LETS TALK BITCOIN

Episode 62 The First $900 Bitcoin Episode

Participants: Adam B. Levine (AL) Host Andreas M. Antonopoulos (AA) Co-host Stefanos Member of Hackerspace GR Esben Friiz Jensen (EFJ) Founder of Crowdcurity Jacob Hansen (JH) Founder of Crowdcurity Anthony Di Iorio (ADI) Executive Director of Bitcoin Alliance of Canada AL: Hi and welcome to Episode 62 of Lets Talk Bitcoin, a twice weekly show about the ideas, people and projects building the digital economy and the future of money. Visit us at www.letstalkbitcoin.com for our daily guest blog, all our past episodes and, of course, tipping addresses. My name is Adam B. Levine and today were all over the place. Andreas is back on native soil again, educating about Bitcoin and visiting family. He checks in with an interview from Athens based Hackerspace GR. They talk culture and how easy those early bitcoins came and went in the days before their value was understood. Then, the battle for your bitcoins online is often a battle against bugs and those who exploit them to your detriment. The guys at Crowdcurity have taken the bug hunt to an institutional level - we talk websites and wallet security, bitcoins and bounties. Later, Anthony Di Iorio is a familiar face on Lets Talk Bitcoin because hes always doing so many things. We catch up about the major Canadian conference theyre planning for spring, the mysteriously named and very cool open source KryptoKit project and more. Finally, where do you stand on the Coin Validate Whitelist? Ive been talking to a lot of folks and thinking way too much about the topic. We wrap todays show with my explanation of the problem, the project, the players and the current battle lines surrounding this pivotal upcoming issue. First, lets join Andreas now, live from Greece. [1:36] AA: Hi everyone. Andreas Antonopoulos here reporting live from Hackerspace GR, the Greek hackerspace here in the centre of Athens, where we have a fantastic community. I just completed an introduction to Bitcoin to a great audience and got quite a bit of a gathering. I have with me here today, Stefanos, who is one of the local Bitcoin users and has agreed to talk to us a bit about Bitcoin. Hi Stefanos, how are you? [2:09] Stefanos: Hello, very well thank you. [2:10] AA: Stefanos, tell me a bit about your experience with Bitcoin. I know youve been involved for quite a while and you understand the technology quite well. When did you first get in? [2:20] Stefanos: I think it was around 2010 when a friend introduced me to the project. He had just started mining himself and he wanted to find some more sources for mining. He got me

really interested into the idea, so I started to (??) the protocol, mostly by studying the source code and see how everything worked. [2:41] AA: Right. Right. Right into the source code. Thats the best way to study it. Excellent. So you got in in 2010, early days. That must have been a pretty good price for the Bitcoin right? [2:51] Stefanos: It was really easy back then. Actually, a lot of people just gave their coins away on the Bitcoin forums. It was, I think, around $0.10 or something close to that. [3:03] AA: Wow. Early opportunities. Let me ask Did you manage to keep any of those original bitcoins? How did that go for you? [3:10] Stefanos: Actually, I didnt. I mined some bitcoins later on, I bought some graphic and some GPU cards for that but after the first large crash of the market where I think it went to $17 or so and then some account got hacked and the price really went back to zero. I didnt bother resetting up my mining hardware; I lost some of my coins in some formats and didnt really pay any attention to them. [3:38] AA: OK. You kept some of them though? [3:41] Stefanos: Yes, just a few of them. [3:42] AA: Just a few. Thats great. At least you got in somewhat early. So youve been involved in Bitcoin for almost three years now. Have you been following it consistently since then or did you fall off? [3:53] Stefanos: I fall off but I regularly, every couple of months check up, or watch news, see some research papers that they get published every now and then and follow up the price. [4:03] AA: Lately, the price has been rather interesting to say the least. [4:08] Stefanos: It has been extremely impressive actually. [4:10] AA: Yes, yes. Whats your involvement at the moment? Are you mining at all? *4:15+ Stefanos: Right now, Im not mining. I used my early bitcoins to buy an ASIC miner. *4:21+ AA: Oh, very good. [4:21] Stefanos: With some expecting to arrive this week. Hopefully, I will be back in the mining game much more. [4:28] AA: Do you think there are other miners in Greece or in Athens that you know of? Do you know other people with ASICs, for example? [4:35]

Stefanos: I know that we have an ASICs in Hackerspace. We brought it as a donation so that everybody can play .. [4:41] AA: Oh excellent. You have one right here. [4:42] Stefanos: Yeah but its right now not in the space. One of our members is taking care of it because we didnt really have the dedication to properly set it up and we didnt use it yet. [4:53] AA: I see. Theres at least one more. What do you know about the community here? Do you see much activity with Bitcoin? [5:00] Stefanos: I dont know many users but the few people that I know, they have mined quite extensively. [5:08] AA: Committed an early start. [5:10] Stefanos: I have met mostly early people that got in the game early on, usually from universities and places like that. [5:18] AA: Excellent. Do you see the community growing? Has the new price level made more people (??). [5:28] Stefanos: Its definitely exploding, in a sense. Most people are very impressed by the price of the bitcoin and not really in the network, or the functionality, or what it represents anyway. [5:43] AA: I know that from your perspective, weve discussed this before, you see Bitcoin much more as a technology and a network than as a currency. Do you want to tell me a bit about that? [5:55] Stefanos: Yeah, of course. When I first discovered the Bitcoin as an idea, it was really a brilliant idea of a distributed currency. I was really amazed that it can actually work and that three or four years down, it is still working and still popular. I believe it really has the potential to change the way that economics work on a global level. If not as a user level currency, perhaps as some backbone for some different banking system or something like that and perhaps if not the exact same technology, some other technologies derived from this idea. [6:38] AA: Excellent. So I think were very much on the same page there. Im beginning to notice that you can tell the difference when people talk about bitcoins, they mean the currency and when they talk about Bitcoin, they usually mean the network. Thats a clear distinction because the technology is so much more interesting than the currency. Although, you know, at $600/$700, its not too shabby. *7:02+ Stefanos: Well, of course, the Bitcoin network really needs both kinds of people because a lot of the technology and the development, in particularly the ASIC production, which is

