WBD540 Audio Transcription
Should Drivechains Come to Bitcoin? With Paul Sztorc
Release date: Friday 12th August
Note: the following is a transcription of my interview with Paul Sztorc. I have reviewed the transcription but if you find any mistakes, please feel free to email me. You can listen to the original recording here.
Paul Sztorc is an independent Bitcoin researcher. In this interview, we discuss drivechains, his 2015 proposal that’s the focus of BiP 300 and 301. Drivechains facilitate sidechains on Bitcoin, providing a bridge to new coins. The aim is to enable developer creativity atop Bitcoin.
“I don’t think we’ll ever agree on what you might call meta consensus, like what the blockchain should contain. I think people will probably continue to disagree about that, forever. And I think that sidechain is a sort of an escape valve.”
— Paul Sztorc
Interview Transcription
Peter McCormack: Paul, hi.
Paul Sztorc: Hello.
Peter McCormack: How are you doing?
Paul Sztorc: I'm doing great.
Peter McCormack: The show we've threatened to make for a while.
Paul Sztorc: Oh, yeah, I know; it's like a cold war, it's coming to an end.
Peter McCormack: A little bit of a pressure, a little bit of conversation online and then finally we did it, so we're going to do this, we're going to cover this; the controversial Paul, and Paul's controversial ideas.
Paul Sztorc: Well, you know, anyone can just repeat the ideas that are out there, you know what I mean? If I'm going to write a blog post or something, I want it to be something new, and I try to write about something where I disagree with everyone else, so that's inevitable. Then, of course, people never read the posts, they just see a tweet with a title and then they just say, "That's wrong because of such and such", but if they would read the article, they would see I already replied to such and such, I say, "A lot of people think such and such, but that's not right".
Peter McCormack: So, Paul, why are you so controversial?
Paul Sztorc: I don't know, I think I just said that. I try to only say things that are useful, and I think a useful thing is, if you notice something false that everyone believes is true or vice versa, you would want to say that; you wouldn't just want to repeat what other people would say.
Peter McCormack: That's not always necessarily true in Bitcoin though. Sometimes it's quite difficult to step out from what a lot of people say.
Paul Sztorc: Well, it's very difficult for sure, but the right thing to do is not always the easy thing to do. If it's easy to do and right to do then there's no problem, right?
Peter McCormack: All right, Paul. Well, listen, I know who you are but there are going to be some people listening who don't know who you are; do you want to give a bit of a background?
Paul Sztorc: Well, I hate introductions, I'll just say my thing and then, at the end of the interview, people can decide if they want to -- you can find me on Twitter, @Truthcoin.
Peter McCormack: He's so controversial.
Paul Sztorc: www.truthcoin.info is my blog, and you can find all kinds of -- I have a project, bitcoinhivemind.com, I have all these projects selling to each other.
Peter McCormack: So, if everyone does an intro, you're not doing an intro?
Paul Sztorc: I think intros are really boring, it's like I already decided to click "play", right, so I always skip way into any YouTube video or any podcast, skip way into it because I'm like, "I don't want to hear the intro, I just want to hear what I'm here for". But now I'm doing the worst thing which is just wasting everyone's time not even giving them an intro!
Peter McCormack: Well now I'm going to put intros in the middle just to fuck with you!
Paul Sztorc: Okay, great. Everyone at home, Peter McCormack can just edit it and rearrange the interview; I've no idea what order it's going to be in or anything.
Peter McCormack: Well, we're here to entertain as well as educate. All right, Paul, tell me about drivechains. I can't remember if you or someone else tried to explain them to me before, but we know I'm not the most technically competent!
Paul Sztorc: Yes, I've heard you say that before.
Peter McCormack: Explain it like I'm two!
Paul Sztorc: People say that and I say like, "Where are your parents?" or something. Drivechain is this idea for an SPV proof that I came up with in November 2015, so it's very old.
Peter McCormack: What's an SPV proof?
Paul Sztorc: An SPV proof is something that proves the work, the proof of work, but not the validity of blocks.
Peter McCormack: See, I've no idea what you're talking about.
Paul Sztorc: SPV proof is the foundation of the sidechain idea, so the sidechain is we're not going to look at the validity. We have like a Zcash sidechain or whatever, we have like a bit Zcash, so we're going to copy all the technology from Zcash, but Bitcoin is not going to go through the effort of doing whatever wacky technology they're doing over there. We're just going say, "We're only going to look at, did you mine a bunch of blocks in the Zcash sidechain", so to speak.
Peter McCormack: Okay, so we're going to have to go step by step on this. My limited understanding of sidechains is with what I know about Liquid.
Paul Sztorc: This is unfortunate because they have decided to take this word in a different direction.
Peter McCormack: So to me, a sidechain, we have the Bitcoin blockchain and then we have this other blockchain, and I can peg my Bitcoin in and I'm given Liquid Bitcoin, and I can peg out, and then in this separate sidechain I can do a bunch of other shit. The way I understand it, it's almost like another little block I can go and play in and do stuff.
Paul Sztorc: Yes.
Peter McCormack: It's almost like I've got two rooms, one room's Bitcoin and one room's Liquid, and I've decided to pay some Bitcoin to go in the Liquid room, and I play with Liquid, and I can get my Bitcoin back and come out.
Paul Sztorc: So, the trick is how do the coins come out? So, you see, it's easy to go in, so you're in New York City, they have the subway, they have the one way spinning thing -- I don't know if you've been on the subway.
Peter McCormack: Yeah, we the Circle Line in London.
Paul Sztorc: It's kind of like layer one Bitcoin is you're trapped in the subway forever and it's easy to get out to go in to the layer two, you up to the street layer, but we walk out the little turnstile thing, but you can't easily get back in, you have to pay and use the little kiosk.
Peter McCormack: Right, you've got to give me some real example, what does that mean with Liquid it's hard to get out; I can't just peg out?
Paul Sztorc: Well, in Liquid, when you peg out, there's a multisig output and a bunch of people sign, those people sign. So, on layer one, the only thing that the Bitcoin network sees is a multisig output. So, you could make your own competitor to Liquid 10 minutes from now by just making 15 keys and creating a multisig address and then telling everyone that this is whatever.
Peter McCormack: Yeah, but I don't want to do that, and that doesn't make any sense to me. What I'm saying is I know Liquid exists, I know I can peg into it, I know I can Liquid Bitcoin, I can move that around with a little more privacy, a little bit faster; I know how that works and I know I can peg out. I'm still not understanding what your criticism is.
Paul Sztorc: Well, when you peg in and peg out, it's what you're sending it to on layer one that's what's actually happening, so that's cosmetic; with Liquid, this is just like a multisig wallet. I guess I'm not really sure that you actually do know what Liquid is and what's happening when you peg in and peg out.
Peter McCormack: I won't know technically, but I'm a standard user of what most of my listeners will be. Most people who listen to this, they don't know how multisig really works, they don't understand the engine behind Bitcoin. Most of them buy Bitcoin and they send it to an address and they keep it there, and then sometimes they send it to another address; some of them maybe go and create a Lightning wallet and they send some Bitcoin to have some sats; some of them may even create a multisig wallet with something like Casa; and some of them, really advanced, will run a node. But most people don't understand what's going on, they're just sending stuff to addresses, so why does this matter to them?
Paul Sztorc: Well okay, one reason is, if the 15 keys are compromised, 11 of them in this case, that person will just take all the money out, so it'll be like a Celsius-style catastrophe.
Peter McCormack: So, your criticism is really the risk around the Federation?
Paul Sztorc: Well, this is the main difference between what I did, which is now BIP 300, and the Federation is a group of people who are the custodians of the money and you hope that they choose to give you your money back and maybe have very good reasons to believe that they will give you your money back. But in BIP 300, there is just a transparent process that only involves the miners. Anyone can become a miner or leave the group of miners at any time, as you know, there's no fixed list of miners.
If all of today's miners were killed by an asteroid or something then there would be new miners without anyone having to update anything, but that's not true if the Liquid functionaries all die or they all get whatever, something happens to them, it won't be possible to get the money back. Although, in Liquid's case, there's a secondary multisig failsafe, but that's a whole other story, because at one point, they realised that they had done it wrong and there were four blockstring keys that could be used, not in an emergency, so this is like a complicated other detail that people won't be interested in.
Peter McCormack: Okay. But in terms of my experience of moving, say, into your Drivechain -- does it have a name like Liquid?
Paul Sztorc: No, well this is a process for creating --
Peter McCormack: The drivechain.
Paul Sztorc: BIP 300 means there could be 256 slots and each could be its own sidechain, and then you could do it again and get 256 more, or you could have sidechains out of sidechains. So, this is a process for adding and removing decentralised sidechains that have no fixed list of owners.
Peter McCormack: Okay, I get it, you're proposing a way for sidechains to be created, not the creation of the sidechain itself.
