From hacking the CIA as a teenager to community computers
The Blockchain Socialist | 2024-03-05 | 53:33
I spoke to Mustafa Al-Bassam, co-founder and CEO of Celestia, a modular blockchain network that makes for others to securely launch their own blockchain. Mustafa was also a member of the black hat hacking group LulzSec under the name T-Flow known for hacking the CIA website, newspapaers owned by Rupert Murdoch, and other corporate and state organizations in 2011. During the discussion we spoke about his experience of being in the hacker group, his transition to interest in blockchains, and C...
Top Keywords
No salient keywords identified yet for this episode.
Transcript
Speaker 0
0:02 – 2:09
Hi, everyone. You're listening to the Blockchain Socialist Podcast. I'm Josh, and I'm here today with Mustafa Albasam, who is the cofounder of Celestia, which is a project that purports to, help with the creation of modular blockchains. So we'll go into that. It's a little bit technical, but we'll explain it in a way even though you may not understand what that means. And he's also an ex member of the hacking group LulzSec, which if you were paying attention back, I think it was in the in 2011 for the most part, some of the hacks that were happening during that time that were associated with as well whenever anonymous was was more in the mainstream media. But so before we get into that, I wanted to ask, Mustafa or actually, like, share with Mustafa that I didn't realize that you were kind of one of the the the, I guess, cofounders of LulzSec or one of the hackers of LulzSec until I read the book hacker, hoaxer, whistleblower, spy by Gabriela Coleman, which is a really nice book, which I highly recommend to people if you have the chance to read it. And when I read your name in the book, I was like, I this name is so familiar. Like, I re I feel like I've read this name before. And then I went on Twitter, like, while I was, like, in the middle of reading the book, and I was like, oh my gosh. He has the same name. Is that him? And I started googling, like, is this the right same person? I realized it was the same person. So yeah. So I'm really, like, honored to have you on to to talk about your experience with LulzSec. And then it was, like, really a surprise to me. Like, like, a nice surprise to me to hear that you are now in the in the crypto world. So gonna be really interesting to talk about how that transition happens. But, yeah. Welcome, Mustafa. Thank you. Yeah. It's great to be here. And I've also been following yourself on Twitter quite a bit. I hope I hope you've enjoyed my my spicy tweets. But, yeah. I was wondering maybe to start off for people who maybe aren't aware, could you explain a bit before we get into Celestia, let's start with LulzSec since that happened, before the past. What was LulzSec and kind of what was the, you know, the conditions during that time for maybe the people who don't remember?
Speaker 1
2:09 – 4:05
Sure. So LulzSec where the Lulz in LulzSec stands for LOL, kind of like a corruption of the word LOL. But it was a hacker group that I cofounded in 2011 that existed for a few months, and it hacked into all all sorts of governments and organizations. So for example, we hacked into Sony seven times. We hacked into, like, various governmental entities, like FBI affiliates. We hacked into Arizona Police Department, and we did denial of service attacks that took the websites of people like the CIA offline. But Lost Cycle was started as a sort of offshoot to another group that I was part of called Anonymous. And I kind of became involved with Anonymous around, you know, 2010. And I kind of got involved in into it in response to various activities regarding, like, freedom of speech and freedom of information. So for example, when PayPal and Mastercard and Visa blocked donations to WikiLeaks, anonymous did a denial of service attack that took Mastercard and Visa offline. And then so I kind of, like, got involved, and I realized that, you know, information or hacktivism could be a powerful tool. Because other times, idea of a denial of service attack, it was something that everyone could participate in. So, like, if you wanted to help take the website of Visa or Mastercard offline, you could anyone could just download a piece of software and join this chat room, and they could coordinate, and they could turn their computer into a sort of device that that floods the websites of PayPal or Mastercard. And so everyone could sort of join it. And and to me, this was a really interesting idea because it was sort of like virtual version of a physical sit in. Sort of like how back in the, you know, in the in the twentieth century, people had were sitting in as a form of protest,
Speaker 0
4:05 – 4:09
you know, in the restaurants. They were DDoS ing restaurants back then. Exactly.
Speaker 1
4:09 – 6:02
Yeah. And this was like a like a digital version of that. And to me, it was really interesting, but I kind of wanted to go further than that because to me, like, that only gets you so far. Right? You can take the website offline, but, well, it'll be back online. It'll get better, details mitigation. And all it really achieves is some attention to the cause. And that's kind of good in a way, but it doesn't really achieve much more than that. Mhmm. So I kind of wanted to figure out, like, well, what what what if you actually do more than that? What if you actually, like, hack into these organizations and reveal information, hack, you know, emails, or wrongdoing and that kind of thing. That would be and so I kind of, like, found the people in these chat rooms that I thought were had more technical skills than other people. And I created a smaller chat room, a more private chat room that was just for hacking. Mhmm. And then we kind of said, well, let's try to hack into these different organizations. Let's see what we can find. Like, one of the earliest ones we did was this, you know, this this US military of defense contractor called HP Gary Federal. I read emails from them, and it was revealed that they were trying to do all kinds all kinds of things, like working with Palantir to blackmail American journalists, like Glenn Greenwald, who were who supported WikiLeaks, for example. And, you know, when we leaked those emails, the press start looking into them, and they and and congress wanted to do investigation into HBI Federal, and the and the CEO resigned. Mhmm. And to me, that was really interesting because it kind of made me realize that information can actually be quite powerful. It can it can kind of, like, level the playing field. Right? Because at the time, I was just 15 or 16 years old. And, yeah, I was just in my bedroom. I had a had a laptop, but I was but I was able to participate in activities that could make a CEO resign or make congress launch an investigation.
