Secret Network is a privacy-first, permissionless layer 1 blockchain built for computational privacy. Tor Bair, founder of Secret Foundation, a developer of Secret Network, discusses what makes Secret Network unique, including smart contract privacy, private metadata for NFTs, and how regulators should treat privacy tech in blockchain. Show highlights:
- how Tor fell down the crypto rabbit hole
- what the Secret Network is and how it is bringing privacy to blockchain
- why public blockchains are problematic
- what makes Secret Network different from Monero or Zcash
- how Secret Network works from a technical perspective
- what type of applications Secret Network can support that public blockchains cannot
- why blockchain voting is probably a bad idea (for now)
- what attack vectors exist regarding Secret Network
- how Secret Network nodes work and why there are only 50 of them
- how Secret Network fixes miner extractable value (MEV)
- what DeFi applications are possible on Secret Network
- how NFTs on Secret Network are different from public blockchain NFTs
- how regulators should treat Secret Network
Thank you to our sponsors!
- Coin Monks:
- Tech Crunch:
- Introduction from Enigma/Secret
- Smart contracts → Secret contracts
- Upcoming Supernova upgrade (November 9)
- Secret NFTs (only the holder can view the NFT)
- SCRT Tokenomics
- Secret Network block-explorer/node explorer
- Node information
- Original ICO
- Enigma token swap
Hi, everyone. Welcome to Unchained, your no-hype resource for all things crypto. I’m your host, Laura Shin, a journalist with over two decades of experience. I started covering crypto six years ago, and, as a senior editor at Forbes, was the first mainstream media reporter to cover cryptocurrency full-time. This is the November 2nd, 2021 episode of Unchained.
Buy, earn, and spend crypto on the Crypto.com App! New users can enjoy 0 credit card fees on crypto purchase in the first 30 days. Download the Crypto.com App and get $25 with the code “LAURA” – link in the description.
The Nodle Cash App makes earning crypto on your smartphone as easy as turning on your bluetooth. Nodle Cash is private, secure, and available on IOS and Android. Visit nodle.io/cash to start earning.
Today’s guest is Tor Bair, founder of Secret Foundation. Welcome, Tor.
Hey, thank you for having me. It’s a pleasure to be here.
Tell us about yourself. How did you get involved in crypto and come to found Secret?
I got involved in crypto first as a speculative enterprise. I feel like it’s okay to say that now that I’ve worked in it for so many years as a technologist. I started my career after college as an options trader and market maker. When you’re an options market maker, what attracts you to something is volatility and chaos. You want to see something that has people excited, that moves all the time, but you don’t really care if it goes up or down, you don’t really care what makes it work. That’s how I got introduced to Bitcoin, as a hyper speculative product. Nobody tried to explain to me what the technology did, how it could empower people. It was kind of off my radar until I showed up at grad school.
So I went back to grad school after being a trader — trading really wasn’t for me in the long term. While I was in grad school, I was lucky. I went to grad school at MIT for my business degree, and I took one of the very first blockchain courses that were taught there. I got really double lucky because one of the instructors of that course was doing research at the time on privacy solutions for blockchain. So he was just years ahead of his time, with ideas that were already seeing how privacy can be an issue for blockchains, which I’m sure we’ll get into. I was exposed to these very novel ideas in a very novel space, very early.
So that professor is the founder of Enigma, this amazing development company. I had the privilege of working at Enigma for a number of years as the head of growth. And then when Secret Network was launched I was able to leave and start Secret Foundation, which is an independent entity that also supports the network.
Enigma still remains the core developer for the network. We have a number of other organizations supporting the network. I would say a few dozen now of independent developers and node operators. My start was very much thinking that this was a fun thing to speculate on and it very much ended up thinking that this might be the one thing that could help us have a global revolution, not just for how money is saved and spent, but also for how we engage with each other online and protect each other online and actually protect our freedom and individuality online. That’s where I ended up, but it’s not really where I began. I’m okay to say that now.
And so tell us what is the Secret Network?
It’s a layer one blockchain. It’s the only layer one blockchain to this point that has managed to integrate privacy-preserving smart contracts. That’s really the differentiator. Otherwise, it’s a layer one blockchain like in Ethereum, like a Solana smart contract network. But what’s unique about Secret is that you can use private data as inputs, private data as outputs, and you can have a private state for the contract itself.
When you start thinking about what that actually means for developers and users, it starts to seem like a really revolutionary concept. To date, every blockchain has been public by default. What you get with Bitcoin, what you get with Ethereum is pseudonymity. You have all these addresses. People can’t really say, oh, that address belongs to Tor. That address really belongs to Laura. People don’t really see that on the chain. But if they know that, if it’s ever associated with your identity, then it’s the same as having your entire bank account and your entire credit history and everything you’ve ever done financially, public to everyone else.
And when you’re talking about a smart contract application network, not just like a transactional network, it’s everything you’ve done on any application that’s now public to everyone. It would be like if you leaked all of your Facebook data all the time, not because Facebook sold it to somebody, but just because that was the way that the application worked by default. So we thought, if we are going to have sustainable application ecosystems, these smart contract platforms that can do more than just transfer money from point a to point b, privacy is even more essential to the user of applications, even more so than their financial history.
We’re seeing the consequences of a lack of web2 to privacy. We don’t want to make the same mistakes with web3. We don’t want users to suffer from the consequences of not having privacy in the web three world.
Otherwise, all we’ve done is really build away worst version of web2, that instead of being more empowering, just becomes a perfection of the type of surveillance capitalism that’s already dominating the web2. world. And the way that we think about it is we’re motivated because we think it’s a race against time. The faster we can get these technologies to market, the more people we can protect, the more that we can show that there’s another path for web3 scaling and empowering people, not the public by default way, but the way that really ends up with users holding the control in the system, not just the platforms.
So I understand, just kind of on a gut level, how yes, once your wallet becomes public, then everybody can see your history transactions. And obviously that’s not ideal for anybody. But are there specific problems that you feel arise in terms of transacting or any of the other things that people do using blockchains that you’re trying to solve with Secret.
