 Be your own bank that used to be the slogan of one of the most prominent companies in the space And in fact, I remember when I first heard that slogan and I thought yeah be your own bank awesome in hindsight Ridiculous in so many ways it represents simultaneously the aspiration the the sheer audacity of of wanting to replace institutions that have existed for centuries with protocols and I Kind of like that the sheer audacity of it. I like the idea You know like the old eunuchs t-shirt that said be nice or I'll replace you with a small script, right? but That audacity that vision contains within it a fair dose of hubris I've worked in security for more than 25 years now it was one of the first things I fell in love with in computers and It's always had this draw and as part of that I've worked with a lot of banks I've worked in a lot of financial services institutions, and I've done a lot of work around data centers and firewalls and risk policies and all of that Stuff over the past 20 years So when I hear be your own bank It kind of appeals to me among other things because I know what a bank does I Understand what that means. I understand what it involves and Of course, that's a bit of a problem because most people have no clue what a bank does And they're like, why would I want to be a bank and I don't even know what a bank does but it sounds complicated it is complicated and At the same time though There's a reason why we're coming out the door with that kind of slogan Banks as institutions represent a centralization of power That is toxic to democracies that Creates some of the most powerful monopolies and cartels we have ever seen Funny how we never use the word cartel to talk about the banking system There's the oil cartel Right as the drug cartel But nobody really says especially not in the media about the banking cartel yet It's the biggest damn cartel out there. What does it mean to be a cartel? It means to have Exorbitant monopoly power that you can use to influence politics to close down markets the stifle competition At the same time banking as an institution is something that liberated humanity at first Think about it in The 16th century the only person who could write a check was a prince or a king Now The person writing a check is the octogenarian standing in front of you in the supermarket line Causing 20 people behind him to groan Audibly in fact the US is still one of the few countries in which people actually still write checks If you try to explain that concept in Europe people will look at you funny So a great liberating institution at first Gradually through centralization and masses power Creates monopoly conditions shuts down competition and markets and then becomes The very thing it disrupted They are the new kings They are the new royalty. They are as toxic to democracy as royalty was and So it's important to start with that Audacity that aspirational idea that we can replace the institution of banking with open protocols with open systems But don't ask users to be their own banks Because they don't know how to and we're facing this really difficult conundrum with security Security in this space is the linchpin of everything we do How do we want open blockchains and cryptocurrencies to be used I? Don't know what the specific applications will be. I do know what the killer app is People ask me well Bitcoin find its killer app It's already found its killer app. It's killer app is money It's killer app is money that is neutral open borderless censorship Resistance and not controlled by governments. That is the killer app. You don't need another killer app What you need is to make that killer app Usable by the billions of people who need that killer app and They're not in this room We don't need that killer app Sure, our democracy is suffering because of the banking cartel That's a very tenuous connection that you can't really see on a day-to-day basis The fact that you prefer to make most of your purchases by waving a piece of plastic Over a card reader does not immediately in your minds translates to I'm killing democracy slowly But in countries where they're playing the end stage of that game. It's very obvious how that plays out Where money is failing as an application? Where money has collapsed as a system of technology and they need this So how do we take this audacious idea and deliver it to everyone? Well be your own bank that promise is fraught with difficulty the fundamental premise of this system is Controlling your own money. It's decentralization. It's not using intermediaries and that means enormous power You get to not just Own an account but be a banker not because you want to be a banker But because banking isn't an institution anymore. It's an app and if you can use that app You're a banker Just like if you can use a publishing app you're a publisher and That was unthinkable a hundred years ago and today we can do that and In 20 years from now We will be able to use a banking app in such a way that all of us are bankers and banks no longer exist or At least not in the form we have today We will be able to use these open protocols But between now and then we have to address some fundamental problems and these fundamental problems have to do with security There's two completely different sides to the security industry There's the insiders and then there's everybody else So you'll go to these conferences and you'll hear a lot of conversations about quantum computing right or how people might brute force one day and reverse elliptic curve cryptography We'll talk about vulnerabilities in hardware wallets the difficulty of generating good entropy in a system the challenges of operating system security and creating trusted bootstacks that we can verify Running trusted code and what does that mean to the average end user of? cryptocurrency Blah blah blah It doesn't mean anything. It's a foreign language. It's completely irrelevant This is the fundamental challenge because if you hear all of these talks You'd think that the vast majority of theft of cryptocurrencies or loss of cryptocurrencies Happens in some mad scientist lab where quantum computers are crunching away to break 128-bit security or reverse elliptic curve when usually it's someone running Windows Who's downloaded 17 toolbars one of which is a Trojan and then decides to Use that to run a Bitcoin wallet or it's someone who put their money on a custodial exchange That they first heard of in a Google search. They did yesterday And it offered them great trading opportunities. Of course it did It's missing only one feature which is the ability to withdraw and then one day. It's not there anymore the vast majority of loss in this industry happens because of very very very simple problems Fishing of your SIM card Why would an attacker Try to build a quantum computer to reverse elliptic curve When they can hack a $12 an