 I can go. All right. All right. Thanks, everybody, for coming out this early on a Sunday morning. You all must be insane. I don't do this early. All right. So my name is Ben Sherry. I have a company in Thailand, 37 people, called Proteus Technology, or Proteus Group. It's a development group, Proteus Technologies, and an operations group, Proteus Pops, none of which is totally relevant to what's going on here. So I am going to give you some background about me because it sets a context, and I think the context is very important. So I've been coding since 1983. I've been doing cryptography and security since 1991. I've been a libertarian, like with the previous guy, since 1992, after George Bush broke his no-new taxes pledge. I discovered I was really a libertarian and not a Republican. Bitcoin 2010, and out in 2011-2012. So I've always been interested, you know, because of the freedom aspects and the cryptology side is what got me interested in Bitcoin. I didn't ever think that it was going to be... I didn't think that was yet going to be a currency. And I was one of the very first miners, and when it hit 40 bucks, I got out and started doing some other stuff. So do not take investment advice from me. So I've avoided doing ICOs. I must have turned down 30 or 50 ICOs for my development company until just recently. We did a company called HotNal.com out of Bangkok, which is a hyper-local promotions thing that's going to try to be an actual currency and bring crypto to the masses, and we raised them over $50 million. And so looking forward to deploying that in June. Got other crypto projects in the works, not all of them coin-based. And as a result, I know for a fact that this industry is completely nuts, and I'm working hard to fix it, and I'm hoping that you all in the development side will work with me on this. Okay, why is my screen not changing? This is going to suck. You guys can see stuff that I can't see. All right, we're all through. All right, so you guys know what the applications are for this stuff, run through it. So the typical stuff that you see is coins are the main application. There's various people solving various problems. One of the interesting ones, real world use cases where people need these kind of things in Kenya. The currency is so difficult to trust that people are literally using mobile phone credits as a commodity exchange for currency. And so if that doesn't show you there's a demand for this kind of thing, I don't know what does. And one blockchain or crypto ledger group called the Stellar Organization has come in to help people in these kind of lesser-served countries bring cross-border financial transactions to the masses without paying massive costs. So that's kind of an interesting thing. Also we've got an idea of smarter coins, right? So automated escrow. So just typical e-commerce situation in Bangkok, in Thailand, it's very common for people to sell stuff through Facebook. Thailand has the highest penetration of Facebook users per capita of any place in the world. And people send their money and hope they're going to get their stuff. And generally they do, but a lot of times they don't. And so if you have a cryptocurrency that actually provides an escrow service and a parent in the coin in a distributed winner, that's a pretty neat idea. And in fact, that's one of the features that my client, the hot token, is providing. Also you can, so I like to say there's the system, there's the crypto ledger system, and then there's platforms. Platforms are the applications and services that sit on top of it and utilize it. And so one of the ways to encourage people to use your coin or whatever to provide an API for the platforms, make it easy for platforms to integrate with you, and provide them incentives for using your coin. One way of doing that is for your coin to allow platforms to collect attacks when they cause a transaction on your cryptocurrency to occur. So these are some extensions of the basic coin features that are really obvious. I'll talk about some other applications. So impact of this, this is the socioeconomic stuff. I think we went through most of this. So one of the things that's important to note is that economies are really just efficient ways of transferring information. And you see these boom and bust cycles, these up and downs, are caused by people acting on bad data, data that's wrong or data that's delayed. The internet, distributed ledgers, cryptocurrencies are greatly, you know, the fact that the information is open and public for everybody else is making economies far more efficient, making the information far more effective. And that's revolutionizing the types of businesses that we can do. Like a lot of the things like the shared economy with like Ubers and the Airbnb's are all possible because of this. Another thing that I have noted in that applications that use crypto ledgers often end up just becoming a big open call system, like an open call exchange. If you can do an open call exchange on a crypto ledger, you can build almost any of the key applications that people are going to be wanting to use in the future. And so if you're a developer, you know, think of the app that you say, you know, does this thing work on here? Would it use an open call system? Yeah, that's probably something that could actually work and do something for you. Free markets for all, right? So free markets, decentralized systems route around monopolies, they route around censorship, right? So these are, you know, mercantilism is the types of monopolies that are imposed on us by governments that we all suffer from. And crypto ledgers are what's going to be the big impact on this. Honestly, with smart contracts, 80% of what our governments do for us, what the nation states perform for us service-wise, can be done free, fast, better, more fair on a crypto exchange without having to involve the use of force that comes with all governments. So this is really truly revolutionary stuff, smart contracts, right? So privately, they're not so smart. This is a real problem. Oops, there goes the camera. Colonial algorithms executing directly on the ledger. And I believe that smart contracts will replace HTTP as the number one protocol on the internet. The other interesting thing is actually having civil agreements, real contracts, human contracts as code. And there's actually a startup here in Singapore. They are a client of ours called legalese.com that is taking, that is creating a domain specific language to describe contracts mostly for starting up corporations and such. And as a compiler target, it's going to generate a human readable language contract that the lawyers and the judges would expect to see. But as another compiler output, we're going to output code that will actually execute on a crypto ledger. So your contracts can execute in the space. So let's say that you're an investor and you have an anti-dilution clause in your investment, somebody else comes in and invests. The contract is going to go work out all the numbers and everything and automatically give you the additional shares that you deserve for anti-dilution protection, right? This kind of stuff just happens automatically in code. And it saves you literally tens of thousands of dollars of equity. This case came from Meng Wang, who is the guy who founded Joyful Frog Digital Incubator, probably the most successful incubator in Singapore. And they were given $25,000 or $50,000 investment in their people coming in for their 100 day startup rounds. But if they would go through and do all the legal stuff correctly with the lawyers, it's going to cost them $10 grand to give somebody $25 grand, which is silly. So that's what inspired legalese.com. So imagine that your protocol is your jurisdiction, right? I can say, I can create the logic for my contract in my domain-specific language. And I say, I want Singapore to be the jurisdiction of law that binds this contract. Or I want the UK to be. Or I want the smart contract to be, right? And people think, ooh, you can't do that without governments. Let's say, we already do. Most business contracts today have a clause in there that doesn't let you go to court directly if there's a problem. They require you to go to private arbitration. But why can't private arbitration be a smart contract on a crypto ledger? So that is where we're heading. So the fundamental principles of crypto ledgers, I think you all know. Right? They're public, they're immutable, unless