BITCOIN CORE VS KNOTS, SPAM VS FILTERS, QUANTUM THREATS, & SOCIAL ENGINEERING | Jameson Lopp - THE Bitcoin Podcast

Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:00):
I don't think that the group of people who would need to do the forking are sufficiently

(00:06):
motivated and economically relevant enough to pull that off.
That's the short version.
I believe we'll always be persistently debating what Bitcoin is.
And you can get into some really big disconnects when you have one group of people, usually
like the technical autistic people who are like, this is what Bitcoin is. Like, this is what the

(00:33):
protocol allows. And then you have another set of people who are more like, well, this is what
Bitcoin is in my head. When they say this is Bitcoin, what they mean is this is what I want
Bitcoin to be in my perfect utopistic world. Funny thing is that, especially within this debate,
I would say there's a lot of overlap in the sense that a lot of the technical autistic people who are talking about, well, this is what the protocol allows.

(01:02):
They tend to share a lot of the sentiments and can empathize with the people who say, I don't want to see JPEGs on Bitcoin.
Like they understand that and they want to see Bitcoin as money, not as art or arbitrary data storage or whatever.
but they know that it's an uphill, never-ending battle that they don't really want to fight.

(01:26):
That is what then makes you a target, yes, for wrench attacks, but more likely for social engineering attacks.
And so I would say other than like hacks of third-party custodians and hacks of your own hot wallets,
social engineering seems to be one of the top attacks, most lucrative attacks and most common attacks that are happening right now.

(01:48):
I find the political polarization, the partisanship around Bitcoin to be retarded.
Because obviously Bitcoin is anti-state in the first place.
It's like we reject central banks.
We reject state control of money.
So the fact that now we have different sects of statists arguing over whether or not it's good or bad is just kind of silly.

(02:16):
So I actually think it's a lot like porn.
A hundred years ago or so, I think there was some judge who basically said,
I know porn when I see it, right?
I know if something is pornographic when I see it,
but it's hard to specifically define the demarcation between art and porn and so on and so forth.
And I think it's a similar type of problem with this.

(02:38):
Who knows how long it would take to stamp out all non-monetary use of the blockchain,
but I think in order to do so you would really have to cripple a lot of the more advanced
functionality that is useful for like actually securing the money of Bitcoin. So you know I don't

(02:59):
think that that really high level aspect of the fact that people are always going to be arguing
about Bitcoin is a bad thing. I think it's a very good thing and in some ways it's very healthy
because if we ever get to the point where nobody's arguing about Bitcoin I would be afraid that that's
because nobody cares anymore, and Bitcoin is actually dead or dying.

(03:25):
Greetings and salutations, my fellow plebs.
My name is Walker, and this is The Bitcoin Podcast.
Bitcoin continues to create new blocks every 10 minutes.
The value of one Bitcoin is still one Bitcoin.
And if you're listening to this right now, remember, you are still early.
If you're not already, go ahead and subscribe to this show wherever you're watching or listening

(03:46):
and share it with your friends, family, and strangers on the internet.
If you want to follow me in the show on Noster and X, just head to the show notes to grab the links.
If you're enjoying The Bitcoin Podcast and want to support it by becoming a paid subscriber,
you can download the Fountain app, search for The Bitcoin Podcast,
and subscribe by paying with Bitcoin via lightning or fiat via card.

(04:08):
You'll get access to ad-free episodes and early releases of select content, plus you'll help support this show.
Head to the show notes for product discount links, go to walkeramerica.substack.com to get episodes emailed to you,
and head to bitcoinpodcast.net for everything else.
Without further ado, let's get into this Bitcoin talk.

(04:28):
jameson welcome back it's been it's been a while you were you were actually pretty early on i think
you were one of maybe like first 10 or 15 people max i had on the show so welcome back yeah i'm an
early adopter i think i was the third interview of peter mccormick back in like 2018 so yeah i i

(04:57):
Peter always talks about that.
That's where he like you took him out shooting guns and stuff, right?
I feel like that was like you planted some deep, deep spark in him that kind of smoldered for a while.
And now like I just like I love seeing what this transformation he's gone on and how he's just like now like, I mean, mayor of Bedford.
Then I don't know.
Yeah, the Bitcoin Batman.

(05:17):
Then maybe, you know, maybe prime minister one day.
I think the UK would be in much better hands under a Peter McCormack standard.
Absolutely.
Absolutely. And well, it's good to have you. I wanted a chance to talk to you about a bunch of things. We talked about some of them kind of pre-show, but just with the general theme of like filtering signal from noise in the Bitcoin discussion.

(05:39):
I think we're at an interesting time right now. We've got, you know, nation state adoption is on the tip of everyone's tongues as we wait to see whether the US government will actually buy Bitcoin in budget neutral ways or if they'll just continue confiscating it from the criminals and shadowy super coders out there.
You've got Bitcoin treasury companies popping up all over the place.

(06:01):
At the same time, you've got like a lot of technical debates in Bitcoin, which, I mean, some technical, some ideological and a mix of the two.
So it's like it's hard for people to know.
And this is as like people who are in the space, even it's hard to know, like, OK, how do you actually filter that signal from the noise?
And for newcomers, I imagine now would be a very confusing time to just be kind of going down the Bitcoin rabbit hole.

(06:22):
So I'm just like as a starting point, maybe like what do you think is the – we're just going to go fucking right into it.
What do you think is the most important thing, like the most important debate in Bitcoin right now?
And is it actually the one that is getting the most airtime?
uh i mean i think the most important debate should always be how do we continue moving forward and

(06:53):
improving bitcoin how do we not remain complacent with what we have because i think that complacency
and apathy are ultimately some of the biggest threats to the long-term viability of this
ecosystem. So kind of related to that, when the debates that are loudest and most popular

(07:19):
are not really forward-looking, but seem more regressive of like, how do we stop things?
I think that sucks up a lot of energy. And I know for a fact that a lot of
of respected, smart people in this space kind of get sucked in to these debates that can go in

(07:43):
endless loops and are probably never going to be resolved, at least in a way that
some people are hoping. So, you know, if you're talking about things like, you know,
the filtering or spam or, you know, what types of transactions should be happening on Bitcoin.

(08:05):
You've got one camp that is, I think, much more in the economic side of things of like, well,
protocol is complicated. Information theory itself dictates that you can hide information
in like an infinite number of ways.
And so we could try to stop types of information

(08:29):
that we don't like on Bitcoin,
but we'd probably rather work on other more interesting things
that are pushing us forward
rather than playing the whack-a-mole game.
And then there's another side that is just very upset
with what's happening right now
and feels like, you know,
can't devs do something, that meme?

(08:50):
And the devs are like, well, we could,
but we don't think it's a very good use of our time.
And so then you have interesting disconnects
between different sort of subgroups of people in the ecosystem.
Yeah, it's funny.
First of all, I was talking to you like a little bit before this
and just saying when I posted the fact that you were coming on the show here,

(09:15):
there was a lot of talk of you being a shit corner for this
and a spam apologist.
I've been called a spam apologist myself for I've had the heinous crime of making a meme about filters not working.
Apparently, people forgot that I am literally in this space as a court jester.
And if we can't laugh at ourselves, what are we even doing here?

(09:35):
Apparently, I'm now taken very seriously as a podcast or and influence or and things.
I don't take myself seriously, though.
Perhaps that's everyone else's problem.
The most serious tit coin podcast.
Yeah.
existence. Come on. The name of the podcast has tit in it. Like Jesus guys, you should know that
I'm trolling like half the time, maybe more, uh, 69% of the time conservatively, but okay. So,

(10:01):
and, and let's like, maybe we, we get through this part so we can get to some other questions,
but if we don't address this, it's going to, you know, it'll, it'll be awkward after the fact. So
Let's just get through it.
So, okay.
I don't like have a hard camp.
Like I'm not like team core or team knots on this.
And apparently being even like a fence sitter on this is now like a capital crime.