Paul Sztorc: Yeah, when you create Liquid you need to pick the 15 people, or the 15 keys, but with this you would not.
Peter McCormack: Okay, but with this, if you created a sidechain using BIP 300, does somebody still peg in and have a different asset and still peg out and get Bitcoin back?
Paul Sztorc: Yeah, the user sends the coins into like a little box basically, and the sidechain software recognises that as a deposit.
Peter McCormack: Okay.
Paul Sztorc: Over there, the sidechain software is like an altcoin except without the coin. You can do whatever you want over there, so you could use Zcash, Ethereum, whatever.
Peter McCormack: We'll come back to that, but when I go in, am I given something that is identical in replication, like a Liquid Bitcoin is basically a Bitcoin?
Paul Sztorc: Yes, that's the idea. I mean, of course, with this you have the freedom to do any idea you like, good or bad. So someone could have a sidechain that was a terrible design and where it ate the coins and refused to tell you where they were or give them back, but of course no one would do that in practice except as a mistake.
Peter McCormack: So, whereas with Bitcoin and Liquid, we have these two rooms I can go between, you're just creating a process that anyone can come a build a room that attaches to it?
Paul Sztorc: Yes, it's like an elevator, I can conjure a new floor or something, yeah.
Peter McCormack: Yeah, one could be a very nice safe room and one could murder you.
Paul Sztorc: Yeah, one could you just open the door and you just fall out of the building.
Peter McCormack: Okay, fine, I'm going to come back to that. So, your sidechain doesn't have a 15-person multisig.
Paul Sztorc: Correct.
Peter McCormack: So what does it have instead?
Paul Sztorc: Yes, that's a good point, good question.
Peter McCormack: You've got to imagine I am dumbest fucker you will meet, so just take me slowly step by step.
Paul Sztorc: Well, okay, a metaphor is that you put the coins into like a little box, BIP 300 is 256 slots, so each would be its own box, but we're just talking one sidechain at a time.
Peter McCormack: Why 256?
Paul Sztorc: Well, because a byte can count up that and you need some way of referring to each sidechain so it would be more overhead. In practice, there's no limit because you could have sidechains out of sidechains where you could do the thing again, I just don't think that there will be anywhere near -- I could be totally wrong about this, but I just don't see -- how many viable blockchain designs do you see? You've got like Bitcoin, Monero, you've got like ten other things.
Peter McCormack: But if BIP 300 was merged into Bitcoin, what stops one person quickly going and taking all 256 slots?
Paul Sztorc: Well, the process of claiming the slot takes a little bit of time, so it's like a BIP 9 style two-week activation thing to take the slot, and you can also, very slowly, overwrite the slot. So BIP 300 has all these rules to manage that kind of thing.
Peter McCormack: Okay, but say I go and claim all 256 slots straightaway and wait my 2 weeks, do I suddenly have all the slots and there are none left for anyone else?
Paul Sztorc: Well, there's like a miner ack thing, like acknowledge thing, so you need like 90% miners to thumbs up your thing, so the process is more miner-involved than mining.
Peter McCormack: Okay.
Paul Sztorc: Each block, they get to affect the outcome in a very small way, that's basically the design.
Peter McCormack: So are you essentially pitching your sidechain to the miners?
Paul Sztorc: Yes.
Peter McCormack: You're saying, "This is my sidechain", and is it a bit like when a soft fork happens and you get miner signalling?
Paul Sztorc: Yes, look, this idea is from long ago in 2015, before any of this was even controversial. This used to just be the way everything was done. That's obviously speaking a little too broadly, but this never used to be a big, "Who controls Bitcoin?" controversy; that's all just fallout from the Blocksize War, SegWit2x. So, this used to be a very uncontroversial and kind of normal thing.
Peter McCormack: Well, we'll come back to that, but I'm interested in this. So, the code is released, BIP 300 is activated.
Paul Sztorc: The pitch to the miners, to be clear, is like this will either improve the price of Bitcoin and/or improve the total transaction fees collected. So, there's a rational reason to expect the miners would be -- they would at least have some interest in making sure that they give the right decision.
Peter McCormack: How does it get pitched to them though; is it like a BIP?
Paul Sztorc: I have plans for this; I actually invented something else called CoinNews, which is a completely different cosmetic thing for displaying op return data in Bitcoin. It's a very interesting idea and it doesn't involve any hard or soft fork or any kind of code changes to the consensus of Bitcoin at all, and it's just a cosmetic thing where when you open the full node, it shows you who paid the op returns; it sorts them by fee rate, and you also have them sorted by other tags and stuff that you can put in. So you can have all the English language ones in one column and all the Japanese ones in a different column or something.
So, I had this other thing that I just did for fun, and is in some software that I run and I would think they could do that. But even if you didn't have something like that in the software, someone could just make a very conspicuous transaction that stands out by paying a larger fee, you basically do that kind of idea with duct tape and you know.
Peter McCormack: Yeah, but when a BIP is activated, when a soft fork is activated, it's a whole thing; everybody knows what's it about, you get to read the documentation.
Paul Sztorc: Yes, but don't you think this is part of the problem though?
Peter McCormack: Well, I'll come back to that because the thing you just --
Paul Sztorc: We're coming back to a lot of things, luckily you've got a pen there!
Peter McCormack: Yeah, well, so the last thing you explained, I think you explained it like you think I have any idea what you're talking about, and I don't.
Paul Sztorc: You know about op returns though?
Peter McCormack: I have no idea what an op return is.
Danny Knowles: It's the messages the miners put on the block when they --
Paul Sztorc: Yeah, it's a coinbase, but an op return, anyone could make a transaction, they can put like -- this is used by lots of different people. What it is, it's a part of the transaction that you can just prune out, you can just cut, so it's something that will never be spent so they'd probably just go to zero value output.
Peter McCormack: Okay.
Paul Sztorc: So, basically, what it is is like a memo field and a check or something, so people write stuff like Bible verses and wedding vowels and people put like funny little things, messages in there.
Peter McCormack: I've seen things like when certain blocks are mined, they put messages in, yeah.
Paul Sztorc: Yes, that's what I mean.
Peter McCormack: Okay, but what I'm saying is is I just want to go back, if a soft fork is activated prior to that, the miners know full well what is contained within the software, what it brings to Bitcoin, right?
Paul Sztorc: Well, that's the idea; you don’t think that's really true though because you just told me like, "I don't know anything about op returns, etc", a Bitcoin podcaster.
Peter McCormack: Well, yeah, but I'm not a technical Bitcoin podcaster.
Paul Sztorc: Sure.
Peter McCormack: So, we have Stephan Livera for that. My show is to help people like me, like morons, who don't know shit about this technical stuff.
Paul Sztorc: Well, the one thing I would recommend people do, I think this is fascinating, you go to Scaling Bitcoin II, Hong Kong, it's 2015, they had this miner panel and somebody even said out loud like, "We have 92% of the hash rate represented on stage", or something, which is kind of itself a weird thing to say, but it goes through and it's clear those people have no real idea what the blocksize debate is actually about. In fact, at one point, someone on the panel said something like, "Could someone please just tell us what do?" or something because they're much more like you I think where they’re just trying to find cheap power and they don't know --
Peter McCormack: But they still have to make a decision.
Paul Sztorc: Of course. The more important thing is that they have accountability in the point of the increased Bitcoin price and the greater transaction fees, they have the skin in the game to know, so they have some basis for having incentives to make the right decision.
Peter McCormack: But I'm sure they talk to people and people want to help them understand, "You know, this is a good thing". But when we get to what you're talking about, again, what are they activating and do they even know what they've activating?
Paul Sztorc: Well, I think again, this is like the paradigm shift which is that people feel very responsible for all the Bitcoin code. This is why the sidechain idea is like a complete night-and-day change from this way of thinking. So right now, as you know, everyone worries about every single line of code, every single change, but with this, these are all optional zones; the sidechains are all optional zones that your full node isn't going to ignore.
So, if you had let me finish my box thing, the box has kind of like a Post-it Note on it that has the number zero, and you can only take money out of the box if someone has a Post-it Note that has 13,150 on it and, every day, there are little rules about this Post-it Note moving up and down, but basically that's the whole idea in a little nutshell. Even though that's the proving the work, the SPV proof, but it's not going to know anything about what the sidechain is doing. So, that is intentional because that's what makes you able to ignore the sidechain. So, that's the whole point, is that you wouldn't need to worry about what it is.
Peter McCormack: Okay, where does the sidechain exist?
Paul Sztorc: In some ways, it's easier to think about a sidechain as an altcoin, so it's like, "Where does Ethereum exist or something?" You write a different piece of software, it has its own blocks, it has its own blockchains and its own folder on your computer.
Peter McCormack: Okay, yeah.
