 Octa developers, welcome back to our channel. I am Heather Downing and I'm here with my friend Brian Demers and we're going to introduce to you somebody pretty cool. Recently we had a hackathon for some of the new technology we have coming out here at Octa and we would love to introduce you to the winner of the hackathon. Brian tell us what is this hackathon exactly? Well we had a hackathon for some of our newer technology. Octa is introducing what we're branding as the Octa identity engine and that's more some newer features around policies and how a user logs in and we can get to that later but really what we're interested in today is we want to talk to Matthew McKenzie who is the winner of the hackathon with a great project called Goose Clip. So the name Goose Clip comes from GoOS and then Clipboard so it's origin is in a build command for the Go language. I'm a product developer at heart and I have a particular interest in technologies which have a positive impact so things like medical technology, education environment and in this particular case communication and collaboration technologies so Goose Clip kind of enables us to collaborate a bit more effectively because we have faster networks and more secure networks. The catch line is Goose Clip is pair to pair as a service which basically means it's a tool which can be utilized by other products to integrate pair to pair into their apps. Okay so peer to peer can we have like an example that you can compare certain apps to? Yeah I think we're all used to hearing about crypto and BitTorrent but I think some of the more unknown ones are things like Spotify and obviously Zoom and technologies like we're using at the moment are also using pair to pair. So pair to pair is fast, it's secure and it can greatly reduce costs so egress costs going through the the centralized server quickly can aggregate and for something like Spotify distributing their songs at the start of their company it would be quite expensive for a free tier software suite so they used pairs to distribute that music. I never really thought about how the technology behind Spotify worked I mean I use it almost every day and it's one of those things you know it's it's now the new radio right so whereas whatever 10 20 years ago you used to think about how the radio worked and it was just you know whatever FM versus AM and now now it's a whole other level of things to think about. The foundation story is basically based on pair to pair to what facilitated them to to build it. So how did you even come up with this idea when you were invited to try out something during the octahackathon? Actually the octahackathon itself which stimulated the idea so the idea of creating an authentication or authorization system for pair to pair was quite interesting. I think when you are creating a platform as a service that requires authorization you really don't want to start to control user repositories because companies don't want to give that up right like you don't want to give your user base to a software suite so I had to come up with a process to perform the authentication authorization without actually requiring admin access to the user store so all stimulated by the octahackathon. That's so cool. Did you have you were you working on goose clip before the hackathon or was this an idea in the back of your head or what was sort of the the genesis of this? Yeah so goose clip actually started out as something different so Go OS clipboard it was a clipboard synchronization tool. I was quite frustrated because I used to use a Linux, a Mac and a Windows machine and they weren't interoperable at all. Obviously people use a lot of Apple products they used to you copy on a clipboard and you can paste on your iPad for example but across operating systems that's not really the case so that was originally using gRPC which worked well on the local network but wasn't great for cross network stuff so I started moving towards P2P technology and I realized how outlandishly difficult it was. So I kind of thought that the P2P aspect of what I was building was actually probably more important than the original product so goose clip kind of evolved into the thing it is today. Very cool I really like how it started as a clipboard tool. I remember this was years ago but I've done this a couple times too where you play with a couple new technology stacks and you know clipboard is one of those foundational things that you use every day but the synchronization is terrible and even with some of the tools that are out there you know it's it's still frustrating and you know the network limitations and all of that so it's really cool that this is morphed into this more general thing. Yeah I think I ran across some code from Microsoft in 1970s it was pretty scary stuff. Yeah they're dealing with other mine types of different clipboard objects and that's a whole other thing you can go down. Has anybody else started using this too or you kept it all to yourself it's kind of like your own pet project? So no one's using it yet I'm building it out properly with like infrastructure's code and multiple environments and things like that. I used to be CTO of a company so the idea of building it properly from the start is quite important to me especially a product like this is where it should be security based. Very cool so jumping back to the hackathon of how you heard about this all together I want to call out already I showed the link earlier and we'll have the link in the description but really that your demo like even the product aside the demo blew us away all of the judges so I was one of the judges all of the judges hands down were like this demo was amazing so I mean I don't know you mean you could you could have probably just whipped up just the demo portion and impressed us but I you know you said there's some code too so it's all good but yeah so have you done a lot of hackathons in the past or is this or you just you know you like all this speaking and everything? This is my first hackathon got put onto it by a friend of mine but I've made videos before so I used to do a few YouTube videos at the inception of YouTube right when they weren't so professional but I got my premiere pro membership recently so I thought I'd better use it. No it was great we loved the whole the whole reel it was awesome. The intro was actually a bit of a joke so I say Goose Clip is as a P2P as a service and then she kind of sings yeah that's all good it's a hackathon too right you know the big thing is is sort of proving the point and then you know it's one of those things that I never really thought about as much until recently as the selling of the idea of the hackathon at the end is just as important if not more important than than the product itself because you still need to convey what you did clearly to people so there was anything that I've taken away is it's even the the presentation portion is even more important not only a time box but you you also have to have presentation skills