We discuss how he was inspired in the 80s by the economist Hayek’s ‘utility of property rights’ and object oriented programming to found Agorics (in ‘94) to create secure distributed computing markets to lower the risk of cooperation. We also discuss the history of smart contracts, and why in 2018 he rebirthed Agorics as Agoric to make smart contracts more secure, and accessible to developers.
Jamie Burke 0:13
You’re an early stage web three founder apply to our award winning accelerator programme base camp at Outlier ventures.io slash base camp, we write your first $50,000 check and give you access to 200 mentors, including many of the leading web three founders, and a network of 1000 of the world’s leading investors and exchanges. We’ve helped over 30 startups from 15 countries from all around the world, raise 100 and $30 million in growth funding. It can help you fast track product market fit, and where relevant the launch of your token economy. Today, I’m really happy to welcome Mark s. Miller, Chief Scientist at igorot. Welcome mark.
Mark Miller 0:53
Jamie Burke 0:54
Mark Miller 5:22
okay, so I’m recapping it chronologically, let’s say quickly, but actually all started for me. In 1983, I was enthusiastic about as a young software engineer, enthusiastic about software engineering, and the object oriented paradigm is very, very new back then I was very, very excited about object programming. And then completely separately kind of as a hobby, I was very interested in economics, are very taken, especially by the writings of economist Friedrich Hayek. And I mentioned to a friend of mine, Eric Drexler, I was talking about why I was so excited about object oriented programming. I explained to him about encapsulation about how an object is a security boundary that encapsulates the current state, in response to abstract requests from other objects. But it’s the only the code of that object and manipulate its internal state. And Eric said, Oh, that’s like hikes explanation of utility property rights. And that, to me, was the grand aha moment the change the rest of my life? Is that all of the normal economic explanation explanation that we might be more used to about property rights, aligning incentives, and all that a hikes or explanation was in terms of information and complexity, and plant interference and tag coordination. Is that you got this on the way I would put it. Now, why do you put it now is that we can understand both large scale software systems and human society as a whole, as consisting largely of networks of entities making requests of other entities. It’s the architecture of the request making the architecture in which the requests are made and responded to, and how that composes together in large networks, that creates the emergent properties of the system as a whole. And what software engineering emphasises and what Hayek was emphasising very much with the same concepts, the completely destroyed terminology, but is that you’ve got this large scale system that’s trying to take a lot of knowledge into account in order to create some big rich emerging effects.
But the total amount of knowledge and the total complexity of the effects brought about is larger than any one entity participating in that work. in software engineering, we have to take a large programme and break it down into small objects where each object only knows a little bit. But in human society, there’s on new heights great phrase about how the benefit of civilization is it’s able to bring about effects to take more knowledge into account than the knowledge that can fit into any one human head. So what hike emphasise is that there’s this tremendous number of plans that separate people are separately formulating. There’s all of these resources that those plans are in terms of that the plans would make use of as the planets unfold into the world. And without some special arrangement, you would have this tremendous, unsolvable combinatorial explosion of planet your appearance problems as one person’s plans would make you presume that they can make use of resources that another person also has conflicting plans to make use of these plans would tend to conflate high IQ, stated that the central problem of economics is how is it that centrally that’s separately formulate plans, plans formulated mostly in ignorance of each other, tended to mesh? Well, they certainly sometimes interfere. But all together, they tend to mesh well, which is why civilization works, why society is able to create so much wealth so quickly on why we are all able to benefit from participating voluntary, cooperative relationships with each other. And the central insight is that by dividing up the resources into these separately owned partial partial parcels, where each planning agent knows that there’s a range of resources, that they can formulate plans in terms of where those plans go unfold, free of arbitrary interference from the plans of other agencies. Because those resources are owned by the planning anything, that was a complexity payoff, modern incentive payoff was specifically a complexity payoff, for dividing up the resources of society into these separately owned parcels that can be subject to manipulation by separately formulating plans. And then the message passing level objects or objects make abstract requests to each other, where the abstraction of the requests is separated from the details of how the requests are carried out, once again, is reflected in the marketplace and hikes explanation of prices as a coordinating signal that you when a customer makes a request to the business. If making a request for product is not making requests for a product that’s manufactured in some detailed manner just to the business how to how to make use of the business’s resources to manufacturing product. So that was very much where I started in 1983. And by 1988, by Eric Ries, certainly, I had published a set of papers, you Gore, consistent papers. So both of my companies have goreck, so now Gora, named after those Oracle consistence papers. And that’s why when we talk about