they're Accenture, Accenture just patented a crypto ledger, that lets you take things back. Oh my god. Okay. Just stop doing that. Right? This is the problem. This is the hype. It's really, really bad. They're peer-to-peer. They're not client-server. They're pseudo-anonymous and there's a lot of work to be making things that are more anonymous. And this is a very important thing. If you want to be involved in development, if you want to do something that's going to have a big impact, work on this problem would be a very positive outcome. Secured by consensus. This is really the trick. This is the challenge that people are encountering. Right now, Bitcoin, Ethereum, they're doing a proof of work. My friend yesterday was describing it as a proof of waste and I think that is absolutely a fantastic way of doing it. This is not the future. Is proof of stake the future or not? I don't know. There's other consensus models and the crypto ledger that's going to win or get the most market share is the one that's going to really do this a lot better than the others. Okay. So I think you may not have noticed at the beginning of my slide, I described myself as a curmudgeon and so I have personal opinions that are right and I'm going to call out names and make gross assertions that will probably offend people and you are welcome to jump in and argue with me about them as we go. I encourage you to do so. Okay. So that's what crypto ledgers are. Let's talk about what crypto ledgers are not. Apologies to the previous talker, although he did actually clarify some things to make sure you didn't misunderstand this. Crypto ledgers are not the latest NoSQL flavor of the month. They are not databases. It's a log and actually, if you're familiar with databases, especially like Postgres that have a right-ahead log, it's just an append-only log that gets written through there first before it writes out to the database files and if they did index it, so if it crashes, you can just recover from the log. Right? But it's not a database that you want to use as a database. It's just a big right-only store. Okay? Crypto ledger is not a good place to store your secrets. If you store your secrets on a crypto ledger, you're an idiot. Pack yourself in the head, right? Because someday, someone is going to decrypt some of this information, right? If it's time-important information, then that's okay. You can put that on there. But if it's stuff that lasts a long time, that's private information that you would never, ever want to see, just like, I'm a photographer and I get people come to me to do pictures and girls ask me to do kind of search pictures and I say, don't take any picture that you don't want people to see. No matter how well you think you're going to hide it, someone's going to see it one day. And the same thing is writing something to a crypto ledger. You should just assume that someday, someone in the world is going to see that data if you're going to write something to a crypto ledger. Now what it is a great place to do is to put hash signatures of data that you have that are also signed by your private key so that you can do two things. You can prove to somebody that you have the information because it's signed by your own private key and they can confirm that with your public key. And you can also, when you need to reveal the information to somebody, they can rerun the hash and see that the data has not been tampered with. So you can store hashes of private data on the crypto ledger and nobody can recover your private data. That's a good way to prove that you had it when you said you had it and that the information has not been compromised. So don't store your secrets there, store your secrets somewhere else, but store your proof of the secrets on the crypto ledger. Crypto ledgers are not efficient at all, not even close. They are by design, very inefficient structures. So everyone's saying, throw everything on the crypto ledger. Why do you think we have all these side chains and this other crap going on? The whole architectural model of what makes a crypto ledger gives all those positive benefits that we wanted before by design imposed inefficiencies in it. So don't think of it that way. Crypto ledgers, so this is why I use the word crypto ledger. I don't say blockchain because a blockchain is a solution to the goal of what a crypto ledger is, right? Blockchains, I personally believe, are not the future. I think something that resembles more of the directed graph model, although I don't use these two systems, there's a hash graph or a hyper ledger, rather, and IOTA are doing two different ways of managing it, right? The blockchains all require that you have access to the entire data in the world. And that's not going to scale past a couple of years from now. So people are partitioning stuff and doing all kinds of things to hack it, but it really just reveals that blockchain itself has fundamental architectural disadvantages. I don't think of the future. Crypto ledgers are not immune to cap theorem. Who knows what cap theorem is? Okay, so cap theorem is the whole idea that there are three attributes for a system for any distributed or computational system that you want. And you can design an architect to get any two at the cost of one other. So the first, the C is for consistency. The A is for availability. So consistency means that your data doesn't get screwed up, right? Your data is correct as a whole, it's atomically correct. Accessibility means that you can get to your data. You can actually perform operations on it. And P is partitioning, which means we have these distributed systems that are breaking apart that the partitions can come back together and be correct. So you can operate while the partitions are broken apart. Partitioning is very interesting because partitioning, unlike the other two, is really just a time-sensitive aspect. Absolutely every transaction you do, even on a local database or whatever, is briefly partitioned. While you've written it to memory and hasn't been committed to disk, you've got a partition. You've got a different perspective of your data and memory than you do on the disk. That's partitioning. When you have an update on your local computer and it hasn't been propagated out to the network, that's partitioning. The only real difference is what is the latency of your partitions? So distributed crypto ledgers, by definition, have to do the partitioning stuff, or they wouldn't work. And availability is the other key aspect of it. And so most crypto ledger models are an AP model for cap theorem, and then they operate heuristics, which is the consensus model, which is the proof of waste, the proof of stake, whatever, to then achieve as a heuristic the consistency aspect. But the consistency is sort of a weak consistency, right? It's an eventual consistency model. So if you are coding applications, coding distributed applications, dApps, or whatever people want to call them, you must be aware of cap theorem. And you must be aware of which two out of the three you're focused on or you're dependent on, and make sure that your architectural model addresses these correctly, otherwise you will have some huge mistakes, some big mistakes. MariaDB has their visual consistency model, which was then demonstrated to actually have flaws. You can actually lose information in MariaDB because the C aspect of their consistency model actually had some failures in it. And so this is very important stuff. Crypto ledgers are not presently able to live up to the hype. That is just a fact, right? All the great things and wonderful things, I mean, I believe crypto ledgers are the future. No question about it, the impact of these things is bigger than the impact of the internet itself. It will be. Entire economies, entire nations will be changed. Future generations will be changed from crypto ledgers, but not with what we have today. So how do we get here? OK. So anybody have any idea who said this? Writing a paper, promising salvation, make it structured something, or virtual something, or abstract, distributed, or higher order, or applicative, and you can almost be certain of having started a new cult. Anyone have any opinion who might have said this? Just from the blurb on your thing, maybe Dijkstra. Wow. He's right. OK, so Edgar Dijkstra is this computer scientist, Dutch guy, freaking brilliant. And he came up with the whole idea of provably correct algorithms, and code, and programs. The whole concept of