extremely expensive, wouldnt have been possible without the economic side of the thing. [7:20] AA: Definitely, they coexist. What about altcoins? Do you see any interest in altcoins here in Greece? [7:25] Stefanos: Well, I know that there has been a lot of interest in Litecoin lately. Mostly because it hasnt still caught up and you cant really mine it as effectively because of the hashing algorithm. I know a few people that are working actively on that. I know that the Greek Pirate Party can accept donations in litecoins and they also provide the Litecoin client that you can use to fund them by donating your CPU time or GPU time. Litecoin is quite popular. I have seen a couple more coins but none of them has..... I have also another interesting (??) peer to peer coin, PPC I think, which has some extra centralized management kind of structures, but I havent studied extensively. *8:13+ AA: Does this Hackerspace take bitcoin donations? [8:18] Stefanos: I dont think we do yet, but its in our plans, yeah. [8:23] AA: Excellent. Thats really good. What do you see as the potential of Bitcoin for Greece? Do you see any kind of special application or possibilities here in Greece given the economic crisis and things that are going on? [8:38] Stefanos: Well, its an easy way to avoid some problems. Mostly because there are services that accept any currency or bitcoins, like Bitpay which are really easy to integrate in an online sort of experience and kind of transparently use the Bitcoin network for you. I guess these services could really come in handy as the banks are more reluctant to interact with other merchants. Apart from that, I dont think it will play a great role into transforming the economy. [9:14] AA: Do you see the possibility of a currency crisis here, potentially kicking up interest? [9:18] Stefanos: Well in that case, of course, there will be a lot of interest but the general public in Greece isnt that technically informed. So probably they are not really able to fully utilize such a tool. [9:31] AA: So its going to be a niche technology? *9:34+ Stefanos: Yeah, yeah. I believe so. [9:36] AA: What about merchant activity here in Greece? You mentioned Bitpay. Have you seen any merchants here start to consider integrating Bitcoin capable cards and ecommerce solutions to sell things? Is there any market for buying stuff with bitcoin here? [9:52] Stefanos: I havent used any but some of my friends work in companies th at accept bitcoins. I havent seen it reach the general public yet as in big subs or, thats hard. *10:05+

AA: Well, thats fine. I mean we dont have that pretty much anywhere, with just a few cities exception, like Berlin and Bratislava where they have a couple of streets. [10:13] Stefanos: A few online subs do use bitcoins and there is a lot of interest in bitcoins but that hasnt materialized yet into actions. [10:24] AA: What are your future plans in this space? Are you going to get involved in mining, you said, with your new ASIC? [10:35] Stefanos: Yeah, I will get back into mining and see how... get myself updated on the latest news because I havent been following the past two or three months. I also hope to set up a nice way to donate and handle bitcoins in the Hackerspace because its a space run by many people, so there are some trust issues and we need to see who manages the bitcoins and how public (??) our processes. I guess thats my current project. Later on, I was thinki ng of some web-based projects for bitcoins and perhaps integration with any subs but thats just ideas for right now. [11:17] AA: Do you see a possibility of being able to work in the space and work for bitcoins, for example? I know you are a programmer by trade and you have language and coding skills. Have you found any opportunities to work for bitcoin? [11:33] Stefanos: No, but I havent exactly searched for anything like that. *11:37+ AA: Ok great. Well I certainly hope thats going to happen more and more in this future space. By the way, I have to say, since you are a member of this Hackerspace, it is a wonderful community in the space you have here. I would certainly encourage other Greeks who hear this program to check out the Hackerspace. Where can they find more information about Hackerspace? [11:57] Stefanos: Hackerspace GR on the site. It has pages about our vision and current projects. We also have a Facebook page, which is regularly updated but not as live as the Wiki itself. There is also a public mailing list, which you can find on the site which is how everyday conversations are actually get organised and you can join in. [12:21] AA: I can say from having visited this space, its ... to me, it would have been a dream come true if, as a young geek I had access to the kind of tools, electronics, manufactured fabrication capability (??) machines, UAV drones and all the other wonderful things you have here. More importantly, access to a community of same minded people, who I can learn from and really this is a really great community youve built. *12:51+ Stefanos: Thanks a lot. [12:52] AA: Congratulations. [12:54] Stefanos: Its not just my achievement though. There are other people that some of them have left by now. This was one of our original goals was to create a place where we can get

people together and particularly help young people that .... its hard to find technology related material in Greece, so we really wanted to create this kind of space. [13:18] AA: Stefanos, thank you so much. Its been a great pleasure to be here today and discuss Bitcoin with so many people who are very enthusiastic about the topic and to see this lovely space youve built and I hope to visit you again. [13:31] Stefanos: Thank you. Thanks a lot. It was nice speaking to you, as well. [13:34] AA: That was Stefanos and this is Andreas reporting from Hackerspace GR, where I am on the first leg of a world tour, visiting Bitcoiners in a number of different cities around the world. Obviously, coming back to my original home country where I grew up has been a great pleasure and seeing the local Bitcoin community, which is young but flourishing and growing. It has been a great experience. Reporting from Athens, this is Andreas. I hope to see you all soon. [14:03] ______________________________ ANNOUNCEMENT: Hi Listener. Here at Lets Talk Bitcoin, were building a global network of correspondents able to contribute on the ground perspective when cryptocurrency related information comes across their filters. If youd like to join our global conversation, send an email with your name and geographic or cultural niche to apply@letstalkbitcoin.com. Just like Bitcoin, the only barrier to entry is your time and good work. Thanks for listening. [14:53] ADVERT: EasyDNS is the Swiss Army knife for your domain names. Helping meet their customers individual needs since 1998. EasyDNS has been an outspoken critic of SOPA and CISPA. EasyDNS was an early supporter of Bitcoin and now they are proud to sponsor this show. Do business with a company that shares your values. Get a 13% discount when you pay with bitcoin. Go to bitcoin.easyDNS.com and be sure to use discount code LTB. [15:26] ______________________________

