As the world evolves, technology evolves, and so is the way we protect things that belong to us. As more and more things come within everybody’s reach, we need to have security to keep anyone from breaking into our privacy and make sure that what’s ours remain ours. Tracy and Monica explore public and private keys, and discuss how these keys work to maintain a new level of trust and security. They share how to keep our belongings fraud-proof and help us understand the importance of different layers of protection that give us incredible privacy.
Watch the Episode Here:
Listen to the Podcast Here:
If The Key Fits: Exploring Public Keys And Private Keys
We’re going to talk about public keys or private keys. It’s a big question we get like, “How are keys any different than passwords? What’s the difference between a public and private?” I thought this was a great question for you to take on from an education standpoint because you wrote the book, Blockchain 101. I know you can explain this to me so that I can explain it to other people.
When there are keys it’s funny because people think there’s a password. That’s what I tell this entity, who I am, prove that I know that I’m good to get in there. That’s how it’s usually been for people with centralized systems. With a decentralized system, there’s another layer of it. If there’s a need for a public ledger or a way to find something via a key that’s public so you can go and say, “I’m going to search for this transaction or evidence of a thing publicly.” I’m not going to be able to have ownership of that unless I own the private key that proves that thing that you publicly see belongs to me.
Is that like a routing number and an account number if you think about it from a bank?
That’s a great analogy except the routing number only tells you about the financial institution.
It would only tell you about me?
Yeah, in this case, the routing number ends up being a little bit more the identifying number of a transaction. The account number is your password number to say, “That transaction was my transaction.” A private key is the most secure way to make sure that you have this access to say and prove on this digital ledger, this external ledger that’s fraud-proof and distributed, “That was mine.” That is this way to take something that everybody knows about and identify it as yours. That is a wonderful thing to use. It’s highly encrypted, a long string of alphanumerical this and that. The problem there is what we face with all new technology is the nerds that I hate to break it to you. We’re interested in this stuff. We get in this side of it but the average consumer is going like, “I don’t care. What does it do for me? Is it easy?”
That’s a longer password.
I could never memorize that and I didn’t pick it and I can’t change it. That’s dumb. There are still a lot of interface issues that are coming up that more and more innovative companies are going to address to make this easier and more consumable. Without derailing all of the amazing innovation that has brought us to private keys that gives people this incredible privacy. This incredible fraud-proof ability to not have anyone hack your password or hack your private key. It can’t happen.
That’s the part that starts to fall apart for most people. It’s like, “It can’t happen,” but it can. The important things that we probably should point out for people are that thinking about it this way where if all of our account information, as we’re using that bank analogy, all of the accounts for all of the banks are located within that routing number. Hackers know where to go. They’re siloing it and they’re saying, “The account numbers are here. That’s why we’re protecting it.” The distributed ledger and the distributed information of the blockchain are creating that. You’re not sure. Am I getting access to something that’s stupid or am I getting access to something that’s valuable? Hackers don’t know that. There’s some protection in that.
When you look at a public key for something, you can see transactions that are made between entities. You don’t know what those entities are, who they are. By not knowing who those entities are and certainly not having the private keys to be able to access and claim those transactions as your own, then you can see there’s value there. You can also know that there’s no way to get in to hack that value through the system itself. You could break into someone’s apartment and get their private keys and steal them. Through human error and human interaction in the real world, you could get in.
The technology itself has locked that down so you couldn’t sit on your computer in Russia and hack to get someone’s private key. It doesn’t work that way. You’re going to have to break into their home and find what they wrote it down on or you’re going to have to break into their computer and find where they stupidly left it in a file that was hackable through a centralized format like Dropbox or something like that. That could happen. You can’t go and say, “I don’t know what this is.” The public key means that you do know what happened there. You do know all of this. A Bitcoin was transferred or this information was transferred and whatever encrypted. You can see what was done there to a degree, but you can’t see between whom and you can’t get into the password to be able to access and rob that from that transaction.
It’s also who and where because you also don’t know unless you knew who, where it went. You don’t know what the next block is or you don’t know the next place that it’s going to.