structured programming was his invention. Now who knows who has an opinion as to when he said this? He could have said this last week, right? It'd be super, super relevant, because it's exactly what we're seeing today. Is it he dead? He is dead. So he didn't say it last week. 1979. I think he died in 2003, unfortunately, he had cancer. So seriously, folks, this snake oil crap has been being sold forever, right? Since we've had computer scientists, and we're still falling for it. And that's the hype of this blockchain stuff. So I love this, right? Don't leave me for the fact that competent programming, as I view it, as an intellectual possibility, will be too difficult for the average programmer. He must not fall on the trap of rejecting a surgical technique, because it's beyond the abilities of the barber in his shop around the corner. Understand that surgeons in the cowboy Indian days, in the early Napoleonic sailing days, were also the barbers. But this is the reality, OK? There's so much hype, and there's so many fanboys that are jumping on, writing this kind of stuff. Distributed computing is freaking hard, people. And not everybody can do it. Not most people can do it. If you're just a script kitty, you can't do it. And Edgar's a commudant as me, right? Several people have told me that my ability to suffer fools gladly is one of my main weaknesses, right? So these people are spouting crap and saying nonsense. It really bugs us guys who know what the real problems are, and who understand what the fundamental issues are. And I have no apologies for calling them on their crap. And that's part of what I'm doing today, OK? So if you're a developer, where's the action? Where could you be playing in, right? Is it Bitcoin? Well, it's the first of the biggest, but most of the work is actually on the fundamental technology. So you really have to know everything about how Bitcoin works to really even participate in the process. And then the people who've done it have already got a lot of experience, so it's a cool thing to be involved with. I encourage you to do so. But it's not a whole lot of action going on there, except for some people early on, before Ethereum got big, forked the whole Bitcoin code base, made some changes, and made their own coins. And that's one way of being involved in a Bitcoin-ish type of thing. And you can do this. So Ethereum is one that everybody knows about, right? It is the first and only legitimate smart contract system out there. A lot of people who claim they have smart contracts, but they don't actually execute in a model that's distributed. They're executing on nodes and storing the results somewhere, which is not wrong. But that's not really what a smart contract means when we're talking about a crypto ledger. Almost all the ICOs are here, right? Or there have been some that actually forked the code base, like, oh, what's the other one? I can't think of the name. The one that we considered for hot now. No, no, no. Considered. Didn't take it. It's a fork of Ethereum that the JPMorgan is behind. Critical? No. Quorum. Quorum. Right? So quorum is a fork of Ethereum that they are to replace the proof of work with a proof of stake mechanism so it can scale up. But in doing so, they also have private oracles that are deciding your transactions. So it's not completely open. So the whole consensus model is the challenge, right? Doing the consensus right is the challenge. And that's how people differentiate themselves. So then there's Stellar and other ones. And actually, for our client, because of certain reasons, we actually are implementing their distributed application on Stellar. And these are really specialized systems appropriate for their domains. So if you're talking about transferring lots of microtransactions for low cost, really high speed, Stellar is a good possible option for you, right? It's got a very limited set of contract functions, but it's also a lot safer as a result. And if that fits your model, then Stellar can be good. You want to do anything outside of that, and Stellar is completely inappropriate for you. And they'll be the first to tell you that. So it's important to know where you're going, what you're interested in, right? So the vast majority of crypto development in mindshare is on Ethereum. Just about every ICO is ERC-20 based. So learn it, know it, live it. This is if you're wanting to build your own currency or doing an ICO, right now the game in town that you have to play with is Ethereum. And give the guy props. He really did. He's the first one to do it. No, whoa. So Vitalik, he started it off. He was writing it in C++ and Python, which were excellent choices of technologies to build this kind of stuff on. And then he created the ERC-20 thing in 2015 when the standards for how to build a token became important. Give you some super secret true facts about crypto coins. 99% of them are complete crap. And this is a conservative estimate. Why is it crap? Most of the people behind them, the reason why I turned down all these ICOs and people with real serious money, people with money that could make a difference in my life, turned them down. Because the people behind them are frosters, right? They're the classic guy. Exactly what Dijkstra was talking about. Use these buzzwords and you create a cult. And that's exactly what they're doing. And almost anybody who comes up to you and is like pushing a coin to you is doing this to you. So you need to be able to smell it out. The best way to smell it out is to check for these two attributes, right? How does their token have intrinsic value? Why is it not just something that you could just exchange for real money, for fiat money, and do this and have something that's more tradeable? There's got to be some extra value that some aspect of their business model that makes the coin more important than cash, right? If you can identify that, then you might have something that's legitimate. If you can't identify that, you know it's a scam right there. It's a complete bloody scam, run away. The other aspect of it is there's no skin in the game for these people. They just produce a coin, right? They get all this money, all they have is a freaking white paper. They don't have an existing platform, right? And they say on six months to nine months, we're gonna build this awesome crate tool. And what do you get for it? What do you get to use as a tool? Don't get any equity? Why can't you raise money legitimately through raising private equity or something like that? Well, it's because they're scammers and they wouldn't pass through diligence is the reason, almost every single time. So this is a great way to get a bunch of cash, not give up any equity, not dilute yourself, and you've already got the money. Actually doing the development and delivering on the thing is a much higher risk prospect than just saying, eh, it didn't work out, which is what most of these people are doing. And so you lose your money. And if you go for this, you deserve to lose your money, right? Now the other aspect of why they're all crap is the technology, the tools, and the developers aren't up for the real deal. They aren't able to deliver what's being promised, right? Can't scale, can't distribute properly, have a screwed up sense of consensus, cost way too much to put transactions on their environment. And these people, okay, they don't even know they're scammers, right? These people with no experience, right? And this comes from, it comes from the worst is better model of software development. In the entire history of technology, the superior technology almost never wins, right? Have you not noticed this? You know, the guys who got the best marketing department and something that will just work, their first, they win almost every time. And so that is the absolute attitude in startups and in everything else in the space. Well, guess what? This is the first industry. This is why this is exciting for us geek types. This is the first industry that what the code does matters more than anything else. If you have a feature that executes better differently, it gives you a disruptive impact from a technical perspective because our whole trust model now is now on the code and the stuff. It's not dependent on whether this guy can execute or not. The code does or doesn't work. You can see that. If you write a better system, you don't have to have a marketing department, boys and girls. Your system will win. This is a whole different paradigm for