{
  "metadata": {
    "transaction_key": null,
    "request_id": "metagov:merrill-metagov",
    "sha256": null,
    "created": "2025-10-27T23:38:01.179344+00:00",
    "duration": null,
    "channels": 1,
    "models": [
      "metagov-manual"
    ],
    "model_info": {
      "metagov-manual": {
        "name": "metagov-manual",
        "version": "2025-10-01",
        "arch": "manual"
      }
    },
    "warnings": null,
    "summary_info": null
  },
  "results": {
    "channels": [],
    "utterances": [
      {
        "speaker": "Speaker 1",
        "start": 0.0,
        "end": 0.0,
        "transcript": "Introduction. Amazing. Hi. Hello, everybody, and welcome to yet another of the Medi Gov seminars. Today, we're joined by Elthau, also known by Nick Merrill, who is gonna be presenting today on Trustware. I actually am not able to stay for very long, so I'm gonna pass over to one of my colleagues, Divya Arzargan. But just to say, I'm very, very excited that we have Elsehow here because the research is incredibly interesting and very rich. And I I watched their video on this net, which is like a kind of look at, like, other internets and the history of the Internet and kind of, like, the ideologies of decentralization. So they have, like, a very, like, rich, interesting kind of perspective on a lot of the topics that are really relevant to MediGov. And today, the topic is on trustware. And I'll pass it over to Altshau who can introduce themselves a little more fully in their talk. And then the format will be twenty minutes presentation followed by a discussion that'll be moderated by either Divya or Zargal. And like I said, unfortunately, I have to go, but I hope everyone has a really great session. Okay? Over to you, Alsair."
      },
      {
        "speaker": "Speaker 2",
        "start": 15.0,
        "end": 15.0,
        "transcript": "Thank you so much for that. So first of all, everyone can hear me okay? A little thumbs up."
      },
      {
        "speaker": "Speaker 3",
        "start": 30.0,
        "end": 30.0,
        "transcript": "Great."
      },
      {
        "speaker": "Speaker 2",
        "start": 45.0,
        "end": 45.0,
        "transcript": "Great. Fantastic. So my name is Nick Merrill. I am a research fellow at the UC Berkeley Center for Long Term Cybersecurity where I direct the DaylightLab. I'm also a core contributor to DOWDAO where I'm known as LSAO, and I serve on the development fund. Thank you so much for being here, and thanks especially to Jordan and Janita who work with me in CLTC and DOWDA respectively. I I can't believe that you don't get enough of me in those two jobs, but but thank you for being here. This talk is called OnTrust where I've been working on it for a little while, and, really, my goal here is to get feedback on some of these ideas. This is very much a work in progress, and I'm I'm eager to think especially what what this group thinks about it. I've seen some of you, your handles and ideas floating around the Internet, and I'm I'm very interested to see see what everyone says about this. So with no further ado, I'm gonna just dive right in here. Orca, a a fellow builder of DAO tooling, recently coined the term trustware, which they define as a subset of digitization that focuses primarily on trust agreements that incur social costs through coordination. And the goal of trustware, and Orca's telling, is to place code at the center and humans at the periphery. Trustware should create assurances around things that would otherwise require building and maintaining social trust relationships. So why trustware for me? You know, sometimes an idea just gets stuck in your head. And I know that, you know, traditionally, I'm supposed to say that the, you know, that there's a a rich amount of discussion and and here's why this is an important thing. Really, intuitively, this this idea got stuck in my head. I couldn't get it out. Trustware. K? So, you know, piece placing code at the center and humans at the periphery, well, as Polanyi would remind us, engineering cannot automate away social forces nor can it automate away their costs. Engineering can reify, amplify, or counteract social forces, but it cannot remove them. And we'll consider as Benzby and and Weber did in a recent piece, which I can follow-up on, Coase's theorem. Coase's theorem predicted that zero transaction costs would result in a perfect distribution of goods. And and quoting their piece, the Coase theorem became the herald of a new and profound laissez faire ideology that didn't just argue, as did the Reagan Batra neoliberal movement, for the reduction of government control of markets. It went further to propose that a society built on marketizing literally every possible social interaction would be more efficient, more sustainable, more fair, and more gratifying and meaningful for human beings. Web three wants to go all the way by ignoring, routing around, and ultimately driving into irrelevance the non market forces and actors that get in the way. It's another utopian or dystopian market world vision. Okay. Listen. Undoubtedly, a naive techno utopianism runs through web three. I know most of us have been annoyed about that at some point or another. Many in the community would wish away or rather innovate away the frictions of incumbent institutions. While that goal remains a pipe dream, there is something to the notion that Web three, let's say, toys with trust. Systems like voting and payroll do with smart contracts what might have been done by human officials. DAOs place code where people might have been. Does trust where place humans at the periphery of trust relationships? My thesis is that it does not. Rather, trust where reifies expectations about how social relationships are supposed to work, making it easier for participants to cohere to those expectations than to subvert them. You might be wondering why I've been showing you a cash register as well. Here here's why. In the psychology of human misjudgment, this is 1995, Charlie Munger, one of one of oh, god. I'm temporarily blanking on his name. Warren Buffett's right hand people. He gave a speech in Harvard's graduating class, and he he introduces this notion. It's an interesting talk, and, you know, I'd I'd mildly recommend it. I'm not gonna overstate the case, but I'd mildly recommend this talk. He he introduces incentive cause bias as bias as a primary driver of human behavior. And he summarizes incentive cause bias with a proverb, whose bread I eat is song I sing. Here here's kind of an intuitive picture of what this means. Now to solve any business problem, management consultants suggest what? Management consultant. Right? To resolve any legal issues, lawyers recommend more lawyering. To progress on any intellectual matter of concern, a peer reviewed paper will always conclude by suggesting further research. Right? The essence of incentive cause bias is this. People are more likely to believe that an action is justified when that action aligns with their existing incentives. And