I would say everything that you do with a blockchain, you should assume is public to not just whoever happens to be looking at the time, but this becomes an immutable part of your history — forever. And that’s not really the way that I think the digital world should work. And it’s certainly not the way that the actual meet-space world really works. You need to be able to leave control in the hands of the users. By giving up everything by default, all of your data, we already had this problem in the web2 world, and we’re just doing it again. There are multiple companies that have raised now at multi-billion dollar valuations for explicitly harvesting on-chain blockchain data. And a lot of the latest startups in the blockchain space rely on further harvesting of data, whether it’s people’s retina scans or something else. So much of what I hear about just seems like bad science fiction. And now it seems to be like reality, potentially.
That’s really the problem that I see, not just what blockchain gn is already being used for, but how it has the potential. Blockchain is just a tool. It could easily be used to take freedoms away, having that type of surveillance by default, that really deeply concerns me. And as blockchains get more utilized, and as we start to see more real-world use cases, not just the things that feel like toys, but like real financial applications with trillions in adoption, if blockchains are going to do that, I’m really scared for what that means for the end-user — if the surveillance blockchain economy becomes the default.
I was being interviewed for another show earlier today and it’s not a crypto one. It has a more general audience. But when I was talking about the digital yuan I had to throw in there that also they were using it to surveil their the users of the digital yuan. Hopefully if the US government adopt such a thing, well I know that they wouldn’t do too much of that because there’d be so much protesting.
But anyway, so at this moment we have a number of popular privacy-preserving technologies and different processes in crypto. It ranges from things that are kind of older, like CoinJoin to kind of newer things like ZK Snarks. So how does Secret work?
Yeah. CoinJoin and these types of stuff. It’s important to start with the distinction between transactional privacy and computational privacy. A lot of what’s existed and been scaled to date in the blockchain space revolves around transactional privacy because the first blockchains we had all focused around transactional use cases. In the big bubble of 2013, I hesitate to call anything a bubble of course, because where we are today is so much more advanced than where we were then. So clearly that wasn’t a bubble. It was just sort of an over-speculation that turned out to be ahead of its time. But in 2013, these were mostly transactional coins and transactional platforms.
Then in the next cycle in 2017, we started to get these smart contract platforms. They weren’t really used as much, mostly they were used to issue tokens and then people speculated on the tokens and then people were doing transactions with the tokens.
It’s only this cycle that we’ve really started to care about application-level use cases for blockchain, between all these composable DeFi applications, composable NFT applications, that’s this cycle. So to date, most of what was built and optimized and scaled where the transactional privacy use cases, the very trivial use case where it’s just, I need to send value from one destination to another destination. I don’t want all of the details of that transaction to be public, to all parties on the blockchain. That’s how you got things like mixers. That was kind of the intention. What that starts to sound like, if you’re a regulator, right, is we created a platform for money laundering. Transactional privacy is never going to sound good on paper. But what it really is just saying is that nobody else should have the right to surveil all of my transactional activity unless I consent to it, which in the real world is true, but on the blockchain suddenly is false, but it was still clear that there was tremendous user demand for that, not because they were necessarily doing something illegal, but just because they wanted the same protections in the blockchain world that they already had in the legacy financial system.
Computational privacy is something different. It really hasn’t existed up until this point because there wasn’t even demand for blockchain based applications. What computational privacy gives you is, you can build an application that uses private inputs, private outputs. And then, as I said, like encrypted state for the contract itself. It’s like if a transaction is the most trivial version of a computation, right? You’re just saying, here’s my entire computation, move value from a to b. But it could really be anything. It could be infinitely programmable. So we call computational privacy in our network, we also call it programmable privacy because not only is the contract code programmable, like what should happen under what conditions, but e’re also saying the data privacy and the access control is programmable.
So for us, the way that it works, is we actually use a combination of software based cryptography solutions and hardware based solutions. The software based ones are like key encryption, key sharing protocols. The hardware based ones involve trusted enclaves. So the same sort of things that are like in your smartphone, making sure that the part of your phone processing your fingerprint scanning, isn’t the same part of your phone that’s doing all of the other computation. It is just another form of security. And by combining the two, we have a very interesting blockchain, that is one of a kind for the time being of course, but we expect that over time many more blockchains may decide to embrace privacy at layer 1. That’s the two technologies we primarily use.
It gets quite technical as to, should you use the ZK-snarks? Should you use fully homomorphic encryption? Should you use secure multi-party computation? These are all different types of software-based cryptographic methods that are used for protecting privacy. But what we chose to do was focus on combining hardware plus software, because we wanted to have a balance between performance and cost and security. And ultimately, a lot of the pure cryptographic privacy solutions are probably a decade away, at least from being usable in production for generalizable smart contract use cases, versus very narrow use cases like key management, where, where some of these software based methods are good enough, but that’s not generalizable. That’s just a very specific but important function. All of this is essential. Every piece of the blockchain stack should have some sort of privacy built-in. So we support all privacy technologies. This is just what we chose to use based on our purposes.
Tell me if I’m understanding this correctly, essentially you’re distinguished from things like Zcash and Monero in more than just one way. First of all, it’s the fact that your privacy extends beyond just transactional privacy. But then on top of that, it’s that the way that you provide the privacy is through multiple methods, not just through software encryption, but also through the hardware. Is that kind of a good way to put it?
That’s completely correct. And I might start explaining it that way. It is a good way to think about it. And again, like there’s so many differentiators for crypto projects out there. And unless you’re not, not just knee-deep, but neck-deep in the space, it is hard to kind of get a handle on how these projects differentiate. But ultimately, I do think that from an ethos perspective, we share a lot of Zcash’s goals, which is financial empowerment, user security, all of these things. We have a lot in common with the project. We just have a very different approach and we have a very different purpose at the technological level, but that allows us to be great collaborators. We definitely think of ourselves as collaborators within not just the privacy space in crypto, but the entire crypto space at large.
And so I’m sure you’ve probably heard that a lot of critics of privacy technologies say that this is something that only criminals would want to use. What do you say to that?
I’ve heard it all the time. Then people are like privacy is bad. Like governments don’t like privacy. And then I say to them, well governments love privacy — they just don’t love your privacy. And corporations love privacy. They just don’t love your privacy. Google and Facebook can build trillion dollar business models based on exploiting user privacy, clearly, but at the same time, they want to protect their own internal documents because obviously it’d be obvious that they’re an unregulated monopoly or two or three. Like they clearly care about privacy. They don’t want that public, but they need your data to build their business model. I find it hypocritical to be able to say privacy when it’s yours is bad, privacy when it’s ours is good.