development than has ever existed in our industry. Let me tell you, it's super high risk, super high profits. So, worse is better is wrong. Worse is better is gonna lose. The people who have been playing that model and been very successful are gonna get their asses kicked. Don't be there. The other aspect is the people who call themselves experts, right? An expert is not somebody who given a problem knows how to attack the problem. An expert is somebody who given a problem knows how not to attack the problem because they've got experience. They've done it a thousand times. They've seen it work and fail in many different ways so they know the context in which to approach it. That only comes from experience, right? And the issue is that most developers in Asia, they don't have more than two or three years of experience and then they get promoted to managers and they never write another line of code again, right? Because there's not technical career paths here. If you don't have five to 10 years of experience, you are not a competent designer. I swear to God, you can't do it. You can't do it for this level of complexity. You can do it for a webpage, right? But you're not gonna do this. If you don't have 10 to 15 years of experience, you're not an architect. Don't even try. You screw it with yourself, okay? CTOs with one and a half years of industry experience. True story, okay? Got a guy who worked for me. He read about Ethereum, was interested in it. We wrote an Ethereum contract. He wrote a good part of it. First thing, he wrote like 75% of it, did a pretty good job. Pretty simple because you go and write simple contracts on here, right? Had fun. And a company in Thailand walked up to him, tripled his salary and said, you're our CTO. And he was stupid enough to take it. God love him, you're on good luck. But what does that tell you about that company? It tells you they're not gonna be around next year, but they are those scammers, right? They're gonna go and they're gonna scan bunch of people and do ICOs and they might get lucky and hit some, but every one of those things they're gonna do are fraudulent and gonna fail every one of them. I swear to God. This is where we are. So this was a very present tweet that I saw come up when, just a couple days ago, 19th March, right? I was not a computer scientist. I came up with physics. The transition that gives me a rather specific perspective on the situation. Computer science is a field which has not yet encountered consequences. Holy shit, is that right? Because computer science is not a science for the girls. My professor at Southern Polytechnic University out of Atlanta, Georgia, a friend of mine, always used to observe that no real science has the word science in it. Real sciences or chemistry and physics, something like this. Political science, not a science. Computer science, not a science. It's just like governments that have the word democratic in it. They're all communists. If you have to advertise yourself or something, it's because people don't think you're that and you have to pretend to be that. It's not a science. Notice again in the game some very serious ethical issues for us. Now we've been able to get away with it before, but we can't now. This is a big problem. So we better get our houses in order before somebody else comes and does it and it's gonna be the governments that are coming to do it and they're gonna be very brutal and nasty and it's gonna screw up the industry. We have to get ahead of it before it gets us, right? And certification is not the answer. If anybody says that, I get to beat them up and I will. Okay, Ethereum. So this is where the action's at, boys and girls. One year after the ERC-20 coin was released, there was a dial. Now remember that bit about never having to experience consequences, right? June 17th, 2017, programmers experienced real consequences. Existential consequences. The Dow was broken. $50 million worth of coins were stolen and a $150 plus million organization was wiped off the face of the earth. Three lines of code. Now we got consequences. This is what I'm talking about. Worse is better, it doesn't apply anymore. You have to be correct. You have to get it right and you have to do it better than everybody else. You can't just play around like, this is a neat idea, let's try it out and then put people's money on there, right? That's not ethical. You can't do that. Right, so. Dijkstra again, right? 1970, we are obligated to produce not only correct programs, but demonstrate very simply that they are correct, provably correct, right? It has a huge influence on the way you design. People who have adopted, anybody use test-driven development, okay? It's got plus and minuses for it, but anyone who's ever done it has absolutely observed that it changes the way they design and write their code. You write the test first, that means you have to write your code to be testable easier and that is a complete different paradigm shift. It's a different architectural model than what you would have done without it every single time. When I write code by myself, I do a test-driven development thing and it saves me from over-engineering and doing all kinds of other mistakes that humans will do. So I like to call this Dijkstra's Revenge, right? He said this is freaking 1970. Almost everybody wasn't even born yet. We knew this problem was coming, right? But the worst is better mentality took over in one. Well, now it's back. The coach said Dijkstra, we'll kick your ass. So how do we get here, right? When you've written the new application that's gonna blow Facebook out of the water and your UI crashes when people do kind of weird things, people reload their browser. No problem, right? But when three innocuous lines of code in the wrong order wipe away millions of dollars of wealth and utterly destroy your relation, perhaps you've chosen the wrong architectural model upon which to base your future. And that is my argument here today. We are doing it wrong, and we better fix this really quick because somebody's gonna fix it for us and it's not gonna be pretty. Well, this is the dowsaster, okay? So I am a very process-oriented guy and I'm also very interested in private space and I have developed a process methodology that is inspired by the Apollo program on tracking processes and updating things and continuous improvement in processes and having independent verification of steps as you go. So that's why when you hear the countdown, comms check, this check, this check, this check, this is them going through that process that was developed by the Apollo program and we've adopted something like that at Proteus House. My business partner who's an Norwegian guy from the UK, his hobby, coincidentally, is studying aircraft failures, aircraft crashes, right? And so, why do airplanes crash, right? It's rarely ever caused by catastrophic failures, rarely ever is it the wing fell off or something like that, right? It's almost never that, right? It's almost always the result of many, very small, little innocuous failures that only manifest themselves in rare edge conditions. But if you fly long enough and do something long enough and play with it long enough, boom, your plane goes down, right? So these are the kind of things that grow geometric proportions as your complexity goes up linearly. They should scare the hell out of us because the complexity of applications that we're building today because of the capacity of our computers and now that we're trying to distribute them and doing all kinds of weird stuff which some of it has a basis in computer science like the cryptography aspects, but a lot of it is not and they're still figuring it out like the consensus aspects and the consensus aspects are the most important aspects at all, right? We don't know this stuff is necessarily right. Matter of fact, we know when the failure mode is, right? The Byzantine general problem demonstrates, you know, after you go past the third, you're in trouble, all bets are off. So we know there's failure modes already, right? These are the kind of things that humans will never ever see. We cannot catch this by ourselves. So if our tools don't catch this for us, we're gonna get more Dow problems, right? So let's talk about the Dow. This is the actual source code where the critical failure, there's actually multiple failures in it, right? So we talk about little innocuous things, but this is the place where if there was just a change in the order of