Saturday, December 18, 2021

I Can't Believe It's not Buddhism: My Week Long Journey through Silent Mindfulness

Being the CEO of a technology company in the Cryptocurrency space is a brutal affair. There is really nothing like the 24/7 blast of information, scandals, new protocols, concepts ranging from NFTs and the metaverse to a constantly changing landscape. I’ve been in the industry for almost a decade and helped launch 4 ventures. IOG is the company that stuck for me and it has grown to nearly 600 people across more than 50 countries- not counting all the associations and vendors that we regularly engage. 

This journey has left its mark on me physically and mentally. Unfortunately, the culture of startups is about progress at any personal cost. Thus, one gains weight, finds burnout a constant concern, and can’t take time off. Compound this culture with the cryptocurrency moonboy, “what have you done for me lately?”, attitude and you’re off to a damaging lifestyle. Nothing is ever good enough. No accomplishment or launch ever matters. It’s always, “what’s next, what’s better, now coin X is better.”

Projects like Cardano were and still are the antithesis of this mentality. We’ve always chosen a systematic, patient, and refined process that moves publication by publication, release by release instead of chasing hype and the latest cycle. Our view is that these protocols will be as ubiquitous as the internet and be used by billions. This scale of adoption will take years to decades, not weeks to months, and won’t be a meme. Ultimately it’s the long game that matters. 

The challenge for me as the leader of IOG is answering how do I find clarity, peace, and strength in the chaos? How does one pace himself, not burn out, and converge to a healthy lifestyle in the office and at home? Furthermore, how does this pursuit become an institutional culture thus competitive strength?

I’ve spent quite some time reflecting upon these questions and we’ve been exploring different candidate solutions, but the most meaningful to me was the idea of building a mindfulness practice. For those who aren’t familiar with the term or have heard it, but really didn’t go deeper, it’s simply the act of increasing awareness, detaching from the future and past, and living in the present moment. 

Dr. Jon Kabat Zinn has spent a lifetime building out the corpus and methodology behind mindfulness in a series of clinics, books, and academic research first starting at MIT and later the University of Massachusetts with his Mindfulness-Based Stress Reduction clinic started in 1979. The easiest way of understanding the approach is that it’s basically Buddhism without the metaphysical and mystical components alongside a peer-reviewed iterative approach to application.

One can find thousands of papers published over the last forty years exploring the topic and legitimatizing its clinical efficacy from the treatment of chronic stress to depression to managing the trauma of war and cancer. Also, it seems to be the perfect approach for aspiring and actual leaders to address the brutality of life and business while maintaining compassion, empathy, and the ability to focus. Thus, I said that I should do it!

I started by buying devices like the Muse, signing up for apps like Calm, listening to podcasts, and reading some books. Then I began committing some time- abet inconsistently- to the effort. It’s incredible how hard it is to find 15-30 minutes a day in this hectic, dopamine-addicted world. The time is there, but conjuring the daily willpower necessary to commit to ancillary concerns never seems to materialize.  

Thus I decided to do something dramatic. I wanted to resolve two concerns concurrently. First, I wanted to address my addiction to digital devices, constant news, social media, email, and slack. I’ve been glued by my phone checking messages for years, and it’s put me into an endless cycle of shallow work, more difficultly focusing, and a feeling that I’m going through life on autopilot. There are excellent books on this topic ranging from the Shallows to Deep Work.

Second, I wanted to move beyond an intellectual understanding of meditation- any way that engages in systematically regulating our attention and energy, thereby influencing and possibly transforming the quality of our experiences in the service of realizing the full range of our humanity and relationship to others and the world (what the hell does that mean?)- to an experiential and eventually embodiment of the act like what Matthieu Ricard has achieved over a lifetime of practice. So I signed up for a megadose of meditation by going to a week-long silent retreat in the mountains of Colorado.

I had no idea what to expect or what I’d experience, nor did I understand the level of commitment and rigor it would require; however, I set up a healthy environment to pursue it. I didn’t take any digital devices (including my phone), appointed our Chief of Staff as acting CEO during my time meditating, and chose the week before Christmas as most business concerns slow to a glacial pace. Hence, I felt it was possible to completely step away and not need to be in the loop.

I arrived last week Friday afternoon at the Shambala Mountain Center. It’s a remarkably peaceful and beautiful place covering several hundred acres tucked away in the Red Feather Lakes area. The trees, snow, wind, sun, stars, and nature have all seemed to conspire to create an ideal setting to relax and reflect upon life. 

The staff reflected the environment with a laid-back friendliness and grace that one could imagine a center like this attracts. I got checked into a small room that reminded me of the Apa Hotel chain in Japan for its size and efficiency of space and then meet with the two instructors Dawn and Janet. They went through the program, rules, and process. 

We start sharp every morning at 7:00 AM and end at 8:30 PM. Sitting meditation, walking meditation, guided practice, aimless wandering, compassion training, yoga, and lectures. On day two, the class goes silent. Really silent. No one talks to each other and everyone keeps modest eyes, which means you also don’t look at each other. 

I added two additional practices to help push me through. First, I’d get up every morning at 5ish AM and then go outside in the wind and snow to meditate in gym clothing- eventually shirtless. My thought process was that s it would be the hardest part of the day, so everything else should be downhill. Second, after day three, I started a water/tea fast. Thus, I wouldn’t eat for four days. The removal of anticipation of food and the consistency of energy from fasting would help me be in the moment.

Sounds easy? Surely a week sitting, walking, and doing yoga ought not to be too taxing? Well, it was the hardest thing I’ve ever done. The first lesson I rapidly learned was how out of touch with my body I’ve become. My joints, back, even walking gait started to seem alien. So much pain in different and sometimes new areas. Sitting upright for hours following my breath, each ring of the standing bell brought another wave of dread to fight a personal battle with my body.

Then the thought swarm came: my thinking, ruminations, daydreams, inner narrative. These things would override the pain of sitting and invade any sense of attempting to detach by following my breath. I was amazed at how they were there all along, but somehow muted by life’s constant distractions, yet had their subtle impact. An invasion of mindlessness.

So many activities are actually infested with the thought swarm, from walking in line to brushing your teeth. The mind refuses to allow boredom nor void of thought. Something must narrate. Something has to shout. We’ve all experienced this inner dialogue, but a silent retreat forces you to move in with the swarm, have tea with them, and realize how batshit crazy they really are.   