And a lot of the people advancing that argument about privacy is for criminals are absurdly protective of their own privacy. And they certainly don’t think of themselves as criminals, even if they are participating in what I would consider to be criminal activity. There are plenty of governments around the world that might say that privacy is a tool of criminals, while doing things to their own populations that I would consider awful violations of human rights. So first, we have to look at who’s advancing the argument. But there’s certainly very reasonable people who still hold onto that belief. And it’s because criminals do use cryptocurrency. Cryptocurrency is a tool, blockchains are a tool. The U S dollar is a tool. It’s whatever the systems will permit that determine what happens. And then the people using these tools within those systems determine what happens with them.
There’s not a good way to stop a criminal from using a technology if they have access to that technology. Criminals very clearly have access to the US dollar and they very clearly use it for more money laundering purposes than they currently do any cryptocurrency. I would say that just the availability of privacy technologies does not create criminals. Certainly providing privacy technologies to law abiding citizens does not make them criminals, nor does it make the provider a criminal. What it does is advance the cause of security and empowerment for the end-user. Something that I would say, governments don’t do a particularly good job at, but should. These are their citizens and they should be protected. And more often than not, I see that social contract really being broken.
I hope that people come to see cryptocurrency as a liberating force. And more and more they are. Rather than as a force for criminals to get around perfectly good policy. I think, especially when we look at countries in the developing world, there is a revolution that’s already started where people do see cryptocurrency and privacy technologies as a way for them to become more empowered in some of the most oppressive regimes. And that’s what excites me about working in this space, is thinking that at some level, these technologies make a difference to the people who need a difference to be made the most.
Disclosure: I do write a Facebook Bulletin newsletter. So speaking about this technology and how you’re applying it in different ways, what are some examples of things that cannot be done with previous blockchains that you think are now possible with something like Secret?
Almost any useful application you can think of would be tough to achieve just with the current blockchain stack on a public by default blockchain. So a simple example is something like a Facebook. Where you’re trying to build some sort of decentralized social network. Well, how do you want your access control to work right now on Facebook? Right now, you’re going to go into your settings. You’re going to click a button that says, only share this with my friends, or maybe you click a button that says, don’t share these details with advertisers. If there’s one thing I’ve learned about working at any of these companies, and, and I used to work at Snapchat, I was a data scientist at Snapchat. So I have some credibility in saying those buttons don’t work the way that you think that they work, or they don’t work the way that they would claim.
The control still lies in the hands of the platform. And one failure on the part of the platform can cause all of that security to be lost. That’s the web2 world. In the web three world, you don’t have to wait around for the platform to leak all your data or to violate your privacy. It happens by default. If you wanted to build a decentralized social network on a public by default blockchain, like an Ethereum, for example, so much of what you’d have to do to create those access control permissions would have to be done on something centralized — outside of Ethereum. And the way that it looked for for years is you’re getting the worst of both worlds. You have all of the usability problems of nascent bleeding, edge, web3 technology, and all the privacy problems of Facebook. And that, to me, was not a better solution just cause it was like a different platform that wasn’t Facebook, didn’t mean it would eventually end up benefiting the end-user more.
Now with a platform like Secret, you can build a platform on a decentralized blockchain, right? There’s all kinds of pieces to this web3-stack: decentralized storage, decentralized access control. All of these pieces of the stack allow you to build these more complex applications on top. And privacy was just one of those missing pillars. We’re providing that missing pillar. But alone Secret, isn’t the only thing that’s going to allow you to build these complex web three applications, just like AWS is not the only thing that allows you to build web2 applications. We’re enabling a new part of the design space. In that design space, users will find more security, more usability, more privacy, and more control. And that’s, what’s been missing to date in blockchain, was especially that aspect of control for users and developers who just want to do something even as simple as saying, this data should be public to this party, but not this one. As soon as it touches the blockchain, it’s public to everyone. And for trivial use cases, it doesn’t matter. But for meaningful use cases, as people are finding out, it really, really does.
What you were saying about Ethereum, it makes sense because I’m just thinking of an etherscan. Sometimes you look at a transaction and it looks like nothing happened, but then I can’t remember what it’s called. Is there something called hidden transactions in etherscan, but then you can see, do you know what I’m talking about? It’s like, sometimes there are these transactions, they look like a zero whatever. And then later on, you find the area where actually you can see what happened. So this is just to say, yeah, by default, even when something like that happens, it is still something that you can’t see.
It’s all on the chain, regardless of what’s happening on on a particular explorer, right? There’s all different ways to visualize the on-scene activity. The chain is the source of truth. Anything we try to do at a higher layer of abstraction above the chain, like you can obscure something within a centralized platform. You can choose not to display something in the UX, but it’s on the blockchain. And once it’s on the blockchain, it’s public to everyone. There’s no way to get the genie back in the bottle or the cat back in the bag. So these solutions have to happen, at least in our perspective, right? At layer one, you need that layer one privacy. And then on top of that, the question then becomes scalability, interoperability: the same questions that every developer has to think of when they’re building a web3 application.
But without privacy, by default, you’ve really eliminated 99% of what I would consider to be useful use cases. Here’s an even better example. How many times have you heard somebody suggest that blockchains would solve our problems with voting? I feel like every election cycle, somebody tried to convince me that our elections would work better if only we could put them all on the blockchain. That is a terrible idea. The privacy reason only being part of it, but like folks are not private on a blockchain and they cannot be. On a public by default blockchain. Like you can cast your vote, but it’s always attributable back to you. That’s not how voting works in the real world. Our votes are private. We can see that somebody did vote, but we can’t see the nature of their vote.
Like that’s what’s public and the records. There are probably very good reasons for that in a lot of public governance in democratic countries. But on a public by default blockchain, we don’t even give an application that choice of control. You build on-chain governance and it’s public by default. Everyone’s vote is public for eternity. It’s maybe good for certain aspects of accountability, but there’s a lot of danger to making those votes public. And you open yourself up to bribery attacks, which Vitalik has written about, and you open yourself up to all kinds of manipulation and vote-buying. I think that there’s very good reasons to allow for private voting.
So then are you saying that you think that actually voting on Secret would be a good way, to vote?
I would not go as far as to say we should use voting on Secret for democratic elections in 300 million person countries. But we do already have DAOs, for example, and applications on Secret leveraging private governance, where the outcome of the vote is provable. You can say this many people voted, this was the breakdown of votes weighted by stake, and this is the outcome, but you can’t attribute each vote back to the individual address. You could even see which addresses interacted with the voting contract and say, these addresses definitely showed up, which is the same way that voting registries work in the real world. You can see if somebody voted in the last election. But if you go back and you look on a block explorer for Secret, for example, you’re not going to see, for these on chain applications that have private governance, every single vote that was cast.
