CD196: EVGENY POBEREZKIN - SIMPLEX PRIVATE CHAT

Happy Bitcoin Friday, freaks. It's your host Odell here for Citadel Dispatch. The show focused on actual Bitcoin and Freedom Tech discussion. A busy morning over here. I just wrapped up rabbit hole recap my other show, but we have a great show planned today. I'm very excited for it. But before we get there, as always, dispatch is funded by our audience. We have no ads or sponsors. Thank you, freaks, for continuing to support the show. The largest two Bitcoin Zaps

from last episode. Our episode was Vexel, focused on no KYC Bitcoin Bitcoin donations. Peter Mazur, 21,000 sats. I have to admit that I often forget to Zap because I listen to podcasts during my hour and a half long commute. And then I forget by the time I get to a stopping point, although much of this is over my head, I'm trying to learn as much as I can.

This one definitely inspired me. Thank you, sir, for your support. And just on that perspective, that's how I've learned a lot of what I know today. Just immerse yourself in things that are over your head. It means you're in the right room. Absolutely love to see it. And then the second largest app was from ride or die freak map '21 a 10,000 sats. He said great rip. As always, freaks, all relevant links are at saledispatch.com.

I know sats are scarce. I know Bitcoin, you're working hard to accumulate as much Bitcoin as possible. If you cannot spare the Bitcoin donations, the next best way to support the show is to share with your friends and family. So dispatch is available at every major podcast app by searching Citadel dispatch. Take your friends and family's phones, open the podcast app, search Citadel dispatch, press subscribe. They won't know what hit them, but they'll be better better off for it.

And freaks on that note, by the way, I've been, as you all know, I've been neck deep in the AI world. I rebuilt civildispatch.com. It still has all the relevant links you would expect, but it also is live polling Noster for the top Zappers. So it's cumulative. The more you zap, the higher you get listed on the website. It's a little bit of a work in progress because it's polling Noster live. And so sometimes it

does different results. But the dream is that the people that support the show the most, the top 10 will always be highlighted on cilladispatch.com, and you can just click their profile picture, and it goes straight to their Noster profile. I'm pretty excited about it, but work in progress. Hand up. Anyway, freaks.

We have a great show today. A lot of you freaks have heard me talk about in the past, the simple x encrypted chat app. You freaks know I love signal. You know, signal doesn't signal has its own set of But it's fantastic that it exists in the marketplace. The two big ones is that it requires a centralized server. And the second one is that they use

phone numbers as a way to mitigate spam and bots. Fortunately, they recently removed the ability for other people you're messaging to see your phone number, but it still requires phone numbers nonetheless. SimpleX is a very exciting alternative that mitigates both of those concerns, and I'm pleased to have the founder of SimpleX here, Afghani. How's it going, sir? Hello, Matt. Thank you very much for having me. Excited too.

It's it's a pleasure, sir. I by the way, freaks, I think the the way this came together is kind of cool. He found my simplex contact on my website, odell.xyz, and messaged me on his own app and reached out. And then we got onto a phone call. And I have to say the audio calls are working quite well now in simplex, and we set this up pretty cool how it came together. That's true. Insert. Yeah. We're we're using simplex chat as the only communication

tool, obviously, since since we began building it. And yes, phone calls are fine there. I have to say, sir, my whole life, I've been fortunate enough to successfully have moved the majority of my communications to signal, which is great, massive improvement over regular phone calls and texts and emails. But when that thing goes down, I feel quite vulnerable. And we've seen a couple of outages lately. So I'm very grateful that you're building SimpleX. I think a great place to start here

is just high level. What is SimpleX? Why does it exist? Why should people care?

I think my primary motivation to to start this, to design the protocol, and to build it was never about technology. It it was about all the sad state of I've been observing the world is going to, how people were losing their jobs for stating the truths, and it all has become more and more pronounced in the last couple of decades. So

I I should make some, like, embarrassing admissions, probably. I I was not never deep enough in any of the cryptocurrencies world. It was alien to me. I was never deep enough in privacy community. I didn't know it even exists. But I wasn't publishing. I spent a a bit a large part of my life in in publishing, from different angles as I worked as executive in publishing organizations. I owned a magazine in my country. Then I worked as a

head of engineering at at MailOnline, one of the largest tablets. To me, publishing and communication was always one of the same. And to me, ability to say the truth is is fundamentally foundational for the society. Right? If we can't say what's right, what's wrong, if we can't say, what's truth, we we we we can no longer exist even, right, because everything breaks. And when we were building a simplex retrospective that we can say it's built pretty much on the same values as as Bitcoin,

it's sovereign says primary value, primary foundational truth that we build on is sovereign. Users should own their conversations,

their channels, their connections, their identity, everything that they use. The fact that we build protocol by removing network wide identity for the users means that now users own everything, that now they are in full control. In the same way you hold your Bitcoin keys, you you own your Symbolax identity. And your identity is what your friends see, what your contacts see, and it's not something that exists on a network. That that's why you want. And the second principle was that it's trustless. Right? So we we we always

thought that I always thought that if a technology is built on the idea that for it to function, I have to trust my technology provider, then it's not good enough because today, technology provider can be practicing don't be evil principle, and tomorrow, some pressure has come along, and it all ends up quite evil. And we've seen it over and over again. So the only way to to make it not happen is to architecturally prevent it, right, to build technology in a way that single provider

cannot act against users even if they want to. Right? So it's like sovereign and sovereignty has always been number one value here. So, like, we had a lot of discussions with privacy community. So, obviously, privacy community was the first to discover what we built. And, obviously, they had their own ideas about how we should build it. And traditional

privacy messenger would be like, you can always delete messages you send even if they lens it on another person's divide device. Right? And this kind of approach was kind of more and more pervasive and happens in Telegram. It happens in in iMessage. I think to this

at this point, we've been consistently refusing to do it this way because to me, it was like, have files on my computer. I have to allow somebody else to delete those files. It's just wrong. Right? So I have sovereignty on my machine. Right? So why should they it happen unless I agree to that? Then that's what's interesting. So, like, whenever privacy and sovereignty were in conflicts, we were saying sovereignty is foundational both for security and for privacy.

So fundamentally, that's that's that's why we're building. We we wrote some, like, some philosophical almost statement recently. It's on our website about that we we we don't we don't see privacy as some as some add on. Right? It's not like a shield and key. It's not a measure of protection. It's just literally a thing that they always existed. Right? We always had privacy before the Internet.

We could talk to people. Right? And nobody knew that who we are talking to or nobody was striking where we go, nobody was striking who we talk to, and we could have genuine conversations because this whole ability to have genuine conversation with people is is predicated on the fact that nobody else knows who is talking to whom. And that was the whole the whole premise to to return it to the to return communication to free Internet state almost, right, when we can trust the the environment.

Incredibly well said. I mean, is something that I bring up all the time. Think first off, people don't realize the human condition is to accept the status quo as something that's always been. But we've never lived in a society that is as digital as it is today, and it's getting increasingly more digital. Our lives are increasingly more online. And as a result, we've lost a lot of the implicit privacy

and sovereignty aspects of non digital life and we need to protect it. I like to distill it as I say, no privacy, no freedom and no freedom, no wealth. They're all interconnected. And I know wealth piece, I think is really important when we're bringing it back to Bitcoin specifically. But if you don't have freedom, it's not your wealth. Someone else controls it. I just want to apologize real quick. I did mess up the intro. So I'm just gonna run through real quick. Today is March 20

at seventeen hundred UTC. The current block height is nine four one four five four. Current stats per dollar is 1,432. That brings us to a Bitcoin price of $69,792 and one Bitcoin will get you 15 ounces of gold right now. We're up on the one day, one week, and one month chart against gold. Sorry about that interruption. I wanna talk so I didn't realize your background is publishing.

Is it were you what were you an engineer involved with publishing? You came from the free speech side, basically, not the privacy side. It's hard to say what is my background. I I always enjoyed codes and but somehow it happened that I only did codes and as a hobby hobby for my own businesses. I I probably am just entrepreneur who is doing what works. I spend a lot of time in in different businesses. But yes. So I I wasn't originally, I was on publishing as a as an executive,

not technology executive. I moved to technology full time about twelve years ago or, like, a little bit more, maybe fourteen years ago. And, yes, I was working at MailOnline at on technologist side. But, yes, I came to this design from freedom of speech angle, and interestingly,

simplex protocol was created, invented, you can say, pretty much at the same time when Nostril protocol was invented. But but to me, you know you know this x k c z comic when one guy one nerd says to another, oh, his computer has, like you you know that. Right? Like, 4,906 bits of RSA encryption. It's kind of traded in some years. The dollar

wrench one. Right? Yeah. Yeah. Go get go get $5 wrench. Right. We joke around in Bitcoin that with inflation, now the wrench is, $20, but, yes. Yeah. Exactly. Yeah. So to me to me, like, freedom of speech is just impossible if you cannot say say the truth without revealing who you are. Right? So privacy is not about I think it's, like, it's it's in cipher from cipherpunk manifesto. Right? You privacy is about selectively revealing yourself to the world. Right? It's not about

Heizen. Right? And depending on what you say, you may want to say it under your name, or you may want to say it under a pseudonym, and it's essential to to ability to criticize powers. It's essential to ability to share some uncomfortable truths, and that's what it also was about. But when we designed the protocol for private for for publishing that's resistant to attacks on individuals, we said, oh, that's a messaging protocol. Clearly, what we did? So why don't we make a messenger first?

Right. And we're just now approaching to the piece of the technology that they always originally wanted to build as effective as publishing channels, large communities that can scale. We're, like, weeks away from launching the first version of scalable channels on on SimpleX Network.

Like a better version of Telegram channels or Telegram groups. Right? Yeah. We've had we've had, like, large Telegram communities that literally tried to migrate to SimpleX Network. Obviously, that didn't work because, like, the current implementation scales to maybe thousands of members reasonably well after all the improvements,

but not to tens of thousands as many Telegram's communities have. So yes. So we we have a lot of interest from Telegram communities to use the network because because they would own that. Right? We we developed in a way that each community can run on multiple relays. So in a way, it's a it's a similar design to Nostre with regards to censorship resistance, but it's very different design with regards to privacy because to publish on Nostril, you have to connect to relay.

To publish on simplex channel, there would not be no direct connection. The connection to relay will be through the messaging network, which means the privacy is preserved on a transport layer. Yeah. I mean, let's dive in here a little bit to me, I've always considered the two protocols. I mean, it is interesting how that works out, right? That they both get birthed around the same time that they're more complimentary than competitive in terms of their feature set and use case. I mean, Noster is

kind of trying to solve this one to many problem as a broadcast protocol first. If I want to broadcast to the world my thoughts, something like Twitter, right? That would be a comparison. That's the kind of use case Noster is trying to solve. And then also on top of that, kind of goes hand in hand is an associated fixed identity that can be as public as you want it to be. You can be, you know, it doesn't, it doesn't require permission to create these identities.

You can have many disposable identities, but most people are using it in a way that they're connecting it to some elements of their real world life and their real world identity. And then they're using it as a broadcast medium and discovery protocol. And then with simplex, you know, you have rotating identities.

Maybe you use different identities in fluid in app with different people and different groups. And it's more like, I would compare it. If Noster's like the soapbox that you're standing on the corner broadcasting your thoughts to the world, simplex is maybe the dark pub where you're with your local community, having a beer and talking about really important things that maybe you don't wanna be on the record about, but you just wanna have free flowing conversation.

Now, when you start getting into the channels and stuff, it gets a little bit different. Right? Telegram channels, I would say Telegram is the behemoth in the room. That's why we're gonna probably keep bringing them up. You know, they have 2,000,000,000 users at this point, and they make a lot of privacy claims that technically are bullshit. Yes. So there's a decent amount of overlap in the communities. But Telegram channel so Telegram first started as DMs, then they had group chats.