Feel the breath enter the nose and follow it to the lungs, slowly exhale - REMEMBER CES IS COMING IN A FEW WEEKS IN VEGAS….VEGAS IS GREAT….DOLPHINS TEAM UP AND KILL SHARKS….SHARKS HAVE TWO PENI….- wait! What am I doing? Start over. Breath in. Breath out. Breath in. Breath- I REALLY WANT TO READ THAT BOOK OF TREES I JUST GOT FROM LIMA…MY FAVORITE TREE IS THE WEEPING WILLOW….-Damn It! Breath in.

This dialogue is the thought swarm. It’s endless, relentless, and impossible to control. The best you can hope for is to treat it with a dispassionate observation like cars driving by on the road as you sit on the hill watching them. Then you experience the external world. 

I sat silently in a room with more than 20 people on an uncomfortable pillow. Nothing to do; nowhere to go. Every noise gets amplified. Every stretch, adjustment, cough, and breath becomes heard. Thus, the thought swarm will focus on them. Judgment then comes. The thoughts wander and wonder. One begins to notice so much from hygiene to sinus problems. Again, I must return to the breath.

I wish battling the thought swarm was the apex problem of mindfulness rather it’s the guard at the front door one must pass in order to enter the building. The thought swarm writes on water leaving chaotic ripples. 

Once you plunge into the depths of your mind, you find what’s been left there throughout the decades. Lost love, demons, hate, unresolved feelings, anger, the toxicity of greed, aversion, and delusion, scars, damaged ego, the mutilation of one’s soul from years of self-criticism, simply put, fucking terrifying stuff. Like Nightmare on Elm street terrifying. 

Keeping a mindful attitude helps one explore this layer. There are seven basic, interconnected concepts that keep returning like a protective suit throughout the week: non-judgment, patience, beginner’s mind, trust, non-striving, acceptance, and letting go. Yet this suit is self-assembled, batteries not included, and takes years if not decades to fully construct, Meanwhile, leaving the thought swarm on the surface, one is now faced with the horrors of the depths. 

The real impact is that I had panic attacks, nightmares, cried, re-lived old pains as if they were fresh, and experienced so much doubt. It was like a marathon of emotions and battles. Every day was unique. Every demon had different tricks. I was left drained, somewhat defeated, and mentally exhausted just four days into this endeavor. I couldn’t imagine completing it. I was absolutely miserable covered in open pisonic wounds.

Yet I somehow found the strength to continue thanks to the group setting and the curiosity of where the practice would take me- like a mental Dante descending deeper into hell. To my amazement, the tools of peaceful abiding, the right attitude, and the commitment itself started to create distance from the demons and swarm. 

They still exist, yet they seem to be in a menagerie instead of opponents to tackle. I found my emotions stabilizing thus the capacity to go deeper into myself. 

The basement I found (admittedly the stone could keep falling down the well, it’s hard to truly know bedrock in the mind) was a calm emptiness. A sort of meta-silence that simultaneously acknowledged the ripples in the water, but felt no reaction to them like a noble gas. It’s a void that transcends time, boredom, direction, or the need for meaning. Just peace. Pain is not a punishment. Pleasure is not a reward. The narrative is as meaningless as politics is to the Sun. You can watch your own inner world with a clarity that’s hard to describe.

Upon reflection, no wisdom has been gained so far. Just the ability to descend into the mind and see what’s there. The second half of mindfulness is to develop a mindset that directs the power of awareness towards some productive end. In particular, compassion for oneself and others alongside a self-institutionalization of daily awareness in all things. The ability to take what I found at bedrock and mix it into the experience of life. No past, no potential spectrum of futures, just the present with the ability to observe, reflect, and find beauty. 

Trying this mindset, I started to notice so much beauty and found a degree of patience that I’ve never been accustomed to. Sitting in the dining hall while others ate, I drank my tea and spent what felt like a small eternity examining the salt shaker on the table. I’ve seen and used thousands throughout my life as have you. But have you ever taken the time to explore its form? Look at the little holes clogged and open. The curves and salt within. The small world contained in that shell. How the salt sometimes settles like tiny sand dunes.

Compassion coupled with awareness gives you the ability to imagine the lives and struggles of others. The salt shaker had to be made. Those who fabricated it are just like us. They live. They breathe. They have wives and husbands. Daily tribulations and triumphs laced with hope and aspirations alongside despair and loss.

 How often have you wished them safety, happiness, health, and peace? A meaningless object suddenly becomes a thread showing us how interconnected humanity has become. Something that could tell a thousand stories.    

It seems to take a lifetime to open to this perspective and teaching it is like selling water by the river. It’s too personal and experiential to truly be captured in a textbook. Kabat-Zinn’s definition of meditation that I wrote above is something I’ve ruminated on for the last seven days and still leaves me puzzled in its vacuous precision. 

I suppose this bewilderment is somehow connected to the foundations of pursuing wisdom like the old Buddhist Koans (My favorite is As the roof was leaking, a Zen master told two monks to bring something to catch the water. One brought a tub; the other brought a basket. The first was severely reprimanded, the other highly praised). I learned that successful mindfulness practice combines these ruminations with meditation and reading, but I’m left without explicit guidance. 

Awareness in itself is the machine that produces the insight to find the right path. Thus one hopes that the way will organically show itself over time. But maybe I’m bringing a tub to the roof?

It was the most challenging week of my adult life. It was the most rewarding. Paradoxically, I learned so much and nothing. There was a great emptying of the mind, and the order that I’d carefully constructed has come undone.

I came to the mountains to find a way to eschew the stress of running a company. I left them with a path to let the stress live with the thought swarm and demons in a mental menagerie that I could observe but transcend reactions and feelings. In other words, I had the wrong expectations and goals. 

Non-striving, acceptance, letting goal, living in the moment and a focus on awareness seem to be on the surface a demotivation to do great things. Don’t all projects require the mindset of the future to come to life? And doesn’t the pursuit require pain and sacrifice to manifest?

Ironically, the awareness of the present and the ability to find beauty in all things somehow make the most meaningful goals possible. All things are a composition of investment of energy and effort from some system. Our capacity to take each moment and feel the pleasure and pain without attaching a narrative or deeper meaning translates to an ability to experience any possible moment regardless of its torment. The chain of these moments builds up to the goals that we set.  