creating the parentvue Gaura paradigm and secure distributed market based computation, I’m referring very much to the paradigm that started off in those papers. And there was one major insight that we did not have yet at the time, we wrote the papers that we then got from Nick Saba, when we when we when we later made contact with Nick zombo, Nick Sabo came up with the idea of smart contracting, it was sort of the important next insight. In those papers, we were really focused on markets as a coordinating mechanism inside computation. Where we’ve got a, an operating system scheduler that we formulated is an auction process, auctioning off the next CPU time slice to the highest bidder on where you’ve got memory space allocated, and what we call the rental option. So the idea was that within computation, we wanted to make use of on prices as a coordinating mechanism, so that each individual component would be guided by the price information that they have the relative the current price of memory and processor time and other resources to make trade offs as if guided by an invisible hand, to serve the overall efficiency of the system, we wanted to replace the central planning approach to allocation of computational resources to processor scheduling memory. And we saw distributed computing coming. And we knew that at the scale of distributed computing, that kind of central planning notion break down, we’re looking to markets internal to computation, we got from the example is that a lot of the mechanisms that we were creating, which we now call smart contracting mechanisms, they were mechanisms whose purpose was internal to the computational system. And examples were points out that you can use automated computational processes, embodying contracts, much like contracts we had been writing, but were the things of value being manipulated, or a value at a value that’s directly apparent to human beings so that they can be trading stocks and making loans and doing auctions where there’s human participants. So you raise it up to the point where it’s still you benefiting from the the unambiguously the unpredictability of representing contracts as code executes, where you can read the code, you can you can analyse the code, you can try out the code and experimental test harnesses and emergency conditions, you can do all get all the benefits from the automated execution of the contracts, or the contracts themselves can be serving much of the role that we currently take human contracts on to serve law, manipulating resources, assets of direct significance decisions. Wow.
Jamie Burke 14:28
Mark Miller 15:27
Jamie Burke 20:08
Mark Miller 21:18
Yeah. So part of part of what drove me into I’m seeing an opportunity in leaving Google and starting goruck, we were seeing these bugs is happening in smart contracts on a theorem bugs, including on contracts that had been carefully constructed by experts who put a tremendous amount of effort into simple contracts. And nevertheless, bugs in those contracts and called hundreds of millions of dollars disappear overnight with no recourse. And the whole e community, everybody who participated through the late 90s, early 2000s, in the open source community, and the exploration we were doing about how to do smart contracts, in terms of our attractions, was looking at that and saying, Oh, my God, if they had just been writing the smart contracts, the way we were writing them back in the you know, the early 2000s, they wouldn’t have had these bugs, a lot of these bugs would not have been possible, obviously, some of the web doesn’t solve all bugs, but a tremendous number of these bugs just wouldn’t have been possible. So there’s a number of there’s basically two opposite approaches that that you can take towards the problem, the central problem of computer security, which is access control, which is the the issue of what actions are allowed, in what context. And those two approaches are identity based access control, and authorization based access control. So let’s start with identity based access control. why most of our operating systems, all the operating systems that that you know, are in widespread use are based on identity based access control, where all questions start with who is making the request, who is asking. And then depending on the identity of the requesting entity, the action is that allowed or not? Well, so this shows up in aetherium, with the fact that anyone, anyone or anything can send a message into any contract. So contract when it receives a message was it the message might come from anywhere, and therefore it might be meaning meaningless or malicious. So in order to figure out how to react to the message, while the etherion contract has to do some kind of check, and the mechanism built into aetherium, that all of aetherium contract security rests on. But isn’t identity check, there are two the one widespread use is message dot sender. And that basically says, depending on that, that identifies an unfortunate manner, the identity of the requesting entity, and then based on that a separate access checklist is performed. So the comparison I like to make is, let’s say that my car did an identity check on me. Before it, let me drive it. In that case, what I want to ask you to, let’s say, do me a favour Drive, drive my car to the shop, I would have to tell my car without your identity, make sure my car knows that you’re not authorised to drive it, but you walk up to the car and drive it. Now you find that in order, that is part of what you’re doing, you need to hand the car over to a valet, well you’re not the owner of the car, you can’t ask the car to authorise the valet so you’re stuck. So there’s a whole lot of composition problems that we get into with identity based access control with authorization based access control. The core concept is the barrier, right? And going back to the same analogy, that’s the car key.