And I think that that is a good thing and it’s working, but there’s all kinds of other reasons you shouldn’t put like an election for a multi million-person country directly on a blockchain today. I mean, what you should be doing it trying to solve other issues with identity that are really challenging to solve. Self-sovereign identity is one of the hardest problems that exists. So that’s more what I think we have to think about, but that said like there are immediate applications for private voting and we’re already seeing them being explored on Secret, which is exciting.
So let’s understand this security a little better. As you mentioned, Secret relies on these trusted hardware enclaves. And you had told me previously, in another discussion, that such hardware enclaves have never been exploited. Now that some of them will be securing money in this fashion, I wondered if that incentive would make them more vulnerable to attack. And I wondered, does that create some kind of single point of failure or is it that the software element kind of reduces that? Obviously with hardware it’s much harder to upgrade than software. You know, there have been times in Ethereum’s history when they were undergoing a dos attack or something, and they were able to roll out patches even within like a matter of a few hours. But if there’s a vulnerability in a hardware, then that takes quite a long time to resolve. This is a two-part question. I also wondered I in those instances that I’m thinking of with Ethereum, the fact that it was a multi-client network was kind of the saving grace and I know there’s a very small number of validator nodes in Secret, but I didn’t know if that was a model that you were aiming for so as to shore up security.
I mean, these are great questions and they are complicated. And the way I would start answering it is to say that there is no such thing as bulletproof security for any solution, privacy or otherwise. Everything ends up being a trade off. Lots of platforms will trade centralization for security. They would rather be more centralized in the short-term, progressively decentralize, but allow themselves to have higher security properties in the short term. And if you start off with some idea of perfect decentralization, what that sounds like to me is you’ve balanced a bunch of stones, with the smallest one on the bottom and the largest one on top. Like you’re just hoping that nobody shelves the largest one-off first, it’s not necessarily sustainable. And a lot of what we care about is sustainability, but we also care about generalizability. We care about programmability.
So the solutions that we’re using today, this balance of hardware technologies and key sharing technologies, that’s a deliberate architectural choice. Not because it’s perfect, but because, given the available technologies, it’s the best we can do while preserving user security, the end-user experience, generalizability, right? We could have other choices where we make things even more centralized and will improve performance. We could have a solution where we support more types of hardware in the short term, but it would open up the attack surface more broadly to enable that type of broader support, especially when a lot of that is nascent. There is no way to completely eliminate the incentive for people to attack any type of blockchain network, especially the more that it secures. There’s always incentive for somebody to attack the contracts that exist on the network, even if they’re not compromising the hardware that secures it.
And that’s true for any blockchain. You constantly see DeFi protocols getting exploited. So that incentive kind of always exists. There’s no way to fully eliminate it, but what you can do is at least try to make deliberate choices based on the best available technology. The reason we put so much money and time and people into research and privacy research and these new technologies that are arriving, and the reason so many people in the blockchain space share that research broadly, is so that these types of better solutions get socialized faster. So if there are better technologies that we can put to work in Secret, Secret was built to flexibly enable new types of hardware support and encryption. Like we want it to be a privacy network that gives choice to developers and gives choice to users. If something better exists and we can implement it, we will.
And in the meantime, to your first question, we can’t eliminate the incentive for somebody to try to exploit the hardware. But certain aspects of the network are the network making a best effort to protect itself. For example, for any patch that already exists, even for the ones where they’re like not really required or recommended, all those hardware patches must be installed for a node to register with the network. It’s an even higher bar of security than I would think in, in most web2 or any web2 application that relies on the same sort of trusted hardware technology. It’s an even higher bar than that because it’s a permissionless network. You have to take more precautions as a permissionless network when you’re requiring people to connect to the network with a hardware compliant node, that bar becomes even higher.
And, of course, any of these speculative attacks, they require direct access to the hardware itself to perform. So in a decentralized network, you also mitigate some of that. But again, I don’t want to have it come off at this point in the podcast that there’s some idea that I would be promising perfect security or the elimination of the attack incentive. What it is is just a lot of people making a best effort with technologies. And before we start asking people to put their US election votes on the blockchain or secure their social security numbers, or do things of that level of security, understand that if you are choosing to engage with these networks, they’re bleeding edge technology, as long as people understand what they’re getting into and what the trade-offs can be, it’s a very exciting space to build in if your expectations are sort of set appropriately for what that means. But it is some of the best and most ethical people at least I’ve found working in the world on these types of solutions within our network. And that gives me a lot of confidence that we’re doing as well as anybody can to address them.
So in a moment, we’ll talk a little bit more about security and also other fun applications of Secret network, but first, a quick word from the sponsors who make this show possible.
Join over 10 million people using Crypto.com: the easiest place to buy, earn, and spend over 150 cryptocurrencies.
New users enjoy zero credit card fees on crypto purchases in their first 30 days.
With Crypto.com Earn, you can get industry-leading interest rates of up to 8.5% on over 40 coins, including Bitcoin and earn up to 14% on stablecoins.
With the Crypto.com Visa Card, you can spend your crypto anywhere. Enjoy up to 8% cashback instantly, plus 100% rebates for your Netflix, Spotify, and Amazon Prime subscriptions, and zero annual fees!
Download the Crypto.com App and get $25 with the code “LAURA” – link in the description.
The Nodle Cash App makes earning crypto on your smartphone as easy as turning on your bluetooth. Nodle Cash is private, secure, and available on IOS and Android. Visit nodle.io/cash to start earning.
Back to my conversation with Tor. So as I alluded to earlier, there are only 50 Secret nodes in the active validator set. And I wondered, could that be another security failure? And I realized in Secret, it’s not the 51% attack, it’s the 52% attack.
For us, the way that it works right now is that there’s 50 nodes that are considered to be in the active set, meaning they can produce and sign the next block on the network. That’s actually managed through governance. That can be increased. And with the upcoming supernova upgrade, that’s actually one of the things that’s most actively being discussed in on-chain governance, is should the cap be raised? And the idea is over time, that’s progressive decentralization. That’s the approach a lot of projects will take. it’s not 50 nodes being operated by a single entity. These are 50 independent entities that have to participate in governance to make these sort of decisions on behalf of the network. And we have about, I think the current number is like 20,000 delegators or something like that in the network who are actively voting.