Group chats, I would say, would put more in the pub kind of scenario until they get bigger. Sometimes group chats get big. They're like a thousand person group chats. Then you're in like an auditorium maybe or something. But then Telegram channels are like more of a competitor to broadcast media, whether that's Twitter or Noster or something like that, where the actual participants are not able to interact more so than maybe there's a comment box or maybe there's emojis,

but it's really one person broadcasting to a bunch of people. And the reason I bring this up is because net net you want those telegram channels or large groups. I think you can kind of put them in the same small groups and and personal messages DMS. Think could be in the same group and then large

groups and large channels can kind of be in the same group. Net net, you want them to be end to end encrypted, but you always historically have the problem of all it takes is one person out of 2,000 people to be compromised or their phone compromised or themselves would be against whatever the group is. And they can be recording everything that's happening in there. So as you move into that feature set, how you thinking about privacy in that scenario? Because if there's a thousand person group,

once again, I think it's important that it's an end to end crypto regardless, it's the basis that everything's built on. But if one journalist is in there or whatever, just writing it up in The Wall Street Journal, then how much, know, how are you dealing with that? How are you thinking about that?

I I think I think, Matt, you you you will have tendency to conflate what what privacy means, and here we're talking about two different aspects of privacy. I I 100% agree with you that once group is free to join, right, and anybody can join, then it's unrealistic to expect any degree of content privacy in such group. And it's just dangerous to rely that there is a content privacy.

Because if you if you expect privacy but there is no privacy, then you may be saying something as if it is private conversation, but, like, beyond

thousand that's, by the way, the basis of my scathing criticism of MLS as specification. Right? You know, this message layer secrecy I wrote. Yeah. I was gonna bring that up. By the way, it's not a surprise that you came out of publishing because your blog is one of the best blogs in tech to follow, by the way. Thank you. You're Continue. Too You have a blog about MLS, which is what Signal wants to move to. Look.

I think it's nonsense, frankly. I can talk talk about it. No. Actually, what what Noster what Noster what what was implemented on top of Noster with White Noise is a different thing. Right? Because they correctly identified the weak spot of MLS design, and they completely sidestepped it because no store identity is the key. So effectively, authentication is bundled with identity.

But that's a that's an I would even say it's almost like an edge case because in majority of systems, people don't see key as identity. Right? People don't are not hardwired

to to kind of equate identity to the key. I mean, Bitcoin community is very hardwired to equate those things. Right? Or just generally cryptocurrency community. But in normal world, identity is a name. Right? And how do you know that this name Or a phone number. Exactly. So something secondary, something which is not cryptographically strong.

And how do you equate this identity to something? So, yeah, MLS MLS tries to solve the problem of key agreement in large groups, but it's it's kind of futile because it all depends on authentication service, which is still depends on provider. Right? And the whole point of end to end encryption is to provide protect from providers. So effectively, we need to trust the provider to protect from provider. And to me, it's like a logical impossibility.

I on the road this pause because I was asked by, like, 20 different times members of our users were chasing me and asking me to explain why we are not adopting MLS. But, like, after I explained it, like, 20 times, I said, alright. It's time I write something about it. So it's not like I had some kind of vested interest into in criticizing MLS.

But but the point is, like, once the group goes beyond thousands of members, there are two possibilities. It's a public group. It's it's publicly available, and content is impossible to protect, and there is no point trying in a strong to expect us to protect it. Another possibility, it's a corporate group. Right? It's hosted on corporate servers. Right? So however much we may all hate corporations,

they exist. Right? And if it's on their servers, again, it's about protecting their servers and not end to end encryption. Yeah. And to be clear here, Google has a 190,000

employees. Right? So you can easily imagine a 5,000 corporate group. Exactly. Yeah. Exactly right. Yeah. So but but why do they need MLS for this case? Right? So they who they who who are they protecting us from? Right? They they they just need security of infrastructure. They need discipline. They need proper upsec and Google. Right? So they don't need MLS for that. So they may use it for some cases, but but it's still it's still unclear why would they use it. So but

but the reality the main thing about privacy is participation privacy, I think. Right? Because we've seen it all over and over again that not only publishers are being, like, the platform, the banks, high fired from jobs, right, or worse. Right? So, like, it doesn't matter that, like, the the like, if if you're being dragged to court for whatever you said in public, right, it doesn't, I mean, it's kind of great that the legal system is not completely broken,

and eventually, you are released without verdicts. Right? But the problem is that the whole process is the punishment. Right? You're being dragged through interrogation. You're being dragged through court process. You have to waste money on lawyers. You have to engage with all that. Yeah. So so the process becomes the punishment, and that's the problem.

So publishers kind of learned. If they publish something controversial, they have to do it behind the pseudonym. They have to do some reasonable upset to protect their identity. Right? And and rather even if they say legal sense, there are some strong and powerful people who don't like those legal sense to be said, so they protect themselves. But their audiences may not do that. Right? And we've already seen people

in in various countries. It happens in some even European countries, unfortunately, and it happens in in Russia. Right? You like something, and the next thing that happens, you don't even you don't even comment on that. You simply like something controversial, and then you're being riddled with some fines for liking thin bitch.

Or maybe you're you're not even liking it. I mean, we you're in the group. Yeah. You're in a far you're in a you're in a certain politician's telegram channel, and they're just taking a full list of who's in the group and using it against you. Exactly right. And that's that's what's critically important. Privacy of participation is is very so so we currently live in a world when when some powers

believe that they have to regulate not just what's being said, but also what's being listened to, and it's even more dangerous. Right? So people want and there is no law for that. Right? There is no it's it's completely outside of legal process. So it's completely outside of any precedent we've had we've seen in history. So people reasonably want to protect their identities, and they don't want to conflate their identities. So the in Telegram, if you follow,

20 different channels, then everybody knows all the channels you follow. Right? There is a picture. Right. The next thing that happens, you're branded as a conspiracy theorist, and it's not the worst outcome. So and, Nostra has similar thing. Right? So either I have to have a discipline and create multiple profiles,

and it's just inconvenient. Right? I have to think about it, and I have to go through the hoops. And, like, all the applications don't really make it simple to create alternative identities just for participating. Right? So you end up just joining with the same identity, and now everybody knows what what you're reading, what you're listening, what you're engaging with. So so what SimpleX protocol achieves is that every time you join a community,

it's a next set of keys. It's a next set of addresses. It's a next set of credentials, and your participation remains private. If you want to new identity of by default. It's not even a new identity. The network doesn't operate on the concept of identity. I think I think I think let let me explain. I think I think it's important to understand that we didn't really build one thing. People think that we build one thing. But even if you take our earliest white paper, like, written in 2021

even before the business was started. So it says very clearly. So we built a network for delivering packets between applications because this is what's the missing bit in the World Wide Web. Right? I was web developer. I just wanted a channel on my website. Right. Right? So how do you do it? You need a message and protocol to achieve that. To do publishing, you need messaging. So we created a transport network that allows to deliver packets between the endpoints.

And this transport network today already used beyond simplex chat application. It's used by low end devices. People experiment with IoT devices using simplex network. One substantial distinction of this transport network was if you if you look at the Internet, Internet is a transport network. What Internet does, it it has endpoints like devices. Right? And it deliver packets to the endpoints. Right? And Internet

uses what's called endpoint addressing. Right? Each net each endpoint is assigned an address. Right? We flipped it upside down. This designer said, okay. We're not gonna assign addresses to endpoints for various reasons. It compromises their security. It also compromises their battery consumption. Because if you think about mobile devices, right, they don't have fixed address. They keep switching between networks.

They assign dynamic addresses. So the problem that network initial Internet was quite symmetric. Right? All net point all endpoints had addresses. Right? Fixed addresses. And now Internet evolved to the point that some kind of nodes we call servers, they have fixed addresses, but all other nodes and end user devices, they don't have fixed addresses. They have variable addresses.

And that makes addressing really hard. It makes a synchronous communication really hard. It makes all application really hard. Because in order to receive messages, you now have to poll. You have to go to the server and ask keep asking, do I have messages? Do I have messages? Do I have mess people believe that's how simple x network works, but that's not how it works. The problem with this asking is that you lose power every time you ask.

So we said, okay. What if we design transport network in a very different way? And instead of assigning identities to the endpoint addresses, we assign identities addresses to connections between the endpoints. And that's how SimpleX Network is built. We simply built a packet routes in network when address is assigned to connections between endpoints. So every time you want to connect to endpoints, you create a connector

and slap an address on this connector, and that's it. That's that's all the innovation was about. Flip the address and scheme upside down, and instead of assigning addresses to endpoint you said the audience is quite technical, so I hope I'm not going to do it. You you're telling me if I'm going to do it. So that that's the whole idea. Right? Assign addresses to connectors between the endpoint, and it solves the problem. It solves problem of endpoint security because the second endpoint

address is known to the network. It can be attacked, and it solves problem of power consumption because if endpoint cannot have fixed Internet address, it it becomes problematic how to connect. And what simplex nodes are is routers that route packets between endpoints.

So endpoints use these routers or routers, however, it depends on which country you're in, I guess, so to to deliver packets between endpoints. That's what we built. And then they said, alright. I have experience of building open source applications, and I know that if you build a component that's not used by end users, it's really hard to make it valuable. It's really hard to make it into every business. It's hard to get adoption because you're effectively built a technological cog in

a large way, and you have to convince people to I'm talking about my library for data validation. Right? I built, like, Sarcen from 2015. I built a JavaScript library that now has close to a billion downloads every month

because it's used probably by, like, I don't know, most JavaScript applications. It depends on this one. It is. Right. It's it's it's one of the biggest used libraries because it's an independent chain of many applications, But most people don't know it exists because it's it's a it's a little cog well, not not so little. It's it's a it's a highly reliable cog in the wheel that's

surviving AI led attacks right now. People try to find highly reliable. It's been highly supported, used by lots of people. My my kind of thinking when we design this transport network is we'll have to build application in parallel. We we cannot just build transport network and hope that it's somehow used. We have to build some application that uses this transport network. Proving the use case.

Effectively. So we build SimpleX Chat. And what is SimpleX Chat? SimpleX Chat is a peer to peer messenger that uses this transport network. And the fact that SimpleX Chat doesn't need identities for the end users is a direct consequences of transport network not having endpoint addresses and instead having connector addresses. So and these two things have been evolving in parallel. They live in different code repositories. They obviously,

SimpleX Chat application uses library provided by SimpleX software. But for us, it's always been, like, two things. We're evolving in parallel and try to make this whole ecosystem work, but together. Right? But and and that's that's that's the foundation of technology we built.

