Bra podcast
Sveriges mest populära poddar
Jonathan: This is Floss Weekly, Episode 781, recorded Wednesday, May 1st. Resistant to the Wrath of God.
This week, Doc Searles joins me and we talk with Matthias and Paolo about HolePunch, the Pear Runtime, the Keet Messaging Platform, and how all of this works peer to peer without any servers needed. You don't want to miss it. So stay tuned.
Hey, it's time for Floss Weekly. That's the show about free Libre and open source software. I'm your host, Jonathan Bennett, and we've got the, the one, the only, the great Doc Searles with us. Hey Doc.
Doc: Better, better great than late. I was thinking about that. Cause I, I I'm having, it's just. Some, something done to my heart tomorrow.
So we'll find out, but I plan to still be here.
Jonathan: Yeah.
Doc: Yeah. Well, you've got to
Jonathan: stick around. We you're, you're a co host. You're one of my rotating co hosts. Can't check out yet.
Doc: Can't no, not for that. Do you know what Oh, George Burns said, when they asked him if he'd live to be 100, he said, of course, I'm booked.
Oh,
Jonathan: we got a fun project on today, and it's, it's Hole Punch, but it's also Pear, and so figuring out kind of the relation between those two is going to be interesting. Doc, you've done a little bit of homework on this, haven't you?
Doc: A little bit. There's also, there's also Keto, which is an identity thing.
I'm going through my, my tab. Oh, Keat, Keat, Keat under bar I O, embrace your digital sovereignty with Keat identities. I'm, I'm curious about that. And I hope these guys are involved with that because they just followed, followed threads. But anyway but I'm curious about that because I think we need.
Disposable identities, and that's just one of the things I'm curious about.
Jonathan: Yeah, to get into the identity side of this will be really interesting. I think there, I think there's places where it fits. But let's go ahead and I'll introduce the guys. So we've got, we've got Paolo Arduino. Not Arduino, but Ardoino.
And he is the co founder and chief strategy officer of Hole Punch. And we also have Matthias Busmasden, who is the CEO of Hole Punch. Have both of them with us together. Have some, some real high C level guys today. That's always fun. To both of you, welcome to the show. Thank you. Thank you. Thank you for having us.
Yeah. So where, where, where do we start? What is what's kind of the core here? Is it whole punch? Is it pair is whole punch? The company and pairs the software. What's kind of, how do these, these disparate pieces fit together?
Mathias: Well, we're very good at making up cool names. I think we'd like to use them all.
But basically, yeah, HolePunch is the company. It's, it's our it's a, it's a culmination of a lot of work, me and Paolo and and some other guys have been doing for the last 10 years in, in the, in the peer to peer space, making open source peer to peer software. And and scaling that and productionizing that and turning that into a real thing you can build applications on.
That's very powerful. I've been working on that for the last 15 years like basically my entire software career, because I'm very into, to to the things you just mentioned, like data sovereignty and, and and unstoppable apps and spreading data out. And, yeah, a couple of years ago me and Dr.
Paolo decided to get super serious about and start a company only focused on making peer to peer apps which we've been doing the last, um, couple of years, like I said, and, and, uh, Pairs, which is the Pair Runtime is, is, is a software stack made through this that's very good at running peer to peer apps.
And Keith, like you mentioned, is It's a chat application that's focused on data sovereignty and owning your own data and owning your own IDs and not having servers. That's built on top of that also. So it's all fits together. It's a lot of terms and a lot of technology, but at the end of the day, it's also just a very, very cool apps that we're we use every day and we run this technology in all kinds of places now.
And it's super exciting for us to work on.
Jonathan: Yeah. Yeah. So Pair is kind of that, that central runtime that makes everything work.
Mathias: Yeah, it's actually, it's pretty funny because it's called Pear because Paolo's Italian. He's a proud Italian and he kept, he we, I said peer and Paolo said peer, but he actually said pear.
And it turned into like a, it's a little bit, a little bit of a internal meme and it has a cool emoji. And then we kind of embraced it. I'm sure it'll go down in history as the best choice we've ever made. Cause it's really fun so I like pair to pair, yeah,
Doc: pair to pair is a, it's a homonym, you know, to say in English.
Yeah.
Mathias: It's also really easy to understand and it's a good fruit and and yeah, so, so we, we doubled down on that and so that we, our entire peer to peer stack is called Pears and just a bunch of small, very powerful software modules, all open source all on our, on our GitHub very battle tested that you can, you can get and build yeah, like consumer based applications that are very easy to use, but have to Power of peer to peer, which means that the data lives everywhere but nowhere and like no infrastructure cost and just very easy to use and build really powerful things.
Yeah.
Jonathan: So it is open source. I've got to I've got to tell you something. I spent some time on both holepunch. com and pairs. com and on neither of those sites did I find a link to your GitHub repository. I had to go Google for it to find it.
Mathias: Well, it's like one of those things when it was so obvious for us, we forgot, forgot to forget to mention it.
I guess we should get that fixed. Obviously it's just whole punched up too. I'm getting up. We had. I think we have 500, 600 repositories or something like that. We like making repositories all open source stuff. And on my GitHub, I have 1100 repos. I'm sure Paolo has 200 repos. So we definitely have a lot of stuff out there.