Paul Sztorc: This is the same thing basically except in a couple of differences: one is that the way this is designed, this is a fully asymmetric sidechain; there used to be a distinction, now all these sidechain words have become unhelpful unfortunately. But in this particular case, we have test software, so we have test sidechains, that software won't even run or do anything until it can connect to a layer one Bitcoin node. So it's a lot like a Lightning node in that way, it's like a full layer two, so it's like a fully subordinate piece of software.
Peter McCormack: Okay, let's say one of these sidechains is set up and created, my node doesn't download any of the blocks.
Paul Sztorc: Your Bitcoin layer one full node does not, it will not see anything except the box and the Post-it Note, and these boxes are UTXOs, they already exist, already a box world.
Peter McCormack: Okay, but if I want to use that sidechain, how do I start using it?
Paul Sztorc: Well, again, it's the same as like the case with an altcoin is the easiest way for people to think about it if they don't know, if they're very confused or something. You could have a wallet and use it without a node or only with an SPV node or, if you wanted the full node, the sidechain full node, you would download that software and you would just run it.
Peter McCormack: So it would have a separate node?
Paul Sztorc: Yes.
Peter McCormack: Okay, so why is it a sidechain to Bitcoin; is it so it gains the security of Bitcoin?
Paul Sztorc: Well, of course the goal of sidechains, back in the day, before -- this is unfortunate because my point of view is not really relatable to regular people anymore because most people only know -- back in October 2014 when blocks were originally published as paper and debuted, it was very clear to everyone that the sidechain idea was to simulate altcoins, so it was to make them obsolete basically.
At the time, Ethereum was getting started, there was other stuff, BitShares or whatever, it was all terrible at the time, but people thought, "What are we doing to do? Why should there be a basis for comparison at all?" Say with Bitcoin, you can do X, but people would say, "With my wacky new project, you can do Y, this new thing, or Z, or whatever you want to call it".
Peter McCormack: You don't have to wait for Bitcoin to --
Paul Sztorc: To merge the thing in.
Peter McCormack: Yeah.
Paul Sztorc: And, of course then, with the blocksize debate, it became apparent that it may be an even deeper problem than that, because you may have irreconcilable differences between people. You cannot have the blocks be both small and large at the same time, so someone has to leave emptyhanded. So, then that was like really spurring it on at first, and then Blockstream went in the Liquid direction and they kind of torched I think the whole concept, which I think is a big, huge setback for Bitcoin. They wrote a paper in October 2014 called sidechains something, and anyone can look it up, and it was written by Blockstream plus basically; some other people were on the list.
Then, in November 2015, I had my SPV proof which was different than theirs. They have this Appendix B skip-list thing that they never actually did. They only stuck with the multisig, which they insisted for years, they insisted was only like a temporary Band-Aid, and they would switch to their thing; they abandoned their Appendix B thing. My version's supposed to literally be like minimalist, and I had changed something else, I had proved the work via the mainchain, not via the sidechain, because I worked out that it made really no difference, there were no costs and enormous benefits to doing it that way, but they had coined the word.
It was kind of unfortunate that they did, because they coined the sidechain word and then they ran away with the definition. If I could do it over, one of the things I would do is I probably would never have used the word "sidechain" to describe what I was doing at all, and maybe I should still stop doing it and I should just use the drivechain word and I should say, "This is a totally different thing".
Peter McCormack: But sidechain, you can kind of understand what it is from the nature of the word.
Paul Sztorc: Well, I would hope. Well, yeah, I don't know, a lot of people don't know it, or what I was thinking of, I had an image in the 2015 posts at the beginning with Bitcoin is like an engine and then a big chain going around and all these others gears, like a Leonardo da Vinci kind of a thing; the gears would be like Litecoin, would be like Ethereum, all that.
Peter McCormack: So give me an example of a sidechain that someone would build; that might be more helpful to understand.
Paul Sztorc: Yeah, the Zcash sidechain, the Zcash is a very good example. They did all this work to get to Zcash 5.0. The privacy benefits are very clear, it's this unbreakable, confusing z-address thing, and so now we have a version of that that we copied; we just copy their Version 5.0 to our template. So then, if you download our test software, you can mine fake coins, you know, because it's a testnet, it's not real, so you can mine fake coins on what would be regular Bitcoin, you send them over to the Zcash sidechain, they show up over there, and then over there you can use it with z-addresses, and that's the benefit, and then you can take them back.
Peter McCormack: Let's go one step at a time, you guys have created this but it's not currently --
Paul Sztorc: It's not live with Bitcoin BTC. We have software for testing that anyone can use that does generate coins. It's funny, there's nothing in principle different between what we did and what some altcoin that could exist or something, but it's for testing purposes only.
Peter McCormack: Some of this stuff's hard for people to follow.
Paul Sztorc: Yeah, I guess so.
Peter McCormack: So, we have to go through slowly.
Paul Sztorc: Okay, sure.
Peter McCormack: I know it might be difficult, it might be painful for you. But you created that in a Bitcoin testnet as a sidechain to Bitcoin, an entire testnet?
Paul Sztorc: The whole thing we did is our own tests playground, so we can just reset it whenever we want.
Peter McCormack: But that doesn't answer my question, my question is BIP 300 doesn't exist within Bitcoin.
Paul Sztorc: Right.
Peter McCormack: Okay, you want it to exist --
Paul Sztorc: Well, I don't understand at all why people aren't foaming or chomping at the bit or whatever.
Peter McCormack: I know, but that's, again, another separate question.
Paul Sztorc: Sure, yeah.
Peter McCormack: I'm going slowly, I'm going to be specific about this just so people understand; if we jump around, no one will get it. So how you understand Bitcoin, I understand how to structure questions in a way so people can understand it. So currently BIP 300 doesn't exist within Bitcoin, you wish it did, yes?
Paul Sztorc: Yes.
Peter McCormack: Yes. You've created a testnet environment where you have activated BIP 300 in the testnet?
Paul Sztorc: Yes.
Peter McCormack: So you've created that Zcash sidechain?
Paul Sztorc: Yes, those are separate things though.
Peter McCormack: Okay, well how do you mean?
Paul Sztorc: BIP 300 activates on the mainnet, on what would be Bitcoin Core if it were on real Bitcoin.
Peter McCormack: But you've activated the code in a testnet environment to see it works?
Paul Sztorc: Right, that's BIP 300.
Peter McCormack: Yeah.
Paul Sztorc: The sidechain is a completely separate piece of software, like a Lightning node that would be like --
Peter McCormack: But the BIP 300 in the testnet allows you to move between the two?
Paul Sztorc: Yes.
Peter McCormack: Yeah, okay great, I understand that. And so have you done this almost to prove to people, "Look how cool this is. We've now got Zcash on Bitcoin"?
Paul Sztorc: Well, I agree with you completely that the example is a much better way of explaining it. I think most people are not interested in even how it works, they just want to know, "What is this for?" My friend used an analogy in Xbox; you build the Xbox with no games, and so that was like you have to have a game.
Peter McCormack: So, if I wanted to use this, I've got Bitcoin Core running, say I want to use this sidechain, what else do I have to download?
Paul Sztorc: Well, yeah, we have a different -- the Zcash software has its own node.
Peter McCormack: So, I'll be running two nodes at that point?
Paul Sztorc: Well, as you know, you don't necessarily need to run any node; many people just use a wallet, that may be an SPV node only, or some people just use Coinbase or something. So, it's debatable whether or not those people are real users. Is that too nuanced, you know what I mean? You can use Bitcoin without running a full node.
Peter McCormack: Yeah, of course, yeah.
Paul Sztorc: So that's what I'm saying is, how you use it is kind of your business, but this other node software must exist for the network to produce blocks.
Peter McCormack: There must be other people doing nodes.
Paul Sztorc: Yeah.
Peter McCormack: Okay, yeah, like we have with Bitcoin, some people run nodes, some people don't.
Paul Sztorc: Exactly.
Peter McCormack: But say Danny wanted some Zcash from me, from your sidechain -- okay, one more other question, is this a separate Zcash from the other Zcash blockchain?
Paul Sztorc: Yes, that's an important other thing too.
Peter McCormack: So, it should probably be given a different name.
Paul Sztorc: Yeah, we used to, "Why aren't we called Zside?" as a joke. Sometimes they have funny names.
Peter McCormack: ZBitcoin, BitcoinZ.
Paul Sztorc: When I did the presentation at the Bitcoin 2021, I did an example with, I usually just put "Bit" in front of them, and Gavin Andresen did this a million years ago, and so I was like "BitMonero". So we'd have like Bitcoin, then we'd have BitMonero, would be like the Monero sidechain on Bitcoin.
Peter McCormack: Yeah, because I think that some people get confused.
Paul Sztorc: Yeah, I agree with you, I think the names are a big problem. Someone needs to come through with my project and rename everything.
