody said make sure you explain how mining works. I don't know But the mining part through basically when when we started the video we consulted with you know The people I knew from from marketing done tv spots and so on before, you know, and personally I didn't do very much I just sort of Got everybody together. I fronted some of the cash and so um, you know, it's not really I can't really claim to be the brain behind it, but You know sort of the facilitator if you will and so what people told us immediately was, you know, you can't explain it in Just this this web viral video format But what you can do is make people interested and so what we did was we focused on several things first the The advantages the concrete advantages that it has then in the second part of the video We sort of try and explain a little bit about the technology But just to give a taste if you will and then the final part we sort of look at the the impact that it might have You know, it might completely change the market And finally, you know, just an appeal to people Like merchants and people who are freelancers, you know, why they should accept it Why it's a good idea to to make yourself know in the bitcoin community to get some extra business Doesn't hurt, right? And that's basically the approach that we had so it was very very let's say deliberate, you know So everything the video is We'll put a lot of thought into every single second of it. Well, it did that I mean it definitely piqued interest, especially a lot of journalists I noticed because I've had a lot of these I've had a lot of contact with a lot of journalists And I noticed the first thing that's always on the screen is we use coins.com and they they've watched the video They probably watched the video a hundred times They still don't really have a clue what a bitcoin is, but they're so intriguing You know, they're like wow something about mining something about processing making it out of thin air. They just I think they're probably You know, even they're intrigued and it inspires them to research it more. So that's really really good One of the things you know, go ahead. Sorry. Yeah, I was doing a piece with a journalist from South China And he said that, you know, the first thing he saw about bitcoin was the video and he immediately shared it with his friends And then from there it was, you know, quite friendly about how he was going to write his story So it was, you know, really positive that people sort of especially from the press side or from the mainstream side You know, for them the video is quite something tangible that they they can get their hands on Exactly. It's it's amazing video is so powerful as we know the in fact the We have some associates who are in old media television commercials and they learned about bitcoin through us and They want to they're actually very famous television producer commercial producers and they have said that they want to Create an actual old media television commercial promoting bitcoin You know, yeah, that's needed because you know, there's enough out there about Scientology and so on we need We can do something better than that So we want to create a television commercial that actually explains what bitcoin is In a really short commercial, but have it actually broadcast on mainstream You know, old media television all the networks across all the networks. So we're working on a project for that So that's going to be really exciting And again, it's mainly just to tell them the basics and where to go for more information You know, that's the thing if people can get as technical as they want, there's no limit, you know But um, just use google but people For me from my viewpoint people really need to know the basic basic ideas first You know, some people say well in order to understand bitcoin you first have to understand elliptical curve cryptography La la la la la, you know, and as soon as you get it's like, whoa, they also sorry to interrupt you But they also need this this basic motivation right to even sit down and spend time on it, right? Because everybody has heard about, you know, these dot-com Currencies and it's also something that you know comes up in interviews a lot When you when you talk to journalists and the first thing they say is, you know, how is this different? How is this a different currency and I think if you can get that point across You know, they will find the information for themselves. It's just that you have to get the point across that it's something new That's something different. Exactly. That's what I do too. Whenever I do an interview I always I start with the five things that make this absolutely unique in the history of mankind There's never been a currency that was completely decentralized There was there's never been a currency that was absolutely limited to 21 million or less than 21 million bitcoins and infinitely divisible you got whenever you say it's limited in quantity Also have to explain the divisible part because then they go like oh, well, there'll be a shortage If there's only 121 million, how could you possibly have enough of them? You know and and I don't have enough money to buy a whole bitcoin, you know and things like that So you have to explain the divisibility and hand in hand with the limitation and the zero transaction fees the You know the irreversible nature of it that it's not There's no such thing as a charge back all those benefits that are make it absolutely unique And virtually indestructible as far as we know even if the number one online Exchange that's got 90 percent market share is hacked And and all the accounts are published on the internet. I mean it's still No, it doesn't even barely a glitch barely a blip in the price I mean, you know people say oh the price plummeted to a penny. That's such nonsense You know, well, you heard me say this before but uh, I want to I want to ask you now There I know that you're involved in a lot of other projects too And haven't you been uh, what's your connection with the app development and the google code For the bitcoin client Yeah, that's actually I got a shout out. I think on your first show from andrew schaaf and I was working with him On an android-based client, right? And so basically what I was working on was the server side for that So there's a lot been been a lot of talk about a lightweight implementation Is satoshi's paper even has a as a