So you can start at one end and you can, you can take your time. Is that, is that because a lot of this is built on node. js where, you know, you famously have one line libraries.
Yeah, it's all, it's both me and Tyler are big believers of, of, of Node. js. But I do have, I think I have more than one line, more than one, one line of code.
So I'm a big fan of those. But I'm not sure everybody agrees on that one. But yeah.
Jonathan: So yeah. That's fun. Okay. So now what, how does this work when we talk peer to peer? Like what's the What's, what's the juice here? What is the juice that we're squeezing out of the pear? What, what do we do with peer to peer and what exactly do we mean by peer to peer?
Mathias: Well, it's like, you know, obviously there's many, many ways to look at this. I'm a nerd, big nerd, and I was very excited to talk to you guys because But one of the first times I can talk on a technical podcast so, you know, so for me, it's, it's obviously a very technical thing, but it's also future peers also about, you know, control.
It's about for some people about politics. It's also about, you know, just data sovereignty and things like that. I think it's kind of like reflects a huge part of society today, but on the technical level. It's one of those things that's really easy and also incredibly complicated. It's about connecting computers and having protocols where you can exchange data free of third parties with like, no trust in in each other, but like just trust in the data without having to use a bunch of servers that cost money or to have to sign up for things or pay subscriptions, because we, as long as we have computers, we have the computing power to do things.
It's a very, so like, it's a technical foundation. I think. You know, obviously you guys know BitTorrent, most people know BitTorrent, but I always wanted to, for me, like, the easiest way to sell understanding, it's something very technical, but at the end of the day, it just allows people to share content without central points and peer to peer is the generalization of that and one thing we've been very, I almost want to say obsessed by in the last many years is taking those ideas that are often just used for file sharing and then generalizing them a little bit more, making them a little bit more Modular so it can be used by, you know, developers who are used to just making using small modules like you do in the front and use react and whatever, just more things here and there, but with the same kind of power, so they can start building things without servers without having to be.
experts in anything. And just being, you know, normal developers without a PhD in decentralization. That's, that's basically what runs the, our technical influence. And that's, that's what it's all about for us.
Jonathan: I want to, I want to dig into the technical questions about this a bit more because it fascinates me.
I, you know, I spent, I spent years now fighting with networks and Nat and trying to make things work. But I want to, I want to bring Paolo into the conversation too. And I'm, I'm curious kind of what, what your angle is, which part of this problem did, are you working on?
Paolo: So I, I started coding at a really young age.
No, that's the only thing I could do back home. And, uh, I've been always a fan of you know, the work of Richard Stallman named Storwell's like Eric S. Raymond. And so to me I've been almost an activist when it comes to free software and and also free information. You know, I feel like when I was young in my, in my room, I was, you know, using the internet to access information and I was always, you know, over time become annoyed by the fact that the way internet was designed.
That was meant to be point to point and peer to peer was actually steered into a direction that today is, sees the vast majority of the information and the services being centralized across few powerful companies, I think, is losing its poetry, is losing its, you know, its power if we keep going towards that direction.
And the issues that, that, that direction is. is due to the fact that with centralization, and centralization is the only way for big companies to make money because they can retain the control over data, and that is actually not what humanity should try to go for. So also I've been a big enthusiast user of file sharing systems and developer on file sharing systems.
And I, you could follow the entire history of file sharing from Napster to, you know, Nutella, LimeWire, and all the others back to then ending with BitTorrent, as, as Mattias said, the, you know, all these iterations of file sharing systems had seen, you know, the first, you know, the, with Napster, everything was centralized, the index and the file sharing, the, you know, the connectivity across peers or across users was, you know, Was actually centralized and then over time, you know, they tried to make peer to peer the file sharing, but the indexes were centralized, like in LimeWire, for example, or Kazam, and then they realized that the only way to have really unstoppable hyperscalable infrastructure, file sharing infrastructure was BitTorrent with the DHT And with with a whole bunch of technique, all punching techniques to do the peer to peer.
And so basically the almost the simple idea that Matias, myself had was why, why we don't build on the similar foundations. We take, you know, this great technology that powered the most impressive file sharing network, but we adapted not only to file sharing, but for two real time data streams. So, you know, audio video.
You know, chat, but also services, right? So why we cannot reuse the same techniques? Also to build services that today you know they are built as client servers and but in the future they you know you can have a more peer to peer style service where you know you can almost every component of the infrastructure is equipotent and that is kind of exciting in a way because it makes the You know, the system much more resilient.
You know, I, I don't sleep at night thinking that entire governments work and use WhatsApp to coordinate themselves. Right. What if, you know, do you have all the connectivity to WhatsApp dropped? Mm-Hmm. , if you, you know, I'm Italian as, as Mattia said, if, you know, if I live in Rome and my family is in Rome, every, and I use WhatsApp, every single data packet that I send.
To my family's child goes through Frankfurt. So a few thousand kilometers up North, just to go back South for two and 2000 kilometers. So that is enormous waste of money of internet infrastructure. That is, it's quite stupid if I have to say so. So I think we, as humans are trying to go to Mars and we should know better that the way to, you know, the, the internet protocols are built to route and the best.
With a, you know, smaller number of hops and to achieve the best latency possible. And yet we keep on building and building, you know, network and internet infrastructure that is useless because we are trying to force data packets to do Longest distances when it's not necessary for most of the time. Yeah, that's interesting.