Returning home, I felt a peace that I hadn’t known. I also felt newfound confidence to pursue even greater goals. Realistically a week cannot indoctrinate any mindset with permanence. But it can point the boat in a new direction and set the sails correctly. 

I wish everyone has a chance in life to take a week just to be aware. Take a week to dive into their minds and find the attitude necessary to take the present back. And find compassion where it is most needed- ourselves. 

Despite it being as silent as a monastery, the strangers I endured the retreat with somehow became friends. I felt joy for their success and sadness for their struggles. I miss the simplicity of a painful routine. I long for the ascetic labor of cultivating the soil for the seeds of wisdom to be planted and grown.

The final thought is one on love. There is a poem from Hafez that perfectly captures what mindfulness pursues: 

Even after all this time, the sun never says to the earth, 'You owe me.' Look what happens with a love like that. It lights the whole sky.

I hope the time I spent in the mountains will give me my moments back. And with them, work that can light the whole sky. 

Monday, July 2, 2018

Brief Lessons from Being a CEO in the Cryptocurrency Space

Professionally, I've been in the space since 2013 and almost all of that experience has been in some form of a leadership role (usually the CEO or director of something). After some reflections- thanks to my many long haul flights crossing either the Atlantic or the Pacific oceans-  I've decided to write down some thoughts on lessons I've learned.

The cryptocurrency space is an unusual animal in that it's not entirely a field of technology adhering to some leadership variant of a silicon valley startup or an established research group like DARPA. Rather it's an aggregation of a political movement, disgust of current systems, academic research, frustration over middlemen of necessity, a religion with cyperpunk roots, and a series of open source projects- I probably missed a few others.

Thus, one is left with contradictory leadership demands. For example, research is a slow, methodical process often laced with regressions and many alternative threads subject to strong opinions by brilliant, but somewhat difficult, people. Whereas the political and quasi-religious elements of the space demand sweeping statements, adherence to strict principles and a more emotional side that can sometimes bend facts in strange directions.

It's utterly unsatisfying to say it depends or suggest that decentralization might not be the best solution. One has to wrap this up in prose, obfuscated arguments or some other method (from Bitcoin to Burning Man is one such example). Yet, in practice, we all seem to converge to this pragmatism when building products and protocols. It's seldom said, but always felt that a large percentage of all cryptocurrency is held by third parties at exchanges or cloud wallets.

The point of our movement has been to develop better tools to identify when and how we can remove middlemen we don't want; not to blindly kill all middlemen for the sake of killing them. Centralization or federation can dramatically reduce costs, improve efficiency and sometimes is necessary to improve privacy.

For example, Lastpass provides a great solution for me to manage my many, many password, but doesn't actually have access to my passwords. I'm sure such a solution could be decentralized, but I don't see a point. Replicating an encrypted dataset, which I could already store locally anyway doesn't improve my security. It just seems to drive up costs and reduce user experience.

And frankly there are hundreds more examples. Abstracting my point, it's not about decentralization; it's about control. People want more control over their data, identity, reputation, assets and commercial relationships. Decentralization is a tool that can be used- with other tools- to achieve these ends, but isn't an end in itself.

The political side of our movement touches a different thread that gets conflated in the discussion. There are many whom hold libertarian or anarchist philosophies. They view this technology as a way of fundamentally restructuring society. Yes control over data, money and identity being decentralized is nice, but the point is these things are stepping stones in gradually reducing the relevance and power in institutions these factions see as immoral or even dangerous.

This philosophy has nothing to do with running an open source project. This philosophy has nothing to do with building more resilient and better customer experiences for consumers of digital products and services, but it's bundled into the movement itself and the business requirements of many of the cryptocurrencies.

Therein lies the conflict we are facing in this space. CEOs are forced to either pick a side or wear masks as they travel from crowd to crowd. Either you're a decentralize everything fanatic or a blockchain advocate who's here for the technology. Or you publicly moderate with some winks and a I feel your pain smile.

I cannot see such things being sustainable long term. Protocols being biased to political ends seldom has a good outcome. It's almost a design by political committee. We've already seen the impact with Bitcoin's evolution where very sensible proposals couldn't gain traction and very sensible people were demonized, silenced or even driven out of the space.

Furthermore, this statement might surprise some, but it turns out that many of the brightest minds in the world disagree with the decentralize everything movement. They don't share libertarian or anarchistic ideology. Should we be so quick to dismiss their contributions with such zeal because they aren't in the club?

During my tenure as the CEO of IOHK, I've been fortunate enough to carve out a fairly diverse enclave of thought. Some of our employees are hardcore socialists. Some are conservatives. Some, like myself, are libertarians. But we share common goals in trying to understand the problems our space can actually solve.

A particular thread has been our quest to develop sustainable, secure and incentives reasonable proof of stake protocols. This effort has now spanned millions of dollars, a half dozen papers, peer review at Crypto, EuroCrypt and other venues as well as collaboration from people at more than ten institutions.

As one could imagine, there is a massive difference of opinion on where and how such a protocol ought to be deployed. Even the Hyperledger Fabric guys want to get a piece of the project. Yet the common goals are clear and non-philosophical. We have a series of real attacks that have been discovered by engineers, researchers and those who study incentives that need to be addressed from nothing at stake to the honest majority problem.

Questions like what incentive does one have to be in the honest majority and how should slot leader selection be decided are meta to the underlying model. They are specific to the deployment of the protocol and the realities of the users of the protocol. The team deploying the protocol has to make a choice that will ultimately determine the level of centralization and the economics of the system.

The point is that such things ought to be explicitly discussed. They shouldn't be embedded within the underlying design of the protocol and silently accepted by those who adopt it. It's perfectly ok to say we are ruled by a plutocracy if the users of the protocol accept that structure. It's not ok to say your protocol is decentralized, but then economic realities provide all but the richest and best connected from participating.

Thus my first major lesson has been to try to extract the politics and philosophy from the objectively scientific and engineering problems and then be honest about choices we have made in our particular deployments. I wish more projects and their leadership would be honest here. 500,000 transactions per second is not a revolutionary new capability. It's either an artifact of deceptive marketing or architectural choices leading to massive centralization and trust.

Second, I've learned that it's extremely important to clearly understand relationships and commitments as early as possible. The nature of our space is that we are scattered throughout the planet. Modern communication tools are incredibly good at keeping us all connected and informed, but they are useless for promoting empathy, building real relationships or proactively communicating implicit concerns.