whole section on simplified payment verification And the other person you have to mention in that respect is my current who's been sort of my Intellectual influence on all of this like he's been the one who's introduced me to bitcoin From a technical perspective and in depth But we went to to all the meetups here in switzerland And so basically what i'm working on is the server that can look into the Blockchain for you so you don't have to have a whole copy of the blockchain That's pretty much all it does and Because bitcoin itself is just a cryptographic set of Basically checks if you will right this is like a Bitcoin transaction is like a check that I send you and if you can look at the signature And the signature is valid and the server tells you that yes This transaction is actually unspent and it is actually in the blockchain Then you know that this check is valid So you don't have to trust a server with your money actually right you just have to trust it to give you Accurate information about the blockchain right actually we can have a fairly low privileged server And fairly lightweight clients around it. Yeah, I understand what you're saying because really it's just like I guess in an old old old tech analogy might be Where you call up and check your balance and your checking account and it's telling you your balance Well, if they told you your balance was more than it really was It's not the end of the world because what it comes down to is you might write a check But it won't clear. I mean it's it's the clearing of it is the in the cryptography. So the Assuming it or assimilating it into the ledger is the cryptography But that's just checking your balance to make sure you've got the money to spend which is important, but it's not It's not really that critical because if you don't have the money it isn't going to be spent anyway, right? Yeah, you can also ask multiple servers and just see if they all give you the same answer, right? So if you have if you don't trust the server very much or you're especially paranoid Just ask 10 servers and if one of them differs then you know something's up there And the point of this so so that those of you who may not know what why this matters is because They're talking about the android app the smartphone apps that need to be really thin They don't need to actually constantly connect to the internet They don't need to have the whole entire blockchain on the phone You only need the balance and you basically press a button and it checks the balance It just goes out and has a server check it for you so that that is Offloaded that processing and that connectivity is offloaded to an actual server And the phone just does the cryptography only what it needs to do So it makes it the client server kind of a relationship that makes it much more efficient for use on a smartphone, right? right and the one application that i've been involved in developing as well as a bill cusserine and I don't know the the the name of the other person, but you can look it up on github who our contributors are Sorry to to whoever it is But what we've been working on in terms of an application is basically a browser based application That you know, it doesn't have any, you know, it doesn't require any kind of installation And the beautiful thing about that is that you can run it on every smartphone. So Basically what what i'm announcing right now is is a bitcoin support on the iphone No matter what apple says or does we're gonna be able to make it work as a web application Like little britain, you know, they've ever seen this comedy sketch things from little britain Where they say computer says no, so I always say no steve job says no No peer-to-peer. No. No. No money unless I get 30% Nothing to do with that. I mean the iphone is really good web application support So you can get really nice interface, you know, really nice experience for the user And the only thing you really need is basically javascript based cryptography And that's what we've written and that's that's already released as open source on bitcoinjs.org So and isn't that is that the google developer who created that? Or does that have to something to google the the Bitcoin js. Was that the one that was developed by someone? No, no, no Yeah, it's a lot of confusion and I think maybe I should have picked a different name But there's a difference between javascript, which is js and java And so what Mike's been working on Mike works at google What Mike's been working on is bitcoin j which is exciting for its own reasons And you know, it's basically a java library for bitcoin, which is great for like, you know servers or also lightweight clients, especially on android It's a great library for that And he's been working on that I've been working on a javascript implementation was just you know different You know technology if you will but you know for different applications basically so it's but they're both Like overlapping they would both be for a similar purpose, but just two different languages two different platforms. Yeah, they're also they're also technically similar because Mike's code is probably the best documented and best commented Implementation of bitcoin right now. So if you're planning to write your own bitcoin client I have highly highly recommend you look at bitcoin j because that's that's where you can learn how the protocol really works and so Well, let me ask a stupid question Then why didn't you just use bitcoin j instead of creating bitcoin j? Yeah, so is that there's a need for something different right the thing with the browser is the only thing that it really runs? Well is javascript so if you want to run the client side in the browser itself Then the only option you really have is javascript and as for the server side There was basically just a I don't know personal preference if you will I wanted to develop something with no jas Which is a very interesting new platform that's up and coming for you know Real-time web development and it seemed a good fit for this particular problem The only thing that was missing obviously was a bitcoin library for it So I thought you know I might just go ahead and write it and when you say the browser you're Especially thinking of the this the standard browser on an iphone. Is that right? Yeah, yeah, obviously That's where we have a big advantage as long as apple doesn't allow any apps on that platform