Munger ties his bias to the story of this cash register magnate, John Henry Patterson. We're seeing one of his inventions right here. One implication of incentive cause bias, this is quoting Munger, is that people who create things like cash registers, which make dishonest behavior hard to accomplish and stealing from the cash register, are some of the effective saints of our civilization. Because as Skinner, yes, Skinner, the famous behavioral psychologist in in twentieth century, so well knew, bad behavior is intensely habit forming when it is rewarded. And so the cash register was a great moral instrument when it was created. And by the way, Patterson, the great evangelist of the cash register, knew that from his own experience. He had a little store, and his employees were stealing a blind so that he never made any money. Okay. So why do cash registers work in monger's tale? Because they make it hard enough to steal from the cash register such that stealing was no longer in the service worker's interest. Cash registers were not and are not a provably secure scheme. K? If you're thinking about this in the graphic computer security perspective, there's nothing about a a cash register that that is provably secure, you know, robust under whatever kinds of attack. They are secure enough to counteract the service worker's incentive. They make it easier to comply than to disobey. And, critically, cash registers do not place machines at the center humans at the periphery of commercial transactions, much to the capitalist chagrin, you know, both of those of of Patterson's time and hours. Service sector employment, you know, personing the register as it were, has been stubbornly resistant to automation in all the decades since the cash register's invention well into the supposed demise of brick and mortar that was prophesied in the dot con years. And and the reason for this, of course, is that there's much more to certain sector jobs that are moving traction products around. This is a rich tapestry of formal and informal work that holds the service industry together, really holds all industries together via service workers. So what then do cash registers do? They reify and foresight the expectations about who gets paid first, the boss. K? They're not moral instruments as Munger would tell us. Whose morality prohibits stealing from one's boss? It's the boss's morality. K? Instead, they counteract incentives to do things their designer doesn't want done. This is the essence of trustware. Where trust where is not de novo. Cash registers are a free digital form of trust where one that configured trust to favor the commercial boss. And cash registers illustrate an essential question for trust where broadly. Who is the designer, and what do they not want? So I've written great lengths about this, but identity systems are are kind of a vital facilitator of social trust. It is identities, I believe, natural born persons and also brands with which we, ourselves legal persons, form trust relations. And trustworthiness of any kind must contend with identity. Web three, as we all probably know in this room, that's a very specific notion of identities, and it does there's two it does so through wallets."
      },
      {
        "speaker": "Speaker 4",
        "start": 60.0,
        "end": 60.0,
        "transcript": "It's"
      },
      {
        "speaker": "Speaker 2",
        "start": 75.0,
        "end": 75.0,
        "transcript": "a wallets are a pair of cryptographic keys with a few methods for using them. And these wallets are are, you know, act as singular identities, but they do not necessarily relate to natural world persons. A single person can create many wallets as they like. They are a model of identities, but they are not a model of personhood. Single person can have a lot of them. Now the problem with wallets is evident to anyone who's ever received or sent spam. A single person with multiple identities can distort governance and discourse. In the parlance of computer security, this is called a civil attack. And in the context of DAOs, the civil attack corresponds to the dead people are voting threat model in electoral democracies. Lack of civil resistance, if you're familiar with Juno, I'm a I'm a validator on Juno. And Juno is if you're not familiar with a smart contracting permissionless smart contracting network using Cosmos and and Rust. It was, you know, completely not backed by venture capitalists at all and, you know, completely community run and airdropped at at Network Genesis. The problem is that it was airdropped to stakers on on a different chain, on on Cosmos, on on the Cosmos hub chain. And this created a situation where there was an incentive for someone to do a civil attack. So the so called Juno whale started, you know, staking on on Cosmos Hub using multiple different wallets and ended up with a lot of Juno. And and it was a if you were following a messy governance procedure to actually disinherit this person, their ill gotten Juno and and, you know, of course, it did happen in the end and and definitely was a chink in the narrative popular narrative with cryptocurrencies or some kind of, you know, weird libertarian fantasy where your money is your money forever. No. In fact, governments can take away your money, and and then that also is important to do to to stop governments from being distorted. But it was a messy process, and it was the result of the civil attack. DAOs have been a really established unique person to prevent against these these civil attacks in theory. And in fact, I I go even farther in in this other piece. I won't go too far into now that in theory, DAOs can can provision elections that are at least as as free and fair as a vote by mail schemes and electoral democracy as in the West. So so civil resistance is is, you know, the this ability to mitigate civil attacks well enough relative to some security objective is really likely a frontier for anything that can be labeled trustware. So in thinking through civil resistance, you know, consider this other form of free digital trustware, national identity systems. Now in general, national identity systems roll together two different concepts. One is identity. K? Identity is a coherent set of facts about a person. That's name, date of birth, gender, appearance, biometric data. These all may or may not appear in a given identity scheme. Now the role of an identity system is to map those facts to a unique identifier. That could be a number, you know, face, creating this mapping. A separate scheme that natural identity systems also try to accomplish is unique personhood scheme. Unique personhood is the notion that regardless of who you are, you are only permitted exactly one unique identifier. And the role of unique personhood schemes is to assure that any single person has a maximum of one identity, and that one identity relates to a maximum"
      },
      {
        "speaker": "Speaker 5",
        "start": 90.0,
        "end": 90.0,
        "transcript": "person."