AL: With the price of bitcoin skyrocketing and web wallet hacks in the recent news, security is clearly an important issue in Bitcoin. Joining me today to talk about white hat solutions to black hat problems, Esben Friiz Jensen and Jacob Hansen are the founders of Crowdcurity. Gentlemen, thanks for speaking with us. [15:42] Crowdcurity: Thank you. [15:44] AL: Your Company, Crowdcurity, consults on security issues but in a rather unconventional way. Can you explain your process? [15:51]

Crowdcurity: What were basically doing is using the concept of bug bounty programs. As some of you might be familiar with the bug bounty program that Coinbase is running, where they are openly inviting skilled security testers to kind of report vulnerabilities on Coinbase app and then, in return, they can get rewards. Basically, what Crowdcurity does is we take this kind of concept and then we provide the structure for the company to kind of do it. Instead of creating their own bug bounty program, they go to our site and create it with us. The benefits of kind of doing it with us, instead of doing it on your own site, because you still get the benefit of vulnerability submissions by doing it on your own site, so if you dont decide to do it with us, we, of course, recommend to do it anyhow. By doing it with us, you get a structure, you get a best practice rule set, you get payment management, and we handle the payments. We also handle all the tax rules, which come with the payments. We are talking about testers from all over the world, so there are different tax rules related to that. We take care of that and we only send one invoice to the customer. Thats some of the things. We are also handling just the questions. Sometimes there are some questions that say they might have a bug to test and we are kind of the first level support and handling that. We are taking away a lot of the admin from the businesses. [17:18] AL: Basically, what youre doing here is youre putting out bounties; youre putting out rewards for people who can figure out ways to break the site. OK, so your company is providing like an infrastructure level for this, so that companies, when they want to do this, dont have to reinvent the wheel and so they just come to you. Youve already got a system in place that works. Youve already got a community that is making money from you, I imagine. I imagine that you probably have some of the same testers working on one project as another, just because its connected through you. *17:44+ Crowdcurity: Thats correct. I mean, at the moment, we have around 400 testers signed up via our platform. One can think of it a bit as crowdsourcing IT security, in the way that if you start a reward program, we will go and market that toward the testers and within a fairly short while, you will have a lot of testers, security testers inspecting your site and providing a crowdsource security test of your site. Of course, the benefit from the testers in this case is that if they find something that might be vulnerable or harmful to a business site, then they will earn rewards for those vulnerabilities. [18:20] AL: One of the concerns with this type of approach is that, essentially, you are inviting attacks. I assume its legal to do this type of testing for your testers because again, its kind of a game here thats being played. Do you ever have a problem where the value of the compromised thing that is discovered, outweighs the bounty thats being of fered? [18:38] Crowdcurity: Thats a very good question. Its a valid concern for many businesses. I think, in this case, what we normally offer is that business can do what we call a private reward program, where in this case, we only invite a limited number of testers that we know and have a track record with. I think that the much bigger question that is important to ask is that - a level of these sites are already under attack and are constantly being examined by malicious users who are looking for ways to kind of exploit vulnerabilities. Youre already attracting these users and I think thats what were seeing with the various exchanges and wallets being hacked. Secondly, if a hacker were interested in doing malicious activity, it will simply not be a very good strategy for them to sign up with our service. They could just go

straight ahead and start poking around with the site and try to exploit some of these vulnerabilities. [19:28] AL: Youre saying that the penetration testing is happening really one way or the other. Its just that one way it only is happening for evil purposes and in this way.. it might, you know, some of it is going towards helpful purposes? [19:39] Crowdcurity: Thats simply correct. All the sites are already on the attack. Basically, wha t a bug bounty program or reward program really does, is that it provides an alternative for a lot of these testers to not do malicious activity with potential vulnerabilities but giving them a kind of a lawful way of earning rewards and reporting these vulnerabilities to the business. [20:02] AL: On Bitcoin, specifically. Bitcoin and online wallets. Theres a saying: secure web wallet. You get two of those words but not three, which implies that if you want a secure wallet, it cant be online enabled. Ive referred to online wallet sites kind of like piatas, where the more people who use the service, the higher the price of bitcoin, the greater the prize for whoever breaks it open. Do you think that its possible, given the type of reward, that these wallet services have, to actually have safe and secure, really like trustworthy and secure online web wallets? [20:31] Crowdcurity: In general, I dont think that anywhere you are able to get 100% security on your wallet. Neither in the physical world or on the digital world and we still see banks getting robbed, even today. Its an illusion that you will ever get 100% security. What we should see is that businesses, as they grow and have a large user base, that the reward size increases and because they will be more serious about their security. If you look at, for example, Google and Microsoft these days, they are paying between $20,000 and $100,000 for very serious vulnerabilities, which gives huge incentives for testers and the whole security community to improve their security and report these vulnerabilities. I think we will be expecting as kind of the Bitcoin market and the Bitcoin space is maturing, that more and more exchanges will start running these reward programs and that the rewards will increase. I think from a user perspective, if Im a user, I would use a wallet service or an exchange that actively have a reward program and you can kind of measure how good their security is in terms of how high the rewards they are paying out because the higher the rewards are, the more confident they are about their own security and the more they are kind of asking for the security community to help them improve their security. [21:56] AL: If somebody is interested in learning more about your service or contacting you guys, what is the way to do that? [22:01] Crowdcurity: We are always reachable by email. You can find our emails on this site, which is www.crowdcurity.com and anybody can reach out to us with questions. We are more than happy to answer. [22:12] AL: OK. Last question. We dont have security experts too often on the show and I am curious how do you store your cryptocurrencies? What do you think is the right balance between security and convenience? [22:26]