Jonathan: It's something I've thought quite a bit about. I too am watching the SpaceX and their quest to go to Mars. And it's interesting you say that, because a lot of the assumptions we make about networking and the Internet itself will just completely break down when you try to connect two planets together.
The lag times are too long. So that's, that's a, that's a fascinating thought to me. You mentioned BitTorrent and I saw in your bio that DHT distributed hash tables is something that you've worked on. I find it real fascinating that you've taken obviously inspiration from the way BitTorrent works.
Is there, is there actual like code sharing or, or technology sharing? Are you using some of the same actual techniques to be able to connect people?
Mathias: Well, I worked a fair bit on BitTorrent also in the past, just actually implementing BitTorrent and I find it to be a fascinating protocol because it's one of those protocols for me that's It's simple enough that somebody with enough passion can sit down and just do it by themself.
It's a very open community. I remember when I did it, I came in, like, with no background and I just emailed the spec offers because they're, like, these open specs. And they replied because they're just nice people. And I got very inspired and I just started hacking. And. It's complicated, but it's not that complicated.
And so, that was, that was, especially that last part was a huge inspiration for me as a developer. That you can make things that are inherently, you know, these teams are pretty complicated, but at the day, not that much once you start understanding them. Some very important foundational pieces and Pittorovich is very, very good at, at reading that.
So we obviously took a lot of inspiration from that. And The hard thing with a lot of these networks, especially , is that they're, they're made for a different time. It's very, it's made for very static things. It's made for a static file sharing. It's made for not sharing actually that much content.
In today's world, it's like if you share more than a bunch of gigabytes, the chunking and stuff, it's a little bit inefficient in BitTorrent due to the way it's structured. But that's why it gets its simplicity. So we took a lot of those ideas and we'd like, okay, what about we. We take some of the stuff that's come out since then, there's been a lot of breakthroughs and also patent releases and and elliptic, elliptic curve signatures and all this stuff apply those modern kind of things to the structures, make sure that it's like dynamic from the get go so you can build variable size structures that can grow with the same contrast, take the Same good ideas from the DHTs.
We, we use the same underlying routing protocol, Kadimlia. I'm getting very technical but that's, that's a very foundational piece that's been iterated on a ton for, to make it more secure, take those ideas and then And I think this is one of the things that I thought about the most, it's kind of like, and then make it fit to today's networks.
Like you said before, you're, you're, you're, you're finding your router and your net. I remember when I started using computers and I was a kid and we played I think it was command and conquer and one of those games, right? And you could actually connect to each other and play it online because we didn't have these crazy, crazy firewalls.
And now we don't just have firewalls and maps. We have like. Three or four layers between us and our ISPs because that's how the internet evolved due to IP exhaustion and things like that. So, like, those things never work anymore. But there's been a ton of breakthroughs in how you can actually connect computers still with modern hole punching techniques.
We started a lot of that and applied all those things. So our hole punching is very, very good. So we can actually connect people because we're using just a lot of modern things for that. Which BitTorrent could never do because it's just kind of stuck in that old way of thinking now it only kind of runs on servers, unfortunately, because of the nets.
So it's kind of like, I always think of it like, it's kind of like BitTorrent 2. 0 in that way, where we take the foundational pieces, we upgrade them to the modern world, and then we don't couple them to file sharing, we make, we make them work in the more essence of the ideas, and then we build. We build databases on top and we build file sharing systems still, obviously, because it's important, but like, especially databases, I think it's super important for somebody to start making things like chat applications.
Me and Paolo have done a ton of work on just, you know, sharing tons of data internally for organizations and things like that, which I think is super important. It's a far more interesting idea in the longer term than those files you've written. Boy,
Doc: there's so many questions in there. They seem to be overlapping and relating and first Paolo, I'm totally in sync with, with where you're coming from on, on, on fighting centralization of everything.
And, uh, and I know Salman and, and, and Raymond from way back and was very involved in promulgating their thinking and all that. I'm wondering, I mean, we, we live in a world now, I mean, even though the TCPIP under undergirds everything and, and at the same time, people think in terms of services, they think in terms of what giants can do, they think in terms of giant platforms.
And I, I, I, I could almost hear my, in my head, somebody saying, so what's the platform for P2P, you know, for, for peer to peer and to tell you, Oh, you're your own platform. Well, how can it be my own platform? And people don't even know they've got one of those. sitting on their desk. And it's because and I've said this often enough, pushback on it, but I don't think it's wrong, that for some reason we decided on client server as an architecture back in 25, 30 years ago, when Client server is a synonym, it's a euphemism for slave master.
So we're always the slaves and and that's I mean We've also called a calf cow because you're always the calf and you go to to the cow, you know for milk and cookies HTTP and cookies, but HTTP itself is also Essentially peer to peer. So I mean, I mean it looks at a server over there, but you don't have to be a client of that You're just exchanging files.
You're looking at a file and And And, and I'm wondering, so where that goes for me is toward who's using this now and what are they using it for you must have, I don't even know if there's a business in here or not, or if you're, I imagine you guys make money somehow, but I, I've known too many geeks for too long to know that there's, there's no one way that everybody does it other than writing code and getting paid for it.