three lines of code, honestly a change in one line code, they would not have been able to perform the exploit. So what happens is, right? So you get into this function and what this is is like, if you are invested in a Dow contract and you've decided I don't wanna be in here, I wanna get my money out, that's called a split Dow transaction. And oh, by the way, this link here is a very good analysis of this. So definitely check out this link, you'll get more details about it. But so you get into this function, right? And right up here, it's computing how much money the person is owed. And then this function here transfers the money. But notice this message sender is not declared as a parameter anywhere, by the way. It's just implied it's magic. It's an aspect of the Solidity thing. A lot of implied aspects of Solidity, there's a problem with the language, I believe. That is not what, the sender aspect is not, but other implied aspects is what allowed this to occur. So you send the guy the money, and then you update your local balances of the result of that send. However, if in the call of this, this actually calls the contract for the guy that you're sending the money to, which allows him to write code which recursively calls the top of the function. So you have sent money, and before you get down to here, he's recursively called the function. So it went back to the top again, and he's sent money again. And it went back to the top again, and he's sent money again. And it actually sent a whole lot more money than your balances. And it keeps going until you run out of gas, which is the cost of actually executing the thing. And that is how they stole all this money. Now, if you had put that send money after you updated the local balance, and moved that line down two lines of code, exploit would not have worked. Couldn't have done it. Now, how the hell are you supposed to catch that? How do you know that that's even possible to recursively call that thing? Script kitties aren't gonna do it. Let me tell you. You have to have serious processes. You can't do this halfway, right? So the problem is we've got an imperative programming model with a lot of magic, object-like, non-obvious behaviors. So it's not explicit, right? You need your code to be very explicit. There's nothing going on in your contract code that you didn't intend for it to do and you didn't write yourself. That has to be something your tools enforce. Lack of atomic paired operations allows contracts to enter in a determined stage, right? That whole thing about sending the money to this guy and updating the local balances should have been a single logical transaction that if any part of it fails, the whole thing gets rolled back. That needs to be automatic, okay? Of course, it goes, does the term ledger not mean anything to you? You know what, you can't do an entry on this side without doing the entry on this side and having them balance. That is the definition of a ledger. Ethereum can't do it, can't do it. Now, I'm beating up on Ethereum, okay? Guys, I love it. I love the team. Friend of mine is on the Ethereum Foundation. They're doing a lot of stuff about this, but, right? This is important, you know? We just can't like people and do this. We gotta call it, right? In this day and age, yeah, Doxter's been warning us since the 70s, you know, who could possibly come up with such an obviously defective model? JavaScript and Go-Link people will do. That's who. These are new modern languages that we knew all this shit before and we're doing important stuff on it. Has no business doing this kind of work. None whatsoever. I get to all these. Okay, definition of solidity. Solidity is the programming language that most people use that came from Ethereum. All right? Programming language designed to prove to Bencherry that a greater abomination than JavaScript could gain widespread adoption by developers. Because years ago, I said, never again will we ever have a language this horrific get widespread adoption in developers. I said this about seven years ago or so because I loathe JavaScript as from a language designer. Language design, I've been doing this since 1984. It's my sort of religion, right? We don't need another C-like language that has a broken concurrency model. Go Lang, freaking Google, who's got the power to do this shit right. Holy cow, I'm the guy who did it, no better. Okay, so maybe that's not the actual definition of solidity. So let's look at Wikipedia. And we zoom in here. So right here in the Wikipedia thing, right? Talks about how solidity is partially at fault for the Dalhack. So it's not just me saying this. So how to do that? So the designer would, is the guy who programmed it, designed around ECMA script. It did it on purpose. Oh my God, it's JavaScript. Is this European standard? It's the standard you go to when you don't know how to do an ISO standard, right? I used to be able to do an ECMA standard for telephony. I send them 40 bucks on my standard. I'm an ECMA standard. I did this in the 90s, right? You want to do a standard, do ISO, do ANSI, do what C++ went through, do it right, have people put their eyes on it and really check the thing out before anything becomes a standard, right? I cannot describe a language that has been the epitome, the best example of how to do standards properly than Bjarne Stroustrup's C++ thing. And I was involved in the very first part of that back in 91, 92 of that. And wow, I mean, the language is so different than it was back then and the way it's evolved and the strict architectural drivers that they adhered to and they never cheated to fake something out. They always held their guns of what the core architectural drivers and purposes of the language was, you know? Which caused it to have syntax issues, right? Because it comes from C. So I mean, there's good, bad, and ugly in doing that but the choice they made, they're always right and it allowed the language to evolve to something that's just like so powerful. It's probably the most expressive language that's ever been invented. And when you look at what the compiler has to do to get that thing to compile, you can understand. So, Mark 23rd, 2016, this guy posts, this is a JavaScript guy, just liberated my modules. This happened. He broke Node for everybody who uses Node and it's because NPM, which is their build system, okay? Make solved builds, right? There's little things you can do but the way that make works, you know? So it's atomic, it's correct, all that kind of stuff. It's the solve problem doing builds. NPM is what, number three? We got Gulp, something that starts with a V, Bowser or Rouser or whatever the hell it is. And now we got NPM. I mean, they keep reinventing everything that's been done in computer science since the 60s and 70s and they get it wrong every time, every single time. The Java people did the same thing. Like, my God, boom. So, should these people be doing our crypto ledgers? All right, this is the mentality. The JavaScript people and their influence has taken over this because it's so easy for script kids to get in there and do this. And tools for JavaScript, you know? Oh my God, all right. So we learned our lesson, right? That's a big disaster, we should learn our lesson, right? Oh wait a second, on November 6th, some innocuous developer who wasn't even the guy who owned the code, right? For this wallet, locked up. Every bit of money they had. 300 million dollars worth of wealth, locked up forever. Yes, what they wallet on a theory, right? Because the programmer failed to initialize the library and got a default value and so he was able to assign the target address to something that was not addressable. He like put it to zero or something, which means it's all dead and you can't fix it unless you fork Ethereum, which they've done a couple of times, right? Which is not what a ledger is about. I'm supposed to be able to do that. All right, there's metallic response. You know, full stack developers. Okay, now, some of you are gonna be insulted by this, I'm sorry. If you're a full stack developer and it means that you've written JavaScript on the browser and the server, you don't know what a stack is. And I get these people applying for John Lee, I'm a full stack developer. And some of them have actually programmed in backend technology like Python as well. The people, this is the freaking web, the web ain't the stack, I don't care what everybody likes to say. You know, if you've programmed AI applications