I participated in several startup weekends where we had to come up with the whole thing architecture actually had to build it out then put together a demo reel as a whole I had like 48 hours to do it so hats off to you this is not easy for anybody who actually goes and takes it out for it to be done in this time my gosh you should be really proud of it. I think what you said Brian there is like you have to convey the entire story within a very short amount of time so Goose Clip is basically a library or a platform so in order to demonstrate it I had to build other products that use it so it was hard to convey that while I'm showing these products they're not necessarily the platform that we're talking about here it's the thing that's powering it all. Was this your first time working with any Octa products? It was as I said earlier I used to be CTO of a company so the idea of using Octa was quite familiar with compliance and stuff like that the requirement for SSO was quite important but I don't think we ever got quite got around to it but I knew of Octa and I knew it was kind of a global brand when it comes to this kind of stuff. So how did it actually work out this is remember this is new stuff that we're rolling out right so if you could be totally honest like what were the pros and cons of creating like a peer-to-peer app with Octa? Yeah I wouldn't say it's specific to peer-to-peer but I found the experience a mixed bag so it was really good to the documentation was obviously amazing and as a developer that's super important and the diversity and power of what you could do was amazing so I've not quite used an authentication platform like that before. I thought a few simple things were missing so things like regex kind of validation on custom fields didn't exist might be a feature in development still I know this is an early release and I found things like passwordless sign and I actually couldn't pull it off so it's a bit sad for me. It is a newer feature for sure there are definitely some things that we're enhancing as we go with it and so there's unfortunately a little bit of a trick to get it to go it depends on the situation so we are definitely revisiting our docs for that but this is the only way that we get better is if we actually ask people who are actively involved in trying to in your case like invent an application what their experience was so we would love to know anybody who's watching as well like what your experiences are with all of our new features that are coming out because there's a lot all at once we have like our entire engineering department has been doing so many different things it wasn't just one so feedback is the ultimate now have you added off the board to other apps or was it also your first experience with that too? Yeah I've made plenty of apps in my time internal tooling and things like that and obviously app apps for our phones but this is the first time with such a sophisticated suite I think. Yes was there a particular option I guess that you saw that really kind of struck you as more powerful that you didn't expect? I really well the only reason I could really create Goose Club was that you have really powerful custom claims injectors into the tokens so Goose Club actually works by extracting information from the tokens and then it creates a cryptographic hash of that information and stores it in its own lookup table so that's how I can do something like an at brian tag to pair discover between users so it's actually not storing any personal information about brian it's just storing a reduced hash which obviously can't be reversed. Oh yeah we have a like a hooks API as well that helps allows you to I guess kind of hitchhike some additional data into any token as well from an external source if you need to add a little bit more so that's something else that we're going to be coming out with samples for in the future too. Yeah that was useful so I used that with github for example to take the github user to create the again sorry brian but the app brian user tag within Goose Club so it automatically transformed those usernames across which was obviously great. I didn't know that so that's that's even a bigger bonus but the custom claims is definitely one of my one of my favorite features as you mentioned and I think it allows it removes a lot of the need for the storage portion right I mean you don't always want to store your data with a third party right so but but there's there's some decorative data that you can add to the octa side that can make you know your applications easier or you know some third parties so very cool. Is this something that you would consider being proprietary or more of an open source library? I'm a big fan of open source but I think at this stage proprietary just for the fact of security like until you get security audits and you know you really build this out and have a team of engineers on it I wouldn't obviously obfuscation it's not a great source of security but I think it takes a while to get to the point where I would feel safe to open source it if you know what I mean. I took a library through security audit last year I think it was at some point and it was different I've done through you know a whole bunch of internal audits at various companies but never through a third party so that it was a it was a unique experience so I can I can totally understand that. Were there any unique challenges that a developer who's never done a peer-to-peer application might run into when it comes to author I am? Well I think the thing with peer-to-peer is it's normally either anonymous or unauthenticated altogether so when you think about crypto it's anonymous and let's say something like BitTorrent it's unauthenticated I'm not verified that but basically you don't log in or confirm who you are but I think there's a whole world of technologies out there which could benefit from peer-to-peer which is authenticated so things like imagine zoom or again Spotify you want to be logged in and you want to know that you connected to the right people and I think we all remember the zoom bombing that happened a while ago we don't really want that to happen. The unique challenges I think the whole thing's quite unique I've not seen really a peer-to-peer as a service type thing before but it's definitely an interesting world I think it's an untapped world this authenticated and authorized peer-to-peer. Yeah I think the only thing that I've run into I mean I'm kind of big into crypto full disclosure but it is some of the services that are functioning like banks that also want to know who you are for tax purposes and so sometimes that and regulation as it comes down the line. Yeah I've seen some interesting authentication processes there like using a phone number for example it's obviously hashed and stored on the ledger but it allows you to similar things like this out-use attack referencing so you don't need those big addresses big crypto addresses so there's lots of interesting ways to get around