Speaker 0
6:03 – 6:07
That's a lot of power for a 15, 16 year old to have and to feel, I imagine.
Speaker 1
6:07 – 8:41
Yeah. Exactly. But it's a very it's a asymmetric form of form of warfare in a way Mhmm. Because they make you made you realize that someone with very old resources can potentially level the playing field with someone with much more resources by using information. And, yeah, to me, that was really interesting. And then but at the time, yeah, at the time, anonymous was doing in our group, we were doing, like, a lot of, like, hacktivist things. The the hacks we were doing was very was mostly related to activism related things. So for example, like, we participated in Arab Spring, and we took down we hacked the websites of the prime minister of Tunisia, for example, where we would help, you know, people in Egypt and other Arab countries figure out how to prevent government surveillance and that that that kind of thing. We also hacked into the Westboro Baptist Church, for example. So it was mostly, like, activist related hacks. But then at some point, people started kind of, like, coming up with lot of finding a lot of vulnerabilities in corporations that we we haven't we didn't really have a hacktivist reason to act. Like, so for example, like, one day someone found the vulnerability in Fox, and they found they got access to the, database of x factor contestants. And That was that's not really activist. There's no, like, there's no good reason to hack that from activist perspective. Mhmm. And that was the reason why I started Volsec because I didn't want that stuff to be kind of hacked under the banner of anonymous. Because to me, anonymous would should be, like, for activism. So LulzSec was created as as kind of like an alternative outlet. Well, if you have all these hacks, but you just wanna do it for fun, do it under that do do it under LulzSec. Right. For the Lulz. Eventually, LulzSec kind of grew into a kind of thing of its own and became, like, even bigger. Because back in 2011, the Internet was much less secure. Like, there were so many basic vulnerabilities everywhere. And so, like, you had for example, like, the fact that we hacked 37 times. Like, a lot of these corporations just did not care about security. Mhmm. So any way to make would to make them care was actually to kind of, like, leak their information because, otherwise, it was kind of like the emperor with no codes. Mhmm. Like, no one wanted to say that they had no clothes until we kind of showed up and said, well, we're just gonna leak all your stuff because you don't you're not paying attention. So, for example, like, when we hacked the when when when the Arizona police department was hacked, which was done by, Jeremy Hammond, which was someone who spent ten years in jail, he the the the the password of the, officer was 123456,
Speaker 0
8:41 – 9:19
and that's where they were hacked. So people just weren't taking security seriously at that time. Yeah. One of the one of the things I've kind of heard, like, in hacker culture, I think I learned a lot probably in Gabriella Coleman's book, was that and, like, a lot of the stories that you've that you shared with, she writes about in the book. But there's kind of, like, also this ethic of for some of for some hackers, if something is easy to hack, then it should be almost. Like, if you don't care about security, then you deserve the hacking, not even necessarily because you did something wrong, but because, like, you're bad at security, and therefore, you deserve it. Yeah. I mean interesting.
Speaker 1
9:20 – 9:48
Yeah. I mean, that's true to that's also true to some extent, but it was also the case that LulzSec like, the whole point of it was to do some was, like, to have fun or to hack what's funny. But, also, it turns out, like, what's what is funny to hack is also worth just to hack. Like like, because justice is funny. Like, it's more funny to hack a big corporation that deserves it than to hack a hospital, for example. Right. Right. And that's all that's also the case. And so even also, like, turned out to be somewhat political.
Speaker 0
9:49 – 10:33
Yeah. Yeah. It tried not to be, but ended up being anyways. Yeah. Yeah. But, I mean, as well, maybe to, like, to to summarize the story for a lot of people since we have other things to to talk about as well, and you can find I know you've done interviews at other places as well. We've gone into more detail. But you were very young, 15, 16, I believe it was. So and you were I mean, these were, you know, purportedly, these were crimes that were committed. And so, I mean, it is kind of, honestly, just kinda badass that you did it at such a young age, and so you didn't have to deal with if you were, I think, over 18, then it would have been a lot more serious of of of a crime than than it actually actually ended up being for you. Yeah. Because I was the only person in
Speaker 1
10:33 – 11:05
The UK case. So it turns out, like, four of the hackers and this was a complete surprise, but, like, four of the hackers that we're working in the group were were from The UK. And there were only six or seven hackers in the group, and we had no idea where we were, but they all were in The UK. And, yeah, because I was I was a person under 18, so I had a noncustodial sentence where I had to basically spend around three hundred hours doing community service in a charity shop that sold clothes for, like, deaf and blind people. Mhmm. Yeah. Yeah.
Speaker 0
11:05 – 11:13
Whereas, like, I think a lot of other hackers, especially ones that were, mentioned in the book, got some pretty big big sentences.