(10:23):
I believe that the economics and the game theory of Bitcoin are such that they will work themselves out in terms of transactions that you like.
if you think a transaction is invalid but somebody is paying a lot for it like okay uh you know but
you might need to pay more for your transactions for a little while that was the initial like

(10:45):
fear that was thrown around at this right was that look at how expensive everything's getting
these monkey butt jpegs are pricing out people in third world countries from using bitcoin on
chain like i heard that argument made like over and over and over again yeah obviously now that
argument has gone away because we've had like you know the mempool's been pretty empty and there's
been incredibly cheap transactions like what uh pun intended but what do you think is actually like

(11:09):
at the core of this debate is it is it actually just like like because i think bitcoin is is money
um like i use it as money every single day i think bitcoin's also a network and it's a protocol
and it's a ledger like that that is it it exists in multiple states at once i didn't know that that
was like that controversial um but apparently it is i where do you i mean i kind of know where you

(11:33):
sit on this but like do you view this as an actual like on either side an existential threat in any
way to bitcoin if you've accepted that we're living through the fourth turning then it's time
to get yourself some bitcoin and then go to bitbox.swiss slash walker and use the promo code
walker for 5% off the easy to use, fully open source Bitcoin only Bitbox02 hardware wallet.

(12:00):
Then get your Bitcoin off the exchange into your own self custody and prepare yourself for the
chaos that is to come. The world is going pretty wild right now, but Bitcoin is ripping and your
stack will soon be worth a heck of a lot more in fiat value than it is today as every currency
around the world hyperinflates. So now is the perfect time to get your security locked down
tight with Bitbox. I really want to emphasize that the Bitbox02 is easy as hell to use whether

(12:24):
you're brand new to Bitcoin, it's your first time setting up a hardware wallet, or you are a well
seasoned psychopath. It is Bitcoin only and fully open source. No need to trust me, you can head to
their GitHub and verify that for yourself. When you go to bitbox.swiss slash walker and use the
promo code walker, not only do you get 5% off, but you also help support this podcast. So thank you.

(12:46):
No. So I think that this is actually a fundamental aspect of Bitcoin as like an ecosystem or call it a community. A lot of people hate that word. We'll just call it the set of people who care about Bitcoin.
I believe will always be persistently debating what Bitcoin is.

(13:12):
And you can get into some really big disconnects when you have one group of people,
usually like the technical autistic people who are like, this is what Bitcoin is.
Like, this is what the protocol allows.
And then you have another set of people who are more like, well, this is what Bitcoin is in my head. When they say this is Bitcoin, what they mean is this is what I want Bitcoin to be in my perfect utopistic world.

(13:45):
And I mean, the funny thing is that, especially within this debate, I would say there's a lot of overlap in the sense that a lot of the technical autistic people who are talking about, well, this is what the protocol allows.
they tend to share a lot of the sentiments and can empathize with the people who say,

(14:07):
I don't want to see JPEGs on Bitcoin. Like they understand that and they want to see Bitcoin as
money and not as art or arbitrary data storage or whatever. But they know that it's an uphill,
never-ending battle that they don't really want to fight just because if you have a programming

(14:32):
language and a way to manipulate a database which at its fundamental level that's what the bitcoin
protocol supports a very very limited programming language and it is a store of data there's always
going to be some ingenuity that people can figure out of ways of stuffing data in there

(14:55):
in ways that were not originally intended.
So we could fight that battle and who knows how long it would take to stamp out all non-monetary
use of the blockchain.
But I think in order to do so, you would really have to cripple a lot of the more advanced functionality that is useful for like actually securing the money of Bitcoin.

(15:25):
So, you know, I don't think that that really high level aspect of the fact that people are always going to be arguing about Bitcoin is a bad thing.
I think it's a very good thing and in some ways it's very healthy because if we ever get to the point where nobody is arguing about Bitcoin, I would be afraid that that's because nobody cares anymore and Bitcoin is actually dead or dying.

(15:48):
If Bitcoiners aren't calling each other retards, then we've probably like – the Bitcoin experiment has failed basically at that point.
I think that's perhaps fair to say.
And I appreciate that because it seems that this also like it really feels like it ties in with the general ossification debate.
And I've always appreciated your perspective on this.
We talked about the last time you're on the show.
It's one of the key things we talked about.

(16:09):
And you've given numerous presentations on it and kind of relating it to the death or the ossification of email protocols and like how this thing sort of happens.
Like it's not like you make a decision and snap your fingers.
and and it feels like that's kind of like this on the underlying subcurrent of this uh this

(16:29):
filtering discussion is like how much should you keep making changes to things or to you know not
to things to bitcoin in order to achieve what you believe is the ideal state of the network
of the protocol versus like you know i don't know like maybe maybe you don't you know you don't need
to make too many changes like the i guess the irony to me is that it's like a lot of the people

(16:52):
who are in the camp of like we should basically you know quote ossify bitcoin so that bitcoin can
just be you know money and pristine capital are advocating for like other changes to bitcoin but
perhaps a lot of this is a is just a misunderstanding of policy versus consensus would that be a fair
characterization you know that's what i thought early on but at this point uh there seems to be

(17:17):
almost a level of delusion to it. So part of the problem is that you can't specifically say
a quantitative level at which policy effectively becomes consensus. It seems to be like 98, 99,

(17:39):
close to 100% if you really want policy to be effective. And even then, because we're talking
about what are the dynamics of gossip protocols and how data propagates over a gossip protocol
peer-to-peer network. And if you're trying to stop data from propagating, you really have to have,

(18:03):
I would think, at least 95%, if not more, of all the connections that just refuse to block it.
Because if you think about it, each node has around 10 connections to other nodes by default. And then if it's accepting inbound, it has like 130 max, which can create a pretty dense network mesh.

(18:25):
and so you know if if only one of those 10 peers of a given node is accepting and relaying it on
to others then you would set you would expect that that level of propagation would eventually
get through most of the network and make it its way to miners but of course even then miners can
always accept transactions directly through their own private apis which we've seen happen more and

(18:48):
more because people have built tools to do that and make it easier and so ultimately i think
one of the big disconnects in the filter and policy debate is the effectiveness. And I think
that standardness, which is another way of saying what transactions are allowed to be relayed,

(19:13):
standardness rules only really stop someone from creating, propagating, and getting
specific types of transactions confirmed if they have no real economic motivation to figure out
how to get around the standardness rules, which, as we've seen, is fairly easy. I think that the

(19:35):
sub one sat per V byte summer is just more hard evidence that that is the case, that we've seen
more and more transactions that are nonstandard in the sense that they're paying under the default
policy fee rate, and they're getting mined.
And from what I've seen, a number of them are actually just being propagated over the

(20:00):
peer-to-peer network just because there is a small enough percentage of nodes that are
accepting and relaying them on.
So I think that trying to play that game is opting into a losing war.
You really, really have the odds stacked against you.
So it's very difficult to imagine a situation in which you could convince like 95, 96, 97, 98 percent of people to all switch to your chosen implementation because of that.

(20:34):
And then, of course, there's other reasons why I would argue that Nots is not the greatest implementation to run.
But that's more from a software development lifecycle quality assurance practices, techie engineering perspective.
Yeah, I've got to say the incredibly cheap fees right now make me feel like an idiot for making a bunch of transactions earlier this summer when fees were not cheap.

(21:02):
Just leaving sats on the table.
but but that's a that's a different story you know i think i'm curious what you what you think i guess
about like is is this going to ultimately will this type of fracture does it have the potential
to lead to actually a fork do you think or do you think that's just posturing it's not actually
going to get that far because there's not actually a there's no reason for a fork because this is

(21:24):
more of a policy versus a i mean again how do you define policy versus consensus that's like a
you know, a spectrum, I guess. But like, does this eventually lead to something? Does the fracture
get deep enough? Or is it just like, we're just going to have a, you know, these multiple
implementations, maybe more spin up, and that just kind of is what it is?

