 Live from Las Vegas, it's theCUBE. Covering IBM Think 2018, brought to you by IBM. Hello everyone, welcome back to theCUBE coverage here at IBM Think 2018 in Las Vegas, Nevada, Mandalay Bay. It's theCUBE's exclusive coverage three days of wall-to-wall interviews, thought leaders, experts, entrepreneurs. You know, people making an impact. And our next guest is Harte Sani, who's the co-founder of Ho Show.io. H-O-S-H-O.io, Ho Show.io, advisor at Pink Sky Capital. He's a CUBE alumni, a walk-in off the streets because he lives in Las Vegas, but very instrumental to connect into this community because of his pioneering work in crypto, blockchain, and the future of money. Harte, it's great to see you. Thanks for coming by. Thank you for having me. It's good to be back on theCUBE. This is my second time. And second time, yeah, in only a couple weeks, we just saw each other at the Bahamas, the first security token conference. Yeah, Polycon. IBM's really big on supply chain. This is their business, their old school, generations of providing software for businesses, B2B, but now block chains are a big thing. But block chains, pretty straightforward. Yeah, you get efficiencies, but they're not talking about token economics because they're talking about some of the execs here. They're like, well, that implies the general public in their world thinks cryptocurrency, they think Bitcoin. So I want to connect the networks together. Our network, IBM's network, your network, because the melting pot of this trend is really about blockchain cryptocurrency in the sense of the value around tokens and how tokens can be harnessed to capture the values. I want to get your perspective as these worlds collide. So I think that IBM's doing a great job by spearheading a blockchain movement and they're really, they're focusing on the Fortune 500. And the key with Fortune 500 companies right now is that they have rooms full of Java developers, Java engineers. And Ethereum is the protocol right now that is most commonly found. The majority of ICOs and token generation events that have occurred to date have all been on Ethereum's network and Ethereum is the most commonly found blockchain. However, the Ethereum blockchain, the language to build and launch token generation events on Ethereum, you have to write in a language called Solidity and Solidity is a new language. And IBM has made a smart move by doing everything in Java and JavaScript similar to a lot of the new blockchains that are aiming to compete with Ethereum. And the key distinction, just to kind of put it out there I want to get your reaction to and get some commentary around is, IBM is not competing with public blockchains. They're looking at it in a different way. They're saying, hey, you know, you can have, I guess, private blockchains. I mean, it's not really a dirty word because they have a different use case. Correct. I think it's very important, especially when it comes to things like healthcare. You look at the healthcare industry, healthcare records will not be going on public blockchains. And so the hyper ledger fabric framework may make sense for things that need to be HIPAA compliant, for example. So reliability is key. So what's there is like, say, hashgraphs got a lot of traction in their performance and their speed. They got timestamps. That's not a native blockchain, yet that's kind of getting some traction. IBM's got something similar for those markets that require the reliability, the performance and the security. So help the audience understand IBM's moves here because IBM's conservative, so they don't really want to throw the word cryptocurrency out there because it might be misunderstood, but this is going to end up in token economics. How do you explain what the moves IBM's making to the average person that might not know the inside nuances in baseball for, say, the crypto market? I think what's interesting is that IBM has a more mature focus on this space. And, you know, they have direct ties historically to the Fortune 500 companies, the way others do not. And so they've taken a much more sophisticated and a much, much more conservative approach. You don't see IBM throwing around the word cryptocurrency. And that's a smart move because it's about the cryptography that secures blockchains in a decentralized ecosystem. And it's that the discussion of just tokens and token sales and leveraging tokens as a currency, it's a premature time in this entire industry to be having that discussion. So although it's going on, it's a distraction for IBM, you saying? Yeah, because it's more interesting for smart contracts to be written that are functional smart contracts that for the first time ever, white-collared middlemen are being cut out of the picture in a new, trustless, decentralized ecosystem. So talk about where IBM could take this with token economics. Obviously, do you think that this all leads to some sort of tokenization? Is that going to be where the value capture's going to be? How does IBM get there in your mind? I think they get there by having Fortune 500 companies launch legitimate decentralized applications on their blockchain. And that's just what Java JavaScript? It's because most Fortune 500 companies already have a plethora of engineers globally that they can simply have, start working on IBM's blockchain. And you don't see that as a risk for IBM? No, that's IBM's advantage because today the Fortune 500 companies aren't building on Ethereum's blockchain mainly because of the learning curve it takes for a current full stack engineer to become a Solidity engineer. What's Ethereum's future now? Obviously they're working on Lightning, seeing some things going on that area. Lightning is Bitcoin, Ethereum is Plasma. Yeah, Plasma, I'm sorry, I'm confused. So they got to get through the work that some real work that's got to get done. Ethereum touts a big developer community. The biggest. The biggest. So do those merge with the IBM communities downstream at some point, or is it okay to be separated and does it matter? I think they'll remain separate in this case. I highly doubt that IBM Hyperledger will go down the route that Rootstock has gone. Rootstock essentially is the Ethereum virtual machine side chain to the Bitcoin blockchain enabling smart contracts and the Bitcoin blockchain for the first time. And Rootstock is a very interesting project. However, IBM is its own ecosystem and the way in which they're catering to the Fortune 500 is extremely intriguing. And