In this episode we discuss Simon’s journey, the need for a cross-chain native exchange, competitive differences, timelines, economic security, value accrual for FLIP, concentrated liquidity, signature schemes, and much more. We also cover why Delphi Ventures is such an excited investor in Chainflip.
Every Delphi Podcast is dropped first as an audio interview for Delphi Digital Subscribers. Our members also have access to full interview transcripts. Join today to get our interviews, first.
- Our Video interviews Can Be Viewed Here: https://www.youtube.com/channel/UC9Yy99ZlQIX9-PdG_xHj43Q
- Access Delphi’s Research Here: https://www.delphidigital.io/
- Cosmos by From The Dust | https://soundcloud.com/ftdmusic
- Music promoted by https://www.free-stock-music.com
- Creative Commons Attribution 3.0 Unported License
(2:21) – (First Question) – Simon’s Background and what brought him to Crypto.
(15:00) – What is Chainflip.
(26:12) – Chainflip Usability / User Experience.
(29:27) – How Chainflip works.
(37:33) – Chainflip’s signing schemes / Security / Economic attack factors.
(50:20) – How hard is it to get control over a majority of the nodes in a vault.
(1:00:20) – Thoughts on Multi-Chain AMMs.
(1:03:26) – What is the timeline for Chainflip.
(1:04:44) – Why build on Substrate.
(1:07:53) – How hard would it be to run a validator for Chainflip.
(1:09:38) – Thoughts about the risks of upgrading.
(1:12:10) – Flip Token / fees / model for value accrual.
(1:25:14) – Thoughts on Impermanent Loss.
(1:33:40) – Where to find Chainflip.
Hey everyone. Welcome back to the podcast. I’m your host, Tom Shaughnessy. I help run Delphi Ventures and I’m the host of the Chain Reaction Podcast. I’m thrilled to have on Simon, who’s the founder of Chainflip. Simon, how’s the going?
Good man. Yourself?
Pretty good man. It’s summer over here in New York. So it’s unbearably hot as you know, but I guess it’s not as bad as Florida, but it’s cold where you are, right?
Yeah. I mean, I’m still down in Australia at the moment. We’re based in Berlin and I’ll be there pretty soon. But man, it’s been cold down here too.
The rain has been so heavy over the last three days. I took a drive before a couple of days ago and I had to pull over because the rain was that heavy. I couldn’t see.
Oh my God.
It was really bad.
Jeez. Yeah. I flew into New York a couple of days ago from Bitcoin, Miami, and they were diverting some flights to like DC from New York because of the rain. And I was like, if I was on that flight getting diverted, I might jump out. That’s ridiculous.
Yeah. But Simon, tell us a bit about yourself and how you got started in crypto.
Yeah, well I’m obviously from Australia probably hear that in my voice. And Australia has been a really interesting place to be involved in crypto. When I first bought Bitcoin, I was still in high school. I thought if you’re really good idea for some reason, I actually don’t know why, but I thought it’d be a good reason to buy Bitcoin with the money I was making from building websites. So obviously I’m glad that I did that, but to this day, I can’t really remember what was the trigger point for me thinking it was a good idea to drop every dollar I had into it, but that’s what I did. And I guess the reason that I sort of bought it in the first place is probably connected to my two best friends at the time who I’m still friends with today, who were both also very interested.
We’d always been interested in philosophy and politics and economics to a lesser extent than technology, mostly technology. And I think we became aware of Bitcoin in the latter years of high school, when we were really interested in new political ideas. And we had our reservations about the global finance system. In fairness, we didn’t fully understand it, but we’d grown up through the GFC I guess. And so I suppose we had a bit, yeah, so this sort of fear of the global finance system, and we thought that this highly technological, highly libertarian creation was a super interesting way out of all of that, I suppose. And I think that’s in large part why we found it interesting, but I still don’t know why I bought it. I hadn’t invested in anything before. I don’t even think I was trading it as an investment. I was just that interested in it.
Anyway, Melbourne in that era in 2014 was considered the crypto capital of the world because we had a whole stack load of cafes, accepting payments in Bitcoin for coffee and whatnot at a time when no one was doing that. And it was surprisingly popular. It didn’t last very long, unfortunately. And I think that’s probably not a surprise today, but yeah, there wasn’t era where Melbourne was really considered one of the best places to be for crypto. And yeah, so I’d always been interested in startups, had a couple of failed ideas that were going to, but around the age of 18, 19 was already pursuing these sort of venture ideas and learning a lot about being involved in ventures and what it takes to start them, what it takes to run and what it takes to build a company, hire people and all this sort of thing. So I had some pretty early exposure to that.
Meanwhile, as I’ve been in high school, I was building websites and all this stuff. So a career in IT seemed like the obvious route to go, but I don’t think I’m very good at doing all these things. So instead I went and studied the music industry and worked as a professional events manager three years. I worked at a bunch of music festivals. I managed the comfortable of sort of amateur artists, did an internship at a pretty big artist management firm, helped run this, still help run this festival every summer up in the Mansfield High Country, which is absolutely beautiful. But yeah, so had this whole for three year long experience of being very personable, managing small teams, managing budgets, all this kind of stuff. And having fun whilst doing so. Often working 60 hour weeks sometimes during an event week, just because that was what was required, very physical work too when you’re on the job. So I have this whole other experience and all the while I was leveraged trading Bitcoin on BitMEX absolutely destroyed.
It’s like a rite of passage. If you don’t lose your money at leveraged trading, you’re not meant for this.
Exactly, exactly. I think it was about a fifth time that China banned Bitcoin in 2016, I want to say, I nearly lost everything. I nearly lost my entire net worth. I was like a hundred bucks off in terms of Bitcoin price. And I think it dropped from 1200 to 900 in a day.
And I closed right in time, I would say. And then I shorted it a little bit more and made that 20% of the money. So yeah, that was a bad thing. But yeah, I remember buying Ethereum on Poloniex at a dollar and thinking that it was great. And then it went to two bucks and then I sold it. I thought I was amazing. I thought I was the best trader ever. I started with 1186.
Back then it was not a lot. And then I just kept trading it until I kept buying it back. But I always bought it back in less and less number, I think I ended up with like 200 and then it was like 120. And then the next time I entered the Ethereum position, it was like 50. And at some point I was just like, I’m an idiot. I should’ve just held on when I had the chance [inaudible 00:06:48] or whatever it was.
Just one more ketchup trade you’re back to even, right?
Yeah, exactly. Exactly. So I had those experiences. So yeah, early startup stuff, lots of events, which was super interesting and had been trading crypto for like three years, really interested in the technology. And then I guess the thing that happened next is probably the more relevant thing. In 2017, I quit my job doing events for the events industry and started doing events for this little coworking space here in Melbourne called the Blockchain Center. Now the Blockchain Center was a very interesting place. Have you ever been to crypto meetups before, but back in those days [crosstalk 00:07:39]?
Yeah. They were different back then.
Yeah. I think you probably know what I’m talking about. They were very colorful, let’s say that.
It’s a good way to put it.
There were yeah, lots of very odd characters there. So I basically pitched to the guy that was running the Blockchain Center that I should be managing these events because they’re getting bigger, you know, there’s more interest now and you clearly don’t want to do it, but I do. And I think it’s fun. So he said, yes, I started working there. I was running, managing like five or six events a week, pretty much all in the evenings. And as things ramped up, we had this place was just rain in late 2017. There was, I don’t know how many people, but it was standing room, only the whole building was just full. It must have been two, 300 people there. So this wasn’t a big place.
And it would just be me standing there with a whiteboard and a microphone talking about what’s going on and then inviting people up to come talk. And then that base of Bitcoin cash guys in the front that would start arking up. Sorry, I got to stop using these Australian colloquialisms, since one’s going to know what arking up means. I always forget that people don’t know what I’m talking about.
We know it sounds like they were wasting their time back then and they still are today.
Yeah, they were very belligerent back then. Yeah, and then the whole Bisbee thing happened later on, but anyway, this was just a crazy time. But during the same time I met some really fantastic people and they, three of them became the co-founders of my first project, which we called Loki. So that was Chris, Kee and Josh, myself, and we were super interested in Minero. We were super interested in secure messaging and we really thought that there was an opportunity to create a network that could be leveraged to build private communications tools that was based on a private predict currency using a master node architecture. So these days the idea that you have a node network that does stuff off chain and produces interesting outcomes that are not related to blockchain transactions, but yield some sort of benefit anyway, it’s not really that foreign.
I mean, you’ve got things like Chainlink, which have this oracle networks. The oracles just pull press feeds, and then upload them, that’s an off chain activity. I think [inaudible 00:10:26] and Chainflip are good examples of this as well, but there’s tons of them out there now that have some sort of external blockchain activity. But back then there was practically nothing. It was just, everyone was trying to build an Ethereum killer before anyone was building anything of real interest on Ethereum. So we had the ERCs and all that sort of stuff. So it was a really different time. Anyway, we launched this project Loki in 2018 just after the market started to fall.