(21:44):
I don't think that the group of people who would need to do the forking are sufficiently motivated
and economically relevant enough to pull that off. That's the short version. I would love to
see them try. No one can stop them, right? Anyone can do whatever they want. People can band together

(22:05):
and create a fork and they can get hash rates put together and tweak their client implementation
as needed. But if you go back, you look at the Bitcoin cash fork, which was by far the most
controversial and had the greatest amount of economic powers on both sides vying for the

(22:29):
the you know the real bitcoin crown um i think like compared to that the the the sort of the
weight and the power of the two sides are nowhere near as evenly matched and i think that people
involved understand that and they don't even want to try to go down that path i don't think it would
end well yeah it also just feels like at this time with bitcoin being like a much more mature

(22:56):
asset than it was at that point there's just a lot more inertia like you're you're you have to
have a pretty darn good like reason and i i just don't think we we get there i mean you know without
uh i guess without getting into like the the deep kind of technicals of this just at like a

(23:16):
qualitative level are you of the opinion that basically i mean like quote spam is just it's in
the eye of the receiver like that a subjective value judgment or can one objectively define spam for like in this instance I mean because I heard both people on both sides say that spam is in the eye of the receiver and it subjective but they used it to make completely different arguments

(23:39):
And so I'm just curious where you fall on that.
So I actually think it's a lot like porn.
are you familiar with i think this was like a hundred years ago or so i think there was some
judge who basically said i know porn when i see it right i know if something's pornographic when
i see it but it's hard to uh specifically define the demarcation between like art and porn and so

(24:04):
on and so forth um and i think it's a similar type of problem with this and and that's why
even if you can come to a like rough human consensus of which bitcoin transactions are
spammy like obviously if it's jpeg i think pretty much everyone would argue like this is not a
monetary transaction um it becomes difficult to objectively you know at a technical code level

(24:33):
come up with a way to encode that as consensus to sort of automate the blocking of it.
Now, obviously, it is possible in the sense that you can look for the specific fingerprint,
essentially, of the way that people are doing taproot inscriptions.

(24:53):
And you can say, like, if they're putting data that we don't understand in this part
of the transaction, then we just consider it invalid.
But this is where it turns into that whack-a-mole game of, you know, you create a rule to stop data from being here.
Well, the spammers are then just going to find somewhere else to put that data.

(25:16):
And this is not just about Taproot, for example.
People have been putting arbitrary data in Bitcoin for a decade.
Peter Todd, I think, was one of the first people to do this as a proof of concept in which he actually wrote a Python tool for encoding arbitrary data into P2SH inputs.

(25:38):
And I think that that's how someone encoded the entire Bitcoin white paper into the blockchain many years ago.
So, you know, it doesn't require Taproot.
Taproot made it a little bit easier from a coding standpoint.
But there are many places where you can put data and there's almost an infinite number of ways that you can encode data to try to hide it and make it less obvious.

(26:03):
And so, you know, how far down the rabbit hole do we go playing that game?
I think that a lot of the people who are more long-term deep thinkers have already played that out and basically decided,
I don't really like what the expected ROI of us grinding away on this problem for years and years and years.

(26:25):
because also you have to remember that there's a sort of velocity mismatch between how quickly
you can code up new rules, whether that's policy rules, consensus rules, so on and so forth,
get them pushed out to the network, get them adopted by a sufficient threshold of the network

(26:47):
to actually work, to do what you want, versus the adversary side of them coming up with new places
to shove data.
They don't have to get consensus from anybody.
They just start building, writing tools
and pushing it out there.
So I think that it would be a constantly
like losing cat and mouse game as well.
It would be really frustrating.
And that's why a lot of developers

(27:08):
don't want to spend their time
on that type of frustrating game.
Yeah, Callie had a post the other day
that I thought was pretty spot on.
And again, this is I am a I am a non-dev, right?
I'm not not technical in any meaningful way compared to somebody like Callie.

(27:30):
And and somehow I find myself just kind of in the in the middle of this in the debate.
But Callie is somebody who I respect very much as a dev.
Love the stuff he's building with with Cashier.
I mean, just released the the bit chat implementation on Android as well.
Like the guy is hardcore.
But he said, use whatever mempool filter you want, your mempool, your rules.
It doesn't change anything.

(27:50):
It doesn't affect me at all.
I couldn't care less.
The only thing that's concerning is the artificial LARP instigated by podcasters.
I'd like to say, Callie, I don't appreciate the dig at podcasters there.
But, yeah, okay, I'll let it slide.
And marketing people without any technical background or competence divides our community.
It isn't a problem yet, but it will become one when Bitcoin is attacked by serious adversaries that threaten to fork it.

(28:11):
NFTs are not serious adversaries.
They're not even in the room with us right now.
We've seen this play out before in 2017, and it will happen again.
It's a classic divide and conquer.
We are currently divided.
Conquer is next.
Strap on.
There is only one Bitcoin.
Safe to say that you're in agreement with that general consensus.

(28:32):
Yeah, like I said, I mean, I think the actual level of the divide is magnified if you're on social media.
I think that actually the vast majority of Bitcoiners don't even know that this debate is happening.
Most of them aren't even on Bitcoin Twitter or Nostra or any other Bitcoin-specific social media.

(28:59):
And then even amongst the ones who are, they mostly find it just boring.
it's like the from from i think the average user's perspective they're like you know bitcoin's
working for me i don't see what you people are so upset about and you know what uh that's a that's
a perfect way to transition out of that conversation um but i i appreciate you addressing it because

(29:22):
again i think it's like a lot of assumptions are made about what people think and uh and what their
position on things are and it's like you can you know that's why that's why podcasters are so
important to this because we can just ask ask those questions i appreciate you providing that
and i'm gonna have to forgive callie for taking the the shot of the hip of the podcasters um okay
so other side of things that i wanted to talk about was more in the uh in the meat space versus

(29:48):
the digital space and that relates to just generally wrench attacks like we're over a hundred
thousand dollars per bitcoin i know it's crashed down to whatever it is today 100 and oh it's in
No, in the 112,000 range.
My God.
Oh, no.
It's over.
It's all done.
But, okay, we can all agree that's a ridiculously high fiat number.
It's going to go ridiculously higher in fiat terms.

(30:11):
We're also at this point in our evolution as humans where there's a lot of cycles of change kind of concluding at the same time.
And that time is like now and in the next 10, 15 years.
It feels like things are going to get really messy and things can get really dangerous for people who are holders of Bitcoin and crypto assets.

(30:33):
I'm curious if – so you're obviously a co-founder, chief security officer at Casa.
I'm a Casa customer, full disclosure.
Casa is not a sponsor of this podcast.
I just genuinely think Casa is a great solution and I use it myself.
and now it is impossible for somebody to take or they cannot nobody can force me to send them any

(30:56):
bitcoin uh even if they come into my house and if they come into my house they will be met with
a great deal of violence so i wouldn't recommend it uh but the point is like i literally don't have
the ability now like the amount and that that's like that is awesome that has allowed me and carlo
to sleep better at night um so thank you for building that but i like this trend is obviously

(31:18):
accelerating. It seems like a lot of it's happening in France and places where you don't have the
ability to have, you know, firearms. Do you see this continuing to get worse before it gets better?
Do you see, you know, do you see this as something where does education fix this, where it's like,
hey, I'll put a, you know, like Peter McCormick suggested in an episode a long time ago,

(31:38):
I just want to put a sign on the, like an ADT sign in the front of my house. Like, look,
you can't get it. Like, I don't know. This is the one thing I worried about. It's like,
even though like i cannot send somebody bitcoin but if they come into my house
and they've got a gang of a bunch of people and manage to you know subdue me it's going to be
very difficult but if they do like what if they're just too dumb to know that like that i can't do

(32:01):
that like yeah what if they don't believe you yeah what if they don't believe me they think i'm
how do you think about this how do you address this how should people approach this situation
because it's something people should be thinking about yeah well that's a lot of questions let's
So hopefully we do eventually get to the point where Casa is such a household name that a sign would actually work.

(32:24):
But right now, I think if anything, it would draw more attention than it would necessarily deter someone.
So the first thing – and I know that one of the questions that came in on social media was like, why does Jameson always FUD wrench attacks?
And it's a fair question because it is a self-serving thing.

(32:46):
It is one of the many security aspects that we claim to help people with at Casa.
And so I referred them actually to my wrench attack talk at Bitcoin Vegas this year, which I started off by saying, look, I'm not here to FUD.

(33:06):
I want to put this into very specific context.
And that is on an absolute value attack number perspective, it's really small.
Like the 99.9% of Bitcoiners are not going to get wrenched attack.

(33:27):
There's probably several other nines after that, right?
We're aware of 240 attacks.
We, I would estimate there's probably around a thousand attacks because we don't know about the vast majority of them.
They tend to go unreported or underreported for various reasons.

(33:47):
But even if there's a thousand, you know, out of the total number of Bitcoin holders, that's quite small.
However, within the context of Casa and our clients, our target market, we're going after helping whales and people who have a life-changing amount of Bitcoin that they want to protect.