And these are not one person with 20,000 accounts. These are real users. So it’s a very decentralized governance methodology for people to say, okay, well, it’s time to raise the cap. And it’s time to decentralize. And supernova gives us some confidence that we’re ready to take that step as a network. And then we can raise the cap even further 70, 80, 100 nodes. Over time, the idea is this improves. There’s also like side chain and second layer solutions that could be even more decentralized, but we still treat this as the base layer of the network. Right? All of these are possibilities in the future, just like Ethereum is getting its own L2 solutions. Very easily, so could Secret. And with IBC, which is this interoperability protocol that exists in the Cosmos universe. Now actually a lot of these chains will be using each other as like second layers for security, and second layers for computations. Like it becomes sort of like a mesh network of blockchains. So it’s really exciting to see this evolve. To date, this is not really something that we’ve seen working in practice. All of this is highly experimental. But you know, some of the biggest blockchains in the world have an even more centralized model than this, right? Like Binance Smart Chain has like 20 validators or something like that. And that’s one of the blockchains in the world that secures the most value. There’s other networks where they have very centralized models for bridging between chains. Like at some degree, at every point in some network stack, the way that things look today, everything is centralized. Everything has points of failure, everything of his points of decentralization.
For us 50, is actually quite a lot for what we’re asking the network to do, especially since they’re operated by independent entities and permissionlessly managed by the network. When you hear 50, and you’re an end-user, it doesn’t sound as decentralized as it could be. And that’s what we’re working towards, is continuing to decentralize the network. But as we said, decentralization always has a trade off with performance, has a trade off with cost, has a trade-off with security. And as we expand the nodes in the network, like you have to be very cautious and cognizant of those costs. But if you are, I think as a community, as an ecosystem, people will make good decisions about what the network is ready to actually support.
So it sounds like we may see an increase sometime soon, but generally over time you will try to increase that number based on the performance of the technology.
To be clear, anybody can still operate a note in the network and operate a full node in the network. It’s just the 50 nodes that have the highest stake in the network are in the active set and can actually process the blocks and thus earn the rewards. So like other proof of stake networks, there is an incentive to have nodes and attract delegations and self delegate your own coins just to increase network security, because that increases the costs of attacking a proof of stake network, to have a lot of the stake in the network distributed and bonded. That’s the security property that matters the most for proof of stake network, is that level of decentralization, and having a high number of the available supply of the coin, actually be staked and not moving and locked up for like a certain period. For us it’s a 21 day period of bonding and the network, if you choose to unstake, that’s how long it takes to stop. These security properties are really essential for convincing developers this network is something you can rely on for your own applications. So that’s the other trade-off to consider here is this is a delegated proof of state network. It incentivizes new nodes to join the network, attract delegations, increase the bonded rate. And that just becomes part of the economic game theory that helps create the security for the network.
So let’s now talk about DeFi. Obviously that has been something that has taken off on Ethereum, but is probably restricted a little bit by fees and scaling there. But on something like Secret where there’s this added feature of privacy, what are new types of DeFi transactions or smart contracts or protocols that are possible in Secret that would not be possible on Ethereum or another public blockchain?
So with Secret, the big thing that we think about it, I guess for DeFi, one major thing is front running, which again gets a little technical, but I think people listening to the show has probably heard this term before. the idea that miners on Ethereum and other public by default blockchains, they effectively can see the future. They see what the transactions are going to be, before those transactions actually come to be. And there’s this concept of miner extractable value, that the miners, the block producers in the network are always able to capture value from the applications built on the network because of that ability to see the future. And in DeFi, I think there’s been some calculations done. I think it’s gone well into the billions of value that has been extracted by miners. And it’s a huge cost. I might also make the argument that it’s somewhat not legal in the real world to be a front runner, to actually front-run transactions on the chain.
And what does it mean that a miner even has the capability to do that? Is that compliant if a miner can front-run transactions in the network? So one of the things that you get with DeFi applications built on Secret network is this idea of front running resistance by default. Because the validators in the network can’t see the interactions coming in for them to process. They can’t see them because they’re encrypted. They get decrypted only inside the enclave. So effectively the nodes don’t know what’s happening until they’ve already done it. And that means they don’t see the future anymore. So they can’t do all these sort of injection attacks where they can put their own transaction ahead of yours or the sandwich attacks or any of these things in the Ethereum ecosystem that people are solving through very complex and very centralized means of solving these issues.
You sort of get that resistance by default in the Secret universe. So that’s one aspect, and that happens at the protocol level. So any DeFi application built on the network benefits from that property. But the other thing that you get is you do get privacy for the input data and output data of the applications. So for, if you wanted to build a dark pool application, which this is a massive application in the real world, even though it sounds kind of nefarious, this is actually driving trillions of dollars of economic value around the world. If you work in a major bank, you know dark pools are a big deal. But even in the blockchain world, if you were to have a dark pool application, really what that means is you can transact with people, but the orders are not always public.
Transactions will just sort of happen when there’s two orders that are sort of matched against each other, but you don’t have a public order book. You can build those types of private applications on Secret network quite easily because of the programmable privacy controls. But it begs the question of, well, if everything is private DeFi, I don’t know if you were going here, but how compliant is that really going to be? My answer to that is always that actually the programmability of privacy is the solution to that. Because what you could do is build an application on Secret where you white list addresses. There is some sort of off-chain verification that needs to occur to say, this is a compliant entity that’s now interacting with this dark pool. We know that this is a bank. So they’re using this dark pool application, but you still can’t see the orders.
The data is private, but the identities of the people participating in the system are known. So now you have compliant DeFi, that’s decentralized, but you don’t need to make everything public in order to use it. There needs to be a balance between auditability and accountability that you can get from like that whitelisting process and being able to protect the security of the applications themselves and the security of the data in order for this to be usable either by institutions or by like retail users, that’s kind of essential. And only with the added flexibility of programmable privacy, can you build those types of applications. Otherwise the choice on Ethereum,is the same choice for everyone, expose everything or don’t build it at all. And to me, that’s no choice that’s, that’s just restrictions.
That’s so fascinating when you were describing that, I immediately realized that there’s an opportunity there for something to be built somewhat similar to what Paxos is building, where they’re doing that enterprise blockchain for different financial players to trade stocks and have a lower settlement time. But this I think would be something that then you wouldn’t have to have a company necessarily at the center that was managing it all. So, sounds like a business opportunity for somebody out there.