And at the very tail end of when people were signing, still able to raise significant amount of capital for projects, we were lucky enough and worked hard enough that in an 18 day period where we basically worked 18 hour days, or like 14 to 18 hour days, I counted once we have a 21 day continuous period where we just worked, every waking minute four us, and through that and traveled to a few conferences and stuff. And just in this crazy whirlwind four guys who knew a lot about crypto, but had never really run a venture before, had never really done something like this at all. A couple of us had just been in tuning and one was an electrician prior to this and the other ran his own video production company. We were just really passionate and thought we could do it and sort of threw ourselves in the deep end. And we wound up raising 9 million us dollars at a time when the market was in serious strife.
And we were also wise enough to sell that into Australian dollars shortly after we received the funds as well. Maybe we should have solved that the second we got it, but we didn’t, we sold it a little bit after which meant that we had a little bit of loss accounted for there, but compared to other projects at the time that basically just held on for dear life and wound up with no money three months after they’d raised. Yeah. We were considered to be geniuses in that time, even though it was the obvious thing to do now, I can’t think of a single company that’s not raising in US dollars, but anyway, yeah, it was a crazy, crazy time. And we managed to get this capital. We started building this team and yeah, I guess the next two years for us were a huge learning curve. I mean, we built this software engineering team from nothing having never built one before now. None of us had ever worked in a software engineering team before, but our first two employees were really fantastic. We’d done some stuff before. Kee is a very technical person.
I’ve been building websites and doing coding and learning games for ages. So it wasn’t like we knew nothing at all, but compared to a professional CTO, there was lots of big desired, I guess. But our first early employees were excellent. We had Doyle come down from Sydney. We were on this game development discord trying to find C++ developers. And we just sent this guy a message. His code bases looked good. And we were like, “Yo, you want to come down to Melbourne?” Which is like 800 kilometers away from Sydney, by the way. So it’s not a joke, like it’s a two hour flight. And he was like, “Yeah, sure.” So he hopped on a plane like the very next week. And then yeah, went back to Sydney and then a week later, moved down to Melbourne to set an absolute drop of a hat. And he’s easily one of the best engineers we’ve ever had. He’s now working, I actually don’t know if I’m allowed to say this. Cause I think it’s reasonably confidential, but let’s just say he’s working for some government thing.
Good. It’s a good add. I mean, I mean, Simon, just kind of fast forwarding to Chainflip though. How did you get there with the old team or did you?
Yeah, so anyway, we built a secure messaging app session, we build Oxen. We learned a lot about what we’re doing. We learn how to run a token project very quickly. And by all accounts, it’s gone relatively well. We’ve got 25 staff in the Melbourne office working for what is now Oxen. But early last year we started looking into cross chain solutions and we were super curious about it because it really did fit the thesis of what we were originally interested in. We wanted to build something that was, it was doing work externally. It wasn’t an Ethereum killer. Basically we were utilizing off-chain processes to produce interesting outcomes for users and this fit the bill perfectly. Maybe it’s helpful to describe what Chainflip is rather than how we got there first, perhaps.
Absolutely. That makes sense.
Yeah. Sorry. I realized I’ve been ranting about my story.
No, no, no. It’s cool to hear your backstory man. It’s how you got here is where you’re going. So it’s important.
Yeah. Yeah. So, okay. What Chainflip is, and in very simple terms is a centralized exchange that’s not run centrally. I know that’s a weird thing to say, but if you think about it all centralized exchanges, there’s just a bit of software with some trading logic in it. And then there’s the settlement layer that has wallets on all of these different blockchains and users can deposit into those different wallets. I’m assuming it’s got a Bitcoin wallet an Ethereum wallet, whatever else. They deposit, then they can access the trading software. They can do some trades and then they can go back to the settlement layer and withdraw whatever assets they ended up with back out of those wallets. Those wallets will then send it out to wherever they want. And Chainflip is doing a very similar thing, structurally speaking. We have this trading software which sits in the middle, and then we have this settlement layer where we have wallets on all of these different blockchains.
The difference is of course, that Chainflip being a completely decentralized product has no central authority. So the trading software itself is run as a part of the consensus rules on what we call Chainflip state chain. So this is actually an AMM. So you can think of it like if Uniswap was running on its own blockchain, on its own dedicated blockchain, which is possible, it’s not a smart contract per se. It’s kind of a virtual AMM that’s running on this blockchain, but all of the same rules apply. You have balances and liquidity pools. You have swaps, you can do some other interesting things like batching and whatever else and counter swapping as well to eliminate slippage entirely. But that’s an aside. But I think the broader point is that this software, this trading software, unlike being a centralized order book or whatever, is an AMM running on a blockchain.
And then on the outside of that, we have the settlement layer, which instead of it being wallets controlled by the centralized exchange, we have to think of a way to somehow make that custody arrangement or that settlement arrangement entirely decentralized. So always done as we’ve got a validated network, which should be about 150 validated is run by community. And what they do is they create these giant multisig wallets. So there’s a giant multisig wallet for Bitcoins, there’s a giant multisig wallet for Ethereum. Actually, it’s technically there’s a smart contract and they create a giant multisig key to control that smart contracts, branch of a range of things. And you can do this for literally any blockchain and you can do it for literally any transaction type. It’s a completely general solution. So there’s no reason why this validated network, because all they have to do is generate a shared theme and then support a particular transaction type.
They can support L2 very, very quickly. They can support any type of arbitrary transaction type that’s based on public key cryptography, just like a centralized exchange group. Chainflip is built in such a way that if the centralized exchange can do it, Chainflip can probably do it. It may not make sense, but we could do it in principle. So that’s how things riding on these 150 validators. And through that, we can create a user experience that is very similar to Uniswap, but in terms of like, you don’t need to have a specific wallet or for it, you don’t need to do any kind of setup, create new accounts, create any keys or anything like that. You can just sort of rock up, connect to it, using your hardware or whatever, and off you go, that’s essentially the user experience that we’re trying to capture as well.
You’ll be able to rock up to a website, put in a Bitcoin address. It’ll give you an Ethereum address, send it there. And that’s it. And then Bitcoin will appear in your wallet. Is exactly like the user experience of shapeshift back in 2017 used to be. And I think this is going to be something that trade is going to get a lot out of just as they did in 2017 for the original shapeshift.
There’s a lot to unpack there assignments. So I guess one quick follow-up do you find it easy to explain to people that I guess the difference between you guys versus a Uniswap or a SushiSwap, like they’re built on Ethereum, they only trade ERC20 tokens. Do you think people understand that you and your comparables in the space are actually multi chain?
I don’t think that’s particularly hard to communicate. I think what’s challenging is discussing the project in terms of what it is on a fundamental level and what the product experience is like. I think it’s very easy for people to understand what the product experience is like, but that’s not super relevant because people say all sorts of things about product experiences that never come to fruition in the crypto space. So I guess you kind of have to fall back on the fundamental differences. And I think people pretty understanding that SushiSwap and Uniswap and all that, exists purely on Ethereum, which is fine. A lot of people seem to think that this Ethereum theory and projects that’s going to support other blockchains soon somehow. And some of them are actually making efforts to do that. I mean, a good example is SushiSwap through working with Andre.
They’ve got this thing called multi chain XYZ. I’m pretty sure, I can’t remember, or is Uniswap. I’m not exactly sure, but anyway, the basic idea is that there’ll be able to have some interoperability between EVM compatible blockchains that will mean that you can swap between different products on different EVM compatible blockchains, which is very cool, but EVM compatible blockchains only make up a fraction of the other types of blockchains out there. So I think it’s got pretty limited utility and it’s not a general solution either. I think it’s relying pretty much on L1 to L1 transaction so I don’t know-
Simon, on that point though, do you think that it’s viable for Uniswapers to go cross chain? Because it seems to me like they’re more interested with potentially interacting with the various L2s on Ethereum and then also just kind of iterating on their own strategies like with concentrated liquidity, with incentives, with enabling fees, things like that.
Yeah. Well, I think if you look back three months ago, well, it was not obvious at all that cross chain was not the obvious next logical step for Ethereum AMMs to go, but then Uniswap came out and said, hold on a second, here’s V3. And now pretty much all of the major AMMs are doing some variation of that. Curve has come out with one, Balancer has come out with one. Sushi has come out with one. So I think there’s going to be continuing innovation and ongoing development of Ethereum based AMMs. But I think to your point, cross chain is a completely different kettle of fish. You can obviously apply knowledge that you gained through working with Uniswap or SushiSwap or something like that to working on a cross chain AMM but the number of problems you have to solve with a cross chain AMM is significantly larger than any Ethereum based ERC20 swapping platform.