hour minimum wage call center Verizon employee to hand them over your sms 2-factor by porting your SIM card and If you are actually using sms 2-factor Compared to the vast majority of people out there. You are already on the cutting edge of opsec Two factors. That's a whole other factor on top of the one. I already had which was password one two three four You're cruising out there in opsec wonderland and Then suddenly it's all gone and you have no idea what you did wrong. What could you do better? So for the average user We have this incredible conundrum one of my hobbies is a pilot I fly small planes and One of the things I love about it is reading about accidents and trying to understand the risk factors in aviation You have to know What kills pilots in order to not be one of them? So I read all of these obscure reports about failures and maintenance and complex systems and the vast majority of problems are Decision decision fatigue Lack of situational awareness cascade problems. That's what causes accidents Here's what happens if you put a stack of these reports in front of the average person They're going to decide not to fly and Instead they're going to rent a car and drive from Pensacola to New Jersey Forget the fact that driving is approximately 10,000 times more dangerous Forget the fact that more than a hundred thousand people die on the streets every year because of car accidents That's the naive risk assessment. I Understand how to drive a car. I have no idea how that thing remains airborne I don't know how they maintain it I don't understand any of the risk factors and reading these reports It sounds like a death trap, so I'm going to jump into my Camry and drive to New Jersey and Even that sense of control I'm in control. I'm behind the wheel Sure, I have to dodge three texting teenagers per mile to drunks a sleepy truck driver and Dead animals over the road, but at least I'm in control and That fundamental risk miscalculation kills people The death rates in the United States Quadrupled on the roads in the few weeks after 9-11 because people stopped flying I Got on a plane the week after We do that in crypto. We do that every day in crypto People read about an obscure vulnerability in the bootloader of a treasure hardware wallet and decide well that's it I'm not using any of that shit I'm going to build my own solution Which will be a bit 38 paper wallets that I load on a Raspberry Pi I've never used any of those things before step one download a Secure operating system and install it in complete isolation from the internet How the hell do I do that? I've already failed at step one And I have no idea how to actually securely verify that what I downloaded is real and then I don't know how to use it and Not knowing how to use it is like driving from Pensacola to New Jersey in order to avoid the risk of a flight This is the exact risk calculation that happens Because the greatest enemy to security on the front end where users are operating is complexity It's not the obscure vulnerability found in one System it's not the possibility of Russian agents doing quantum computing It's the fact that you're going to forget the complex password that you put on your system and lose all of your coins It's that you Decide to install your own wallet and take control of your money And then you screenshot the seed and upload it to Dropbox Because why wouldn't you that seems kind of secure Dropbox has a password We laugh at this security experts will look at that and go Dunning Kruger effect Idiots don't know what they don't know That's the uncharitable way to put it if you read on the internet Dunning Kruger comes up a lot of the time people mocking other people for not knowing the extent of their own ignorance If you actually read the study you figure out that we all have done in Kruger. It's just sectional, right? so I Know security, and I'm fairly confident about that But on the dance floor, I think I'm a great dancer because there's no mirrors for me to see what it looks like from the other side And that's done in Kruger in action I don't know how bad it is because I am spared that knowledge Fortunately, we all have domains in which we think we know but don't and our ignorance of what we don't know makes us cocky and We take risks risks We don't even understand because we don't have enough knowledge to evaluate these risks We all suffer from Dunning Kruger in security, however It's fatal in Security, it's what's going to cost you your funds. You don't know The risks you can't evaluate and then you make poor risks choices Because you watch something on YouTube and miscalculated Let me give you a classic example I've been trying to debunk this now probably for two years people who create a mnemonic seed and Are so worried that someone is going to break into their house in a cat burglar suit in the middle of the night Steal their seed and swipe their money They don't apply the actually prescribed solution, which is a secondary passphrase that seed instead They improvise They take their 24 words. They cut them into four pieces They store each of the pieces in four different locations and they feel secure They've just taken 256-bit security and reduced it to 64 bits per piece And if you think 64-bit security is one quarter of 256 bits That's not in Kruger right there It's not it's 10 to the 50 less secure that's 10 with 50 zeros after it less secure than if you had to crack the whole thing So if I managed to get three of those pieces cracking the last one doable in fact the 64 bits of security of That one piece that I need in order to break your seed is less than a Good passphrase that you could have put on and There's no password stretching so it's gonna be a lot easier for me to crack it But that's not the real problem. The real problem isn't the fact that you don't understand exponents or complexity and You thought if I just cut it in four pieces, it's four times more secure the problem is That you just created a solution that isn't resilient Because that is a four of four system you need all four pieces Reconstructed in perfect order in order to get your seed back You lose one word on one of those pieces You're in trouble and need some help if you lose one of those pieces good luck finding someone to help you crack it Without stealing it if you lose two you're done So you don't realize the risk you've actually exposed yourself to which is loss in order to protect a risk that really you weren't facing which is the mystical cat burglar who figures out that you are a Bitcoin Fulfillian air and comes and steals your seed you can solve that problem a hell of a lot easier by renting a safe deposit box The average user is not good at doing that kind of risk assessment and understanding which risks matter and which risks don't at balancing safety with resilience at Making sure that the elaborate DIY crypto scheme they