(34:11):
Those people are in a much higher risk bracket than the average pleb who bought a few hundred or few thousand dollars on Coinbase and doesn't talk about it on social media.
Yeah, they haven't made it a part of their public identity.
They're not leaking a whole bunch of data left and right that they're associated with this stuff.
So for the people who are more high profile, the people who have been in this space for long enough time that there's data floating around out there that this person got into Bitcoin when it was $1,000 or $500 or $10 or whatever.

(34:46):
You know, that's the risk profile that we're trying to help people and, you know, mitigate this edge case.
So to answer the question about getting better or worse, it's roughly correlated with the exchange rate.
And as we were both saying, we expect the exchange rate will go a lot higher over the long term.

(35:08):
So I expect that from a relative perspective that the wrench attacks will also go higher.
I predicted that we would have an all-time high in wrench attacks at the end of last year.
I said 2025 is going to be an all-time high just based upon the trajectory that I'm seeing.
And we're well on our way to average, I think, at least one per week, which will be by far an all-time high.

(35:37):
So, yes, it's going to keep getting worse before it gets better.
I think it's still going to remain fairly niche in the sense that this type of crime is an edge case.
There's homicide and then there's aggravated assault slash robbery.

(35:59):
These are the more violent crimes.
Thankfully, they tend to be more rare, though that really depends on where you're living and a number of different variables in play.
But related to – relative to all of the other types of things, like the average person needs to be more worried about custodial risk if they aren't taking self-custody.

(36:26):
That is a much bigger risk for people.
They need to be worried about inheritance loss.
I think that's a risk that not many people think about, regardless of if you're using third party custody or self custody.
Self custody is even trickier because you have to put more effort into it up front.

(36:47):
And just like general cybersecurity privacy stuff, like trying to prevent information from being leaked about you in the first place, because that is what then makes you a target.
Yes, for wrench attacks, but more likely for social engineering attacks.
And so I would say, you know, other than like hacks of third party custodians and hacks of your own hot wallets, social engineering seems to be one of the top attacks, most lucrative attacks and most common attacks that are happening right now.

(37:23):
And that's a result of the fact that we have made so much progress on the security side of things over the past 15 years.
Then now, especially people who are doing self-custody, you probably at least have a cold storage key management device.

(37:43):
Regardless of whether or not you're using multisig, you're probably not keeping millions of dollars in a hot wallet.
So you're probably safe from the average hacker getting on your computer and stealing everything.
And so what does that mean?
Well, it means that the weak point for a lot of people actually becomes their own head.

(38:03):
It becomes easier for someone to hack your brain to get you to then bypass and authenticate whatever security protocols you have in place, regardless of if it's your exchange account or your self-custody setup.
we're seeing more and more sophisticated social engineering attacks where these guys are getting

(38:27):
better and better at kind of staying on their feet. And they'll use any number of ways of
trying to get someone on the phone. And then once they get them on the phone, they might start off
saying, yeah, we're from Coinbase. And then the person's like, oh, I don't have a Coinbase account.
And they're like, oh, nevermind. They hang up. And then they call back and they're like, oh,
we're from Kraken or we're from Trezor or we're from Ledger or whatever. And it's worked. Like

(38:52):
I've talked to people who have actually had that happen to them. Like, didn't you think it was kind
of weird that you were getting called by multiple different crypto companies who have never called
you before within the span of an hour or two? But that's the thing is that the tactics that they use,
they've obviously honed them over the years where they know the right set of words and phrases to

(39:14):
incite fear and doubt into someone that makes them want to implicitly trust that whoever is on the
other end of the phone with them is actually trying to help them secure their money. But of
course, what they're really doing is they're getting tricked into sending all their money to
an adversarial threat actor. It's crazy, too, because I mean, all of these different data

(39:38):
leaks that have happened recently, I mean, and not just recently for four years, that's the one of
horrible things about the massive data net data capture net that is taking place with all of these
exchanges through a lot of it forced because of aml kyc compliance it's like you are forced to
give them so much information um and like they're going to at some point have a leak like pretty

(40:01):
much all of them have like coinbase had that massive leak just recently and like that's just
like that sucks because if you have your Bitcoin in cold storage and you're, you know, if, or if
you're like me and you just don't pick up any phone call ever and, you know, just refuse to check
the emails and maybe use a burner email specifically for a different thing. Like,

(40:21):
you just like, it's, it's, they're never going to get you. But for a lot of people, especially like
I get it, if you're newer to Bitcoin or honestly, like, and I don't mean this in a derogatory way,
just in a reality way, if you're a little bit older and like you somehow like got into Bitcoin
too like you tend to be a little bit more susceptible to digital social engineering
because like a lot of it's just more unfamiliar to you but that's not to say the younger people

(40:44):
aren't taken in as well but i mean if for for that it's like i don't know how you like protect
against that beyond just trying to tell people like look all these companies they're way too
big to actually have good customer service they're never going to call you like it's just it's just
not going to happen. Like, just don't pick up the phone. But they do.

(41:04):
I mean, the elderly issue is definitely a big one. And so like what we've seen,
some of the bigger social engineering attacks, like the ones where the attacker is getting
tens of millions, if not hundreds of millions of dollars. You know, there was one a year ago
where they got $250 million from one guy.

(41:27):
And now, just a few hours ago,
ZachXBT posted one that just happened
where they got $94 million.
And if you look at these things,
well, first of all,
these people are keeping in single signature wallets.
We did learn that the one a year ago,

(41:47):
they were keeping $250 million on a Bitcoin core,
laptop, like single hot wallet. And I can understand that, right? Is that people tend
to keep using whatever has been working for them. It's very difficult. I've been doing this for a

(42:12):
decade. It's been very difficult to get someone to upgrade their security because the default thing
is it's worked so far.
Don't touch it.
You know, I don't want to break anything.
And so that can lead someone
to continuing to have
serious vulnerabilities

(42:34):
and they feel like they're safe
until the vulnerability gets exploited.
So I suspect that the one
that just happened for $94 million,
it sounded like it was one of those
multi-hop social engineering scams again,
where they initially said we're from Coinbase.
And then the person was like,
oh, I have all my money on the Trezor.

(42:55):
And so they called them back and they're like,
we're with Trezor.
And they did something to probably get them
to leak their seed phrase or something.
And they swiped everything.
So yeah, I mean, it's tough because
sort of geriatric targeted scams are not a new thing.
it's just that bitcoin has amplified that uh it's made it a lot worse you know there's a lot of uh

(43:20):
elderly scams that happen in bitcoin that are just like um atm based right so there's scareware
scams of like we're from the irs and you need to pay a penalty and you have to do it at this
bitcoin atm and people do it and they feed tens of thousands of dollars in the bitcoin atm um
or or other similar things of people claiming to be law enforcement like we're going to arrest you

(43:42):
if you don't give us or we have arrested your nephew and then they have a deep fake audio of
the nephew and you know it's just getting crazier and crazier and it's i think difficult to expect
anyone to maintain a high level of you know adversarial thinking that's just it's not a

(44:03):
normal way that the normal people operate uh and and then it gets even worse you know as you get
older and uh you know perhaps tend to be like more trusting let your guard down and so on and so
forth especially around high tech type of things that you don't fully understand how it works in
the first place yeah i mean i i worry about uh about the boomers when it comes to ai like videos

(44:28):
because they like they'll see a video of like a you know you know jesus riding a rainbow unicorn
but can you where where was this photo taken you know obviously that's a little bit of an
exaggeration hopefully but maybe not like it's it's going to get really messy i feel in these
these next couple of years i mean the other thing is though that it's it's tough because like
uh i feel that and this may not be a popular thing to say but like maybe self-custody like

(44:54):
is not for everyone like so yeah um i'll actually somewhat agree with you there um and in the sense
that i think that there are ways that you can improve the self-custody situation so first of
The problem in pretty much all of these cases is that there's only one key and it's only this one person who is dealing with a single point of failure that's protecting millions and millions of dollars.

