A few weeks ago I wrote a blog post where I explored the idea of building a decentralized back-end for Mycroft using blockchain technology. Since then we’ve had a number of conversations with Mycroft supporters from around the interweb, so I thought I’d take this opportunity to circle back.

Is Blockchain Necessary?

In aerospace engineering we often say, “you don’t bolt a bathtub to an airplane just because you have a bathtub handy.” You should only adopt technology that solves a current problem and, in the best case, helps solve several others while making room for future advancements. As we looked at our current challenges, we saw:

1. Openness and Privacy are both desired, but seem at odds with each other. But blockchains advance both extremely well.
2. Centralization creates a single point of failure. Blockchains are built on distribution, yielding stronger overall systems.
3. Current software development models are distributed, but the financial models are still built around centralization of banks, credit card processors, and single large organizations that bring in revenue from users and distribute as they see fit. Blockchain currencies have created new economic transaction methods that support highly dynamic networks and, importantly, can compensate developers for their contributions to the platform.

Is Blockchain Right?

Oh, and that is another thing, does it make sense for Mycroft to develop its own chain? Yes. Unequivocally yes. We’ve carefully evaluated solutions from existing blockchain communities and none have the features we are looking for. We need to protect user privacy, store large volumes of data, and securely distribute API services. Unfortunately nothing out there meets our needs today, though off-chain solutions like Lightning Labs’ LND comes close. If something did exist and came with the resources to implement it we’d certainly make use of it. As it stands now we’d have the responsibility, and opportunity, to tailor our chain to the exact needs of our community.

We also need to be sure that, if we deploy a chain, it incorporates privacy by design. Existing chains focus on transparency and non-repudiation much more than they focus on privacy, so to achieve our goals without forking an existing project, we’d need to develop our own chain. Believe me, we won’t undertake that effort lightly.

Finally, we got a lot of questions about what a Mycroft crypto mining community might look like. Will it be large enough? Yes. A Mycroft token would be designed so that the Mark I, Mark II, or Mark III (you didn’t know about that one, did you) will be able to mine the coin. That means we will instantly have thousands of devices participating in the network if, of course, our users opt-in.

We are also discussing methods of avoiding bad behavior on the part of crypto miners and currency manipulators. If we decided to go this route (and no decision has been made as of today), we’d want to incentivize:

1. Provision of secure storage.
2. Development and maintenance of useful Skills.
3. Data sharing for the purposes of improving the machine learning models.
4. Presentation of useful APIs to Mycroft users.
5. Privacy related services.

Thank You to Our Community

Where does the “unequivocal yes” come from?
In the forum discussion on blockchain, I mostly saw critical statements.

Which features do you want to use blockchain for?
Any of the 5 points can be achieved without.

For example, does data sharing really need to be decentralized?
There are ways to do safe, privacy-respecting training on the end-user devices, see for example here:

Blockchain/distributed ledger technologies are hot right now, but in many many cases they are a solution looking for a problem.

Don’t believe the hype.
Let’s use the limited resources available on actually improving the product, not on hype technology.

I hear the criticism and the team is taking it into consideration. I do want to respond to this line:

"Let’s use the limited resources available on actually improving the product, not on hype technology."

Adopting blockchain technology and participating in a funding event such as a token sale results in a net gain of financial resource, not a net loss.

A token sale can generate tens of millions of dollars in outside funding. Though some of this funding would be used developing a blockchain solution, a significant portion would go toward developing core technology, improving user experience, and expanding the team.

That means money for new engineers, community events, enhanced hardware, paid data sources, a sales force, facilities, travel, etc. etc.

Fundraising is always a distraction whether it takes the form of venture capital, crowdfunding or a token sale. It takes away from the time the team can spend focusing on the software, the community and the business.

When deciding how to put together the tens of millions of dollars it is going to take to realize the Mycroft team’s vision we need to ask two questions:

1. Where are our fundraising efforts best spent? On venture capital? Loans? Crowdfunding? Token Sale? Which activity generates the most resources per unit of time invested? Which one has the highest probability of success? Which allows the team to maintain control of the company so we can focus on our goal, not some investor’s bottom line?