created can be deciphered by someone else for example their heirs So that if something happens to them, they'll be able to maybe get some of that fantastical inheritance Your crypto is going to the moon, but your chances of actually making it there over the next 20 years Can be rudely interrupted by a bus and Then what then your relatives are trying to decipher what kind of mystical cryptography scheme You devised in order to protect your funds even if you don't and all they have to do is figure out What a bit 39 seed is their biggest problem is that the greatest crypto expert. They knew just died So what are they gonna do now you were the expert They're going to go on reddit and look for a sherpa God help them People are gonna line up to defraud them. So that's the one problem Security in the space is complex. It's very difficult to understand what the risks are and how to balance them, but worse The user interfaces are so complex that they're very difficult to apply a user interface needs to be intuitive But not just intuitive Intuitively secure meaning when you look at a user interface, there's an obvious thing to do You better make sure that obvious thing to do is actually the secure thing if we design interfaces where the obvious thing is the most secure thing Then our users can actually do operational security if You leave them hanging and they have to figure it out themselves then we failed our users This isn't just a problem of how do I be my own bank and control my own crypto? The vast majority of people faced with this choice What do they do? They go to a custodial service They put all their crypto in a bank It's a crypto bank still a bank and They put their money on a custodial service that has far less standards for security than a bank No auditing no transparency No controls or very few controls There are some good ones now But how long does that last? You know the saying goes there are two types of crypto exchanges those that have been hacked and those that will be hacked There is no unhackable exchange in fact if you really understand how financial services work there is no more difficult task today than securing a centralized honeypot of bearer digital assets that could be transmitted irreversibly and disappear This is a hugely difficult problem You need a lot of security experts to figure out how to make sure that no one within your exchange can steal it That it can't be seized that it can't be accidentally lost Balancing resilience and security access for your users and all of those things. It's a monstrously hard problem If a bank has its money transferred out by wire transfer, they just reverse the wire transfer If an exchange gets hacked and the money is gone. It's gone Digital assets are very very difficult to hold the only reason they can be secure is if we decentralize control if Thousands of people then hundreds of thousands of people then millions of people each hold their own keys The only reason that secure is because you have to compromise millions of different people if you take these millions of keys and You concentrate these millions of holdings in one custodial institution that Institution by simple math has to be a million times more secure than each of the individuals because they have a million times bigger pot of money of Easily transferable irreversible bearer digital assets and Here's the problem. We have insecurity. There is no million times better security. It doesn't exist You can't do that so effectively when you concentrate these many holdings the Level of security decreased and it didn't decrease a bit it decreased by orders of magnitude and that's not the real problem even The real problem is what the hell is the point if all of the people who use this system are going to use custodial Exchanges and custodial wallets. What the hell are we doing this for now a lot of people will smile and say We want to offer security to our users We will give them ease of use and peace of mind What they're trying to say really is I Hear your anarchist ideas about disrupting the banking system But rather than doing that, how about we replace the old bankers? with me Same business as usual new faces on the letterhead The banking cartel sucks, but my new banking cartel will be awesome Because it has block chain in it That doesn't change anything Either we're doing this because decentralization matters because decentralization is a fundamental principle Because it's a fundamental Architecture that our society needs in order to scale without losing all of our freedoms Either we understand that decentralization is the only thing that will allow us to scale governance scale trust scale society Without descending into some kind of totalitarian surveillance nightmare Or we didn't really believe in any of that and it's just about being the new rich people in charge Replacing the old rich people in charge We have to solve these security problems because for our users The two choices are both terrible Be your own bank without understanding any of the Responsibility that has the complexity that it brings on immature user interfaces with underdeveloped processes No services and support in a Wild West kind of thing. I Love that. I'm a geek. I love all of that I want to take all of the control and I just enjoy trying to figure that stuff out, but that's not What everybody else is going to do and it's either that choice or I can't do this I'm just going to give my money to someone else who I'm going to trust and we're back to business as usual We must solve this problem We must provide user interfaces systems that allow users to manage their own money in power of themselves Without Risking losing it all by making one silly mistake and in order to do that. We have to understand That our users are not really concerned about one obscure minor vulnerability Their password is password one two three four They don't know what a second factor is they don't care to learn any of that and They're going to make one stupid mistake and Just type their password in to some weird website that popped up because it offered them a ten dollar gift card That's all it takes and you read these things you read people say I just lost ten bitcoin I went to this site and it promised a five percent return daily and I invested you didn't invest You threw your money away Because you believed in something that was too good to be true We have to make it so that security is intuitive for users who are going to make these basic mistakes We all have the Dunning-Kruger effect, but in security it's deadly and it's our responsibility To help users understand what matters and what doesn't matter Which vulnerability is important and requires action on which ones don't and eventually gradually Make all of that complexity Disappear into the background so that users have Intuitive options that are intuitively secure from the beginning. Thank you