With Ethereum, I spent a huge amount of time worrying about the legal structure and how the project was going to be lawfully funded. Only a handful of people were directly involved in this effort out of commonsense and expertise. This meant that I only interacted with a handful of the hundreds of people involved with the project on a daily basis. The rest had to just assume I was doing stuff and hope it was for the best. In the absence of communication, opinion and speculation dominated yielding the aftermath many today are all to familiar with.

With IOHK, I invested much more time in simply building relationships with the people I work with directly or indirectly. This includes traveling throughout the world to see my employees in person. Sometimes a beer and a good conversation is all that is needed to build common ground and empathy. It seems simple, but it's so powerful and undervalued.

We also clearly define the roles and relationships for each new member of the team. It's a huge overhead for HR and line managers, but it resolves tons of issues before they even exist. Yet this model does not work for open source development. One cannot ask an engineer independently fixing an issue listed on GitHub to sign an NCA, NDA and report to a line manager.

The point of open source development is to move forward with both professionals and volunteers. Many of the most successful projects are completely built and maintained by unpaid volunteers. When a traditional open source project forks, it's usually a cultural, technological or philosophical difference (Robles and Barahona even wrote a paper about it). But what happens when one introduces concepts like tokens, premines and ICOs? Incentives and relationships change.

Investors of cryptocurrencies are addicted to the prospect of strong, centralized and reliable management of the development of the protocol as it has the potential to yield the greatest returns, but this management style is at odds with the point of cryptocurrencies, which ultimately require governance by the many and in the open to be sustainable.

Furthermore, the existence of premines, ICO funds and other stores of value create a goldrush of crypto-lamprey fish seeking to attach themselves to a project to extract tokens rather than make contributions. Add some demagoguery and buzzword salad and you have your standard crypto-evangelist.

These actors bring me to my third lesson. Conflict, pain and principles are a prerequisite to success. I learned this most directly with the Ethereum Classic (ETC) project. To me, ETC is Ethereum. The original social contract was that we were proposing the world's most expensive and inefficient computer in exchange for absolute certainty that the code deployed wouldn't be modified due to outcome on some group whether it be a company or government.

Suddenly the DAO hack occurs and the social contract was changed to well it will run as written except this time because it's just too painful to this particular group. Nevermind that group blindly gave $150 million dollars to an unaudited smart contract with no checks and balances. Nevermind the lack of consumer protection put into the offering- likely due to a crude attempt to evade regulation.

People made a poor choice. The point of cryptocurrencies is to let people make poor choices and to force them to accept the consequences of their actions. This clearly is no longer the point of Ethereum. So those that wanted to keep it that way created ETC.

During the early days, there was tons of chaos. Some of the more colorful community members even attempted to hijack ETC for some purpose or another. But yet, the community stuck to its principles and now has stabilized around a very decentralized group of leaders. No one is in control. Reasonable software is being maintained. ETC just keeps living.

The value of ETC is no longer about carrying out the mission of Ethereum. It now seems to be a sandbox to figure out how to move forward without anyone having a mandate to do so. Unlike Bitcoin, there isn't a 100 billion dollars to protect nor thousands of companies pulling in different directions. Rather it looks much more like a normal open source project.

There was a lot of conflict and pain in getting to this state, but it was achieved only by keeping with a set of principles. Maybe they are too harsh for normal people. Maybe they won't allow the protocol to grow beyond a certain critical mass. Ultimately the market will decide, yet that doesn't make ETC any less meaningful as a project to the people who use it.

This last point I feel is the most valuable our space has demonstrated. Ultimately cryptocurrencies are composed of people who agree to something. While these agreements might be entombed in code and protected by clever mathematics, they are used by people.

People decided that the original vision of Ethereum made sense to keep alive and thus we have ETC. People can just as easily abandon it as they have hundreds of failed projects. A good leader in this space has the ability to rally people to a common cause and give them the tools to decide what to do about it. A bad leader tries to inflict his personal view on the masses for their greater good.

In a way, I think this gives some justification to the enormous market capitalization we are seeing alongside the cult like enthusiasm. From a practical sense nothing has been produced by Bitcoin or any other project to justify a cumulative valuation greater than some of the world's largest companies and even countries. From a social view, how much is the freedom to re-imagine the entire fabric of the world's marketplaces worth?

Money and governments are artifacts of promises and future commitments. They don't actually exist, but the belief in their power is what actually gives them power. It seems the belief that Bitcoin is worth a 100 billion dollars or that one social contract is superior to another is all that is really needed to actually realize it.

Thus to all future leaders of our space, I'd like to say separate your objective from subjective, clarify relationships as well as understand conflicts of interest and stick to your principles even in the face of conflict. And try to have fun while riding the roller coaster, it's sure to be an exciting journey.



Friday, April 6, 2018

A Brief Update on Cardano

After returning from my yearly global Sojourn, I wanted to update the Cardano community on the status of the project. Since the beginning of the year a lot has happened. Cardano continues to grow at a rapid pace and the project is evolving into a new stage.

The Byron release back in September of 2017 was an experiment for IOHK. It's the first cryptocurrency we have launched as a company. It's the first time we've had to manage public release cycles, segregated stakeholders (general public, exchanges, developers, etc). Furthermore, the Cardano project has a half dozen software companies collaborating thus we are forced to invest a huge amount of time in coordinating, communication and timezone overheads.

Since the September release, we've learned a huge amount about all of these processes and also in dealing with the needs of our broader community. We certainly haven't achieved a Nirvana like state of perfection, but processes have definitely improved.

I'd like to share some of these improvements as they are mostly hidden from the general public, yet have a huge impact on our ability to deliver a long term roadmap. First, since September, IOHK has built a tremendous amount of project management capacity led by Elieen Fitzgerald: and

Under her department, Eileen has managed to capture business requirements, draft project charters, improve our resource allocation and budgeting processes, improve development estimates, get better weekly reporting and manage the inter-dependencies between projects. We also have had an increasingly easier time managing third party relationships like our partnership with Runtime Verification on the K framework, IELE and smart contract research.

Some of the outputs of these processes are that we are moving to regular release cycles for Cardano with the first cycle starting next week on Friday. Our hope is to cut a develop branch for release and then run the release through a rigorous QA cycle currently planned for one month. Over time, this cycle can be shortened through automation and parallel processes speeding up delivery. Thus updates will become more frequent, higher quality and encumber less user disruptions.