Speaker 1
11:13 – 12:27
I mean, in The US, it's a lot more harsh. As I said, one of our codefendants or co conspirators, Jeremy Hammond, he spent ten years in jail, you know, all the way from 2013 to something like 2023, which was very kind of harsh. In The UK, it was a lot more lenient. Like, no one spends more than a few months in jail. I do think it's getting a bit more strict. So, for example, a few years ago, there was one other hacker called Kane Campbell who hacked the director of the CIA, and he kind of, like, put up a message when he had his illegals or documents. The message he put with that was something like, well, if you don't stop, like, aiding the illegal occupation in Palestine, then I wanna keep hacking you. And what happened to him was what happened to Kane, he was also 16 years old in The UK, and he was also kind of convicted on computer hacking, but he had a jail sentence. And that was the first time anyone under 18 had a jail sentence for hacking in The UK. And the judge in that case called him you you use language like cyber terrorism for Wow. Which I think is really harsh, like, if you're just under a if you're just like a teenager doing hacking, basically,
Speaker 0
12:28 – 13:52
for fun. Yeah. Yeah. I think it's something that now the legal system is taking much more over time, like, need it's taking more seriously as more and more companies complain about it as they see, like, the I don't know. They don't like to be embarrassed in that way. And I guess if you use the example of, like, a restaurant where you can sit into sitting in a restaurant will only last for so long. People have to leave every once in a while like a DDoS attack. But if you're taking information, if you're taking, you know, I don't know, food from the kitchen and taking it out is maybe, like, the metaphor that they're using. But, of course, there's, like, a difference between between data and, like, material commodities. I'm wondering how because that in like, this experience is really interesting to me because now you're in the blockchain world, crypto world, which is this place where information is completely free, where it is publicly available on a distributed ledger, and everybody can kinda take from it, at least for for public blockchains. But, yeah, I wonder, was that experience and maybe as well, I know during that time you mentioned that Bitcoin was being used by hackers, but was like, was there something in particular in that experience that made you see blockchains as, like, something to then pursue aft once you were able to use computers again after your sentencing? But, yeah, I was I was wondering if you had any thoughts on that.
Speaker 1
13:53 – 14:30
Yeah. I think there's definitely a lot of parallels. So the same way that I, as a teenager, with the, you know, a $500 laptop could level the playing field by hacking corporations with very little knowledge. I see, cryptocurrency as very similar in in the sense that its technology is relatively relatively simple to some extent technology that also levels the playing curve between individuals and powerful actors. It's basically continuation of the idea that information and technology can liberate people and can level the playing for playing field even if you don't have a lot of resources.
Speaker 0
14:31 – 15:03
Do you do you wonder, though, about like, sometimes with technology and the issue of, like, power relations that I think people a lot of the times have this idea or have this fear that in the future, that's going to be a very almost like zero or one, if I could describe it that way, that, like, either there there is a way to level the playing field or there completely is not. And that's kind of like the dystopian cyberpunk future that we're heading towards, that almost like there needs to be vulnerabilities in corporate databases
Speaker 1
15:04 – 17:21
for there to be a chance to to to be, like, some sort of outlets for people in in a more digitized world. Yeah. I mean, that's very interesting because in some way, you could argue that the Internet has made it a lot easier for governments to surveil people. You know? Because now, like, we're we're basically in, like, in the golden age of surveillance. And so as I said, like, information is a asymmetrical form of welfare, but I guess that kind of applies both ways. Mhmm. Because, like, governments or governments can also surveil people. But then, you know, you have encrypted messaging apps, for example. Mhmm. But I think I think the answer to kind of, like, a government or corporations are are pressing people is more libertarian technologies, not less techno liberatory technologies. Now it is a case that technology that technologies that liberate people can be used against people. So for example, like, Internet can can be used to liberate people, but it can but it's also being used against people, you know, by using by using it as a means of massive betas. You know, same with cryptocurrencies. You can also you know, you have dictators wanting to also create their own cryptocurrencies. You know? You have you have essentially banked the idea of essentially bank digital currencies. So, you know, it does kind of extend to this idea where information is I mean, technology is neutral to some extent. But I think I guess my thinking is that it's a kind of cat and mouse game, but I think you can always get ahead of the kind of, like, game with more techno with technologies with even more technologies that embrace people. So, for example, you can say, okay. The Internet, mass surveillance, but then you can you have sig you have technologies like signal, for example, that that prevents that. And there is no kind of, like, there is, in theory, that there is no theoretical technological way to defeat encryption. Right? The only way you can defeat that is in the real space by regulations that physically prevent people from using those applications. But even then, how how can we tell it's very even there, you can kind of fight against that by making it very difficult to tell if you have those applications. So I think, inherently, peep technologies that liberate people always kind of favor in theory, if you kind of, like, pay it out to the kind of, like, endgame, you will always, I think, favor the people the individual the the people that need to be liberated and not the oppressors.
Speaker 0
17:21 – 18:31
Yeah. I think, yeah, I feel that, like, kind of the big the question that has to be answered on whether or not a particular technology is liberatory in parts has to be answered, like, who owns that technology? Who is, like you know, who who owns that means of of technological production? And I think it is often the case that it is, like, giant capitalist corporations or whatever else, and that's part of the reason why technology becomes oppressive is because we've allowed them to completely own that. And what I think blockchains bring an interesting proposal to people to kind of to allow for a more in the case where the state is not, like, doing its job, It's it's end of the of the of the bargain or the so social contract in governing in, you know, in the interests of the people. Blockchains are being a kind of proposal. Well, hey. How do we how can we potentially put technology in the hands of people in a way that is digitally native so that we don't necessarily need the intervention of a state that may or may not, like, change how it works anytime soon?
