Shall we?
Let's do this shit.
Let's fucking go.
That was a test.
I liked it.
Flash hash is here, everybody.
We're back.
Three topics, two minutes, a piece to talk about them.
We'll see if anybody actually has anything to say.
You're gunning for this today, Dee.
I'm so ready.
I'm so ready.
I'm on a little streak.
Okay.
Well, seeing as you're feeling like a winner, even though there aren't none, in Flash hash,
we'll start with your topic that you brought to the table today.
I'm winning with a topic, are we?
We're not.
We'll still, oh, Corey, get in the drink.
We like that.
We will start with Corey just because we always do, and he's right there.
Dee got himself hacked on my logo.
Was that how you say?
My algo.
My algo.
My algo.
It's a token for Algorand.
There it is.
So how does this happen?
What can you tell us about?
Or Dee's predicament if you have any theories?
You're two minutes.
You're two minutes.
You're going to go first for this one.
No.
Oh, he hasn't talked about that.
Yes.
He doesn't know anything.
Oh, me?
I know.
The gist of it.
And that is stop fucking making web wallets.
Like that's the gist of it.
It's, and this is something that I retweeted when it, when the, like, we don't know what's
going on.
Tweet, tweet happened.
And Taylor Bonahan from formerly my crypto into MetaMask now basically said stop and
everything, between every single word with some F bomb drops in it.
Stop making web wallets and storing sensitive material in local storage of your browser.
If there is any compromise whatsoever to an extension or something and have access to
all those secrets and it will take your, it will take your quiz.
And that seems to be the case.
I don't know the specific details of how they got access to your local storage and how they're
able to take these things.
Or if it was something that was internally for my ego, but for being an academically based
chain and one of the most popular wallets in the ecosystem, such ridiculous security,
like poor security protocols of the most risky part of the entire ecosystem, the wallets
is unacceptable.
And people keep doing it over and over and over again.
And it's incredibly frustrating coming from reasonable security background to see people
just making web wallets that are susceptible to hacks like this.
And the users are the people that have that pay.
So like you get an announcement and you're like, you should move your funds and you try
to move your funds, your wallets are gone, your funds are gone because of very shitty
development practices.
So yeah, like I don't know the full details, but it's the same general situation.
Stop fucking making web wallets.
Okay.
Beautiful.
See, plenty, plenty to say.
Now, um, D maker of the fucking web wallet, two minutes to defend yourself or talk about
your trauma string.
I made the way wallet.
I didn't make the way wallet.
Um, whole, I do need a little bit extra on clear something up.
My logo, which you talked about is actually a company based in Silicon Valley, where you
send your stool samples to you and they'll tell you if you're healthy.
No way.
Huh?
It's a joke.
It's no company called my logo, but duty.
So anyways, let me get my time now.
All right.
So first of all, I'm not the maker of the web wallet.
I did create a wallet with this platform.
It's my algo and stay away from it.
My algo was the premier wallet that was basically supported and pushed out to the public by
the Algorand foundation.
It's basically where you start.
If you want to get your feet wet in Algorand, kind of the same way as the way you want to
start.
If you want to get your feet wet and avalanche, but there's differences there.
There's not too.
So it wasn't my fault.
It was my algo's fault for storing the secret phrases to your wallet on one of their certain
one of their systems and one of their processes.
And that's what the hacker got a hold of.
That's what Taylor Moynihan pointed out at the middle of last week.
She was like, oh my God, why do you, everyone keep doing these stupid mistakes and came
a big deal.
And at that point in time, you know, I was like, well, it's crazy.
That's what I use.
And then Friday, Thursday night they sent out a tweet that was like, hey, you need to move
your stuff off there right now.
And it was late.
It was like 10 something at night.
I'm tired.
Growing ass man.
I got kids.
So I was like, fuck it.
I'm going to do it tomorrow.
As soon as I got home from work, 10 minutes later, somebody had moved, they sent a transaction
out because they took the secret phrase, recovered my wallet on their system and move
the money out.
All that being said, I would say it's frustrating from a user standpoint of you that they have
to, that's what I'm saying, crypto is creating plumbers that I have to have this extensive
knowledge of these things in order to just operate.
That's what's tough.