We would love for people to build these types of things on Secret. Because again, we’re trying to do this the web3 way. I’m using finger quotes for those listening on audio-only. The web three-way being more decentralized, more permissionless, more end-user access, anybody can run a node, deploy a contract. There’s a lot of ways to solve a lot of privacy issues if you gate it, if you put it inside a fully permissioned chain, right? Like to me, I say permissioned to versus permissionless, because private versus public is a little misleading. Secret is a permissionless network, but it has privacy. And if you build a permissioned blockchain that only certain people can use, only certain people can read, a lot of those use cases, I personally feel, are better served with some sort of other sort of distributed database technology.
Why use a blockchain? Why put a coin on it? But you know, those are really valuable use cases, but the same way that institutions are starting to lean towards the public Ethereum chain for actually building and deploying their applications and participating in governance on Ethereum, as opposed to like really chasing down a lot of these enterprise ledgers, that’s been our thesis all along. We just also think that privacy should exist in that web3 world. Not only in the permissioned chain world. We’re trying to be that center of that Venn diagram. And I ultimately, I think enterprises, institutions will understand what that means for them. They will choose the web3 solution. They won’t choose the total walled garden when they realize that these types of applications really are possible on a permissionless chain.
We’ll have to see what timeframe that happens on or if at all. So another thing that you and I had previously discussed was NFTs on Secret. And I’m curious to hear you describe how NFTs on Secret would be different. And then I have a question for you after that.
Of course. So NFTs on Secret. It’s not just a hypothetical, right? Like everything we’re describing now, this is not some day on Secret. Like Secret has been on the mainnet for about a year and a half with privacy-preserving contracts for about 13 months. So I probably should have emphasized a little more strongly that we’re having this conversation because these aren’t hypotheticals, because the technology does exist and people are using it. So we do have DeFi applications built on Secret. We do have AMMS and DEXs built on Secret. We have a lending platform being built. We have a stablecoin being built on Secret all with these front running resistance and privacy-preserving properties. So similarly, with NFTs, this exists, you can deploy NFTs on Secret. Just like you can deploy an NFT on Ethereum, just like you can deploy an NFT on Solana.
But as we talked about with the DeFi side, yes, things work a little differently on Secret, but in a way that again expands the design space by orders of magnitude. The biggest difference for Secret NFTs is twofold. One, is you can have the choice between public or private ownership. The other is you can have a choice or you can have both between public metadata and private metadata. So whether you’re familiar with NFTs or not as a listener, the NFT is a very simple concept. It’s this digitally scarce item that lives on a blockchain. Anybody can really deploy one. You can interact with it, but it exists on the chain, not in like some centralized platform and it’s scarce. As opposed to fungible tokens like ERC-20 on Ethereum. These are non-fungible, and they’re designed to be scarce one of one, one of 10,000, but like really identifiable. The difference between having a dollar bill and then really caring about the serial number on that dollar bill.
That’s the difference between fungible and non fungible. So on Secret, we care about non fungible quite a bit because for scarce items, private ownership is actually super important. That is how you immediately reveal somebody’s identity when they may not want it to be revealed. If you own one of 10 million Ethereum, and it’s completely fungible, it can go through applications. It can go through mixers. Like you can’t really see what happened at all, but that’s the fungibility. With a non fungible asset, like an NFT. And if you can assign somebody’s real world identity with ownership of that NFT, then you now know that that address belongs to that person forever. And that is a very big security risk, especially if you’re a big collector. Or as a creator, maybe you don’t want to put your audience through that, that sort of process, to being able to engage with your work. It limits your audience if you have to say, you have to make everything about yourself, public, and in order to own this work.
But the private ownership piece to me is not nearly as interesting as the private metadata piece. So what that means is, the way NFTs work today, all metadata is public. So if you own an NFT, if you have, let’s say a CryptoPunk, it sits in your Ethereum wallet, you own the keys to your wallet. So technically you own that CryptoPunk. But what you really own is a contract that points to a file that sits in distributed storage. And I’ve heard some people kind of describe that type of digital ownership as like I forget who did this? I loved this analogy cause I thought it was so funny. It might have even just been a tweet that I saw. But it’s like, if you go to the museum and there’s a guy standing outside the museum and he hands you a small piece of paper that says you own the Mona Lisa.
And then it’s like, wow, I own the Mona Lisa. He’s like, yeah, that’ll be 500 bucks. So you pay him and then you go inside, you try to take the Mona Lisa off the wall. You’re going to get tackled or shot. You don’t really own the Mona Lisa. You just own a piece of paper that says, you know where it is and somebody somewhere recognizes your ownership of it, but what do you really own? Anybody can go look at it. You can’t really move it. It’s tough. Especially when the art, that public metadata is public to everyone, like we’ve been saying, that’s how public by default blockchains work. With Secret, you finally have the ability to put both public metadata and private metadata in that NFT contract. So as an artist, for example, you could put a watermark version of your high-quality art piece in the public metadata.
Anybody can see what the NFT now represents because it points to that work. But only in the private metadata, do you have the full resolution, non watermark, high quality version of it, and it’s only decryptable by the owner. So now only that owner can choose to display it. Only that owner could show it off in a physical gallery and only that owner really, truly benefits from that content. That’s a much more accurate representation of real-world ownership. That feels a lot more like the Mona Lisa sitting in your house. And only if you invite somebody over to your house, are they going to see your Mona Lisa. But you can still with the public metadata, if everyone knows that it corresponds to that scarce digital asset, you still get the flex, right? You still get to say I own this. And that’s such a big piece of what to date NFTs have been about.
But what we want NFTs to be about is creator empowerment, creator monetization. We don’t want the NFTs to just be about, look at this cool cartoon I own. We want it to be like, I’m a creator. I made something of value. I want to share it with my audience, but only my audience. It’s a path to monetization and sustainability without a middleman. Because again, this is all just web3 based access control and native privacy. So I’m a musician. So I’ve always been very excited about creating these use cases on blockchain. And the biggest blocker has always been the lack of privacy controls and access controls. And I finally feel like with Secret NFTs, there’s a solution that I’m comfortable saying is decentralized, but also works. And that I have comfort that f I put my work in a Secret NFT, it would still have value years from now instead of somebody just right lick saving to their computer and pretending like they had ownership all along.