Crowdcurity: I think that is a very good question and I think really what youre pointing out is that there is a trade off between convenience and security. I weighed it out. I only store all my bitcoins in online wallets, but I never have more than 25 bitcoins in any wallet and those are spread across, at the moment, four different wallet providers spread out across the world. Thats, of course, a trade off between having your bitcoins in an online wallet compared to offline wallets. The reason why I chose for going with online wallets is that, basically for the last two and a half years, Ive been travelling around the world and Im losing stuff and Im only having my bag with me. Its not very convenient for me to ... I dont have a physical place simply where I can stuff in my online wallet or my hardware where my online wallet would be, so I need something that is convenient and out there in the internet somewhere. [23:19] AL: Have you ever lost any like that? [23:21] Crowdcurity: So far that has not happened. Of course, I mean I look very carefully at the providers that I store my bitcoins with and let me put it this way if they cannot provide two factor authentications, I would not use it from a user perspective. [23:35] AL: Right. I understand. [23:36] Crowdcurity: OK. That was basically how I treat bitcoins in my personal life and my personal bitcoins, where I weigh in on the side of having greater flexibility and convenience, in terms of online wallets. How we treat bitcoins in Crowdcurity is - its very different. First of all, we dont hold a lot of bitcoins. The bitcoins we do hold are in the amount of 5 to 10 bitcoins and we use those mainly to pay out rewards for testers and we buy them, kind of every time that we need to pay our rewards in bitcoins and then basically use them straight away, so we never hold any large balances of bitcoins. Once we are in the range of 5 to 10 bitcoins, we do hold those in online wallets. I mean, we go for the most secure online wallets that we can find out there. [24:24] AL: You pay the bounties in bitcoin. Whats the average size of a bounty that youre paying these days? [24:30] Crowdcurity: All the bounties are listed in dollars but we do have clients where the bounties are listed in bitcoins. Of course, in these bitcoin bounties, we pay those out in bitcoins as well, some kind of pure Bitcoin programs. Bit bounties are kind of categorized into high, medium and low, where kind of the standard package for high, medium, low is $1000 for a high reward and $300 for medium and $50 for low. That would amount into whatever the exchange rate is for bitcoins at the moment that we pay out the reward thats the bitcoin part of it. I think, at the moment, if its around half of all our rewards that are paid out in bitcoins and the other half are paid out in dollars via PayPal or via transfer. [25:17] AL: Do you prefer bitcoin relative to the other options? [25:20] Crowdcurity: Of course, for our point of view, its a lot easier to pay out in bitcoins because we can do a lot faster and there are lower fees, so we are trying to kind of get all our testers

to accept bitcoins but, of course, in order to attract testers, some testers would simply prefer having them in dollars. We try to push for them accepting bitcoins and that also lowers the fee and we can pay out the rewards faster. I must say that the reason why weve been able to pay out around half of our rewards at this point to testers in bitcoins, is its kind of our target group, all the security testers are kind of very tech oriented and, of course, are early adopters of bitcoins. I mean, over time I expect this number to increase. [26:04] AL: OK great. Guys, thank you very much for your time. This was very educational and I look forward to seeing more of these programs develop. Thank you. [26:11] Crowdcurity: Thank you, Adam. Have a good day. [26:14] ______________________________

AL: Anthony Di Iorio is the Executive Director of the Bitcoin Alliance of Canada and a familiar face on Lets Talk Bitcoin. Anthony, how are things? ADI: Things are excellent, Adam. Thanks for having me back again. [27:00] AL: Listeners know that I love a good conference. Weve been hooked at Lets Talk Bitcoin here since the San Jose event. Anthony, I know youre putting on a kind of big event coming up in Canada this spring and were hoping to be heavily involved. This is a bit of a ways out, can you kind of share your vision and why youre starting to talk about it so early? *27:16+ ADI: Our initial plan was to have it in October of this year and when we were starting to plan it, we only had about two/three months to get it going. We wanted to do it before the snow came and before it got too cold, so we figured it had to be done in a time that wasnt the winter because we think well have a lot of driving traffic here. After we figured we couldnt do it in October just because of time restraints, we decided to do it in Spring and set it up early, get the date booked, get the venue booked, start getting some key speakers here and the rest will come in time, but it gives us so much time to plan everything and bring it all together. [27:48] AL: You have dates set. What are the dates right now? [27:50] ADI: The dates are April 11th, 12th and 13th. Were planning on a Friday evening, all day Saturday and Sunday. [27:57] AL: Its going to be interesting. This is literally within days or weeks; Im not exactly sure what the date is of the start of Lets Talk Bitcoin. This will almost be exactly to our one year anniversary of doing this show, so thatll be interesting too. What is it that youre trying to accomplish with this because, I mean, different conferences go after different target audiences, different niches, different angles. I know that youre planning kind of a larger event. Weve seen a lot of one day events. Yours is a two day, right? [28:22]