That makes a lot of sense to me. I mean, the dream is that you have that there'll be many different applications and use cases on top of this protocol, but simplex is the first one and it's paving the way and proving how it works and how resilient it is. Right? Correct. SimpleX yes. Correct. Yes. We we see SimpleX chat platform also as a potentially platform for applications similar to a browser. Right? We're already playing with the idea of adopting programming language that will enable

to have widgets in a chart that have some customers or activity, etcetera, etcetera. So simplex chat in itself is also like a platform you can develop on. And people already developed chatbots. Right? So there was, like I was very excited to see that guys from unstoppable you know you know this unstoppable wallet people probably. Right? So they developed a chatbot that allows to do swaps via simplex chat chatbot. And

the good thing is, like, you're doing swap without connecting to any without exposing your IP address, without sharing your transferred information. You're effectively yeah. There is it's not completely trustless, of course. Yes. You you trust some swap providers. Right. But SimpleX Chat itself is rather trustless. Right? And you just The communication protocol is is trust minimized. Yeah. Yeah. So And private. Yeah. And I mean, it makes sense because I mean, I do think,

you know, I think the truth is somewhere in the middle and there's a lot of hype, but I I do think the UX of how people interact with a lot of these things is moving to like the AI chat interface. We're like going from we're going away from the world of point and click and more to the world of ask and get, you know, where you're like just asking an agent for something. And then as the question becomes and we've seen it with the OpenClaw movement,

which is the fastest growing open source project, end user open source project of all time. Everyone's using Telegram or Discord centralized and not private at all. Right? 100%. And I I I I agree with you. You know, I was a CTO at startup that was selling fashion via WhatsApp. Right? To me, commerce move into messaging environment. All interaction with services move into messaging environment was, like, inevitable future of technology because

this whole kind of point and click interface, it requires a lot of, like, thinking about what to point and what to click. Right? Sometimes just want to ask. And the constraint was always an intelligence of or or or, like, some ability to interpret our requests if they are said in plain language. Right? And they're certainly positive points when we can get very valuable responses

from LLMs. Right? But the problem now is that the whole kind of communication pipes around LLMs are extremely insecure, not just LLM provider can read what they say, but, like, all the transport environment around it is not quite secure. Plus, we are not private with that. So I think I think what we're building can be an interesting transport layer for interaction with with models. Yeah. I mean, you especially see it, the

commerce as messenger in the developing world. Like, whenever I'm in Latin America, it's very obvious. And I mean, to tie it back to Bitcoin again, the number one way that people do P2P Bitcoin trades is through WhatsApp is through existing messengers, not through like application They're they're going into WhatsApp. They have their broker dealer or whatever, and they're just messaging them directly there and exchanging information. I I saw I wanna pull it back for a second. The so

the key here, the simplex servers, right? Anyone can run a simplex server. They're routers. They're routing the communication between each other. How heavy is that burden? Like and what trust is being put in the server by the users? The burden that router holds is very much dependent on the traffic. If you're just running a set of routers for a small group, you can have single core virtual machine with, like, half gigabyte of RAM or even less. It's just minimum.

Yes. Yes. It's it's extremely low resource consumption because all it does, it receives a message. We our default implementation doesn't use any database layers. It can run on like, it's a single executable that keeps the state and memory with a fullback state in a append on the logs. So effectively, it it wouldn't lose the connections even on hard reset. It may lose some messages on hard reset, but if it's if it terminates normally, it wouldn't lose any messages. It will persist them on stop.

So we we don't we don't we don't run this in memory servers anymore for those that are preset enough. We use, Postgres database for that, and we know quite a few people who migrated to Postgres database as well who run them in their companies or in their working groups. So they use use those routers with with Postgres databases. With high traffic, it's it's more efficient. But still, we're talking about relatively low power machines or virtual environments that can transfer millions of messages.

So I'm just trying to like, I'm trying to key in here on what you perceive as yeah. Go on. You said you asked the second question that was trust. Right? The level of trust. Yes. I think I think we probably thanks to our adviser, we have been very explicit about trust model. It's it's in our white paper. So servers obviously can routers disrupt communications. Right? So we we trust routers

not to do it. But what they cannot do is important. They they cannot compromise on to end encryption because they do not participate in key exchange. Key exchange happens out of band. They cannot drop messages undetectably. They cannot insert messages undetectably. So the best the service can do is just delay communications or,

like, send loads of spam traffic to the end user's device. Like, reliability and uptime is the trust, basically. Right? Yes. Yes. Effectively. Yeah. And and with servers, there's a routers that we run that had very we had no no much problem. Right? I I had, like, very funny situation when somebody who I connected, like, on the day of the first mobile app launch four years ago recently messaged me and said, hello. I said, okay. This thing was, like, four years ago.

The connection somehow survived through all this time. So yeah. So so we we we aim to minimize the trust. And, also, if initial design had a single router in a message passing chain, and, obviously, even though on a simple x protocol layer, servers don't have identities, there is IP call layer. Right? And if server can if router can observe IP address of one party and IP address of Yep. Another party

then then they can see who talks to whom. So on on IP address level. Right? So we changed this routing protocol. So now messages are passed always through two routers.

So even though the first router and the message passing okay. So each conversation with these four routers. Right? When I say two routers, it's a one way communication. Right? Okay. So so I can be messaging you through one router and using our another router to connect to yours. And when you're replying, you also will be using two routers. So effectively, you choose the routers to receive messages from and I choose the routers to forward the messages

to your router. And they would all have to collude to connect the It's it's really hard. Yes. They'll have to and it's really hard because it means they'll have to do some coordinated protocol changes and introduce some additional metadata in the message envelopes.

So I would say it's not impossible, of course. If routers collude, they can do time and correlation and compare those things. Right. But but the technical bar is quite high, And the clients are already programmed to use router, not just different routers, but routers of different operators. We introduced the concept of router operator. App understands that.

And it will tell already has two preset operators right now. There will be more. So and if you add yours to the routers, then it will be a third operator. So App knows this concept of not just router, but of router operator, and it chooses different operators, so different entities.

That was my biggest criticism of Tor, by the way, because Right. Tor Tor network is built on the idea that you choose three relays on a on a packet pass and pass. Right? You don't control the relay choice or you have limited control of relay choice. Right? And we know that there are large entities separating those relays on Tor network. Right? And we know that there are entities who sell traffic data as well. So so if actually this whole kind of idea that different servers, different relays means

that they don't collude is kind of questionable. Right? So we Like, the whole model is based on at least one honest actor in the route. But if it's all the same actor, then the the assumption breaks down. Exactly. Yeah. And and given that you have limited control of those again, there there are some advanced settings, but by default, you don't choose, and it means that means that you potentially don't don't have privacy of this of this circuit. I think it's important since for simple extra protocols, like, if you compare with TOR. Right? On TOR,

you create a persistent circuit. So you build a circuit, and then then all the packets comes through the circuit.

And then the circuit can see all the packets, and they understand. They all understand it's the same circuit. It's persistent circuit. Right? Right. So even even though like, for example, it's it's it's a session design. Right? So you may message different people through this network, but the the the server that receives your messages would know that they come from the same person because they come through the same circuit.

And you understand. Right? So, like, because the the session is the same. Different packets come out of the same session. It means that you know at least that it's the same person communicating all these different contexts. Right? With SimpleX Network, we designed it differently. We do the same as Mixnet do do. So, effectively, there's no circuit. There there is a packet level. And, the recipient router, it doesn't know whether packets come from the same session or from different session.

So it only knows that they come to different recipients. Right? And the forwards in router, again, it doesn't know how many addresses would be because there isn't an encryption between sender and the receiving router going deeper in technical details. So, effectively, they cannot establish who talks to whom on a cryptographic level because because the each each packet is anonymous in this message person.

That's awesome. Yeah. It makes collusion significantly more difficult by default, which is key because if defaults are what matter, most people are not gonna actually be changing things. Yes.

How do you how do you handle the, like, the discovery problem? The and by discovery problem, I mean, it can mean a bunch of different things. What I mean is you message me and I'm connected to a different router than you are. How does the path get determined? Like, do you how does it how does it get to me? Right? You know what I mean? Your address. You published an address. Right? So we don't have have anything in the protocol or in the op to help me discover your address.

That's that's the future That's a separate discovery problem. That's not what I'm talking about here. Yeah. Yeah. Yeah. Yeah. You went to my website, and there was a there was my my address was there. So we just used a traditional website for that part of the discovery problem. Correct. The address the way it works now the way it worked before, the address itself contained the router address. Okay.

The way it works now, the address contains a a a reference to an encrypted piece of data, which contains the reference to the address, which I have to mention. So the the the address itself cryptographically bound to the point I have to forward my messages to. So your your router is determined by your address, and the router I choose to forward messages to this address packets is randomly chosen from my configurate from my client configuration. So my client says, okay. I will choose any router,

but it will try to use a router of another operator than you use. Right. So and that's what and when I send the first message to your address, when the client sends the first message, it includes the reply address, end to end encrypted. So your client gives you a discovery path, basically, to get back. Yeah. Yeah. Your client learns where it can reach me. When I message you, it's all it's all works rather seamlessly.

And on a technical level, discovery is not a problem. Obviously, the the whole idea is, like, for for us, right, we have a a support team member who answers user's request. The most common request is how do I connect to people? Like, where do you where do you where do you type the name? Do you type the phone number? How the hell like,

how is it even working? Right? So the whole idea that you have to create a link and share the link with somebody else in order to connect is is alien to absolute majority of people. We're doing a lot of redesign of this initial connection experience right now to make it easier to understand. We we don't change it yet. Say the in person is more intuitive

Yes. Than not because in person, you just scan a QR code. Boom. Yes. Yes. Yes. Yes. That's that was, like, that was literally version one of the app had nothing else. Right? You could scan a QR code and you can start sending text messages. That was what we released four years ago. But, yeah, that makes sense to me. Okay. So one of the things that MLS does attempt to solve is

is this idea of groups scaling poorly in encrypted chat. So a lot of times the most basic and you can correct me where I'm wrong here. My most basic interpretation of how standard encrypted group chats work, whether it's signal or matrix or any of the existing ones is I'm basically if there's 50 people in the group, I'm sending 50 individual encrypted messages every time I'm sending a group text,

but the UI is making it look like it's just one message in a group text. But in the background, what's really happening is every message has to be sent to every group member and private, you know, encrypted separately. My understanding is part of the MLS spec is trying to solve that scaling limitation because maybe it works at like 20 people. Maybe it works at 50. But once you get to like 2,005 people, it's insane. You're like basically DDoS each other and then the servers would obviously

have a lot more overhead attached to them. So how are you thinking about that? Is that a real limitation? Is that and how are you mitigating it? Okay. So there are several questions. I'll try to answer all of them. So first, that's not that's not that's not that's that's not exactly how a signal works. Right? You're not sending messages to each member. What you do is you generate a random key for this message, and then you encrypt the key itself for 50 people,

but the message is encrypted only once. So for example, if your message is, like, 200 characters, but your key is rather small, you don't need to send message 50 times, and you don't need to send message to 50 people in signal. You encrypt message with the same key, and then you encrypt key with different so if I say and then you send one bundle, which contains one message encrypted with this key and 50 encrypted keys, but they are small because it's, a fixed size 32

bytes bytes key. Right? So so it's not it's not exact. And then the server does the fan out, the broadcast, right, to to the to the recipients. And server has to do it anyway, however you agree, keys. Right. Because they have to see the message. Right? Yeah. Yeah. Exactly. So they they like, it's either, like, in simple yeah. So if you if you communicate via signal or matrix,

then the the the whole way it works, you send the message once, and then the server distributes it to all the group members. Right? And server obviously has more power than your mobile device,

and that's why it's it's it's it's working. Right? And the fact that you have to send 50 different keys encrypted for each recipient is not, like, the same as sending message 50 times. It's it's obviously some overhead, but it's not as much overhead. So this approach scales to some thousands of members. Alright. It doesn't it doesn't scale to 50,000, but it scales to several thousands. But it am I right that there there is a little bit of a I mean, I will just say, I've been in very large encrypted matrix groups,

And maybe it's something else with how they have it implemented, but it like become it becomes nearly unusable as you get to the higher numbers in terms of people. And, like, not that high. I don't know. Like, 1,200 people or something. Content good consciousness. Comment on why matrix works, how it works. So Fair enough. Yeah. So I will leave it on their on their conscience. So yeah. So I think it can be done reasonably usable for several thousand people. But Okay. The problem is that,

we discussed it before. Right? My my view is simple. Right? Once your the group gets past 10,000 members, you need a trusted server.