As soon as you get too detached from crypto, too far from crypto, you get a little bit behind
and you're not keeping up with things.
And then the same loss I've had to do, I'm almost done.
I'm almost done.
I'm almost done.
You're done.
I gave you that little extra time because you want to explain, but just like wrap your
thoughts up.
Oh, just don't get behind in crypto as a user right now.
It's not a good look.
You're going to lose some money.
Period.
Although I have a question for you, so you saw this tweet from Taylor.
Oh no, and then didn't do anything.
Well, it wasn't a significant amount of money, right?
So I was like, I mean, it was, well, it was money.
It's money that it sucks to see go, but it is what it is.
And no, I didn't do anything on the Wednesday because it's like one of those things where
it's like, is this super serious?
It's not super serious.
It's sometimes hard to navigate if you're not like if I were Corey and I saw this tweet,
I would have shut everything down, went to my wallet, rekeade, new wallets, done everything.
But for me, I was like, I'll say, is that that real serious?
She even put a snippet of some code and I was like, Oh, cool.
Great.
I don't know what that means.
So I was going to sit this one out.
And then that's when my alga was like, Hey, find a warning.
We fucked up bad.
We don't even know how.
Here's the thing.
Can I answer this?
That's like why he shouldn't have had to respond is that off sensibly your keys is your crypto.
He should not have had to worry because if he has his wallet, and usually use web wallets
for some username and password or you use your seed phrase, if he has a seed phrase,
people shouldn't have access to those things unless you're actively trying to use it.
Right.
And that wasn't the case because of the way they implemented things as a wallet.
They had access to those things.
And someone got access to those things and stole his money.
So like it wasn't self custody, even though it looked as though the self custody.
That's the bullshit.
See, I didn't.
And that's a poor shit.
Like, it makes me angry, but like whatever.
Every first time I've been hacked in a decade in this industry of it was so surprised me.
I'm upset with myself for not like for that one decision I made to go get some sleep instead
of stay up and create a new wall and send a transaction.
Which literally takes what Jesse five minutes stops, create a wallet, write down your seed
phrase, store it, boom, you're good to go, send the transaction.
That five minute decision cost me a lot.
It'd be fair to be fair.
I waited even after you and I still wasn't hacked.
Right?
I was like, maybe take a look into what's going on here because D got hacked and maybe I got
hacked and then I check the wallets and I'm like, ah, the balance is still there.
It was only a few hundred dollars.
So I mean, that's why I was a little bit, you know, yeah.
So like I was like, yeah, it's fine.
And then I just reached and moved on with my life.
Yeah.
I don't know.
Yeah.
So it's locally stored, right?
So it's locally stored in your browser and it's encrypted.
And I seriously doubt that however, I mean, yeah, I haven't verified it.
I mean, that the way that they stored it is actually secure.
Um, but yeah, I mean, it theoretically, you know, Corey's right, they shouldn't have
had access to the seed phrase.
And he shouldn't have had to immediately like take action after seeing that tweet from Taylor.
And you know, my myself personally didn't even take action.
So yeah, it's just, it's, that's kind of dumb.
Yeah.
It's not really much to say about it.
You ever been hacked or had anything happen to you?
No, no.
Leave the algal in there who find out.
I read it.
I think that's the way.
Nothing's stolen from me.
Yeah.
I'm so, I'm so bad in a hundred here.
Yeah.
Keep it up.
Sure.
I felt that I was doing all things right.
I know Dr. Petty worked in security for years, gave me all the good advice, told me don't do
that.
I was using vanity addresses.
I wonder if that's the reason why I wasn't affected.
I mean, like, here's the thing.
Like, if I doubt, I seriously doubt that they had access to the secret phrase that was encrypted
in the local storage of your browser.
I think it's more likely that somehow in the governance process, they found a way to
like abuse reusing the signatures.
I think that's more likely to be what happened rather than they figured out your seed phrase.
And they just like signed a transaction center, your crypto out.
But yeah, I don't know.
My condolences, TD, that fucking sucks.
That's all good.
That was Joe's vacation money.
No vacation for you this year, baby.
Oh, my condolences.
Even more.
You've got somebody in your house.
It's upset.
All right.
So we're going to go to our next topic.