(45:19):
And I would think in pretty much all of these geriatric cases, they would have been far better off if they actually had expanded their custody setup to be a family-based setup.
And this is where multi-sig shines once again.
But basically think of it as checks and balances.
no single person should be able to click one button and send the entirety of your net worth

(45:43):
in a few seconds that's just insane i mean it's great that bitcoin gives you the power
to send a hundred million dollars anywhere in the world in a few minutes but it comes with a really
really high level of responsibility that you have enough safeguards to prevent that from happening
when you don't want it to happen.
So I think that it would make sense to have a family set up

(46:06):
where you have multiple key holders and you basically,
yeah, sure, grandpa who has stacked his generational wealth
for the past 30 years has the sort of main access to the account
and can initiate transactions.
But if you want to actually be able to send a large amount of money,

(46:28):
You need to get like the wife, the son, the daughter, you know, other people to co-sign on that.
And so it's not going to happen automatically without any sort of peer review of the process.
And that where I think in pretty much all of the social engineering cases I never heard of a social engineering case where there were multiple people on the victim end of the line It always one person that getting social engineered I think that if you had multiple people

(47:02):
then it's much more likely that one of them is going to be like,
wait a minute, this doesn't all add up.
I think that's totally fair.
The idea that self-custody is kind of like a scary thing, right?
And that's like, I did not have, and knock on wood here,
but I did not have any issues with my single SIG setups
before i also didn't have like i spread sats out across like a couple of different uh you know

(47:26):
hardware signing devices a few different vendors you know try to reduce the risk there prior to
getting uh prior to getting a you know multi-sig set up with you guys but like it is it is kind of
scary like you know i still would get like a little bit nervous every time i like even though
i'd sent a lot of bitcoin transactions like you get a little bit nervous every time you do it it's
like you know you're just copying and pasting it but you're like well what if my computer changed

(47:48):
it in the middle you know you think all these like crazy things what if i accidentally just
fat fingered and put something else they're like what if i screwed something up and so like i get
that that worry for people i mean i guess also the the other side of this is that a lot of people are
just going to end up getting exposure through things like the bitcoin etfs right they're you
know and if they have capital that's trapped in a you know a 401k or whatever that you know makes

(48:11):
makes a lot of sense to do but yeah it's it's it's it's hard like social engineering scams are never
going to go away. We're not going to solve for that. Physical attacks aren't going to go away.
I'd be curious, though, you don't happen to have any data on the relative value of social
engineering Bitcoin or in crypto scams versus physical attack scams. I mean, it's probably

(48:34):
it's got to be orders and orders of magnitude, right?
It's definitely a lot higher. I'm not aware of any site that is tracking social engineering
thefts. But like I already mentioned $350 million in just two thefts in the past year. And that
blows away, you know, all of the wrench attacks that we're aware of. So, yeah.

(48:59):
I can't imagine having $250 million in Bitcoin, first of all, that's just an insane amount.
But if I did have that much, I cannot imagine just keeping that like in having one single point
a failure for that like it's all in one stack like that is terrifying and like and you and you
assume that somebody who's got that much it's like well they must have better security practices in

(49:20):
place because like why of course you would right you've got but i guess not like that's i think
that's the kind of the mind-blowing thing for me is like you'd think people if they had that much
money would know better but it's like no it's uh you know it's a uh it affects people across the
board i guess it's wild yeah well i mean look a lot of people aren't security experts um

(49:44):
i'm sure you're well aware of what happened with luke a few years ago um you know even even being
an extreme uh og bitcoin wizard doesn't make you uh not susceptible to having a flaw in your setup
And so he's a really good example because we've already said there's a lot of OGs out there who they got their stack many years ago, possibly before hardware wallets even existed.

(50:17):
And they got their setup and it's worked.
Why change it?
And they're probably some of the biggest, most vulnerable targets now.
yeah that was uh that was i remember as that was unfolding and all of a sudden
the fbi is getting tagged in things and i believe that led to the doxing of like

(50:40):
pretty much all of core right uh yeah it was one of the uh you know core contributor
meetups i i think that they had um several years ago everybody got put on a list
that's that's that's that's wonderful great uh we we love we love lists uh now that's uh that's

(51:01):
quite messed up but yeah it's a it's a great example like you can be you can be a very smart
person and still make dumb mistakes but okay i appreciate the context on that do you have any
like just like uh obviously without giving anything away about you know your personal uh
exact setup for different things but like do you have any tips just as far as

(51:22):
how you think about like the mesh between physical and digital security and like how people should
best approach that. I know you've written a ton on this, but like if you had to distill that down
for people who don't know how to read, like how do you, how do you break that down? What do you
think are kind of like some of the most important things people should look at? Okay. Say like

(51:43):
multi-sig is a really great place to start in the digital side, but how do you blend that with the
physical side, if that makes sense. Yeah. Well, so I think that the best way that you can
strengthen digital security is by turning a cybersecurity problem into a physical security
problem. And the reason for that is physical security is a lot less complicated and is a lot

(52:08):
better understood because we've been doing it for all of human civilization. So this is why
one of the reasons that Kasa is built on having a bunch of keys that are on hardware devices that
Kasa has no input into whatsoever, we don't control the actual development process or the

(52:34):
supply chain or anything about those because we don't want to have even the slightest ability to
corrupt or introduce some sort of vulnerability is that a it's a lot easier to think about
the security of a key when it has a physical instantiation like you can say i physically

(52:57):
took this and i put this in this physical location it has these physical security safeguards around
it. And B, of course, is that it's by taking your very sensitive data off of the internet,
you're automatically shutting out the 8 billion potential hackers that you're literally connected

(53:21):
to at all times. It's like, you know, when you put a device on the internet, you're putting a
door there that 8 billion people can start knocking on. And so that just greatly limits
the number of people that are going to even try because um in order for someone this is like one

(53:42):
of the reasons why wrench attacks are so rare is because the risk is so much higher someone has to
put themselves in physical danger in order to attempt a wrench attack or attempt a physical
robbery or theft as opposed to a purely digital type of attack. So the ROI for digital attacks

(54:07):
is just a lot higher because you can try them over and over and over again. And like the worst
thing that usually happens to you if you fail is nothing. You just try something else. Maybe
eventually if you're successful, then you'll have law enforcement coming after you. And then
A lot of other sort of OPSEC issues will come into play as to whether or not you get away with it.

(54:30):
But the actual risk to you while you're performing the attacks is practically zero.
So pulling things into meat space, I think it simplifies them and it raises the cost of an attack substantially in a variety of different ways.

(54:50):
I think that's a really kind of important point to stress.
It's like there's a very asymmetric advantage that an online, a digital attacker has because, again, every time they attack, they're not risking getting shot in the head by the person you're trying to attack.
Like in the meat space, it's like you could do that attack once and it could be the last thing you ever do.

(55:11):
And like especially in America where I'm very glad we have the ability or the right that our right is protected, I should say, to carry and bear arms.
That's a very dangerous attack.
And I mean, that's I have to imagine that's why even though the total number of rent tax is low, it's like the majority of these seem to be happening in places with very restrictive laws about self-defense.

(55:35):
Fair to say, like it feels like a lot of France, a lot of like Thailand.
Those those seem to be the ones that I see pop up the most.
I don't know if that's just like a, you know, random happenstance.
But is that kind of what you've seen as well?
I mean, it just it makes logical sense to me that if you got a country with a bunch of people who anyone could be armed, that raises that bar for wanting to subject yourself to potential violence as an attacker even more.

(56:00):
Yeah, I think, you know, on a relative perspective.
So with my physical attack archive, America has the highest absolute number of attacks, but that is probably biased for a number of reasons.
A, because if an attack happens and it's published somewhere and never translated into English, I'm a lot less likely to learn about it.

(56:29):
My news alerts probably won't pick up on it.
B, just differences in media and what they may be interested in reporting on can affect that.
And also America is a fairly large country and diverse.
And so we tend to have higher crime in general than a lot of places, a lot of first world countries at least.

(56:52):
But from a per capita standpoint, the country or the area with the highest per capita is actually Dubai.
And on one hand, that shouldn't surprise people because obviously the Dubai crypto scene is a thing.

(57:15):
There have been nine attacks there that I've cataloged.
And if I recall correctly, some interesting facts is that 100% of them were high value OTC trades.
They weren't like home invasions or people getting targeted because they were flaunting their wealth or whatever.

(57:37):
It was literally like I think the thing about the traders is you don't have to do a lot of rooting around to find them.
They're literally advertising their services on various websites.
So you just go sign up for OTC trading site or peer-to-peer.
Join their telegram group.
Yeah, yeah.

(57:57):
And you're like, hey, can we swap a few hundred thousand dollars for Bitcoin or whatever?
And so then they'll literally meet you wherever you tell them to, which in pretty much all of these cases tends to be a hotel room.
And so once they show up at the hotel room, of course, they just get grabbed and thrown in and tied up until they hand over whatever they brought with them.