The person is the where. The fact that that’s encrypted means if you knew that, “There was a transaction,” I can figure out that, “Definitely my friend or they told me they bought a bunch Ethereum.” Here’s an interesting story that I read about. It was one of the first cases in New York City into the judicial system about crypto robbery. There were two men that knew each other. One made what he calls a small investment in Ethereum in 2011 or 2012, a long time ago when it was much cheaper. He’s now subsequently become a millionaire. He has a little over $1 million equivalent in Ethereum, maybe $2 million. His associate knows about it. They did some business together or whatever. His friend invites him out to go to lunch and says, “Let’s go to this place. It’s here in New York City.” The guy’s like, “Let’s hop on the subway.” He’s like, “Let me get a car.” He’s like, “Let’s hop on the subway.” He’s like, “Really, we’ll get a car.” He keeps insisting that he’s getting a car when it’s two subway stops. If you’re a New Yorker, you know there’s no reason to get in the car and spend three or four times more when the subway’s right there. A millionaire knows that. Anybody knows that. It’s a ridiculous tourist thing to be like, “I don’t do the subway.”
He’s like “We’re going to get on the subway.” He’s like, “Hang on. Stand here.” He keeps leading it out closer to the curb. Suddenly, a van pulls up, kidnaps the Ethereum owner, throws him into the van. The other guy’s like, “My friend’s been kidnapped.” The guy is held for a number of hours, interrogated and asked, “Where are your private keys?” He says, “I don’t have them on me,” and he’s beat up or whatever. I don’t know exactly the extent of the abuse he endured, but about twelve hours later, he was released after he had said, “The private keys are in my house.” He comes home to a burglary and his private keys have been stolen. He lives in an apartment that has video cameras and the other man who was trying to get him to get that car, who had invited him to lunch that day, was seen walking in and walking out carrying a box. A box identified by the first gentlemen as the box holding his private keys.
It went to court. I don’t know what the outcome has been but they’re like, “It was all in crypto so we don’t know.” It’s like, “We know more because then you can see exactly the wallet that he had held it in.” You can see on the blockchain that from that wallet after this burglary, somebody transferred it to another wallet and from that wallet, it transferred to three others. You can see exactly where it went. You don’t know to who because the private keys don’t identify who, but you do know that it happened. There’s proof of the burglary and there’s proof of the transfer of the money out of that person’s wallet in real-time and there’s proof that it was distributed to three others. How can you go about finding the identities of these others?
I would imagine that’s why he’s suing him is the person behind this. Allegedly if it’s that person, then that’s why he’s in court. He has to prove that he wasn’t the person behind this even though much other evidence point to that. Recovering it is another story but tracking it is extraordinarily easy because it was all done in crypto. It’s not like he had $1 million in cash in his home and it was taken. Somebody could have tipped the waiter on the way out and you’d never see it. We know exactly where this went exactly to what wallet and exactly when.
The thing is that if you never reveal your private key. It’s never found. That guy’s not going to volunteer it because that’s incriminating, so you never know. Is there a repository of private keys somewhere of which it could be matched?
There’s not a repository of private keys to match it. There’s an interesting play here and I don’t know how it played out in the judicial system, but that’s why it was newsworthy is that this is the first time we’re going to see the law saying, “We’re going to subpoena your private keys.” Is that possible? Is that legal? Is that precedent?
You’re the only one who can verify it.
If you say, “I don’t have it,” there are a lot of questions about this incredible privacy that private keys hold. In this particular case, what exactly is going to become the legal precedent for handling issues of crime?
You can have more than one private key?
A private key that you have is for a specific wallet.
You can have more than one wallet?
Right. You can also say, “Here are my private keys and not that one,” but you’re not complying with the subpoena. If that’s ever discovered, that’s its own separate charge. It’s interesting to me to see how is regulation and legislation going to catch up to what’s now technologically possible? In the end, there was kidnapping, there were interrogations, which means abuse. That’s a lot of charges against some people. There was burglary, breaking and entering. There was theft. There was this ledger on the blockchain that proves the true actions that resulted from that theft.