Speaker 1
18:32 – 21:58
Yeah. Yeah. To me, the, the fundamental thing that blockchains enable that, you know, haven't been haven't been possible before is, like, for example, like, if you take the idea that, you know, Bitcoin is the first is arguably the first practical implementation of, like, a kind of, like, cryptoanarchic system. Right? You could argue whether it's, like, anarcho capitalist or or or not, but it's the first implementation of, like, a practical cryptoanarchic system, like, that kind of, like, works. And the implications of that is that it kind of fundamentally enables the the new thing that fundamentally enables is something that I call a top level social contract. So, like, for Mhmm. Throughout history, human beings have had social contracts with each other. And, for example, like, economic social contracts, you know, you do this. I do that. If you do that, I I agree to do that. Or I could for example, if I did that, I agree to pay you. Right? And, historically, to enforce those social contracts among people, you typically needed to, you know, have, like, a physical court system, you know, physical police to enforce that and so on and so forth. And so, like, if you wanted to create a company or corporation or organization, you would typically have to do that in a way that's kind of, like, is within the inherits the inherits kind of, like, under the structure of a company law or corporate law. And where does co what what what gives corporate law its authority is the parliament of a country or or the congress or the government of a country. And what what what gives the con what gives the country's government or congress or parliament authority is basically a social contract among the people in that country. Like, if if the people in that country wanted to do revolution, they could throw away the authority of a government in theory if it if it if it really came to that. But what blockchain is fundamentally enabled fundamentally is to shortcut all that and to have a social contract that is top level in the sense that it does not inherit any authority, does not relying on the authority of governments or kind of like a cons a congress or a a parliament, but allows you to have, like, literally a social contract on a blockchain underneath it underneath that. So that's why I call it kind of like a for the first time in history, it it enables what I call a top level social contract. Like, there is no social contract above that because, historically, if you wanted to start a company, there was always there's always some other social contract on top of that, like that like a government, for example. Yeah. But with a blockchain, you for the first time, you can create a agreement among people that is top level in the sense, like, there is nothing above that. There is no other authority above like, there's no there's no authority above Bitcoin. Like, it's governed directly by the social consensus of Bitcoin. That's that's something fundamentally new that I think people don't think about. And it it it's it creates a very powerful primitive, and that's why I think blockchain is like or projects like Cosmos are very interesting and why we kind of, like, create Celestia to make deploying a Cosmos chain as easy as deploying a roll up Mhmm. For a small contract. Because this idea where anyone should be able to create a chain because it's it's an extremely powerful powerful primitive that's you can create a chain with no author and you can have a contract among people. You can create rules in your chain, and there's no there's there's no authority whatsoever about that except for the social contract among the people that use your chain. And that's where this idea of, you know, the the community computer in Cosmos comes in. Like, you can create a community computer.
Speaker 0
21:59 – 22:14
Yeah. Yeah. Let's I I want to get into those into the idea of community cube community computing in a bit. Maybe it'd be good if you want to now explain what is Celestia and what are, modular blockchains.
Speaker 1
22:15 – 25:12
Sure. So Celestia is kind of like the answer to the question of what is the most simple blockchain you can build. Like, if you took a if you took a blockchain like Bitcoin and Ethereum and you stripped it back to its core components, like, what do you get? Like, what is what fundamentally is a blockchain? Like, what fundamentally are the core components of a blockchain? And that's why Celestia was originally called lazy ledger because it's like, what's what's the laziest possible chain we can create? And it turns out, like, if you ship a ship a blockchain back to its core components, like, imagine you can create a version of Bitcoin that does not verify anything. It's you can create a version of Bitcoin, for example, where developers can just dump arbitrary data onto it. Like, anything can go. That's the simple simplest blockchain you can create. And the reason why that works is because even if you had a version of Bitcoin, for example, where invalid transactions were allowed on the chain, it's very easy to prevent it's very easy to deal with that by simply having a client side rule that says simply ignore those invalid transactions. So it turns out you don't actually need to you don't need on chain computation. You don't need to you don't need to verify every transaction on the chain to have a simple blockchain that works. All you need is two components. The first component, which is referred to in the Bitcoin white paper, this idea of a time stamping server server that time stamps messages and basically orders those messages. Like, it tells you what came first. It came tells you if this message came before that message, and that allows you to basically prevent double spending attacks. And the second component is this idea of data availability. Once you have ordering over those messages, you need to make sure that everyone knows what those messages actually are. And that because they they need to know what messages what the messages are to even know what the state of the chain is. So if you have those two primitives, consensus and data availability, you can basically build anything on top. And the idea of Celestia was that we're just we're only gonna provide those two primitives. Developers can use Celestia to build their own chains on top of it. Instead of using Celestia as a smart contract platform, you will developers will create their own chains on top of it in the form of roll ups, like roll up to roll up chains, basically. And and we also introduced this idea of sovereign chains, sovereign roll up chains, which is kind of, like, very similar to cosmos chains. The cos if you create the cosmos chain, it's a sovereign chain. It's a chain in its own right. So you can also create a sovereign roll up chain on Celestia that is, like, is is very similar to its own l one and has its own social consensus and does not kind of, like, derive does not settle to some other l one or derive its authority from the social consensus of a different l one. So if you, for example, have Ethereum l twos, they kind of inherit the social consensus of of the Ethereum l one, for example.
Speaker 0
25:12 – 25:58
Mhmm. Yeah. So maybe to if we could think about it, modular blockchains are basically deconstructing the separate components of what makes a full blockchain or what's often called a monolithic blockchain, a a blockchain in its in its own right, I think you called it. It's like Ethereum Yep. Bitcoin. All these are monolithic blockchains in which everything is sort of within its own kind of stack or domain, if you can call that. And Yeah. Modular blockchains is the idea that we can actually separate these different components that we've identified, including consensus and data availability. And then I think execution and another one I'm forgetting is, like, another component that's often identified. Yeah. Consensus data consensus
Speaker 1
25:59 – 26:01
execution, data availability, and settlement.