Right? You you really need you you you can't you can't protect participation privacy, but there is no reasonable way you can protect content privacy because somebody in the group has it anyway. Right? Yep. And trying to design communication protocol that protects you from server is an interesting direction, but MLS doesn't solve this problem because MLS arrives to the point

that in order for this to be protects from the server, you still need a trusted server. They just call it authentication service. It's a different trusted server. Yeah. Yeah. You still need some trust. Right? And kind of that's that's questionable. And and they acknowledge that, and it's an ongoing area of research, and they agree that this is a serious limitation because that that's kind of the whole foundation of trust. Because the idea of end to end encryption is that you are protecting content

from your messaging provider. And if messaging provider can inject a participant into the group, then you're not protecting content anymore. And that's what the lack lack of trust to this authentication service achieves. You can have participant that is injected. So so yeah. So the problem of SimpleX designed for groups is different.

We do not have a broadcast thing at the point. Right? If you have a group on SimpleX, you really need to send message fifty, hundred, or thousand times every time you send a message. And people still use groups on simplex. We have lots of, like we host a small experimental directory ourselves where people can submit groups. It's kind of our early view on what it may be. So there are groups of 5,000 people,

and they kind of work. Right? Yes. You to send a message, you have to incur lots of traffic, but people use it anyway. And the the design for channels we are now doing is effectively adds in a a chat relay that would be doing this rebroadcast. So in end to end encryption in such groups is possible

via the same approach as signal does. Right? When you encrypt not the message, but the key and attach multiple encrypted keys, and then the the relay does all your rebroadcast. So that that that's a viable approach. I think realistically, to me, pairwise ratchets, like pairwise double ratchet, so for each member,

you encrypt separate key. It scales to quite large numbers. It scales reasonably well to even 5,000 recipients, and that's that's how we see large groups with end to end encryption in the future. Not MLS spec, but

effectively what Signal does. So Signal works Signal limited at 2,000 because they have, like, tens of millions of users, and some of them are on really bad Internet, and they don't want to have a very low power devices, so they don't want to go beyond thousand, with end to end encrypted groups.

But I think even five, ten thousand, it's a it's a tractable approach if if you only encrypt keys and not the not the full message. But beyond that, it's just like it feels like you're not you like, you cannot remember 10,000 people. You don't know who's in the groups. You don't know who reads it. Like, what's the point of end to end encryption? I I kind of agree with So then we move into the channels. Right? Yeah. Effectively. So then how are you how are you envisioning the channel setup, and what's that what does that look like in practice?

User experience but from user experience point of view, you just it works in the same way. You scan the link, you join the channel, you start receiving messages. The difference is that if you have right to send messages to the channel, then instead of sending it to whatever number of subscribers, one, ten thousand, 50,000 subscribers, you send it only to chat relays, and they do rebroadcast. The server?

It is not exactly the server. It it is again, it's some sort of a message. It uses client client side technology because you're not connecting to this chat relay over the Internet. Okay. Actually, the chat relay is a mess messaging client that's calls plays or all plays as a server, right, that that is a router. Right? So it receives your message as a as a simplex client. Right? And it has it's a special kind of client

because you're never connecting to it directly. You don't know its IP address. You don't you only have its simplex address forwards your messages through simplex network. You can you connect to it via SimpleX network, and it forwards the messages to SimpleX network. So unlike no store relays, you never build direct Internet connection to this relay. Okay. I I mean, to help me understand, maybe it's more helpful

because if I don't understand it, then it's less likely other people understand it. Let's say, I don't know, some politician wants has a 100,000 person channel. Right? Wants to broadcast to his audience, the 100,000 people big. What does that look like? Is he running his own chat server, and is who's running the chat relays, and how does that all fit together?

It it's not different from who runs simplex network routers. It can be there will be some chat relays that run by third parties preinstalled in the app. He can run his own, and each channel can have multiple. Our idea is that you you want more than one chat relay in each channel for redundancy, for censorship resistance, for mitigating any trust issues. So the way we designed the protocol and Laura's implemented is that some critical messages are are signed by senders so they cannot be faked.

Most messages are not signed, but they are kind of delivered redundantly, and recipient clients can see if some relays decides to invent messages or change messages or so with, like that's in case they are not end to end encrypted. Right? We're talking about public channels at this point. Right. Yeah. Big

big thing with public channels is not is not necessarily encryption of the content. It's verifiability of the content that it hasn't been changed in transit and privacy of the participants. Correct? Correct. Correct. Yes. And end to end encryption between this relay and the participant helps privacy. Right? Because because there is end to end encryption between the relay and participant, all the traffic information is not uniform.

So the transport network cannot observe the content. It cannot correlate the content. It cannot understand which groups you are receiving content from. For the same reason, it's, it's end to end encrypted. So so end to end encrypted and this broadcast and relay and the members helps privacy of the members.

Right. Because because without end to end encryption, transferred network could see content. Right? And if transferred network could see content, they know what you're reading. Right? So the same time encryption is very important to provide And the members are known.

Exactly. Yeah. Yeah. So but and and with end to end encryption, transport network can see nothing, and chat relays don't see your IP address, so they kind of protect you from each other. And then from the why aren't all you mentioned so the broadcaster, let's call him the broadcaster in this in this scenario. Mhmm. The guy who owns the channel that's sending out the messages to people. You said every message isn't signed.

Why isn't every message signed? Is it a is it a is it an efficiency thing? Or No. There is no cost on sending messages, but it's it's always a double edged sword. Right? So, like, one one of the qualities in communication is deniability. Right? So Right. The double rated protocol has this quality called reputation, which means that it's not possible to prove to a third party that you actually ever sent this message because the message is is encrypted by the key that the recipient also possesses.

But the second you start signing the message, you're effectively putting your signature on the message saying, I actually said that. You lose the the name of verifiable. Yeah. It's not just it's not just verifiable. It's also verifiable is a good thing, but the flip side of this coin, it's nonreusable.

So you can no longer say, I have no idea where this message come from. I I never sent it. Like Yeah. We see that issue with a separate rabbit hole that I've dove down in the past, which is the idea of of of more modern voting techniques that would involve a signed receipt. And that issue there is you could have an employer or a husband or a government come to you and be able to with no doubt whatsoever know how you voted and then pressure you accordingly.

Exactly right. Because on the surface, it seems like such a great idea. It's like, oh, I should have a verifiable receipt so I can make sure they're not faking the votes. But then all of a sudden, you realize why votes are supposed to be private in democracies. Exactly right. We we we effectively saying, okay. So some like, for example, if if the command you're sending to ChatsRelay

is to remove a member, it should be signed. Right? Because the the consequences of mem of relay removing a member are irreversible. So, like so you or for example, you say, I want to delete a channel. Right? This section requires your signature because it's it's irreversible and it's destructive. Right? So everything irreversible and destructive, we add signature by default as a requirement,

and the receiving clients will simply refuse to process the message if it's not properly signed. And your key is cryptographically bound to the channel link. So this is like we we build this whole kind of cryptographic trust chain with the with the channel owner that when the member when the subscriber just joins your channel, they already get the key from the link. It cannot be faked. So effectively, they know your credentials for this channel

from the get go from them joining. Got it. Relays can't take locally. Yeah. Exactly. Yeah. But for messages, we want to make it an opt in. If you really want to sign important messages,

then maybe we would provide it as a as an option or as a feature, but I believe it's wrong to make it a default because think about that. And so what the UX would display, this is a signed message? For example. Yeah. Exactly right. Yeah. Exactly right. So imagine this. Like, you already have five relays in a group. Right? These five relays are operated by different entities. Right? If one of them decides to substitute the message, the recipient client will see it and say, what's going on here? Right? So there is some kind of trust said one thing and one said a different So and I think it it's actually better than signature because

that gives them similar degree of trust. Right? The probability of four relays collusion Right. If they are run by different parties, right, is low. Right? And especially if the politician himself runs the relay. Right? So then then what's the chances of it being replaced? Right. But at the same time, there cannot be used, as you said, as a signed receipt, which kind of which can be used as a proof of of doing that. Right? So, like, it's

That kinda makes sense to me. It it still solves it's all yeah. Yeah. It still solves the main underlying problem, which I think is going to become a bigger concern is as digital communications become the main way people digest information, there are serious real world consequences on what influential people say. And we've seen this. Trump sends out a two social post, and military is moved and markets react.

And meanwhile, there's zero way for me to know that Trump actually sent the true social post. Right? There's a bunch of men in the middle that can can fake that. Yes. And we haven't seen a large scale repercussion yet of that type of attack, but I assume it's going to happen sooner rather than later. And so it's important that there's at least some level of verifiability or trust here. And I see how you're kinda trying to You know, trade offs on both sides.

Fant. Yes. You know, it's there is a value in being able to sign important messages, 100%. But I believe it's wrong to make it default and rather than opt in because,

like okay. So we are like, imagine the situation. Right? You talk to me and we record this conversation. People kinda list it. And obviously, nobody of us can deny that this conversation happens. Right? Right. Imagine a different situation. We meet in a cafe. We have a private conversation. We really don't want this conversation to be public. Right? Whoever

knows what we may be discussing. Right? It doesn't necessarily we're conspiring. We can be just having a private conversation about our lives. Right? And if anyone later quotes that he said that, it's improvable. We have Right. Plausible we have plausible deniability. Now imagine if it happens in encrypted messenger, if you use signal, you also have plausible deniability because or sig Symbolax because messages, even though are end to end encrypted, they are reputable.

Right. So there there is no way to prove that you actually sent this message. And we haven't seen what I hear the criticism I hear from technologists is that nobody has ever used this concept in courts. It has no legal stance and so on and so on. Right? But the reality is, Signal is the first widely used messenger that pioneered reputation as a as a cryptographic quality in message sensing, and it only happened, like, ten years ago.

Right. And before anything becomes understood by legal systems, we usually observe, like, many, many of the case of not understanding what it is and how it can be used and what legal consequences of this is. So, yes, I don't know any precedents of this concept being used, but it doesn't mean it's not valuable potentially. So we we like to stick with reputation as a cryptographic codes of the protocol. Yeah. I mean, it's the difference between building the technical foundations

versus real world repercussions, and the real world repercussions always happen later. I mean, this is the first administration that I know of where we've seen official business happen on signal and there was that leak of that group chat. Right. And I'm sure a bunch of those group members

are grateful that at least they can technically say that they didn't send a message in there. Whether anyone believes that they didn't send the message is a different thing because you kind of have to modify some things and signal to do that. Yes.

I mean, and to your earlier point about different types of conversations, I mean, is a perfect example. Right? Because we had a conversation on simplex that was off the record. And then this one, will be hashing and signing with my nostril key Because as someone who has spent a lot of time broadcasting my thoughts and having candid conversations like this on the podcast, it does frighten me that we could have AI deep fakes and basically me saying anything this without no verifiability.

So I really take that verifiability piece very seriously when it comes to these types of conversations. Like I want there to be for this conversation. I want there to be a historical record of truth that if some AI in five years makes us say whatever it wants us to make us say, you can go back and see that hash signed version of the MP3 and know that it hasn't been changed. That's what was originally said, right? Yes.

Okay. This is all fascinating to me. I'm really enjoying this conversation. The

big one that will come up next is, which I mean, I see all the time in distributed systems is, okay, so the system relies on people running servers and relays and whatnot. Ideally, the system works best when there's many, many operators doing that. And this is something that Tor for instance, I think on a widespread scale has had a lot of issues with right having more independent operators running these things Bitcoin.

We've it's a it's a it's a major contention point of Bitcoin, making sure that Bitcoin nodes are easy and accessible to run so people can use it without relying on the trusted third party. We see it in Noster with relays. So how are you thinking about this, like, fundamental problem? Right? Which is you need as many people running servers as you need more, the better. The more, the better servers. And so how do you see that scaling?