It’s that you can’t see who executed that part and that’s where value gets assessed. I could see this being such a legal tangle. The interesting part though is thinking about it from let’s say I want to stay anonymous for something, but I want to prove my ownership of something. At some point, I can come forward and do that without revealing all of the other things that I’ve done.
That transaction that went to one specific wallet, you can say, “Here’s the proof that it’s mine and I’m going to do something with it.” Once it’s known, say the public key for a wallet, you see all the transactions that happened with that wallet. You can see what happened. That’s how a smart contract works. You can go and say, “This money was transferred to this actual address, to this location.” You can see exactly all the things that have happened in that location. When somebody says, “I used to raise money with an ICO,” when I say used to because it’s the less common now, but if people would do that, you could literally see. You could watch and be like, “They’ve done that.” You could watch what their true fundraising was.
Unlike on Kickstarter where they say, “We’ve got a thing,” and they’ve got a newsfeed. It’s a similar thing but it doesn’t show you the actual money that went in. A centralized party, Kickstarter, tells you, “We promise, scout’s honor, that money went there.” Maybe a lot of people could have made donations and then reversed them later through PayPal or said, “I’m going to call out fraud on my Visa,” but you’d never know those particular things because you wouldn’t see the actual transaction. We’re coming up to the same issue that comes up with private keys themselves, which is an interface issue. That’s with all new technology.
Are we going to need to know all of those transactions so deeply as average consumers to get this to scale? For this to become a massively adopted technology or is it a fancier way to do the same thing? People have already seen on the frontend, which is like the Kickstarter thing? Here it is, the newsfeed of all the cool people that put their money into that project or all the transactions that happened at this place. If you’re a nerd, you might jump in and be like, “I’m going to check the blockchain and see if that’s real.” Ultimately the interface issue has already been solved. We tell you what happened. Here’s how much money we raised. Here’s how much money is there. Here’s how it’s going to be used. Here’s our splash video about what we’re going to do with it. All of those things have not been changed by blockchain.
It makes sense to have multiple wallets. I could see myself saying, “I want a wallet that is going to secure my patents and my IP and my ownership of my inventions and my products.” I could see that as a corporation, not just as a human. “I’m going to have a different wallet that’s for daily transactions and my day-to-day stuff because I don’t care.” If someone ever asked me, I’d turn that one over in a minute and go, “You can see how many Starbucks I bought last week,” whatever that would be in the future. You can see that happening. This is a wealth-building strategy to have multiple accounts in multiple banks and multiple countries. I was encouraged to spin-off my Podetize platform in a corporation in Belize. I was like, “It’s got to be time this year to figure that out. Maybe I will consider that.” Most of your average person doesn’t know that. That’s where we’re starting to get into this issue as like, “I want to get into cryptocurrency. I’d like to get a wallet.” Have you thought it all the way through what it means to have a wallet? It’s not like, “I’ve got a credit card.”
It’s not at all. That’s the interface issue because if you take away the complicated long string of numbers and letters that make up a private key, which is so encrypted and you say, “It’s complicated. Let’s back away from that and do something else.” What have we got so far? We used to have typed up passwords for everything. Then we got on an iPhone that’s the thumbprint and then it became the face. Someone might make the app that says, “We’ll hold all your keys and link it to your iris.” That would be pretty attractive as an interface.
Here’s the problem. That occurred to me when I was doing an interview about Wala and Dala. Tricia Martinez was talking to me about it and they’re there in Africa and they’re in this country. They’ve got grocery stores where they can redeem the currencies in a form of aid. They can redeem the aid for the food right there. What happens if you’re sick and your family needs it to eat? Your iris is the one that they rely on because your key is securing that. Is there a way if that’s where we start to get in legacy complications of where we assign power to someone temporarily?
That’s been somewhat addressed in things like multisig wallets. Multisig wallets already exist. They’re multisignature wallets. Meaning that you put three people on the wallet and it takes two out of three to sign. You can distribute the access. A consortium of two of us can always make this transaction. If one person dies, we’re still covered. That’s important. For example, you have a husband who have the wallet and a lot of crypto in it and he wants to put his wife on it, but he also wants to put his daughter on it. If he ever dies in a plane crash, the two of them can access their family’s wealth and vice versa. If anyone of them goes, they can’t access it alone but they can together.