The goal of the PMO department is to ensure when we give a date for delivering a feature, a release or a major update that the date and quality is met. This goal is one of the hardest to achieve for a software company and much more so given the nature of software we build, but it's also incredibly important for those who rely upon us for their own commercial interests.

Over time our project management methodology will become increasingly public and eventually be ported into a public github repository. We'd like for IOHK's approach to be a creative commons process that other software companies and projects in our space can benefit from and add to as they pursue their projects. Also, we'd like to explore lighter weight versions of the processes for DApp development so that our developer community can follow best practices.

Second, dealing with exchanges and other actors such as Ledger, we've been systematically redesigning Cardano's architecture, APIs and other components to be more friendly for those who wish to use our software. For example, you can see our new APIs here.

Another output has been moving our development towards a specification driven process. The first component of Cardano SL to be ported is our wallet backend with the following formal specification:

Figure 1: Cardano SL's Formal Wallet Specification

The goal is that each part of Cardano will be specified in a format similar to the one above. These specifications are implementation independent, will eventually be analyzed using formal methods and can be used as a basis for test suites and improvement proposals. 

We are also aware that many want to build their own mobile clients or modified software. To this end, we've been exploring the best way of discussing a unified backend architecture. I would personally like to see dozens of wallets and great user experiences for Cardano materialize, but I'd also like to make sure that these experiences are useful, secure and easy to deploy if possible.  

Over the coming months, large chunks of Cardano's code will be ported over to- or replaced with- these specification driven designs. This likely won't be directly felt by our users. Rather just indirect symptoms such as things getting faster like recovery from seed, less issues connecting to the network, smaller memory and disk footprint as well as other improvements.

As we now have the talent, processes and clear roadmap, Byron will continue to rapidly improve and become more feature rich. The release we are cutting next week to QA will include paper wallets, much faster wallet restoration and numerous other fixes. We expect it to clear QA in mid-May and for updates to be released monthly thereafter to our users. 

Third, the most anticipated upcoming release is Shelley. Shelley is a massive project with many workstreams and scientific dependencies. It also contains many social processes involving community coordination and management. Effectively, Shelley is about turning over the network fully to the users thereby decentralizing as much as possible. 

The work we have done with Byron has given us operationally a great deal of knowledge about the best way of iterating towards Shelley; however, special care has to be placed in the consensus side of things. IOHK developed a custom proof of stake protocol called Ouroboros for Cardano. It has never been used in a cryptocurrency before and has a completely original design. 

Thus we have been extremely focused on a proper deployment of Ouroboros to the general public. Byron is running a version of Ouroboros with delegation locked to core nodes under the control of IOHK, CF and Emurgo and block rewards turned off, but when Shelley comes this cannot continue. Staking rights will be returned to the ada holders and delegation will be fully under their control. 

To be clear, Ouroboros isn't a forced delegated proof of stake protocol like EOS or Bitshares. It's a pure proof of stake protocol where every active Ada account is factored in for epoch elections. Anyone who holds Ada in a normal address in the global UTXO has a probability of being elected as a slot leader regardless of the amount of Ada they hold.   

However, the reality is that most will not want or have the ability to host consensus nodes and consistently show up to fill the slots they have been elected to commit. Thus, we developed a delegation system and the concept of stake pools for those users. 

Concisely, anyone can run  a stake pool. There isn't a minimum threshold of Ada or a special club. Rather there will be a blockchain based registration system and a special transaction type to register a stake pool on-chain. Registered pools will be listed in the delegation center of Daedalus and pulled directed from the Cardano blockchain thereby preventing censorship or bias. 

Over the last few months, we've had to invest a huge amount of careful design and security thought into the process of delegation. It turns out there are dozens of factors and scenarios to consider from cold staking to automation of rewards. But we have converged on a reasonable design for the Shelley release, which will be released soon on eprint. 

The summary is that Ada holders can create a delegation certificate for their Ada they hold and register it on the Cardano blockchain. This process effectively separates stake rights from the spending keys for their Ada addresses. Thus the delegation certificates can live in Daedalus, but the spending keys could be key offline on a paper wallet or ledger device for example. 

Delegation will be done via a special transaction and from a user experience viewpoint via the delegation center in Daedalus. One will find a stake pool they want to delegate to, select it, and click a delegate button. It's just that simple. As we launch Shelley testnets, we'll experiment with different user experience flows from length of delegation to partial delegation (splitting stake between pools).

Another advantage of this process is that unlike Bitcoin mining pools, as our protocol natively understands delegation, it can automatically pay rewards to those who delegated without trusting the pool operator. At the end of each Epoch, our goal is to close the reward pool via a special transaction paying all those who delegated proportionally to their delegation amounts.

Some benchmarks and threshold will have to be conducted over the coming months to optimize for space and prevent penny-flooding attacks. We will also need to explore different user experiences including notifications and other UI considerations. 

A natural question to ask is how will we ensure that when Shelley launches there will be enough stake pools to ensure a reasonable amount of decentralization? How will these pools establish their brand and reputation? We considered these concerns and decided to open enrollment for a collection of beta testing stake pool operators. 

The goal with this process is to identify a set of 50-100 independent entities geographically well distributed who would like to run a stake pool as a business. We will progress as follows:

  1. Collect as many applications as possible via: until the end of April
  2. Process and winnow applications until we have a good set of 50-100 candidates
  3. Invite the candidates into the IOHK slack and begin discussions about hardware configurations, deployment strategy, docker images, etc etc 
  4. When the Shelley testnet is launched, invite the stake pools to register and work closely with them to beta test various scenarios and experiences 
These beta testers will not get a special advantage or consideration when Shelley launches. They are just necessary to test Shelley's design and ensure our assumptions and choices are reasonable as well as improve deployment strategy and documentation. When Shelley launches, there will be a grace period where all those who desire to register a stake pool can do so and Ada holders will be free to choose to delegate to anyone they want. 

Once the grace period expires, auto-delegation will be turned off and rewards turned on. Cardano will be fully decentralized. 

In closing, Cardano is a huge project. There are so many brilliant minds, great engineers and parallel efforts that it's difficult to capture all of it in a single post much less just convey our progress. What's amazing to me is that we have really gotten great processes established and are daily moving forward (a fan made a great website showing our daily commits: 

What's also amazing to me is how quickly our scientific research is moving from the lab to code. Ouroboros has gone through over a dozen revisions and now is converging to a state where we can bootstrap from the genesis block without a checkpoint (an industry first for proof of stake). Our sidechains research is state of the art with a paper coming soon in May. 