Unknown Speaker 25:09
Mark Miller 25:10
want you to, to do to do a favour for me to drive my car somewhere, I hand you my car, I didn’t have to tell my car, that you’re now the authorised driver, I just communicate the car key to you, when you need now need a valet to park it for a while you can hand the car key to the valet. And so the first thing is it enables composition. So it enables smooth compositional subcontract relationships where I make requests to view and I give you the access that you need to carry out that request. Well, the other thing is enables narrow delegation, well, I didn’t give you the ability to do a full impersonation of my full identity, I enabled you to drive my car, I did not enable you to empty my bank account. So this is what we call the principle of least authority. So object capabilities, these bearer rights give you narrow, delegable authority. And then this is directly what object programmers are used to with the object reference and the message pass, when one object makes requests with another, it includes in the messages, arguments, references to other objects. And that communicates not just what other what the object the request is about. But it communicates access to the object. So the receiver of the message now has access to the object that was described. So all this together creates a very, very abstract and compositional system of secure computation that composes together with the richness we’re used to from objects, a lot of the richness of the modern world that we have is due to the compositional nature of object programme, the fact that objects can delegate to each other and this local manner without meeting global information, the fact that that that the requests they make to each other abstract requests, all of this works well, to create these very, very rich compositions. Ethereum contracts for all the people talk about DeFi logos and talk about composition, the kind of composition that they’re, they’re actually experiencing on a theorem, the limits of composition constraints on theorem is very, very shallow and narrow compared to an object privilege you used to and compare what we’re now used to acquire. On top of that object level, we build a financial, we build a system of tradable electronic rights, on the start of what we call e RTP. The electronic rights Transfer Protocol.
The electronic rights Transfer Protocol gives you one set of encompassing transactions, which are encompassing abstractions with that, within that, that umbrella abstraction. We’ve got fungible and non fungible rights rights that are perishable, non perishable, symbolic and exercisable. There’s a whole wide range of variations and kinds of writes, such that that whole range of variation can all fit within the ercp abstract set of interfaces. And what’s important about that is that we can use that we found that we can now write in what have you wide range of contracts and contract components on various kinds of derivatives on covered calls, call a financial is called spread options, auctions, automated market makers, a whole bunch of different institutions, many of which can can deal with any right that can be described in the RTP. And but some of the some of the rights that plugin has to be particular kinds of rights. So for example, uni swap, or our version called, which we call auto swap, that has to do arithmetic on the quantities, so that requires a fungible right, in that, for that part, that most of our most of the components of most of our contracts can do with any kind of right. And now the place where we get into the kind of higher order composition that modern software engineering is based on and that gives rise to the richness of modern software is that we have a contract that unfolds over time, the right to participate in that contract is itself valuable. So what we’ve been able to do in our framework is we take that that right? To join a contract, we call that an invitation. The invitation is itself a, a kind of asset that fits within the right umbrella. And now any of our generic contract components that might have been able to feed on, you know, some tokens into or might have been able to feed on non fungible tokens in terror are various different kinds of things, you can also now feed invitations to participate in contracts into. So without those components themselves being different. So now, the kinds of rights that these contracts manipulate are also the kinds of rights that these contracts create, simply by virtue of being a contract that it’s valuable to be a participant in.
Jamie Burke 30:45
Unknown Speaker 32:02
Jamie Burke 32:03
you know, how does that play out as two opposing systems.