You have to create a network that has joint signatures over 20 plus blockchains that’s fault tolerant, and can deal with every edge case that you might see a centralized exchange dealing with in terms of withdrawals and deposits. And you probably noticed that now, and then they turn off withdrawals and deposits and you have to automatically rotate, validate sets and do auctions and just all this stuff. It’s a huge multidisciplinary exercise that takes large engineering teams of extremely capable people years to build. It’s not like a smart contract where one extremely talented individual can knock out a new design in a few weeks or few months such as Andre, that is possible in the Ethereum world, that one person can create something of immense value out of nowhere.
And that makes it an incredibly competitive environment, but it’s much harder for people to create new networks, novel networks, bootstrap them, launch them and have them perform correctly because there is so much more scope for things to go horribly, horribly wrong. You have to be much more careful, much more deliberate. And just the amount of code, just lines of code, it’s infinitely more than what you’d see in smart contracts, for example.
No, no, I totally agree with you. And I mean, I think liquidity and the value locked within your vaults is also like a key moat. Obviously when you guys launched no Thorchain obviously has that in place as well. But I mean, even if like a SushiSwap or Uniswap was able to view all of your code right now, I don’t know how much you guys have released yet or not, to your point, the ongoing maintenance of that and finding all the bugs on an ongoing basis would just be insurmountable, it sounds like.
Yeah, it’s a completely different skillset. It’d be like asking, what would it be like? It’d be like asking a bunch of F1 car mechanics to go build a supercomputer. It’s a completely-
That’s a good example. That’s a good comparison.
Both extremely talented engineering teams, but quite different in what they actually have to do to make it happen.
Maybe that’s an extreme example, but you see what I’m saying?
No, no, no. I’m fine with it. It makes a lot of sense. And I mean, just a couple of quick questions on stuff you’ve already covered. I mean, you spoke a lot about-
A couple of questions on stuff you’ve already covered. You spoke a lot about the user experience. So I think, me and you both agree that the masses don’t really care how the engines work. They just want a very clean experience. You described that anybody could interact with Chainflip cross chain with any wallet that they already have. So you don’t need a new wallet.
You don’t need keystores or anything like that. You could use MetaMask, use WalletConnect. Is that a goal or is that something that you already are seeing now, or how exactly do you achieve that?
Well, we achieved that by making Chainflip work through addresses. At the end of the day, that is fundamentally what crypto is. It is passing messages on a blockchain from one public key to another. And as long as we keep it that simple, we can allow people to do whatever they want.
So your point, the masses really don’t care about anything except things that will save them time. This is why ShapeShift in 2017 was so popular, even though it was really expensive by the day of standards, in terms of fees and slippage and the quoted price you’d get.
People use it all the time anyway, because it was just so nice. You just went to this website, you sent the coins and then you received the coins. It was that simple. And I think, we can even beat Uniswap in terms of what we’re able to offer in terms of our user experience, just because we’ll enable the exactly the same thing.
Whereas Uniswap requires all of this metadata to be passed through MetaMask or another Web 3.0 wallet in order to be able to conduct the swap because it’s actually user initiated. Whereas the swap itself is pre-programmed in chain, but you actually, through the web application, pass a message to the blockchain. The blockchain responds, registers it, and gives you an address to send to.
And then from your side, you can withdraw from Binance. You can get coins from wherever you want. We don’t care. And we will send them to wherever you want. We also don’t care. So that’s, a huge advantage, I think. Look at THORChain for example, who are doing a great job at getting integrations with all of these multichain wallets. But that’s just the product step that we don’t have to do. We don’t care. We can connect to Web 3.0. We don’t have to connect to Web 3.0. It doesn’t matter. We can do it all, because all we’re doing is sending a simple transaction. And then that’s a huge product goal for us to advance in question.
It’s one of the key basis of why we wanted to do it in the first place, because we love Chainflip. And we don’t see anything that’s really going to replicate out there at the moment. That was the case last year and that’s the case today. So we’d really like to see that happen again.
That’s a cool comparison. Just as a disclosure I have to make were in a long time investors in THORChain, we’re beyond excited for that team. And we’re happy to be investors in Chainflip as well. We really are big on the multichain future at Delphi Ventures.
And I guess the other question I have though, after the annoying disclosure is how do you decide, or how do you input where the funds are going to go? If I use Chainflip, and let’s say, I want exchange Bitcoin for Eth, where do I put it in my Eth address?
So all you do is… Sorry, just to clarify, your question was, if I want Bitcoin and then I want Eth, what was the way?
Yeah, doesn’t matter.
Okay. Let’s go. You have Bitcoin and you wanted Eth. So, all that happens is you open up a web browser and you say, “I want Eth,” and then it’ll go, “Okay, no worries. Here’s a Bitcoin address. What’s the Ethereum address that you want?” Oh sorry, I got it the wrong way round. First of all, you say, “I want Eth address, and then it’ll go, “Okay, here’s the Bitcoin address.” That’s what happens. Sorry.
And then you’ve got this Bitcoin address. And all you have to do is you send Bitcoin to that address. And then Ethereum will appear in the address you told it to. It’s really that simple. That’s that’s it. That’s all there is to it. But how it works on the back end is probably five minutes… Long explanation. And you can… You ready?
I’ll leave the explanation after we write it up. I guess the takeaway though, is that the usability is easy, and the fact that you can use any existing wallet that already has millions of users definitely lowers the barrier to adoption, I guess.
Yeah. There’s no accounts. There’s no setup required at all. You can literally… You don’t even have to have MetaMask, connect a wallet, or anything like that. Even for me, when I first wanted to use Uniswap, I went to the Uniswap website just to see what it was like, and I couldn’t get past the connect wallet bit. So it’s a bit like, “Okay, whatever.”
But in this case, you can actually go to the website, set the slippage limits and do all this advanced configuration stuff and just click submit and it’ll show you what’s going to happen next, even if you haven’t prepared an actual transaction yet. So you really get to feel what the experience is going to be like and how to use it without actually having to use it.
And the same happened with original ShapeShift as well. You just went to a website. You got to play around with it before you’re committed to actually doing a trade. So you knew that when it was time to do a trade, you’d have this experience already. And you were excited about it. You keen to try it out. And I really want people that have joined the space since 2017, to have that experience with Chainflip because it was so exciting, so futuristic. And yeah, I can’t wait.
No, I can’t either. And Simon, on that kind of user experience question, is it the same… Is it just as easy to provide liquidity to pools on Chainflip as it is to make a trade with any wallet? Let’s say, I want to earn yield on my BTC and I want to add it to one of Chainflip’s, vaults or pools. So I’m not sure on the wording specifically, but is it just as easy to leverage an existing wallet?
This is where I think Chainflip starts to shift away a little bit from what we’ve seen out there on the market so far. In short, no, it’s not going to be that hard. But it is going to be hard… Let’s say for instance, you want to provide liquidity to the USDC/Bitcoin pool, right? USDC is an Ethereum asset, Bitcoin is obviously a Bitcoin asset.
So we’ve got to somehow allow you to deposit to both pools and then allow you to commit your liquidity. So we have this system whereby we generate what’s called a liquidity provision quote. So you come in, you say, “I want to provide liquidity. These are the relevant addresses that I need, my Bitcoin address, and Ethereum address. And I want to set it up with this concentration liquidity setting or whatever.”
And then you can come in there. It’ll provide you with two unique addresses, again, as if you were doing a swap at two times over, you can send your funds to those sides, to both sides. And then you can send a follow-up instruction again, through the interface, which basically says, “Okay, I’m done now, please include my liquidity.” And depending on what you set.
And you can change this afterwards as well. You can actually auto-swap. So let’s say, Bitcoins were 30,000 and I have 30,000 USDC. But then the price in between the five hours, it takes me to find my coins and put them in the liquidity pool. The price of Bitcoin is now 30,100. I can still send all that anyway, and then utilize the auto-swap feature. So actually, take a little bit of the Bitcoin, sell it into USDC through the liquidity pool and then include my liquidity so it’s evenly balanced.
But with the introduction of range orders and that sort of thing, that might not be so relevant depending on what you’re doing. Basically, that’s the user experience to LPs. But I think, the really exciting thing for LPs now is that instead of having these huge liquidity pools that are quite inefficient, we’re enabling V3 style range orders on our platform.
And because we’re not on Ethereum, you don’t have to pay for your own gas fees and you don’t have to wait for Ethereum block times update range orders. And what this means for the market is they’ll be out coming to this platform and update their range orders extremely frequently, such that we’ll be able to provide the end user with an experience that allows them to access great liquidity at accurate prices.
The pricing, and perhaps the liquidity that you’d see on the DLX of finance and the FTX and many crypto OTC desks out there, because we’ve got many of those same LPs providing liquidity on Chainflip, making those commitments and having them match their order books on other exchanges with their ability to absorb transactions on Chainflip as well.