Peter McCormack: You're in my world now, branding and marketing; I can help you with this bit. I would have a completely separate name because otherwise I'll be like, "Are my Zcash here the same as my Zcash here? Okay, they're not".
Paul Sztorc: Yeah, so we call it Zside, and in fact we labelled the tickers different too to keep people from being confused, so like Liquid is LBTC, we just call them BTC on the mainnet and then we just call them like SC1, SC2, SC3, so sidechain number three is SC3.
Peter McCormack: You need a branding and marketing person to help you! I would have called it something completely different, but anyway. Okay, so I can run the node but I don't have to?
Paul Sztorc: Right, but I don't know, it depends on the direction we want to take this conversation, but yeah.
Peter McCormack: So, if I'm running the node and I've got my Bitcoin node running, the BIP 300 is how they talk to each other?
Paul Sztorc: Yes.
Peter McCormack: Okay, so say I want some BitZs, BitZcash, how do I get those?
Paul Sztorc: Well, are you getting them from someone else on the network or are you getting them from layer one?
Danny Knowles: Are you pegging him with your Bitcoin to get…
Paul Sztorc: Well, when it turns on for the first time, it starts with zero coins, so no coins there, so someone has to send Bitcoins and we have a little GUI for that.
Peter McCormack: So you have a rule and your rule could be, what, 1:1?
Paul Sztorc: I didn't even plan on doing it like this; I actually have screenshots for this.
Peter McCormack: But your rule could be 1:1 or 10:1?
Paul Sztorc: Well, it should be 1:1, it could be something else it would just be confusing because, if it's 10:1 going in and then it would have to be 1:10 coming back, and that would just be annoying for people I would think. The whole point of this over the altcoin is to remove for 4X risk and also the risk of the project just collapsing.
Peter McCormack: So, there would be a maximum 21 million?
Paul Sztorc: Yeah, there are 21 million shared by all the different pieces of software.
Peter McCormack: Okay, great, so I get it, so I can peg in and I can get some of these BitZs, I'm going to call them BitZs, and then I can send that to Danny but, if Danny already has some, he can send them to me.
Paul Sztorc: Yeah, right.
Peter McCormack: Okay, and I need a wallet and in my wallet, I could have Bitcoin and also have these BitZs next to it, yeah?
Paul Sztorc: Correct.
Peter McCormack: Okay.
Paul Sztorc: So, when you download the Zcash node software obviously it comes with a wallet, but you could also have something like, I don't know, whatever wallet you want to name. Most of the wallets these days are multi-cryptocurrency wallets, they have Bitcoin and alts, and they could just have this also.
Peter McCormack: But say I was using, I don't know, let's give an example of a wallet, say I was using Ledger, would Ledger have to write in support for this?
Paul Sztorc: Yeah, to be a wallet for this they would, yeah.
Peter McCormack: Does it have a different set of addresses?
Paul Sztorc: It does, because most notably the Zcash system has the z-address, the private z-addresses.
Peter McCormack: So, really what you've created, it sounds like to me, is a bridge between Bitcoin and some other stuff, and then this one, it's Zcash but it could be Monero, it's just a bridge.
Paul Sztorc: Precisely.
Peter McCormack: So that bridge is a way of creating the new coins.
Paul Sztorc: Yeah, you can take your coins and escape to a different piece of software.
Peter McCormack: Okay. What does the Bitcoin blockchain know; it just knows this transaction out?
Paul Sztorc: Yeah, in the talk I gave at TABConf, I do literally like an exact slide of that, and I say, "This is everything that's happening, and this is all their full node sees", but their full node only sees the little Post-it Note on the box. There are rules with the Post-it Note, but you want to get that Post-it Note from zero all the way up to that really high number, 13,000, and that is the only thing the full node sees.
Peter McCormack: I don't understand about getting this number up from zero to 13,000.
Paul Sztorc: Every block, the miners can move it up by one or down by one. So, they say, "We want to eventually withdraw to this set this transaction action ID", so you have a big list of people who want out like, "Here's 11,000 people who want out", or whatever it is, and they all want out and they want to take their coins to different layer one addresses because they want to go back from the sidechain --
Peter McCormack: To Bitcoin.
Paul Sztorc: -- to regular Bitcoin Core.
Peter McCormack: So what are you saying, there's a maximum of 13,000 of these that can happen in one go?
Paul Sztorc: No, the 13,000 is the score, the threshold needed. So, maybe that was confusing.
Peter McCormack: Yeah, I'm totally confused by that. What's it for?
Paul Sztorc: Let's just say there are eight people who want out, okay, in a given time period, and someone wants 7 coins to mainchain address number one, 5 coins to mainchain address number two, half a coin to mainchain address number three, and 3,000 coins in mainchain address number four. So, they select the sidechain output that has all the coins in the box basically and they say, "We want out, we want to take coins out of the box".
So they say, "This is what we want"; it has a different little unique transaction idea, like a little code, a little bit of hex, and then they take the Post-it Note away and they write that little thing, and then they write the number one and they put that Post-it Note on the box. Then, when they find the next block, they take it away and they write two, and then it goes to three, and then maybe it goes back down to two or maybe it stays at three. There are rules for what this little Post-it Note can do.
But if it gets up to 13,150, which is three months of finding blocks, then you're allowed to take the coins out, and those are the BIP 300 rules that are enforced by your mainchain node, not any of the Zcash stuff.
Peter McCormack: I still don't get that, sorry, I've no idea what that means.
Paul Sztorc: Okay.
Peter McCormack: If I want to take them out, why can't I just take them out?
Paul Sztorc: It's kind of like if you're trying to get someone out of prison or something and they have interlocking gates and they have buzzers and things, you know, where they knock, like you see on a TV show or something, and the lawyer wants to leave, the thing buzzes and the first door opens and they go through, then it closes and the next thing opens.
Peter McCormack: No, I understand the analogy, what I'm saying is, why am I waiting up to 13,000 blocks to get my coins out?
Paul Sztorc: Because those coins can go to any destination because you're not checking the sidechain rules, you're ignoring the sidechain. So, this is the whole "miners can steal" fake controversy, because it would take them three months to steal, but all the withdrawals take a long time, for security reasons.
Peter McCormack: So how many blocks to 13,000?
Paul Sztorc: It's three months.
Peter McCormack: So, it takes three months to peg out?
Paul Sztorc: Yeah, but this is another misunderstanding which is that the regular users wouldn't necessarily use this at all. They can swap either with HTLCs, or they can just use an exchange or something. They can go on Coinbase and say, "Okay, I have 12 coins, I have 12 BitZs and I don't want BitZs anymore, I want regular BTC". So they sell their 12 to Coinbase and Coinbase gives them 11.99 BTC, and then only one person has to actually walk the coins through the process.
Peter McCormack: It's not 13,000 to go in, just to come out?
Paul Sztorc: To go in, it's instant.
Peter McCormack: It's instant, but to come out it's 13,000, right, okay.
Paul Sztorc: Exactly.
Peter McCormack: Why three months; why 13,000?
Paul Sztorc: Well, you know, it was originally two weeks and then people complained about it, and I kind of almost regret even changing it, because over time it's become clear that people just complain about anything even if they don't know anything about whatever.
Peter McCormack: Yeah, that's fine.
Paul Sztorc: But like I said, there's no real downside to making it longer.
Peter McCormack: Well, there is if you want your coins.
Paul Sztorc: But this is the thing, anyone can swap the coins with you.
Peter McCormack: Okay. Who's going to put them in and be happy to wait; is it Coinbase do you think?
Paul Sztorc: Well, it could be anyone, there's a whole distribution of people; people are very different, people are heterogenous. So some people, like an investment banker-type person, they'll take the yield, they'll just say, "Listen, I'll buy these coins. I get 12 from the person and I pay them 11.99", and you do that a bunch of times and then you wait, and now you're getting basically an interest rate.
Peter McCormack: So, we're talking about almost money dealers here?
Paul Sztorc: Yeah, it's like a money market, but literally anyone can do it, you understand.
Peter McCormack: Of course.
Paul Sztorc: So that's why it's very unlikely to -- there's no real opportunity for it to go too off the rails.
Peter McCormack: But say I have 100 Bitcoin sitting around and I'm like, "I've got no use for this, I'm going to get 100 of these Zcash coins and I'm just going to sit around. I'm not going to spend these for the next ten years. If someone wants to buy some Zcash off me, I'm going to charge a margin and then I'm making my premium there". So, say you wanted to buy a Bitcoin, 1 Z off me and I'm going to be like, "Yeah, that's 0.9 Bitcoin, I've made 0.1%", and I can just keep doing that and at some point I'll be like, "You know, I'm going to withdraw some out", yeah, that kind of makes sense.
Paul Sztorc: Right, but what you're actually selling them is the --
Peter McCormack: Sorry, 99 Z, yeah, okay, I understand that.