You know the webcoin will probably be the only way to to do bitcoin on on iphone. Yeah Um Unless you jailbreak it obviously, right? But that's just a I see it as a temporary solution I think that eventually if bitcoin spreads further they're going to have to allow And a bit kind of on it. Yeah, eventually steve backs down once he's forced to by some governments So the european union or the u.s. Or something nothing nothing against steve, you know a big fan of apple Oh, yeah, I love max And I sometimes sometimes they're a bit, you know slow to move I guess yeah I mean it's apples apples corporate, you know philosophy that is so proprietary that a lot of people are opposed to but The product limitation from the hardware like as far as the same client The limitation as far as how many how much memory the hardware has And is that the reason why you have you don't want the the whole blockchain? Yeah, especially when you're using just web Technologies or web application technologies You run into some pretty tight limits in terms of what you can actually run on the system itself For example, the official client generates 100 addresses in advance If we tried to do that on an iphone in javascript The application would take five minutes just to do that, right? So we had to really strip it down to the bare bones. It's going to be you know pretty much not unnoticeable for the user But it really doesn't only what's necessary. So it'll only generate an address when you actually click generate address It won't have its own blockchain. It will rely on the server for that, but we talked about that And yeah, I mean that's that's pretty much the two limitations or the two concessions that we had to make in terms of the implementation and just in terms of the the Release and what's first going to come out for you know regular web browser on the pc It's going to be sort of like insta wallet with the difference that your coins actually stored on your own computer Instead of on the server. So that's sort of our differentiating, you know or the difference there and Later when when it comes out, we can make an interface just for mobile phones It's going to run on pretty much every mobile phone you can think of that that has a you know modern smartphone browser, right? So the okay, so that yeah, this the two limit Let me just review to make sure I get this right So the two main limitations are one is apples corporate philosophy That doesn't allow anything to do with money unless they get 30 percent Or not at all if it doesn't go through the normal banking And so that's they're blocking it from the market and the other is the actual the fact that it's Well and and that uh google has run into that with google voice and and skype and many things have run into that barrier Where they just say no apple says no There's no way around it So you that what google did the same thing with google voice They created a web based app and then it works in the web based app and it works almost as well And we just actually like better even on my android phone using the the web Better believe it or not. I don't but anyway, it's okay. At least it works At least iphone users also can benefit from some of these apps and even if it is through the browser So it's basically it's a work around to work around steve jobs But the yeah, honestly, I wouldn't think of it that way I mean it makes it sound like it's a you know a hack You know it's not going to work very well, but it's like the browser on the iphone is actually really really good It's the same that's used on android and and some other platforms as well And it's it's excellent technology. It's completely brilliant and you can get an experience that's Virtually indistinguishable essentially. Well, that's great then and if it's really that good It could be superior in that you don't need an app. So you can use it on an android phone too, of course Exactly. Yeah, you don't need to install anything. You just enter the the url, which uh, I'm not going to announce just yet, but uh Yeah, you're just going to enter the the url. Maybe you can have me on again when we launch it And then once you've entered url, it opens up. It loads up. It gives you sort of a welcome screen We did sort of a pre Preview screencast about it. You can google for that if you google for a web coin screencast You'll probably find it and you can sort of look at how the interface looks on the pc and We've since made some changes to it and it's all open source So you can you can look at the code too if that's your thing. Very cool. Thank you for that by the way Yeah, that's awesome Don't think it's a it's a team effort. So yeah, andrew has been involved in that I have to mention eric brigham who has been very supportive. He's the first founder of true coin. Yes, um Which is another startup in the bitcoin realm Honestly, I have too many people to mention. I'm not good with names. No, I know Just look on the websites and I'm gonna credit everybody Um So yeah, that's the wonderful thing about the give me all the credit the bitcoin community and the open source community Which are kind of completely overlapping communities. It's really almost one of the same and many many aspects But everybody chips in and they do what they do best and then they all build on each other's work and it just becomes this um synergistic Steamroller that just is changing everything the way the whole world deals with money in internet speed. This is happening so fast Yeah, and I noticed that the the difference between, you know, I'm also a team manager and I also work full time, right? and There I have to get through all this red tape in order to get anything done So with what takes eight hours at my normal job It takes one hour if I'm doing it in the afternoon or in the evening for bitcoin, you know So it's incredible as soon as you remove all these in sorry These institutional barriers if you like and you have this this open culture You know you can get things done so fast and at the same time it's not, you know, it's not communism or anything It's like we're all interested in making money with it. We're just cooperating at it. That's right. It's a great way It's the future. It's absolutely future. That's why we have the free culture show because it's about that People haven't even heard of what is free culture. They don't even know and but they don't know about they Many people don't know