Okay. Okay. You answered my question because in our previous discussion you said, oh, a creator could put the NFT in the private metadata. And then it’s really just that collector will get to enjoy it. And I was thinking, oh, but you know, as you said, NFTs are all about the flex, the status points. So then they can still get that well. So the day this show comes out, you will be announcing a partnership with OpenSea and an artist who we cannot discuss on the show. But why don’t you tell us a little bit about that?
Absolutely. It kills me that as we’re recording this, I don’t have permission to share the artist’s name, but it’s somebody that I hugely respect. And at the time people listen to this, they’ll understand why we couldn’t discuss it in advance. This is so exciting for us because it’s the first time that there’s been an artist looking at NFTs and saying, I can’t use this. I can’t protect my work. My work has such immense value to me. It’s so scarce. This has never before seen content, no one has ever seen this, but the creator themselves. This is the first time anybody in the world will see it. And it will only be accessible to the owner of it. But there will also be a public metadata component so that everybody knows what it represents. And everybody will have known who created it.
And it will still look beautiful on the outside, but on the inside, even more beautiful, even more special, you can think about it as like a one of one that nothing like it has ever existed and nothing like it will exist anywhere else. And this is a mainstream creator. This is somebody from the real world, who came and looked at NFTs and said, this makes no sense. But then came and looked at Secret NFTs and said, this makes so much sense. And I can use this. And it’s just another way to connect with my audience, my existing audience, and maybe build a new one. I’m so excited for who it is, but I also would say like, I don’t really think it matters for the purposes of this conversation about Secret NFTs, who exactly it is, because you can think of a hundred people right now who this could apply to where it would be like, oh, I would love to consume that person’s work if it meant a personal relationship with that creator.
You can imagine a creator putting access to a private community inside the private metadata. So only the owner of that NFT can access it, but nobody else even knows where that community lives. And you can’t just check on the blockchain to see who else is in the community. It’s a private community of owners bound by ownership of that NFT interacting directly with the person who originated it. Like these are such exciting communities that can form. And I don’t think you need to bring, like so much of what’s been tried in the NFT space is, you’re somebody who’s famous. So you’re going to bring the 10,000 people who already know you into the blockchain, convince them to buy something of your work and then check out forever. It’s a cash grab. What we’re doing with this creator, what we’re doing with OpenSea, it’s whatever the opposite of a cash grab would be.
It’s the only time that this person’s even been able to share their work in this way. So there’s no other way to do this. There’s no other way to share this in a way that this creator would be comfortable with, except for the way that we’re able to do it with the private metadata. We’re excited to partner with OpenSea because they can auction this NFT on their platform. It’s going to be an Ethereum NFT. But what it’s going to do is owning that Ethereum NFT now unlocks access to the Secret NFT. The Secret NFT is really like the settlement layer of that NFT. Access to the Ethereum NFT gets you the Secret NFT. Inside the NFT, that treasure chest, you open it up inside the Secret NFT, is that meaningful piece of scarce content, never before seen by anybody else, wrapped up inside of it.
You can take all of the liquidity and demand that already exists for these Ethereum platforms. And all of that demand can still lead back to a Secret NFT, just because you can bridge between the networks. You could bridge from Secret to Solana. You can bridge from Secret to NEAR — all these incredible protocols for NFTs that have incredible artist and creator and collector communities. But none of them have private metadata at layer 1. None of them have that need of access control or private ownership. So even though we’re going to be fully interoperable, and even though we want these to be multi-chain NFTs, we do believe that Secret is best positioned to be that settlement layer and appeal to creators who want to keep their work secure and want to ensure that wherever it really would live and where users would choose to interact with it, to gaze into the private metadata, we still think that will be Secret because creators will demand it, because collectors will demand the security of private ownership. But it won’t mean that we don’t have NFTs on other platforms. All it means is we’ve now created more security for every NFT that could exist on any other chain.
It’s really interesting because it does mirror real life are collecting more. So I find it really fascinating. Let’s switch tracks a little bit. One thing is, as we all know, in crypto, regulation is a big story right now. And we have seen that regulators seem to be trying to push things toward a more centralized model that does rely on intermediaries and away from a decentralized peer-to-peer model. I have talked with some different entrepreneurs in the space who, to their mind, they don’t necessarily agree with the government’s approach here. And for them, they think that the best way for regulators and law enforcement to deal with the crypto world would be to have the public blockchains where you can see the flow of funds, but then through the on-ramps, which do you have know your customer on them, that that would be enough for law enforcement. And as we’ve seen, there have been many cases where law enforcement has been able to identify people and go after them. So for something like Secret though, that model wouldn’t really work. So how would you suggest that regulation handle a setup in which Secret was a big part of the crypto world?
I think that Secret, again, these are very interesting and challenging and deep questions. These things don’t have simple answers. Like I might argue that that’s simultaneously too much and not enough, right? It’s not enough to have that kind of oversight because what if all of this value ends up never going back to the fiat world? What if, like, what is valuable to people is really just access and control and they find it natively on Ethereum. They never cash out. They just turn all of their Ethereum into CryptoPunks. And what crypto punks unlocks from like a flex perspective is so much more valuable to them than going out and trying to buy like an actual Lamborghini. We really are entering a world where maybe none of this money ever needs to go back into the legacy financial system to provide maximum value to their holders.
And you can imagine a ton of people in the crypto space sitting here and thinking, actually, yeah, I’d rather flex my CryptoPunk, then go buy a car. I mean, people still need to eat. They still need to live somewhere, but like, maybe your needs are not that complex. I agree with you that like eventually getting back to fiat money and that necessity could slow down or prevent like a lot of criminal activity. I’m very anti-criminal. I want that to be known on this podcast. I very much do not advocate for things that are harming people, real people, like that’s real. I don’t want to play it down. I’m just saying like, simultaneously, this isn’t going far enough, as I said, but maybe it’s already going too far.
That level of surveillance is not warranted. And it’s treating everybody as a criminal before they become one. Where’s the consent from the user, right? With Secret, what you have is a viewing key system, or a permit based system, where if you choose to share access with someone as a user, if law enforcement comes and asks you to share and you refuse… I mean, again, how are they going to find the owner of an Ethereum address, right? If we’re talking about the on-ramps and off-ramps right, that’s different, right? Secret network is not an on-ramp or an off-ramp. If an on-ramp and off-ramp chooses to support Secret network, they’re doing it because they believe this has a value as a platform to their users. Buying Secret, for one thing I should stress for people who haven’t interacted with the network, Secret itself is not a privacy coin.