Right now, we see lots of communities running their own routers in simplex network. It's I think there are some Bitcoin communities. I think there are some Monero communities that do there are some, discussion groups that run their own servers. They advertise it on their websites. We we we cannot know exact number, but I think conservatively, there are over a thousand routers and Symblax network at this point. So

and and that's fine, and that works, and people get their own sovereignty and autonomy and independence of anything that that we may be they may be doing or anybody else can be doing, which is great. The downside of this model is that your sir your router, because it has fixed endpoint address. Right? Like, the whole point of simplex network is protect your endpoint address. Right? But if you run a router, this router becomes effectively your address. Right? So, like, if if if it,

if it's a if it is run on public network, then, obviously, anybody knows the IP address. They somehow can link it to your identity, and maybe that's not what everybody wants. If you run it on Tor, then it's potentially not very usable even though we build Internet to Tor routes and capabilities. So for example, if you send messages to Tor router, it will be delivered even if you don't use Tor because a simplex routers would connect

they can connect to Tor routers. Right? So even even if that router is only on Tor network, then simplex router that has Internet address will be able to forward message to Tor Tor network. That that's how That's cool. That that's why network remains interconnected. Right? So you don't have to use Tor to deliver messages to Tor on the routers. And it's all great. But I think long term, this is not really scaling because

I don't know. You've probably seen Moxie Martin by Martin Spike said once that people don't want to run their own infrastructure. Yeah. The founder signal.

Yes. Yes. So my my view was always if we want privacy to be a norm, then we have to be built built in technology that everybody can use. Right? People who don't want to run their own servers, people who don't want to think who want to use just default software out of the box and get this privacy, and that's the only way it can be normalized. Right? And I think it kind of resonates with what cypherpunk manifesto author was writing later. Right? So for just writing code is not enough.

It was his later that are not the manifesto. That we have to have acceptance in the society. We have to have wide usage of those technologies. We effectively see adoption as as a privacy feature. So so this whole idea is that in order to be autonomous, you have to run the server. It it is it is not scaling to the future.

So so that's why we want to build a network when, hundreds of commercially incentivized operators can run routers and be making more money from doing that from the network than they're spending money running on this infrastructure. Bitcoin, obviously has in built monetization solution. Right? You run the node, it's potentially can mine Bitcoin,

and it's kind of at least covers the cost of operation. Well Right? And I think kinda lost that, to be honest. I mean Yes. Yes. Most nodes are not mining nodes now. Yes. I understand that. Yeah. But at at least But initially you get a benefit that you can you can use it. It allows you to use the network without trust, is kind of what we're holding on to at this point. Then also if you hold the money, the money tends to increase with purchasing power. So we have that going

for us. I'm I'm not quite sure. I've I've seen I've seen some talk a couple years ago at at a conference when somebody was talking about running Bitcoin miner at home, and his idea was that, okay. We can't make profits from running the miner, but we can convert electricity costs to non KYC Bitcoin, and that's a great thing, and let's do that. Right? So it's actually your We do have that aspect going well for us. And there actually is a company called Futurebit

that, like, puts the node and the miner together in one convenient package that you can run at home. But a lot of those miners, just to be clear, and it's kind of a tangent, it doesn't really matter that much for our conversation. A lot of those miners have the heater in their home, but then they're connecting to someone else's node, Right? So it's not their node. They're not running the actual node infrastructure.

More are, which is awesome to see. But, yeah, fair enough. So for so for SimpleX Network, we see the imperative to create a commercial model when anybody who wants to provide infrastructure can make more money from providing this infrastructure than running this infrastructure cost. A financial incentive. Yes. 100%. And we don't want to create any blockchains to do it. We don't want to do any mining operation. We don't want to create any but we still need a solution. And we've been discussing

it with the community for quite some time. So the idea is that to to answer how servers are paid, we have to answer first the question is what what in the network itself is paid. Right? When we were just starting developing this, we were thinking, okay. Maybe some premium features can do that. Maybe some something else can do that. Right? But then we've seen what happens with Telegram premium. We keep talking about Telegram. Right? To me, Telegram to

me, Telegram premium is is a proof that premium model for messaging application is a dead end. Because, yes, you may be generating revenues, and, yes, you may be developing the nice features. But, really, see, what happens is you're fragmenting your network. Right? You very quickly, as a provider of this application, realize that in order to make profit, you have to make your application unusable.

Yeah. The best features need to be behind the paywall, basically. Pretty much all of them. Yeah. Right? So so so you already there are already features when I can't message people until I have or I can't make call to these people, and it's just, like, not because they choose to, but it's just, like, it's just fun. Right? So and to me, that's kind of very much a dead end for communication network. Imagine, like, a web browser. Right?

We what we build, we take lots of inspiration from the web. We we say often that what we build is a missing part of the web, the messaging part, to say, next step. Right? Because web has never created messaging solution as part of it. So if you look at the web, how web is monetized, users don't pay for the browsers. Right? Right. At all. At all. Users don't pay for using the web at all. People may say, oh, yes. We pay ISPs,

but it's a different story. ISP is not the web. Right? It's simply a transport network that connects you to the website, but the web itself, like, all the DNS systems, all the infrastructure that allows web to function, it's free. Right? So who pays for all that? The answer is very simple. Websites pay. People who want to host the websites, they pay. And because every content distribution network has this distribution when 5% of websites generate 90% of traffic

Right. What it actually means is that it's enough to charge this 5% of websites, and everybody else can be free. Right. So you don't need to pay to host a small website today. Right? You just go, you create account, you can pay either a $1 a month or nothing or But it's subsidized by the big guys. Exactly. Yeah. So the whole web is subsidized by the big websites. So 5% of websites create all the carry or maybe 20% of the websites carry all the costs of the web.

And that's why we see channels as so important because we see channel on simplex network as equivalent of the website. And we believe as this part of the network grows, the the traffic distribution, the cost distribution will be similar. So, 10% of large channels will generate 90% of the traffic, and that's who they should who should be paying. And they will be paying. Right? Because if you say, I'm a politician, I want 100 tons 100,000 people audience. Right?

Yeah. If your choice is to be on the platform that can shut you down because the current administration doesn't like what you say. Right? We've just seen it happening with Trump before. Yep. Right? So before Twitter acquisition, before Sitting president of The United States gets banned from Twitter and Facebook. Which is ridiculous. Right? So and one of the

he can pay. Right? And anybody who has a 50,000 people in this buying and building his own social media network. Exactly. Yes. So what what we see is a much cheaper solution. So if you want a channel that's sovereign,

that you actually own, you have to pay for it. You have to cover infrastructure costs. You have to cover discovery costs. You have to cover some costs. And that's the business model that we see for the whole SimpleX Network. So messaging will remains free forever, as a as a just a as a add on service effectively.

And small channels and communities can exist for free, but large channels and communities carry the whole cost. And they just need to find a solution that allows to transfer value from those channel owners to the infrastructure owners in a way that kind of preserves privacy and security of all all participants within within what's possible. So so that that that's our view. So our view is not our view for the network is not that

it's a suggest run network, but it's a professionally run network. But it's run by so many independent facility and infrastructure providers that trust is minimal because it's distributed. Right? If if each conversation uses four different companies, right, and those companies are rotated on a weekly basis, then your dependence on this particular company is extremely low. They get profits from doing that, but they have no control over your conversation. I love that. I mean, look, I love from

I wear two different hats. I wear my charity hat with open sites, and I wear my for profit hat with ten thirty one, where we invest in for profit businesses that are often built on top of open source stacks. And so I see both worlds in the greater open source movement, the foundation led, charity led, and then the opposite side, which is a for profit led. And oftentimes you see foundations get spun up and run donationware. I mean, we've seen that with Signal is probably the best example.

It's probably the easier path for these types of things in the short term. I think long term, they scale much worse. They're not sustainable. You have to go out and constantly seek donations. And the incentives aren't necessarily aligned that well. I think one of the issues you start to see is longer term, it's like, okay, the employees or the stakeholders of the foundation don't necessarily need to see the thing grow significantly.

And the truth is in the reality, which is SIGNAL is probably one of the most successful nonprofit privacy freedom focused projects. And it's found massive success, but it's at about a 100,000,000 users, maybe less. And then you have things like WhatsApp that are in 3,000,000,000 plus. You have Telegram that's 2,000,000,000 plus. And those are for profit ventures. And I don't think it's a coincidence that those for profit ventures tend to have significantly bigger user bases.

I think it's an incentive alignment thing. So, have a lot of respect that you're trying to go this for profit ethical, for profit sustainable approach. And I kind of want to dive a little bit deeper in here.

Look, think the challenge is that I can go philosophical here, frankly. I think it all comes from people seeing most choices as binary. Right. So I have heard this in my life million times. You have to pick a lane.

Right? And I refused to pick a lane. Right? When I was building my you know, I was building like, I will go again to this library that nobody knows about, but that's a good example. Because when I was starting this library, there was, like, 12 different competing libraries, and they all were either super fast and really badly compliant with the specifications or

very, very slow and somewhat better compliant with specifications. So I said, alright. How about how about I just build one library that is fastest and also best in compliance with the specifications? And everybody was laughing at me. Said, alright. It's classic. It also exists as a comic. Right? There are 14 bad frameworks.

Let's make one more framework. Fifteenth. No. We have 15 bad frameworks. Like, I was sent this comic by, like, 10 different people in my life. Right? But, rather, I what I learned from this kind of retrospectively

again. Right? So if you refuse to compromise on important trade off because trade off is artificial. Right? The choice between fast and standard compliant wasn't the real choice. It was just easy path. Right? It's just harder to build something that is both fast and standard compliant, but it's not impossible. So I built a library that came to be the only library that people use today for data validation in JavaScript world because the choice was eliminated. And, again, same between,

like, private messenger versus convenient messenger. Right? So people have been trying to pigeonhole what they're building into like like, some people say, you're

building a private messenger. You shouldn't worry about convenience, really. You should add more privacy features. Right? That's half of our user base, what it says. And some other half of the user base says, you are focusing on privacy too much. You should compromise on privacy. And It's not convenient enough. Yeah. And instead, like, for example, the fact how you discover people, some of the hurdles or, for example, that we still don't have multi device in the messenger. Say, whatever. Compromise on privacy, build multi device. Everybody wants multi device. I don't know. I think my brain is wired against making such compromises and then start to find proper solution that deliver both without compromise.

And it's obviously slower. The the the downside is, like, what you compromise on is time to to work in products. That's that's what have to go. Right? But I think reality is by taking this Right. Mean, yeah. Signal's the perfect example here. Right? Yeah. Because the easy path was saying, okay. Let's just use phone numbers as discovery.

That's what WhatsApp does. That's what Telegram does. We can do that. My grandmother can use it. And then you're stuck. Yes. You took the easy path and then you're stuck with that building block. Exactly. Yes. It's not something that you can revise later. It becomes a foundation of your architecture. It's used everywhere. It's pervasive. It's it's not removable.

So I think what we're trying to build is a communication protocol and product and transport network that's used by everybody. And, yeah, it may take decades to get there, but

I I still have time. So and talking about private like, for profit versus non profit, going back to your question. Right? I also see it as a false trade off. Right? I was when when we took venture capital money, took it, like, without any control provisions. It's a proper, like, a minute or safe agreement. There are no board seats, no control.