Mark Miller 32:08
to peg Cosmos atoms where the atoms on some other blockchain without the two block chains trusting each other. And the there’s three levels of protocol but irrelevant here. There’s the IBC level, which is the communication blockchain blockchain the blockchain so the contract can can get wider information about what happened on another blockchain, there’s the cap TP level that turns that into a secure messaging between objects running on these different block chains. And then there’s on the RTP and Pegasus level, that enables us to create yarpp near keepy surface and the rpp window into assets that whose native representation is not in the RTP. So you can basically lock those assets up and in their native location, turn the locked assets into an ercp wrapper within within our extractions, do all of them get all the benefits of the RTP trading with regard to those assets, and then later cash them in to unlock the original assets. Our plan is to do to do something very much like that for for either for ERC 24 for Bitcoin. And the result is that the gorg platform no longer has a severe penalty for not being where the assets are the people want to trade. That’s okay, the assets are over there. But you don’t have to go there to trade them, you can go here to trade them. Because we’ve gotten rid of all the friction that that makes you need to go there. So I don’t have to travel to New York in order to buy and sell stocks on the New York Stock Exchange. There’s there’s plenty of lubrication system that have reduced those frictions, so that you can trade anything from anywhere in the world, lengthwise. If you were to follow a week into a particular website don’t have to be on the website. The whole world wide web is all about links being this frictionless way to go from the page on one website to the page in another website. So by removing those frictions, you remove the specialness of the cracker. And now the issue of really want to write the contracts, the crackers, now no longer were the assets. It’s what is the best platform for writing a contract. And we built a much better platform for writing the contracts. Pack the assets into our platform. Well, but the but the but the, the the the location of the assets at any moment is not what causes the system to be sticky,
Jamie Burke 39:43
don’t you? I mean, that’s a fantastic, fantastic explanation. If I was able to follow it, I’m sure everyone else will. So let’s zoom out because again, I want to make the most of having you on here. I know smart contracts to you Important at a societal level, yes, this is a startup. But it’s not just a commercial endeavour, you know, there is a purpose, as you say, behind your devotion to this mission across your career. So let’s zoom out. if if if we solve for this, both goreck. And as you say, collaborations with IBC, and whomever else? what’s possible? What do we solve for? Give us an optimistic view on on the world.
Mark Miller 40:29
So I’m very glad you asked, because certainly the reason why I’ve stayed on mission on this for decades, is not because I thought I could not simply because I thought, well, I can form a start up and get some good return on investment. That this was a mission, worth decades of my life, because of the effects I’m hoping it has on human society, some of which I think it’s already had. And the phrase that I think covers much of what I’ve done throughout my entire professional life, is if you can lower the risk of cooperation, you get a more cooperative world. So we’re very used to people talking about the benefits of rule of law. Well, what is what do we mean by rule of law? What we mean is that there’s a understandable an ambiguous system of rules that apply reliably, neutrally an uncorrupted Li. Such that within the framework of rules on rules gives people an opportunity to interact with each other cooperatively, but the same framework of rules gives them an architecture in which they can arrange to try to realise cooperative opportunities, while still protecting each one each is still protected from the potential misbehaviour of the other where you can reduce your risk and the possibility of the other party misbehaviour. So this comes up at many, many levels. But on contracting is kind of the ultimate level of that because contracting creates uses the rules of the framework to design a set of rules that are that characterise the contract itself, each contract is a custom set of rules that’s embedded within this enabling framework rules. And the contract, when you think about my favourite metaphor for what a contract is, is, is it’s like a board game with contracts like the rules for a board game. So when we negotiate a contract, what we’re doing is we’re designing the rule, we’re trying to find the rules of a board game that we would both be willing to play, because commerce is positive sum, we both be willing to play it because we both expect to win in the positive sub world, both of us winning is not a contradiction, what’s expected, typically happens. So we construct these rules for us to have this cooperative interaction. And one of the things we have in mind is it goes rules is that the other player has different interests and may act in a way that we don’t expect. We’re each trying to protect ourselves as well. And then what we want is, once we’ve arrived at those rules, we want to now interact according to the rules of that game in uncorruptible manner. And what that means is that I’ll reach bound by those rules now before smart contract and before being able to write the code of the board manager is a programme that runs on a computer in the current world of centralised finance, by which I just mean you know, the the real world finances we’ve experienced before blockchain. But in that world, the enforceability of the contract depends only on the incorruptibility of human institutions on and depends on the speed resolution processes, where if somebody violates a contract, we take them to court. And the problem is a human institutions are not incorruptible. How they can have very high reputations. They can have operated for a very long time at a high reputation. But then, in emergency where things really matter and the existence of the institutions have problems, people can act in a panicky manner. And even with a very long history of operating high reputation, that’s no guarantee of continued incorruptibility in the emergency where it matters most. But the more important thing is that there’s a cost threshold, the unforeseeable Contracts matters if the values at stake are adequate to be worth taking somebody to court over, and if the contracting parties have the resources needed to take them to court. Those are tremendous costs. And that means that the utility, the benefits of rule of law actually only start at a very, very high cost threshold.