We talked about Monero, we talked about Zcash. If you go and send Zcash and Monero around the network right now, yeah, that’s a privacy coin. It’s not traceable. Secret, the native coin of the network, pays for all the gas, what you stake, what you vote with, the coin at the network level is public. And that’s a deliberate design choice for the network because that type of transparency is useful for auditability and transparency and accountability. And it’s also useful for exactly the types of things that you’re describing, like where you want to see what use cases are active in the network. But all that privacy exists by default at the application layer. And what that means is if you build something on top of Secret, we talked about these white listed applications, right? A white listed application on Secret would require only KYC accounts to be able to interact with those applications.
And if there was an application that was not using that system, and for some reason, it became required that you had to be a KYC whitelisted address to be on the platform, you wouldn’t be banning Secret network. There would be non-compliant applications, but fundamentally I don’t believe that that sort of censorship should exist at the network level because all you’re doing is compromising the security of every compliant application by forcing it to be on a public by default chain. So there’s a false choice really. And I’m not saying you’re presenting me with a false choice, but I think regulators would law enforcement would present us with a law with a false choice of either you can have a public by default blockchain with absolutely everything traceable, which they will love, but is way too much surveillance and is extremely invasive. If the false choice is between that or like you can’t have any application that has an element of privacy whatsoever, that’s an insane false choice.
And honestly, regulators prefer privacy. Like why else would Facebook be fined billions of dollars for all these like data leakages? Like what happens to Experian when they leave all of your social security numbers? What happens to accountability for Uber when their database gets exploited? Like there have been fines for exactly that type of like lack of data protection for consumers. And like, this is why GDPR exists. Privacy really is valuable. And regulators should prefer platforms that provide privacy at the application level. All we’re saying is, don’t enforce a lack of privacy at the network level. This is the same thing about like forcing backdoor encryption into every application. All that does is create exactly the thing that criminals are going to exploit. Anything that gets created as a backdoor is going to be exploited, not just by the good guys, but absolutely the bad guys and sometimes much sooner by the bad guys than the good guys. So all this is saying is don’t force blockchains to be completely insecure at the network level. If you have to apply controls, that should happen at the application level. That’s the reason we chose the architecture for Secret. And I think it’s completely compatible with the version of the blockchain world that regulators would like to see exist. I actually think it would be substantially more preferable, but we’re early in the education process.
So for Secret, obviously there is kind of a unique feature here that could draw a lot of people. You know, it offers something new, but also what would happen if Ethereum or another bigger blockchain were to either adopt some form of Secret, whether it’s in an application on top of Ethereum or whatever it might be, like how do you kind of compete in that regard? Or is it just that you’ve created this Ethereum bridge? So that way, it doesn’t make sense to do that anyway.
So if you have an application that just requires like privacy for a purpose, we’re built to be interoperable. And actually what IBC allows us to do that that’s a bridge, not to Ethereum, but every other Cosmos network. So that includes things like Cosmos, things like Terra, all of these different IBC enabled chains that are able to talk with each other today for just transfers. But also soon for contract calls. That becomes more like you’re describing like Secret now serving as a second layer to these other blockchains that just want to do some private computation. So Secret provides that as a service, as another layer. But the bigger point that you’re raising is why doesn’t like, I feel like everybody always gets this question. Why can’t Ethreum just do what you’re doing, right?
It’s a bigger chain. It’s a bigger ecosystem, more devs, more this, right. And you know, it’s a valid question if you’re asking like an Avalanche or a Polygon or one of these other chains, that seems to be much more directly competitive. But the fact is when you start as a public by default chain, you can’t put the cat back in the bag. It’s public already. When you start as a private by default chain, you can always choose to reveal something. And if you don’t reveal it, it’s still private. If you do, now it’s public. But you started private and you had a choice with a public by default chain like Ethereum, you can’t slap something on somebody that would suddenly turn the entire history of the blockchain private. The larger the network is you certainly can’t like convince the entire population supporting that network to embrace privacy by default, especially if they’re stakeholders in the network who don’t want that model.
There’s not only like a technical debt here, there’s a governance debt. And the entire network has to agree on this purpose. With Secret, you know we care about privacy. You know, we care about privacy because if you’re watching the video, we put it on all of our hats and you get privacy by default. They were very popular in Massari main net earlier this year. And we’ll be bringing them back for NFT NYC and to Cosmoverse in Lisbon and in Miami in November. If you like privacy, we have hats for you. But the point is you never have to ask somebody in our community, Hey, do you value privacy? It’s the one thing that really binds our community together. By default, we actually have a lot more cultural cohesion as a result than Ethereum, where I don’t even think some of the core devs of Ethereum can agree on what Ethereum is for or what its purpose is.
And that’s okay. Like it’s been a world computer, it’s been an ICO platform, it’s been an NFT platform, it’s been a DeFi platform. But it’s never like had necessarily a strong identity beyond that. With Secret, we know what we stand for because we do the thing that other public by default blockchains don’t do, which is protect privacy by default. So the short answer to the question is really just, you can’t do this. You can’t take a public by default blockchain and slap privacy on top the same way that like public-private key encryption only works in one direction. If you have the private key, you can unlock the wallet, but you can’t take the public key and somehow guess the private key, it only works one way. So it’s the same thing. You can’t turn all of Etheruem on private now that it’s public, but with Secret, once it starts private, there always remains that choice to reveal anything on the network, anything about an individual application. So there’s always the chance in the future that we’ll be more like Ethereum, but there’s never really a chance that Ethereum is going to end up more like Secret.
Okay, great. Well, this has been a super fun and really stimulating discussion. Where can people learn more about you and Secret
To learn about Secret, you can go to the homepage for the network. It’s hosted at scrt.network. If you want to follow the network on Twitter, that’s @SecretNetwork. If you want to follow me on Twitter, I’m @TorBair, my first name, last name. That’s the best way to keep up on network news.
Great. Well, thank you so much for coming on Unchained.
Pleasure. Thank you.
Thanks so much for joining us today! To learn more about Tor and Secret, check out the show notes for this episode. Unchained is produced by me, Laura Shin, with help from Anthony Yoon, Daniel Nuss and Mark Murdock. Thanks for listening.