Paul Sztorc: You're collecting all the BitZs and then you're going to walk them back and you get 1 for 1.
Peter McCormack: Yeah, and then you always know the peg holds, it's always going to maintain the same value.
Paul Sztorc: Yeah, that's the point, is you want it to be very secure, so that's why it's three months because the worse thing ever is if the peg doesn't work, and in fact there have been Ethereum versions of this idea that made it much shorter; I think one was called Wormhole or whatever where they made it like three hours, and it didn't work because that's too short. There's no real downside to making it long. The longer it is the better, because they have to declare in advance where they're taking the money. Everyone can see it; it's compressed down to this one little code thing that anyone can check against the sidechain. The sidechain's going to be screaming the true withdrawal code at the top of its lungs in all directions.
We have it in the GUI at the bottom in a little ribbon, so everyone's going to know what the real one is. So if anyone tries a false one, people will know the same day and then they have to spend three months with the stigma of knowing that it's wrong but doing it anyway. And then it'll be three months later they finally succeed, and if no one does anything about it, then they'll be able to take the coins and send them to those withdrawal outputs. That is the whole "miners can steal" critique of this project, but it's a silly critique because they have to do this for three months; whereas, if the miners were willing to do something like that, they could also empty Lightning channels by blocking, etc.
Peter McCormack: Yeah, okay, I'm starting to get it. So, there can only ever be 21 million, there's zero now.
Paul Sztorc: 21 million coins total, yeah.
Peter McCormack: But whatever you peg in pegs out of Bitcoin, so there's no inflation here of coins either, which is cool.
Paul Sztorc: Of course, yes.
Peter McCormack: It just allows you to have additional technology that can do other things.
Paul Sztorc: Yes, this is quite a big difference. Maybe people can imagine a world where you have, even today, you would have someone go on stage, someone like Saifedean or something, they go on stage and they say, "Vitalik is the Devil and we all hate Vitalik", or whatever. But in a parallel world with sidechains, you would imagine that history would just play out differently and the same person would go on stage, for the same exact actual idea, they would say, "Oh Bitcoin has all the best technology, we have this wonderkid, Vitalik, he's doing complete sidechain on Bitcoin", or whatever.
The Jeremy Rubin thing would be completely different also, there would be no controversy about that, he would just go and they would say, "We're not ready for this right now". He would just do it on a different piece of software and this problem wouldn't even exist, the problem of how to coordinate the soft or hard forks or any kind of other activation because it doesn't exist.
Peter McCormack: Because really sometimes, they're worried about inflation of total coins across all protocols, right, like just keep us all in Bitcoin.
Paul Sztorc: Well, that's why I think it's a no-brainer, that's why the sidechain idea was so good, I think is that --
Peter McCormack: Well, I wouldn't say no-brainer, it's another thing we'll come back to because we can talk about some of the -- there are obviously downsides, we can talk through that. Just help me understand, how does this sidechain get its security, because the miners provide the security to Bitcoin; how do they provide the security? Does this sidechain just inherit the security?
Paul Sztorc: Yeah, it does, but this is the idea of merged mining which I think is also understood by a very, very, very small number of people.
Peter McCormack: Are you basically sharing the cryptographic proof?
Paul Sztorc: Well, this is the thing, it's debatable if there is any cryptographic proof in mining. This is one of the things I remember Adam Back telling me when he first heard about Bitcoin. He was confused because, well maybe this is a minute detail, but the hashrate security is the cost of like the 51% attack, more or less. And normally in cryptography, there are these unbreakable black-and-white situations where it can never be broken by anyone. If all the corporations and governments of the world combined, they would not be able to decrypt the message or whatever, or it's very easy to do, so it's black and white; but with mining, it's this spectrum.
When mining first started, it was only a few people, so the hashrate security was pretty low, and now it's more, maybe in the future it'll be even more, maybe it'll be something else. But the way merged mining is, you kind of fit the sidechain block into a regular mainchain block, and it kind of goes along for the ride.
Peter McCormack: Does that mean it uses up block space?
Paul Sztorc: Well, it uses a tiny amount, but this is where the analogy breaks down completely, because the sidechain block is referenced in the mainchain in a little tiny spot, but the actual block itself is somewhere else.
Peter McCormack: Right, okay.
Paul Sztorc: So, it uses a tiny, tiny amount of space to say like, "Sidechain number four", like, "This hash of the block", and maybe a couple of other things, some other things.
Peter McCormack: Yeah, so it does inherit the security then off the mainchain?
Paul Sztorc: When the sidechain node is running, like I said before, if you run our software or the Zside software. If it can't find the layer one Bitcoin node, it just won't do anything, because it's going to use that to figure out how may blocks there are, what time it is, stuff like that, like if it's Saturday at 11.30am; it's going to get all that from mainchain Bitcoin, so it's sort of riding along. But this idea is very misunderstood.
One notable fact about it is that, in merged mining, which Satoshi invented merged mining in 2010 for Namecoin, this is a very old idea and we've been doing it ever since. It's another thing people don't realise that this is a very old idea that has been in continuous use. But an intriguing fact about it is you don't modify the mainchain to allow this, in fact the mainchain cannot stop an unlimited number of chains from being merge mined; there's nothing Bitcoin can do to even stop this from happening. Instead you modify the chain that's riding along, the parasite chain or the friend chain or whatever you want to call it.
Peter McCormack: If we ignore the "everything but Bitcoin is a shitcoin" argument for a moment and just say, look, there are different scales of altcoin, right, which I would say are different levels of creditably. Now for some people, they're all shit, there are other people that they're not, and when you to go to the people who are not, they would say, Ethereum, forget all the issues with it, let's go with it; Ethereum has kind of proved a case that there are things that people want to do on Ethereum, whether you agree with it or not, it does; Monero has proved a case; Zcash hasn't really got much adoption, but it's a different technology that does something different.
There's a handful there you could say that are doing something more interesting than the other 20,000 bullshit ones. It feels like these ones would be the kind of ones that would be elevated into this, and the bullshit 20,000 other ones just wouldn’t even bother trying, they wouldn't survive, they would die.
Paul Sztorc: Yes, precisely.
Peter McCormack: I think one of the things, Danny, run through my logic here, you wouldn't be able to price speculate on these coins because their price matches Bitcoin.
Paul Sztorc: Yes, exactly, that would be like putting $20 into an ATM and getting $20 in your chequing account; it would just be like the same thing.
Peter McCormack: So, there's no incentive to put shitcoins on here.
Paul Sztorc: Yeah, it kind of would filter out all the shit basically.
Peter McCormack: Yeah.
Paul Sztorc: That's what a lot of people think, I think that would be 99% of the cases at least.
Peter McCormack: Yeah, well it would, and it's not going to last if no one uses it.
Paul Sztorc: That's exactly right as well, is that if no one uses it, there just won't be coins over there and then it will just die off.
Peter McCormack: But it would increase demand for the coins in the ecosystem, which itself would drive up the price anyway, that's my logic.
Paul Sztorc: Yes.
Danny Knowles: That sounds right to me. The thing that I can't get my head around is if you were making a project and you were a bit of a shitcoiner, the incentive is to go and shitcoin because you're going to make way more money.
Peter McCormack: Depends who you are.
Danny Knowles: Yeah, exactly.
Peter McCormack: Let's class these people differently. A shitcoiner, for me, is somebody who wants to profit off the coin, and that's their primary motivation. If you're a developer, your primary motivation's to build cool shit, and this gets rid of all the that incentive model, it also makes Bitcoin more useable. We're going to have to come back to why people are rejecting this, but for me, to get rid of that price incentive on shitcoins makes it a lot more interesting, it's a lot more developer-focused.
Paul Sztorc: And I think we have to keep in mind how many people who are today the sort of good altcoiners or aren't into bitcoiners in the past. Like, I mean Vitalik was the Bitcoin Magazine cofounder and writer, he was like the original Peter McCormack, in a way because he was the Bitcoin Magazine guy.
Peter McCormack: We're very similar!
Paul Sztorc: He was like a full bitcoiner for a while and then, you know, he tried his thing on -- a lot of this story is disputed, but certain things that are not really disputed at all which is that he was a bitcoiner, he did Bitcoin Magazine, he proposed this idea in Bitcoin and he was going to do it on some weird altcoin and then he made his own project. I think people are biased against Ethereum because it was really a terrible project in 2015 when it was being put together, and it was terrible, and I think it really has evolved slowly so that --
Peter McCormack: Into not so terrible?
Paul Sztorc: It was kind of like 1% better every day, that type of thing; have you seen that meme?
Peter McCormack: Yeah.
Paul Sztorc: So, then when you get to that, years later, it kind of evolves, it's like a Darwinian evolution.
Peter McCormack: Okay, so in your most objective way possible, what are the most valid criticisms of this, which you might not want to do, and if you don't want to do I'll go and speak to somebody else?