from Hosho's perspective, we want to be auditing smart contracts that are functional, that are written by more sophisticated players in this new decentralized ecosystem. Our main focus is just security auditing. And there's going to be a lot more smart contracts written by more sophisticated players on IBM's blockchain than possibly the other ones right now. We have not seen a plethora of Fortune 500 companies by any means launching smart contracts on Ethereum's blockchain. And blue chips banks or whatever, as they try to disrupt themselves, need to get a trusted partner, governments. Okay, talk about it for a minute. I'll just take a second to talk about your business. I know we covered this at Polycon and the Bahamas, but for the sake of context to IBM, talk about what you guys are doing. We are specifically in the marketplace of partners. Would you sit if you were partnering with IBM and your role that you could possibly take with IBM? So to take a step back, quick Hosho, the word itself Hosho and mean security in Japanese. And we started this company eight months ago, my co-founder, Yo Kwan and I. And our laser focus is blockchain security and being the global leader within the blockchain security space. So as far as we see, there's new blockchains being made, new protocol tokens being launched, as well as new tokens being launched, as well as new smart contracts being written that are functional for the entire business. And no matter what blockchain a smart contract is written on, that smart contract is code that has been written and that code has to be audited by a professional third party. And we are that professional third party that does a line by line code review of the smart contract and finds all security vulnerabilities. And we've been building proprietary tooling to find vulnerabilities faster and faster and faster. We do a gas analysis to make sure that that blockchain is not being clogged. We conduct a static analysis to find any hidden functionality within the framework of the smart contract. And the last part, which is very crucial, is that you are a very uniquely qualified full stack engineer with a unique QA mindset and a security background who knows the language in which this is coded, which currently most projects that we're auditing are Ethereum ERC 20 tokens written in solidity. Someone has to marry the source of truth, which in the case of an ICO is a white paper and marry the white paper to the smart contract and make sure is the smart contract doing what the white paper says. Yeah, codify the white paper basically. This process of auditing is gonna be ever more crucial within the business that IBM does with Fortune 500 businesses because when a publicly traded company launches a smart contract for a decentralized application, security is the highest priority. And the vulnerabilities is where the hackers could come in, just being on a time to market, getting those smart contract codes written until it's fully baked. It's irreversible once a smart contract is launched and millions of dollars are gonna go through this smart contract. It's been regular practice in the cybersecurity world to type up code and to have it reviewed by a third-party auditor. We're simply applying the exact same logic to the blockchain space. And it's exciting to see more blockchains by sophisticated players like IBM come to fruition and we're looking forward to actual projects from big players around the world launch an IBM's blockchain and Ho Show is looking to be a preferred partner of IBMs to do all their security work, whether it's smart contract auditing or penetration testing. And real quick on penetration testing, that's our other core service that we provide. And penetration testing is both for websites and for cryptocurrency exchanges in which we're making sure there's no security vulnerabilities within your website and finding every way possible to penetrate your website or your exchange. And every time code is changed, you've opened up the doors to more vulnerabilities. And so in the cryptocurrency exchange space right now, we're seeing that new exchanges are being made but sophisticated investors don't know if this is a safe place to trade hundreds of millions of dollars or not. Yeah. And when you've got commerce being done, I mean, IBM's focus, you mentioned, is legit and they're doing a great job. By the way, props to IBM for doing what they're doing. They've been in it for multiple years now and they're supporting the Apache project. They're putting their weight behind it. But these are real-world examples. Granted, supply chain might be boring to some audiences but not to others. I mean, you're moving real product around. This is commerce with digital fingerprints and code and potentially tokens that's highly going to accelerate the payment process. I mean, the notion of clearing goes away. It's instant. Yes. This is a highly accelerated money transfer, value capture, value transfer environment. You can't take any chances. Yes. And security is primal concern and we're excited that companies like IBM value security and this space is one that the dust has yet to settle and what's going to help the dust settle within the blockchain ecosystem is more priority on security. So what's your take? If you are going to give a talk here, we're doing talking here in theCUBE, so it's awesome. It's going to be on live and on demand as well. Your advice to people saying, you know, we've got to tokenize our business. I need to start with blockchain. I can see some areas to create some efficiencies around some inefficient processes and create new business models. I got to get started. Your thoughts. My thoughts are, take a step back and first evaluate, do you have a business? What problem are you solving? Once your business is actually generating some revenue and you've evaluated why the concept of a blockchain could be interesting for your business, then pick a blockchain and stick to it and then when you started building on that blockchain, you figured out that a token could actually be leveraged within this decentralized application that you're building. Then you can start figuring out what the token economics of it would actually be. I think what people are doing nowadays is rushing to create a token because of their excitement about the fundraising mechanism that an ICO is. And an ICO is democratizing to some extent at least global capital raising. And I think that fundraising mechanism is not going anywhere. That fundraising