about bitcoin and we're here to educate them and the same thing with free culture We're they don't know what that is They don't even people in the community sometimes don't even know that term yet But we're here to educate them. So we're going to we're going to be talking about a lot of that. So it's so awesome It's so awesome. We can never thank you enough, honestly so the The one thing a technical question about that when you're when you're using the The javascript in the browser, whether it's on android iphone or whatever and even a pc You can use this right on any any browser pretty much that runs javascript, right? Is the um How does it store the wallet and where is it actually stored? Okay, yet it has been a lot of progress in recent years In terms of you know Technologies that specifically support applications that run the browser So one of the technologies that came along with html 5 is called local storage And what that does is it's basically like a cookie except that it doesn't get sent to the server on every request, right? So if you if you would store your private keys in a cookie It wouldn't really help you because every time you open a web page It would be sent to the server so the server would have access to it But with local storage, that's no longer the case So you can actually create an application where the All the dynamic stuff basically the server that has the blockchain on it is a different system Then the server that has all the static files on it And what that means because you can make a static server much much more secure than any server that runs You know php or any dynamic scripting stuff on it you can have sort of a you know much higher level of security because people are getting the The actual trusted files of the software from this secure server They can even store these files on their own computer and they have like a like a normal client Then with the same security properties as the official client, right? And they can have that on their own computer and then they can use these web services for you know convenience and ease of use And again, I want to point out that our application the the web browser based application Is one possible way you could implement a client like that You can implement on top of our apis You can implement clients any way you want you can have it like as a native application on android like andrew's doing Or you can have it as a desktop application that you download and so on and it always has the same security properties Well, is there any chance that the browser could lose these? this this offline storage and like Like if you clear the history and you don't know what you're doing and click the wrong button Could you lose your local data? Yeah, the wallet storage is obviously a big topic and You know, I've lost bitcoins myself So I'm very sensitive to the issue of you know losing coins There's been a very big bitcoin theft as you all know So, um, it's a big topic. How do how do we secure this wallet and um Basically the solution that we've come up with over the last couple of years and sorry not last couple of years But last couple of months seems like years And the I have to give out some shouts to Gavin who's been helping with that and again Eric And chris carter as well. Um, so these are these are people who have been working on this and Basically what what what we've come up with is a two-factor authentication That uses the server as the second factor So you can think of it like Um, a smart card Type solution like what you would get from your bank where you can actually only do a transaction if you enter your pin number Yeah, right But what we've done is instead of having a smart card We've put the second factor on the server. So um, the way you can think of it is Your computer is basically is the smart card And the Yeah, that's that's a bad way to put it. Um, let me just explain how it actually works Okay, there's two factors that have to be though screw the metaphors screw the metaphors Just gonna talk a shop now. It's like a bumper. So, um, basically this there's two parts to your private key Right one part is stored on the server and one part is stored on your local Local client There's also an encrypted backup Okay, which you can print out, you know, put in a safe whatever. So that's how that's how we prevent loss So if if something happens to your computer if something happens to the server Whatever it is, um, you can always get your coins back if you get your backup out of the safe We also use a technique. Um, that was posted on the forums by a guy called g maxwell And uh, he basically suggested that instead of generating new keys every time you can basically generate a master key And then derive or other keys from that and the advantage of that is that if you have that master key Um, no matter how many keys you generate later, you don't have to update your backups Your backups will stay current. Um, so that's that's another technique that we're using So you can basically print out your master key. You can put it in a safe You can print it out again put in a safety deposit box at the bank And uh, you're absolutely protected against loss. There's no way as long as any of these copies survives Um, you're protected and obviously you gotta make sure that these things don't get stolen either That was my I hadn't heard about the idea of deriving more more keys from a master key I I hadn't read about that. That's I don't even understand how that happens. Um, yeah, you can search on the forums It's under a deterministic wallet. I believe and again, it's not my idea I just grabbed it and implemented it into our stuff. Wow. Okay That blows my mind. Things happen so fast And that's a great example for culture, right? Yeah, exactly. So, okay, so go on Okay, so that's how that's how we protect against loss now. How do we both make it convenient to access And secure against theft, right? So for example, you have got the client on your mobile phone Your mobile phone gets stolen by somebody who's really really good with technology and you can like read all the memory out and Hack your pin number or whatever So, you know, we can consider that we consider the mobile phone could be completely compromised if somebody steals it So we can't actually store the wallet on there Right, but you don't really want to type in a cryptographically secure password or key every time you log on because