Speaker 0
26:01 – 26:29
Settlement. Yes. That these things you can have kinda, like, separate components that you can almost, like, have it's almost like making a blockchain made out of several blockchains, or we can call it like that, where the the stack is separated a bit and there's specialization for each kind of modular part or each, like, part of the stack. And you can create a full blockchain out of that. Is that kind of how a way to kind of understand it? Exactly. So
Speaker 1
26:29 – 27:01
it's basically your your your decomply debundling the different components of the blockchain. And the the main idea is you decouple consensus from execution. So if you take Ethereum, for example, it has an enshrined smart contract environment, the Ethereum virtual machine. Well, with last year, there is no smart contracts. This is just a simple chain where you dump data onto it. Instead, the execution happens off chain or other chains called roll ups. So, fundamentally, it's just basically separating consensus from computation. Yeah. The rotation happens on roll ups instead of the l one, effectively.
Speaker 0
27:02 – 27:05
And So it it is a way of also scaling. Yeah.
Speaker 1
27:05 – 29:45
Sorry. Go ahead. Yeah. It's also a way of scaling because it's basically a kind of, like, more evolved form of sharding because, like, you can treat if you you can treat different roll ups as different shards. So you're basically, like, splitting up the chain and all the users into all these different roll ups. And each roll up does not have to process the transactions of other roll ups. Like, each roll up only has to process the transaction of its own roll up. So that's it's a it's a good way of scaling. But, fundamentally, the reason why I think it's so important is because if you look at the previous crypto cycles, like, there's always every single every single crypto cycle will run, there's always these new layer ones chains, and each layer one claims to, you know, measure incremental improvement over the previous layer one. So, you know, for example, we had Ethereum originally, and then we had chains like EOS, Cardano, and so on and so forth. Then in the last cycle, we had Solana and Avalanche. And in this cycle, we have chains like SUI and Aptos. And all of those kind of, like, make it make they purport to make an incremental improvement over the previous generation. Like, we say, okay. We maybe improve the execution environment to make it more faster. Maybe we we improve the consensus vertical to make it faster. But I think that's very unsustainable to have to create a whole new layer one ecosystem every improvement to the technology. And that's why I think modularity is so important because if modularity existed a while ago in the blockchain space, then maybe when the smaller virtual machine improves the execution environment by making it more parallel, it wouldn't have to be a whole new layer one. It could just be a new roll up on a certain, for example. You can you can deploy a more improved execution environment using a roll up without having to deploy a whole new layer one ecosystem, which I think is fundamentally as unsustainable and kind of, like, results in a lot of tribalism and maximalism. So the idea, like, this every layer one ecosystem has its own maximalists and tribalists. But the idea of modular modular blockchains is to kind of get past the maximalism, and it's kind of like their slogan is modularism, not maximalism. Because all of these different people can differ can build build different components that in that work with each other instead of having to create their own ecosystems from scratch that are basically their own silos that don't really that kind of, like you know, every time you deploy you may want, you have to deploy the same domain application as the same NFT applications, the same DeFi DEXs, and so on and so forth. So it's basically, like, creating new cities with the same utilities in parallel, which I'm not sure is sustainable as the technology matures.
Speaker 0
29:46 – 30:26
Right. It's it seems pretty unsustainable to me as well that, like, I don't know. It's sort of like every time I hear there's a new layer one blockchain, I'm sort of like, do I want to go through the process again of trying to move all of my, whatever, like, coins over to to their new blockchain and go through that process and try to see and the way that they, I guess, they kind of, like, try to try to get people to go is by, like, having weird incentives like, blast or whatever where they just, you know, say you can make a million APR, APY, or whatever. So it's also you know, it it contributes to this to this problem of kinda scams, I guess, you can call.
Speaker 1
30:27 – 32:20
Yeah. And marginal blockchains are are definitely not without their own problems. Like, you also do have kind of, like, a lot of roll up chains that you have a lot of, like, EVM roll up chains that wanna scale the EVM, and, you know, Blast is a good example. Like, the Blast is also Ethereum l two. Right? So it definitely had also has its own problems. But Sure. Yeah. Similar to the Cosmos ecosystem, we might we might end up in the ecosystem where, you know, there's thousands of app chains. Right? So, like, right now, everyone just uses expects to use the same l one for all applications. But as as the as technology evolves, I don't think that's we will where where we will necessarily end up because I just don't think it's realistic to assume that the entire web three will be running on the same chain. That's like assuming the entire Internet will run on the same server. So I think, like, having a multi chain or, like, app chain specific ecosystem is kind of like a natural consequence. And we it's very possible that we can see a future where there's, like, thousands of app chains, kind of like how the the end goal or the end game of the Cosmos vision ultimately. Celestia kind of, like, makes it a lot a lot more frictionless because now with Celestia, you can deploy your own roll up chain as easily as deploying a smart contract. You can go on and roll up as a service provider like a conduit or called Vera, and you can deploy, like, your own roll up chain in seconds. Right? You just fill out a form. But you do that without having to deploy a whole new layer one. Right? Because you're inheriting the security of Celestia. So it's not like you're building it from scratch. But I think it's obviously gonna create a lot of UX challenges, which I think are solvable, but I think that's where we'll end up. But I think it's a natural consequence because it's not like if you go on your web if you go on a web browser, you can go on thousands of websites. And I think it's gonna be sit the same with wallets. Right? With wallets, you can access thousands of chains. You you it's not really a success stream. That is only one website or one, chain that you're gonna do all your activity through.
Speaker 0
32:22 – 33:09
Do you do you worry a little bit then that, like it seems to me we we may be entering a time whenever, like, the creation of new chains is almost like the new ICO type of thing where everyone is making their own chain. And I I can see the the reasoning where people I think that I think app app chains are are interesting, like, proposal as a way to reduce transaction costs for for using a particular chain and for having it specialized in certain ways. It does and it and that does, like, potentially create a Cambrian explosion of all these different combinations of different parts together that could create chains that are specialized for different things. But maybe that Yeah. Do you think that's something that's, like, potentially inevitable?