We have a Corey's here.
Ethereum, that's a lot.
So smart accounts launched at WalletCon.
I don't know what's going on with it.
Corey, do you use your first?
What is this?
Why is it cool?
It's not.
So this has been a conversation in the Ethereum ecosystem for quite a while.
Right now you have two types of accounts.
One is a user account, EOA, so it's a bit referred to and one is a smart contract account.
So it's basically like, what is the thing behind the thing holding money?
Is it a human or is it a smart contract?
And that's it.
It's pretty rigid.
And how the human is able to control their own account is rigid.
There's only one way to do it.
Smart accounts is the concept of account abstraction, meaning that you have a general,
a more generalized blob of what a user or account is.
It allows you to add a lot more kind of code or context to what a user can do with it.
So you're not stuck on a specific curve, you're not stuck with a smart contract.
You can do more general contract and multi-sig stuff.
You can do all kinds of various things that represent an account on Ethereum.
So at Wallachon this past two weeks, when we or whatever, they announced some of the
work with the EIP or ERC-4-337, which is the specification for such a thing.
And it seems to be moving forward.
So I think you're going to see this on Ethereum.
You're going to see it on a roll-up first.
And it seems as though that's the direction things are moving, is you're going to get
a lot of L2 roll-ups with this concept of account and projection.
And then most of the users and variability and things that we want to grow will be on
those things and we'll just use Ethereum as the base layer for just in case people need
to leave an L2 or whatever.
And I thought that was, it's great to have this thing moving forward because I like the
idea of account abstraction and give people a lot of variability with what an account
is and how they'd like to secure an account or make them more user-friendly or do all
kinds of interesting things.
And it also adds a lot of privacy.
So cool beans.
Cool beans indeed.
All right, Dee, you seem pretty excited about this one as well.
You're two minutes starts now.
Yes, I am excited.
I'm very excited because I'm going to tell you why.
Because the claims, the bold claims are that you can abstract some of the biggest friction
points for gaining users and educating the public on crypto.
You can abstract that away.
Right?
If you can imagine the number of eyes I've seen glaze over when I start talking to them
about create a wallet, there's going to be words, 25, 24, 12.
There's going to be a combination of words.
You have to write those down.
You have to store them somewhere.
Where's a good place to store them?
Ironically in a bank, but I don't want to have that conversation.
You want to take those four words and you want to write them down and you want to know
where you wrote them down, you can keep them forever.
How do I keep them forever?
I don't know.
Do some chemistry.
Find out.
Put it on paper.
Paper wilts.
Okay, we're not going down that track.
Keep the words.
How about I just copy it into Google Docs?
Don't do that.
Why?
Internet problems.
Don't do that.
Very tough conversation to have.
Some people just get it because they're like, oh, cool, cool.
I got to save this and write down cool.
Done.
That's worse than just going to a bank and giving them your ID card and being like, hey,
can I get a bank account or my ID?
I'll be like, yeah, no problem.
There you go.
So I feel like if we can do this successfully and you can not start onboarding users to
a better experience with skipping those steps, then we're headed in the right to a bank.
That's the direction.
I don't know what that does for privacy.
I don't know what that does for centralization.
The centralization, all those other things.
What I do know is that we can get past that friction point and people start to get just
ushered into great user experiences.
That's that's a bold leap.
What did that guy say?
Moon guy?
What do you guys say?
One small step for mail.
That's what I'm talking about.
Now, Chris, just a silver lucked out.
I'm going to throw it up a little bit.
One small step for crypto.
One giant step for mankind.
Oh, shit.
Well, your time is up.
His pulling face is this whole time.
Yeah, he was he looks like he's going to shit on what I said.
But I want to hear what he asked to say.
What kind of things do that bro?
You look just.
You read the two reading face.
Sucking the mouth into your mouth.
Like what are you?
Yeah, I'm like, I suck my upper lip when I'm like focused on trying to get it.
I understand what the hell is going on here.
So this sounds pretty cool.
Like what D is saying, like the claims that you're able to abstract the lead for having
a seed phrase, which is what was compromised in D's my algo situation, right?
But in terms of like, how does it how does it how does it work?
Right?
How what is making it so that you just need like a a password or like a face scan or a
thumbprint like and it looks like, I don't know, I have no idea.