Cryptographically secure password has to be quite long Okay, so we use a little trick. So we have a longer key on the server Which the server only sends you after you enter a pin number Okay, and the key itself is completely useless without the encrypted copy of your wallet. That's on your mobile phone So in order to access your wallet, you have to enter the pin number If you don't know the pin number, then you've got maybe 10 tries for example And if you run out of those tries, then your wallet locks itself and the data on the mobile phone is completely useless Because you don't have the data that's on the server. Wow Okay, and your big coins are useless too. You can't get into it at all You can't get into your wallet. So what city bank needs to hire you guys? Sorry, city bank needs to hire you guys This is more advanced than any security I've heard of for any kind of online banking Yeah, yeah, I mean, I guess we're pushing pushing at the at the edges a little bit. Yeah, that's amazing I mean, but let me finish. Let me finish my expression real quick. So, um, so You can at any time access the wallet through the server with just your pin number As long as if your client pre-installed now, there's a couple of cases. So for example, you lose your pin number You forget your pin number. How do you get your wallet back? Well, you've still got your backup in your safe So you can always get back to the master key enter that and it'll unlock everything again Okay, so that's how you get it back if you if you lose your mobile phone or if you have to Um For some reason you lose your pin number and you get locked out yourself, right? The other thing that can happen is obviously you want to install it on a new device So you got your new brand new mobile phone. You want to get your wallet on there? So again, you go back to the master key You could take it out of the the safe and you enter it on the on the new phone It'll hook everything up. So you can use your wallet without a hiccup One more thing we can probably make some sort of wallet transfer So you don't have to go back to the backup as long as you have the pin number and one device that already has the Wallet on it, but that's not, uh, you know, that's far from implemented right now. So wow So this is all one thing you're talking about a browser based Bitcoin app slash client that Also secures your wallet Encrypts it protects it Moves it from device device If you it's it's like so much in one. So your your wallet. Is it actually living on your phone? If you're using your phone I mean it's split between it's split between basically Um, you have to think of it as two copies, right? You have one copy that's split between a server and client Okay, and one copy that's split between the client and you're safe if you will okay Right, so if you have if you have actually sorry. No, no, let me go back on that Um, you have two copies you have one copy that's stored between server and client and you have one copy That's stored in your safe So if you have either the client and the server corporation through the pin number Yeah, you can access it or if you've access to your backup you can also access it. So can I Can I uh, what am I transparently switch from my laptop to my desktop to my phone and access it in all three places at all times Yep Because because it doesn't matter which one I can have a I can have it on each of those things and on the server And as long as I have any I have two of those I can access it Yeah, as long as you have internet access obviously You can access it you have to have an installed as I mentioned, you know You have to have the master key to install it But once it's installed you only need the pin number and the internet access basically And it'll be synchronized across all your device Just you know normal cloud hosting like you're used to from from google and so on And then um, you know, obviously you have to have an account on this site on this service as well because that's What makes it work and that's what makes the backup happen Does the site and the site the site is operated by you We have made everything I've just talked about The stuff that's implemented already that's open source Most of the wallet stuff is still in development right now. We're sort of working on the server side But the client side is pretty much done So you can again you look at the screencast and you can pretty much see where we at or we were at a few weeks ago And I'm hoping to release a first beta of the client where people can play around with it in the next couple of weeks and just to be clear then the The administrator of the site that maintains this and it has the backup and all that Is there any way that they have access to your wallet? Um, so again the the wallet split between the server and the client and the client never gives up its part um Okay, now it gets pretty complicated, but um, no the server does not generally have access to your coins In the pure web app version. Okay, so basically the first version that we're going to come out with um Yes, the server could send you a corrupted version of the software It's kind of like if the bitcoin developer snuck something into the code and sent you that Then they could make it so your wallet just sends all the bitcoins to that developer for example, right? And the way that's prevented is just that people look at the code and if somebody tried to do that It would be pretty obvious and be it would be detected pretty quickly And it's kind of the same thing so if the the web server tried to do that And tried to steal your coins that way you'd notice it But that only applies to the web app version in all the other versions where you have a client that you download For example the android version It actually It's the same as with the official clients If somebody will review the code long before it actually ever gets to your phone You know a hundred people will have seen it and if there was anything in there would send the coins somewhere Somebody would have noticed by then Okay, and then the backup copy that you referred to that extra separate backup copy that's on the server That's also encrypted and so the administrator of the site wouldn't have access to it without you right? So since since I noticed that since I learned about the deterministic wallet idea It's actually possible to just encrypt that master key And print it out and then you don't