Speaker 1
33:09 – 35:52
Yeah. I mean, I see it as very similar to the evolution of web two. Right? You know, back in back before the cloud existed, back before we had virtual machines on services like Amazon Web Services or DigitalOcean, And the only way to create a new website was you would either have to buy a whole server somewhere, like, in the in the data center, like, rent a whole physical server, or you would have to just, use a shared web hosting provider. Like, GeoCities, for example, was a very early one, but you also had providers like Bluehost and DreamHost. You would upload your code to the sub hosting provider, like and you'd only support certain programming languages or technologies like PHP and MySQL. That's very similar that's very similar to where we were with the blockchain space before roll ups. Like, you either had to create your own layer one from scratch with its own consensus Mhmm. And with its own security budget, or you had to upload your smart contracts, use and create code it using the Ethereum virtual machine and upload it to Ethereum. But when the cloud came around in web two, it gave people a third option. It gave people the best of both worlds, the best of having your own server, but with that with with the flexibility of having your own server without the overhead of having your own server. Because on because now because with the cloud, since, you know, around 2005, you could deploy your own virtual machine in seconds, which basically gave you the same power as if you had your own physical server and data center because you could install whatever you want. So you had a lot more flexibility, and that basically what I think created the modern web. It allowed people to experiment with all sorts of new technologies. Like, you are no longer limited to just PHP and MySQL. You could use, you know, Python, Ruby, go to the you know, all those programming languages, I think, fundamentally made the the demand for them were driven by the fact that developers suddenly had a lot more flexibility in the way they they could deploy their applications. And, you know, roll up chains are very similar. Right? Because with roll ups, you can deploy your own blockchain with own custom execution environment very quickly without the overhead of having to create your own layer one chain from scratch. And we're kind of already seeing this play out. There's a lot of projects that, you know, have taken the Ethereum virtual machine and have modified it in some way that might would have would not have been easily possible possible without roll ups. There's projects like Curio, which have it's like an on chain gaming project that modified the EVM to embed their game as a opcode inside the Ethereum virtual machine, which would not have been possible. And there's also projects like Manta, for example, that want to modify the Ethereum virtual machine and add certain, like, zero knowledge cryptography upcodes to allow certain privacy use cases, for example.
Speaker 0
35:52 – 37:38
Yeah. Yeah. It allows for almost, like, more more more iteration of different kind of like, trying trying out new innovations within, like, chain space, I wanna call it, with the EVM, which then maybe the Ethereum Foundation potentially likes because other chains can take that risk of, well, what if we wanted to add that to, you know, the Ethereum EVN or EVM or something like that? But I think it also if we get to this idea that you were talking about about community computing, it is very similar to kind of the vision that Ethan Buckman shared with me, I think, the first time that we had spoken about. And it is kind of like the general vision of Cosmos that I find, very interesting. But this idea that you can rather than, you know, thinking of the computer and, like, this through the lens of this personal computing revolution, which is a very individualistic and, you know, kind of sovereign individual type of, approach to thinking about computers and the age of the Internet, but instead imagining us as being part of a community that handles that does computing together, which may sound like it it is like a fairly to me, it's like a fairly it's like sometimes hard to explain to people because people are so used to kind of dealing with big tech. Like, when they go on the Internet, you know, the first thing that they do is, like, go on Facebook, Twitter, or whatever else. But, like, I'm at and and all of that computing or most of that computing is handled by, you know, a giant tech company. But if we're thinking if we're thinking about, you know, seizing seizing the means of computation or something like that, then it means that we need to create our own forms of community computation or, like, collective computation in order for that to to to happen.
Speaker 1
37:38 – 42:33
Yeah. I mean and that's a big reason why we're making it as easy as to as possible to deploy a blockchain as into less with Celestia. Because you have this idea of sovereign chains, and Celestia enables you to easily deploy a sovereign chain. Because to me, the most important part of a blockchain is not layer one, but the layer zero, social consensus. To me, the the layer zero of a blockchain is the social consensus. Like, what gives Bitcoin, the authority what gives bit like, what give what makes big the Bitcoin chain the valid chain and not some fork is that people agree that has value. Right? So to me, it's like the to me, the whole point of blockchains is to implement rules that some group of people or the social consensus have agreed should be implemented. Right? To me, like, blockchains are just in some way implementation detail of layer zero social consensus. So when we see so the problem is, like, I see DAOs, and we look at how DAOs, like, often, it's overly reliant on token holder governance, for example, which to me, in some ways, defeats the whole point of blockchains and social consensus being the important the most important part. The idea where, like, DAOs, you know, it's just that you have to vote whoever it's a majority votes by token holders. To me, that's just like replicating, you know, traditional companies and putting them on chain. You have the shell you have the shareholder votes. But with social consensus, the idea is, like, it's a much more fluid form of governance. It's like there's no votes. It's more like it's more like a raw form of anarchy anyway in the sense that you you have to like, you either agree or you don't. Like, if you if you don't agree, then you don't have to join the fork. So it's like if you wanna fork a chain, you basically need pretty much unanimous consent from the stakeholders. If there's a if there's a con if there's a controversy, someone's proposing a controversial upgrade or a change, it will be very hard to push through. And we've seen this with Bitcoin, for example. However, if you don't like it, you can just fork. Right? And you can fork in into your that's the beauty of blockchain. You can fork into your own chain with jurisdiction and with this own central consensus. And the way that the way that we've we've approached governance, let's say, for example, is we well, even though we're a Cosmos chain, because the the of the issues I see with Cosmos chain is that they're overly reliant on token holder governance for things like upgrades. So, typically, if you wanna upgrade the Cosmos chain, the token holders have to vote on what the on upgrades on chain. And to me that in some way, that defeats the whole point of blockchains because the whole point of blockchains is that no no majority of people can violate the protocol rules. But then if you have, like, a bunch of token holders that can vote to say, hey. Let's let's do this upgrade to, let's say, like, print more money or violate a monetary policy of a of a chain