So, so I'm wondering What does adoption look like now and where do you see it going? Because I'd love to, I'd love to sell that to people. I'd love to get, you know, people involved in it in addition to wanting to use it myself.
Paolo: So first of all, I think that just building on what you said, there is there, there should be, and it's kind of a worrying for me that in, in universities the only pattern that has been told, Is the client server model, right?
So it's, it's almost, they teach you, Oh, you should open an AWS account or Google cloud account install, you know, NGINX there and run some websites it's that, that you, you don't, you don't, you are not trained to think that what you have in your pocket that is, you know, a smartphone is probably much more powerful than the average server of 10 years ago.
And and same for your laptop or home computer. So that's something that hopefully it will change. When it comes to the business model, I mean Mattia said, you know, we have hundreds of open source repositories with really cool stuff with that, that starts from networking and solving all the networking problems of whole bunch to cryptography.
And and et cetera, data structures, you know, app hypercores and hyper bees are are really good data structures. Hypercores are up and only logs and hyper bees are basically binary trees built on hypercores and all this stuff is open source. So. We are quite lucky as a, as a company because we, we are backed by an important company from the cryptocurrency sector.
It's called Tether. So we honestly, our interest on making money at this stage is extremely high. Relatively low. We believe that is much more important for this technology to be adopted. I don't think we have much time before the centralization and the doors of centralization close up on on on everyone.
We are seeing maybe it's true or not. You might have seen what happened in Europe with that leak of, potential interest from European regulators in clamping down on peer to peer technology we use for communication and file sharing. It's unfortunately, it's something that we see, we see happening more and more.
We see, I feel like we are going to face challenges for companies that are helping people to retain control over their own data like it was a criminal offense. And so I think for that reason, we want to prioritize the adoption and the open sourceness of this technology compared to how we can make money out of it.
Because I feel like if you're trying to squeeze a way to make money on a protocol or, or on anything, you end up in creating control patterns for such protocol. So. The only way to have something that is truly unstoppable, that is resistant to the wrath of God is to let it be free. Then you as a company can think about how you can build services on top of it and the paid services.
That's fine, right? So creating a business is fine, but the underlying, the entirety of the underlying technology. Should be open should be free and that is what we are focusing on heat is the first biggest example of a product that we were able to build that is a peer to peer video chat text chat. You know it's great is getting adoption is getting users and is a showcase.
of the fact that peer to peer technology, that it can be user friendly as the client server model, just you have to start with the right infrastructure, the right, you know, technological infrastructure, and that's why Peer on Time was built, to give the, to create the foundations for anyone, any developer to, to build on, or to have almost like And Node.
js and NPM solution that would give you the primitives to connect to other peers in a peer to peer way, right? It's almost like a nice wrapping, nice scaffolding, a nice bootstrap system for you to build and start Node. js style to build. To build applications that are natively peer to peer and our main concept and also the choice of Javascript as the main language was that Javascript is the most used or seems to be the most used programming language in the world.
So what we wanted to do? With this feeling that there is not much time before the close, the doors of centralizations are closing on us. We wanted to use this platform and parent time fully open source and give it to the world and and and have many developers joining us because we feel like if we are, we can organize hordes of web developers that can build on parent time and build peer to peer applications.
We can kind of reverse. The push, the forces towards centralization, towards storing everything on centralized systems.
Doc: So, I have a couple of thoughts about all that. One is and this is actually something that came up in our, in our, at IAW, which is this Internet Identity Workshop that I help organize twice a year in Silicon Valley. And somebody just pointed this out, and it never really had occurred to me before, that On your computer, your desktop, the thing I'm talking to with now, I have, I have a unified data structure.
I've got a, I've got Unix directory paths all through that on my phone. I don't, I've got as many as there are apps and that the phone What the phone has done is helped centralize everything by telling people that they are in a different place with every one of those things and it's not theirs. It's not theirs.
This is Apple's. This is Google's. And at the same time, you know, I'm dealing with companies where they don't want to use say Word or just plain text of any kind. They want you to go on Google Docs and now you're, your, your document is living in, in, in a slave colony and inside of Google somewhere. And and I'm wondering how, so who, I haven't heard it yet exactly, who's using this so far?
What, what's your community where you're, obviously you guys are talking to each other using your own tools, right? But who else is doing this? And are they helping you develop it? I mean, are you, how big are the development teams that you've got going there and what are they doing?
Mathias: Well, like, first of all it's actually funny you mentioned that because having done all this open source for many years, we, so we're a company now, we are lucky that we can pay people to work on this, which is awesome.
That's that's obviously really important and all our recruitment came from our community, P2P community, because there's a lot of people very interested in fixing these things for the better. Very smart people. So it's actually been very easy for us to, to recruit through that because. The open source just makes it very easy.
And that's been part of it. And then you can also see that reflected in our apps. Like the, we have a pretty big decent sized early adapter community, I guess is the word it's a bunch of very, very people, which is, I think it's like very classic for decentralization she ever been in. And there's a lot of obviously a big Bitcoin crowd because there's a lot of people coming in from that.
There's a lot of people just very interested in decentralization for social reasons, people living off the grid. Also just a bunch of, I don't know, the acceptable term for it, but I'm gonna say normies, you know, like people who just are interested in, interested in technology. And I have worked on many open source things in the past, and there's a lot of interesting people in open source, especially.