Right? I I have to chase my investors for advice. And, like, when people say, oh, they will have influence to you on USA. I would I would like to have more influence if I can. Right? This is or some advice because they're very busy people. Right? But reality is we run our business how we want, and they just trust. Because, you know, I think the intra capital has changed dramatically after some major successes when most of venture capitalists arrive to conclusion that they have to let founders do things they disagree with because that's the only way founders Face Facebook was a big one. I mean, obviously Yeah. It's kind of a weird example to use here because they turned into one of the most evil companies. Yes. Yes. But Facebook early days was we try you know, the the investors were like, we trust Mark.

Mark is the leader of the ship. We're not gonna take any control. But before that, historically, it was like VCs would come in and they would just take full control of a company and push the founder out. Yeah. Apple would be a classic example. Right? And and this pushing the founder out pushed the Apple to the brink of bankruptcy, so they had to bring the founder back. Right? So so yeah. So we see the world has changed. Investment doesn't mean control. And yet we've been, like, vilified by everybody, like, that we did it. Right? So I had to write a blog post. Right? For profit capital.

Yeah. I had to write a blog post about why privacy becoming a norm requires venture funds. Because to me, privacy becoming a norm requires building a mass market widely adopted products. The problem with this premise is that it is the costs are exponential. It's like, gets in, like, 10 x more adoption. It's not necessarily like, you you also what I mean. Right? So you simply cannot build a mass market widely adopted product on a grassroot movement.

And that's what SIGNAL observes. Right? Foundation model doesn't scale. The nation model doesn't scale. So either you build at some point the model that allows

it to be a business that generates profit. Right? And, again, when people say, oh, you're for profit company. It's a bad thing. My response was always, like, what is profit? Right? It's either it's independence. Right? That's what I think Bitcoin community, privacy community believes in independence, right, in sovereignty and ability to make their own choices. But nothing of this is impossible if you are existing handouts.

Right? Because you're dependent on whoever gives you handouts. Right? Children are dependent on parent until they start earning their own money. Right? People who get whatever Social Security benefits, they are dependent on government to tell them what to do, and it's not a good thing.

So any organization that wants to be independent has to make profit. Otherwise, it becomes dependent on whoever gives its money. And that's another dark side of the kind of for for profit model nonprofit model because not only you can't scale it really well, you become dependent on your donors. And those donors may have not necessarily,

like, good motives. Right? So we've seen nonprofits who have been like, you've seen this chat control legislation. Right? The biggest lobby effort for chat control legislation was coming from nonprofits funded by Big Tech.

So talking about nonprofit being a good thing. So I I honestly I honestly think that morality and integrity of what happens doesn't depend on the organization for them. I think it depends on people behind this organization in the first place. Right? We've seen companies doing moral sense, and I've seen nonprofits doing immoral sense. And Right.

And I think yeah. So so what what we are doing right now? So we we kind of understand. We are building a network that nobody should own. We don't want to own. Right? We want a, like, general purpose transport network that is run by community, operated by community, which means that the model when they control the protocol, the model we control all the licensing on the software is not sustainable long term. Right? So what we're doing right now, we are

we already announced to the community that we will be transitioning the governance. We are transitioning the governance to consortium model, which is similar to how the web was governed until recently. It's interesting, by the way. I didn't know about that. I only learned when it was written. So World Wide Web was governed by consortium, not an entity. Like, it's effectively an agreement between four different entities

in different countries. World Wide Web was governed by consortium from Netscape shutdown in, I think, 2004 and until 2023 when World W three c became a US nonprofit, a single entity, which is fun, which means the worldwide web that we all believe is decentralized now have a centralized governance model. Even though it's by nonprofit, it's still centralized. Right. So what we did, we worked with one exceptional open source lawyer, Heather Maker. She has authored multiple

open source licenses such as Mozilla license, Elastic license. She participated in some big size network. She helped us draft this agreement for consortium for SimpleX Network, and we are in a process of setting up the entity that will be in a consortium agreement with SimpleX, the company, and then they'll be setting up additional nonprofits in different jurisdiction. So these multiple entities will be able to run network together and this way avoid,

like, jurisdictional pressures or risks and avoid any kind of corruption from any centralized governance models. Like corporate captures, whatnot. Exactly. Yeah. Because we've seen we've seen corporate captures happen in in nonprofits a lot. Right? The whole Linux like, look at this. You're you're probably observing this noise about California law of, like Yep. This is, like, this is insane. I like, we we We're adding KYC to

Flash Linux. This is insane. I made a tweet yesterday. It resonates with lots of people. It's the fact that they tell you, you no longer own your computer. Right? So state, we're gonna break and enter into your computer and demand your it's a violation of, like, multiple constitutional amendments. Like, certainly, first constitution it's it's fourth and fifth and god knows what else is violated. And they say it's okay. What what I find completely

ridiculous is that all those open source foundations developed in Linux software, I I just quit. They don't say anything. Right? They don't the only the only open source the only privacy foundation is EFF. EFF is campaigning against this law. Linux Foundation says nothing. Right? All these kind of foundations developing Linux software say nothing. They already commit code that implements the Sage control into open source code, which is just ridiculous. Why do you think that is?

Because they were captured, I think. Because we've seen a lot of decisions in those foundations that don't necessarily they they they have been pressuring creators of software to leave. They have been pressuring. So that's not that's not good at reliant on their donors to pay their rent, basically?

I don't know, Matt. I cannot say why it happens, but to me, it was always like, always the I I don't want to go into there, but Well, reason I bring it up the reason I bring it up is because I'm neck deep in this with OpenSats. You know, OpenSats, we saw a concern of very centralized funding options for open source developers building nonprofit stuff in the Bitcoin ecosystem. And to be clear here, there's a bunch of foundational open source stuff that can't be monetized. It cannot be monetized.

Ruin the value prop for something like Bitcoin protocol software to be monetized directly. And so we built open sites in a way to resist that. And I think one of the biggest things is we're a volunteer board. We're a nine person board. That's all volunteers. We make money doing other things. And it's because of that concern, the concern that you get captured by your donors because you're making $500,000 Some of these nonprofit boards, it's insane how much money they're making. And if

that donor base disappears, then they lose that. If my donor base disappears directly financially, there's zero impact to me. Right? I think that's a key piece, but it doesn't completely solve it. Obviously, if the donors disappear, OpenSats is gone. And so then I do agree to your point that it does come down to the people in a lot of ways. Right? It's like I would rather OpenStats be gone than ever take direction from a donor.

Exactly. Because you'll because you are independent, because you're personally making profit in your life, and you wouldn't get other other people around your life. That that that comes to who should be on the board, which is also very important question. Right? We still didn't form the board, but they're reaching out to various people who we believe can create value for for for for governance, and, also, it would be helpful to them as well.

So yeah. So we but I think it's still important given that jurisdictional law changes quite rapidly. Sometimes, I think it's important to have multiple layers of decentralization

of government's decision. So my initial thinking was that we should have shared ownership of IP. Right? But intellectual property. The legal advice from from from our lawyer was that it's not possible really because there is no such thing. Right? So shared ownership of intellectual property means that any owner can dispose of it, not just some cons consensus is needed. So so what is gonna happen is that the company will be remain the owner of AP, but it will be licensed to all consortium members

irreversibly. So there is a specific close in open source license and when there is already unattached. So even if the company stops existing or sold, license still survives this. So effectively, we will transfer licensing to multiple consortium members in a way that we can't revoke it. And then bit by bit, we want to transfer governance over the KIPP protocol in the same way. Again, like, Netscape has always been an inspiration to me as a company. Right? Netscape builds

web as we know it. Right? Because Netscape pick up the protocol when it was embryonic. Right? Nobody, like you you know, who who knew about the web in 1985 1985. Right? No. Nobody knew about that. But they picked it up. They built a browser. They added JavaScript. Added cookies. They added SSL. They added like, people think cookie is a bad thing, but cookie is a foundational piece that allows you Facebook know to you is you. Right? It's verifiability.

Right? So without cookies, Facebook doesn't know who you are or Twitter or whatever. So they created WebAsVINO, and then they shut down in 2004. Took over abruptly. And what happened is that all the innovations stalled completely. Right? Took them, like, seven years to get CSS to next version. Right. Right? The industry was so frustrated with WSCC Gartner, so they had to hold their own working group, if you remember this, WODWG.

So and they had to take matters on their own hand, and it was, like, super frustrating for everybody. Right? And that's exactly what, obstruct. And that's what, unfortunately, we see, I think, with many decentralized protocol because they want to be decentralized.

Right? But they Right. Don't understand that from the point of early enthusiasts using this protocol to the point everybody else can use this protocol, it's not just time and adoption. It's radical changes in the protocol that's required. And these radical changes require speed, commercial incentive, funds centralized decision making. So you simply cannot get the protocol to mass adoption

without running things as a venture funded company would run things. That's what Netscape did. Right? Netscape was doing Netscape browser. At the time, there were, like, 30 other companies in browsers

also trying to do browsers, right, with venture funds. It didn't occur to Netscape to ask other browsers what they think about protocol changes. They honestly didn't care. Right? If they did, they wouldn't have the web. So that's how I see the whole kind of decentralized governance. There are some stable parts of the network, and changing them should require

consortium vote. Right? But there is some evolving part of the network that's kind of on the boundary, require adoption, require radical changes, and they're not ready for decentralized governance yet. Do you need to be able to move fast and adopt? And Exactly. Yeah. And and that's what we lost that that's what we lost with XMPP. Right? That's what we lost with Matrix. That's what we lost to a large degree with Nostr. For example, Nostr has idea of channels, but I think they are not supported in

in iOS up even today. Right? I may be wrong. Maybe it was ads. But the problem is, like, if you have decentralized protocol governance, you lose ability to innovate fast. Well, nice thing about Noster is you don't need consensus. So like if certain actors are breaking things, there's no global state of Noster.

100%. That's the issue that's one of the issues we have with Bitcoin, which fortunately, I think is more of a feature than a bug for something that needs to be like this decentralized asset, like this global base of a global financial system, because you don't want it to change that much.

But there is a global state. So as a result, you need consensus from like an overwhelming majority of peers. With Noster, like, if one if one actor is breaking something, everyone else can ignore it if they want to. And then if it actually is working, then they can accept it in the future or not. There's no global state. Don't get me wrong, Matt. I didn't come to criticize Nostrad. The point I'm trying to deliver is I don't think you are.

I think the Nostrad community will benefit a lot if the condition of funds in for one op to develop a feature will be that all apps develop this feature because then effectively some degree of centralization in in protocol governance. Because if the feature is added only to one app, it means nobody can use it. Right? Right. I I'm not going to use channels on Nostril if half of the users can't use channels.

Right. I will just use the default account. And that's what happens. That's what happens with XMPP. That's what happens with Matrix, and that's what's hap I think the presence of OpenSET and some degree of centralization and OpenSET could take a role beyond just funds and and really drive innovation much faster if if, let's say, any feature should be universally supported by all ops to be funded in any of the ops.

I think I think that may help Nostair because we we really like, I think competition is a great thing. Right? So, like, for example, in our channels, people ask why do we allow people to we we want everybody to succeed, frankly, because we're not competing against each other. Right? We're competing against Telegram and WhatsApp, and we we we share the same enemy. I think Right. Simplex network will be better off if Nostro is better off, and Mastodon is better off, and Matrix is better off, everybody is better off. Because we all together if you think about it, it's crazy. All privacy technology together

are used by maybe, like, what, 2% of people in the world? Nobody. Yeah. It's like it's like It's a negligible amount. You know, I keep saying to our team when they kind of start suddenly think that they I say, look. We build software nobody uses, and nobody knows about. And this is super important, nobody. Have you ever watched the movie? Right? Yeah.