mechanism is here to stay. However, the majority of ICO projects that we're seeing occurring today, I don't think these companies will be around in the next couple of years, which shows how immature to some extent the industry actually is. Whereas maybe the projects that are built and launched on IBM's blockchains that they develop, maybe they're more sophisticated and will be companies that have gone through a more rigorous process of making sure security was a primary concern and they wrote quality code for quality businesses that are actually leveraging decentralization in the appropriate way, not the other way around of we want to raise capital so let's invent a reason to have a token or you have a big case right now in Silicon Valley at least is you have companies that are very serious A and B and decided let's do an ICO for series C. And that, that's tricky. It's not always the right solution. What you're saying is don't confuse the ICO craze of fundraising arbitrage and new model to applying supply chain tokens and blockchain to a durable business. Agreed. And on the same token, we have people in the space whether they're investors, they're lawyers, PR firms, exchanges, they all need to mitigate their risk by keeping security as a concern for them both in-house and for the companies that they're working with. Lawyers don't want to be doing lawyer work for a company that will turn out to be a scam coin and someone has to do a security audit of that token. The same goes for a PR firm, a marketer and an exchange. Exchanges should not be listing tokens that have not gone through a smart contract audit. Well it's good to know we got a CUBE alumni here in the CUBE to help us with our security audit. Yeah, it only answers the life we're in a CUBE interview so we got one right here. I want to just get into a topic you and I were talking of a dinner the other night when we saw each other a few nights ago about the problem of picks and shovels and tools and maturity in this new emerging area. Can you just take a minute to explain what we were talking about there? And I thought you had a good point. I mean, the maturity of this space is not mature. It's growing, it's embryonic, but moving fast and there's need for tools. Let's unpack that, just share your thoughts and vision. So I think that a lot of people have been more excited to join an ICO, a token generation event and do more quick money grabs, but to me what's more exciting is the infrastructure that's needed for this industry to actually grow and mature and infrastructure is infamously known as picks and shovels because when the gold rush happened the people who made the real money were the people selling the shovels to the gold diggers. And what's included in that is businesses like our own Ho Show which is selling security audits of smart contracts, doing penetration testing, bringing maturity and making things less risky for everybody in this space. So we see ourselves as selling picks and shovels. On the other hand, I'll give you an example. Goldman Sachs has a trading desk. Today it's not 24-7. Stock market opens at nine, closes at five. What happens tomorrow when a 24-7 cryptocurrency trading desk is turned on at Goldman Sachs? Do the traders that are now 24-7 have the appropriate tools and the governance built into software to manage a team of 24-7 traders at Goldman Sachs? Today when you have traders trading in the stock market they have a plethora of tools that make them snipers. And you have certified market technicians telling hedge funds that this is gonna go up two points here and three points there reading candlesticks in the cryptocurrency space. It's like poking a stick. You go from being a sniper to having a stick to go fight war. You're like a blind man. And so there's a dozen companies that can be made building the infrastructure for just what I just said, the governance for trading floors. This is a really good point. And I wanted to bring it up because in these emerging markets, these white spaces for tools and technology to help the overall trend grow faster has always been a successful one. However, you mentioned something about the Goldman Sachs trading desk and that is it literally could be turned on overnight. Correct. So that's the problem. You can accelerate things too fast and not be prepared. I think Goldman on a side, no, Goldman's done a great job at being very much forward thinking. They've been at every money 2020 since the beginning of that fintech conference. And they're definitely- Let's put Goldman Sachs aside. The analogy is a company can turn on a new model fairly quickly, faster than the old days, which would have taken months. And then now you can do it really on a much shorter timeframe. That means they potentially could be exposed if they go too fast. This is where the ecosystem has to help. Yeah, I think the bulge bracket banks are tritting the water very carefully. J.B. Morgan is doing things. They're involved with Ethereum, Zcash, Dash. J.B. Morgan has a lot going on on this front, but these are publicly traded monster banks. They're not going to take any risks. They have stockholders to answer to. They have the U.S. government. We have over 150 regulatory arms just regulating the finance industry in the United States. And so I think the average American citizen is quick to point fingers to bulge bracket banks. And those banks are answering to too many regulatory arms. This is one of the downsides of the United States right now in general, is the increasingly coercive environment of the government. IBM certainly got the blue chip company that got the Fortune 500, but they also have a marketplace. And that's where they could really kind of change the game, feeling in those white spaces. J.B. Morgan Yeah, IBM's marketplace sounds very exciting and my mind just goes to who's handling the security for everything to do with IBM blockchain. We're hoping it's hosho. J.B. Morgan Artej, thanks for joining us. Thanks for sharing your insight here on theCUBE. We're here at the IBM Think Conference. Breaking down all the top news that's really around blockchain and AI with data at the center of the value proposition, all being disrupted by new decentralized technologies, blockchain being the beginning and a lot more is happening. Certainly we're going to bring it to you on theCUBE. No matter where it is, we'll be there. I'm John Furrier here in Las Vegas for IBM Think coverage. We'll be back with more coverage after this short break.