But when I'm on the chat apps on this research session, the mix of people, it's very interesting to me because it's just very, very varied, but everybody comes in with because it's really adapted to a strong agenda for, I think, Not liking the status quo, I guess, in terms of like how these apps operate and thinking about data sovereignty a lot.
And I think what you're saying there is very interesting because your phone wants you to be a consumer. That's what, that's what they always wanted you to do. Like, it's very hard to produce on the phones. I think peer to peer obviously can't solve the fundamental limitations of the phone because that's the people who build it.
But it can put your data that you consume and produce on your phones in shareable formats that other apps can import and share with each other because that's what they do. P2P at a data level is all about. It's all about making sure protocols are, are, you know, clearly defined and open and consumable, like the data is the protocol, basically.
So when you make P2P databases, it's not like you're talking to a server, you're reading the data and interpreting the data. So it's very important that you have these things specked out. And I think that's super important for, for data sovereignty. We always talk about these things when we talk about this with our people about, you know, Do you actually own any of your profiles you have online?
If you're very popular on Twitter, for example, like who owns that profile, like Twitter can, can choose to mute you or shut you down if they want to. And it doesn't matter if you have a million followers, 2 million followers, you actually don't really own it because. You're just a guest in their system and they, um, can change the rules or whatever they want at any time.
But if it's in a peer to peer system, you own that data and you sign that data and you can take that data with you elsewhere and you can take your, cause the, the, the apps are more of a view of your data. And I think that's, that's super important for these kinds of things. And especially for this. Ad siloing that I think you're referring to also I want to jump back in we got a question from the from the back chat from the live audience a harebrain Asks, so what's wrong with signal or the half dozen other options that use that protocol?
Jonathan: I don't think there's anything wrong with any of them Signal is a great they always try to solve very specific problems I think you know, I actually often get asked this also in p2p because people just tend to think it's It's one thing, right? Signal is a great app. I use Signal all the time. But it suffers from some of the same things that centralization software suffers from, which is cost.
Mathias: Cost is just really hard to solve. There was an article out recently about just Signal having to raise money to run it it's a non profit, they cost them tens of millions of dollars every year and not profit, just like money they have to pay to run it. Which means that the more popular they get, the more they have to pay.
They're not making money because they don't want to because it's signal, that's awesome. But still, you know, the bill has to be paid somehow. You see, you see this on Wikipedia also, like, you know, the banner on Wikipedia gets bigger every year, right?
That's not because they're, that's not because they're greedy or because, Oh my God, Wikipedia is terrible. It's because things cost money. And peer to peer when, when, when done at a very advanced technical level, luckily we don't bubble it up, doesn't cost anything. It's inherently harder to build that foundational piece, which we call pair runtime, that requires, you know, like I said, we put 10 years into this.
Jonathan: Yeah.
Mathias: But that solves the cost problem, and that's what we're all about. So we want to, you know, like Paolo said earlier, we're not here to, To make a profit tomorrow, but if we roll up tomorrow and keyed our app had a billion users We wouldn't be sweating either because the cost is not on us It's just on the network growing and we don't have a token or anything like that It's just because of these protocols the way they do it.
And I think that's super important for anything That's going to last the test of time. And there's plenty of space for all of these approaches, but for us, that's super important. So we can actually make apps that, that, that can build some advanced features that can compete because there's no cost.
Jonathan: Yeah. So let's, oh, go ahead. Yeah.
Paolo: On signal. I mean, I really like signal as well. The, the, the solution it's an issue that they have is. That if tomorrow there is we live in a world that is getting crazier and crazier, and if they ban signal IP addresses of the servers, no one can talk on signal. So it's super attackable from that point of view.
Not everyone is lucky to live in a country that is democratic in a way. So I think the, The way I would describe it is the I feel most of the time we as developers design applications and services that are built for the best case scenario, rather than the way I see it is that whole bunch and parent time and it, for example, are built for the worst case scenario.
Right? So what if. You know what we have been used to start failing how we can communicating
Jonathan: yeah, so Let's just good follow up. I think to that. You have you have the keat Peer to peer chat app, but you also have Keet. io, which is the website that you go to. Does Keet the app live on if Keet. io goes down?
Mathias: Oh, yeah, yeah, the website is just a static page where you can get to the app. Simple as that.
Paolo: So how I think, Matthias, you should explain how actually Keet is being distributed. Keet updates are distributed through Keet. Yeah, exactly. Go ahead.
Jonathan: Yeah, I very much wanted to get into this.
Mathias: Yeah, so it's, it's, it's, it's, so we built Pair Runtime, which is the foundational piece on Pair Runtime.
So we distribute updates to the thing itself through, through itself. It's kind of mind bending. But that's really, really important for executive thing you're saying. So we don't, we don't run any servers of any design, other than like we need to keep the website up. The website is just a static page.
But all the updates. To the software. Once you get that first installer, but you could get that from a friend if you trust them. They're just. Bootstrap into a network and you start exchanging these updates between peers. That's super important, obviously, because that's how we can make this installable future.
It's also how, you know, if just for efficiency reasons, if we, if, if we release an update, then in the office, it spreads out for the office instead of having to go to like a bunch of servers. Right. So it's pretty fast and propagating.
Jonathan: Yeah.
Mathias: So the, the, the app itself is distributed through the app itself.