ADI: It will be two plus well do like a gala dinner, I think, on the night before on the Friday, as an opening thing with the keynote. Well do the Friday evening, then the two days on leadership and growing Bitcoin communities. Were hoping to gather together a whole core of international Bitcoin leaders from around the world. Thats the major theme. The theme is facilitating the growth of Bitcoin communities worldwide and doing that on local and national and international. Working together, sharing resources, getting best practices and passing those along. Working together and were seeing all these groups that are forming right now. Weve got Google groups for leadership, theres a Skype group thats forming right now. There are all these different ones and its going to try to bring everything together here. Lets come up with a resource or a place that we can all just contribute to and let the ideas flow and take ideas and adapt them from country to country. Just, basically, like thats always been my goal is to have a blueprint with the Alliance, have something we can pass along because weve gone through a lot so far. We started this process in April. Its been a long process but weve learned a lot from it and people seem to be receptive to the way that were approaching it. Theyre taking it, theyre running with it and theyre adopting it. We want to be here just to help facilitate the speed of these organizations. Thats what the main focus of this Expo is is to get international leaders together and formulate plans to develop these communities. The second one is to see and focus on how Bitcoin is going to benefit the world charities. How its going to be affecting Africa. Thats a secondary focus. Those are the two things that were going to be stressing, so each conference does have a theme. Those are the two that well be focusing on. [29:54] AL: What types of speakers? What types of talks? What types of events? I mean, is this mostly going to be a panel event, where theres lots of people sitting up there and answering questions or is it going to be more prepared talks, a mix? [30:04] ADI: The actual talks and how were going to do it hasnt been decided yet. The first thing was to get a good core of say 20 speakers that will be the base of the conference. Weve already got a good core from Toronto and from the US. Were now focusing internationally. Now weve just got a few more leaders from some of the countries in Europe that are coming over. The actual talks and forums were going to decide that in the upcoming months. What weve done right now is: weve launched the website, weve got a great core of speakers, then, I believe, the sponsorship and everything will follow and were going to start selling tickets and getting the talks and everything straightened out in the New Year, so starting in January. [30:38] AL: How many people are you expecting to attend this event? [30:40] ADI: I think were maxing out at about 700-800 right now. There can be up to four theatre rooms. There are two large rooms: one holds 500 and one holds about 350 and those can be split in half, as well, to give us floor if we want. Then theres a large Expo Centre, which has enough space for, I think, between 20 and 40 exhibitors and that will be the space that we use the night before for the dinner. That will be the main gathering space. Yes, similar to what was going on in San Jose at the beginning of the year. Were hoping to get more of an international flavor though. That is the focus: to get people from all over. Were also offering some scholarships, so there will be applications where we will be providing flight

and tickets and things like that to people in either underdeveloped countries or theyve got a story to tell and wed like to get them over here. There will be a contest for that. Call for abstracts will be going out early next year. Weve got the committees that are forming right now and the program and everything else will be coming in the next couple of months. [31:33] AL: Well then, well look forward to hearing more about that as it kind of matures and develops a bit more. Thanks for letting us know thats coming. Before this interview, you mentioned that one of the things that you want to talk about is called KryptoKit. I have no idea what KryptoKit is. Can you give me an overview of what that is? [31:52] ADI: Certainly. The concept stems back a few months. We had a site that had a really secure secret URL system and it was true and it was tried and tested. We had 4,000 users on our site over the months that we had it. Secret URL systems are a frictionless way to get into your account. Basically, you go to a site, you get your secret URL, so its an individual secret URL and thats your account. Thats how you get back to either a wallet system or if youre on a gambling site, thats how you get back to your account. *32:20+ AL: Whats an example of a service that somebody might have used if theyre using online web wallets to do things this way? [32:25] ADI: Instawallet would have been a perfect example. [32:27] AL: OK. [32:28] ADI: Now, the problem that they had and Im not sure if your listeners know, Instawallet was an instant wallet service that enabled you to go to their site and be instantly given, basically, a new wallet. You go there, youre given a secret URL and youre given a deposit address, they had a couple of issues though. Firstly, that their URLs were getting spidered by Google. Thats a big problem when youre having passwords, basically, being given out on the internet. The second is that, they were holding onto customer funds and that was a big problem because when they eventually got hacked, which they did, they lost a lot of accounts. I think they had upwards of over a million accounts on there. They shut down and theres really been a void on an instant wallet service. I used them frequently, back then. We had always wanted to get the .... I had always had it in my head I wanted to develop a new instant wallet service and since we have developed a secret URL system, we began working on a project called Rushwallet. Rushwallet was very similar to Instawallet. It had a secret URL system. We knew what to do so it wouldnt get spidered with Google and the key thing is that we werent holding onto any customers funds. Everything was going through blockchain.infos API, there were no stored funds on our end, everything was client side, so nothing got sent to any servers. We had no access to passwords, we were never given the passwords and we dont want to hold onto peoples passwords or funds. We took Rushwallet to a beta, a few months ago and it was well received and then something happened with the blockchain API and we kind of shelled the project for a bit. Then, about last week, my business partner came in and said hed been working on something. What he showed me was an extension for Chrome that was incorporating blockchain.info credentials and allowing you to put in your username and password and you now had a browser-based