      },
      {
        "speaker": "Speaker 2",
        "start": 105.0,
        "end": 105.0,
        "transcript": "So how might a DAO how might DAO, which I I I would describe DAOs as as trust, or certainly a DAO that we think of them as such. How might DAOs establish the unique person? Well, if you ask a cryptographer for this question, I'm sure we have a cryptographer in the room, probably perhaps more than one. You'll likely hear an answer about proof of personhood schemes. Now proof of personhood schemes occur one to one mapping between natural born persons and cryptographic identities. Particular strategies vary. You could think all the way from straightforward, which is basically a single centralized institution. Think, you know, the DMV is effectively a a centralized, proof of person in Steam. And then there are the radical. There are decentralized pseudonym parties and webs of trust. But all of these schemes fall into two basic models. The first is an emergent model. In an emergent model, people go about their lives. They meet other people. They learn who those people are. They remember them, and they basically attest their identity to others. The strategy is probably how personhood worked back in some hazy and amber hued back in the day. Before formalized systems of identity and account, we lived with people. We got to know them. Unique personhood emerged from our shared understanding of who they are and what their deal is. Right? The second model is a centralized one. In a centralized group of personhood scheme, there's this trusted institution. It does the work of establishing the uniqueness of persons. Centralized personhood like this is the Napoleonic system that arrived in The Netherlands and gave every person a surname and settling for doesn't wear pants when the need arose. It's the Spanish forcing Spanish language surnames on indigenous Californians. This model describes most formal or state run systems we interact with, like the DMV or the passport office, and it works in some ways. It doesn't work in other ways. It allows an anonymous and impersonal society to engage in kind of these these systems that require any personhood. And as long as we trust this institution, big if, we trust this institution, the system works. Now speaking in broad strokes, the Web three community simply prefers emergent schemes to centralized ones. Why trust an institution when you don't have? Here's the rub. The best available emergency scheme to pseudo nim parties cannot scale to the size of a nation. And I I can go to more detail about why this is. It is interesting. You can ask in the q and a. Does this mean that decentralized global identity systems are impossible? Of course not. We live actually in a world of decentralized and global identities. Each nation issues its own passports. How does this work? K. One centralized issuer, say Canada, I'm in Canada, can assure that I only have one Canadian passport. But how can they assure that I have no other passports? Even worse, passports and some other names. Okay. Well, they can't. K? The best they can do is trust. And what we see is an ecosystem of centralized and emergent schemes that confederate and overlap to produce multiple identities. I have a US passport. I have a Canadian passport. Each system is imperfect, but each is good enough to accomplish a wide range of functional tools together and in concert. Let's let's stick to the passport scheme to make really make this this point stick to the bone. Passports are a morally imperfect system. Look at the many who are locked out of global mobility, thanks to where they were born. However, from the perspective of any one participant, like in a particular country's policymakers and intelligence officers, the system works well enough for their purposes. Canadian border guards can trust US passports and vice versa, and Canadian border guards, you know, again, may not trust US officials with everything, but they can trust them to run a passport scheme that works for Canada. Within any one system, trust is robust enough for its designers purposes, and the system still is decentralized and emergent. In their review of decentralized proof of personhood schemes, there's this great paper, Sadarath et al 2020, and I'll follow-up with this review. They uncovered a really simple but devastatingly important proof. Proof of personhood schemes that work lean into rather than away from social trust. And the same way here is clear. From cash registers to identity schemes, trust where it is not about decreasing coordination costs or at least doing so isn't what makes trust where valuable. Trust where formalizes and codifies the rules by which social trust is established, and the value of trust where is in that encoding. Most compelling scheme for civil resistance that I personally am aware of has absolutely nothing to do with cryptography at all. It it's hacker handles. Elsewhere, outside, you know, this room well, actually, I I see that my Zoom has magically overnight reset my, Unix, you know, kind of default username. I'm known as l South. And there are people, some of whom I work with daily, who know me only by this name. It's actually very rare that these rooms collide as they are doing right now. Usually, I'm either Nick Merrill or Elshau. But how did this happen? You know? Well, thanks to my undying capacity to exhaust myself, I developed two robust professional identities. Nick Merrill is a research scientist and Elsehouse is a hacker. And that both identities refer to the same person is not secret, you know, and occasionally someone from one world is curious about my presence in the other, but broadly these two identities neither interact nor need to. They they address different audiences, you know, they they sing different songs and eat different bread. The Nick Merrill identity, I I built since birth. It's amassing kind of state given records and state sanctioned credentials like education and traditional employment. And else how happened in a kind of a different way. A profile emerged on the Internet, and then several profiles emerged across several different platforms. And not only did these profiles do things that only a human would do, like publishing code or writing messages, they all spoke to one another. They used the same avatars. They spoke the same language and perhaps even with the same quirks. In other words, someone who observes LSAU could build trust in them. And the more that observer interacted with LSAU, the thicker that trust could grow. And this model in which trust builds over repeated observation and interaction undergirds and facts zero trust architectures and computer security. It's kind of a side, but but if you're interested in computer security, that does happen to be the model. It's an emergent kind of interactive form of building trust. Now you add on to this kind of zero trust model the rich layers of nuance and detail that emerge in social life, and we see how people can build trusted relationship with usernames. Now is this identity robust enough to partake in a voting system? Yes. Okay. To the constant amusement of non hackers in my life, this else how identity alone is robust enough to put me on the Web three equivalent of corporate boards. I control a large voting sharing and well funded DAO. You know, I I I I am a validator on Juno. In some DAOs, most members know only the other members as their pseudonyms. How is this possible? How can we be sure that one person doesn't control many of these other pseudonyms? Because we, as a group, have observed each