These are these are the most important people in the world. No question about it. But on a on a balance of things, we really need, like, to get to 10% adoption together, not to 2% if we really want to progress with Yeah. So that's, that's what we want. That's what they're trying to achieve. That's why I always use like signal as an example, because they, once again, not perfect, but very pragmatic trade off balance that they went with. They they've had,

it's funny, right? Because you can look at it from both perspectives. You can be like, oh, they're a massive success for a privacy project because it's a 100,000,000 people. And then you can look at it the opposite side, that's nobody. It's 2%. It's still 2%. Right? 100,000,000 people is 2% if I can count. Ten years. And, Yeni, I want to dive in just before we wrap here. I I think it's important that, like, high level, the the

monetization makes sense to me in practice. Everything's harder to execute on in practice. And so I want to dive a little bit more into the details because there was some controversy around it, about how you're thinking about implementing it. And the big one is, okay, so the main operators that are doing 90% of the traffic, these big channels are going to be paying for things. Basically got flack. You know you're doing well when you get flack from everyone

that has all different conflicting interests and everyone is mad at you. But the two big ones that I noticed was the Bitcoin and Monero communities, respectively. The Bitcoin community being saying, Why aren't we using Bitcoin for this? And the Monero community being like, why aren't we using Monero for this? And so my question to you is rather simple. Why aren't you using Bitcoin for this? And what's the alternative? Why is why is that being chosen?

Oh, okay. So one thing at a time. So Okay. To have network pay, to have network function Yeah. We need to we don't need to just pay for servers. Right? We need to have mechanism how governance layer can be paid, how software developers can be paid, and how channels can make profit, and that requires some mechanism of revenue sharing and distribution between those parties. We cannot tell channel owners,

say, you have to pay this and this and this. Right? So we have to create some codified approach for revenue distribution. And not just that. So we also need to solve problem of server discoverability. Right? So how will people learn where the service exist? How they find them out? Right? So, okay, they want to use paid service. How they find them? Right. So or they want to have channel names. Because, again, if you're talking about usability,

you need to have a name for the channel. Right? Right. You cannot have gibberish

Letters and numbers. Yeah. Yeah. Yeah. You cannot have. So it's Nostril keys are great. Simple access addresses are all great. There are 100 characters of gibberish. Normal people will never ever use it. They want to type music and go to the channel with the music, or they want to type sport and go to the channel with music, we don't go to direct IP addresses. We type in a Exactly. We type domain names. Right. So how do we do it? So we need some mechanism to agree

on what this address means. Because if you simply give this address to a server and say, okay. I will tell you music. You will tell me the address. The problem is that is the server can give you any address. They can execute man man, the middle attack on your connection. Right? So you need some way to get trust to the information you're getting. And how Internet solve this problem and the world wide web solved this problem? They created, like,

hierarchy of trust. Right? Certificate authorities and domain name systems when your trust is built ultimately because you have an authority. But that's antithetical to both Bitcoin, Monero, and to us because the second there is an authority, this authority will be corrupted. Right? And they've already seen attacks on certificates via major certificate authorities.

Yeah. It's a mess. Yeah. It's complete mess. Right? So we cannot build a system based on trust or on authority. We have to build a system that's properly decentralized

when any information you get about the network is trusted without having authority that you trust. And the solution exists. It's called blockchains. Right? So but I think the way I see blockchain, and that was the the root cause of this misunderstanding, and the way many people see blockchain is very different because people see blockchain as a way to transfer value between participants, as a ledger that records transactions.

But that's just one use case. Like, since there are lots of technology has evolved and blockchain can act as a global distributed computer that can perform arbitrary computations and arrive to consensus about hands, not just transactions, any consensus,

can execute arbitrary logic in a way that it's trusted without having a single party that you need to trust. That that's what's called smart contracts do. Because people Right. Think contract is some sort of agreement that you sign or it's some sort of an asset or it's not. It's it's just a code. Right? So when you go to the server, you run some code that gives you some result, you have to trust the server. If you go to smart contract enabled blockchain,

then you can run computation and get the result, and then you trust. And this trust is not based on a particular node of this blockchain. It's based on the whole decentralized blockchain. The best example of that at scale in my opinion right now is Polymarket. Potentially, yes. I'm not that familiar with that. I know a lot of I mean, they have a similar problem, right? Their problem is if they can't have a centralized entity taking custody of funds and handling arbitrary code.

Exactly Like settling of the markets, right? If a missile strike hits or not, it can't be a single company doing that. Correct. So when we say we need to so so several things should happen for simplex network for it to be usable and sustainable. Right? We need to have a registry of servers that can receive money and trust this registry. Right? We need to have a registry of names so we can discover

channels, and we also have designed for private names when you can discuss people without anybody knowing their addresses. We have designed for that already. And we also have to have a way to transfer value as also but not just transfer value, but also distribute the revenues in somewhat agreed way. So it depends on Right. It's like it's programmatic value transfer. Right? It's like an auto split that's going to multiple. Exactly. Yeah. Exactly right. So because otherwise,

we yeah. Transferring value is a simple problem, and, yes, Bitcoin is the best at solving this problem and the first solving this problem. And if transferring the value would be the only problem that we needed to use, then Bitcoin is a viable solution. And likewise, Monero is a viable solution. Right? But that's not the problem that we need to solve. We need to have a distributed computer that we can trust that will solve all the problems that require a network wide state. Because today, simplex network has no network wide state. You also network wide. Right? So there are no registered servers. There is no list of participants. And there was no global state. Exactly. It's fragmented. It's and and when people say, oh, we have to bring the whole message on the blockchain, that doesn't work because messaging is, like, has to be fragmented. Right? Communities have to be fragmented. Network. But if you want to have a global namespace that is recognized by all clients, then you suddenly want a network wide state. Right? If you want to have a server registry to which you can pay money, you want a network wide state. And if you want an agreement with those servers that you can trust and everybody is paid who is doing the work for the network, you need some programmatic way to split revenues and distribute money. That requires smart smart contracts.

So our whole idea is behind that to program all this logic. So effectively, if anybody's on on the blockchain and have server operators and network users interface with smart contracts so that payments can be transferred from the channel owners to the servers with whatever revenue sharing agreements that can be put in place as code. So,

specifically, we're going to build a proof of concept quite soon on some on some blockchain so people can have a feel of how it's going to work. But imagine you're operator. You're going to smart contract via some service hosted on IPFS, for example, and you say, I want to be an operator.

You will be asked to give you details. You will be asked to, like, put our server addresses and whatnot. You'll be asked to sign a deed. So I believe that technical guarantees have to be supplemented by contractual guarantees. So let's say, if you want to run a server on simplex network, you have to guarantee the users that you're not gonna sell the data, that you're not gonna collude, that you're not gonna so there have to be legal remedies if you do.

I think that's a big missing bit in networks like Tor because they ask for they only think maybe because they're technologists. Maybe maybe they just don't think about it like this. But I think if I am using the server on the network, I want not just technical guarantees. I also want contractual guarantees as well. And we want blockchain to deliver it all. So participation network would require providing contractual guarantee in exchange for making the money, which I think is reasonable. So

that requires programming. That requires writing code. That requires deploying code in a way that it's executed not on a particular computer, but on a distributed network of computers. That kind of And that kind of there is not a there there are choices. Right? There there there are multiple networks that can do it. Think think it would benefit Bitcoin

a lot to to to to evolve into this direction, but it's not there yet. I think Bitcoin I mean, why does Bitcoin have to do all the things? I'm I'm in the camp that, like, if you use I mean, because the problem is adding that functionality reduces the robustness of whatever blockchain has that functionality. That's always been the the trade off from Bitcoin protocol point of view.

Correct. So like, if you use like, for instance, and I've gotten some shit for this, and this is why I use Polymarket as an example. Like, Polymarket runs on, I think, like an Ethereum layer too called polygon. A user point of view, I just need to be able to deposit Bitcoin. Yes. Like if it runs on a different tech stack, that's in a lot of ways, a benefit. That's in a lot of ways a benefit to to Bitcoin holders because it's not burdening Bitcoin with with that tech stack.

Just need to be able to send Bitcoin to it. 100%. And that's actually a solved problem. Right? The whole idea of, like, foreign assets have been, executed in a trustless way by other blockchains. For example, I think Polkadot did it, Starknet did it. There are some other blockchains that did it, that you can hold asset on a Bitcoin blockchain,

but in a way that you operate on this asset on another blockchain. So it's kind of it's it's it's almost not like trustless, but No. No. They're a trustless they're a trustless solution I as question. I question if that's the case. There's a lot of hype around it. Look, I think it's important that you minimize the trust as much as possible for that cross chain situation. There are atomic swaps

that can handle it. Bolt's just released an atomic swap that moves you from, for instance, Bitcoin to Tron Tether. And in between, there's no custody. But, you know, trust is a hard thing. I agree that it's hard to do a completely non trustless way, but I think they think they're they're doing something reasonable

with that. But but that's not the point. So what But we got derailed. Yes. Exactly. Yeah. So so I think what we want to do is to just have ability to transact with with any currency on the entry. It can bit Bitcoin, of course, as well. But, ultimately, to have a mechanism of revenue sharing between participants

that enable like, you're using the browser. Right? You're not paying to the browser. It doesn't mean that the browsers are not paid. Right? Ultimately, web browsers find a way to make revenue. So we believe that companies developing client software for networks should earn revenue from the network for doing that. Right? And it's not just our company. Any company that develops software should earn money proportional to the usage that they are able to to generate for the network. Yeah. Mean, the web browser is an interesting example, right? Because

it wasn't built in a programmatic way of revenue sharing and stuff, they have to find revenue streams that are very convoluted oftentimes have warring incentives. The best example being Chrome, which Google figured out was the way you monetize it is with search and mining data of people. Exactly. While like Internet Explorer was monetized basically through Windows and Windows lock in, Safari is is Apple's ecosystem.

And as a result, we just don't have many different web browsers we can use. Right? I think. Exactly. So it stifles competition because there is no mechanism to get the revenue for making a browser from the network that requires browser to access. Right? So

and also all all sort of perverse incentives. Right? When privacy gets compromised and security get compromised, then users' data is being sold. And and that's just corrupt model. And the only proper solution is to just build in this revenue sharing model in the network. So browser developer or, like, whatever software developers get some share of the revenue proportionally to to to the value they create to the network. And likewise,

governance of the network. Right? When we say we're established in consortium, governance carries, legal costs. Right? It carries documentation costs. It maybe not cost a lot of money. It may be, whatever, a $100,000 a year, $10,000. It doesn't matter. It's still money that somebody has to pay ultimately. Right? And until some point, it's okay to sustain on donations. Right? But beyond some point,

it may be hard to sustain on donations, and it may require explicit revenue sharing agreement with the network. So we we really I really see it's important to have foundation that that would allow it. I think it's fundamentally the vision of Timber and Earth's lay around the web. Right? That's why we say that what we are building is potentially an extra because he was talking about micropayments, powering the websites and generally

web ecosystem from day one. Right? It was way ahead of, like, blockchains or cryptocurrencies or even understanding what these micropayments means. But I think, like, he was talking about the future for which we today have technology. Fair enough. So so yeah. So that's that's that's why that's why we we didn't we didn't make a final decision. We we still iterate on which which is the blockchain, what smart contract. We saw fundamentally, we are looking for solution with smart contracts.

I I know this I'm trying to be mindful of time because this is supposed to be this was supposed to be a tight hour, and I know time is scarce. No. Don't apologize. I was apologizing to you, but this conversation has been so fascinating that we're almost at two hours. But I I I mean, I still want to just go a little bit deeper on this before we wrap. If you have a little bit more time? I have all the time you have. Okay, great. I, what thought have you given, I mean,

the big concern, right? I would say is we haven't seen. So basically there's two pieces here, right? And I think the first is the reason the community's gut reaction was outrage is because most of the time when a proprietary token scheme or credit scheme gets presented is very scammy. I don't think it inherently needs to be scammy. I just think that 99% of the time it is scammy and there aren't many examples of it not being. So people default to that.