Maybe Corey has some idea, but it looks like it enables like essentially a multi-sig, right?
And I don't know what this butler thing is, but this looks like some sort of like validator
in a separate like it participates in a separate men pulls what I'm reading here.
And I'm just trying to understand if the threshold in which the multi-sig is set up for this
smart account situation is such that you as an individual don't actually have the minimum
signatures to cross that threshold by yourself.
You need some sort of like trusted party, but then they mentioned that these bundlers,
if this like whole bundler, whatever, whatever, I don't I have no idea what this is.
If that's like decentralized, then you no longer need like it's it's a trustless setup,
which I still don't understand because if I were to set up a multi-sig right now, I would
need I would need to own the majority of the signal of the of the private keys associated
with assigning a transaction to meet the minimum threshold to like move things or to do anything
with whatever the balance is with associated with like an address or an account.
Like for instance, we have a multi-sig in Algorand and you need two signers of the three people
involved in order to do anything with that.
And so I'm just curious how this actually works under the hood and if this is actually
a decentralized solution for users.
That's not how we set ours up three of three.
Oh, three three then, whatever.
I forgot.
I don't know enough about it, but it abstracts away the concept of a transaction a lot of
ways.
So like how we think of a transaction gets broken out into a bunch of series of steps
with different people.
And this separate network is basically a transaction building network of who's doing
what on what?
It's like, I think we need to look into it.
I think we need to.
I'll pass it out.
Dig pretty hard and hash it out as Dee just said.
Figure it out.
I think it's like how it works has a lot of different implications.
If you think about how like a mast works within taproot, I think it's pretty similar.
I have no idea how much syntax trees.
Yeah, it's like, I think it's probably pretty similar to that.
Basically you have a bunch of options on how you can do things with a bunch of different
primitives and how you put them together and they end up people bundle all together in
some way, shape or form.
And then it points towards a given contract address and does that thing.
So I mean, it's just trying to figure out a way to abstract a way, the rigidness that
we have with how transactions are built today, right?
And how would an account is?
And that's all based on the same cryptography.
So we can figure out a way to just say like, this is how you do a state change on the EVM.
And then right now we only have two main different ways, a smart contract or a user sending
a transfer.
We're taking those two options and then generalizing as much as we possibly can so that we can
say like, all right, here's the instruction set of making a change to this contract.
And how we build that transaction to make that thing becomes way more generalized with
more people so that maybe in the process of making what's what we will call an account
becomes way, way, way, way easier.
And this is me intuiting how this works because I haven't read the EIP.
And I don't know what I'm talking about.
Yeah, I'm just going to read this back.
All right.
Maybe we'll do something with it in the future.
Stay tuned, everybody.
We're going to just throw it back.
We're going to do it in reverse now because reverse.
Fair enough.
Two minutes.
I mean, you seem like you were really into it.
I know.
But it's like letting you go for a little.
Thank you.
Thank you for letting us talk.
Eventually, because you were actually on topic, it wasn't like a squirrel.
Something else.
So Jesse, you wanted to talk today about dark five because he said it's a lot of cool stuff
happening.
Well, it's a particular cool thing.
Two minutes starts now.
Great.
So in terms of the narrative behind this project, it's very similar to like what Corey, myself
and recently D are going to be working on or have been working on.
Can Christian?
Yes.
And yeah, so it allows you to do a lot of different things when you have like privacy
in an L1 or it's not bolt on.
Like you can have a private doubt, which is something that Corey brought up in the last
podcast episode and why it may be necessary in order to obscure, let's say, treasury balances
and in terms of like what he brought up again, like the constitution doubt stuff.
It also allows for better, like sometimes you don't want full transparency.
Like in the case of like Ethereum or Bitcoin, you can see everybody's like essentially account
balances.
I don't know, I feel like I'm not good at arguing the need for privacy in terms of your
data.
I feel like Corey is more that kind of person.
Maybe he can like elaborate.
Am I turning up?
Does that it?
Is that it?
Yeah.
Yeah.
That's done.
Right.
Well, there's if somebody needs it eventually about 30 seconds left of Jesse time.
So we're going to, I'm just throwing away.