other to be unique. We've worked. We've responded to messages often simultaneously and occasionally in conflict with numb one another. We've expressed unique beliefs and opinions and changed those beliefs over time. And never through this process have any of us suspected any of the other of us to be personing multiple registers as it were. We're confident, of course, that we would have made such an observation because we've been in in these kind of work situations. We work with them enough. We would have found out if this person really were frantically personing multiple two cache registers at once. So so what can we say about civil resistance in these circumstances? First, you know, interactions over time build trust. This trust is transitive to a point. Right? If I trust Meow and meow trusts Cyborg sixty nine completely, I trust Cyborg sixty nine exactly as much as I trust Meow, plus or minus any vibe I get from observing or interacting with Cyborg sixty nine. This web never proves anything nor does it really speak at all to the humanness or uniqueness of any participant, and it doesn't need to. It only needs to work well enough to establish uniqueness given our shared expectations about the resources required to circumvent the system. Now what can we say about trust where these circumstances? First of all, trust has no one center. My handle spreads across many platforms and technical systems. And, you know, each of these systems really has its own importance for building trust. I mean, GitHub and Discord have radically different affordances for building trust. Second, it's not a technical system alone. It's the socio technical kind of a span between the technical affordances of particular systems and the people to whom those affordances coalesce into a structure in which trust can emerge. What holds any system together from a liberal democracy to an open source project is that its participants trust it to do his job as much as it needs to be trusted. I trust Google and the corporate and political ecosystem in which it's suspended enough to give them the data I give them, and I trust them with that data. I wouldn't trust them with my internal organs. On the other hand, I trust my partner with my life, and she has the, you know, ability to to to do any medical thing on on my behalf, and that's that's legally encoded. I do not trust her to keep her web browser up to date, though. As my collaborator, Koi Cheshire, has said since the web one days, trust is social and contextual. There is no trust. There is only trust with. Bosses trust their employees with all of the transactions of a business as long as there's a cash register in the middle. Cash registers, in my opinion, work by reifying expectations about who gets paid first. I told you this already. Identity systems work by reifying expectations about who gets to be. Right? In The United States alone, identity systems have habitually denied personhood to women, black, and indigenous people throughout the ages and still do in in many cases, especially when it comes to to things around gender and and migration. The bureaucratic machinery that maintained a system of freed and enslaved black persons during the days of slavery did not place paperwork at the center of humans at the periphery. At the center was a narrative of society, power, trust, control, and who has them. People fell into central or peripheral roles according to their place in that narrative, but people fell into those roles. Consider. Okay? The world is filled with cash registers. They are the turnstiles of the subway. They are the ankle monitors on convicts. They are the pace making systems that push pharmacist beyond safety and Amazon warehouse workers beyond the limits of exhaustion. These machines make it harder to do what the boss doesn't want done. Skipping a bear, leaving one's house, taking a break at work, they are the systems that create a warped kind of trust around an imbalanced power relation and aim to tilt that relation further toward the boss's favor. Neoliberal governance, in my view, has turned the world into a cash register, and endless legal fictions keep not only employees, but also citizens, taxpayers, and national governments away from the money that flows through the proverbial till. Trustware is undoubtedly real. It is not undoubtedly good. We, developers, can produce trustware that persists and embeds liberatory ideals. I think flexible and mutable identities, free association, voluntary entrance and exit. And these systems will be as good as we, the developers, need them to be. The question that trust waker trustware makers, me, us, will have to grapple with is what kind of trust where equalize and counteract our dynamics or incumbent to to the to the situation we encounter? How do we build trust where that equalizes power among participants? First, I think we need to know whose goals are being left at the periphery. And second, we need to bring those people inside and allow them to deliberate with us. There are models here, I think, in deliberative polling. Deliberative polling is kind of deliberation via sortition. People are selected by a lottery to deliberate on an issue that affects them. Now in practice, deliberative polling has been critiqued for a lack of representativeness because in practice, only privileged or highly interested people participate. DAOs have the capacity to counteract this by, this bias by by making people kind of paying people for their time and participation. And I and I think that the rewards of learning the needs of people outside the DAO could be fantastically great really out sized. Now, you know, kind of the the thesis here, my point here is is that only by encountering people outside of our DAO will we learn where our incentive cause bias lies and to what possibilities it has made us blind. And knowing the outside, you know, really isn't the end of equity, but it's it's at least a start. And that's all I have for now. I'm very eager to know, everyone's, thoughts and and and, and opinions about this topic. So I'll stop talking now and and hand it over to q and a. Thank you very much for your time."
      },
      {
        "speaker": "Speaker 3",
        "start": 120.0,
        "end": 120.0,
        "transcript": "Thank you so much. That was wonderful. I see that there is a question from Zagham in the chat. So I'll just I know you might have to run, Z. So I'll hand it over to you to ask before you have to head up for a second."
      },
      {
        "speaker": "Speaker 2",
        "start": 135.0,
        "end": 135.0,
        "transcript": "Cool. Yeah. I I honestly"
      },
      {
        "speaker": "Speaker 4",
        "start": 150.0,
        "end": 150.0,
        "transcript": "I was just gonna say, awesome. Thank you for starters. And, you know, you really highlighted the extent to which the trustware designers, and and I tag in sort of operators and maintainers since these things don't just persist forever without, you know, any care and maintenance, ultimately define the values they encode. So I'm curious your thoughts on increasing the legibility or, like, making explicit the implicit assumptions of those values so that people can actually exercise those entry and exit powers to vote with their feet. So, like, again, like, the values, the human part being something that we don't have much choice over in our Exton systems. But in the ones you're you're describing, you know, users in addition to the the developers would have sort of some say in the values encoded in the softwares they use?"