wallet just from an extension. You click on the extension in Chrome, it pops open your wallet and it pulls out any Bitcoin address thats on the site and puts it in a bulleted list right in the wallet, which makes it easiest, frictionless system to make Bitcoin payments. What you do is you can go to any Bitcoin site with an address, it pops up every single one on the site, you pull up the one you want to make a payment to, you put the amount you want, you press enter, and youve now sent a payment to that address. It no longer requires you having to go back and forth from websites or going to blockchain.info and logging in and then putting the address in, copying, pasting, going back to another window. It keeps the wallet on the side of your screen and it shows the main website that you want to make a payment to, you pop it open, make a payment, you close it and youre done. Its really simple. We then incorporated our back end of Rushwallet that we still had, put it into this extension, so we dont even need to rely on blockchains information. Its not your blockchain account youre setting up. Pretty much, you install the extension, you open it up, you move your mouse around and it randomly generates a private/public keypair. From there, youve got a wallet in about five seconds. Its the easiest system to actually go get a brand new wallet. [35:15] AL: Now that youve described it, I actually did use this. It just wasnt called this at the time. I think it was just called Rushwallet plug-in, at the time or something like that when you showed this to me a day or two ago. [35:24] ADI: Yeah thats right. (??) *35:25+ AL: This is a really easy way to use Bitcoin wallets and, I mean, Im someone who does not ever use web wallets because every time I hear about somebody losing money or getting hacked or something like that, its always from these web services and so Ive started describing them as like, piatas because the more value thats in them, the bigger the prize is for breaking them open, so they get broken open. Does this actually fix that? You said that it stores the keys locally, so why is this something that isnt being done by someone like blockchain or why didnt MyWallet do this or InstaWallet? *35:54+ ADI: Ive shown the guys at blockchain and they really, really think that were onto something. Ive shown it to Roger, Ive shown it to Nick they loved it. When I was in New York City, I went to the conference there, the Inside Bitcoins and they had the guy from the Web Standards, was it W3 Web Standards was there? [36:10] AL: Manu Sporney. [36:11] ADI: Thats right. His main point was that you need to get this into the browsers. Once you can get this into the browsers, it can get the mass adoption and acceptance because then it makes it extremely simple for people to make payments. Thats always been in the back of my head. Just coincidentally, my partner started working on that and brought it to me just a few days ago. Were ready to launch this in beta mode. Its, in my opinion, the easiest, simplest way to get a web address and web wallet. Its most secure, in that we dont store any passwords and never get sent to any server, were not holding onto anybodys funds, you instantly make deposits, you pop up a QR code in your little wallet , you can first off fund it from any other wallet and now youve got bitcoins in your extension.

It stores your credentials; you can put a password on it, if you like. Im all about frictionless services and making things easy for customers to use. Thats the whole step. I think logins and passwords are a pain in the butt and if you can avoid them, then do that. This can store right into your extension and youre making payments in two seconds and then it ac tually drives and pulls up any Bitcoin address thats on that page and puts it into a very simple easy list for you to select a payment of has huge implications. We can now tie in any digital media and descriptions of that media thats on that page and pull it up right into your wallet in a list of products that you might want to purchase and start buying. This could not just change Bitcoin purchases but could actually change the way that shopping gets done online. [37:30] AL: OK. I think that youre definitely onto something. I totally buy a ll of these arguments. The natural counter to this is, of course, what happens if your browser is compromised? [37:41] ADI: If your browser is compromised, it would (??) be a keylogger, that would be the way that it could be compromised. Any other web service that you go to or web wallet, it would be dealing with the same issues. OK? [37:52] AL: OK [37:53] ADI: This extension, again that it sits on your client-side and that no information does get sent anywhere, is pretty secure. [38:00] AL: When you send a payment through this, do you have to enter a password or is it literally anyone sitting at your computer can pop this up. I mean, I understand that someone would have to hack in with a keylogger. Im asking can you encrypt these wallets? Because you werent able to when I was testing it out and it seems like that would be an important layer. [38:19] ADI: There is a password. When you actually set up your first account, the password is not set. One of the settings is to enable a password, so for me, I know on my computer its in my house, I dont want to have a password on it. Again, frictionless thing. I like just being able to open it, go make a payment. If I want the option to, I can set a password and now every payment that goes out would require a password to do it. As well as also if anyone tried to reset the account, it would require that password thats there or you wouldnt be able to reset the account. Now, the other interesting thing is that, we also implemented a brain wallet system there. When you go into the extension and you set up a new account, it gives you the option to put in a brain wallet, so you could use a phrase there. That can be your account. You can then take that phrase anywhere else, install the extension and put your brain wallet in, now you have access to your funds too. [39:06] AL: Very interesting. It seems like any vulnerability that impacts this, would also impact any other wallet thats installed on your computer because a keylogger would gra b anything because its just essentially sharing your password and then being able to compromise that. Are there any weaknesses to this besides that? That like, it has more in common with a web wallet? [39:25]

ADI: Well actually, you can get rid of that keylogger issue because we also are implementing a keyboard popup, where you can then use your mouse to click on the keys. That would actually negate the keylogger aspect of that. Thats what blockchain does, for example, for their secondary password on your account. Theyll pull up a keyboard and you have the choice to use your mouse to select and put your password in through a visual keyboard on the screen. That even gets through the keyboard aspects of things. What weve done is weve created the easiest, simple of use wallet to set up, easiest, simple wallet to make payments, all client-side so no information gets sent, we dont store anybodys passwords, all put into this package we call KryptoKit. The reason we call it a kit is because not just are we a wallet, weve now implemented the simplest, easiest to use GPG encryption messaging and communication system built right into the wallet. Once weve got the payment system and the wallet, now weve got communications and getting that GPG encryption key, it now opens the door for so many other things. We can now use encrypted conversations, chats, and video. We can incorporate Gribble. We can incorporate any open source software like, theres one called Mailvelope, that allows you to do GPG encrypted using your Gmail, Outlook. We actually have a system that is securely NSA proof, in terms of messaging right now. We will then be incorporating something similar to Cryptopak right built into the wallet, as well and into the kit. We will then be a source of identity. You could actually have proven identity on our system, youll have a payment system and youll have communications all built into one. When you have those three things together, you get a very powerful tool kit, which can then implement into a social network. Weve got friends list now, where you send me your GPG key, it goes into my friends list inside the kit and I select your name, I send you an encrypted message, you get a little notification in your extension, where you get a sound and you get a little one that pops up and says You got a new message. You open that up, its encrypted all the way till it gets to you and then on your client-side youve got your keys to unlock it and view it. It really is a powerful kit. Were really excited about it and we think it really could be a revolutionary thing for Bitcoin. [41:40] AL: It sounds like a very impressive package that youre putting together. Again, like the last time when you showed me the prototype, it was a prototype. Where are you actually in the development cycle of something like this? [41:50] ADI: OK. The messaging system, the GPG key system, which will be the key for all the other encrypted services is in place. We can now send secure communications to anybody else using GPG, in two ways. You can copy and paste the GPG message and put it into an email or wed send it right through our system. If you to provide me with a GPG public key, I import that key into my kit. Youve just imported Adams key, it puts you in a list. Whenever I want to send you a message, I would click your name, type it in, hit send, you get a notification on your end on your browser extension with a little one that pops up and a sound, you can then view that message on your end. Thats where we are. Were starting to implement the chat; were starting to implement the mail system. You know, encryption. Were planning to get this out in beta very soon. Its actually ready to go to beta. Were going to be looking for a closed beta and try to get some people to auto decode for us. We want to get some good backing of people in the community to say and give their seal of approval on what weve done. Were very confident in it. My partner is, Ill say it, he is a