and you've written FPGA code that's gone to an ASIC, you're a full stack developer, okay? I'll give you that. If you haven't done that, you're not a full stack developer. Quit saying that kind of stuff, right? Because that's what gets us in the trouble that we are. You know, understand what it is that you really do and where your place is and what you're good at and what you're not good at and what you have experience in and what you don't have experience in. Don't try to pretend that, you know, that JavaScript is a solution to everything. JavaScript is a solution to nothing except where you weren't a very good programmer and it was too hard for you to learn a real language. That's what JavaScript was a solution to. So how do we fix this? All right, it's a great quote. Programs must be written for people to read and only, incidentally, for machines to execute. This came out of the book, Destruction, Interpretation, and Computer Programs, which introduced the scheme language, which was inspired by Lisp, right? This thing's been around a long time. And one of my favorite quotes of all times, Brian Carnegie, right? Debugging is twice as hard as writing code in the first place. So if you try to write the cutest little thing, you write your code as clever as your mind is capable of doing it, you are, by definition, incompetent to debug your own code. And that is a fact and that is real. That is absolutely real. And this is what's going on right now. These kids who are writing this code have no ability to check if their code is correct to even, when it has a problem, to even understand what the problem is, where it came from. And it's the problem. We have to fix this, right? So, right? The Ethereum Foundation is no doubt where they live soon. There's a lot of really smart guys and they're doing it for the right reason. I mean, Vitalik's reason for doing Ethereum and his gold and everything, I share them 100%. I super admire the guy and all the success he's got and deserve because he went there and did it, right? Everybody was talking about it. He went there and did it. Now, it's been taken over by a lot of people who not necessarily can, right? There's lots of development going on. There's a new language called Viper which is inspired by Python. That is far and above better than Solidity. Doesn't go quite far enough but gets rid of a lot. Python is what one of the zen of Python is like about explicit rather than implicit, right? That by itself, right? They've gotten rid of inheritance and strange operations that you don't actually see going on. Nothing happens in your code that you did not write. Yay. You know, that's a long ways to it. Solidity, by the way, you can't do unit tests in Solidity because they're broken. Everybody who writes Solidity code writes a unit test in, ah, yeah, JavaScript. Which is not a unit test, by the way. That is an integration test at best. So you're not even doing it right. When I was writing, I started doing my first Solidity code and I started doing some unit tests in Solidity because that's the way you do it, right? And then I was like, wow, this is broken. This is broken. Look at the code. This can't be right. I go out there and look around. Oh, I'm the only one. Everybody else is writing in JavaScript. They don't even pretend. And the crud of unit testing in Solidity is still there. They just kind of stopped and didn't do anything further on it, right? There's an entire industry. The tools is for developers. I mean, it's created a lot of wealth for people who are trying to put band-aids on this junky stuff that's architected badly, right? The entire virtual machine is being replaced by a web as them, which is what? This is a pre-executing JavaScript. More JavaScript, guys. Proof work is being replaced by proof of stake. I think that's a positive thing. I think that's an interesting thing. I want you to do it. Yeah, well, we know what it is. Sorry, what? That's a lot of important. That I make an error. That I'm railing on everybody for their stupid errors. It happens. There's lots of improvements for performance. Now, I don't think we really, I don't know what they're trying to perform so much faster. This has not been a problem that I've run into. Issues for dealing with complexity, I'm issued, right? There's not much going on addressing the issues that I've raised. There's not much activity going on this. You can't deploy a contract that has more than 500 lines of code. It won't fit in a block. This is not a smart contract. This is really stupidly simple contracts. And thank God, because if they were complex project contracts, we'd be really screwed, right? So this law has actually saved probably billions of dollars of wasted capital, right? You have these tools like Open Zeppelin that are written to protect people from doing stupid things that are so easy to do with solidity, right? So it's got a lot of eyes on it, right? Nothing is prudely correct, but they do a lot of unit testing and a whole bunch of people updating stuff. So it protects you against a lot of the basic problems. But it does so with a massive amount of code bloat, which means that your contracts have to be even smaller, right? So it just injects more complexity and size in the end, right? And the whole attitude, which I can kind of understand, right? They built something, they've got millions of millions of dollars sitting in there. They're trying to build on top of the existing architecture. Now, changing the VM is kind of a, they can do that without blocking things. There was a talk yesterday about how they're supporting partitioning. Not partitioning. Sharding, yeah. Sharding of the blocks. And that's a cool idea, and I think it's a great idea. But, you know, again, their focus is, how do we do this without breaking protocols or any things? And that's, you know, you're gonna have to, right? The good question is, can this work? And can Ethereum improve before being overtaken by something new, right? Remember what I said about worse is better, right? Something else comes along, Ethereum could get wiped out tomorrow, right? You do something that's gonna convert the Solidity code or something that runs on your VM and you offer a thing and boom, there's no reason for anybody to be around in Ethereum, you know, that's how the competition is. I'm gonna get rid of these quotes. I like this last one, right? Program testing can be used to show the presence of bugs, but never their absence, okay? You don't know that it's not there, right? Absence of proof is not proof of absence, right? You must know this, right? So what are things that can be done, right? We actually have languages and tools that can prove that code and algorithms are correct. Expressive strong type systems. C++ has been doing this for a long time. There's languages like Coq and Agda and Haskell is doing this. There's a group called Cardano that's run by a bunch of PhD guys. Now, that's pretty cool. They're taking this approach. Now, the challenge is, is that I know so many PhDs, they get, you know, they can't see the forest with the trees. They get down deep into it and they never come back up from the rival hole. So are they going to deliver or not? We don't know, we'll see. You know, they do have some code, but they don't have a working smart contract system that people can play with and use today. I'm very excited to see it when they do. It could be what kills Ethereum. I have issues with Haskell as being the language. It's not a practical language for a lot of real world stuff. They have updated Haskell in the last 10 years to make it something that can exist outside of academia, but I think you need a more expressive language. And I'll talk a little bit more about that, right? We need contract complexity that's two or three or more times orders of complexity, a higher order of magnitude complexity, right? Coins are super simple applications. They're tiny little applications. This is nothing for what the crypto ledger is going to allow us to. Distributed, true distributed, distributed apps are really just going to change the world, but you can't do it on top of something that can't handle this order of magnitude, right? Human contracts are far larger and 90% of their logic consists of exception handling. What happens when something doesn't go as expected, right? The happy case of I'm going to give this guy this much, this is going to be this much, and it's going to be by this date, and oh wait, but that didn't happen. There's