So I think the LP game for us looks quite different to what you’ve seen in other environments as well. And I know a lot of people are going to be a bit salty about that, just because there has been this precedent set for the last year now, that I can definitely provide liquidity to anything I want and it’s going to make complete sense for me. And if you’re not actively updating your range orders and providing liquidity and other markets to de-risk that and be more aggressive, it’s going to be hard for you to earn any yield from doing that.
However, again, because of the flexibility of the Chainflip blockchain, and this is actually something that’s starting to happen on Uniswap as well through projects like Pfizer finance, is that people can deposit liquidity into these pools… Not pools. That’s probably not the right word.
They can essentially put their liquidity into a fund, which is controlled by someone who is actively market maker. So that active market makers can advertise the LP or want… LPs want to earn yield, but don’t want to do any of the setup work required to actively manage the position.
They can just go, “Hey, you want to deposit into this contract or whatever? We’ll manage the funds for you and we’ll update the range orders and you’ll get your share of the rewards that we’re getting paid,” which is something that’s possible on Chainflip.
It’s probably not a launch feature, but something that will happen is something that is already happening in the V3 space, across the AMM world already, people starting to think about this. So I think opportunities for retail LPs will continue to exist in the future, even with this more active approach coming to the fore. But it’s going to take a little bit of time.
That’s a killer explanation. I think people may have to pause, go back and listen again. It’s incredible, Simon. And I want to go forward a bit to the competitive landscape here. I’ll say this again. We’re invest in THORChain. We think they’re an incredible project. But at the end of the day, I think everyone agrees that there’s always two to three dominant players in the space.
You can pick smart contract platforms. You could think exchanges. There’s always differences that appeal to different users, whether it be on the LP side or on the user side. And one of the things that I thought was a key difference for you guys, was just the different signature scheme that you guys use.
And it’s kind of funny because I know Steven Goldfeder… I believe was one of the authors of the GG20 paper. And I was reading through it a bunch when I was diligent with the investment. And I was like, “Oh my God, that’s Steven, let me just hit him up and get his explanation on all of this.” And I hit him up and he was super helpful and, shout out to him, but…
What did he say? I’m curious.
Oh, he walked me through all the differences between DSA and ECDSA and the signing times and everything. And it was super helpful because I was way out of my league on the tech side of this. But I guess the TLDR was that you the signature scheme that you guys use is somewhat newer and you guys are able to support more nodes and more decentralization, I guess.
I guess at a high level, can you describe, the amount of nodes you can have, what that means for security? And then if you could go into the attack, it’s a lot to chew off here, but if you can go into the economic attack factors of… How hard is it for someone to take control of a vault because I’ll link to your white paper. It has an excellent description.
It seems very hard, but from the outside, if you hear 150 vaults, you’re like, “Oh, I could get enough of an asset to control that.” But in reality, it’s really hard with the way you guys rotated. Sorry to throw that out there, but I want you to take it whichever way you want. I think it’s a really thoughtful discussion.
Yeah, sure. This is going to get into the way it’s super fast, but let’s do it. So let’s go into the signing schemes to begin. Well, actually, maybe we should go to the economic security begin with. Why do you need a threshold? It’s probably a good place to start.
What we’re building here is basically a huge joint wallets. And naturally… Let’s wind back in 2018 and look at the launch of EOS, where within a couple of months, we had a bunch of mostly Chinese exchanges, colluding with each other to produce some pretty interesting outcomes.
The EOS network, they had a network where they had 21 validators, many of which were run by exchanges. I’m not sure if it was exchanges or exactly what was going on there, but anyway, word got round that a lot of these people were colluding with each other. I think it was 10 or 11 of them or something to do some sketchy things on the EOS network. And this was within three months of launch.
So it kind of proved to everyone that maybe goodwill is not the flavor of the day always, when it comes to consensus mechanisms. And maybe delegated proof of stake isn’t a great idea. Maybe having a tiny amount of outlets is not a great idea. That is compounded more so when you have a cross chain liquidity products like Chainflip, then also THORChain, and others too, where you have these massive joint wallets that these keys aren’t just storing assets on a particular blockchain, but they’re storing assets on other blockchains that have value as well.
Something goes wrong on EOS, for example. The value of EOS might go to zero. So the incentive to attack it, isn’t that strong, because if you really do attack it, the upside potential goes down because people aren’t going to buy tokens from a blockchain that is currently being attacked to all pieces.
And of course, you can also have rollbacks and all that sort of thing as well to recover the situation. Something that’s storing assets from other blockchains though, is much more dangerous, because if you can steal the Bitcoin from Chainflip, then that Bitcoin is still going to be worth what the Bitcoin’s worth, irrespective of whether or not Chainflip goes to zero.
So the attack surface is pretty similar, but the potential upside is a lot higher and the incentive is much stronger as well. So we have to be extremely careful in how we design schemes to prevent this kind of thing from happening and try as much as possible to guarantee that it won’t happen through whatever means we can. And what that effectively means is… One of the outcomes of that is if it’s easy for people to collude when there’s only 21 nodes, perhaps one of the mitigating strategy for that might be, have as many nodes as you can. And so a lot of people will say, “Well, let’s have a thousand, let’s have two nodes, let’s have node limit.”
But unfortunately, we can’t create wallets with thousand or 2000 members in them if we want this to be a scalable and fast platform, because these thresholds, signing schemes, scale badly. One is great. Two is great. Three is great. But once you start getting up to a hundred, things start to slow down a lot depending on what signing scheme you’re using.
Let’s say you’ve got a thousand. If you got a thousand… I don’t have the numbers in front of me, but that would take an insanely long time to even sign a single message. As a Bitcoin for example, you actually need to sign every single input you’re spending in a transaction. So if you’re doing a transaction that has five inputs and one output, you actually need to sign that transaction five times.
And if I had a thousand signing members and that whole process took two hours of computation each, it would take half a day to create a single Bitcoin transaction. So you can see how there is a limit to this. It’s not one, it’s not 20, it’s not a thousand. Somewhere in the middle, depending on what signing scheme used. So that’s probably a helpful place to start.
Why do we need lots of validators and what the limitations are on them? And then it’s all just the conversation about trade offs, I guess. Should I talk now about the different signing schemes out there and what our approach to it is?
Yeah, that would be excellent. And then if we could go into… Just after that, how you guys rotate the notes, because 150 might sound low when you think of the LS, like, “Oh, there’s only 21, oh, there’s only 150.” But in reality, the way that you guys handle the rotations and the way that you guys handle that stuff makes it really hard to attack your network.
Yeah. So our whitepaper was written in… We started writing it in May of last year. And I think the first version came in September. And in that time, Bitcoin was not going to support anything new in terms of the signatures that it would accept. So back then, we needed an algorithm that would allow us to create a threshold signature. So basically, just a normal looking public key on Bitcoin that we could use that actually had dozens of members behind it.
So GC20 is an algorithm that THORChain has been using now for quite some time. They originally… They were building a GTA team. That was too slow. They went back to the drawing board. Now they’re using GG20, and GG20 is really cool because it allows you to create normal looking public keys using a threshold signature scheme, which is great. Trouble is, it doesn’t scale very well.
There are other blockchains out there that support different signature schemes. And one of those signature schemes is called a Schnorr signature. Schnorr signatures, the name is funny. I think it’s named after some bloke, and I feel sorry that man. But he… The design of it is very, very cool. It allows you to create joint signatures about an aggregate team in an incredibly scalable and fast way with far fewer communication rounds, much lower signing times.
It’s just more efficient and better in every way. The only advantage that GG20 has over Schnorr signature scheme is that there are some blockchains out there that wouldn’t be able to support a Schnorr signature scheme. That’s it. That is where the benefits end.
So something that happened recently, but you may have heard of is, it looks like taproot is going to go through on Bitcoin. And part of that upgrade is that Bitcoin will now start accepting Schnorr signatures as a valid signing format on its blockchain, which means, we now don’t need GG20 at all.
THORChain, On the other hand, started building earlier than us, and they have built… Pretty sure this is true, but they have built their entire platform using GG20. Which means that there’s limit in the number of nodes that they can have in any particular vault. Whereas we are able to… And we were also able to scale GG20 as well, such that we were able to create single Bitcoin vault rather than having multiple sub vaults and this sort of hot/cold wallet arrangement with different signing times and all of this stuff, and three-day jointing cycles, which is the route that THORChain took.
Instead, we’ve got these really long rotation periods, because we’re trying to attack the network. You have to wait longer. That’s a huge dissuading factor, where we have a single Bitcoin vault, we had a single Ethereum vault. And now that the taproot has gone through, we’ve just ditched GG20 altogether, which means we won’t be able to support things like Dogecoin and going in their current phones because of antiquated protocols.
And some people might not be super happy about that. But I think in the grand scheme of things, it’s going to be hugely advantageous for the project as a whole, just because we’ll be able to support a lot more blockchains that are a lot more scalable and use less compute power. And we just have one huge 150 validator vault for each blockchain.