(58:25):
Um, but also to Dubai's credit, 100% of those attackers were caught within a few days.
And I think that that's probably because I think Dubai is one of the most highly surveilled
cities.
You know, they've got cameras everywhere.
And so they'll just sort of trace back, uh, the attackers until they, they find out like

(58:47):
who they are, where they came from and then go pick them up.
But it's hard to say, I think, at a very high geographic level that one place is necessarily riskier than another.

(59:07):
There's general rule of law on what is law enforcement like and how much crime is there at a really high level.
But I think a lot of it just comes down to people's privacy practices and how they go about living their life and who they choose to interact with.

(59:28):
It's like a number of these situations, the victims, in a sense, put themselves into the high risk situation.
Yeah, I guess it's a good reminder for especially if you're a single guy at a Bitcoin conference to watch yourself.
Yeah, and look, there have been multiple cases where guys have been drugged.

(59:50):
So it shouldn't just be – it's no longer just like women worrying about something getting put in their drinks.
The guys have to be worried about that too.
And I think one guy believes he was given a laced cigarette.
So you never know.
Don't don't ingest or don't accept things that you're going to ingest from people that you don't trust with your life.

(01:00:15):
Essentially, that's it's just a good policy all around.
I think, you know, that's definitely I appreciate those those perspectives, though.
I wanted to ask you as well.
this is a taking a kind of a different angle on potential threats.
And that is like the,
the quantum threat broadly.
So I know there's kind of a debate and this obviously isn't,

(01:00:36):
I mean,
depending on who you talk to or which company is promoting their recent
advances and that they're just on the brink of,
you know,
quantum,
whatever this doesn't seem like something that's a really immediate thing,
but it's something that Bitcoiners are obviously talking about in advance.
And that's a good thing because like,
there is this question of what do you do with the coins that are basically thought to be lost

(01:00:57):
that may be in addresses that are quantum vulnerable. And I'm curious if you can give
a little bit more context on this debate from kind of the technical point of view, and then
just like, how do you think about that in terms of like, what should be done or how much of a
legitimate threat is that that needs to be acted on like now? Or is this, you know, hey, we've got

(01:01:18):
We've got plenty of time. Let's take our time. Let's think through this and figure out what to do.
So one of the reasons why I started talking about quantum stuff a year ago, it was kind of a natural
evolution and step from the previous year of me talking about ossification.

(01:01:39):
And that's because this is a problem that is not going to happen in the next year or two.
but you know 5, 10, 15, 20 years it becomes more and more likely and so the fact that bitcoin is
getting harder and harder to coordinate changes around in addition to the fact that this is a very

(01:02:00):
novel problem where we've never had a bitcoin upgrade before where people needed to move their
funds it's always been opt-in oh you can move your funds if you want to but if you don't care
about the new features than whatever.
But because this is a unique game theoretic situation
with regard to like what could happen

(01:02:22):
with the liquidation of massive amounts of Bitcoin
suddenly coming back into circulation
and how that affects all Bitcoin holders
and everyone who's operating within the Bitcoin ecosystem,
mainly as a result of confidence
and the purchasing power of the Bitcoin
and what the demand for it and all of the related services would be, I think that this is potentially an existential crisis that is out there on the horizon.

(01:02:54):
And it makes sense for us to start planning for contingencies as early as possible.
So, you know, I have a BIP that is not focused on the actual quantum cryptography at all because I'm not a quantum cryptographer, but I found the game theory of what to do afterwards to be much more interesting.

(01:03:16):
And so that BIP is basically saying that I think that it would be best for us to have a multi-year, multi-phased approach where we start restricting what is possible to push people to fix their security.
because I don't think an opt-in quantum security solution is going to suffice.

(01:03:41):
It's not going to prevent massive harm from occurring,
even to all the people who have opted in to quantum secure Bitcoin scripts.
Because all your Bitcoin can be in a quantum secure locking script,
but then if 5 million Bitcoin get dumped on the market,
you're still probably going to be upset about that.

(01:04:03):
now that's so is that bip 360 or is that a my bip does not have a number yet it's still in the
draft pull request phase but okay the way that it's set up is that it assumes bip 360 or
similar bip gets consensus and gets activated and then my bip is like what do we do

(01:04:29):
once that activation occurs okay and so i mean so part of it is like having these quantum resistant
addresses right that people need to move over to but again like the other part of the debate which
is perhaps more like like again i think it's like idea a lot no no not necessarily ideological like
it's a different sort of question like what do you what should be done like with these these coins

(01:04:53):
like yeah because on the one hand i as i'm you know as i think through this it's like well
I wouldn't support, you know, burning these, basically taking these coins and burning them.
Because what if like somebody, they actually are still belonging to somebody, you know, and somebody hasn't lost them.
Yeah, you can't know. There's no way of knowing.
We can't know. And so like, and if you do that, does that not kind of invalidate in many ways, you know, Bitcoin's whole reason for existing?

(01:05:20):
And like that's a really, it's a difficult balance to strike.
Like, I mean, where have you have you come to a formal like opinion on that yet?
Like that you're like, yep, this is this is kind of what we got to do.
Or do you think this, again, still like kind of needs to be teased out in this like multi-year, multi-approach process, like depending on the timeline of quantum as well?

(01:05:41):
Yeah, yeah.
This is why I found this to be a fascinating issue to think deeply about is because that assuming that a cryptographically relevant quantum computer is created, someone is going to be upset because some inviolable property of Bitcoin is going to be violated.

(01:06:07):
And that's regardless of if we do something or if we do nothing.
And so there are moral quandaries at play.
I have a lengthy essay that I think I published back in like February or March where I was thinking through all of the pros and cons and the objections.
and ultimately I think that all of the moral questions

(01:06:32):
essentially become moot in the sense that
what you need to focus on is the game theory
of the economically relevant actors
who are holding Bitcoin
and who are powering the Bitcoin ecosystem
and what they can do
and so I think that from a game theory perspective
like the interesting thing about this issue of like freezing or burning quantum vulnerable coins

(01:06:58):
is that it's a soft fork like you don't have to get everybody to agree uh at a in a sort of worst
case um catastrophe situation if a if a quantum computer appeared and and we had reason to believe
that it was scooping up coins, we could just tell all the miners, you know, stop confirming

(01:07:22):
transactions. And they could keep creating blocks and keep getting the block reward and just stop
confirming transactions until we figure out what the hell is going on and what we can do about it.
And so I think that while like the bit that I've been working on has mostly been focused on
the happy long-term path under a scenario where quantum computing continues to progress steadily

(01:07:51):
and slowly enough that we can reach a point where there's general agreement that it will become
a threat and that we should do something about it. And then what is the happy path for us trying to
create a migration path for all of the Bitcoin users, and then some way of protecting the

(01:08:13):
economic value from just falling into the hands of an attacker.
Now, the easy, simple thing is just you burn the coins, you don't allow quantum vulnerable
scripts to be spent from.
I think that there's still room for research and development to come up with alternative
ways of doing a quantum safe recovery. And so the BIP currently says, we believe that it should be

(01:08:41):
theoretically possible to come up with some sort of zero knowledge proof scheme, which would work
for hierarchical deterministic wallets. Because a quantum attacker would not presumably have any
information other than the single private key that they reverse engineered based upon the public key
that's on the blockchain, they wouldn't know like your XPUB and your XPRIV and your derivation

(01:09:03):
paths and stuff. And so it should theoretically be possible to encode a zero knowledge circuit
where you're providing these other pieces of data that can prove that, hey, I actually have a Bitcoin
wallet that controls this address. And I have other data that proves that I deterministically
generated the key and that I didn't just, you know, randomly reverse engineer it with a quantum

(01:09:27):
computer. But that's going to require a fair amount more engineering work. And I think it's
preferable if we didn't have to have that. Like, I think it's going to be clunky to try to implement
that. And who knows if consensus can be gained for implementing any sort of zero knowledge
verification system into Bitcoin. That'll have plenty of tradeoffs. I mean, I think the preferable

(01:09:51):
thing is that we can get everybody migrated and the incentives are there to get them migrated so
that we don't need to have any sort of crazy recovery scheme option. But who knows? I mean,
is there a risk to fungibility there? Like in any of these pathways where it's like, okay,

(01:10:14):
you're essentially, you know, you're saying like these coins are no longer Bitcoins or like maybe
if you go the non route of it just like okay you basically creating like know compliant uh list in a certain way of like these coins are now like these are the quantum threat coins so
like you know don't interact like is that another potential pathway or do you think

(01:10:35):
it's just going to be like it is going to have to be some sort of a technical solution
and like a really hard decision is going to be made i'm just like again i feel like it's
It's the game theory to me, if you have a lot of economic value in Bitcoin and you see, OK, people have the ability to arbitrarily freeze these quantum vulnerable Bitcoin.