penalties here, but this penalty, you know, what you expect to happen is here and the rest of it's here, right? Contracts, you don't invoke contracts until there's a problem. That's why people are always happily signing contracts at the beginning and then regretting it when something unexpected happens because the resolution of it is not good for anybody. Everybody loses. Doing contracts right is really hard. I believe that declarative and constraint based systems is a way to go. So you can, you know, if you have strong type systems, you can do declarations. The fact that it compiles it all proves that the behavior that you're anticipating is the behavior that will always occur in your code base. This eliminates almost all the imperative errors of doing this step by step stuff, right? It keeps things transactional, keeps things provably correct. The other thing that I personally want to see, and this is something that I work on myself, homo-iconic languages that you can build domain-specific languages with. The homo-iconic means that the structure that the code is composed of is also a definition of the language itself. So the language is designed in terms of itself and can compile itself and therefore the programmer has almost all the expressive power that the language designer had in extending the language. The first two major examples of that are Lisp and Forth. And every Forth program that's correctly done is a domain-specific language for the domain that it's doing. So it appears to be English-like at the end. All this stuff's been around since the 60s. But it also has some very big power that you need to be able to reel in and limit. This is a bit of a challenge, but we should be able to get this right by now. And domain-specific languages are very important. So we do a lot of logistic stuff. So I've been working on a warehouse management system. You buy a warehouse management system for a million dollars, which is cheap by the way, especially if you're going with SAP, your integration and deployment and getting it configured to do your warehouse processes can cost you $3 million. That's very, very typical. I've been doing logistics goodness since 1990. And I see this all the time. It's like a cost of acquisition of the technology and then tripling it to actually integrate it. And it's because it's very, very complex to configure these things. If you have a domain-specific language that uses the nomenclature that the people in the warehouse are used to, they may not be able to write the code initially, but they can look at the code and tell you if it's wrong or right. And after a little bit of practice, they can do it. So we're building a domain-specific language for logistics and warehouses. It's gonna make it where the integration cost gets really, really cheap. And the purpose of us doing this is so that SMEs, who don't have a whole lot of access to technology, can now participate in the e-commerce space. That's a whole other thing. So these are the things that I observe from my limited practical experience in crypto ledgers in my interest in language design. It's just scratching the surface. Everybody here, I bet, could think of a good idea. So, Technogutopians are the guy who mentioned this phrase yesterday. I was going, wow, right up my alley. There's you, there was him. I'll stand him, right? They predict a post-scarcity economy. Am I right? It's one of the things we're talking about, right? And I like to see this. Our reputations will be our currencies. How many likes can you get? This is all crap, right? These people love to tell us what to do, and they never suffer the consequences of their hubris. This is what you will see every single time. You'll know that you're talking to one of these people when their advice to you is not necessarily gonna have any consequences if it goes disastrously wrong for them, right? This is, again, what I'm talking about, skin in the game, talking about ethical concerns, right? Ethical societies, economic models require skin in the game. Integrity, not reputation, is your ultimate currency, right? Integrity is the one thing that nobody can ever take away from you, no matter what. Just do something to violate your own integrity, okay? It's your most important capital. It's your biggest asset ever. Do not squander it by participating in these crappy ICOs and doing stuff that's stealing people's money when there's a lot of legitimate work that of real value that you could be doing of consequence instead, right? Manifest this in your code, your work, and your life. And I'm gonna see if I can make this trick work. I've been talking without a mic the whole time. Let's see. I'm a loud guy. Can I watch you from Toronto? Yep. That's a message to the workers? Can anybody hear this? Yep. That's Brian, make sure it's on. Let's turn on the volume. Yeah, I think it's funny, huh? That's fucking where I can move as a pride cook, man. You know, I could be manager in two years. King. Full snack of elders. Thank you very much. Any questions? Yes. Yes. Have you been considered for seeing examples of all of their application to specify in the e-commerce industry? Sure. So, space program, right? They require that. It's expensive to launch the rockets and test them and launch them again. Gotta be right the first time. I've also been involved in the healthcare industry and I've been involved in the telecom industry. And telecom used to require this and now it's not so much. But yeah, so, but I mean, you're talking about multiples of extra costs to achieve the same result in the same time. There's no question about it. But some things do require it and a combination of both. Now, once we have languages and tools that support this, it's gonna come down. I think this is what we really need to focus on. So, I think you have, I do not think that tester and development is a panacea. I think it's a good technique. It's one tool out of the box. But formal verification for things that are dealing with big financial numbers, you have to do that. I don't think test-driven development is adequate, right? It's empirical, but it's not provable. So, anything else? Yes? We can't call ourselves computer scientists. We call ourselves operating engineers. I believe that we can now. But, okay, so in the same line as architects and engineers, when you go get your certifications, which I loathe, but when you look and see what the certifications are, they don't test your engineering knowledge. They don't test like, you know, the tensile strength of stool. They test that you understand the safety factors so that your building won't collapse and kill the people inside it. That's the test, right? So it's testing that you know how to prove that your design is correct. It's not that you know how to do it, or that you can do it. It's that you can prove that it's correct. That's what all these tests show. And so that's what we need, so if we are doing that, so we are applying scientific methods to a solution that we have a lot of heuristic and empirical evidence to support that this will work. And that is engineering. So, yes, I believe that we can, and if we're doing that, right? If you're not doing that, then you're a full stack of Oliver. Yes. Thanks, this is our clean drill of foliage legs that's long and quiet and involves the developer. That is lucid as your foot. The question is, I mean, I used to be a developer. Probably if you mentioned your nice features, I used to be a developer. So, I mean, you're saying basically JavaScript is, let's say, let's be monstay, don't necessarily the most efficient or whatever tool, right? Solidity is an insult, which I think I agree without even knowing that it should come. But so how do you propose to fix this? You said going back to what we had already to do like this for a quarter or something, six months, but also jitter at the languages and bring that, for example, bring it out of smart contracts or just cut this to the ledger, or what would be your recommendation? Because like you said, right, the Ethereum enterprise, that's an Ethereum, I mean, let's face it, this is our bunch of kids and I'm not saying if you really, but they are bunch of 20-something kids. So, it's their first job. They are known necessarily when good people are. That's right, right? They have good intentions, right? They just don't know what it is that they don't know. You know that what they say and how the world would help us get to a good intention. That's right. So, the idea is that