 And that's a great work here at the Human Dynamics Lab of the MIT Media Lab. And we are very happy to have a friend and colleague. And I'd say like a good example of an interview. In the morning, we had today, we happened to be in town for recruiting with a trust. And it was kind and gracious enough to come by. And we held an open discussion meeting to give us a bit of an update and overview of what's happening with standards in the blockchain world. Thanks, Nick. Welcome. And we'd like to just offer a few remarks and then we can open up to discussion. Sure. Happy to. So my name is Manu. I primarily work with the standardization bodies to build kind of the next generation internet in the web, primarily around payments, identity, and blockchain. So those are the primary purposes. I have multiple companies that have started each in different industry work, verticals, education, payments. And the thing that's kind of the common thing that ties all of those organizations together is that they're all built on open standards. So we do proprietary software, but we ensure that proprietary bits are built on top of a common substrate. Because fundamentally, we want to make sure that all of that technology is as global as possible. The fundamental mission that we're trying to achieve with multiple organizations is ensuring that globally, people have an identity that they can control and data that they can control under their purview. And we want to make sure that once they have that identity that they can control, that they are economically empowered to transact with any other human being on the planet without having to go through middlemen, without having to connect more directly, both on a human identity level and payments, an economic level. So basically, I guess today's discussion, I'm just going to try to give a brief overview of the stuff that's going on in the international standard space around this. And then hopefully open it up to discussion. So quick 10 minutes, and then the rest of it, hopefully discussion. Before I start, any questions? Hopefully you'll know Christopher Allen. This is the co-editor of the TLS specification and also runs a set of workshops called the Building of the Trust, which are fantastic. So when you're building global technologies, you need the space to incubate it. You need to get together the world's brightest minds. Christopher does that with a plong. We have some of the most fantastic security researchers, privacy researchers, law folks coming together and providing input to build these things that we hope are eventually going to become international standards. Any questions? Like before I begin, what do folks want to focus on? If no one's interested in the payment aspects, we can jump in the identity aspects. People are less interested in the identity stuff. We can jump into payments. Any particular focus that folks want? I think that they're, I mean, I am interested in the intersection. So like where are the web payments working group basically relying on identity and where are the kind of the edges where? Yep, you can definitely do that, yeah. And that's really where this stuff gets interesting, right? It's where when you start coupling identity with payments to ensure that people can actually transact in ways that definitely go over that. I might add one thing, which is when you're talking, you could give a sense, especially for people that are interested, are already expert and don't know what the landscape stands on the standards and it's the big movement, it's the big people on the landscape. So I mean, maybe the best place to start for that would be the standardization bodies, right? The standardization bodies are usually the last step, but if you want to do anything global, there you almost have to work with them, right? Or you have to work through them, right? They're not, don't look at standards bodies as a single individual body or corporation. They're usually a collection of hundreds of different companies that each have their own motives. Many of them have profit motives and you have to figure out how to navigate that landscape to get things through, un-corrupted, right? Corruption, they can be corrupted either way, they can be corrupted academically, they can be corrupted politically, they can be corrupted financially, aware of how kind of the human component of it, right? How these standards go through the standards process is really important. So if we're talking about the internet and the, if it's internet, lower level protocol stuff, it's the internet engineering task force. So these folks, the ITS work on these, so they do the plumbing on a level, right? The World Wide Web Consortium, there are two, there's a managed browser, three things of them, and those that stand, what kind of standards are built at W3C. But I think that's very much just a cross-cutting subset of what things, I believe, like the web, that more ITS, yeah, started in the early 2000s until it was unleashed by Google search crawler now, Google, when it goes out and crawls site, it actually picks out the VRML and sort of your, your way to approach there stuff. So if W3C, oh, sorry, ITF is plumbing, the W3C deals with user interface style, rough rank, HDV protocol, it's easy, before I move to ITF, do any, in their consensus, they try to operate on consensus session that has great new standards. Also, some of the, a while, yeah, no, I mean, any, model, rule, rule, stop, sure that it's not just commercial, you say it's driving the web, you want to make sure you want, you want the community to kind of recognize that, right? So consensus, rough, it doesn't mean everyone agrees. Like, consensus doesn't mean you have 100% agreement, it means that you're picking the thing that has the least amount of objection. It's the thing that everyone has kind of sort of found to compromise on, and can move forward on. There is, yes, that's it, yeah, another excellent point. The big amount of discussion around whether or not being like, owned by the companies that created it, and they made a fairly radical, in ITF, I forget when this happened at ITF, but there's basically a patent policy. Anything that's created on the internet and the web is supposed to be given away, patent-free, royalty-free, anyone can implement, no permission, right? So anyone can innovate, and that really has led to an explosion in the way that we innovate. So we tend to innovate at the edges as a result of that. If that was not in place, you would have to talk to companies like IBM to get permission from them to build stuff on top of the web. The web would not exist in the way that it exists today as a result. So fundamentally, that's kind of the lands, right? There are two major standard-setting bodies. They have 460 member companies at WVC, tried to operate by consensus, which means that, you know, the technologies that they've built, it's