And in fact, some of them aren’t even wallet. Some of them are smart contracts that are deployed on the respective blockchains that are controlled by an aggregate key that is produced from these fictional signature ceremonies. So for example, on Ethereum, we store all of the funds in this vault contract. And the vault contract says that only this aggregate key can authorize something to be sent from it.
So it’s kind of a hybrid smart contract where you have someone that consent and that someone just happens to be this validated network of 150 nodes. And they do a joint signing ceremony to produce a valid transaction. And then one of them is nominated to go to the Ethereum blockchain and conduct the activity. So, there’s quite a few differences there. And I guess the long and the short of it is, Schnorr signatures are just better in every way.
And that’s hard to rock you with, and we’re using it across the board from our current technology stack. And I think, THORChain was rebuilt today. They’d probably make the same decision. I think that they invested a lot into GTA and then GG20 because of what was available at the time. And so, they built their stack off that technology instead.
But I think Schnorr has a huge number of advantages. That mean we can have a much simpler economic security model and a much more scalable security model as well, meaning, we’ll be able to support more blockchains without requiring a huge amounts of compute power available on each individual validated node. That was a huge, deep width technical explanation and wasn’t even half the detail. It’s kind of interesting if you’re that way inclined, if you’re not, I’m sorry for boring…
No, no. It’s very interesting. I am definitely of the opinion, like I mentioned earlier, that there’s always two to three dominant players. So getting into the differentiation between those players is definitely important. Just to go back on the thing I was harping on, though. If you had a lot of stake in the Chainflip network, I don’t know how to tackle when we get on this, but how hard is it to get control over a majority of the nodes in a vault or the signers in a vault?
How do you think about that rotation? How do you think about some motivated person who has a lot of money who wants to take it down? How does that happen? Because the chances of controlling any one vault are low, but I guess they do exist, right?
Yeah. What’s in our white paper regarding vault rotations is because we used to have this design where we had the Bitcoin vault, having less people in the signing scheme than the rest of them. So they would be 99.
And then the rest of them. So they would be like “99 is 150”, for example. So in theory, and by the way, you need a super majority of validators to create any valid signature from these nodes. So in theory, if I control 45, sorry, if I control 66 nodes, then it’s theoretically possible for me to steal everything out of the Bitcoin fault. And that might be worth your while. What we’ve done, and we haven’t released this yet, there’s still a couple of points of contention here in the some security measures that we’re building in as well, but we’ve written this huge piece on the economic security and just trying to work out, is it profitable? Is it a profitable activity for someone to come in with a stack load of money or a large portion of the validator network and say “All right, I’m going to try and steal whatever I can.” And is it going to be profitable for that person.
There’s the classic “Nothing at stake” problem, and lots of other areas of debate around privilege stake. That also applies to this, and then some.
But how hard would it be to steal something? I’m willing to debate anyone on this, but seeing as you’re probably not going to argue with me on it, I’ll just say it flat out. There is no way that anyone is going to get a super majority control of the validating network. There’s no one that is going to be able to get enough tokens to be able to pull that off. It’s just not going to happen. So that’s not an attack factor. What’s more likely is that someone will manage to convince a subset of the validator operators to collude with them.
That is a cheaper and less risky approach to be able to take over a large enough portion of the network to be able to conduct an economic attack. I also think this is extremely unlikely. We’ve done lots of things in the designs and the limit, the windfall that an attacker could get from an attack. We’ve put some protections in the Ethereum Smart Contract Vault, which means that they shouldn’t be able to claim more than 20% of what’s in there at any given time. And we have a fallback mechanisms to make sure that that’s all they get. That changes the calculations on what’s profitable, and through other mechanisms as well it actually ensures that there is basically no way, if we put protections in place to prevent liquidity providers, prevent swappers, from sending us too much money, that it will ever be profitable to conduct one of these attacks.
So that is a huge part of work that we’ve been doing over the last year. Coming up with a design that will enable that, and enforcing the security ratio and working out what that is. And mainly because of that smart contract protection, we can theoretically store more in liquidity, in value, than what is available as collateral in the validating network itself. So let’s say for example, it’s 500 million locked up in validators, in flip tokens. In theory, we should be able to store seven or 800, or even 900 million, in liquidity, depending on how that liquidity is stored. It’s still not profitable for a super majority to attack the network the later on.
So there’s some really interesting things that we’ve done there that we haven’t actually released yet discussing those protections there. It’s a huge topic. There’ll be plenty of people out there wanting to debate it. But if you were to ask me, what is the thing that I’m most scared about in terms of where this could all go wrong, where a theft would come from? My actual answer would be, it’s not going to be a collusion, it’s not going to be major VCs getting together around a board table and doing a sketchy deal where they all like try and steal stuff from the network, I really don’t think that’s going to happen,
We would never do that. Yeah, it would. It would kill everyone’s brand. No, one’s going to do that.
Yeah. I think there’s just some very simple human truths about the type of people that we have involved in our validating network already that I think is going to set a precedent for the likelihood. Remember, you’re going to get more than two thirds of people involved for this to even be possible. Yeah, sure, maybe there’s 20% that would, I personally don’t think they would, but that’s not a strong protection. We need to have stronger protections than that, which we’ve tried to develop.
But I think the follow on point from that is what am I actually scared of? It’s not collusion, it’s not an economic attack. It’s some Russian kid hacker that has somehow worked out how to gain access to all of the private keys running on these validators, and basically collects them all together and then just produces his own valid signature and steals everything practically for free. That is the thing that should keep anyone up at night, if anything, and we’re doing some…
Isn’t that a crazier attack factor, though? Getting private keys, like a hundred people or 50 people, seems like much are much harder than the economic attack factor, no? Because wouldn’t the… [crosstalk 00:57:38]
I think it’s going to be exceptionally hard just because we’re doing a lot of work to make sure that these private keys are not going to be exposed, but private keys I’m talking about are not the private keys the investors are using, or the valid operators are using to store their flip tokens. The private keys I’m talking about are actually on the validated machine itself. They are the ones being used in these joint signing ceremonies. You can’t store them offline because they have to be accessible all the time to be able to sign anything. So these keys are on servers, which are online all the time, and they are one share in 150 of all of the vaults that we have available. There’s probably alarm bells ringing in the ears of security professionals right now.
And I think that’s absolutely right. If you go about this in a naive way, you really do stand… because the software’s likely to be quite uniform as well. If you introduce a bug in the software and everyone upgrades to it, everyone is exposed to that vulnerability. And in theory, that vulnerability could be replicated across the entire network. And therefore that exploit could be run across the entire network. So, it’s not infeasible that something happens, an upgrade goes through, or there’s an undiscovered bug in it, or there is some… this is probably the real thing. Let’s say all of the software runs on the same operating system, on the same type of hardware. More likely it’s going to be an operating system issue. There’s some security vulnerability that has been replicated across the entire network.
And if that happens, and that allows the exposure of the private key, then we’re in serious trouble. So we have to do lots of things, like containerization using LXC containers and several other mechanisms, including firewalls and virtual VPNs, to make sure that we’re keeping that private key as far away from the hands of someone who might be trying to conduct an attack like this is possible. That’s the security risk here. It’s got nothing to do with all of this economic collusion and whatever else. I think that’s a distraction from the real security risks. And I think that’s a distraction from the security risks that exist in crypto full stop. I think people get very, very excited about economic attacks because it’s something that pretty much anyone can understand.
I honestly think that the security risks in the software will probably go on notice for years. And then all of a sudden there’ll be an exploit. And people will realize that “Okay, this is still a serious threat and it’s never going away.” And it probably won’t. We remember the data from… [crosstalk 01:00:41].
That’s a really good comparison. Just before we go forward, you’re totally right. Many more people have an understanding of finance and econ, and could think through the econ attack factors, not as many have that comp side kind of coding aspects. They really don’t know the security as well. So that’s really good comparison. When I was diligence you guys the deal, I probably shouldn’t have kept you up all in on the econ questions when in reality, this was the real concern.
Yeah. It’s really interesting. And I should also say, say that in reality, pretty Much everything you use on the internet is fine and it doesn’t have an exploit. It probably won’t either, but it is a risk. It’s not something that should keep you up at night. You shouldn’t not use smart contracts because of this risk. It’s like driving a car. At some point you have to decide “Okay, I’m willing to accept some degree of risk in order to gain access to something that has utility.” But, these things are real and they shouldn’t be completely ignored and nor should they become an obsession either. I think that applies to the econ side, as much as it does the technical security side.
I’m with you there. And I have one more question for you and then a rapid fire round, because I know I’ve already annoyed you for an hour.