have to store the backup on the server at all So yeah, and so if someone gets a hold of this master key They don't have the pin so they can't do anything with it Uh, if they don't know if they get the access to the actual hard copy of the master key They have access to the wallet everything because that's a little bit backup feel well You have to have you know tight physical security around that so right definitely something like a bank You know secured deposit box or something like that Okay, that still blows my mind the idea of this deterministic uh master key thing It's like wow so you can just create any I don't I don't understand that I'm sort of doing research more about that but you you can you can create any number of of uh keys that you need Basically, so what you do is and that's going slightly In a different route than what gmaxwell's original idea was but um The way I sort of envision it is let's say you are a merchant right and you want to accept bitcoins So you've got your master key And then you've got a um Sort of a Sort of a let's say you have your master key and then you have got the shah hash of that And that's what you store on your public facing computer and then that can be used To to generate more keys You're putting me a little bit honest, but I don't I don't want to go into the cryptographic details right now because Again, I haven't implemented yet. So I've got like separate models floating around my head So like I go into one model and I'm like now maybe get this model So I don't want to go into too much detail But basically what you can do is you can generate new addresses on the On a server that's later not able to spend money on those same addresses because In elliptic curve cryptography You basically have these these points these elliptic curve points and your private key is a scalar and your public key is a point and you arrive at the public key by Multiplying your private scalar with a fixed sort of constant point and then you arrive at your public point and if you take two private keys and you I think add them together And then you take two public keys and you add them together You get a new private key and new public key that are Contingent or or you know relate to each other So you can have one private key on your private server. You can have one Private key on your public facing computer You can have your normal public key that is also on the public facing computer And then a public facing computer can generate as many keys as they want Multiply them together to get a new public address and receive money on the address without actually having the private key The second private key that they need to spend it. So I know this is probably super confusing. So I'm just you know But what it allows you to do is you have your merchant server And even if the merchant server gets hacked the hacker does not have access to any of the bitcoins That server has received in the past. Okay, you know this the the this this may be another stupid question, but if if if the machine can Take a public. I mean a private and a public key, right and then create new private and public keys that are valid Based on those sort of what you're saying Then that are usable then Uh, I have a new pair of private and public keys and then that I can use Couldn't what's to prevent someone else from doing that? Oh, I guess they have to have the private key to begin with Right. Can I answer my own question? Right, right, right. So what someone else can do if they have your sort of master public key is they can also generate public keys to Where you can receive money, right? But what they can't do is actually spend your money because they don't have your master private key They only have your master public key. So oh, so they can create new they can create new public keys that I can receive money And my original private key will Allow me to spend that Exactly. Oh my gosh That's cool. So you don't need a key ring at all. You only need one private normally in elliptic curve derivative You have one point, right? And all we're doing is sort of two points. We take two points and we sort of Add them together to get a new point And then that has the properties of both original points Wow, so you can only spend it if you have both private keys and then so you can you can treat the second private key I'm not sure if you can treat it completely Openly or if you have to keep it secret too But I think you can treat it completely openly as long as you don't have the the first private key You can't do anything with it. Wow And so amazing if it wasn't confusing enough to the average person, right? Yes. I'm very sorry that you know The first time I'm actually explaining this latest set of ideas Usually just before I go on any shows or anything to go through a couple of times and that's why it's a little bit Can you make a two-minute animated video about it? Yeah, I wish for a bounty for the right bounty, right? Well, I would like to ask about like the user or client side face of it. It seems like it could seem very easy just a few Things can you explain a little bit how the interface might look like for like a common user? Right. So the interface right now looks exactly like the the normal client pretty much So you've got basically just a browser based version of it You've got your balance. You've got your past history of transactions And the the big differences come in is the stuff that I've described in terms of wallet handling So when you open it for the first time it'll basically ask you you want to create a new wallet or do you want to Install an existing wallet on this new computer And then if you choose create then it'll generate all the keys It'll give you this page that you can print out and put in your safe, which is your backup And and then pretty much you set up and then from from that point forward You can generate a bitcoin addresses and receive money and send it out again And the other option if you're a user of the system What you would do is you choose the other option I want to install an existing wallet and then if it's a mobile phone It would ask you to scan the qr code with the private master key And then you would do that and then it would be installed Or if it's on a pc and you don't have access to like qr code You would have to type the the the entire key basically which is I think it's something like 20 or 25. I guess characters