a conversation, it's a private thing that works, the thing that works for folks, it's the third thing that works for others, and it's a gorgeous, it's your problem. So it makes sense that all the time they'll give up. So at this point, I mean, I can jump into some of the work items that the WVC is working around around patent identity. There are 56 active working groups, working groups, working on different lines, very small deliver the work that they're doing. To give you examples of other work that's gone through WVC, XML was created and standardized at WVC. HTML5, sorry, early versions of HTML and HTML5 eventually became standardized at WVC. WebRTC, the thing that we're using to record this video and do the screen casting standardized at WVC. There's a ton of, if you're using a browser, the vast majority of that technology, sharing the microphone, sharing the video camera, all was standardized at WVC. What a community of us are trying to achieve is enabling people who globally have an identity that they can't be taken away from by their company, it can't be taken away from by their government. It's something that they have, it's theirs. And it's provable that it's theirs. Mathematically, cryptographically, provable that it's theirs. And then if we get this good identity substrate where people can trust each other at a distance in place, the next stage is to try and ensure that they can engage economically. Mike, could you in the future collaborate with someone on the other side of the planet to launch a company without ever having it in the face? You look at their, the credentials, you look at their, they choose to share that with you. You look at it, you say, this seems like they've done amazing things. I'd like to work with them. You engage in some kind of digital contract with them or a set of digital contracts with them. You figure out how to share the ownership between the organizations. And then as payments flow into the organization, they naturally flow to each one. We're trying to get people to trust each other to the point that these sorts of economic transactions are far easier than they are today at a distance. But that's well into the future. That's the question, how do we actually make that happen? So I'm gonna break at this point. Go ahead. Oh, I wanted to switch the camera with your screen. Okay. Wow. So what do you want to see first? The payment stuff for the identity stuff. Is there any? Identity. Identity, all right, all right. And that's, I guess that's a good place to start because that's kind of the base layer. You can't have meaningful economic transactions. I'm happy to send $5 to the other side of the planet without really knowing who the person is, but sending $10,000 is a completely different story, right? Okay. I'm gonna walk through a demo. Let me give a bit of context here. So this is what we're calling, this is kind of the, what's loosely called the Verifiable Planes Ecosystem, right? You can look at it as kind of sort of an identity ecosystem. And there are three main actors, the ones across the top are the three main actors. We have issuers that issue digital credentials. So think of a digital credential like digital driver's license, digital passport, proof of age, proof that you work at this particular employer, proof that you have a training in a particular profession. Those are all digital credentials. There are many different types of issuers of those credentials. Department of Motor Vehicles issues, driver's licenses, governments tend to issue passports, employers issue. These issuers are not, they're not identity credentials associated with them. Exactly. Exactly right. So these are attributes, right? That are tied to the identifier that you own. Identifier, decentralized identifier. So issuers, I listed a number of organizations and officially recognize things, but people can issue their own credentials. So, since I know Daza, I can say I know him. I am the issuer of that credential, right? I'm the only one that can say I know him and with that, right? So this is a mutual relationship. We've both acknowledged that we know each other, right? Versus I know a certain celebrity, right? No, they probably don't know you, but so that's a one-way relationship. So issuers issue digital credentials can hold on to certain types of credentials. They store them in particular locations like digital wallets, mobile phones, the agency asks you for is your driver's license. They want to know that you can operate a motor vehicle before they give one of those things over to you. They may also ask you for proof of insurance and a variety of phone numbers so that they can contact you, a variety of other things like that. These three actors kind of constitute the ecosystem, issuers issue credentials to holders. That's us. We hold on to them, verifiers ask us for those credentials and it is our choice on whether or not we want to share them or not. Maybe we want to share it. Maybe you're over sharing when you give them the driver's license. All they want to know is that's your proper weekly license to touch them. Same with your height, your eye color, any of your birthday, any of those things. They do want to know that you're above a certain age because that's a loose indicator of whether or not you're going to drive at 125 miles an hour or stay under the speed limit. So there's a certain amount of data that's being shared in this ecosystem. The thing at the bottom is the identifiers. So that's the type of identifier. We may be on Twitter, that's number of corporations do, governments do. Identify all types of different types of identifiers. All of us have a centralized, it might be an employee-issued identifier or it might be decentralized, like a decentralized identifier. So the thing that the issuer asks you, when they start attaching attributes to it, that they create the attachment of this up here. So that works for decentralized identifiers tend to be pre-new block chain, right? The graphically provable thing, lifting block chains, some block chains have their own mechanism or usually each block chain is going to a decentralized, so a decentralized identifier is built on top of the Bitcoin block chain. So identifiers, each one of them have slightly different benefits and drawbacks. And ultimately, that's a good thing because that's the stuff in production. It is going to happen in the next couple of years and it is already possible to create these decentralized identifiers today. But as far as, so that's a very hard, the good news is that the Rebooting Overtrust community has had my position for many years. And even before that, the Internet Identity Workshop has been having that problem. And there's no single answer to 100, it's very stringent, it's very contextual. But the answer is, it's really a, and the Reboot Up is really a, how I track you and how you track me. And in the