We're even going totally backwards.
Corey will jump to you so you can expand on that or get your own thoughts.
Your two minutes starts now.
I think that it's reasonable to talk about the difference between this like two viewpoints
of this technology and why it exists.
One is one group of people are often called solar punks, which is like heavily optimistic
regenerative finance.
How do we come together and do stuff together that's great and we're going to change the
world through making it easy for people to collaborate and it's going to be awesome
and no one's going to stop us.
Everything's transparent.
We're all in the open.
It's beautiful.
Are you going to make a beautiful world?
There's dark fi or like this, what's the call call?
The opposite of that, the solar punk people, which is people will fuck you.
They're all out to fuck you.
And so you don't let them know what's going on.
In order to actually have any level of sovereignty, you need privacy because if they know what's
going on, they're going to manipulate the system and take it from you.
It's to avoid censorship.
A lot of it is exactly that, to avoid censorship and to actually provide what would be called
centricive resistance in these decentralized networks.
Dark fi, which is the project run by a guy named Amir Taki, which as a part of logos,
we are friends with him.
I would call him co-opetition.
We're all in the same kind of boat of you don't trust others or you shouldn't trust others
at the foundational level.
And so he's built a project called Dark Fi that has privacy as a primitive, as default.
Everything they do is basically saying like you don't disclose things unless you explicitly
disclose them to other people.
And yeah, it's great.
I mean, I think they're doing a good job.
They definitely run with the narrative and he's real militant and they've got a whole
thing going that's probably a little too dark for me.
But I'm definitely down for the cause.
It's way more into the things that I'm into than the solar punk folks.
Is there a middle ground like solar punks dark?
Fi is there just like Stan in the middle?
It's like I said, like the technology.
Not in the bull sci-fi narrative.
It's true.
Different viewpoints of the same technology and why it's useful and why you need it, right?
And so like I think that's the interesting part about it is that some people think it's
useful because they're trying to mitigate assholes.
And the other people are like, we're trying to come together and build collaborative technology
that allows us to overwhelm assholes versus completely mitigate them in some way, shape
or form.
And so people are like, we should hit the article versus we do.
I don't know what hip the opposite of hippies is, but like this.
Opposite of the.
Anarchist.
Yeah, I mean, yeah, there's a lot of that, but like they like order.
It's just it's like not from the top.
Which I think is also anarchy.
Well, Dee, what kind of anarchist or hippie are you?
What are your thoughts on the dark?
What kind of hippie am I?
Well, I'd lean warshrooms, less weed, more shrooms.
And then what kind of anarchist am I?
Not one actually to that.
I think anarchy is a goal and not a reality.
Are you really this was just the analogy, the comparison of the two groups you weren't
paying attention.
Oh, no, I was paying attention.
I just I was trying to read this dark fight stuff and pay attention to the topic just
because.
Okay.
So scratch the comparison and just dark fight your thoughts.
Wait, you're asking me like what Corey said hippie or no, I'm kidding.
I'm joking dark fight.
So anyways, dark five.
First of all, the very one of the tabs at the very top of that link said manifesto anytime
I see that word, I kind of check out because in my lifetime, the word manifesto is not
really related to good things that happen to you.
But anyway, so I saw what I started reading it.
I don't know, privacy is a right, right?
I think privacy is for something you should be able to keep to yourself.
Only those that you want to know should know.
And secrets are no one should know, right?
But I think privacy is a right in it.
I think that it's slowly being eroded because of the people that we put in positions to enforce
laws and fairness and righteousness are lazy.
I'll put it, I'll put it like that.
Like there's never ever going to be humans are never going to just like want to tell
an entity everything about themselves.
Things have to remain private and no entity should have the right to look at everything
someone does.
So I think this dark five is just like completely completely making things dark for anybody
who would be surveilling, which somebody should absolutely have the right to, I think, in my
opinion.
That's what I think about dark five.
There's only two minutes.
I actually give you an extra 30 seconds because of your hippie anarchist bit at the top.
So once you get your actual time versus read as the ultimate differentiation between.
I lean so much upon.
Is that it?
I don't know if there's that much difference.
All right, everybody.
Excellent flash hash.
G roll us out.
Yeah, flash hash out.
Flash hash.