Updates from the app is on the network. It's all like I said, it's a multi sig, like multi signature structure that is signed by, by, by three out of five people in our company for, for security reasons. That's all, that's all public. So it's, it's, it's, it's, it's a V and it's through the same technology and you can download it and you can, you can audit that.
That the hashes are the same and the signatures match and stuff like that. But that's, that's super important for us. And it's one of those things. Once we started doing that, we do that for all apps. We build, it always seems very legacy.
Jonathan: I may have had the wrong idea then I expected Keap to be something that you would run in the browser, but it sounds more like it's a, it's a downloadable binary.
Mathias: It's a downloadable binary. And like I've been on many rants and many podcasts about browsers today, because I think browsers really lost, they really lost the ball. I mean, On on on breaking this trend. I mean it kind of makes sense not To get too into it, but like, you know browsers are built by big companies with lots of stakes and having people go to certain websites browsers You know, are what the name suggests.
They're good for browsing. They're not very good for making this kind of content. So, so we we made a completely different runtime, which obviously has a lot of harder adoptions and things because the browser is really good for adoption because it's easy. But we, we, we made this bet initially that we want to make something that's like, can stand the test of time and the wrath of God and browsers are not going to do that.
And so there's no servers. It's all just. Interdata networks that you can get from, you can get the bootstrap from our website.
Jonathan: How, when, when someone starts, and again, we'll just take keep, because this is, this is the one, the one example, that's easy to kind of talk about when someone installs it for the first time.
So let's say you, you got the binary on a flash drive from a friend, you install it. How does it discover the rest of the network without there being a centralized server to talk to first?
Mathias: It's the same way Spector does it and so first of all, the installer is really small. So if you go to the website, you'll notice that the installer is tiny.
It's like, it's like eight megabytes or something. Because all that is, is like a script, a JavaScript script that's can bootstrap itself to get it on the network. It contacts the DHT. Obviously to contact the DHT, these nodes, know some nodes in the DHT, but and we're always working on making that more resilient.
But right, that's obviously a list of nodes hard coded in there that is like, you know, known to be up since last time. But you just need to know one. That's all. When you join a key chat, you get this link. We can embed some more nodes in that one. That's what BitTorrent does also. The cool thing about these T's is that it's not like you need to talk to one server.
You just need to know, talk to one of them, and then the account unravels from there. So it's really hard to push down because there's no security involved in that. The security is elsewhere. So it's a pretty powerful technique, and we're always making that more resilient. But yeah, it's a bootstrap for the DST, finds some peers, pulls in the data, verifies it, All with a nice user experience, because that's really important for us that the user who, who who uses these apps shouldn't really know that they're using peer to peer apps that you just want to use apps, right?
So, so, yeah, super important.
Jonathan: Does, does IPv6 help with this? I, I saw a I saw a company that was apparently selling they're selling VPN access to static IPv6 addresses to be able to give people the ability to self host things. And I, I kind of, I kind of boggled at that because that's a really interesting idea.
But then we come and we talk about this and it seems like, well, IPv6 might might make a lot of these things at least easier to manage again.
Mathias: Well, it's definitely easier. I think it's, this is a complex subject. And I love that you bring it up because I love to talk about IPs. But First of all, IPv6 doesn't mean you don't have a firewall.
Like, you know, your ISP still will block it. You still need to do hole punching. It just means that the hole punching is easier,
Jonathan: which
Mathias: is obviously nice. There's this very interesting trend I've been following IPv6 for a while because as IPv6 adoption has increased, we started releasing more and more IPv4 addresses, which means that the IPv4 adoption has kind of gone up.
Jonathan: Yes.
Mathias: And I, and I think if you look at the trend now, the trend is very scary because the trend is like the IPv6 one is going a little bit like this because it's kind of like. Yeah, it's just
Jonathan: supply and demand.
Mathias: Yeah, exactly. So IPv4 is not going away anytime soon. I think the interesting thing that makes that easier is that it's very geographically skewed.
Like if you're in India, almost everything is IPv6. But if you're in Denmark, there's like six times as many IPv4 addresses that there are people. So, so it really depends on where you are. Go ahead. IPv6, so short answer IPv6 makes it easier, but not, not, not that much, honestly.
Jonathan: Yeah, I, I've, I've
Mathias: IPv4 and load function is not that hard.
Sorry. True.
Jonathan: I've, I've kind of found, I've just recently got a, a secondary ISP that gave me IPv6 addresses, and it kind of, it, it was kind of, it was very odd, let me put it that way, because To call up the ISP or even where my server is hosted, call up my, my ISP there, my server ISP, say, Hey, I would like to get some IPv6 addresses and to get by both of these places.
No, we're not doing IPv6 yet. Yeah. Really? Yeah. And 2024 and by what we doing. Yeah. And, and now with the ones that will gimme IPV six, they hand 'em out. But it's like there's no, there's no mechanism to try to get those set statically to be able to host something there. It's, it's odd. It's such a, the IPV six rollout is so weird.
It is very weird.
Mathias: But it's like, it's almost like they don't want you to host things. Right. I think that would, I would say that is like, it's not in their interest for having you host things. So, but yeah. Whole punching all the way.
Doc: Yeah, that's, that's really interesting. Do you think that might be part of it that they just don't want you to, to host things?