(01:11:00):
Well, boy, I don't know if I want to – I want a forked version of that.
Like do you think this is potential hard fork?
You mentioned the soft, but is there a hard fork potential here?
Well, yeah.
Once again, that's why I said I think you have to focus on the game theory.
And so, you know, burning or restricting the spending of quantum vulnerable coins.

(01:11:23):
And first of all, it would absolutely have to be a purely objective technical thing where we are literally looking at the op codes that are being used in the redeem scripts.
And if it's using an opcode that is using, you know, ECDSA or Schnorr signature, then we consider that quantum vulnerable and we just abort and do not validate the transaction.

(01:11:45):
Rather than something where, like, early on I was hearing people say, oh, are you saying that we need to create a list of all of Satoshi's coins and, you know, create a black list?
I'm like, no, nobody wants to, like, create actual lists.
It has to be technically about how the coins are spent and whether or not they can be spent securely.
Um, but I think that the, the game theoretical problem with, um, resisting a soft fork,

(01:12:15):
first of all, it's never been done before.
Um, there, there are, there, there is a theoretical idea around, um, a, I believe it was coined
a, uh, user resistant soft fork.
Uh, it's kind of like the opposite of a user activated soft fork is basically saying, okay,
the miners have activated a soft fork that we disagree with. How do we essentially reject their

(01:12:39):
blocks? And it gets, it's, it's tricky because in order to, in order to reject a block you disagree
with, then preferably there needs to be some data, some aspect of that block that you can
in code into your node to say reject blocks with this. So then it actually turns into a question of,

(01:13:05):
well, how, if at all, is the soft fork to restrict spending activated? If it's done via
putting some sort of flag in the like BIP9 bits for activating forks, if there's like a flag in

(01:13:26):
there that indicates that the miners have activated this, then yes, you could then encode
a rule that says we're rejecting all blocks that have that flag.
But if it's not done that way, if it's just done at like a block height or something,
I think you would have to basically like hard code the hash of the block that showed up

(01:13:50):
then and said, do not accept anything in the blockchain that has a hash with a parent
of this specific hash.
It gets pretty gnarly.
Anything is possible.
But the question becomes, are the people who are sufficiently concerned with what you said

(01:14:10):
about fungibility and the moral aspects of freezing funds, are they motivated enough and
have the technical ability to coordinate that level of rejecting?
Because if there isn't specific data that you can just encode into a rejection logic, then it becomes a lot more human consensus-based.

(01:14:38):
And that's where things get nasty.
Even messier than general rough node consensus.
I mean, what I'm really concerned about is what if the quantum attacker starts posting monkey butt JPEGs?
i mean then we're then we're that's then we're really in danger uh i mean so in the larger

(01:14:58):
context of like the quote quantum threat i'm curious you know people like it's honestly like
a meme that like oh you know yeah you're worried about bitcoin well what about the nuclear codes
and everyone's bank account and like everything else do you think that the fiat system in the
military industrial complex is going to upgrade specific,

(01:15:19):
sufficiently to be quantum resistant. Does that, does,
is that just something that like military wise,
they're for sure going to do that or, you know,
can this thing kind of come out of nowhere and like nobody's ready for it.
And then it's like, well, it doesn't matter if, you know,
if Bitcoin is quantum resistant because somebody just got access to every
military's nuclear codes and, you know, like it's, you know, end game.

(01:15:44):
I mean, I think that all the traditional and centralized systems are going to upgrade.
They've already been directed to upgrade.
Like there's multiple standards institutes that have been issuing notices saying, you know, all Internet facing services need to upgrade by generally saying like 2030 to 2035, you know, in the next five to 10 years.

(01:16:14):
But it's also – it's so much easier for them to upgrade, right?
It's like if a quantum computer suddenly appeared, then they could just turn off their systems for a few days and implement the upgrade and then bring them back online.
We can't do that in Bitcoin.
I mean, we could – like I said, we could tell all the miners to stop confirming transactions.

(01:16:39):
and then the developers could work on actually implementing
and rolling out quantum-resistant locking scripts,
but then you're still in just a really nasty situation
where it's going to take anywhere from six months
to who knows how many years for people to actually voluntarily upgrade

(01:17:02):
for the entire ecosystem for those changes to matriculate
throughout all the software and the hardware in the ecosystem.
to eventually get to the end users to then tell them, hey, you really need to move your funds.
And all the while that that's happening, people are going to be getting jacked by the quantum attackers.

(01:17:24):
Or by social engineers.
That sounds like if I was going to do some social engineering, it would for sure be around a quantum threat.
Oh, yeah, and there's already been some social engineering of like fake Ledger and Trezor emails saying,
we need you to upgrade your firmware to make it quantum safe.
And then, of course, they send you to a website that says,
oh, you just need to put your seed phrase in here and we'll upgrade your firmware.

(01:17:46):
God, people, yeah, putting their seed phrases into websites will never cease to amaze me.
But it's a reality.
I mean, so this long, like the TLDR is it's going to be really, really messy.
Again, there's kind of just like.
Yeah, I mean, it just depends on the time frame.
That's the biggest unknown.
And everybody's like, oh, quantum has always been 20 years away.

(01:18:09):
And that's true.
But we're seeing acceleration along a number of vectors, not just the hardware.
There are – there's like new types of actual like quantum CPUs that are using different methods to actually build the hardware that don't require like crazy super cooling and stuff.

(01:18:36):
and we're expecting those like there's this one company called sci quantum that just raised a
billion dollars and they're building a huge data center somewhere i think around chicago and they're
expecting that to come online in 2028 and so you know we'll see if their technology theoretically

(01:18:57):
can scale uh at levels that the others can't where like they have these photonic chips that
they're literally stacking on top of each other just vertically scale up so if if they can achieve
like a linear scalability where you just throw more money at the problem and it makes the quantum
computer that much faster and of course they deal with the error correction issue which is one of

(01:19:19):
the bigger outlying problems um but we've seen advances on the error correction front as well
algorithms that have vastly improved error correction uh which makes the like effective
quantum computing power uh higher because right right now you lose a lot of like real

(01:19:41):
computing power to error correction just due to the tricky nature of qubits um but i'm not a
quantum expert so i only really know what i've ingested from several meetings that i've had
with the quantum cryptographers and quantum hardware builders.
Nobody really knows, but there's that.

(01:20:05):
And then there's also, I think, the AI effect,
that AI is also improving progress in certain things.
We've actually, I think, seen AI make several mathematics breakthroughs recently.
And so if AI can be applied to some of these quantum problems, who knows if it might find some breakthroughs as well.

(01:20:30):
So we are orders of magnitude away from a cryptographically relevant quantum computer.
The only question, which nobody knows, is does progress continue accelerating linearly or does it start to go exponential?
And of course if it goes exponential, that's when we need to be more worried that it could run away and become a problem that basically catches us unprepared.

(01:21:00):
I hope that is not the case, but I'm glad there are folks thinking about it already because again, it's like, gosh, if the filtering debate is this heated, imagine the quantum debate.
Once we get there, it's going to be – it's going to get nasty.
But again, like to your earlier point, it's a good thing that we have these debates.

(01:21:20):
Like this is what, you know, like things are going to be messy, but it's good that there is – that we have the capability to debate these things.
Then that the free market can ultimately decide and people can make individual subjective value judgments and decide what the fuck they want to do for themselves.
Like it's cool.
It's at least, you know, may not be quite as efficient from a decision-making perspective as a centralized system, but at least it does offer us quite a bit more freedom.

(01:21:43):
So I'm here for that.
Now, I want to be conscious of your time here, Jameson, but maybe just like kind of one more general topic before we wrap up is just like where you think we're at kind of, let's say, politically and culturally.
Obviously, and do you see any sort of cultural risks from that perspective?

(01:22:10):
It's become clear that a lot of folks on the left are trying to paint Bitcoin now as like a right wing thing.
A lot of folks on the right are like very much like, yeah, we're pro like we're it's a conservative thing.
Like I view Bitcoin as fundamentally conservative and liberal and just as a mirror.
And it is just like it is conservative and like literally and it is also liberal literally.
But everybody wants to paint it as their own thing.