that was agreed on, like, seize these funds or do this controversial upgrade, that to me, the piece that kind of defeats the whole point of chains being uncorruptible by some by some dishonest majority. Like, blockchains are not are not meant to be democratic. They're supposed to be, a a form of algorithm in the sense that you basically need unanimous consent, like, everyone is voluntarily agreeing to participate in the chain. But the way we've we've approached our session is, like, we have a Ethereum style form of governance where upgrades are decided by the off chain kind of ecosystem. We don't have we don't have, like, on chain governance, but idea but what we've done is before the chain was launched, we kind of, like, put towards, like, the the the social values of Celestia. So it's kind of like a constitution for Celestia. Like, here's here's the values of Celestia. Like, one of them, for example, is that we prioritize trust minimized light nodes. So, like, when we do feature upgrades, we should try to keep that in mind and not make any upgrades that violate that. Or we should we wanna achieve an economic sustainability to economy of scale rather than scarcity. And so I think that's essentially a very powerful way to you basically have a initial constitution to say, hey. Here's here's the values of this chain. And then instead of having token holder governance, you basically say you basically have, like, more like a fluid form of off chain governance, and the community can evaluate future upgrades among the the constitution or the values of that chain. And that's why, like, for example, the Ethereum, proof of stake upgrade was not controversial because it was always part of the original Ethereum roadmap. Like, it wasn't a surprise to anyone. It's kind of, like, enshrined into Ethereum. And but we wanna enable, like, anyone to do that without having to deploy the layer one by creating their own sovereign blockchains in the form of roll ups. So now you can, like, you you can create your own sovereign chain in in in seconds using, you know, software like Rocket, for example, which is like a roll up framework. And that kind of, like, gives the ability to create their own chain with its own social consensus that does not have to rely on token holder governance.
Speaker 0
42:33 – 44:28
Yeah. I think managing expectations is a very important skill to have, not even when making a blockchain, but also in many things in life. But I think it's part of the reason why the proof of stake kind of transition went off, went went largely without a hitch because that was expected from the very beginning. Kind of the thing that also comes to my mind in this idea of community computing and what potentially Celestia and these types of solutions bring is that if you do want to start, say, you're like you want you want to start, you know, the beginnings of, like, maybe a a local blockchain that you have in your community or your organization that's still quite small, you can still kind of borrow from the security of other chains, for example, so that you don't have to also have this worry or risk, which is often the case in, like, very new chains that, like, someone will buy up you know, use the free use the free market, as a way to buy up all of the the token power in your in your governance for your chain, perhaps if you're using proof of stake or something like that. But it also allows you to experiment with other types of governance measures while perhaps leveraging ones that are already proven so far. So it gives you some of that space so that you can perhaps have some amount of resilience with your with your small community chain as you try to make it grow. Maybe I think it would be interesting to talk a little bit about since you mentioned token governance and venture capital, I think, would be an interesting topic to think about since venture capital does have quite a a lot of influence in the crypto world and have been able to take advantage of this, I think, token governance to some to some degree. Do you have any worries about the influence of venture capital, for example, in Celestia or in the crypto space in general?
Speaker 1
44:29 – 47:57
Yeah. I mean, it's definitely an evolving, thing, like how projects fundraise. And I think it's definitely a shame that projects have had to rely more and more on venture capital funding, and a big a big part of that is because of the regulatory environment. You know, back in 2017, ICOs were the main way to fundraise. And ICOs obviously had their own problems. Like, a lot of ICOs, no scams and rug pulls, so they had their own problems. And then now it's much it's it's much more harder to do ICOs in a in a regulatory or legally accept or acceptable way, especially after the Telegram case where, you know, the Telegram token had a had a lawsuit for doing their ICO or token sale. So now we see, like, the main way that projects distribute tokens to the community is through airdrops Mhmm. Basically. And some in some ways, it's both good and bad because at least we don't have, you know, these explicit, you know, scams or rug pulls. Yep. In some ways, like, projects are basically forced to do that to to give the tokens away for free in order to have, like, a bootstrap in the initial community. Like, back 2017, ICO, they would just everything would have just been the ICO. But that being said, like, to me yeah. Even though the kind of, like, the idea that blockchains have to raise on venture capital fund funds is is problematic, To me, one of the most important parts of blockchain, as I mentioned, is this idea where, the blockchain should be trust minimized. So if you look at a threat model of blockchains like Bitcoin and Ethereum, no other majority so even if, like, the validators are miners who are dishonest, they cannot validate they cannot, violate the rules of the chain. So for example, if you take Ethereum, for example, let's say, like, someone owns most of the token supply, they can't just randomly insert invalid transactions into the chain. Instead Mhmm. What's supposed to happen is that full modes are supposed to reject blocks with invalid transactions. So we ideally, we should be constructing these blockchain systems so that they are not relying on things like you know, put you know, not relying on cryptographic systems, but token holders can, basically choose what goes. And that's why I'm not really necessarily a big fan of systems like Tezos where the idea or even, like, the upgrade governance mechanisms in Cosmos. I'm part of that with the idea is the token holders choose the upgrades. So I'm very kind of against this, as I mentioned, token holder governance. And the last year, we don't have token holder governance is very limited, and we only have token holder governance for a few key parameters, but upgrades are not governed by token holders. Because to me, we shouldn't be creating cryptographic systems. And if we create kind of trust minimized systems with off chain governance, then I think we can limit the influence of venture capital funding because they won't have much that much influence over the governance mechanism. But if you take Ethereum, if imagine if in Ethereum, right, the the governance mechanism the governance the governance process for Ethereum is through these all all called dev calls and if yeah. Improvement proposals. Right? I mean, that has that has its own problems, but it's kind of the best we have so far. Like, imagine if some massive Ethereum whale or investor start coming into this yeah. And if if they have improvement proposals and started proposing something that was controversial, like, no one would take it seriously. Right? Just because I have a lot of tokens. Mhmm. So I think that's the kind of systems we should be kind of trying to create.