Paul Sztorc: I think it's perfectly fair game for you to get the criticisms from the critics and not from me.
Peter McCormack: Well, where are you getting pushback?
Paul Sztorc: Well, people give me the "miners can steal" critique, but I think just very few of those people really understand the whole three-, six-month thing, like what is actually required. But also, miners can already steal from the Lightning network, for example, by blocking the justice transaction, so they can already do that, but no one complains about that on the Lightning network. So, when I tell people that, they usually just shrug and go away. The more important thing with that is though that is something that the user has opted into. Remember the reckless meme with Lightning?
Peter McCormack: Yeah, yeah.
Paul Sztorc: Yeah, that user chooses to do this, and certainly back in 2015 when I came up with the idea, a lot of the large blocker group, there's another group, like Roger Ver was an ardent bitcoiner and then there was Bitcoin Cash, so another example. But many of the large blocker people have said consistently, their entire lives, that they are fully okay with what they call the SPV level of validation. This is maybe an esoteric topic that a lot of people don't know about, this is a section in Satoshi's white paper about you only have the headers, it's sometimes called Trust the Miners. You know how it is, when something's shrunk to a little tagline you lose all the important nuance, but it's basically --
Peter McCormack: But all that nuance is in the main block anyway.
Paul Sztorc: Sorry, what did you mean?
Peter McCormack: So SPV, it means you're only carrying the headers of the blocks.
Paul Sztorc: The headers are only 80 bytes each, so it's 4 megabytes a year, so it's very easy to get those. They prove all the work, but they don't prove the validity of the block. That is why, later on, when the sidechain idea was invented, the name, SPV proof, came from that idea.
Peter McCormack: How is the validity of the block proven?
Paul Sztorc: There's no other way than to download every message and check that every message follows all the rules. Sometimes people say that you can cheat with like a zk-SNARK or something, but it's hard because you don't really know whether or not the zk-SNARK has malfunctioned unless you also check by downloading every message and then redo the zk-SNARK, and then someone needs to be the server as well. So, when you want to know, "What transaction is this? What was this transaction ID? What was the fifth transaction in block 700,000?" someone has to be able to look that up and get it from somewhere.
Peter McCormack: So where do they?
Paul Sztorc: Well, the full nodes have it all. So, this is why I say the zk-SNARK thing is not really an end-arounder. So, if there's no other way, then someone has to have all the data and you have to check it off for all the rules, which hence the name "the full node".
Peter McCormack: Hold on, just another thing, these sidechains, or drivechains, they have to have the same block time as Bitcoin?
Paul Sztorc: They do, yeah. You can do like weird hacky things, but I think those are --
Peter McCormack: What, like build five blocks and merge them together into one?
Paul Sztorc: Yes, you know, like a secondary, I don't even know, it's so bizarre, but you can have, yeah, secondary proof of work where you try to get other faster blocks to happen on the sidechain and then, when it checks in with Bitcoin, it loads them all in as like a blob.
Peter McCormack: But they could all have their own Lightning networks?
Paul Sztorc: Yes.
Danny Knowles: But Liquid doesn't have the same block time, right?
Paul Sztorc: That's true, because it does not use merged mining, it's completely its own thing.
Danny Knowles: Okay, I see.
Peter McCormack: Right.
Paul Sztorc: There's no process behind Liquid, it's just a multisig output; it's like a bank account or using Coinbase or something, maybe that's going a little too far, being a little too mean. When Liquid was first proposed, the idea was it was only for funds on exchanges, and the idea was all of the -- you should ask Matt Corallo about this, because he's even tweeted about the origin of Liquid, and he literally said about Blockstream's attempt to expand the scope, on this exact topic, he has said basically, "This is a bad idea and don't trust anyone who says this; treat them like they're trying to steal your money", he literally said that in public, which is the only reason why I bring it up now.
The original idea was you'd have all these exchanges and the exchanges would be the 15 multisig people. So the logic was, if you're going to have Bitcoin at an exchange at all, you might as well just have it on the Liquid sidechain, because you're just going from trusting one exchange completely to trusting like 11 or 15. Then it was like the coins can move seamlessly among all the exchanges.
Peter McCormack: That makes sense.
Paul Sztorc: So that was the original idea.
Danny Knowles: I remember Adam Back talking about it being for trading specifically.
Paul Sztorc: Then it kind of expanded into like, I don't know what it is, but now.
Peter McCormack: But say your BitZ sidechain, would that need its own equivalent Lightning network?
Paul Sztorc: Yes.
Peter McCormack: Interesting.
Paul Sztorc: Of course, if you copy the architecture, like you have the sidechain that's just a code fork of Bitcoin, then you can just copy and paste.
Peter McCormack: Okay, so we're going to have to talk to other people about this. So you say one of the criticisms is that miners can steal, but you've got this three-month period.
Paul Sztorc: Yeah, it's possible but I don't think that -- I asked Pieter Wuille about this once, in the Netherlands, I said, "Do you think people should be allowed to spend their BTC on goods and services?" and of course he says, "Yes". And I said, "Do you think people should be allowed to sell the Bitcoin for fiat?" and of course he said, "Yes". "Should people be allowed to sell their BTC for an altcoin like Ethereum or whatever?" and of course you have to say, "Yes". So this is just taking a risk, spending the Bitcoin to a certain kind of script on a layer one. We have to respect the users' sovereignty.
Like I was trying to say, the Roger Ver people, the large block people, they were 100% okay with SPV for all of their transactions.
Peter McCormack: But that's a bunch of people.
Paul Sztorc: But the other thing though is that transactions are very different, right. It's like there are some where you don't trust the person maybe and, for some reason, you need the reliability to be high, and then there are all these other things where you're buying something from Amazon or you know the person. Transactions don't all need the same level of super, super-ironclad protection. You walk around with money in your pocket then maybe you'll get mugged and you lose, but you don't have your whole life savings in there, so it's like transactions are all different as well.
Peter McCormack: Once BIP 300 is merged in, say the soft fork is --
Paul Sztorc: Yeah, one day.
Peter McCormack: Just say it is, once that's done, all that is is a thing to create a bridge between that and the sidechain; it doesn't have to do anything else?
Paul Sztorc: Right, that's what it's doing, yeah.
Peter McCormack: Yeah, because one of the things I'm thinking is like, from my side, is that I trust implicitly the Bitcoin developers, in terms of the quality of the code, the way they review, make sure nothing fucks up so I don't lose my Bitcoin, right. Moving into a sidechain, I've got a different trust model.
Paul Sztorc: That's right, yes.
Peter McCormack: Yeah, because I have to trust the ones working on that sidechain, right. I am wanting to use that sidechain, I think it's cool, I like the people on it, but I've got this inherent belief that it maybe shares some properties in terms of the quality of the developers, etc. What's to stop those developers, at some point, doing an update to their code and then stealing all my coins and screwing me over?
Paul Sztorc: Well, I think it's fundamental to the nature of the blockchain or whatever, but one of the things when you activate on the slot, this has to be optional because there's no way of enforcing it, but we ask people to put the name of the sidechain, a little description, and then some of these hashes that determine what the software is, like version one of the software basically.
It happens to be the case that that software is what's going to calculate the real withdrawal, the real thing that has to get to 13,150, and so the only way to know what the real withdrawal is is to run the software. If they do an update that happens to be a hard fork of their sidechain, then almost certainly the withdrawals coming back won't necessarily be the same, and then that would probably just throw the network into chaos.
But I think the real answer is nothing, because you want -- I just gave you a great answer why that would be impossible for them to take the coins in that way, but really it's the same situation as when you buy Bitcoin in the first place, it's like you are the user and they have to entice you over there. You say, "I've got my layer one coins", and they have to say, "Come over here to BitZ land".
Peter McCormack: Would BitZ then have a similar kind of soft fork version in --
Paul Sztorc: Yeah, that’s what I'm trying to say, yeah.
Peter McCormack: Where are the holes for you? Is there anything you've spotted?
Danny Knowles: I don't think so that you've not brought up.
Peter McCormack: Have you searched, "Criticisms of…"?
Danny Knowles: Yeah, and it's changing the protocol, I guess is the big one, like the soft fork; is there any risk to that?
Paul Sztorc: We can certainly expect that once people create the sidechain, they're going to want to keep upgrading it because this is just the software -- it just always updates, right, people can't stop themselves, even when they shouldn't do it, so we will be updating. The soft fork I see as an institution that protects the user though from the developer, because it says basically you can change these things but you can't change too much or the different versions of the software will no longer cooperate.
Peter McCormack: What else have you found?
Danny Knowles: The other thing that I think is not really a technical question, it's why developers will build on it; how would you make money building on this?