One of the things we’re seeing play out on like Uniswap, and others, is kind of this dichotomy between those focusing on concentrated liquidity, where you have a lot of liquidity in a smaller range to enable faster trades, a more efficient use of capital. And then you have like [inaudible 01:02:17] LPs, like just put money into an AMM, let people trade. Do you think there’s going to be a similar dichotomy on multi-chain AMM’s, where some focus on concentrated liquidity, and let different apps build strategies on top, think [inaudible 01:02:30], Fractal, or Visor, and then a [inaudible 01:02:34] LP for AMM’s. Or do you think maybe I’m thinking about this the wrong way?
I thin there’s so few players in this space that it’s easy to make a direct comparison today, but in six months time who knows what decisions different teams are going to make. I can say that it appears [inaudible 01:02:52] is going down the sort of V2 route, and it’s focusing more on building extra products within their ecosystem. Whereas we’re definitely focused much more on the trader, therefore we think V3 is the range orders, concentrate liquidity stuff, is just the no-brainer. That’s the way we’re going. We’re not interested in getting a billion dollars in liquidity, if it doesn’t actually have any impact whatsoever for the end user. We think that having these range orders and having some engaged market [inaudible 01:03:30] is going to make the end product much more successful. And that, that is ultimately our goal. We’re not trying to vertically integrate all of these different aspects of the crypto ecosystem, because there’s plenty of other people out there doing similar things.
We don’t need to build many of the things that already exist. What we would like to see is us building a platform which people integrate into their system. So what we’d like to do is build something that does have a great front end, does have a great user experience, but also has a super easy API that practically any project team could utilize to access some cross chain functionality within their own app. We’d like to see people like Sushi, people like Uni, people like Balancer, being able to support native Bitcoin swaps just by being able to connect to a very simple API that we’d be offering.
That means that Chainflip is getting exposed to much larger user bases. We’re getting volume from all of these different projects. From all of these different aggregators, from all these different websites and wallets and all sorts of things without them ever having to come to the Chainflip website itself. And that benefits flip token holders as well. So we have this horizontal integration strategy, where we’re a brand that exists, but we’re also trying to get it installed behind the scenes in many other brands as well. That’s a large part of our ongoing strategy.
That’s awesome, Simon. Let’s go into a rapid fire round, just cause I have a few questions I want to make sure I get to before I let you go. What is the timeline for Chainflip?
Good question. So at the time of recording, we’re at mid June right now. We should have our public testing it after a sandstorm release out in months. So that’s our validator network, rotating, using hybrid [inaudible 01:05:34] and running our own substrate based blockchain on our validated network. All very exciting stuff.
Basically it means we’re going to have a validated network and its going to be our stake with it. And that’s it. It doesn’t sound that exciting, but on the backend, it’s super exciting from a product perspective because it’s literally like 75 to 80% of all of the functionality we need to build the final product itself. So we really have climbed the mountain in the sandstone release and we’re really, really excited to see the public [inaudible 01:06:07] that go out. Although it’s not the stopping product yet. I have to say we haven’t actually started on an AMM yet, because what’s the point. You need this back end infrastructure for any of this to make sense. We already built that centralized theme, in many ways, back last year. So we can kind of know how that’s all going to work, how it’s all going to play out. And it’s really not that hard.
You know, one month is solid. And one thing you mentioned there was built on Substrate.
Some others are built on Cosmos. Why build on Substrate? That’s a key difference for you guys.
I would say that Cosmos, Tendermint, they’re both pretty similar in terms of what they offer. Substrate is very interesting because there is potential that you can connect it up to the Polkadot relay network, and that can provide a chamber security. Given we already have our own validated network that’s not needed for us. On the other hand, Cosmos is very well documented, more so than Substrate and is probably just as effective as Substrate. When we started building last year, Substrate had a lead on Cosmos for a couple of reasons. One of those reasons was there is definitely a bigger development community that has shown up around Substrate over the last couple of years.
I think that’s now starting to even out a bit, but I would say overall, there’s not a lot separating the two different projects. It’s more important for developers to decide what, what matters more to them. Substrate definitely has a bigger community around it. I think the Polkadot ecosystem is really exciting and there’s lots of things happening there, lots of programs that can be leveraged, lots of grants, that sort of thing that is moving that whole ecosystem forward. And if Polkadot works, it’s already got all of this traction behind it, all of these projects building on it already, that I think make it a very attractive ecosystem to be a part of.
Cosmos is going that way as well. It’s taken a little longer for that ecosystem to really show up to the same scale. From a technical level, I think it really depends on the experiences the team has had prior. I think both of them are available in Rust. I would highly recommend that to anyone thinking about building something on a blockchain in the future, just use one of these. Use Cosmos, or Substrate, doesn’t really matter. It’s down to personal preference at this point. There’s nothing clearly separating the two. Tom Nash, our CTO, had worked in the Polkadot ecosystem before, and had worked with Substrate before, and we already had some contacts in the space there. And so that’s why we chose it.
So Simon, just to jump in, you’re not building on Polkadot, you’re just using the Substrate software to build your main chain? Is that right?
Yeah, that’s correct. It’d be like… you can fork Ethereum, which is different than building on Ethereum. We’re not forking a specific blockchain. Substrate is a framework that’s designed to be forked.
It’s actually a pretty cool, you’re leveraging the toolkits that they’ve built, to not build on Polkadot, which is hilarious, but I love it.
The other thing that’s important here, just running through some more questions. Running validators is very hard, right? Name a blockchain and name one where it’s easy to run a validator. I’ve never done it. I’ve tried a couple of times. I may have been successful. I’ve done it through different providers. I know it’s a long question, hopefully we can make it shorter, but how hard would it be to run a validator for Chainflip?
Before the software is available? It’s hard to say, but I can say that I can answer the question you had in the middle there. Is there an easy one? And I would say yes, there absolutely is. I know I’m incredibly biased in saying this, but the Oxen project actually has the best validated software I’ve seen. I know I probably sound very biased in that, but you run an Oxen service node on the metal, which means within the Linux operating system, there’s no [inaudible 01:10:45], there’s no K8 [inaudible 01:10:47] , weird stuff. Containerization, blah, blah, blah. What the hell is that going on? If you’ve ever used Linux before, Oxen is really straightforward, I think I can list the commands out that you’d need to do it right now.
You paste in a link to add a package, file a repository, and then you go app install service node, and then it installs. Then it just runs a script and then it’s up. And then you put that in your wallet and you stake it, and that’s it. And then it just keeps running. And whenever you need to upgrade you just go app update, app upgrade wire. But that’s it, that’s the entire process. Everything else is using…
That’s so easy. The other question, not to cut you off, but I just want to make sure we get to it is… The app upgrade is extremely easy, right? Like that’s saves so much time, but do you run the risk of some adversary messing with the code that’s being upgraded? On that same vein, that’s a normal problem that applies to every everything though, right? Like doesn’t that apply to [inaudible 01:11:57] wallet. Like doesn’t that apply to [crosstalk 01:11:58] Isn’t it up to them?
Okay. It’s always a problem, it’s always a threat, but you should also never not upgrade. And if you don’t upgrade, what you’re actually doing is you’re leaving vulnerabilities and bugs in your software, which is obviously bad. Developers create upgrades for a reason, but there is always this risk that the developers authentication is compromised, and you end up getting an upgrade that is malicious being uploaded to your validator or to your MetaMask, or to your ledger. Any number of these things are possible.
There isn’t a way around it. You should always upgrade. And, of course, the other risk is that the developers themselves add malicious code to their own code base and screw everyone over, which is always a risk. But apart from a couple of examples of really scummy projects, this has never happened in the crypto space. That is a criminal act, in pretty much every country you can think of. You can be damn sure that the Americans will come after you, no matter where you are, if you’ve affected enough American investors.
Totally great [crosstalk 01:14:15] 100%.
There is this paranoia out there, in the crypto space, especially from like early Bitcoin heads that are “Not your keys, not your coins” or whatever. It’s like, yes, that’s definitely true. And you should definitely keep your coins off exchanges where possible, but at the same time, that doesn’t mean that you’re always going to be able to protect yourself. Because you’re not a computer scientist developing your own specific implementation of this thing, and you know exactly what’s in every code base, there’s just no way. So it’s just no way you have to accept, and you have to trust people, that they are developing things correctly, and they have secured their upgrading servers correctly, and that’s the world we live in. There’s no way around it.
And the max is per centralized exchanges anyway, so it’s hilarious. But that’s another conversation. Simon, just to close out, your answers have been incredible. The flip token itself, I know we’ve waited till the end of the podcast to bring this up, but what exactly is the role of the flip token? How do you guys handle fees? What kind of model are you using for the value accrual? How does it all plan?
The flip token itself is an ERC 20 token, even though we’re running our own blockchain. Welcome to the cross chain future, where you can actually run a flip on many blockchains at the same time, which is another neat little feature. We can have flip on Solano, flip on Binance Smartchain, whatever you want. It’s just going to be an ERC 20 for now. Anyway, that was an aside.