You can also make it a five-sig or seven-sig. There’s some odd majority that can access this. You can be creating governance structures around that. When you look at automating things with smart contracts, we can see straight decision trees already technologically acted out once somebody hits go. They input a certain piece of data that goes down that decision tree. The decision tree to release a cryptocurrency from a wallet would go down the decision tree in a multisig wallet with two people out of three or three out of five or four out of seven or whatever. Think about the way operating agreements work for companies where it’s like, “We are going to distribute the authority among this board and the majority of the board will be making such decisions with their voting shares.”
It makes it much harder to pierce the corporate veil because you’ve got ledger tracking of all of your votes and decisions and all of those things going on. From a corporate standpoint, I see it as ideal. The other complication is that wallet issuance. Do we trust how wallets are being issued? Is that in control of too few companies? We keep hitting on to logistical problems and are this trustworthy in the process? That’s what you and I are constantly looking at here. Where is it being resolved? How is that working? How can we explain that to ourselves into our community?
In terms of trustworthy, it’s pretty clear that there wouldn’t be this buzz around this mysterious technology unless it was revolutionary. Revolutionary in terms of what it can do for pushing forward trust and autonomy and privacy in a system that has not had that to the same degree before. It is revolutionary. How we do it, I can’t help it. I’m always going to be beating the interface drum because the person who can make it simple and elegant and sexy and easy that will do well in the marketplace no matter what they’re bringing to market. We’re talking about complicated, revolutionary technology that’s relevant to the average consumer and difficult to understand and utilize. The person who can make that easy to grab hold of without obscuring the details, because the devil’s in those details, without obscuring the risk or the non-risk associated with those actions, they’re going to win. It’s still an interface issue. The person who’s got the most useful app or dap is going to be dominating the crypto market because they’re going to be in everyone’s hand and everyone’s going to use it because they finally get it and they like it.
That goes back to the third episode that we did with Eric Tippetts and NASGO. In a way, that’s what they’re doing is they’re making this super simple one-stop place for a business to go and put themselves on the block. Get a wallet. Do what’s necessary to execute a smart contract and it’s easy and simple to do that. That’s why they’re bullish on that. When we’re talking about that, that’s the competitive space right there. This is the place that companies are competing against, but we still have an education on a little bit of the concept of wallet and we’re not still talking our language of a debit card, account number or routing number. You have to bring that together and this is where I see a lot of companies falling apart who are in this world. We’re in our know, we’re in our lingo and we’re not wringing it out. I know that you’re all about that because that’s what your book is about.
That’s the thing, I’m like, “We should ditch the idea, the word crypto at all.” Average consumers ask me at conferences where they’re like, “I’ve never been to a blockchain conference.” This happened at a conference where I met you. I got off stage and this lovely old woman who I’m sure had trouble programming the VCR, let’s put it that way. She was like, “Crypto, it makes me think of kryptonite that almost killed Superman or is it Tales From The Crypt-like it’s dead?” I was like, “We’ve got to get away from that word.”
This is why I’m here. This is why I chose to do a podcast on blockchain with you because this is exactly where I was sitting when we were talking about 3D printing a few years ago and I was like, “Can you stop talking about it like slicing and start talking about the fact that nobody cares. It’s just getting prepared for the printer.” Why can’t we talk about it like that? We got to talk about it in lingo like, “We’re fancy. We’re slicing stuff.” Please drop it. No one cares.
Stop it and get it ready. It’s just digital money.
I’m at a conference with one of my favorite people on Earth, Wendy Lipton-Dibner. This conference is called Move People To Action. Her book is Focus On Impact, which is a great book if you’re building a business. I’ve reviewed it in my column. I’ve known her a long time since I read it and was fascinated by it. One of the things she says is like, “Stop telling people I’m going to transform your life and all of this stuff,” because entrepreneurs are that but real people go, “Not again. I don’t want to hear that stuff.” They want words that they see that are six-year-old. It’s not because you’re belittling them, it’s because you’re respecting their time and you’re going straight for something that everybody understands.