So it’s been so one estimate that I think is conservative, when it says that of all the people in the world, 4 billion of the people in the world do not get to operate with the benefits of rule of law. Now, by creating a computationally based way of expressing the contracts, to where the meaning of the contracts is much less ambiguous, is subject to formal analysis and subject to testing and subject to stress testing. So you can see what the contract does in an emergency and get some actual information about the emergency. Whereas you can’t test what people would do in a panic. But the the, the computational embodiment gives, it gives you a reliability of what the contract means. blockchain is a fundamental innovation, which is one that I did not see coming in all my years of smart contracting before blockchain. blockchain was a brilliant innovation, because you’ve got the ability to build the computer out of agreement out of massive multi way cross checked agreement enables us to build what is essentially a virtual institution, each blockchain is can be thought of as a virtual institution that is much less corruptible. It’s not incorruptible, there’s never zero risk. It’s much less corruptible. Anything human beings have ever been able to produce by any institutional arrangement in the past. And it’s it’s a huge leap forward, and incorruptibility insufficient, it’s not only improbable by the arm by the people participating institution is incorruptible by the governments of the jurisdictions of the people participating in the institution. So one of the big ways in which the world as we’re experiencing, it does not fit with the institutions that the history of the world has evolved to up to now is that commerce and contracting and in general, our cooperative arrangements with each other, are mostly free of geography have nothing to do with the geographic location, many of the people that I deal with, on the net, whether it’s by email, or by contracting, whatever, I don’t know where they are, I don’t need to know where they are. They’re reachable over the net. But all of our frameworks of law that we generally mean when we talk about rule of law, are all jurisdiction base, which is largely geography base, and they just don’t fit. So between the corrupt ability of governments, the mat, the the huge cost of making use of the rule of law mechanisms, and the fact that the mechanisms have gotten very complicated. In non neutral, there’s all sorts of special case carve outs, each of which is a form of crushing. So anytime the law gets too complicated to understand, because it’s responded to lobbying by particular parties to make particular special cases, that’s a question of the rule of law. That’s no longer what we mean when we say rule of law. So all of these ways, this idea of rule of law that we’ve come to price so much, that was part of the ideal that we wanted to share governments to provide. Governments are not close to that ideal. And we now see, for the first time, an ability to build something that’s much closer to you. And and the result is that we can build a world that’s much much more cooperative, it’s much more open, that opens the benefits of rule of law, to many different levels of wealth. Don’t no longer starts off with the benefit benefits no longer start up at some very high value on so we can all now cooperate with each other and much less risky matter and much more reliable.
Jamie Burke 49:31
Well, I mean, I’ve been in this in the space that I would call web three blockchain generally for over seven and a half years. This has been the most inspirational conversation I’ve had in in all that time. It’s been a huge pleasure. I know that the audience are gonna feel the same way that I do about this. I had a few goosebump moments. hearing you talk about that, because to be honest with you, even though I’ve been in it for seven and a half years, you know, you can’t help but sometimes think you just Drinking the Kool Aid and so to have somebody like you that’s been so instrumental in the history of the internet, say blockchains are really important. One of the most important innovations humankind’s ever created makes me feel somewhat comfortable that I might be in the right right space. So I just want to say a big thank you to you. You’re definitely an inspiration to me, I’m sure to founders coming into the space and developers generally. So thanks for everything that you’re doing. Hopefully, I get to meet you in person before COVID. You know, subsides. And I look forward to that day. Is it stay safe?
Mark Miller 50:37
Yeah, thank you. It’s been a real pleasure.
Jamie Burke 50:42
If you enjoyed today’s podcast, please make sure you subscribe, rate and share your feedback to help us reach as many people as possible with important mission of web three.