this public or zero trust authentication. When it comes to how this sparked like our imagination when we were watching it to your point earlier that this peer-to-peer is kind of a little bit of an untapped area and I think it's only going to grow so is there something that in the future you really would like to also create maybe it's an additional app separate from this or do you see like a big future like to expand this offering? I don't want to confuse everyone but Goose Clip is actually more of a company name I think and Goose Link is the product that we the peer-to-peer is a service so it's a foundational product that allows you to build other products so within the hackathon video I built the Goose CLI so it's a tool built on Goose Link so you can see how you can start to build numerous different things I'm also building a game at the moment on that so I think it's as a foundational product it should facilitate loads of really really interesting products to evolve. How'd you come up with the name? Why Goose? It's actually something my mom said Goose Link she just got it wrong and I thought that was funny so usually everything is founded a little bit on a joke. Yeah naming things is usually you know that's the hardest problem right related to identity you know I know that you guys are both more into the crypto bits than I am but I really had a high hopes for things like identity-proofing like like Keybase and those types of tools but they got bought and sort of less funding over there I guess from now so I think it's really cool but I really like how things like Goose Clip can help sort of help bridge those gaps too as well as like you know I can authenticate you know with some other provider but I can use my tools you know like Goose Link or whatever you know with my third party applications and I don't have to worry about it. With Goose Clip and crypto as well I know this isn't exactly related but you could combine these two things where Goose Clip is like a distribution of content and crypto is almost the you can use smart contracts and stuff to let's say pass along decryption keys after a payment or you know something like that where you start to combine two worlds of peer-to-peck technologies and you can start to imagine quite powerful things emerging because crypto itself is not very good for large-scale distribution. Well I guess it depends on which one you choose for smart contracts. Do you have one in particular that seems to work better that you like? Oh shilling a crypto coin on YouTube. This is really from like a development standpoint like regardless of whatever you want to keep developing with the smart contract is really the question which one do you feel is a little easier in terms of integration? I really like Alrond which is a technology evolving out of Romania at the moment. The reason being that it's you can build with Wassum basically Wassum engines so you can compile any of your code to it and execute smart contracts you basically develop in any language but also they've kind of rebuilt everything to be internet scale so it's a third-gen network. The whole purpose of it being easy to access from people like us this is actually the company that does the phone number so they turn your phone number into a hero tag which allows you to send money without actually knowing your own address so I think it really makes it a lot easier to work with for just normal people and that's the next stage of crypto. I've seen someone say crypto at the moment is like Windows in 1970s you know like it's only for people who want to program off the back of a magazine or really get into the guts of a technology but it will become a more prolific technology eventually. I couldn't agree more I'm seeing a lot of options not just in you know banking and such like that but many different options for it and we're going to be asked I think developers are going to be expected to know how to interact with smart contracts so that it'll be that's my opinion of course sorry to nerd out on you Brian there. No it's all good I find this stuff fascinating I just I just haven't uh I haven't gotten into the hype yet you know I know it's important I know it will be important I think Matthew brings up a really great point about how when it be all when these things become more accessible right I feel like that's really when people can start to understand and sort of simplify these diagrams as opposed to just like you know every time I read about crypto it's well for one every time I read about crypto it's like you know the energy cost right and that's like that's a separate separate problem right but that's what everyone sort of fixates on but you know as far as well we're concerned with is more how do we actually use it right like how do I build things with it? How do we build things that aren't just finance based as well I think it's quite interesting I think that the energy problem has been solved with proof of stake so that's actually one of the main drivers behind me picking a certain technology so obviously yeah Bitcoin, Ethereum, Al, because they're not yet proof of stake but I think by creating technologies you can combine with let's say things like GooseClip and crypto you can start to create new things that aren't just let's trade money for money we can start to build real products that have real world applications that we're used to. I'm excited to hear about what you do next with this because I think you really get like new possibilities which is what we're looking for in the first place when it came to which entries in our hackathon like really would stand out is how do you not reinvent the same wheel how do you like invent teleportation you know let's forget about the wagon and what do we do next that hasn't been done and that's part of why we were so excited to be able to get to interview you today so thanks for coming on to our channel and doing this. Yeah so what's next for you Matthew? So I'm thinking to build out GooseClip as a proper platform so I think allowing users to create their own organizations to start to build with this in a secure way and see where it goes from there. Does that mean that anybody will be able to use it soon? It should be yes you know watch the GooseClip.com at the moment it's just a crappy little flutter single page app but you have any crowd funding for it so that you can afford to keep you know scaling it out? No I'm a bit of a bootstrap when it comes to development because I think once you once you get that funding in you kind of start the clock I've seen a few startups fail getting any kind of funding in so it's a pitfall I want to avoid. Well we're looking forward to seeing more of how this builds out. So I want to thank Matthew and Heather for joining us. Heather you did a great job asking all the questions I wish I wish I could ask questions this well too and of course Matthew great job on the hackathon entry we wish you the best of luck going forward and definitely keep us posted on how everything works out.