It makes sense. I hadn't thought of that before, but it does make sense. I
Mathias: mean, I think there's no upside for them to do that. I think the addressing makes it easier. And that's why they would all, you know, all the equipment you get from your ISP is always very locked down in this sense. They probably also scared of file sharing to a large degree.
But luckily, like, you know, you can get around all that stuff pretty easily with protocols these days. So that's awesome. I also suspect that your ISP is the ones that do, that are, that have somebody that knows what they're doing enough to be able to give you good IPv6 and static IP addresses. They're going to want to upsell you to a business account for you to be able to host things.
Doc: Doc, do you have some other questions you want to jump in with? It's well, these are just some things that occurred to me as I'm listening to you guys. What is the browsers? I, and I wrote this down, browsers are slave bracelets, they're slave bracelets you wear that kind of give you permission to go to lots of different castles, you know, I mean including ones you make for yourselves.
This is a little castle right here, it's Jonathan's castle, but but I think that's how people see it right now. I think they, you know, the browser is something that gets you to lots of other places that are not yours. you have this sort of illusion that the file that you have on your desk is yours for now.
Even, even this thing about personal data, what is personal data? I mean, if you, you, you buy a ticket to, you buy a ticket to the concert, it's your ticket, but it's their ticket too, right? It's permission to get in there. It's co owned. Who owns it? There's mean, right now I'm working on a on a standard for, for basically it's peer to peer contracts.
In other words, we don't, we don't agree to your terms on the browser. You know, you go to a new site and you want to, it tells you to agree to their terms. No, no, you agree to ours. And here's how we proffer those. It's called P7012. It's an IEEE standard if it happens. We were trying to finish it today after seven years, but it's you know, whether this gets implemented or not, I don't know.
I mean, I think you need a community of people that start using it, but we're pretty close with the people at WordPress and WordPress has like a third of the, of all the sites in the world. A lot of those are of no consequence, I suppose, but they're also not busy tracking it. They don't want to track you.
So. If you don't want to be tracked and you have a contract that says I don't want to be tracked, that's another thing. But I'm wondering how that works in a peer to peer way. It could be that maybe the way two peers begin a ceremony of, of acquaintance is, I agree to these terms, you know, I agree to your terms and I'm not going to share this with anybody else, for example.
Or that, I think it's, I think it's, I think, I guess it's a little key, you say embrace your digital identity with key identities. And so I'm wondering a bit about the identity side of this. Tell us about that identity thing you've got going and, and, and how that works. Cause I'm, I'm looking at that.
That's not key. It's I'm clicking on links here. I think it's, I think it's, I guess it's still key because you say embrace your digital identity with key identities. Yeah. What is a key identity and how do I get one or where do I use it?
Mathias: Well for us and I would probably add his five cents because you have to go soon but for us, It only starts at a cryptographic identifier, basically, right?
Because it has to be something that you can prove that you own and nobody else can prove. And then, so that's, that's the very, the very one liner answer for us is that it's a crypt, it's a key pair. And we have that's the, the thing you can, if you want to, in Keed, you can make a, make a key pair and that's, that's used to, Identify yourself across things as something you own.
And we have this whole duration protocol where we derive different ones for different things. But then also it's, it's about, you know, building a social stake in that identity. I think it's kind of like having a key pair is maybe not that interesting, but having a key pair that, you know, is me is super interesting for me in other cases, because that means that I can use that as my, Proof on other sides to log in as myself, as they follow the same standards as we do.
So I think it's very social also in that sense. It's like, it's a very technical problem, but it has to be something where you build up a bunch of social things. It's a social key pair, basically.
Doc: It's a social key
Mathias: pair. It also has to be opt in private. In that sense, what I mean is that, You shouldn't have to reveal your identity always you have to you have to have the right to Be in a chat and then be an anonymous person and then afterwards technically be able to say actually that was me Like kind of like the mean way to take off the hat And that's something we build in also.
So that's that's that's that's very Close to our heart for identities and I think just to touch on your thing on on on the terms I think peer to peer is actually really Close to what you're describing, because in peer to peer, there's no compute because compute happens everywhere. So you have to agree on like, what's the computer engine we're doing, which is like saying, what's the, the contract of which we're writing the rules of the chat with, and that's kind of like what you agree on normally in a peer to peer system upfront saying, well, I'm running this engine, I'm running this engine.
Okay, cool. So now we can chat because we're producing the same code. So it's kind of like, you're, you're kind of like putting that into a technology, technology. This gets me to
Doc: another question and maybe I could be really brief with it. Do we need a whole new compute engine? And I'm thinking actually of even a portable one, one that we carry around with us, like we carry a wallet or a phone.
Like basically the phones are lost to us. All right. The phones belong to Apple and Google and, and there, and every app that's on it and all of those are tied into Apple or Google and even Signal. They're all tied in. But what if we had one that's truly ours? It's just ours. It's my, I mean, like the wallet in my pocket is mine.
It doesn't matter whether Gucci made it or somebody else made it. It's mine once I bought it or once I've acquired it. And I don't have a slave bracelet. I just have this thing that I can select it. I can selectively disclose to other parties, whatever I want on terms that are agreeable to both of us.