2. Which funding source positions the team for long term sustainability? How do we pay for ongoing operations in a year? 5 years? 10 years?

We need to look at a blockchain solution holistically. We need to examine it in the context of security, privacy, redundancy and reliability. But we also need to examine it in the context of financial resources, long term sustainability, economics and control.

Make sense?

I don’t think anyone would disagree that an ICO would help raise money, check out

I would like to know what post ICO token ecosystems are thriving and which ones you want to model Mycroft after?

Doesn’t sound like you interested in crypto-economics at all, you’re just using the current craze to raise money?

We also need to be sure that, if we deploy a chain, it incorporates privacy by design.

Like Zcash?

Openness and Privacy are both desired, but seem at odds with each other.

That’s a tired cliché that’s well known to be false.

But blockchains advance both extremely well.

What are you talking about? Blockchains are notoriously bad at privacy, which is why there are so many heavyweight cryptographers and engineers with decades of experience specifically with cryptography and information security on their team: https://z.cash/team.html

Centralization creates a single point of failure. Blockchains are built on distribution, yielding stronger overall systems.

No, that’s meaningless fluff. Blockchains are a neat hack to work around what has otherwise been an intractable problem in cryptography: the Byzantine Generals Problem. It can also work as a neat workaround for Zooko’s Triangle. Both of these work by drastically relaxing our notion of what “secure” means in modern cryptography, and then using some clever economic arguments to justify why we should deploy an otherwise insecure system. (Think about it: with most crypto, we usually try to design systems that require computing power having more transistors than particles in the universe, or time greater than the age of the universe. With cryptocurrencies, we tolerate the possibility of a 51% attack! )

Blockchains are an information security tool, and they are very weak by usual standards, so the only reason you should ever use them is when there’s no other option.

Existing chains focus on transparency and non-repudiation much more than they focus on privacy, so to achieve our goals without forking an existing project,

Huh? Why on earth is “without forking an existing project” a requirement? Cryptography is not an area that is very compatible with Not-Invented-Here syndrome. (A lesson the Telegram folks also have yet to learn, by the way.)

we’d need to develop our own chain.

Are you seriously saying you’re going to write your own cryptocurrency protocol & implementation? Do you have any idea how hard and time-consuming that is, even when you have a team of specialists? Again, look at Zcash’s team, and look at the Mycroft team.

How many cryptographers do you plan to hire? Do you plan to stop misusing the term “crypto”, which is likely to annoy people who have been doing cryptography since before 2016, i.e. the people you’ll need to recruit if you want to have a snowball’s chance in Hell of pulling this off?

Right now, you’re running a machine-learning and home appliances startup. Your current team stick to what they’re good at. As the CEO of a startup, you should know that.

Look, Josh, if you personally want to be CEO of a blockchain company, go do that. Your team does not have the necessary expertise to invent your own cryptocurrency protocol and to write the software that implements it, so you’d have to hire a brand new team anyway.

How do we pay for ongoing operations in a year? 5 years? 10 years?

You just said that the technology you need doesn’t exist, and that you want to create it from scratch, with a team that has the wrong skillset for it. How long can you afford to bankroll a brand new team that’s super expensive because you had to lure them away from whatever else they were doing?

Also, I’m not sure about this, but aren’t ICOs illegal in the US right now anyway?

And another thing: the cryptocurrency is well known to be full of really insufferable bro culture. What’s your community management strategy to deal with this?

I suggest you familiarize yourself with the concept of motivated reasoning, which seems to happen quite often when some people learn about Bitcoin for the first time. I invite you to slow down, take a cold shower, and reflect on your motivations here. Either that, or you’re doing really bad job of explaining your plans. Because right now this is undermining your personal credibility as a company head.

(And to be clear: I don’t hate cryptocurrencies. I hold some. I even have a bankruptcy claim against MtGox’s estate. I’m just into the technology far more than the hype, though, and all I’m seeing here is hype.)