We have also brought game theorists and programming language theory experts together. The output has been incredibly innovative with new accounting languages like Marlowe:

Figure 2: The Marlowe Programming Language

And an increasingly richer theory for incentives for stake pools, network maintenance other other topics requiring an honest majority for Cryptocurrencies to run properly.

I'm astounded how we are able to think in systems now and by the quality of the people on the Cardano project. It's taken years to build this team and go from dream to regular status reports. I look forward to achieving our milestones and seeing Cardano change the world. 



Sunday, March 11, 2018


Chantal Westby's Maelstrom
Recently there has been a controversy over a tweet from one of IOHK's employees named Darryl McAdams. The tweet commented on her desire for IOHK to recruit more female and transsexual employees. This opinion has raised broader questions about IOHK's hiring practices and overall philosophy on diversity, inclusion and other social topics. 

First, to state very directly, IOHK does not maintain or endorse quotas, bias or an archetypal vision of an ideal contractor or employee. We are- and forever will be- a merit based organization. I have a fiduciary obligation as the leader of my company to always hire the most qualified person for the job regardless of where they come from.  

Second, as the CEO of IOHK, I have never wanted to lead an organization that takes it upon itself to promote a particular political cause such as social justice. It isn't our place or even within our power in a global free market to somehow cure the evils of racism, inequity or other sins perceived or actual.

Third, IOHK- and frankly all adherents to a free society- need to reserve the right to be offensive to others. Rational thought, change and challenges to existing power structures requires the ability to irritate and invoke wrath. I feel that I must elaborate on this point in more detail. 

It wasn't too long ago when concepts such as evolution, a heliocentric view of the universe, free speech and democracy were considered preposterous, revolutionary ideas that were inherently dangerous. Those who held these beliefs were and some are still persecuted within certain circles.

The reality is that all of humanity has a common journey. We are chained by biological shells programmed by a process we have little control over. The genetics we inherited have tremendous influence over our intelligence, appearance, preferences and overall ability to succeed in life. 

Some win the genetic lottery being given profound gifts. Others are cursed to suffer the indignity of physical and mental disorders disorders so severe that they can never enjoy the world as most of us do. 

While fortune toils away, another byproduct of evolution is our cognitive powers. Properly harnessed, they have allowed us to transcend parts of our biological cages to collectively become more than we were meant to be. 

In under 10,000 years, mankind has enjoyed an ascendancy that now moves to the stars and mastery over life. Soon we will be making modifications to our genetic code, adding new senses and merging our minds with computers. Nature's paintbrush is slipping into our hands. 

Another byproduct of the powers of our cognition is that some have become unhappy with the hardware and cultural programming that nature and their respective societies have endowed them with. Some have developed exotic sexual tastes (see furries). Some have embraced lifestyles that are foreign at best to utterly alien and even repulsive at worst. As an extreme example, one could look to the flesh eating Aghori monks in Varanasi.   

As a matter of pragmatism, there is what we are comfortable with and what technological advancements and globalism will force us to accept as we travel this century. For example, millions of people are living digital fantasy lives in MMORPGs like World of Warcraft, more comfortable with their avatars and their virtual connections than their own flesh and blood lives. Hollywood is even kind enough to give us Ready Player One as a visual case study.  

Characters such as Joi in Blade Runner 2049 or Her's Samantha appeal to legions of fans. To this end, capitalism has been summoned to attempt to build a crude simulacrum (see Azuma Hikari [1][2]). Should we be so naive to believe that this trend is just a fad on par with the pet rock? 

When is this Love?

The reality is that we are using our cognition to change ourselves and redefine relationships. And like prior centuries having to decide whether to embrace other cultures, ideas and religions, we are facing the equivalent of our time, but now armed with computers and profoundly advanced technology.

Thus it's reasonable to assume that mankind is going to explore depths that we haven't seen as a species before. Exploration of this nature cannot be familiar or painless. It's going to break conventional society and force a fundamentally re-evaluation of concepts like relationships, gender and even physical presence. 

Did Snowden attended the conference? What if the robot had a female face?
I am the builder of digital infrastructure. The protocols that could eventually yield control over our identity, financial lives, voting rights and property. These protocols cannot belong to a particular culture or group. They also cannot discriminate against the weak and misunderstood. Roads cannot be biased against the creatures who walk them.

Therefore, I've attempted to construct a company that welcomes a diverse group of opinions, beliefs and geographies. We never censor our employees nor ask them to remain silent on the issues that are most important to them. 

As a company, IOHK tries to embrace neutrality. It frankly isn't IOHK's place to choose sides in these debates. It's just our place to ensure they don't consume our business operations and fiduciary obligations.

Part of this creed is also accepting that people associated with my company could say things (myself especially included) that will, at times, deeply offend others. For example, I have repeatedly- at times harshly- expressed my dismay over police brutality within the United States. I have no doubt that this position is hurtful to police officers and their families. 

And this brings me to my final point, I've become gravely concerned over the attempts to de-platform opinions. Those with ideas, beliefs or even objective data contrary to particular agendas are often maligned, ostracized, banned from speaking and even physically threatened or attacked at times. 

These tactics are nothing new. They have been employed by radical movements as a means of silencing critics and rational thought in order to inflict a fanatical philosophy upon society as a whole. In my mind, there is no difference between the communist commissars and the student protesters shouting down the latest conservative speaking at a college campus. Both are trying to prevent us from hearing an opposing argument.

Part of the reason why I so admire blockchain technology is that it protects us against the revision of history, the censorship of inconvenient truths and the power of centralized actors to sculpt our view of reality. Citing fake news or social justice, I can imagine a time when Facebook or YouTube become weaponized tools of a regime to a deploy well crafted propaganda in order to preserve power and social order. 

I would be an utter hypocrite to say such things ought to be stopped, but then ask my employees to censor their opinions. I just ask for respect, dignity and reason. But I cannot ask them to avoid offending others. 

Politically I'm a libertarian; I loath taxes, regulation and socialism, but I will not mock those who collaborate with me for having a difference of opinion. Along the same token, while I at times cannot fully understand particular preferences or lifestyle choices, all I ask for is they are conducted with respect, dignity and empathy for others.