case of consensus, around the time. All right. But you want to be careful, we're just in the third process of how I can track you. But you can model. When you put this stuff together, verify, if one thing is how you define identity. We say, what's the use case? What problem are you trying to solve? We have a, we don't get into a lot of we can use to address that problem. And let's see what the proper tooling is to address the problem. Terrific answer. So to go to, there's a working concept of, there's a blockage that went against us, by which one of the way of that, it's back to the back to the back to the back to it. My question then is a little. For me, it's about it. So I think there's, there's pretty strong pushback on that. What is it? So, well, so that's all of the assets. So let's identify each other, right? When we were you, you didn't know me. So our first contact, and then we start talking, and you reveal that you're at the blockchain, you don't want to each other. So, now we're talking about each other, and at least in my mind, in both of our minds, we are, we can more easily track one another. I think it's more about you, about who you are, or at least what you might not, I think you might not be interested in blockchain. My understanding of you would, if I found out some information about you from outside, and I don't have this. So again, it is an option of my, my, so again, this is your process has changed, evolved. That definite process, and definitely not the essence of you in the new, but more like a digital pound in a very large table in that way from the past. Not such a, I think it's a good question. Can you repeat what you've been saying? So, could you just, I think, kind of like on this table? Let me preface this, like, no perfect. Is it one final thing? Why did you use it? You're, we have, we have multiple things. So I'm gonna feed off the last discussion. I mean, it's, it's an identity. We tend to use all kinds of questions of persona, right? It's a narrow sliver of the person, you know, who the person is. It's, it's about what the playing set is. It's, it's not any more complex than that. From, from a technical, from a technical perspective. So, credential is a, is a bundle of planes. And it's wrapped. You can collect all kinds of information about you. And you can collect all kinds of information about you. But the moment that, you know, he looks at your MIT business card, that's a very different situation. Now, MIT is sending you, then you are passing. Now you're looking at the business card and what's the special effort in it? Do you have a business card, or is it new? Any stuff that we should be called verifiable credentials? Real kind of stuff. Things that, can be stuff that you say about yourself. Or those tend to be things that others can't decide. Especially ones that have authority. So, people says that I can't. So did that answer your question? I didn't know about the sum. You don't need that. I'm just a part of the moment. I can't. So it's actually. There's a, there's a, there's a, please. I was just wondering, do you think that governments are going to train people that you identify through the thousands of teams how initially they were seen as a snapshot? I think so. It's inevitable that they're going to have. I, and it exposes people's identity in a very fundamental, I don't want to say identity, certain things about them in a fundamental way that would allow somebody else to say, oh, I'm that person as well. They think epiphytics. The Estonian Resident Rangers, upon advisory board is, is a initiative that the Estonian government's spearheading to give people to kind of show. So, we're going to show a residency card. This is a Estonian e-reader, right? So, I have a residency card. I have a capital digital key signing, anything. Yeah, if you steal that from me, you can't become me, because I'm the only one that has that card, right? So, what the Estonian is doing, no, in order to grow economically, they have to bring on their own country, a same race to make it, and the only way for them to establish presence in their country, right? So, the Estonian residency card, that I got that card without ever stepping in the Estonia, didn't need to go to an embassy and leave not do so. If I did that, I could open a bank account of Estonia, right, without stepping to the country, trying to do a web signature. So, you're using that card, you follow your taxes in five minutes, most Estonian taxes, I think 40% of Estonian taxes are filed within the first 18 hours of the entire country, because you stick the card in, you say, I allow access to my bank account through the auto calculation, okay. Great, that would never fly to the US. The US is never going to go there. But, Estonian has, and it's working out fairly well for them, legislation is digitally signed. The people that are in charge of this program, I was amazed that I did fly over to Estonia and sat down with the government officials there. And the people that came and sat at the table were no older than 30 years old, 32, 33 max, right? These are the people that are writing the legislation. They got legislation passed within eight months. So, this is an example of governments really taking initiative and pushing, thank you, really pushing the initiative forward. The US is actually backing research into a lot of this work as well. Governments are issuing grants and research grants to look into this stuff. So, and it's beneficial. I just want to add another thing, and this is a difference in different countries, but in the EU, there's a lot of rights around dignity. And so there's things like the right people got. Remember we said, identity is a process, which means that this isn't you, you are a continuum. And some of that continuum might be that some of this information should not be held against you or for you or whatever in the future. And that's a very dynamic that we can include in the data. So, did that answer your question? Okay, so hopefully conceptually this makes sense. Is this fairly, hopefully it's a fairly simple, straightforward concept, if it's not where it's gonna fail, right? Okay, so what we can do at this point is kind of show you what this looks like in Okay, so let's go back to how you actually execute on this vision, right? International standards around it, you want multiple organizations implementing and pushing forward on the vision, right? But it ends up becoming codified in code at some point, right? You need to reach everyone in the world and in order to reach everyone in the world, you need to use the plumbing that already exists. Most people, actually I shouldn't say most people, they're a very large amount of people have smartphones, mobile phones and access to the web and the internet today. I think the last number was 3.6 billion people have access to the web. And around three billion of those people