Paul Sztorc: Yeah, I think that is a good question, but again I would like to go back to the idea that a lot of these people behind the good altcoins, this is an opinion, but they really seem to be driven a lot by their own creativity, they wanted to make something new and they were inspired by something. In a lot of cases, they did a lot of the work before even becoming an altcoiner. If you choose to make a new thing, you can maybe give some of the coins to yourself and you can do these different funding models.
Peter McCormack: But the thing is, Bitcoin has to attract developers.
Paul Sztorc: We have the exact same problem with Bitcoin.
Peter McCormack: Yeah, the exact same problem with Bitcoin, you have to be funded.
Paul Sztorc: Well, you have a rich sponsor or something, and people do do it. I think, like Roger Ver used to do this type of thing, and other people do other something --
Peter McCormack: There's load of funding.
Paul Sztorc: Yeah, in fact I think the real problem is not the money in our industry at all, it's just sorting all the good ideas, so we're kind of improving on that way because they'd say, "People won't go for an idea like this to work on as a developer unless they think users will actually use it". So they have to keep in mind the user when they're creating the software, which I think would be much healthier then.
Peter McCormack: Could it fragment Bitcoin development?
Paul Sztorc: What I really think Bitcoin development should do is, we should get better at being conservative on layer one. My ideal thing would be to put BIP 300 in and then just ossify layer one. If I could have my own way, then the vision would probably be to have some kind of ossified layer one and then even two competing versions of Bitcoin Core, like a kind of liberal conservative version or something where one would just start merging things soon after they're invented and then maybe the other one would catch up later, but there's a least some recourse or some feedback.
You want to have some kind of feedback loop where, if development is too slow, then people would move the coins to the more liberal world, and if it's too fast and it's making mistakes and people are annoyed by that, then they move back. So, I don't think we'll ever agree on what you might call meta-consensus, like what the blockchain should contain. I think people will probably continue to disagree about that forever, and I think that sidechain's sort of an escape valve for that.
Danny Knowles: I think most of the critiques are around the fact that it actually requires a soft fork and, if you don't want it, then why would you want to signal that you did want a soft fork if you don't want to use drivechain?
Paul Sztorc: Yes, this is another unfortunate thing is that, in 2015, this was not such a big deal. In 2015 alone, I don't know if my memory's going to serve, but I think we did three soft forks in one quarter, and we did maybe five in the whole year; that was the year of scaling.
Peter McCormack: There are more risks now, more at stake.
Paul Sztorc: So at the time, I was just kind of like, "Whatever", and then now, as you know perfectly well, the modern version is to suggest any change to Bitcoin at all is moving a button that triggers an atomic bomb or something.
Peter McCormack: But, Paul, we've got a lot more at stake now than in 2015, we're hundreds of billions more in value.
Paul Sztorc: Yeah, I see why people are more conservative now, I don't necessarily think it's very wise though, if you really think about it. There's a risk of going without it as well, which I think Ethereum gains on Bitcoin very slowly, in a cumulative sense, then I think why take the risk of anything? Like if an NFT on Bitcoin does really well, who cares about that, but if an altcoin does really well, then people start to get worried.
I think this a lot of why people spend so much time on Twitter and a lot of time listening to podcasts, is because they're vigilantly waiting to see. There's no limit to how good of an idea people can have tomorrow, they're waiting to see, will there be some crazy idea, like the entire Government of Russia launches its own cryptocurrency or whatever, and they'll be like waiting for that.
Peter McCormack: Well, I like the idea that there are not new coins created, I like the idea. The one thing I really like about it, it takes away the incentive, the monetary incentive to shitcoin, it makes it purely about development, I like that. Everything else, I can't judge until I speak to some other people, just that I know. What's the pushback you've had? You must have discussed this with senior Bitcoin people.
Danny Knowles: Does it actually remove the monetary incentive to shitcoin, because the money's still there if you want to go and do it somewhere else?
Paul Sztorc: What a shitcoiner will say is they'll say, "Buy my new coin", and then the user will say, "Why?" Then they'll say, "It has feature X". But in the sidechain world, Bitcoin could also have feature X. Then sometimes what the shitcoiners say is, "Well, I would have loved to put feature X on Bitcoin, but I couldn't because of such and such", they use the Bitcoin development processes like a scapegoat. That definitely could not happen in the sidechain world.
I think some people do say the reason that people shitcoin is because shitcoin uses an infinite source of money and, if that's true, then nothing is going to stop them from doing that, especially not my tiny little BIP, but it's not really true though. They need their pretexts in order to do the shitcoining, I think.
Peter McCormack: I think some people shitcoin to premine, bring some to market.
Paul Sztorc: Those people will just shift to doing like NFTs or they'll go back to pumping stocks or something.
Peter McCormack: And then I think there are some people who shitcoin because they believe in what they're building and it's different; both can exist. But what you can't do, when you create your sidechain here, Danny, you're not creating a whole bunch of new coins. It starts with zero coins and it only gains coins by people putting Bitcoin into it.
Danny Knowles: No, I totally get it, I just think that the market will -- like if you were going to start a project, and most shitcoins are premined, right, that's to fund the development for however long. You've got to go out to people who are willing to just give you money to try and build a project; that's a lot harder to do.
Peter McCormack: Well, it's just like Bitcoin, so it will follow the same funding model of Bitcoin. Chaincode Labs might go, "Do you know what, let's build a sidechain".
Danny Knowles: So you'll always be behind and then you're losing on the network effect.
Paul Sztorc: Well the thing is, it's very easy to copy the altcoin though. So, if they do some kind of weird thing to fund development or fund any other kind of software -- when we did the Zcash, we created the sidechain so that as they update Zcash, we can just pull the updates over. So, you're really being very much like a parasite on the altcoin. It's sad, it's kind of like a "live by the sword, die by the sword" kind of thing.
See, that's the thing, Monero has much more traction than Zcash, but Zcash, the code is more similar to Bitcoin so that we can do that, but also I think Zcash is sort of stigmatised by they have that weird tax in there. So there's other reasons why Zcash would be better than Monero if it weren't for weird community reasons, is my suspicion.
Peter McCormack: My understanding of the criticisms of Zcash is it kind of is a company --
Paul Sztorc: Right, all this is true, yeah.
Peter McCormack: -- it did have the tax; and I think the other one is that it had shielded and unshielded transactions, and there's a Sudoku puzzle to actually crack it.
Paul Sztorc: Yeah, the Monero people love the whole "private by defaults" meme, so they run with that, but I think that's a little overblown because, think about it, you can always opt in to less privacy, so everything is always --
Peter McCormack: Isn't it like a Sudoku puzzle to try and crack Zcash?
Paul Sztorc: Well, what do you mean?
Peter McCormack: It's been years since I listened to this, I'm sure Laura Shin did a show about it once whereby you can crack the private transactions but it was like a Sudoku puzzle; if you've got a little bit of information, you can then start figuring out what went to who.
Paul Sztorc: Well, yeah, it is. Relatedly, I think a lot of people misuse Zcash. So actually, in the sidechain, I built a GUI thing that I call Melt/Cast which, again, this is a purely cosmetic thing in the GUI, but that is to stop people from misusing. A lot of people what they do is they take 13.123 Bitcoin and they put into Zcash, they swap it for Zcash on whatever, an exchange, then they put it into the Z address and then, 10 minutes later, they pull 13.004 coins out, and then they think that they mixed the coins or something. I think a lot of people misuse their privacy, so I made it two buttons to click, did it the right way.
Peter McCormack: So what's the pushback you're getting?
Paul Sztorc: You should get it from them. My honest opinion though is that a lot of it is irrational or psychological or something where people think, "Well, if it would give Roger Ver and Vitalik what they want, then there must be something wrong with it". I think a lot of people can't --
Peter McCormack: I don't buy that.
Paul Sztorc: I think another thing is that, like I said before, people feel really responsible, they want the code to be pristine and they trust the Bitcoin Core developers.
Peter McCormack: I believe that.
Paul Sztorc: This is shifting to a world where it's kind of like anything can go, you send it to a weird sidechain, and inevitably someone will do a sidechain that has a mistake or something bad will happen over there, and then people think, "Well, our reputations are all going to be on the hook for that, so I'm giving a blank cheque or a blank slate to all these people". They think, "Well, we don’t want something to happen"; of course, that happened anyway with Celsius and things where it had basically nothing to do with Bitcoin at all, but they're still tarred by it.
Peter McCormack: But that's different.
Paul Sztorc: Exactly, so I think that's another thing.
Peter McCormack: I wouldn't use the Celsius as an analogy; I think that's different.
Paul Sztorc: Well, I'm just saying things that can affect the brand, the Bitcoin brand.
Peter McCormack: Yeah, but again, I think that's different, but I do buy that as a reason not; that was one of the things I brought up. Do you think there's any kind of protectionism around Liquid with this?