I understand why you would choose this path, and I don't think it's necessarily unethical or anything. It's not even it's not even that, Matt. We're not going to do any tokens or emission for that. We see a smart contract as a holder of the existing value. We're not going to create any digital asset class. Okay. All we want is a scheme that allows people to deposit some existing assets.

There's no final decision on what the payment is. But it can be multiple different assets. Right? I mean Exactly. They they deposit it, and smart contract simply holds it. We're not interested in emitting digital assets at all, and we're not planning to issue any tokens. What we want is a autonomous smart contract on the chain when you deposit existing assets that we didn't create, and then you assign it to a community using zero knowledge proof, which already decouples your purchase from assignment. And then once community has assigned credits

credit is an existing asset. It's not our token. It's it's not something they created. Then they can redeem it to the server, and then when the revenue gets distributed. What we achieve with this scam is that privacy is preserved because it's effectively, you're pre it's like think about it like prepaid telephone cards. Right? You go into the store, you pay cash,

and you get the card, and then you use the card to pay for your phone, or you may give it to your friend, and your friend will pay for his phone, right, or for her phone. So that's that's fundamentally what we want to develop. Prepaid scheme allowing you to use existing digital assets on a blockchain to prepay server capacity and do it in a way that preserves your privacy.

Right. Because fundamentally, there's always dramatically split it between And program, it's split revenue. Right? So we have no interest in issuing tokens. We have no interest in creating any digital asset class. We have interest in creating a mechanism that allows people to transact in a way that protects their privacy.

Because you cannot really like, yes, people go through all the hoops to have privacy. They have to think about how they connect to blockchain nodes, how they do this, how they do that. So privacy is possible with blockchain, but it's not possible for mass market users, realistically.

Yeah. It's quite difficult. Yeah. But it's been a major focus of mine. Exactly. So what we want to develop is a layer that is built on top of blockchain, uses existing blockchain primitives, existing blockchain assets, and that allows people to pay for infrastructure in the same way they would pay for telephone buying a telephone prepaid card.

We didn't like, if if if if I tell you that we are doing a prepaid telephone card, it doesn't mean we are printing cash. We're not printing cash. We're just doing prepaid telephone cards. So we don't want to do any token that would hold value. We simply do analogy.

Effects of the treasury contract, which will hold some other tokens that already exist. We we we didn't know. It maybe USDC. It may be some other token. It may be something that people recognize as a value and use it as a transient value store

to to to to pay for the service. That brings me to my second piece, which is I would just say as someone who is pretty excited about what you're building and understands the need for it, and I don't want you to make any bad decisions that you regret later, is, you know, the way Bitcoin is designed and the trade offs Bitcoin has made make it very resistant to centralized capture, both on the protocol level and then also the token itself is a native asset.

When you're thinking about how you're going to actually execute on this and build it out, I think it would

and I'm sure you're already thinking about it. There's two pieces. Right? First of all, the protocol you decide to build on is gonna have varying levels of centralization. Right? So Tron, for instance, is an example I constantly use. Tron has $10,000,000,000 worth of Tether on it.

But at the end of the day, it's just Justin Sun. It has full control. Now regulators perceive it as federated control, and he doesn't have full control. Maybe that's enough for him in his use case or whatever. But when it comes to something as important as simplex, I could easily see censorship happen on that chain. Now,

there's varying levels of this throughout the ecosystem, right? With I would say Bitcoin being the by far the most secure, but not programmatically for your use case or whatever. And then things like Tron being incredibly centralized, but a lot of people are using them as a result. And then the second piece is the actual assets itself, right? USDC is controlled by a centralized group of regulated institutions, right? It gets frozen all the time. So does Tether,

right? So you gotta think through these because ultimately, I I could imagine a world where you build this all out. And then if that layer gets broken, everything starts to break around it. Right? Like people, it hurts the robustness of the protocol itself. These are things like I'm sure. Are you thinking about this or I assume you are. 100%. Yes. Matt, you know, one of the reasons why we announced our strategy and technology direction

long before we have answers is exactly that. Because we usually iterate ideas internally, And then when they think, okay. We we don't know how to make it better at this point to announce. It it it sometimes happens, like, months or even more than a year before we actually start building. We didn't start building it yet. We we only we only arrived recently to a cryptographic design that that hits all the goals.

Right? We didn't even we we only recently were running the review of all the blockchains that can be used for that. And Tron is disqualified. Right? Same as many other just centralized blockchains. We absolutely don't consider high degree of centralization. I understand the downside of so choice between USDC or you or Tether and other tokens is effectively a volatility versus centralization.

So it's it's a hard it's very it's a very hard choice. Right? So and for many so I would say in the same way I, like, reject false trade offs and false binaries. Right? Some choices are just not real. Right? You just invent them and you say you cannot have both. In many cases, you can have both. But sometimes there are some genuine trade offs, and they're really hard to take. And with this kind of specific technology, there are a lot of hard trade offs. That's true.

What I think what I think is important, though, we're still in enthusiast territory. I think it would be correct to see what we are building right now as a as a prototype.

Right? In the same way as SimpleX v one was a prototype. And if you compare SimpleX design on the day of launch with simplex network design today, it's like almost like two different products. Right? We we have completely different layer of security. We have completely different and we have managed to evolve it all kind of with backwards compatibility. So people were effectively using a different network without changing the client, without having dis being disrupted, etcetera, etcetera. So I think we can do the same with payments. So whatever we built in the first instance

is likely to be a prototype to learn on and that will evolve dramatically as it gets adopted, as it gets tested. Because I think the biggest test for the product is not technology. It's market. Right? We kind of hypothesized that channels will pay for servers, servers who want to participate. Participate. We hypothesized

a lot about the market, and you you know it better than anybody else. You're a VC. Right? Products don't fail because technology fails. Products don't fail because nobody cares. Yep. Nobody cares to use them. Nobody cares to build them. And I think at this point, it's much more important to prove that our hypothesis about the world that people will pay that service will want to sell are correct.

Right? That that there is actually a market. I think to prove this is much more important than to, avoid, like, central what you also what I mean. Right? So, like, it's it's much more important to and once we see, okay. Yes. There is a market. It can grow. We'll just rebuild the technology in a way to avoid the capture. You can see and it's in the same way as we were building simplex network. People were telling me from day one, you should create a foundation. It should run a protocol evolution.

But my response was, look. We don't know if anybody needs it, number one.

Right. We we don't know what people need. It's not just we don't know. Even if we know that people need something, it's it's almost like, you know, like, your your trade has an expression product market fit. Right? We've been running product market fit experiments for four years, and now we kind of have an understanding of what people need in terms of messaging. Right? What people need in terms of payment for infrastructure capacity, we're just in the beginning of running this experiment. Right? We we hypothesized.

We learned. We talked to people. We It's putting the cart before the horse otherwise. Exactly. Yes. So so I think I think it's important for community not to overvalue

technology choices. Of course, we'll make our best job. Of course, we'll do decent technology choice. Of course, we'll avoid obviously bad like, Tron is always a bad choice. Right? There is no way there is no road in which we use Tron or or Base or something else centralized. Right? So it's literally not even on the table. Right? But but within reasonable choices, I think I wouldn't over index the importance of doing a trade on the first try,

but rather doing something that's kind of they're trying to do a good job. I think they're trying to do a good job with version one. But that's Directionally correct and learn from it. Exactly. Yes. That I that's how we've been evolving the product from day one. Right? We built something, and then it was pulled by users into some direction, and we pushed in some other. It was kind of a combined effort.

And I think that's why people use it because we we we tell people early what we do. We listen to what they say. We learn. We do something that they think is we're building for people, look. I'm too old to do it to be rich. Right? I personally

no. Come on. It's just like, you're not doing what you're doing to be rich. Right? If you wanted to be rich, you would be doing different things, I think. I I agree with that. That is correct. Yeah. There are there simple ways today to get rich. Right? We really I think what kind of is common between us is that you kind of dislike the place where this world arrived. Right? And you do what you can in your place with your resources, with your abilities to make this world a little bit better.

I think that's why we're building communications technology because I I care about communications. Right? I experimented with page you know, pagers. Like, I had some was dev in those things. So, like, I really care about people being able to connect to other people. There is nothing more important.

And me seeing, like, the whole world is converted into some kind of surveillance panopticon when, like, you can't really talk to anybody anymore. That's just not right. Then try to do something. Exact I was saying that something has to do something for the last twelve years. Yeah. Fifteen years now. Right? So, like, four years ago, I said that less than who? Yeah. Four years ago, I said, alright. Nobody does anything. I have to do something. Right? Yeah.

That's what compels me too. I look. I think you're thinking about it the right way. I think it's the right perspective. Obviously, you have my contact now. So if I can be helpful as you try and figure things out, don't hesitate to reach out. Thank you so much. But yeah, I think it's the right perspective. I think it's I mean, just really well said across the board.

Evgeny, this was a great, really great conversation. I enjoyed it. Maybe we'll do a follow-up in the future, like in a year or something. I don't wanna take too much of your time, but I think it'd be cool to have, you know, kind of like a timeline as we, as you build all this out. It'd be fun.

That would be fantastic. Yeah. So we're yeah. So that would be fantastic. Okay. We are trying to make it work. Yeah. We're past the two hour mark now. This was an epic, epic conversation. Do you have any final thoughts for the audience before we wrap? How they can be helpful? I'm gonna obviously link to all the important links in the show notes. We we didn't do a formal announcement yet. And what we're playing this year is effectively

transfer and give people more ownership of simplex network across multiple dimensions. So this con consortium governance is one thing. Another big thing we are playing for this year is crowdfunding.

It's not formally launched yet. We kind of in testing the water phase. We're not accepting any money. We are not doing that, but we we will be doing it this year. We've been criticized a lot by our users for taking private investors' money, and we think it's, like I think our users have to own a piece in this network and have a say in where this network evolves and not only via nonprofit governance,

but also via having shares in in a company that builds this network. So we're we're creating this opportunity right now. It'll probably launch in, like, three months or so, but there will be announcement soon in the blog post, on Twitter. So, yeah, that's that's a big sense. So I really wish to see community supports and benefits and from from what we are building because we're we're not trying to be just

nonprofit entity. We we believe, like, if if what we are building is the next step and where the company builds on the next step, then it may be a really large business, and our early investors can benefit a lot from participating in that. And I really want to see community members in their numbers.

And I don't know if you're comfortable with sharing how that's gonna be set up or like was that just a traditional equity sale? Or Yes. We we don't believe in tokens. We will sell company equity. It will be some sort of modified safe agreement. We can't use ways as safe as is for crowdfunding. It's not it's not decided. It's premature. It's currently what we're working with with lawyers. But, fundamentally, yes, it will be the community who that participate will own company equity.

Awesome. Got it. Well That's that's that's our big news for this year. So I keep an eye out for that. Yeah. And that's that's that's that's I have to say what my lawyers keep saying. Maybe I have to say a disclaimer that this is not an investment offer, and then they cannot accept any money at this stage. This is just us testing the interest. I think that was good legal advice that you received. Yeah. I'm glad you said it.

Sir, it was a pleasure. Thank you for joining us. It was a it's a privilege, Matt. It's a privilege, Matt. I really appreciate you doing that with me. Thank you so much. Thank you. Freaks, thank you for joining us. I hope you found the show helpful or fascinating. I enjoyed it. As always, share with friends and family. Search Cyla Dispatch in your favorite podcast app. All relevant links at cyladispatch.com. Love you all stay on with stacks at peace.