But flip itself is primarily used as a value accrual mechanism for the platform that we’re building. And note how I didn’t start with “It’s used as collateral for validators”, because that’s a means to an end, in my view. I don’t think that we should claim that the utility of the token is the way it’s used to secure something. I think we need to, as a space, we need to start really seriously thinking about value accrual mechanisms, because we’re creating these public utilities that have immense value, and people are investing money into these public utilities through these tokens. And most of them have no model to accrue value for their holders at all. They are fueled on the speculation that at…
it is… They are fueled on the speculation that at some point in the future, this token will accrue value by being associated with a particular project. But I don’t actually see that happening. And I see no appetite for that either. I think I saw some threads from some pretty high profile people, including some of our investors saying that don’t like buy and burn months, for example.
I think that’s crazy, personally. I don’t know, I probably wouldn’t buy it a token that doesn’t have some built-in utility as a currency or a payment’s mechanism or through transactions or whatever, or no other value accrual mechanism. I think that’s madness, but that’s just me. Anyway, flip itself.
No, Simon I totally agree. I mean, if there’s no value, of course, for the token, I mean, the hype fades relatively quickly. And I think we’ve seen that play out and there’s a lot of examples of that.
Yeah. I mean, I’ve built a crypto project and kept it going through the entire bear market and I’ve seen what the flip side of that looks like. It’s so easy to get caught in the bull market trap of just buy whatever and watch it go up. But that’s not a good long-term strategy at all. And-
No, no, you’re right. I mean, it even applies to NFTs today. I mean, you have a lot of artists dropping tokens and access and things with no real usage long-term. You know what I mean? Usage and what you’re giving people is different from value accrual, but it’s a similar thing where people are basically punting on the idea of how you actually get to value accrual, yeah.
I’m pretty sure it’s not even something that crosses people’s minds most of the time. It’s just not discussed. It’s just, what is going to be the biggest thing? And then it’s a measuring contest and market caps to go, all right, this is more valuable than this. Therefore, the market caps should be more.
And then a narrative forms and that’s what happens, but that’s all well and good during a bull market. But I think you pretty quickly find that once you enter periods of stagnation or flat trading or things go down for a prolonged period of time, those narratives aren’t enough to sustain something into the longterm.
And I think it’s really important that we, as a community, we in the crypto community start talking about value accrual because we’re creating all of these platforms that are super interesting. Some of them have massive user bases now and are actually generating millions of value every single day. And yet the token holders, they have nothing to go on from that.
They have no real reason to continue holding a token, even though the product that is connected with is making incredible progress. This is nothing like what we saw in 2017. And I think that in time we will see the narrative shift again with tokens that don’t have a value accrual mechanism will be viewed with skepticism.
The fact that a token does have a big value accrual mechanism, I think makes it a far more attractive investment, even in the short term, because there is the speculative element that comes into it. If wealth… This isn’t just going to be valuable now, this is going to be worth a lot more in the future.
And if you can identify that, then other people will probably identify that as well. So, I don’t understand what this fear of a buy and burn model is, or a fear of a value accrual mechanism is in the market. It doesn’t make sense to me.
I have seen people say that you shouldn’t be trying to accrue value for your token when you’re still trying to bootstrap a product and bootstrap a user base and all that stuff. That sort of startup wisdom and I agree with that, but to say that there is no value accrual mechanism, there’s no value in having one, I think that’s crazy. But anyway-
I mean, it’s totally crazy. I mean, just look at Uniswap and SushiSwap, I mean, SushiSwap differentiated one way just by enabling the fee switch and you just swap punted on it. I mean, I think there’s… It’s not a perfect example because we’re comparing projects with no value accrual to projects that have one.
And user swap could always turn on that switch layer. And I think it might be more of a regulatory question, but it is basically a point of that one enabled value accrual, one hasn’t. And it’s basically created a project that’s massive.
Yeah. Yeah, exactly. And I think this will only become stronger, especially if the market continues trading sideways, which I think it probably will for some time. But anyway, back to your original question. God, I’m good at going on rants on [inaudible 01:22:40].
No, no, it’s fun. I like it.
Your original question about the Flip token. So as you probably can tell, there is a value accrual mechanism. Every time a swap is conducted through the Chainflip payment, at some point there’s going to be an interaction that hits USDC for efficiency reasons. And when that USDC is hit, what we actually do is we charge the user.
That thing is going to be 10 [bibs 01:23:05], but later on, we might increase this, depending on, I guess, the appetite of end users and how much value we can accrue for our token holders and our validators and our liquidity providers. At the moment it’s 10 [bibs 01:23:21].
So, it’s 0.1%, we charges a fee in USDC. That USDC is then used to buy slip tokens directly in the USDC flip pool in the chain with admins. So, this is all happening within Chainflip itself. There’s no on-chain transactions that are happening on Ethereum or whatever to make this happen. This is just a part of what happens when you do a swap.
And that 10 [bib 01:23:48] fee, which is USDC, it’s use the buy some flip tokens, directly from that liquidity pool. And then those flip tokens are then set aside effectively and they’re held in this area of admin which is a graveyard. So, every day or so, all of the little bits of flip that have been accrued by trades going through the platform, this [sticks 01:24:11] graveyard, a flip builds up and then periodically the valet has come a long night.
Okay. It’s time to delete those tokens and they get burned. So not only is it a buy and burn mechanism, it’s entirely programmatic. It’s connected directly with volume on the platform and it’s done so, in a way where there’s no central involvement whatsoever, this is just something that validators do.
And it’s something that actually directly causes buying on the flip market. A lot of buy and burn models don’t have that. They’re sort of centrally managed because they have to be, because of design constraints and other protocols that usually most protocols are not aiming, so they don’t really able to do this.
But yeah, every time a trade goes through that tighten place, tiny, tiny, little bit of buy pressure and flip. And that buy pressure is never realized with downside either. Those tokens just get destroyed. So I think this is a pretty… As far as buy and burn models go, probably one of the strongest ones out there.
I mean, who else can say that… There probably are predicts that can say this, but I didn’t know about them. Who else can say that the usage of that platform literally causes tokens to bought every single time it gets used?
I don’t think that really exists yet. And it’s something I’m really excited about. The top platform of that, it’s used. The flip token is used to provide collaterals of validators. So, there’s a block reward, tokens get printed and rewarded to validators. And then that’s offset by this buy and burn mechanism.
Well, I’ve wrote a whole article on how the supply mechanics work there. And part one of our Cryptoeconomics Series, which is available on our blog, which is on our website. If you’re interested in hearing more about that.
It’s a really cool way because I mean, whether people are trading in a bull market or whether they’re trading to exit, you’re still burning fees and there’s buy pressure, right. I mean, if I have to push back, I mean, I guess the reason why people don’t like it is because they don’t see it, right.
What do you think about that? I mean, with the staking, well, you see, hey, here’s the fee flow, but honestly that might just be a UI issue. Maybe it just projects in the past haven’t accurately and easily shown how much value is being burned, maybe. I’m not totally sure.
I think that’s definitely a part of it. I think the other thing that people haven’t really clocked onto yet is that when you see those APY returns, you really have to ask, how? How is this APY return really being delivered? And in almost every case, those returns are being delivered just by printing tokens.
And there’s no way those are getting offset. So when you’re saying that you’re getting a 94% yield on your tokens that you’ve staked into liquidity pool, what’s really happening is, you’re being compensated in throw inflation of the tokens you already hold for doing something valuable.
But really what that means is, the tokens that you’re holding and the tokens that you’re earning are probably not going to be… All other factors aside, they’re probably not going to be worth as much as they are now in the future because they are being inflated to reward you.
So, it’s this backwards scheme where there is a mechanism buy which lots of people can earn a hefty return and those returns look good the moment you do it. But of course you have a 94% APY on something pretty promising. That APY has been dropped because a lot of people would come in and do it. All of a sudden you’re not earning as much yield and all of that yield is being paid for through inflation.
So, you really have to ask yourself, okay, is what I’m doing here keeping up within this investment by putting it to work and hoping that the inflationary pressure doesn’t tank the value of what I’m earning here, or is there something else going on?
Personally, I think that the whole APY thing has been super cool. I mean, the idea that there are absolute yields that you can accrue, especially in things like Stablecoins and some of the major cryptocurrencies out there. I think it’s super awesome.
But I wrote a blog piece on the dangerous game of governance tokens back in August last year, talking about how printing a governance token and using that sort of liquidity… Earn yield on providing liquidity was a super dangerous game. And I think that’s definitely played out in a lot of cases, but…
Yeah, there’s still this idea that the yield comes at no cost and it’s just amazing and everyone wins. But I think that makes sense in a very narrow, short-term lens. Again, what’s the long-term story here? What what’s actually happening? This space loved talking about inflation in US dollar terms.