      },
      {
        "speaker": "Speaker 2",
        "start": 165.0,
        "end": 165.0,
        "transcript": "That's a great question. I wrote down the operators in my favor, so I do need to add that in. You know? Shame on me really for ignoring that. Yeah. It's not just designers. I'd probably I know this is a bit of a tangent for a question. I'd probably even add in users. Right? Because it's not like designers have some unique privilege position where we do everything. The users then reconfigure those tools into, you know, configurations we probably didn't even think about. And, of course, the maintainers and designers of the systems are doing the same kind of configuration. There there is no, you know, one privileged point of designs. That's really important point. Now as far as making these values explicit, yeah, I I completely agree. I I wish I had an answer here, and and Janita can can kind of back me up on this. We we we've talked about this within DOWDA. How do we make these values explicit? So, you know, listen. I I don't have an answer. I'll I'll perhaps, you know, spend some more time reflecting on our experiences in DOWDAO in, you know, a more final version of this piece. But, you know, briefly, here's what we get. We have the and Janine actually and I have run this together, we have this organizational health task force. So we've only had one meeting so far, but we're gonna have another one soon. And what we do basically is, you know, go around the room. Everyone joins. It's kind of a rough sortition. And, we say, you know, what do you what do you we have a series of questions. Everyone answers the question, goes around in a circle. What do you like about working at DOWDAO? What do you not like about working on DOWDAO? You know, what's your biggest fear? What are your what's your biggest hope? And we use these kind of together after it's done to do this group qualitative coding of everyone's responses and and, you know, come up with our pope, spheres, values. This has been our best theory of the case for how to for how to do it. There are problems with this mechanism, though. And the first, of course, is that there's social power involved in in the person who's running the meeting and picking the questions. Second is that not everyone feels necessarily comfortable joining these meetings or even if they do feel comfortable joining. They may not feel comfortable speaking up and and dissenting. And, you know, I think one of the things that that I have still been thinking about, haven't come to a right answer yet is how do you create these spaces for dissent where where you don't feel there's going to be retribution for dissenting? Yeah. That that's a really tough one. But but that's kind of to me questions like this get to the essence of what Trustware can be and do. How can you create these situations where, you know, every incentive that the boss has to, you know, even if it's unconscious, kind of get back at you for doing something that wasn't good for business from the boss's perspective. How can you how can you counteract those incentives, make it impossible for them? And and then empower, you know, people to to do these kind of naughty things to dissent. And and the more we I think we can allow people to dissent, the more it becomes less clear who the boss even is. And and that that's truly a powerful position to be in. Kind of a pipe dream. But but I I don't think so much of the pipe dream that I feel uncomfortable saying it or overly naive saying impossible."
      },
      {
        "speaker": "Speaker 3",
        "start": 180.0,
        "end": 180.0,
        "transcript": "Sorry. I realized I was muted."
      },
      {
        "speaker": "Speaker 6",
        "start": 195.0,
        "end": 195.0,
        "transcript": "Zagan, do you have a follow-up?"
      },
      {
        "speaker": "Speaker 4",
        "start": 210.0,
        "end": 210.0,
        "transcript": "Well, I mean, I if there's I have a moment, so I wouldn't mind riffing on this a little bit, but I also don't wanna eat up the air."
      },
      {
        "speaker": "Speaker 3",
        "start": 225.0,
        "end": 225.0,
        "transcript": "So I'm looking forward to it. Ahead, And then, Travis, you can go next. Oh, no. Okay. Great."
      },
      {
        "speaker": "Speaker 4",
        "start": 240.0,
        "end": 240.0,
        "transcript": "Cool. So, I mean, what I what I was gonna observe is that within the scope of a particular Trustware project, you might actually have to reason about where the boundaries of, I'll call it, that jurisdiction or that that space are because, I found that most of the capacity for descent emerges from, the fact that there are multiple power centers. So, like, you know, as long as you have some solidarity in your dissent with others, even if they're not in that immediate space, you generally feel more empowered to voice a a dissent in in one space if you if you have solidarity with others in that descent in another space. And I'm not sure how that factors into even just like a polycentricity of of trustware environments."
      },
      {
        "speaker": "Speaker 2",
        "start": 255.0,
        "end": 255.0,
        "transcript": "That's a great point. I'm just writing this down. You know, we had this idea in DOWDAO that we I I don't wanna say scrapped. We we we haven't implemented yet of having affinity groups that would form and there there were kind of rules around kind of how small affinity groups can be, but a pretty minimal rule set. And these affinity groups would elect a delegate to serve on this kind of guiding body. And and this allowed kind of multiple power centers, but we play a little game where we kind of tested it out in person to see how this would work. And, you know, what we came to is that it's easy enough to game, especially when they're in different levels of participation in governance. And they had also created a situation where it was more advantageous to participate in politics than it was to build a kind of shared tool or product. That doesn't mean that, you know, we we we were probably just doing it wrong. Yeah. But the goal of this exercise was to create this kind of polycentricity. It was multiple, you know, to create solidarity and to do so without hitting kind of workers versus bosses as as unions might have you believe. And then in fact, you know, I I think anyone who's been a member of the I've been a member of the union. I was a UAW member for a long time. There is no monolithic work. There are a lot of differences between workers and the things that workers care about. And then solidarity falls naturally along diverse lines. It doesn't mean we don't have a shared interest or shared reason to bargain together in the context of being those unions, especially in the university context. We did. But in the context of DOWDAO, you know, it'd be great if we were able to provide more flexible ways for solidarity to emerge. So, you know, this is exactly the kind of conversation I wanna have. This is the kind of trust where we should be thinking about. Right? This is trust where this is good. How how can we provide solidarity? How can we encode the rules by which solidarity can merge? You know, these are great. I love this discussion. These are great comments."
      },
      {
        "speaker": "Speaker 7",
        "start": 270.0,
        "end": 270.0,
        "transcript": "Yeah. I wanted to chime in on something that you said earlier. You mentioned social power dynamics, that emerged. And I've been reflecting on this recently too within data because I think, compared to other institutions, we have, like, so little codification of rules and practices. Like, things evolve very organically, what people work on, who whose voice gets listened to. All of this is sort of, like, all of these decisions are relegated to social power hierarchies, which is completely natural because we don't have, like, codified rules. So I think I think it it takes, like, really thinking intentionally about so how do we encode our own rules to to sort of, like, to to counteract these these social power forces and and to really embody our values. And I think it's it's a hard problem and something that I've been thinking about."
      },
      {
        "speaker": "Speaker 3",
        "start": 285.0,
        "end": 285.0,
        "transcript": "Anna, I know you"
      },
      {
        "speaker": "Speaker 2",
        "start": 300.0,
        "end": 300.0,
        "transcript": "had a couple of thoughts."
      },
      {
        "speaker": "Speaker 3",
        "start": 315.0,
        "end": 315.0,
        "transcript": "I wanted to make sure you had a chance to share that. Maybe we can get a collection for some."