Wow, so would you recommend using this like if like if I was traveling in Europe and went to internet cafe And I was able to download this client Like would would I still be able to use it or would you not recommend it? Well, obviously whenever you're on a compromise platform So example, you're on a computer and the computer has a trojan installed Or you're an internet cafe and the internet cafe owner obviously has admin access to that Or your mobile phone and there might be in the future more sort of mobile phone based hacks or mobile phone based trojans, right? As soon as you're on a completely compromised platform the second we actually Get to the private key That's in memory and any trojan can read that out. So that's still sort of a limitation You have to be sure that at the time you're logging in your System is secure if you can guarantee that it's fine. If somebody hacks in later They won't get anything, you know, so As it is right now if somebody gets your old hard drive or whatever it doesn't matter So they have to they have to have access or control over your system as you're logging in And so for the web interface version as well, obviously because they're capturing the keystrokes Yeah, they would work the same second. So the basically the idea is that um Any anything any system like this that's web based or app based or any any client like this You can't always be a thousand percent sure as I say that There's no keyboard capture virus. I mean, they're you know A trojan or or some kind of security breach could be in anything in any any network that you know There could be a packet sniffer and so on so that you don't the idea the basic idea is It's just like your wallet in your pocket You don't carry around enough money to buy a house in your wallet You just carry around what you're going to spend that day for lunch and dinner at starbucks or whatever So you just carry around a small amount that it wouldn't be the end of the world if you lost it And you know for for your investment for your long-term life savings. This is not the solution for that Right. Um, there's two more points that I want to make. Um, the first one is There's absolutely nothing preventing or technically preventing hardware based bitcoin security solutions So you could have like a bitcoin bank card and a bitcoin card reader And all the cryptography would actually take place on the smart card chip Wow You could have a little device Like I've got a little device from my bank that I have to hold up to the screen in order to confirm a transfer You could have something like that Um, given if you want to do a screen that solution that you can have for for, you know, banking login Um, you can have for bitcoin as well. And then the second point I wanted to make is Also that there could be bitcoin banks. So right now all we've been talking about is we want to maintain the original bitcoin idea of You own it like cash. You have it, right? But obviously you can have bitcoin banks just like you have banks that take cash And give you a balance on there. So anything that a bank can do you can also do With bitcoin is just that instead of cash you pay in with bitcoins into the bank. So those are just two different models I'm mostly interested in the one where it is like cash. You can you have the control of it Nobody else does right but everything everything with bitcoin can also be you know replicate with a traditional model Where you have a bank they take care of it. They ensure it They, you know replace it if it gets lost all this kind of stuff. So and they give you a you know login with the same technology that already exists Yeah, so so basically you can have both models. It's just that I'm I happen to be interested in this one Whereas other people are working on the other one. For example, my bitcoiner is doing a great job in the Sort of being a bitcoin bank if you will exactly But they're vulnerable also to keyboard capture viruses. They're both similarly Exactly as soon as you have a bank then basically instead of you being attacked It's the bank that could be attacked. Well, yeah, actually it's two vulnerabilities because yeah I mean on one hand your machine could be a hacked or a keyboard capture could get the passwords For them, it's their site as we know with mount gox their site can get hacked and or keyboard capture can Capture your password or a brute force attack which just means a computer guessing Passwords that would you know common words or whatever dictionary words and so on So you always want to make sure you have a password that doesn't contain words just Random numbers and letters and characters and so on I hate to interrupt you, but I want to I want to thank our sponsors once again For making us this whole show possible Please visit their websites and thank them for sponsoring the bitcoin show carpevm.com Carpevm.com sees your market say it with video carpevm video marketing and mesi grill mediterranean Food where authentic mediterranean food meets modern flavor mesi grill meze grill calm and trade hill calm, of course Get 10 off life life of your account off your trades with the referral code th-r 141 trade hill calm and us gold coins calm our trusted advisor for excellent investments in rare us gold and silver coins us gold coins calm, okay, so The time just flies. There's so many things to talk about. It's a good thing We made this a daily show because we just I mean we figured we sit around and talk about bitcoin all day Anyway, we may as well just air it as a show But yeah, there's this one last thing that we didn't get to mention yet It's it's just a you know minor announcement basically the team bitcoin team You know driven by my current has been talking about the forum And so the way we see it is that bitcoin org is going to be sort of the official website where you can get Trusted information about bitcoin bitcoin or whereas we use coins going to be more of the sort of community site where you know you've got a bit you know Exchange going on and so on And that's why we're going to move the official bitcoin forum from forum.bitcoin.org Over to forum.weusecoins.com. That's the only change is because still going to be hosted by the same people I don't have access to it even So you know nothing's going to change really about the forum It's just that it's going to be moved over to a different domain because you know if you had a lot of problems