have access to smartphones and can access the web via smartphones. So these are the types of standards that we work on in W3C. So this is called the Credential Handler. It ensures that I'm at a digital wallet site right now and this digital wallet site is asking me if they can handle credentials on my behalf. I'm going to install them as a handler for this. Actually, let me go ahead and... Yeah, let me, can folks see in the back? Let me see if I can. Okay, there we go. So this site is basically saying, hey, I would like to be your, I would like to handle credentials on your behalf and I do that. And again, you can have multiple of these sites. You can have one for your personal life and you can choose a different provider for your business life and you have a different provider for something else. So I'm going to install the Credential Handler. It says, this site wants to manage your credentials. Do you want to allow block them? This is the same process you go through to like share your microphone or your video camera. So I'm going to say yes, I want to allow them. Okay, so that's it. I have a digital wallet now, right? Easy, quick, quick process. The next thing I'm going to do is I'm going to go and I'm going to get a credential. And the credential I'm going to get is, I want to fly to another country. I need a digital passport. So I'm going to log in and this is using a decentralized identifier login. One of the side effects of this work. It's not the main goal of the work, but a side effect is you can actually do universal login with these decentralized identifiers. So I'm going to click login. It's going to say, hey, which in these, we're using the word identity in a very loose fashion here, but which identity do you want to use? Your social identity or business identity? I don't know. I'm going to start the video at 12. Yep. Oh, oh, oh, sorry. Thanks. I would just keep getting migration going. So we're on a roll. Sure. Can I make a special request? Sure. Could we pause and go a little bit after 12 and just go into a workshop room just around the corner? Sure. That is okay. Yeah, yeah, absolutely. So I would just unplug that and just pick the laptop out. And TMA2. Yeah, I guess we should probably have up soon. Yep. The E12, 15 or so, 10? Yeah, I'll try to run through it. Mm-hmm. It's full. It's full, too. OK. We're getting that one. Oh, sure. That's an important take. All right. Yeah. Thank you. On the fly. Ha, ha, ha, ha. Uh-huh. Is there a question straight? Straight? OK, OK, that would be it. Back there. Yeah. I'll see you. Um, sorry. This is about the order. Uh, OK. Uh-huh. There we go. Yes. So basically, why don't you, this is the issue of saying, hey, which idea do you want to do? I say issue it to my personal network. Let me try this again. So I click login. I say I want to start my social identity. I log in. It has my decentralized identifier, which means now it has an identifier to associate a bunch of attributes with. I say please give me my passport. I want to store it in my social identity. It sends me back to my digital wallet site. My digital wallet says, do you want to store this here? I say, of course I do. I want that passport. And now I'm going to go and I'm going to book a flight to another country. And somewhere during the process, they say you would like your digital passport. And notice that it's not asking me to log in. It's just saying provide your passport. I click provide passport and my social identity. Again, the wallet says, are you sure you want to send this over? There's a bunch of personally identifiable information there. I say yes, I do. Send it. They get it. And then that's it. That's the whole process. And it's making 2.8 billion browsers today. So the browser manufacturers don't need to implement any of this stuff for the work. It would be more secure if they implemented it, but there you go. The other part of this is, OK, so we've talked about how to establish an identity. How do we actually use that identity to do? And this is the intersection. How do we use it to transact? So this is the payment handler demo. So we're switching games away from identity to payments. The web payments work at W3C right now is highly focused on how do we make credit card transactions easier on the web? Or rather, how do we do the game? So it's not the full vision of how do we enable people to engage, but it's a baby step that you will not lose. And not well. Yeah, and not lose security, but the security is pretty terrible. In version one of the spec, it transmits credit card numbers in there. So it's arguably worse than what we have right now, because it's a one-click transmission of all the missions. So you can say, hey, I've been in a position where I'm halfway through before I can type in my credit card number, and I'm like, oh, actually, actually, I don't actually want to do that information. This kind of takes that away. But the very next step is how do we do the internalized cards? How do we do encrypted cards and make that a safer process? Quick question. There's a very heavy weight standard in the tokenization in the transaction of my credit card. Yeah, it's EMV code in all the specs in there. I mean, we're cutting it like that. Oh my god. So what's the relationship between that and this and the type of tokenization you would do? Any? It's a very political discussion. So the short of it is everyone's trying to work together, but there are certain economic incentives that are in place to not work together, even at the standard spotty layer. So EMV code stands for European Mastercard Visa. So those are the organizations that set it up, and they have certain things that they want to see in the world. That are not aligned with, for example, things like what I'm doing. Anyway, so it's a political. It's a very important thing. Something good will be applied to get bigger so you can see. And then I start adding credit cards. So here's my Visa card. There we go. And let's add a Mastercard. And that's another Mastercard. Let me try and read another one. Here's my American Express card. So my digital wallet now contains these three payment instruments. And what the web payment stuff is supposed to do is enable new types of payment networks to be walked. So I should be able to add a Bitcoin wallet in here and wallet in here. If there is a local payment network like an M-Pesa thing, I should be able to add that payment instrument in here as well. And then when I go to a site, when you're at a site, you have to log in. There's this big form that you have to fill out with credit card expiration date. But instead of doing all that, all I have to do here, using the web payment stuff, is when I click the Buy button, I select which payment instrument I want to use. So for this one, I'm going to use my AmEx card. I click Pay. My digital wallet says, hey, the site's requesting payment from