Here’s the other thing. When people say, “Talk to me like I’m five,” I’m like, “Yes and no. How about this? Everyone wants to sound and feel smart.” I’ve heard people say like, “Learning is humiliating,” because if you stay in your zone of what you already know, you always feel you know what’s going on. You’re in charge.
I don’t like comfort zone. I’m not comfortable in my comfort zone. I’m not one of those people, but I get it.
You’re also an entrepreneur. We have to remember many people are seeking the comfort of the familiar. If you can’t make it familiar, use familiar words. Find out their words and say it back to them in their words. Are you talking about tokenizing real estate and I’m like, “Tokenize? How about I do formalized fractional ownership? It’s tech-enabled fractionalized ownership. It’s a tech-enabled fractional investment.” People say, “Is it like a REIT?” I’m like, “Sure.” I always say yes to the analogy someone’s trying to make because they’re saying, “I have a comfort zone, it’s called this thing. Does it fit in the domain?” I always say, “It fits with a little twist.” When you’re like, “Routing number and account number?” “Yes, but with a little twist.” You get to keep people comfortable. To talk to them like they’re five, no. Talk to them like they’re 45 because everybody wants to feel smart. If you can communicate well, you can get people to get a new concept without feeling they had to stretch and get uncomfortable to get there.
That’s where I say it’s not a language because I have to write my column as you write to a fourth-grader is what they always say. I have a fourth-grader and she’s smarter than most people I know. She’s super intuitive and she’s sharp, but you’ve got that. It’s not the language that you use, it’s the familiarity. What they’ve known and learned about up to that point. When we’re in our bubble of tech, we know a whole lot more that goes a whole lot deeper. The whole thing that spawned this conversation was the fact that I was reading this book, Life After Google by George Gilder. He’s a tech writer and he’s been covering the people in the industry and not just blockchain. He’s been covering it. He’s like a frat boy. I can’t explain it any other way.
He knows who they went to college with and it’s all men in the book. I haven’t hit on a woman yet. There’s not a story yet. It’s all about the men who’ve invented Google and who did this and Microsoft that and HP this and who went to Harvard and did that. Who dropped out of Harvard, who was a Peter Thiel fellow? That’s all his thing is. It’s all about that. He’s telling these stories and he paints an interesting picture. The writing is good, but it’s one of these things where I’m looking at it going like, “Do I need to know this? Do I even care? Is this valuable to me?” Instead, my head hurts and I can’t pronounce any of these guys’ names. I’m like, “Is this the same guy from last time?” It’s confusing. At the end of the time, I want to hear about what life after Google’s going to look like instead of the bitter fight over who invented Bitcoin.
The bitter fight of who invented Bitcoin is not going to be interesting to anybody but the nerds.
Your normal person wants to read a book about what life after Google looks like. A businessperson wants to read that. Do we want all of this? That’s how this got started and I thought we’d cover it. I think I know a lot more about how to explain wallets and private keys and public keys now. I’m glad we had this conversation. I hope this helped others.
I hope I didn’t throw in the court case as the first example of how private keys come into play. There was a bad guy that did a bad thing, but private keys played a role. That’s what I’m saying.
Thanks so much, Monika, for helping me out here. If you have anything out there that you would like us to explain, you would like us to research, you’d like us to discuss and debate, you’d like us to get an expert for, let us know. You can find us at NewTrustEconomy.com, on social media @NewTrustEconomy. We’re syndicated now everywhere. We appreciate if you would rate and review us. That would help us get moving.
Only rate and review if you feel great about it. If you don’t, skip reading and reviewing.
Thank you all so much. Until next time, this has been Tracy and Monika.
Thanks.
Important Links:
- Blockchain 101
- Eric Tippetts – Previous Episode
- Move People To Action
- Focus On Impact
- Life After Google
- @NewTrustEconomy on Facebook