this guy needs to learn what's mathematics, what's algorithms, what's system theories are, and then they can do this, but not like others, so how can we move this in a way that everyone can do because they have the power, so to speak, right? Well, we all do, but they have the cash to do it now, right? And they have the time on their hands. So, the answer is that the language that is going to satisfy the requirements to do this has not yet been invented. I'm trying, I'm working on some stuff. Me and my business partner, but you know, but everybody needs to put in on this. But the attributes that I described are what, I don't know what the language is going to look like, but the attributes that I put in here are what needs to be present in those. And frankly, the languages like Agda and Coch and all this kind of stuff that really have really impressive type systems are not very practical to use. Now, they might be practical, so like if you now do a domain specific language that puts together things inherent in what's needed for these distributed apps, transactional, atomic, complete, being complete and stuff like this, you can make those keywords in the language and hide the complexity, right? So, what is, is computer programming an art or a science? It's a policy. Who says it's an art? Who says it's a science? It's a policy. Okay, ah, you guys are lame. Take a stand, you know, make assertions. My assertions may not be right, but they're most entertaining even when they're wrong. Do that. So, it's more of an art than a science is the argument that I would make. And, you know, so, we've got to do the things that, it's what we're all doing as programmers, right? The business of computers is the highest risk industry that's ever been invented in all of human civilization since warfare. No joke, has the highest failure rate too, okay? You know, some people say, you know, if the project delivers value at the end of it, that the project is a success. Even by that measure, 60% of all software development projects fail. My measure of success of a software project is if you go back in time and told the stakeholders that this was gonna be the outcome and they still said, yes, I'll do it, that's a successful project, right? Under that measurement, more than 80% of software projects are failures. And this isn't even the complex stuff that we're talking about here, right? So, software development is the art, art of managing complexity. It's taking crazy complex problems, breaking them down into simply complex problems, breaking those down into simpler problems, breaking those down into easy problems, breaking those down into stupidly dirt simple, you can't possibly get this wrong, and then putting it all together again without losing information. That putting it all together again, being able to break it down into putting it all together, that's your process, right? And this is what your architectural drivers are supposed to accomplish. And so, that is what computer development is about. And so, understanding the domain you're in and making languages that know what the key issues and problems of that domain are and building those as inherent protections. These are constant recurring patterns. They become the nomenclature that we use and speak to each other. That's enforced by the technology. It's gonna allow us to be very expressive, very powerful, very prolific in being able to deliver value to our customers. And until the tools are at that level, we're not going to get the benefit of what crypto can do. Now, we need to do, it's very important, the reason why I'm so adamant about this, we have to do it really fast. Because the governments now are seeing it and they're seeing the impact from it, right? The Dow reinvented a thing called Barabons, which all the major governments spent the entire 90s outlawing and going to little islands that were offering it and saying you don't have access to banking anymore until you quit doing that. Barabons is when you had stocks. That's the way all stocks used to be. You got the stock certificate, you showed up at the shareholder's meeting and however many stocks you have in your hand with how many votes you had. They didn't register your name or anything like that, right? So governments say, whoa, we can have that. Well, guess what? It's back, right? And if we get ahead of the game, we can do it before they can stop it. Now, I'll give you an example of someone who did it, is Jack Ma. Jack Ma got this thing called Alipay, that there's beggars in the street in China who got QR codes. We'll take Alipay, right? It's everywhere, they can't get rid of it. He's now got a capitalization that's greater than half the countries on planet Earth. That's his private currency, right? It's not open, it's private, but it's his, China can't stop it, right? Now, if he was starting it today, boom, right? They'd have protections on it and it wouldn't go anywhere. So this is why it's important that we as developers, this technical community have to get our own house and order before somebody else does. And before, the stuff's inevitable, right? The nation-state, the purpose of the nation-state is about the drop. We're gonna see governments, I think, becoming more like Singapore, city-states that are local and dealing with local personal issues. Small government can be efficient. Governments do not scale. No consensus mechanism, which is what a government is, but it uses force, ever scales, never in history, right? The United States works because it was a confederation of 50 small states doing their own experimental thing. As our federal government has grown big and eroded those rights, we're going the way of Rome. If we don't do something, that's what's gonna happen to America. So, the EU, holy crap, they're dying, they're a dinosaur. It's just a question. It's like the Soviet Union in the 80s. We knew it was gonna go away. We didn't know if it was gonna go out with a bang or a whimper, right? Fortunately, it went out with a whimper. Crypto ledger is going to work. It's gonna take over most of what governments do, everything except for the police and the military is pretty much gonna be able to be done better with this. That's gonna happen. What we don't know is how many casualties are gonna be on our side before that happens. The further, the faster we go in advance and make this a reality that they can't crack down on, the nicer it'll be for us and the better it'll all be. So, thank you. There is a balance of mind for us, okay? So everyone is in the past in the same variation of doing their own thing, right? Right. So none of them is even close. I mean, idea is the bank work, right? That's whatever the bank is doing. Why is it no one overtaking it in their own store view? Because in their own, it's like your mind space is crazy, right? They're making sure that they put this whole thing and then someone's gonna come and take over next year. Well, because they're all thinking small. They're all thinking the coin is the app is what everybody's trying to do. They're all thinking it's the money is the thing. And I'm saying that the definition of money is about to completely change. So they care about the wealth that they have. They see it from the perspective that they have right now, right? All the banks with the hyperledger crap, God damn guy patented it, okay? That's never going anywhere. That's dead. I don't care how good it is or whatever. Somebody's gonna do it differently or better than him. It's gonna be open and it's gonna win. Hyperledger's dead. It was dead from the day that he did that. But all these private banks, that's exactly what they want. And they're just using the terms, right? They're just stealing the terms. It was like everybody who was an ISO 9001 consultant suddenly become an SEI consultant. And then those same guys rebranded what they were doing and called it agile, right? They're just using the terms. But it's fraud and it's fraud, you know it's fraud, based off of the questions that I put up before, you know how you evaluate it. This is a real deal or not. So it's not just the small guys who can't raise money legitimately that are defrauding people by the abuse of the crypto ledger. The big guys are doing it in an even bigger way, right? Because they've got a threat to them and they want to control it and they want to hold on to it. But by its nature, it cannot, it cannot. So anything else? All right, I really appreciate you guys coming out this early. I didn't want to.