And we sort of start with a new platform, but a platform that's actually a device. A compute, you know, a new compute box, but it's portable and maybe it's based on, maybe it runs Android, doesn't matter, you know, if Android is truly ours still in some level. I don't know if you thought about that.
Paolo: So I'm a big fan of of also pine 64.
I'm not sure if you tried their Linux phone. I also been following purism delivering phones as well. I have this hope that Linux phones will be possible in the future. Unfortunately, the amount of money invested in making Linux phones. Is negligible compared to the investments in well Android.
You can still claim it. That is you have a OSP, right? That is the Android platform. That's still based on on Linux. And you know, you can see that it can become really good. I'm a big fan of graphene OS. That you know, that's a Google eyes, you know, version of Android. So the definitely think is possible to, to have a proper version and a good phone that is vanilla Android or vanilla.
Well, vanilla Linux is trickier because, you know, it's all the user interfaces are not as as good as with Android. Honestly. I tried with Mobian and PostMarketOS and so many others, but that's, they will never, they, well, they will never is not a good answer, but it's, it's years behind OSP in my opinion.
But definitely our, the, the beauty of of pair runtime and kit is eventually you can, you can start building your web of trust. That is made by people and applications, right? The concept of better web of grass is super fascinating. It's basically, it's almost like the, the, the ability of, you know, what search engines use in order to rank content.
You can run people through connections. And that's something that we are looking into with Keith, right? When, as soon as you start building your social graph, you have different levels of undirection to contact people and that, and, you know, you have different weights for people based on your interactions and it's all local information.
You don't need to share. You don't need help to build your social graph. From a server or from meta, right? It's all local. It's all local data structures. And plus on the identity, I think the thing that really I like of what we achieve with the identity is that first of all, it's definitely opt in. But the way we design it is that you use the same Logic, the same concept of the bit 39 that that Bitcoin uses.
So now you can generate your identity starting from 24 words like in Bitcoin, so that with, you know, you can see with Bitcoin that you can travel across countries, you cross borders, and you can recover all your personal wealth that you have in Bitcoin just with 24 words. And we wanted to apply the same concept here with with key identities so that with 24 words, you can restore your identity, you can access to your entire digital life through 24 words.
I think is, is just a way to, or is a good way to give people a sense of freedom because we, 24 words, you can, you can access money and, and the freedom of speech altogether.
Jonathan: So I, I'm curious, you know, we talk about this idea of using it mobile. What, what does it look like using the pair runtime and Keat in particular on mobile?
Are there Android and iOS apps and are they fully featured or did we have to make compromises to be able to get it there?
Mathias: So no, it's actually, it's JavaScript because it's the lingua, lingua franca of, of modern development actually makes it easy. We run almost exactly the same code on the phone as we do on the desktop app for the peer to peer because peer to peer doesn't care where it runs.
That was really hard, but the runtime which is a JavaScript engine can pass everywhere. And so Qt itself is, it's actually. It's a fully featured app on the phone and has the same amount of features on the desktop because it's the same app. It's a peer to peer app at the non UI level.
Obviously, the UI is different and the only down, the only compromises you have to do on the phone is. Obviously the phone it's actually very Frustrating to me as a peer to peer developer because you have your phone with you always but you know The that always turns it off all the time So you're you're even though you have your device with you the apps are suspended more and you need to think about that a little More.
Yeah, that's something we we solved in the runtime. So it's It's not sitting there in the background using tons of battery and stuff like that. It's very, very friendly.
Jonathan: Can you do the, the update pushes through the, through the network? So I guess the question there is do Apple and Google let you self modify your own apps?
Or is that something that they will block you out
Mathias: for? Like, like, Like we talked about before, you're in a, you don't own your phone. You're borrowing from Apple, Google. So you have to follow the guidelines obviously, but within the guidelines, you can actually do a lot. That's like fine. It's kind of like, it's very equivalent.
If you know about, you know, people make apps with, with their views, where they load a remote thing, as long as you don't change the app, like you're not allowed to. That's like this is my pit camp and then turn it into a casino, for example without going through the app store. So you have to follow the rules and you have to follow, like, if this is a significant upgrade, you have to get them to approve it.
But anything else you can do over the air for the same P2P engine as you want to with, with, with a few constraints, but like, so it's actually pretty, pretty powerful. And I think it's one of those things where I think. I do think I'll relax this also more in the future because that's a little bit where some of the stuff is going where you can do more and more this way with the custom app stores in the future, but it's, it's it's really dang powerful and I'm surprised that not more apps are doing it.
Well, I'm not surprised because it was really, really, really hard to get it working. But but but once it's working, it was not that bad.
Jonathan: Yeah, all right. So we are getting close to the end of our hour before we let you go I do want to ask about the involvement of tether and I think you touched on this earlier Tether is a cryptocurrency company, aren't they?
How does that how does that piece fit in?
Paolo: Well Well, I'm the CEO of Tether. So
so for me, this is a life work and life passion. And so we have been extremely successful with Tether. And one of the good things about when you are successful, you should learn about giving back and invest in infrastructure that made What we did with tether possible, right? Without Bitcoin, there would not be tether.
Without many of the cryptographic primitives that were built over by the cypherpunk movement, Bitcoin would not be possible. So I think for us, we, when I think about tether we build products that disintermediate people, the problem with disintermediation, well, disintermediation is possible. It was,
00:00
-00:00