genius. He works in ways and a speed that Ive never seen anybody do. Weve also been told weve been able to do two thirds of what Dark Wallet is trying to do right now and weve done it in a few days. Im not sure if youre aware theres meetings in Milan going on now to decide how Dark Wallet is going to proceed. Weve actually done a big chunk of what theyre trying to do already. Ive reached out to them and Im hoping to get some communication lines open with them and see where theyre thinking with this. The on ly thing we havent done right now is the mixing service. We havent even looked at it yet but I dont see it as really being something that we cant implement down the road. *43:26+ AL: Thats fascinating, Anthony. Every time we talk, youve got so many projects going on and you seem to be implementing on them pretty well. That sounds fantastic and again, the project that youre working on is there going to be a company backing it? Is it just going to be an open source project that you work on and then release into the wild for projects like Dark Wallet to continue? Whats the game plan? *43:45+ ADI: The game plan is this with extensions, they are open source. Anybody can view the whole quote of an extension. Our goal is to ... were going to push a video out explaining the features on it and how it works and then a call for a closed beta. Thats our first step. The second step is to get our product branded and supported by people in the community that can stand behind the system and believe in it. Im putting my name behind this. Ive spoken to a few other people that really like it. I may approach them to get their name behind it to say that.... listen, this is a secure system, we really believe in this. Thats whats lacking with a lot of businesses in Bitcoin. Its the professionalism. We want to get a professional marketing company and branding company working on this right away. We want to come out and do things properly and really all about user experience really all about customer support. I think its crucial to have companies that are doing this in this space because every time we see someone get hacked or a situation where customer support is lacking, it really is a negative aspect on the community. Im all for community building and seeing what we can do and how Bitcoin is going to help things. Its important for me to do this properly, professionally and with backing of people that believe in our product that are respected in the community. We think that we can then give and offer an amazing system to Bitcoin users thats going to help speed up the adoption rate of Bitcoin because whats easier than just having it right in your browser and making your payments, without flipping back and forth from any other wallet system? [45:11] AL: Right. I mean, these usability issues certainly are coming to the forefront as the price goes up. I mean, it all becomes just so much more pressing. Anthony, weve gone over our allocated time. I do want to ask you one quick question because weve reached out to the Bitcoin Foundation for a comment on Coin Validate proposal, which is essentially a Whitelist proposal of approved addresses - identity verified transactions. Does the Bitcoin Alliance of Canada have any sort of comment youre able to make on that issue at this time? *45:39+ ADI: Were having a board meeting tomorrow night. On the table is our policies. Thats what were going to be discussing because we think its very important to come up with clear policies from the start. The Alliance is launching to the public on November 30 th, so our membership structure and our nation builder, community building platform will be launched on 30th. We think its really important to come up with our policies right at the

beginning where theyre very clear cut and theyll be everything that we reference back to. Thats going to be some heated discussion on that tomorrow. We will be talking about the Coin Validation and the lists the Blacklist and Whitelisting. I cant give you any comments of what the group will decide at but I think what we will be able to provide is our policies and make them clear for our membership and clear for people that, this is where we stand and this is how we will be moving our organisation forward. [46:26] AL: Great. Well, thank you very much for your time, Anthony. I look forward to your continued work. Again, at the pace that youre going, I imagine well be talking again sooner than I can think. [46:34] ADI: Great chatting with you, Adam. Thank you. [46:36]

______________________________

ANNOUNCEMENT: Is the Bitcoin price in a bubble? Only time will tell but one things for sure, Bitcoin video passes are on sale. Normally, $75 for those paying in US funds visit www.bitcoinvideopass.com and spend only 0.1-0.2 bitcoins (0.12 bitcoins at the time this was recorded) to access all the talks and panels from the October cryptocurrency conference. See how easy buying with bitcoin can be and experience instant access, as soon as youve paid, without even reloading the page. Check it out at www.bitcoinvideopass.com. ______________________________

ADVERT: Hi. This is Jason King, founder of Seans Outpost and you are listening to Lets Talk Bitcoin. Seans Outpost is a homeless outreach in Pensacola, Florida and were proudly powered by Bitcoin. To date, over 13,000 meals have been fed to the homeless in our area, all purchased with bitcoin and through the generosity of the cryptocurrency community. Read more about us at www.seansoutpost.com. Food, shelter, Bitcoin everybody. www.seansoutpost.com.