To me implementing a (private) Blockchain-technology, and personally I would look at IOTA would be helpful. I’m planning on coupling a number of devices adding sensors to them and use them as a healthcare device. The plan is that the device can recognize behaviour and anticipate on the outcome of particular behaviour. It would involve privacy sensitive data, p2p audio and video connections and a form of machine learning in a cluster of devices.

Any thoughts or feedback?

kind regards

Wim

What would have to be different about the project to make blockchain a viable solution?

I have a severe allergy to blockchain and projects that move their focus to blockchain. If this is the direction that Mycroft wishes to pursue then I apologize for my optimism in the project and wish you every success.

Without me.

Bare minimum, yall need to do some serious market research & a feasibility study, instead of treating blockchain tech as magic pixie/profit dust.

1. Provision of secure storage.

Are you aware of StorJ? They’ve been around for years and their home page still says “Get Early Access”… https://storj.io/

What is this storage supposed to be used for, anyway? At this point, would it just be cheaper to buy hard drives for your users? If you don’t need a lot of storage of bandwidth, Tahoe-LAFS might be a vastly cheaper & more reliable (and trustworthy!) alternative. I’m not thrilled with the engineering trade-offs that were made, but it’s readily available and reasonably secure—well, except for the part where they don’t provide any way to reliably delete anything, particularly in the case of a readcap leak. Oops.

2. Development and maintenance of useful Skills.

Sandboxing. You need it for this. If you’re going to have a lot of people developing Skills, they can’t just be Python modules that you import into mycroft-core like you do today. Otherwise, one hacked developer of a popular Skill will result in the attacker getting root on a bunch of devices all at once. Cool. /s

Sandstorm.io has some pretty amazing sandboxing tech, but it’s mostly aimed at webapps the last time I checked.

Qubes OS does desktop sandboxing, and if you spend some time reading what Joanna Rutkowska (the project lead) writes, and the project’s security advisories, you’ll get some idea of how hard it can be effectively sandbox untrusted software that has a UI.

Also, sandboxing opens up another can of worms: side channels. Go read up on cache timing attacks and rowhammer attacks, and CRIME, etc. etc., and then cry.

3. Data sharing for the purposes of improving the machine learning models.

This is important. I have no idea how blockchain tech is relevant to this. I’d rather see more control in the hands of users to selectively control what gets shared.

4. Presentation of useful APIs to Mycroft users.

Is this API for Skills or something else? See above.

5. Privacy related services.

Can you be more specific?

Also, post-quantum cryptography is in its infancy, and there is a significant chance that in the next few decades, someone will build a quantum computer that can break today’s public-key cryptography and some of today’s symmetric cryptography. We’re anticipating that it will happen. It’s likely that we can’t currently build cryptosystems that will maintain confidentiality for the rest of our lives. (I’ve got a few ideas, but they involve dedicated tamper-resistant hardware and meticulous key management.)

Assume that encrypted data will become readable at some point within the next 10-50 years. Also assume that the NSA is storing everything that goes over users’ ISPs’ wires and sometimes even their internal networks. Some criteria for having any hope of getting long-term privacy becomes clearer:

1. Don’t send private information over the network, encrypted or not, if you don’t have to.
2. Treat ciphertext as private & a dangerous liability. Be careful where you store or transmit it, and make sure you have ways of deleting it irrecoverably, even against a quantum adversary. (And do so regularly with unneeded data.)

Broadcasting private data on a Blockchain or through a peer-to-peer network, encrypted or not, is incompatible with these criteria…

My purpose in mentioning these is not to encourage you in this direction; it’s to point out that there is a wide world full of people who have been trying to do various aspects of what you’re proposing for years if not decades, and they’re having difficulty because these things are hard. A startup should dedicate its resources to solving ONE of these problems, at most. That’s a lot of risk for a startup that’s nervous about funding.

Of course, people make risk-vs-reward trade-offs all the time. I still use Signal, even though it’s not post-quantum secure (for now). But you’d be wise to help users manage that risk, rather than gratuitously broadcasting their data around the world and calling it “secure”. It’s just not that simple.