Leading an organization, I can fully appreciate why some CEOs have chosen the easy road of attempting to hide behind empty platitudes and vacuous diversity theater. It's simply better for business and one's partnerships to try to be as least offensive as possible. But that's not reality; it's a Dilbert cartoon. 

The reality of life is that as a condition of our culture, upbringing, religions (or lack thereof) and geography we are going to act in ways that create strife. While the curse of cognition is that we must endure the pain this strife brings, it's gift is that in embracing the maelstrom, we often find a creative destruction of old ideas refreshed with far superior ones.

By avoiding this process, we are losing part of what has made humanity so collectively strong and also draining authenticity from the workplace. IOHK collaborates with some of the brightest minds- Darryl McAdam's included. They simply don't have to be here if they don't want to be. If given a choice, would you rather work somewhere that accepts you or forces you to live in a gilded cage like an amusement park character? 

I didn't sign up to build Disneyland; I signed up to change the world. So that's what we are going to do as we march towards an esoteric, ever more authentic and I hope better future. Forgive us for breaking a few vases along the way.  







Sunday, March 4, 2018

An Ode to Critics (IOTA and DCI)

Recently I heard there is the possibility that one or more actors associated with the IOTA project suggested the possibility of some form of legal action against members of the DCI responsible for an unfavorable analysis of IOTA's core technology. Rather than rehash the entire affair here, I'd recommend these sources as a reference points (DCI Audit Report)(Blog Post)(IOTA Response) to bring everyone up to speed.

What is provoking me to draft a blog post on this topic is that I offered to pay legal fees DCI actors would encumber as a result of their audit of IOTA in the event an agent of the IOTA Foundation or its associates decide to sue a member of the DCI. This offer was immediate and without preconditions. It also isn't connected to an opinion of the soundness- or potential lack thereof- of IOTA's technology.

To be frank, I could care less whether IOTA works, accomplishes its commercial goals or how it manages its ecosystem and community. What concerns me far more as a developer of cryptocurrencies is the relationship between security and cryptographic researchers and protocols we develop for our space.

The reality is that we have a symbiotic relationship. Researchers enjoy spending countless hours attempting to find flaws (theoretical and practical) in the philosophy, design and implementation of our work. These hours are seldom glorified or even compensated. They are generally ignored by the mainstream public outside of an occasional sensational headline by a low information journalist. But they are absolutely necessary to evolve our work.

For the researchers, they gain academic credit, the occasional job and the intellectual joy of resolving a problem. These perks aren't exclusive to a particular protocol or even the cryptocurrency space. Inflicting havoc on Ed25519 yields just as many brownie points as finding an issue in Ethereum's network protocol.

Having paid private firms literally hundreds of thousands of dollars in consulting fees to audit code IOHK writes, I fully appreciate the value of this foundational work. In fact, often one simply cannot hire the top minds as they are only interested in university affairs. Thus their time and effort is not only valuable, it can even be simply irreplaceable.

If a member of our space begins to attack researchers he feels have been unfair in their assessment or criticism, then this event cascades far beyond the immediate actors involved. It fundamentally damages the vital symbiotic environment between researchers and protocol developers. In other words, it directly hurts Cardano, Ethereum, Zcash and every other project.

Most graduate students, postdocs and professors do not have extensive resources to defend themselves against well capitalized cryptocurrency projects that don't actually have to win a case in order to massively disrupt the lives of these researchers. Going to court is expensive, emotionally exhausting and takes a huge amount of time. If a security researcher feels his work could provoke this event - even if it's objectively true, then they will simply choose a different topic.

I also can fully appreciate the discomfort of criticism that members of the IOTA community and the developers themselves are enduring. I have first hand experience with the blatant unfairness of constant attacks over social media, blog posts, at events and through other channels where lies, half truths and baseless innuendo replace an effective dialogue. It's always painful and often crosses the threshold to malicious slander.

But it's extremely important to understand that not all criticism is unfair and even within the set that is unfair, the actors levying it ought to be considered. The academic world is tightly regulated via credentials, unspoken rules and a strong emphasis on reputation. Attacking someone unfairly isn't a pattern that can be repeated without severe career consequences.

Thus the most common response to attacks coming from the academia is to prepare a fact based rebuttal. It doesn't necessarily mean the attack will be deflected or withdrawn, but it forces the critic to acknowledge your rebuttal and provide additional context and clarity.

This process is on display for the entire academic community to form opinions. If a researcher is dishonest, has conflicts of interest or is omitting/missing key points, then it will eventually be discovered. If it's a common pattern, the researcher will be socially exiled from academia.

A prominent example in the cryptographic world comes from Dr. Neal Koblitz. He levied an aggressive series of attacks on the concept of provable security. Neal's credentials are impeccable having created elliptic curve cryptography and being a Harvard educated Putnam fellow. Despite his enormous contributions to the field of cryptography, he wasn't given a pass on what many feel is unfair criticism. And it has had career consequences.

Escalation to courts is generally only done in cases of known fraud and institutional cover-up. For example, the falsification of collected data to skew results to some desired outcome. The consequences are always brutal once discovered. As particular examples, one can review the Schön scandal and also Paolo Macchiarini affair.

Nothing in this audit seems to deserve an escalation of this nature. A researcher made a claim and provided an argument with a set of evidence. The developer says this claim is false. It's an argument and it has an objective answer for the world to see.

Thus, I have no choice but to apply some of my personal resources as a counterbalance to protect the integrity of the system I have so benefited from throughout my academic and professional career. I would recommend that the IOTA community exercise the stoicism of the person who created the heart of their protocol as he continued to teach while students rudely interrupted his class.

I'd also like to remind them that MIT and the broader academic community isn't going away. Direct attacks- even if victorious- will have Pyrrhic consequences.

I hope the matter is closed and everyone can move on to better things. 


Saturday, January 6, 2018

The Price of Craftsmanship and the Zen of Protocol Design

Having read the comments of a former business partner of mine, which will be addressed later in a dedicated blog post, I’ve decided to draft my thoughts on how IOHK approaches the design of Cardano and by extension all the cryptocurrencies it works on. As this space has become polarized with the politics of personal destruction, financial incentives to lie and a stunning lack of respect for critical analysis, I’ll try not to mention project names- just my opinion on what good design principles ought to look like. I freely admit, I could be misguided or stuck in my ways.