Paul Sztorc: Well, I think people maybe are afraid to go against -- they see Blockstream as representing a kind of centre of gravity for the technical consensus, and they just think, "Well, do I want to poke the dragon or something with that?" They probably think, "Maybe not", I don't know; it could be related to that, I don't know. I ask a lot of people and they'll say something weird, like they'll say, "Well, I don’t really have any problem with it, but I think other people have a problem with it", they do like a round robin and you can't quite nail it down.
Peter McCormack: Have you got any high profile supporters?
Paul Sztorc: I don't want to get them into trouble and name them or something, but I think most of the elite people at the top -- I think Adam Back has always been a supportive tweeter and even other people I think, you know, Roasbeef at Lightning and stuff, so I have a lot of people at the top and then people beneath them in the pyramid, they're critics. Why should it be about who supports it? I don't know, I guess it's because a lot of people just can't understand the technology itself.
Peter McCormack: It's getting that social consensus around it.
Paul Sztorc: Yeah, well I agree with that, I agree that it's the wrong thing to do. The idea's been around for a while and I agree that it's the wrong thing to do to force it on someone if they don't consent to it, and they can't really consent to it unless they understand it, right; it has to be informed consent, but we do that anyway.
Like with SegWit, you were talking before about how people understand, people have to be talked into the soft fork and it's a big process, but many people supported SegWit. For a while, when it was clear they didn't understand it at all, even years later, they didn't realise that it was a blocksize increase, they didn't realise that it changed it so that a transaction that had used more bytes could be charged less in fees than a non-SegWit transaction that used fewer bytes. So people clearly didn't understand basics about it all and they went for the Twitter likes, they would just go along with it.
Peter McCormack: What about Matt Corallo and Andrew Poelstra, what do they think?
Paul Sztorc: Well, I think Andrew Poelstra is not really a supporter per se, but I don't know, you should ask him recently, I mean he was doing the "miners can steal" thing or something. I think a lot of this was, like Peter Todd came out with the "miners can steal" as like a meme after Blockstream published the SPV proof, and then they did another thing.
Deep in the technical community, there was this belief about merged mining that I think is backwards of the truth. So I think that that's part of why they abandoned their Appendix B and their sidechain aspirations, because they were like the merged mining gives an incentive for miners to run full nodes of all the sidechains, and of course all the altcoins that are already merged mined today, of which there are dozens. So, this is supposedly a bad thing because there could be an unlimited list of sidechains that would be profitable alone, and then they're basically forced into running them.
But this argument's sort of backwards because there's an unlimited list of everything that miners have to do in order to stay competitive, whatever. If someone is doing the natural gas flaring and you're in a similar situation but you're not doing it, then that eventually becomes mandatory for you. So, really everything is mandatory and they have these costs and revenues.
Peter McCormack: Well, what happens if they don't?
Paul Sztorc: That's the point, it's really no different than any other business decision they would make, they'd look at the revenues and the costs and the risks and they would just decide.
Peter McCormack: Whether want to run that as such.
Paul Sztorc: Whether they want to do it.
Peter McCormack: Yeah.
Paul Sztorc: There's just no difference between running -- the prejudice is because this particular mining activity takes the form of blockchain software, that's why people thought they were responsible for it. So, this idea of responsibility, I think, is big where people think they're going to be responsible for everything that happens, but I think that it's a mistake, they have to take out a piece of paper and make columns and they'll realise they're not responsible, Bitcoin developers are not responsible for what miners do.
Miners are going to invent all kinds of wacky techniques, and for years they already were doing their own weird software stuff. They all shared a mempool at one point, they were doing what's called SPV mining, it's going to be really confusing to keep using this abbreviation, but they were doing a different type of mining where they weren't validating that led to this event in July 2015, I think; they were doing this thing called spy mining. So, they do all this stuff, they're specialists in their own field that is basically unrelated to this.
The only important thing is you want to keep the layer one node very cheap to run. I think ideally you want to ossify it as well, because plenty of people, such as Luke Dashjr, they think you have to always run the latest version. Then I say, "Well, how do you know what the latest version is if you're not involved in a technical community?" and then Luke will say something like -- I hope I'm not misrepresenting his view, I think I'm representing it accurately, but he says basically something like, "In order to really run the Bitcoin node, you have to be involved in the technical community", and then it's like, "Well, you know". But then you understand that makes running a full node really expensive.
Peter McCormack: But Luke thinks 70% of bitcoiners should be running a node as well.
Paul Sztorc: Yes, right, and I even ask him like, "What about people who would never become bitcoiners if they were ramped up, and they start with custodial and then they go to SPV and then, three years later, they're on a full node, but without the ramp, they would never make it?" and then there's just nothing to say to that, so I don't know.
Peter McCormack: I don't know, man. Is there anything that we've not covered in this?
Danny Knowles: Just one quick thing, I understand the moral thing of wanting to build everything on Bitcoin, but if the idea is to go out into the altcoin market to see what you think is cool and then take that code and build it on a sidechain on Bitcoin, does it just become like a morality test to shitcoin? You like prediction markets, right, so if you go out and you take Augur and you copy that code and you put it on a sidechain, why not just use Augur?
Paul Sztorc: That's an ironic example because, you know, I created Truthcoin as a sidechain of Bitcoin before there were sidechains, and Augur is a fork of the Truthcoin project. But the reason why is because everyone would rather use -- it's the Metcalfe's Law, it's the network effect of money is that people are not going to want to use all these different forms of money, do you know what I mean?
Danny Knowles: Does Augur not have network effects in the price prediction market?
Paul Sztorc: There's a difference between what you would use as money in these markets. All the sidechains would use Bitcoin as money, they pay the transaction fee in Bitcoin. There could be other assets and other things trading on there, like NFTs or other markets, you know, other derivatives and things, so those would be their own thing and they have their own price, of course.
The real reason is because the sidechain equalises all the tech, so now the monetary network effects are really all that would remain. So, if you're the smallest one, this is a very old anti-altcoin argument, you're the smallest altcoin, you're in a kind of Mexican standoff where it's like, is this network going to be around? So, then maybe people move from that to the second smallest, and that smallest one dies, and now you're the new smallest, and then everyone's thinking two steps ahead, so there's a rush to get into the biggest coin.
The sidechain idea is to equalise the technology so that that's not a basis for competing at all. So you just say, "Well, I already own all this Bitcoin and I can now use it in any of these projects if I want to use it". But then, as an investor in a coin, you think, "Well, I've invested in whatever it is, like Zcash, the coin" but Zcash, the coin, now, since anyone can do what Zcash is doing, then you have to wonder about, "Why am I holding the coin? I must be holding it for the monetary network effects".
Danny Knowles: Yeah.
Peter McCormack: Makes sense?
Danny Knowles: Yeah.
Peter McCormack: Sweet. Anything we didn't cover, we didn't ask you about?
Paul Sztorc: I don't know, I don't think so.
Peter McCormack: So, tell me your background!
Paul Sztorc: Do you really want to know? I used to work in academia, I was a statistician.
Peter McCormack: Okay, makes sense.
Paul Sztorc: I was a statistician at the Yale Department of Economics for two and a half years and then I did some other things before that that are kind of boring, but mostly was right out of school into that, which is being a statistician. Then I came up with the Truthcoin prediction markets idea that later became several projects, including Augur, but it's still waiting at Bitcoin Hivemine for sidechains to come to Bitcoin, so it has its own great project; you could do a whole another episode about that.
I think the prediction market is way misunderstood and misused and, as soon as the people put the pieces together the right way, it will be better than the printing press was for the Middle Ages so huge potential there, that's going to be a great sidechain by yours truly one day maybe.
Peter McCormack: We'll do that show.
Paul Sztorc: So I wrote that and then Roger Ver hired me away to quit a long time ago. That was how I got into Bitcoin, via the Roger Ver experience or whatever, and then that was that for only a little while, for a year and a half, and then I did some more things.
Peter McCormack: We can cover that though; I'm interested in prediction markets. Let's get you back on next time I'm in New York.
Paul Sztorc: Okay, cool.
Peter McCormack: Also, you look a lot like my brother, which is really weird; I don’t know if you noticed that, Danny?
Danny Knowles: No, I didn't.
Paul Sztorc: Oh my gosh.
Peter McCormack: Yeah, you look a lot like my brother. Okay, if people want to find out more about drivechains, where can they do that?
Paul Sztorc: Yeah, at www.drivechain.info.
Peter McCormack: That's it, easy as pie.
Paul Sztorc: Go out there.
Peter McCormack: All right, man, well look, appreciate you coming in, sorry we started late. I understand a lot more about it now and I think I know why I like it; I like it for the thing that you're unsure about, Danny, but I do like it. I like that fact that it just gives me one currency to go around and do all these other things, I like that a lot so that's cool. All right, man, take care.
Paul Sztorc: Thanks.