with press thinking that you know Some random forum Message was like the official opinion of our team. So that obviously doesn't work Yeah, I'm glad you mentioned that because I had read about that thread that uh, so basically the idea is bitcoin.org Will be the official source for all things official from the bitcoin project And then we use coins.com will be the domain for the users The user community the user forums and all that so that there's no confusion Yeah, I read that because the press was quoting some random person From the forum and saying well, this was posted on the official site Exactly It is as soon as you have you know some stuff like silk road, you know and then associate with the idea of fish I mean silk road is used by what like 0.5 of our users And it's just it's just really annoying to to you know to be put into the same category as as you know Some of the stuff that you know some random person posted on the forum. So I think that's that's a good enough reason to say All right, we're gonna keep the forum as it is. It's fine. It works great But uh, we don't want it, you know That prominently or you know Right there on the official website with the official name on it, right? I love the um the the way that the everything is happening and lightning speed I mean you can't even read the forum. It's so much happening so fast exactly That's right. We need to talk about it every day. Yeah, the other thing is about the forums that I wanted to mention was that they're really should We're Bruce and I had been talking about that the really should be like a separate forum for developers as opposed to Common users because if you know, I'm a developer. I want to go somewhere where you know, I can read some good stuff There is the development mailing list that's been set up recently. It's uh on the sourceforge project for bitcoin It's I think bitcoin development at lists dot search for Sourceforge.net, but don't quote me on it. Just go to the sourceforge project and go to mailing list and you should see it Okay. Yeah, so the the real developers can communicate without them All the other noise less. Uh, yeah, it's it's still sort of you know, right now Not many people are using it, but it is it's been set up and so, you know, if you're Um tired of you know the forum and you know some of the trolls that are on there Uh, the developers have been moving over there a little bit. That's great What um, so I I love this idea of a hardware based security Is there I know that there's a way that they can do a unique time code or something like that, right? Is there a way that you could that the because it seems like there's one common Problem and that is keyboard capture trojans if there's a way for the virus to capture what you're typing in your password Is there a way for a card to completely bypass that? Yes If you have the private keys only on the whatever hardware solution is whether it's a smart card or a device If you have the keys only on there and you actually sign the transactions on there and you have some kind of trusted display That's going to show you, you know, where's the money going to go to? What is the amount and then you can sort of press a button on the device To send it then it would be secure because then it would be a matter of hacking that device and the device Obviously can be made such that it doesn't run arbitrary software. So so you'd have to have a device that has a display on it and can actually store keys and Sign transactions, so it's quite a lot of work to be done, but it's possible. So basically it's a bitcoin app Like a hardware bitcoin app like a dedicated device that is your bitcoin app and everything all in one You know, you would probably use your you know a regular app, you know like You know like ours or some other app And it would communicate with this device through some some channel and the channel doesn't have to be particularly secure because When you actually before you actually acknowledge the transaction or you actually before you actually give the final okay for it You can see on the display exactly what the transaction is So the secure part the real real secure part could be on a physical card Could it be like the size of a credit card? Again, you need a secure display as well So if it was a card you would have to have a card terminal as well that has a display on it Because if you don't have a display then Whoever is hacked into your system If it's on your computer monitor, they can just change whatever it is displayed and you'll give you okay And it'll just send it somewhere else than it's maybe a thick card So you have to have a secure secure display associated with it But if you have that then yeah, it's just basically going to be hardware based security around that I think I could just want to have seen some sort of a new credit card device that actually had some sort of a display So yeah, so you hear that developers you got your hardware developers out there This is what's needed. We need a what's needed list. We need a wiki above things that are needed This is that's a brilliant idea. I think I can see that being the future. Who knows it could be like a real I think that uh, there's a lot of hardware out there already that could be changed in a little bit. Um, that Actually would make this possible Obviously, that's that I'm not that's not my field or anything But I think that you know if somebody is already in that sort of area and or a company And they already have like smart card devices smart card solutions security tokens one-time password type stuff that they might be able to to sort of You know rig something up pretty cheaply and without much development effort So I don't know but there's definitely a lot of work to be done in that area Wow History in the making you're watching it happen every day so much is happening So we're out of time. Thank you so much for joining us Stefan. Yes. Thank you Stefan all the way from That's a love From Switzerland and what city are you in over there? I'm in Schindeläge, which is that you know population 600 or something. Of course, but it's uh, it's near Zürich So, you know that lake Zürich over there and it's it's beautiful. I've got John Matonis nearby Nice, we'll come and visit for sure. Nice. All right. Well, thank you guys for joining us and we'll see you Thanks for having me. See you tomorrow 2 p.m. Eastern. All right. Great. Take care