you. Are you sure you want to pay them? Yes, I confirm. Done. At no point did I have to enter anything in. It's just a quick, easy payment. OK. So those two technologies together, yeah, please. So a system as simple as this is, how do you see it changing the way we monetize content like science and art in the world? I read the first version, I don't know. So there are a number of companies that are working on micro-payments for this. I'm not going to say that that's the future, because micro-payments have been tried from time to time again. There's a place for advertising. People want some stuff for free, and they will never pay for it. But enabling easier ways to set up channels, payment channels, where you are doing micro-payments, is possible. So you could look at this as kind of what a payment channel set up. How do you trust the site that's stored in the product? That's that. So who knows, right? I mean, maybe the site you're using. How would I do? I would choose a trusted provider, right? Fundamentally, I would only store tokenized products in the thing. So even if somebody broke in, they really wouldn't get the tokenized version of my car. Right. Like people trust Amazon to store their credit card details. People trust, right, they're going to be those sorts of components of the market that go ahead. And frankly, people trust a website that was just slapped together on a weekend and store all their credit card details in clear text in a flat file on the web server. So this will hopefully be better for that. But the same things apply in the same ways that you do. This gentleman is actually becoming a chair of Massachusetts Legal Hackers. And so I hope that you're listening to this. We're like, where's the hack? What wants to be innovated? What needs to be built next that is somewhat regulatory? Could possibly add a fairly private credit union via the trust? You say trusted. And then you break it up. People don't always trust them. Could they get trustworth provider of a service? Absolutely. So as much as people rag on banks and not that many people rag on credit unions, right, exactly. So they could not only be the keepers of your cards and payment instruments, but your identity and data as well. This is a new business model for banks and financial services organizations. It's a great idea. Yeah, it's a great idea. The unfortunate thing is for whatever reason, they're not engaging. And plenty of opportunity to engage. You're told them a lot of times about it. Please come in, engage, engage, engage. Please don't be disrupted because it would be a bad thing for the financial system to consolidate to one or two or three technology companies. I should mention that. Google, Microsoft, and Apple are all on the table participating. We get free. So here's an opportunity to innovate and find new services to your customers and silence is most of what we can do. The only banks and financial institutions that have participated in any significant play are the ones that have been regulated in your opinion. So we've got banks in Europe very interested in listening and saying they're interested in the company. But it's because of your. Exactly. And it's primarily due to, I mean, it's GDPR, it's PSD2. They have tons of market pressure on them. Or actually regulatory pressure on them. Yes, if there were a, let us say, incentive that was like a line to a small financial institution that you sharey, that would represent real value or a really great alignment with what they're doing and be a good fit and be ready. What are the sorts of ways in which of providing this kind of capability as a service to their members and their account holders? What's your best thinking now, the ideas you've heard for the sorts of services and products and offers that could make sense? The easiest thing that most customers will probably get is a digital wallet. Provide a digital wallet to your customers. They can store their payments, they can store their identity, they have the information there. People trust banks and financial institutions to hold that date on their map so you don't really have to do anything to do anything around that. And it's simple, right? I mean, that part of this whole ecosystem, that software is not very complex. And you could point out, you know, on this wallet, the last question, was it efficient? You should talk to him. Thank you, thank you, thank you, thank you. Hold on for a second. Who are you talking to? He's been doing it. I think. Oh, so now we just really want to talk to him. So what would be about you at least aren't you like that? Yeah, it's just, it's just a vendor, you know, it's just a vendor relationship. Some vendor out there sells a digital wallet software. There's a bunch of multiple of them. And it's just the opposite and the poison on their side. And the rationalize, you don't need it or what? It was a, hmm, that's interesting. We'll get back to you, right? Most financial institutions, so I can only speak from personal experience. Most financial institutions that we've talked to say, we believe this is the future. We would love to pilot it and then they do a pilot and then it's by the legal standards. So if they're, you know, banks tend to be, they have very strong flocking behavior. Someone has to go out and do the thing before everyone else rushes in and does it. But when that happens, the industry tends to flock in the direction. So we haven't seen any particular bank really lead to flocking. But again, it's the regulatory situation. You ask their, you know, the paperwork response, you know, massive increases in the number of people. That's what a lot of things are there, where innovation is happening to us in the industry. You know, all of the work that's being done. You're on the other hand, the right to regulations that start coming up, or it's very important. I mean, all my information on your bank, you've been there, I mean, vice versa. It's just, if you're working with that man, you get there, it's coming up. Yeah, probably 2018, I think it's the first year in a while. So from the bottom up, just on what, you really don't know what I'm hoping, just speaking from your experience and your talk and what you hear. And I asked, well, what my ideology is, how about wallet? So let's just spend another moment on that, because we love to build things in MIT with them. I'm hoping that as people see the video, people in the room can say you're a lot, perhaps. And I don't respond, they can make a difference. So with that in mind, and that's fair. Technical question, and then speculation, with this software, what do you call it then? This is just the payment handler. The payment handler. It's all, it's all, it's all on the payment handler. Okay, thanks. And make sure we share the links up. Is the concept here that the public private key in the software would be generated, would it be this, are you using