______________________________

AL: I dont know where you stand on the Coin Validate issue but its a pivotal fight that has the potential to destroy Bitcoins network effect or give it the mainstream legitimacy it needs to propel cryptocurrency into global use. I have friends in both camps and they all speak with equal and opposite passion. Its entrepreneurs versus idealists, all over again,

except, theres a splinter group within the idealists camp, who find the ir short term goals lining up with entrepreneurs but with the aim of achieving a very different long term effect. To quickly go over the issue, as Andreas likes to remind us as often as possible, the most important part of Bitcoin is that its a neutral protocol. It doesnt matter who you are, it doesnt matter what youre doing it treats you the same and every bitcoin is interchangeable for any bitcoin or combination of fractions of many bitcoins, it makes no difference. Enter Coin Validate the, obviously what is needed, effort of Matthew Melon, a Psion of the famed banking dynasty. After spending the last few weeks making the rounds in San Francisco and New York, talking to the names and players in the Bitcoin space, he joined with Alex Waters, the now apparently defunct BitInstant CTO, the polarizing leader of the Avalon ASIC project, Yifu Guo completes the announced executive team. Yifu has been developing a tool for miners to run that, basically, lets them only accept transactions from addresses on an approved list. This is a crucial piece of infrastructure to make a program, like Coin Validate, work. To make the system work, they would need to convince miners and large pools to use this mining filter and simply not process transactions that are not on the approved list. This approved list would be controlled centrally by Coin Validate, acting as a trusted keeper. Their role is to associate Bitcoin addresses and legal identities. When two Whitelisted addresses do business, their presence on the Whitelist means Coin Validate, essentially, vouches that they have an identity. It remains to be seen if disclosing your identity in all business will be required or if that information is kept private, but in practice theyre the same. A central list of Bitcoin addresses and identities exist, accessible to government and hackers and the seas of a mostly mapped Bitcoin network, where the promise of a transparent transaction ledger means your privacy is only as good as the keeper of the list is willing or able to deliver. The thinking goes Bitcoin is a marvellous innovation, it makes the transmission of money cheap and easy compared to any system we have, but it has a flaw that could be fatal. In Western monetary systems, there are controls in place to make sure that certain types of individuals, terrorists and criminals, dont benefit from modern, financial infrastructure, which in practical terms means there are transaction limits, suspicious activity reports for every banking customer who deviates from their normal and acceptable use pattern. This infrastructure relies on it being impractical to deal with legacy currencies, like dollars, in a peer to peer fashion. After all, how many people would shop on the internet if the process for paying for it was to put your cash in a stamped envelope and mail it directly to the merchant? In the days of Searss catalogs, this may have been normal but now its not safe. That and we lack the patience. Bitcoin, with its online P2P nature has no reason to do any of these things. Christianitys Ten Commandments chiselled on many stone monuments around the world, has as much power over its adherents as Bitcoins blockchain. They cant force you to follow the rules but only those who do follow the rules can call themselves participants of the system. With that as background, the sights line up like this idealists look at the Coin Validate proposal and say, this is terrible. Even if you only get less than 10% participation once the foundation is in place, it will be easy for national governments to simply declare it illegal to make transactions with addresses not on the Whitelist, which means that anything not on the Whitelist is de facto on the Blacklist. Entrepreneurs say, are you crazy? There will just be two systems a Whitelisted part, where all identities are proved and transactions logged for tax purposes and a non-Whitelisted part, thats like the current state of affairs. A bit of a Wild West, lots of fraud, people happy to not pay their taxes and no consumer confidence to be found because of those things. The slippery slope argument is tempting. In reality, I

dont know who here is right and even if its worth talking about. These divisions in the community enamoured with Bitcoin are not surprising and, in fact, its a little odd relations have been so cordial to this point. Bitcoin is neutral. Its different things to different people and yet Bitcoin never changes, so this value is found in each individual who learns. I did want to mention the third group Ive noticed in this conflict. Theres a strain of idealists who view Coin Validate as a good thing and desired thing because they think it will make Bitcoin fail. Not fail, as in crash in value, mass wiping of wallets, GPUs and ASICs lying dead in the street, dedicated water cooling systems spasming viscous liquids into darkened storm drains but the understanding, by users of cryptocurrency, that Bitcoin has been compromised and its time to abandon ship. In any free market, but cryptocurrency specifically, events in one part of the ecosystem inform the development of others. People going the way of Blacklists would catalyse the equal and opposite reaction. We are already starting to see it in the announcement of the, much lighter white, Zerocoin chain not waiting for Bitcoin implementation at all, just going for it as an altcoin that will allow for on blockchain coin mixing, which makes this sort of tracking impossible. Luke Dashjr has led the charge from a different angle, releasing a piece of software to counter that release by Yifu, where Coin Validates contribution would only process transactions from addresses on the approved list, Lukes release does the opposite. It forbids miners from processing transactions to addresses that have already received a transaction. Simply put, Lukes change would mandate that every transaction made through the Bitcoin network use a new receiving address, which makes tracking funds exponentially more difficult and anything resembling a Whitelist, which relies on repeating use of the same approved addresses, flatly impossible. I dont know where you sit on Coin Validate and Im not really sure where I sit either. I take comfort though in knowing that controversial proposals like this, even when done by private companies, have a tangible and immediate reaction from the passionate community building the future of money and I look forward to what comes next. [53:37] ______________________________

Thanks for listening to Episode 62 of Lets Talk Bitcoin. Hackerspace GR was produced by Andreas M Antonopoulos, edited by Adam B Levine and featured Stefanos and Andreas M Antonopoulos. The segments on Crowdcurity and KryptoKit were produced and edited by Adam B Levine. Crowdcurity featured Esben Friiz Jensen, Jacob Hansen and Adam B Levine. KryptoKit featured Anthony Di Iorio and Adam B Levine. The Coin Validate (??) was written, produced, edited and performed by Adam B Levine. Music for this episode was provided by Jared Rubens. Questions or comments email adam@letstalkbitcoin.com. Have a good one. [54:24]