Speaker 0
47:58 – 49:32
Yeah. Yeah. I think there is yeah. I think the the question of government governance is sort of like like, there is not really a perfect form of governance, but that we need to kind of find what are the types of structures that best fit the community that we want to create and, like, minimize the the kind of, like, the bad aspects of that system. And I do think, like, kind of the best thing that happened to Ethereum was that it didn't take this token governance approach, which which was good. I think what's actually interesting is something I've thought about standard venture capital is, like, the expectation that you're getting full equity of, like, a particular company enterprise project that you're investing in. But when you have venture capital that that where you purchase these tokens, you have maybe slightly more kind of say in how that power can be expressed with that token. So if it was just pure equity, then they have a lot more power actually, a lot more ability to express their will versus just a token where, where you could take the token governance approach where the token is basically a form of equity, or something like or like a stock. Or you can say that these tokens only, like, are able to express you're only used to express or vote on things within, like, a very specific domain. So you can kind of perhaps put them make make them like a side theater rather than sort of, like, the main the main expression of power.
Speaker 1
49:32 – 50:46
Yeah. I would there's a very good talk by Celestia, a core engineer, called Evan Forbes, and he gave a talk on on YouTube, which I really recommend. It's called, like, Valdez Cox. And, yeah, he's, like, a bit he's kind of, like, a big he participates in a lot of Valdez. He runs a lot of validators for Cosmos chains, and his idea was, like, we should make validators. Like, the idea like, validators, they don't validators serve the users in a sense. Like, they just provide a service. And they also serve token holders, you know, governance, politicians, and so on and so forth are also. So these parties should be serving the serving the end users. They're not, like the the end users don't serve them anyway. So, like, as you said, the the token should be used to kind of, like, serve a auxiliary governance function. It shouldn't be used as the main way to govern the protocol. For example, in Celestia, we use on chain governance and token holder governance to to manage a few key vertical parameters, like, a few technical key vertical parameters. So it was more to serve the protocol and to kind of make the protocol function function on a technical level And necessarily being used as a way to decide on the, like, high level direction or or strategy of of the protocol.
Speaker 0
50:47 – 50:57
Mhmm. Yeah. Yeah. And kind of the one of the last questions I wanted to ask actually is when can we see a LulzSec chain? Well, I don't think we'll be seeing that. Well, I mean, LulzSec,
Speaker 1
50:57 – 51:13
at least in his current form, definitely does not use this anymore. Everyone Yeah. Has been arrested. Well, most people have been I mean, there are six team members. Five of them have been arrested. One of them is still out there. So who knows? Maybe he'll start with Wallsidechain. I don't think he's ever been caught. But I haven't heard of him for a while.
Speaker 0
51:14 – 51:35
Yeah. Can have you imagine, like like, with the because back back then, maybe the use was for Bitcoin, but I imagine with now with blockchains being able to use smart contracts and having all these expanded features and functions, do you find them as potential tools in kind of, like, hacktivist groups
Speaker 1
51:35 – 52:44
maybe in the future if they are not I mean, I think the killer use case yeah. I think the killer use case is still basically, you know, money. Because even back 2010, 2011, we anonymous and Alltech accepted donations, in Bitcoin. So in Voltec, we have quite a lot of Bitcoin donations that we use to pay for things like, you know, servers and to and other have tools. So I think that's still something a good use case, but you could also imagine that, you know, blockchains and have, like, blockchain implementations of governance systems could be used to coordinate activists or hacktivist. And, like, you can imagine that, you know, you might wanna you know, like yeah. So the same way that Cosmos chains have community pools, like, community pools that where its members can vote on how funds should be spent. You could also imagine, like, activist groups that might find it difficult or to have access to, you know, like, normal banking or no or would not be able to normally set up, like, a normal organization or association. They could set up, like, an organization on a chain, and they have their own community pool, and they could, you know, govern how the community the funds in the community pool could could could be spent for the activist cause causes.
Speaker 0
52:45 – 53:04
Yep. No. Yeah. I'm glad I'm glad we agree on that point. Cool. Well, maybe to end it off, Mustafa, thanks a lot for taking the time and sharing, your story and everything about Celestia. For the last thing, if you want to share with people where they can keep up with you, your work, and with how they can take part in maybe joining,
Speaker 1
53:05 – 53:18
Celestia as well. Yeah. You can go on the website, celestia.org, and you can find links to the Twitter and all the social media there. You can also learn how to run a data availability sampling light node there as well.
Speaker 0
53:18 – 53:21
Cool. Well, thanks a lot. Thank you.