First, we have to define what is the point of our labor. What goals are we trying to achieve and who needs the solution? It’s stunning to me how we are littered with solutions seeking problems connected to a token actively trading. Decentralized computation, storage and other services need an audience in order to be useful and they need a necessary edge in order to survive beyond hype.

For example, replicated computation that is byzantine resistant is what Ethereum brough to the table. We freely admitted that market demand was unclear and that use cases would materialize after we launched (the field of dreams gamble). Whether those uses are economically viable or optimal, was and still is an open question being explored and forcing enhancements.

What is undeniably valuable was the beginning of a conversation about outsourcing computation in a way where the server couldn’t be trusted; either couldn’t trusted to return a correct result or not trusted to de-prioritize a particular program due to some agenda. The net neutrality debate is highlighting this concern most directly.

There seems to be an audience that likes the problems that Ethereum is trying to solve. Thus it begs the question what is the best way of doing so? What tools do we have in our bag and who are the craftsman who ought to weld them?

The point of the Cardano project has always been to build something from first principles using a functional programming approach, embracing formal methods, and checking our progress through peer review. We chose these three pillars because experience tells us that humans are good at self-deception, forming personality cults and making extremely subtle mistakes that eventually cascade (heartbleed is a great example).

Functional programming is getting code close to math. It’s saying scientists draft a beautiful blueprint and then let’s pull that blueprint directly into reality. There are some wonderful lectures from the Clojure community on the elegance of functional programming techniques (1)(2), but the broader point is that simplicity, modularity and conciseness matters more than performance.

Machines keep getting faster; legacy code is like a tattoo. You’re going to have to live with it so make it pretty. We chose Haskell because it has the perfect intersection between practicality and theory. It gives us wonderful libraries like Cloud Haskell and a community that’s extremely smart and supportive of new techniques and ideas as they become necessary.

Formal methods are an acknowledgement of the semantic gap. Humans and computers are fundamentally different animals and until Ray Kurzweil delivers us to the Singularity, we will be quite distinct. This axiom extends down to the computer’s understanding of our intent versus our own.

The DAO hack is a recent textbook example. The engineers who wrote the contract had a clear understanding of intent, but it differed slightly in code and as a consequence a hacker could cause havoc. The point of formal methods is to close the gap between man and machine.

Specification captures the intent of the scientists who spend countless hours of rigorous labor carefully writing mathematical proofs. These proofs are riddled with ideal functionality and ambiguity from an implementation perspective. Basically, such papers are the inky equivalent of the spirit Billiken- the god of things as they should be instead of what they are.

A formal specification process is slow, uncomfortable, pedantic and requires exotic languages and skills. As a consequence, it’s also terribly expensive and not fun for most people. But such techniques save lives (think planes and trains), money (think Mars Rover) and dramatically enhance our understanding of the protocols we wish to deploy (lies melt).

We’ve written some blog posts on techniques (1)(2)(3) and the philosophy we follow as well as have done a whiteboard video. As most of our work is transparent, the specification of Ouroboros Praos is no different. The repo can be seen here. Like a fine painting requiring exhaustively small brush strokes to gradually make the whole, we are paying that price of craftsmanship.

Finally, there is peer review. It somehow is conflated, misunderstood or in some cases discarded as an unnecessary formality to appease irrelevant ivory towers out of touch with the plight of normal man. I counter every single one of these attacks with a single question: can you understand the papers cryptographers write?

Humility will yield an answer of no for the majority of the populate. This statement isn’t self-serving arrogance. It’s respect for a language born from decades of careful study. Medicine has research. Physics has research.

Why is it so controversial to state that a paper like this is outside of the ken of most people? It isn’t elitism; it’s an acknowledgement that the people who wrote it spent decades of their lives learning how to write that paper and think like they do.

Somehow in the cryptocurrency space, we have forgotten that our underlying technology is constructed upon foundations of cryptography, distributed systems, game theory and programming language theory amongst other considerations. The people who study these fields literally have invested tens of thousands of hours to become proficient- meaning they can read and understand the papers- and that’s not even making a statement about meaningful and original contributions.

The question we ought to ask isn’t can I understand the papers. That’s like asking the public to understand the US Federal Budget. The question ought to be what process should this work go through in order for it to be considered correct?

Peer review via IACR conferences is an excellent option. The conferences are managed by domain experts who don’t have a financial incentive to like or dislike any particular work. The review process is double blind. The conferences hold high standards where most submissions are rejected. And acceptance means you have to show up and discuss the work with your peers.

It isn’t a perfect process by any means, but it’s a standard of quality that is objective. It’s a benchmark to start a conversation with and provide some assurance that the work meets basic standards. That someone who actually can read the paper, has read the paper and thinks it’s ok.

Like all good science, one needs to continue evolving, continue pushing the boundaries and continue asking difficult and often uncomfortable questions. The ultimate point of peer review is to acknowledge you aren’t an island and you don’t want to go on that journey alone. It’s asking for help from fellow travelers who are just as capable if not more so than you.      

As an outside observer, many of which who are directly investing their hard earned money, one should be actively asking about processes that produce truth. We chose peer review because it’s the best tool in our box that we know how to use to check our claims. It has given us modern medicine. It has given us modern physics. There is no reason it can’t be used to help give us better money.

As a final point, both Algorand and Snow White carry similar structural properties to Ouroboros. The exact same criticisms that my former business partner naively applies to Ouroboros could be applied to them - meaning that a Turing prize winner and Cornell are both inferior as well given that logic.

There also was a lack of appreciation for the holistic nature of protocol design. Raw TPS isn’t an end, it’s a necessity of large scale use. Yet there are other considerations such as network performance and the ability to store with high availability the eventual exabytes of data these systems will demand.

The Zen of protocol design is understanding that all things have to flow from a common source. That this source needs to be on bedrock, simple and secure. That this source needs to be perfectly balanced and grow naturally to meet the needs of its users. When a protocol achieves this state, like TCP/IP did, the results are magical. Others like PGP have failed despite their brilliance.

The point of how we have gone about designing Cardano is to seek this balance in our design. Ouroboros was built very carefully and in the most general way we could understand. It can be tuned to operate like many conventional protocols or run in new modes.

It will eventually include modifications to dramatically scale performance when it is necessary. We’ve even broadened the discussion to include topics like RINA and Delta-Q because they are absolutely required for natural scaling.

Yet in all these things, we are doing it with principles, craftsmanship and honesty. It’s a long and very hard journey, but has been a fun one.

Thanks for reading