      },
      {
        "speaker": "Speaker 8",
        "start": 330.0,
        "end": 330.0,
        "transcript": "Thanks. Thanks, Divya. Thank you so much, Nick, or else how, for this conversation. I feel like you're this is one of the most sort of nuanced and informed discussions of the relationship between technology and trust that I've encountered. I'm an anthropologist. I've been, working on a research project, which I've been, calling technologies of trust. And one of the things that I mean, I mean, all of these sort of mechanisms that you're talking about, these forms of trustware, right, whether it's the the cash register or the turnstile, these are all you know, there's there's definitely this dimension of power, right, that we have that they're they're not actually, technologies of trust. They're technologies of, like, surveillance, right, and control. And so whenever so one thing that I and my collaborators have been thinking about is whenever somebody talks about trust, like we have to think about, you know, why are they talking about trust and are they actually talking about that they would like to have more compliance, right, or orderliness or something like that. So there's often this, I mean, exactly this power, relationship, right, these hierarchies that, a sort of morally laden discourse of trust is trying to conceal in some way. So I'm I'm so glad that you also brought up solidarity, because I feel like that's that's it's sort of a a counter model, a kind of counter model for thinking about how how we can interact with each other. Right? So trust is one way of saying like, oh, this is this is one way that we can ensure, you know, social cooperation, but solidarity is another one. Right? And so I just wanted to bring a short example. One of my, students is doing her, MA thesis on, a co op in Austria in sort of the in the countryside. And they have a pickup system that's sort of on an an honor based system, and they have recommendations for how you, you know, select from the various products that the the coop provides. But the problem that they often have is that in the end, the sort of less like, at the end of the day, the less, preferred products are left over and the people who come at the end of the day are kind of stuck with you know the kinds of you know dairy products that nobody wants you know nobody wants."
      },
      {
        "speaker": "Speaker 2",
        "start": 345.0,
        "end": 345.0,
        "transcript": "And"
      },
      {
        "speaker": "Speaker 8",
        "start": 360.0,
        "end": 360.0,
        "transcript": "so there's often discussions around solidarity right there's a there's a a recourse to the the shared values of this community. Right? To sort of equally distribute and, you know, one week you'll take the the crappy, you know, nonfat yogurt that nobody likes and then next week you'll, you know, you'll take the better one or whatever. But I thought I think it's interesting that, I mean, you you one could also have that conversation around trust, but in this particular space, in this particular community, it's the the conversation ends up being about solidarity. Right? And, of course, you could solve that problem or the problem of sort of equal distribution by saying, okay. Everyone gets this particular amount, and we're gonna put a camera in here, and, you know, we're gonna in the pickup space, and we're gonna make sure that everyone takes what they are allotted. But that's not how they want to solve this problem. Right? They wanna solve it by sort of, like, making sure that people sort of feel within them and act accordingly to the values. Right? But I, you know, I definitely wanna talk to you more outside of this. I'm yeah. This is a research project I'm developing. I'd love to talk to you more."
      },
      {
        "speaker": "Speaker 2",
        "start": 375.0,
        "end": 375.0,
        "transcript": "Yeah. I'd love to talk to you more about this. Yeah. You know, it's interesting you mentioned I I I agree about, you know, that this kind of solidarity being important, and I haven't thought about that enough. One of the things that occurs to me, you mentioned, you know, not trust. I'm just kicking. This is very fresh kicking around idea. I I you mentioned not trust but control. That's what you know, when people say trust, they really mean control. I I was thinking a little bit, like, trust I mean, control is important. It it's a question of who controls. Right? Because we have systems that are really good trust systems like voting. Right? Or or situations where you know, there are situations around, campaign finance, for example, where we control how campaigns can be financed and we being kind of the people who are not necessarily enfranchised, you know, in in any other way except to to produce these controls, and controls are important. And I think we see these controls in solidarity too. You know, when I was in UAW, there were controls around for example, you could not negotiate for your salary. That's a control that is placed on you in the interest of solidarity. And and I think control is is not intrinsically bad. It's just a question of who does it and how and who decides who does it. Right? How these systems of control are established. And I think the dynamic that I I'm honing in on slowly with Trustware and the one that Janita, you know, mentioned and I think that we struggle with very actively in doubt out and should struggle with more is this dynamic where people believe they are equalizing trust relationships. And they believe that the controls that they're putting on are equalized are equalizing trust relationships. But in fact, they haven't consulted with people outside of their small bubble. And this can be a a very dangerous situation because then, inevitably, people come in from outside of this bubble and are subject to control relationships that they never consented to and never were deliberated about. That's the tricky thing, I think. And when it comes to things like solidarity, yeah, you know, listen, unions have good ways of of managing, you know, these collective consent to control. We can learn from systems like this and should."
      },
      {
        "speaker": "Speaker 3",
        "start": 390.0,
        "end": 390.0,
        "transcript": "Zaragan, it seems like you had an update."
      },
      {
        "speaker": "Speaker 4",
        "start": 405.0,
        "end": 405.0,
        "transcript": "I again, I was just sort of riffing in the chat. I don't wanna yeah. I'll say that what I wrote was that I've found the some usage of concepts of confidence versus trust useful because technology kind of of control, not necessarily in a bad way or or a good way or in a consensual way or in a nonconsensual way, tends to put provide confidence in the system having certain properties, and that sort of revert reserves the term trust for trust in the behavior of the other humans within it. But that's not, like, a formal distinction that I think everyone should adopt. Just a useful distinction for when you're you're trying to say that you have, you know, trust in or belief in a system's capacity to produce a particular property as distinct for from the case of the trust that you have in the other humans that you're interacting with or who are interacting with the system. With a I like your your cash register example produces confidence in the absence of certain kinds of behaviors, but it doesn't actually imply trust in the the person standing behind the cash register. So, like, it's a a sort of semantic hack for engaging with discussions of these systems, and to to tease out some of the nuance of of when we say that it's trustware to your point earlier. Like, actually, we're inducing a sort of a confidence in the behavior of the assemblage, but we're doing so by having less trust in the humans in particular, participating in that."