(01:22:30):
Do you view this at all as a cultural risk to Bitcoin?
Or is this just like Bitcoin doesn't care?
People are going to do what they're going to do.
They're only hurting themselves and their followers, their constituents, whatever.
Or does the pendulum swing back really hard if we get another unfriendly administration?
And does it get even worse?

(01:22:53):
Well, yeah, I mean, I find the political polarization, the partisanship around Bitcoin to be retarded.
Because obviously Bitcoin is anti-state in the first place.
It's like we reject central banks. We reject state control of money.

(01:23:17):
So the fact that now we have different sects of statists arguing over whether or not it's good or bad is just kind of silly.
But obviously it is a risk because the liberals in America really started demonizing and cracking down on crypto a number of years ago.

(01:23:45):
And it was sad because I remember a time when the sort of democratic platform was anti-Big
Bank.
Like I seem to recall this little thing called Occupy Wall Street back right around the time

(01:24:07):
when Bitcoin was launching.
And that was totally, you know, Democrat platform type of ideal.
And somehow the Democrat platform seems to have gotten more in bed with the big banks and regulation and so on and so forth.
And so that ended up creating a rift where they saw anything that's working outside of that system of control is the threat that needs to be quashed.

(01:24:39):
And so they waited too late to do that, though.
And the industry had already become a trillion dollar industry. And so when the industry saw itself being threatened, it did the most logical thing, which is like, oh, you're going to bully me. I'm going to go to the other bully and pay them a lot of money to say, hey, can you make this bully go away? And it worked.

(01:25:02):
And so now we have a few years of respite and we have to ask, OK, what happens? Because it's only a matter of time until Democrats get back into power, whether it's next cycle or the one after. That's just that's the way the system is set up to keep flip flopping back and forth.
And of course, the crazy thing is that due to game theory, really, it gets more and more polarized each time because you're incentivizing each side to continue to push the boundaries.

(01:25:35):
And that's what Trump has done, right, is that he has pushed the boundaries to explore, like, how much power do I actually have?
He's exploring how the rules of the United States federal government actually work, not just what's written down on paper.
Like, what are the real rules that may not be written down? And so obviously a lot of people hate that because it's not a very presidential thing to do overtly. They tended to do it more covertly.

(01:26:03):
Um, but I think that we should expect that whoever gets in office is going to continue
that same line of thinking, perhaps not as overtly, but they're all going to keep pushing
to see how much power can they grab?
Because that is, that's the incentive for any sort of system of centralized control

(01:26:25):
as you continue amassing more and more power.
Nobody ever gives up power unless something very drastic happens, right?
Yeah, that is really kind of the sad thing is it's like you just – the trend towards centralization feels like that just has so much inertia.

(01:26:47):
And as you pointed out, like neither side is incentivized.
Like when you're in a duopoly, like a Coca-Cola, Pepsi-Cola democracy, neither side is game theoretically incentivized to shrink their power because they know the other side won't.
And if they do, they just make themselves weaker.
And the other side gets in power again, which is the last thing that they want.
And so I'm curious if you see an emergence of a meaningful third party as a realistic kind of short time frame thing.

(01:27:16):
I mean, Elon was talking about it for a while.
uh american hodl and eric case and maybe running for president and vp who knows not an elon's
party but a different orange party but like do you think that that's a we have a meaningful chance
at that in the united states of america or does it just happen that we stay in our coca-cola pepsi
cola but this kind of the group of independents in the middle who are the swing vote gets larger

(01:27:40):
and larger and larger and so you have at least more competition for votes versus just pander to
your base? I don't think a distinct third party is likely or even really feasible because the two
major parties have entrenched themselves so much that in order to even get your foot in the door

(01:28:02):
is very difficult. You know, they have all of these rules and procedures,
There's hoops that you have to get through even to get funding, to get invited to various speaking events, to get the publicity.
You can look at previous independents.

(01:28:27):
I mean, look like Ross Perot.
So let's take the theoretical idea that, OK, Bitcoin is going to have meant plenty of billionaires who have the ability to go out and run for president without having to beg for money and essentially hand over a lot of IOUs to all types of special interests.

(01:28:49):
even if you're able to do that independently you still end up getting locked out of a lot of things
that make it difficult for you to actually accrue much votes and i think the average voter
is pretty stuck in with their platform uh you know they're gonna vote d or r regardless and so

(01:29:14):
So I would also argue that we have a third party and it's actually MAGA.
And so what Trump did is he created his own party, but instead of trying to create an independent party, he went in and he took over the Republican Party.
And he basically pushed a lot of the traditional conservatives off to the side, and he got enough support that the traditional conservatives who hate his guts had to bend the knee.

(01:29:44):
And so the question is, what longevity does MAGA have?
Because Tea Party was a thing for a little while, but I don't think it ever really got to the level of MAGA.
It died off.
Who knows?
I mean this is really almost more of a sociological phenomenon, a question of like how long can this particular group with their ideology remain cohesive and not get torn apart by the traditional republicans who would like to take their party back?

(01:30:19):
yeah that is interesting to think of of you know the whole you know mega movement is basically
creating a new party but within the existing within the existing duopoly and then forcing
part of that duopoly out that's i mean i think that's a fair characterization it's pretty i mean
trump is probably one of the most powerful memetic figures in in recent history like it's

(01:30:42):
it's incredible to see like no matter what you you think of the guy it's like
man what a what a story you know what a meme like it's one of the most recognizable you know
outlines there ever was like you you see the outline of the man his hair it's like you know
you know that's donald trump but yeah i i hope regardless i i genuinely hope that the
the leftists and the democrats come around to bitcoin more and realize that this is something

(01:31:05):
that actually aligns with their purported principles uh even if those principles have
shifted and like you know it's uh it's money for enemies that's the great thing you can you can
be as far left as you want or as far right as you want and Bitcoin can still benefit you and
there's nothing your enemy can do about it. So let's hope they come around to it. But Jameson,
thank you for your time. Where do you want to send people?

(01:31:30):
Shill them wherever you want. You guys do not sponsor the show again. So it'd be cool that I'm
genuinely talking about Casa from a customer perspective and I appreciate the product,
but folks should check out. It has genuinely helped Carl and I sleep a lot better. So I appreciate
that well yeah you can check out casa at casa.io c-a-s-a.io you can check out my website and

(01:31:53):
everything that i have ever written said it's a lot of posted uh and and all of my bitcoin
educational resources that i maintain there's like at least 2 000 links on there as all at
It's Bitcoin.page.
It's a really impressive resource, honestly.

(01:32:15):
It's wild.
Yeah.
Well, hey, appreciate your time.
Keep on fighting the wrench attacks and the other attacks because I think it's good for people to keep in mind.
And honestly, if you come across any social engineering data, now I'm going to dig a little myself and see what the scale of this is because now I've got a little curiosity.

(01:32:37):
But appreciate your time, Jameson.
Always great talking to you.
And hope to see you around the conference circuit soon.
You bet.
Catch you later.

(01:33:07):
Find me on Noster at primal.net slash Walker and this podcast at primal.net slash Titcoin.
On X, YouTube, and Rumble, just search at Walker America and find this podcast on X and Instagram at Titcoin Podcast.
Head to the show notes to grab sponsor links.
Head to substack.com slash at Walker America to get episodes emailed to you.

(01:33:30):
And head to bitcoinpodcast.net for everything else.
Bitcoin is scarce, but podcasts are abundant.
So thank you for spending your scarce time listening to The Bitcoin Podcast.
Until next time, stay free.

All Episodes

BITCOIN CORE VS KNOTS, SPAM VS FILTERS, QUANTUM THREATS, & SOCIAL ENGINEERING | Jameson Lopp

Episode Transcript

Popular Podcasts

CrimeLess: Hillbilly Heist

Crime Junkie

Stuff You Should Know

.css-15opob5{left:0;position:absolute;top:0.8rem;} All Episodes

.css-14f5ked{margin:0;word-break:break-word;display:-webkit-box;-webkit-box-orient:vertical;box-orient:vertical;-webkit-line-clamp:2;overflow:hidden;}BITCOIN CORE VS KNOTS, SPAM VS FILTERS, QUANTUM THREATS, & SOCIAL ENGINEERING | Jameson Lopp