the same approach as a Bitcoin or Ethereum wallet, or something different? It's not a public private key. So it depends, there's a bunch of it depends. So the software can be configured in variety of different ways. That's drawbacks, they're doing it in the place. For payment instruments, like Bitcoin or Ethereum, you have to have a wallet that can do the public private key better stuff, right? You can store it on the device, you can store it on the server, it can ask them to use hardware-experient device, it asks them to use it somewhere. That's just for Bitcoin payment instruments. For Visa and Mastercard, how do you use a number of public private key here necessary, right? So that's just for the payment stuff. For the identity stuff, you do need a private key of some kind. Bitcoin means, art savings, something, visually countersigned, different actual. And that can be stored in the same way that you do in Bitcoin stuff. Hardware-secured device, on the server, on the clients, in the browser. So it can run in the scope of this handle with the graduates, the key gen and users. Yeah, and that's still being discussed. Okay, then you're in the center. Live question. Great, and so then the speculation would be, if you could imagine, just have fun for a moment, stand for like a quarter of a box time, like a digital wallet that would really tell it as a great open source, lively propagated tool that would be a service. What would be the basic component? What do you want to build out from this demo to complete it? I mean, I usually ask, is our magic one key gen in there, general? And you might, do you want to connect your pivot to a blockchain address? Do you want to have it keep going? Well, I mean, it all depends on the bank, right? I mean, what does the bank want to do with this stuff? And there is no real clear, and they're fairly, I mean, they're banks are doing blockchain pilots, but there's no real focus on, oh, we want to Bitcoin enable our customers to do Bitcoin payments on the web. We've never really heard that as a, this is something I've wanted to do. And it's usually when the banks are talking about the life of a blockchain, it's all against it, with anything you're talking about. I understood. And so, did you ask for opportunities? Yes, and it's not so much of where we are at this moment in other regard, but what if we did something for them, your hair at MIT in the media lab, and postulated with not, what will be good if not for your company or your investors or anything else? Just go think of this for a moment, if you completed something that was open source, that could be the sort of thing you might buy that, and the right conditions, what would you be missing? And then back to Chris. Yeah, I mean, I don't, at this point, I don't think there's much missing that a pretty line, right? So the user interface has to be nice. You have to be able to look at the past payments, past transactions, you have to be able to look at your credentials easily, but those are very easy. I don't want to hand wave over the user interface, but it's much easier to, there are many people in the world that can build a killer user interface for that, versus people that need to get the grit doing stuff for a much smaller community. So it's a lot of product work at this point. A fancy UI, review transactions, look at all of your credentials. That's really it. The back of the problem is broken at this point. Now it's just a matter of creating compelling visual wallets, creating compelling working sites. That's good, with all the drop-off and the engagement of hard attrition. So shopping cart attrition and just the cognitive ways of all the decisions. Oh, I have to remember my password. This side, did I ever have a password? No, I didn't. Didn't I have to fill in this information? Which address do I have to send it to, et cetera? But anything that sort of begins to remove or make it easier for the cognitive way, that's also things like key points. Like, did I receive a key point from somebody? Did I have a discount on this? Wouldn't it be great if it just automatically showed, oh yeah, you have to look on a key point. Three days ago, people would solve this for you, or loyalty points. You have to automatically convert it. And then even going to the last of the engagement for easier engagement, if you were somebody who was talking about being able to pay one cent or whatever for the garden salt, my opinion is even touching the level or that's one percent of the engagement. That one cent can get too much. What you actually want to kind of say is, I have it, you know, that's the way you have it for certain kinds of work. For certain types of work, sister. Yeah, thank you. I have a budget of $10.04 for left-wing fees in a month. You'll get this one to get you $2.00 to a brand. Next month, it'll get you three cents. Exactly. So the thing I noticed is that when you mentioned the left-wing at the end of the state convention, this was the reason. You mentioned a lot of centralized systems, which is a huge part of this real property. Yeah, that's an excellent question. So a lot of the decentralized systems haven't stepped up to the plate yet, right? I mean, there are plenty of companies that are Bitcoin companies, you know, and they're Ethereum companies. They could create payment handlers for this stuff, but they haven't today. No, the hope is that over the next year, that'll happen. But that's a largely unexplored space at this point, right? So here's the interesting challenge. How do we build on top of this? Like, the substrate is there, right? It's beyond the experimental phase. These things are going to be ratified as international standards of payment stuff, especially in the next couple of, probably by mid of next year, payment request, payment handler happens after that. We're hoping the potential stuff comes in shortly after that to be enabled in the browser. So 2.8 billion people have access to this stuff now, right? But the, from the payment stuff, we're just exchanging credit card information still with it. It has the capability of doing very interesting distributed payments, centralized payments, new payment networks, the existing stuff, like, you know, he's just saw a demo, it's open source, it's going to become standard. So, you know, build something interesting on top of it because credit card's on top of it, while, yes, that's good, it's an increased user interface, we're going to help with shopping cart management. There's a tremendous amount of potential that you can unlock there with new types of payment instruments, new types of payment networks. The same thing with the credential handler API, right? It exists, you saw it, you know, working back and forth, but what are the really interesting credentials that you could issue? Who's going to start issuing those credentials, right? So, getting those organizations