It loves talking about the issues with bitcurrencies and yet many practices that are going on at the moment… Many widely accepted practices are basically inflation on steroids. And it’s going to be super interesting to see how that plays out in the future. I don’t think it’s super sustainable, but we’ll see.
The way people confuse issuance and inflation, it’s such a pet peeve. I don’t think we’re ready for that. And Simon, I mean, we’ve been going while, so, why not keep it going with one last one for you? Because this is incredible.
One of the issues that you’re going to have to face for your liquidity providers to see issue of impermanent loss, right. Products handle this in different ways. THORChain, covers you if you’ve been in for 100 days, I believe. I think that’s how it works right now, to double check.
Bancor, I think also printing their token to cover IL. I don’t know what’s sustainable and what isn’t. I’m assuming that once you get to a certain level of usage, this fees offset IL, I’m not totally sure because we’re early, but how do you think about this?
Traditional market makers don’t really experience IO. They hedge their positions, they use derivatives contracts and all sorts of things to make sure that they never experience IO.
IL is a recent phenomenon. It’s a recent phenomenon generated by people entering positions as market makers, where they don’t actually have a strategy. They just relying on the liquidity pool to do it for them. And that was the original design of liquidity pools. That was the whole point.
I think with big three of the game is entirely different now. If you’re putting liquidity into a pool where you can’t control the distribution of that liquidity, you’re entering an interesting position where you haven’t hedged the oppositions externally, you can’t update your liquidity provision and therefore you’re going to get eaten alive by those that can.
This is a whole retail LP versus professionals thing all over again. I mean, the simple fact of the matter is that professional market makers, they know that impairment loss is a thing, but there is there’s nothing impermanent without impairment loss for retail LPs.
Impermanent loss is a term that was coined for traditional market makers, since hundreds of years ago. When stock markets were first created. It’s been around for a long time.
And mitigating strategy has been in place for a long time. It’s a new concept that we should print tokens to offset people’s losses. That doesn’t make sense. At the end of the day, what is the purpose of all of these liquidity pools? What are we actually trying to do here? My answer to this is, we’re trying to provide useful products for users and those users will pay for the existence of those utilities.
That sounds like an obvious thing to say, but that is not the attitude that most people have in the crypto space. They’re thinking about TVL and they’re thinking about all these other metrics that don’t actually equate to a positive user experience that can accrue value.
They’re thinking about it in terms of, what is going to be the coolest thing? Is this going to be bigger in some way, in some metrics? Is that going to yield upside for me? And in many cases it does, but there’s little thought given to the idea that, wait, okay, I’m going to Uniswap and I want to do a swap.
I’m paying for a service to do that. I’m paying the gas fee for it to be executed on Ethereum, and everyone’s fine with that. I’m paying for the liquidity provider to provide liquidity to me through the 30 [bib 01:33:24] fee, and everyone’s okay with that.
But as soon as it comes to the idea that as a liquidity provider, I’m somehow should be traded as an end-user is crazy. I mean, liquidity providers are there to make money. And if you don’t have a winning strategy, you shouldn’t be doing it.
Uniswap has made it make sense now, the liquidity pool mode, because those that process the volume, provide the liquidity the best pricing, get the fees. And those fees are more than enough to offset the costs associated for traditional market makers.
Traditional market makers are making bank of Uniswap right now with no token incentives whatsoever. You just have to know how to do market making correctly or put your money with someone that can do it. That’s all you need to do. So, yeah, I think-
No. It’s a really good answer. I mean, it’s hard for people to zoom out. I mean, people forget that Uniswap has never covered IL.
Never, never. There were some incentives put in place early on, but when they went away, that’s when SushiSwap swept in and tried to conduct its vampire attack. Which I think it’s sort of made the brand less appealing since then, obviously. But they’ve now changed their approach more to [inaudible 01:34:49]. That’s a whole nother story.
The whole idea was. Yeah.
But just circle back though. So I guess Chainflip has two things, all right. If you don’t allow people to take active LP strategies and the LPs are incurring IL, isn’t it hard to provide that service to the end user who’s trading? If the liquidity isn’t there because the LPs aren’t happy or am I messing up that link?
Well, I mean, we’ve gotten some guarantees off a few market makers already to provide a minimum amount of liquidity on non-flip assets on Chainflip. So, were trying to build in through our token deals that we are going to have the minimum amount of liquidity there. And they’re going to be doing it across order books.
So, let’s say you have a million dollars in liquidity on BTC/USDC. That doesn’t sound like a lot at all, and it isn’t. But in theory, you can do 200K trades on that. If the market maker that’s providing that million dollar liquidity is balancing position out across secondary markets like Binance and FDX and whatever else.
You are effectively accessing through the market maker, they’re playing the roles, arbitrager and liquidity provider in the same set. And that’s what market-making actually is. To doing the arbitrage before it’s really there. And you’re connecting liquidity on different exchanges and you’re also providing that base level of liquidity.
But really, that’s all happening in one and the same process. And so, even with a very small amount of liquidity, there’s no reason you can’t provide big trades with low slippage, even with-
… small amount of liquidity, even here.
So, I guess what you’re saying is, you guys don’t have to offer this concentrated liquidity idea that UNI has, where people are very active, but where they’re placing their liquidity within Binance, et cetera, et cetera.
[crosstalk 01:36:39] No, that’s what we’re doing.
That is what you’re doing, okay. Okay, got you. I thought you were just doing… Anybody could add liquidity to a pool, then they hedge it on a different exchange or something like that.
Well, that is what people do with the [V3 Rangers 01:36:51].
Got it. Okay, all right. That makes a lot more sense. So, Chainflip is pretty differentiated. I mean, offering constantly liquidity is awesome for a multi-chain AML. I mean, that’s incredible. I didn’t know that was a thing.
Well, yeah, we were doing it. It’s just obvious.
We’re building a product for traders. We’re not building a product that people that want to own yields on their Bitcoin. I mean, there’s other ways to do that. Like lending platforms that are far more effective. And we may actually, in the future see cross-chain, lending platforms be a thing. That it builds on similar technology to change with. But that’s not what we’re doing.
We’re building, all-school shape shift. We’re building something that you can swap on, that’s it. We’re not doing anything else. We’re building something that’s got amazing pricing. We’re building something that’s got decent liquidity and can support practically every token under the sun, through aggregating, through things like Uniswap and PancakeSwap from whatever else, through the front end.
And we support all of the major blockchain ecosystems. You don’t need to go to Binance anymore. That’s really our goal. We’re providing you a service and we’re charging you fees for that. And we’re benefiting off that, and so are the liquidity providers, but it’s going to be the best user experience. It’s going to be the fastest way to do it and you’ll come back every time. That’s the goal.
I love that. I got to hook you up with Carson at [Toco Mac 01:38:07]. It’s another conversation, but it’ll be interesting. Simon, we covered so much today. I mean, we went way longer than I wanted, which is incredible. I’m glad you had time to do it. And I’m excited to do follow up episodes. Is there anything we missed about Chainflip that we didn’t cover? I feel like we hit-
… on a lot.
Well, we hit on lot, but then there’s a lot to discuss with Chainflip. But I think that’s a pretty good high-level overview, yeah.
Where do people learn more? I mean, I know you said the white paper was written a while ago. Where should people look if they want to one, learn more, but two, get involved?
Well, if you head to the website chainflip.io, that’s got all the stuff as you’d hope, as you’d imagine. You can find things about Chainflip on it. That’d be a bit of a worry if you couldn’t, but we’ve got a light paper there, which is just a nice, easy six page read, sort of explaining the vision a little bit more.
We have a few episodes that are Cryptoeconomics Series available on our blog, on medium, which is linked on our website. We have a Discord which is becoming more active, Telegram is quite more active, and also the Chainflip Governance Forum which in the future will be the place where we have all of our major protocol discussions with the community.
We’ve got a token launch coming up, probably in October. We think we’re going to run that as a liquidity bootstrapping pool based on balances design. And we hope that we’ll see you there. I think there’s a lot of opportunities here. We’re announcing new designs of the protocol day by day, week by week with advancing the product along.
And just in case anyone’s wondering, when you will be able to swap using Chainflip? At the moment, our best estimate is in January, January of 2021. Which in crypto terms, it’s like three years away. Well, we know… Yeah, when you’re building technology like this, it takes a damn long time. So, we look forward to seeing you then whether or not you become a flip holder, but I hope to see you either way.
I mean, I frankly appreciate the honesty, right. I mean, one of the biggest things about building communities is being honest about the timelines and what you’re able to do. And I think if you’re able to communicate that to people the right way and have them on the journey for something this big, it’s really important. So, I think it’s benefit, frankly.
Yeah. Well, I have so too, but I-
I might be biased [crosstalk 01:40:38] given we invested but… I think my argument is there. But Simon, thank you so much for your extended time. Hopefully this pod has some staying power and I’m really excited to have you on again soon.
Thanks for having me, so much Tom. I look forward to doing this again at some point.