      },
      {
        "speaker": "Speaker 3",
        "start": 420.0,
        "end": 420.0,
        "transcript": "I feel like there's actually an interesting parallel between that. And you brought up this paper, we wrote a bit ago on proof of personhood. And, you know, I think that speaks a little bit to there are some ways that you approach identity where you're trying to create complete confidence in the system, the IDNA type of approach, right, where you're trying to do something that just can't be hacked in some way. And there are other ones that are literally called web of trust approaches that are recognize that there's a threshold of civil resistance that you're not going to go under, and that's okay. Like, you're allowing certain amounts of failure modes to enter into the system, and you're trying to therefore create kind of, like, more interpersonal trust. So I'm wondering, on this trust confidence distinction, how you particularly apply that to I think you referred to passports as, like, a good enough system at some point, right, in some context. Right? And I think that's kind of a little bit of what we're aiming for across the board here and yet moving towards kind of, like, better yet good enough systems, like, how you distinguish, you know, the level of trust that you're aiming for. Because when we were writing that, for example, it felt like, okay, certain types of voting, you, like, need to have a much lower threshold for failure. And other types, it's okay if you're having certain numbers of civils or senators or, like, things like that. Right? And so Yeah."
      },
      {
        "speaker": "Speaker 8",
        "start": 435.0,
        "end": 435.0,
        "transcript": "The use of"
      },
      {
        "speaker": "Speaker 3",
        "start": 450.0,
        "end": 450.0,
        "transcript": "a proof of precedent system, like, totally changes what it's being deployed to totally changes, like, the level of trust or confidence that is required."
      },
      {
        "speaker": "Speaker 2",
        "start": 465.0,
        "end": 465.0,
        "transcript": "I agree. I I love that paper. I mean, you just probably saw I had cited it in this in this piece. It's so, so good. And and I think that one of the things that stood out to me is what you just mentioned. Yeah. You know, not every voting system has the same levels of of of need for approval security. Here's an anecdote kind of to prove out this point. Yesterday, I was at a meeting. In in DC, the kind of in in Vancouver, everyone lives vertically. It's, you know, density. And if you own your own place, you you own it in a Strada corporation, which is basically like a co op. And if you wanna imagine it, it's basically like a DAO where your voting share is determined by how many units you have, and they're nonfungible. So it's kind of like a and it's sold down NFT that is your unit, and this gives you a a voting weight. And, of course, I only have one unit in this building, but, you know, someone walks in with a clipboard and has, like, 20 units in the building. You know, they have the right? So there there are these voting differentials in this system. Nevertheless, the system that that we used was where which was good enough. Someone walks in. They they say their name and and what unit numbers they have. And, of course, someone, you know, has a list of, like, the names and the unit numbers that works for the Strata where that serves on the Strata Council. And then they hand us a little green card that has a little ID on it that I asked. Of course, I had to ask, what what does this ID mean? And they said, oh, we just reused the postcards, you know, from someone else. There's no meaning to the system. It was perfectly good enough to just sign in, say your name, get it, and then you hold up your card when you vote. You know, these systems don't have to be radically, radically robust to be good enough for these stress situations. And the passport thing that I I I, you know, I I alluded some of the complexity of passports. These systems aren't always good enough. Okay? There are situations where passports from country x are not accepted by country y for for a variety of reasons. And and often, they have to do with buying and selling passports. Vanuatu is a great case. I'm always interested in the South Pacific, but, you know, Vanuatu has this kind of, you know, pay for passport scheme program. That's an important source of revenue for the government, and and they don't necessarily do the same level of KYC, let's call it, that that, you know, some other countries might prefer, and it and it creates this really stigmatizing situation where everyday Vanuatuans get denied mobility situations. So there are breakdowns in these systems. What's important about these systems is that they're decentralized even though, you know, I think most Web three people point to passports and say, look. Centralized system, it denies mobilities. It's unjust. Yeah. They're centralized within, you know, a a a particular unit, but they're more decentralized than they appear because we have to come to a consensus. The the individual actors have to come to a consensus that generally comes to a kind of one on one decisions where policymakers from country a make a decision about, you know, policymakers from country b. And this is another layer of the web of trust that that's kind of somewhere in between, it's somewhat hybrid between what I've seen, you know, discussed in in in, you know, stuff about kind of cryptographic identity. When we think about web of trust, we think about individuals kind of doing this this web of trust behavior. But institutions can do this web of trust behavior too, and and you see this, you know, on the Internet, Cloudflare often makes decisions about, you know, hey. Everyone from Ghana, just block them. Right? Because they're intrinsically sketchy by virtue of being from the global south. And and Jenna Burrell and and Jonas have a great paper about that if people are more interested on this. But, you know, the the Internet is decentralized. It doesn't make it just. You know, we have these centralized decentralized web of trust systems. That doesn't mean that there's gonna be just outcomes at the end. That doesn't mean power is equal just because it's decentralized. Not kind of naive to say also, you know, I think runs through these systems. Okay. Listen. I I I just dumped a lot of stuff on you, Divya, because I know you've thought about this. I've read your writing about this, so these are just things that I maybe wanted to say to you anyway. The the collection of things together, I think, paints this portrait of something that's more complex than decentralized good, centralized bad, And it paints a picture of something more complex, like, assurance is good, lack of assurance is bad. It depends. And, really, the social power dynamics are the things that need our attention more than, you know you know, assurances and and provable security per se. I'll stop talking now."
      },
      {
        "speaker": "Speaker 3",
        "start": 480.0,
        "end": 480.0,
        "transcript": "I feel like"
      },
      {
        "speaker": "Speaker 2",
        "start": 495.0,
        "end": 495.0,
        "transcript": "that speaks a lot to"
      },
      {
        "speaker": "Speaker 3",
        "start": 510.0,
        "end": 510.0,
        "transcript": "what Z brought up around polycentrism as well. Like, what I I really like this idea of web as addressed as applied to institutions instead of individuals. And I think, you know, there's something interesting here about, like, oh, what about liquid democracy applied to institutions as opposed to individuals? Or, like, all of these kinds of things that we think about from, like, a delegation trust perspective kind of focus on the individual level, but we could think about it at the organizational level. I know we're coming up on time, so I wanna let Isaac, ask questions or contribute to the discussion, and then I'll hand it over to, Zargam to finish close this out because I have to run-in a in a moment. But, Nick, I'd also love to follow-up on some of these things because I think we're thinking about how to take Oh, please. I just forward. So let's chat."