understanding that they can issue these things and then helping them issue meaningful credentials to people, things that they use on a daily basis, is another challenge. There's not a lot of people, you know, focused on that second tier thing at this point. So, you mentioned meaningful credentials and that's something that's kind of interesting to me. We're looking at how we're doing as it's a machine system, basically, and I'm not going to say anything like that. Essentially, when people work together, they're able to endorse them, that's what this is, endorsement system. And what I've noticed is that in endorsement systems, some of them use, how do you see this essentially working so that the signal-to-noise ratio actually plays out effectively and what do you think would be some of the challenges? And that's, I mean, that's an excellent question. So, I don't think that anyone can predict what's going to happen in two or three years out from, you know, when there's uptake with the conventional handler. The hope is that the signal-to-noise ratio will get better, but there is also, it's this stuff's open to abuse, right? What happens about people lying in their environmental claims? So, and at that point, you know, institutions kind of step in and, you know, you can trust some institutional statements more than you can in a personal statement. So, getting an endorsement from your company, from a manager at your company is usually viewed as better in some cases than getting in your peers. And vice versa, sometimes a peer review is much more, much better than a multinational company, you know, endorsement of what you can do. But I think that's, it's an unsolved problem. How do you deal with reputation is one of those big unsolved problems? What is some of the international community that you sure have who recognize their problems? Have you seen as many of them who are viewable to really change the digitizing of their victim? So, I mean, that's a great question. When it comes down to organizations, like private organizations, everyone says they're interested. Many people run violence, but I've seen very little transition to practice. Some of that's because the economic incentives aren't there. Like, in some cases, it can hurt them. So, I mean, you know, Estonia is pushing forward. But, you know, because they're a government, they're being very safe about the way that they expand their services. They don't provide something unless they're very certain about the legal implications, economic implications, how it can be misused. They have, you know, guardrails in place or if something goes wrong, and it takes years to put those things in place. So, I don't really know any organization that would move very quickly over the next three months, let's say, or six months, would not discuss it. But that's what the group needs help with, right? I mean, we need introductions to those sorts of organizations. So, that's another challenge, you know, if people know of organizations that are for them, that they believe will not just do a pilot as an experiment, but they have a very strong economic incentive to digitize these credentials. You might be looking at the wrong questions. Right, so Europe has a stronger, in general, because of GDPR and DSP2, that's not what people are thinking. Oh, okay, that's what we're just from. So, what I'm from, personally, personally, but there's been some good work in this area, and, you know, they've kind of, by virtue of the fact that we've had such a basic network, so long, now I'm controlling a satellite network, and the way to which they have to come back together is consistent, yeah. Now it's kind of a big role as we call it, they're all exactly the same, so. I think one of the challenges there is that the technical community that's working on this stuff just doesn't have the second connection. So, I advise Gates Foundation on a variety of things, you know, we work with their financial services for projects, but those, and those are ongoing and they're doing good work, but those haven't resulted in direct connections between governments and schools. Obviously, there's been an additional conflict between this neighbor's world, there's a handle for it, around non-governmental government, dumb bottom, there's a big lack of in-kind support for the organization or whatever that is helping to work together, so everybody can basically work in all the states because of how we regulate it. I'm going to be careful of the word regulation, that the competition is in all its bear. I love communities as, you know, it's not rule-based, it's a rule-based, you know, capital pay-ex, you know, we're the third one or fourth one or whatever, and they're not incentivized to make the decision work for what works right. I mean, I think the other challenge is to put these two things together in an exciting way, so this gets back to what Christopher said about this stuff really gets interesting at the intersection. So we've got, you know, if you have stronger digital identity, digital asset, digital credentialing, and you have, you know, very expandable payment systems, when you put those two things together, you get a pretty powerful substrate that businesses and organizations can build on top of. So the other challenge is to figure out ways to put this stuff together into a larger ecosystem. Everybody wants to do this, but nobody wants to do it. So they try to experiment, and I think that's the way to do it. You can talk to everybody. And they're, they are, I think we have, we have very, they're not very good at looking at practice. And because you can talk about it, they're on the part of the, the strategy discussion, you look at it then. So then, particularly, there's sectioned away in this digital time bubble. Exactly. And they have this magical world that you can never pierce the bubble. Exactly. And I mean, in some cases, you know, and this is a very, this opinion is going to come off stronger than it actually is, but in some cases there, some of those labs are there just covered the banks, right? To prove that they're innovating without actually moving that innovation into the bank. I've never heard you were innovating, you know, like you drifted over to so much. So who we have so far is, there's a challenge, everybody. So Gauntlet thrown, well, what we do next. So how do we, and that's also what and how do we build on these critical new foundations of standards that are in the pipeline, they're known for coming. Here is, you know, time to build. How about new payment instruments, new payment networks, trust networks, perhaps, and new payment and identity, new types of issuers and credentials. Are there opportunities with this that are people use daily? High volume, high frequency. What are the types, another challenge, what types of organizations or groups would be most motivated and ready to adopt and adapt and