      },
      {
        "speaker": "Speaker 2",
        "start": 525.0,
        "end": 525.0,
        "transcript": "Great. Yeah. So we're good."
      },
      {
        "speaker": "Speaker 5",
        "start": 540.0,
        "end": 540.0,
        "transcript": "Yeah. Elsa, very fascinating paper. Very excited. I mean, very fascinating conversation. I'm happy to I'm very excited to look back to your paper. So just a human stick to provoke your thinking because you mentioned a few things that I have a lot of interest in that and this may also be useful to you. In the in that tension of building trust versus control, balancing between trust and control, one of the issues I'm very interested in around elections is how social movements impact elections. So, for example, how do you get elections that for example, around Africa, because I'm studying Africa, and I work, concerns a lot of Africa. So how do you get elections where how do you reduce the risk of winner takes all elections around Africa? And Kenya is a fascinating example, which I have paid a lot of attention to. And one of the things one of the issues that I had I discovered that I couldn't find much attention in many sources,"
      },
      {
        "speaker": "Speaker 2",
        "start": 555.0,
        "end": 555.0,
        "transcript": "but"
      },
      {
        "speaker": "Speaker 5",
        "start": 570.0,
        "end": 570.0,
        "transcript": "I found books that were addressing this issue actually is something that I found in elite theory. So the the number of works in elite theory, which discuss the contribution that the consensus struck amongst the elite, the impact of that consensus on the form of on the nature of, electoral politics and the electoral contest within that country. So if you have if your elite groups manage to strike a consensus in which that there is some sort of elite circulation that whoever wins the election, the other part of the elite will not feel too disenfranchised. Then you will have stable elections that are positive sum. So you will have actors who you will have both sides happy. It's like, whatever happens, whatever the results of the elections, we can live with it. Okay? But once that consensus no longer applies or one or if it is, if it's disturbed, then you have zero something because then you have the elite that that loses any elect electoral context then has no, interest in, defending or protecting the system. And they have dozens of examples. They go all the way to the the glorious revolution in England and to America itself. So they actually make the argument that the origins of liberal democracy is elite consensus in in in each of those territories, where the elites were able to strike a deal to strike a consensus. So, yeah, I as I said, that's just a heuristic completely from the left. I don't know if it's of any value to you or if it's of any use to you, but I just thought in it's very fascinating to me in the context of in in the context of, how trust evolved because, seeing the paper and seeing how, without trust without that sort of trust amongst the elite, it's impossible to have, you know, systems that people can trust even when they punish them is a very fascinating aspect, a very fascinating question which I hope may be useful to somebody else. Such as"
      },
      {
        "speaker": "Speaker 2",
        "start": 585.0,
        "end": 585.0,
        "transcript": "That's great. I love it. I I'm I'm sharing a piece in the chat, Isaac, if you want. I think you'll be interested in that has to do with elites. I've never heard of elite theory, but I I've looked it up, and I'll I'll I'll dig in a little bit."
      },
      {
        "speaker": "Speaker 5",
        "start": 600.0,
        "end": 600.0,
        "transcript": "Fantastic. Yeah."
      },
      {
        "speaker": "Speaker 2",
        "start": 615.0,
        "end": 615.0,
        "transcript": "Thanks for that."
      },
      {
        "speaker": "Speaker 6",
        "start": 630.0,
        "end": 630.0,
        "transcript": "Exactly. No. I think we should oh, sorry. No. I was saying I have a question, but we're out of time. So maybe we could take this to the Slack channel. I don't know if we wanna start a new channel, which we sometimes do, you know, as a as a follow-up to conversations that are really rich like this one. So we could start our new channel or just a thread in the seminar discussion channel. I don't know what what you think, Sargon, but, I don't know. Either one works."
      },
      {
        "speaker": "Speaker 4",
        "start": 645.0,
        "end": 645.0,
        "transcript": "I would say, why don't we start with the thread in the seminar discussion? And if it if we get a kinda critical massive ongoing discussion related to Trustware, then we should make a channel. Downside of having too many channels is then all the attention kinda bleeds out across them. So but it'd be awesome. I I'm certainly enthusiastic about a Trustware ongoing discussion."
      },
      {
        "speaker": "Speaker 6",
        "start": 660.0,
        "end": 660.0,
        "transcript": "I Yes. And if anyone is not on the"
      },
      {
        "speaker": "Speaker 2",
        "start": 675.0,
        "end": 675.0,
        "transcript": "But yeah. We'll"
      },
      {
        "speaker": "Speaker 6",
        "start": 690.0,
        "end": 690.0,
        "transcript": "If anyone's not on the MediGov Slack, I just sent the link so you can join."
      },
      {
        "speaker": "Speaker 2",
        "start": 705.0,
        "end": 705.0,
        "transcript": "And I I put my email also in the in the chat if you wanna reach out one on one. And thank you all so so much for your time. This is one of my favorite seminar seminar discussions I've ever done. This is so, so great. Thank you."
      },
      {
        "speaker": "Speaker 4",
        "start": 720.0,
        "end": 720.0,
        "transcript": "Well, thank you for coming. So we have a little ritual where as we're wrapping up, everybody unmutes and claps for the speaker. And given that it seems like the natural time to do that, I'm gonna count down, and at one, unmute, and please clap. So three, two, one. And so with that, I will call the meeting officially to order. There's often some lingering discussions, but we try to be respectful of the time bound. So we kinda close out on time, and those who want to hang out and chat some more sometimes do."
      }
    ],
    "summary": null
  }
}