kind of take forward and deploy this stuff? Maybe most of you, you know, yeah. You've got connections for it to you. Maybe not, as we speak and as people observe this video and come forward. How is another, how do we put the identity and payments standardization and the standards oriented common resource tools like the ones that we just demoed, how do you put them together into interesting combinations to compose new kinds of services and opportunities for business models. Good challenges. Time to get hacking, I reckon. So can I ask how many people learn more about you and your work and then also go on to get involved or follow up on anything you said? So it depends on where you want to get involved in the whole process. There's a tremendous amount of experimentation that's happening right now in the rebooting web trust community that Christopher Allen is leading. There is some work at IIW but most of the really interesting stuff is rebooting web of trust. So there's this pipeline, like three stage pipeline. Experimentation, it's mostly being led by rebooting web of trust, credentials and identity stuff happening there. Stage two is community groups. So W3C community groups. It's open to the public. Anyone can join W3C-CCG with credentials communitygroup.github.io. We'll send that link down later. But that is where we sit down and start taking the experiments and putting them into specification form, incubate them into W3C. And then the third stage, which is where the verified plane stuff is and is where the web payment stuff is standardization. So actual ratification of an international standard. So you can participate in any one of those stages. You have to be a W3C member to participate in the very last stage. But the two stages before anybody can show up, rebooting web of trust. You write a position paper or a small paper on what you want to work on. You submit it, you show up and you do great work. Or. Smart question. Okay, absolutely. And then for the credentials communitygroup, we meet every week, Tuesdays at 12 p.m. Eastern. So anyone can join the call, just dial in. And then the web payments stuff that you're multiple meetings that have you. That's how you can join and help us. What's next? So we've got a couple of major birth events here. What's on the horizon? Is it the DIDs, something else? Yeah, so I mean that so, the verify the claims work is going forward and the payments work is going forward. There's fantastic work on distributed identifiers, DIDs, decentralized identifiers that's going on and rebooting on the trust. We're prepping that work for standardization. There is quite a bit of work around DME methods, which is how do you implement these in various different ledgers. The credential handler API is currently kind of being formed. So even though you saw this demo, it's very much kind of in the early stages like change. Christopher, what other things do you think are being done? We're approaching the point where to developers needs a lot of trust rules to secure the software, sign the software, help deliver the software that we're collecting. And we're sort of using pretty old technology to that point. It's a little, since we're getting these early stages of getting developers, you know, your new $6 into whatever, a year from now, or two years or whatever, regular. It's not easy to do both, but it's not easy to do. Yeah, absolutely. It's like, I still have to listen to it. Why? You ask. Yeah, absolutely. We should be number one. I mean, I might even reverse it around. I think we have a really good sort of use case, but we only have two use cases. Where are we getting it? Yeah, it's called user engagement model. There are two examples. I believe we have a trust. New Orleans finished, which is the refugee use case around identity. We did this time, one around human rights and advocacy of a programmer who wants to participate in human rights and advocacy. But who does handling this model? The 15-set model can be used for payments. It can be used for wide variety of digital interactions. And as engineers, we've got some kind of heads in the deads. We need to sometimes pop off at a higher level. What is this actually going to do? Yeah, there's a big legal, like, law policy implications work that needs to also happen here, right? I mean, these are kind of new instruments that the Estonian government has kind of figured out how to write the legislation and get it passed through the legislature and make it happen at a national level. And Europe's pretty far ahead. GDR, PSD2, the US is lying far, far behind in that respect. And there are new uses for this, new ways of where the law is going to be tested in what these credentials are going to be. I'll need a quick example of a weird one. So it's in the government's interest to make sure that high, expensive transactions, or whatever, aren't going to let go to court too often. Because we don't have to worry too much about that. So one of the things they do is they say you need to be a sophisticated investor to participate in various things. Make up some of the criteria of what those things are. But the root is, as a sophisticated investor, is that you're knowledgeable, that you know what you're doing. And it's consensual. It's not necessarily that you've got a million dollars in the bank, because you asked a student with a million dollars in the bank, and it shouldn't be a good sentence for the policy investment. What happens if you have a digital claim that proved that you made some forces on risk and all the different management things that might address and allow greater access to be able to participate in all the fun? So that was the big objection of the government. The only people who can participate in the economy is a one percent. You want that broader participation. But we also don't want range. There are no time limit. So how do we balance that? Absolutely. OK. Well, I know that you've got some things to catch, and business empires to build. And so thank you so much for your time to come by and say, share and educate. And hopefully to inform some connections and relationships. Yeah, absolutely. Thank you for the wonderful discussion. And so if you want to come and help on any of the things that you said, come back to the Media Lab online on 1st and October 30th and 31st, where it's going to be identified in the premium pollusa at the MIT Legal Forum on AIM blockchain, drum and reed, a number of the identity lab you've tried, will be one of the keynote speakers. You're always welcome back, as are you, Christopher. And I can tell you now, as I see this, I'm going to just yield some of your challenges and chuck them into the challenges and scenarios that I want to catalyze the discussion. Great. I mean, make good things come from today. And please come back for early knowledge. You will. Definitely. Thank you. Thank you very much. Thank you.