Mycroft’s big potential market is people (especially FOSS enthusiasts and makers) who want a voice assistant like Amazon Echo, but who are concerned about their data leaving their premises, and are willing to pay more and have fewer features in order to satisfy these concerns. And that market opportunity exists today as voice assistants are only just getting mass adoption. Why would you pivot to building some bespoke CVE-magnet p2p broadcast network (“blockchain”) that nobody can seriously trust for at least another 10-15 years? By then, it’ll be too late, and I’d wager a guess that your investors don’t want to wait that long for an exit.

Yall are in way over your heads on this one. It’s clear—even from your word choice, phrasing, and the details you choose to include or omit—that you don’t know much about the areas of expertise you’d need to build what you seem to be saying that you’ll build. It’s obvious to me on the cryptography & infosec side, and it looks like the user @mycroft perceives a similar thing on the cryptocurrency/crypto-economics side.

Take this quote: “Centralization creates a single point of failure. Blockchains are built on distribution, yielding stronger overall systems.”

No, that’s a truism followed by a vacuous statement with awkward phrasing that looks to be designed to impress laypeople. You’re not being nearly specific enough, and you seem to be conflating distributed systems with decentralized systems. If you want fault tolerance, decentralized systems can help. If you want scalability, then distributed systems are handy.

If you want privacy, then it depends. “Decentralization” can mean diluting high-value targets, i.e. instead of sending everyone’s secrets to the same entity, you compartmentalize: each node can process its own data, thus avoiding the incremental risk inherent in sending the data to another entity, and increasing the cost to attackers to obtain the same reward (a giant hoard of stolen data or resources). In other words, decentralization can improve privacy by reducing the distribution of each secret.

However, a distributed system (decentralized or otherwise) might very well mean increasing the number of entities each user’s data goes to. In that case, you’re multiplying the risk to the user; instead of forcing attackers to attack one specific server (presumably well-guarded), they can attack any server to get the same value. That is what a cryptocurrency ‘blockchain’ does—it’s explicitly a p2p broadcast network.

Once you factor in the (substantial) risk that your encryption scheme may fail to provide confidentiality, it’s obvious that broadcasting secrets and storing them in a log—encrypted or not—is risky as hell.

Your organization so far hasn’t even been able to secure a file server or avoid obvious tempfile races, by my recollection of the past couple of weeks. The former is easily fixed, and the latter is acceptable as long as you’re sticking to embedded devices with only one trust domain for now (example: OpenWRT does something similar). You’re not yet even at the technical maturity level to write a secure desktop app, let alone a p2p network handling high-value secrets.

On the other hand, the Mark I is super cool, and has a lot of potential.

Know your strengths and build your startup on your strengths, not your weaknesses!

Backers et all need to have a say. I/we did not back a block chain company. This significantly changes terms of engagement. It is certainly not what I signed up for. Please redo your Funding request so that people can vote. Thanks

Please consider the input provided by many here. Thankyou

The new surveillance-proof and secure-by-default Internet is being built now! It is a new completely AUTONOMOUS serverless internet architecture called the SAFE Network (now in alpha testing).

It bypasses the DNS system which is a centralized ‘feature’ of the existing Internet that allows governments to shut down websites. The Safe Network will: be highly democratized through ‘safecoin farming’ - earning coin by leasing space on your phone/harddrive; allow for real time secure streaming; allow smart contracts, apps, untouchable web sites, permanent backed-up storage - all at blazing speeds.

There is NOTHING like this in existence and NOTHING even on the horizon like it - as the data itself (not just the pointer to the data) is fully decentralized (sharded and spread over the worldwide network), encrypted, and duplicated - hence no means of take-down and much better than any IPFS or torrent solution. All free market goods as well as alternative websites and torrent data will move to SafeNet. All secure communication will move to SafeNet. All secure data storage will move to SafeNet.

Please seriously look into this project - I believe it is our best hope to get around governments PERMANENTLY. maidsafe .net the main forum is here: safenetforum .org – well worth checking out, no B.S.!! Hopefully coming into beta in 2019.

Video: youtube.com/watch?v=U1ffmf6z50E

if you want to invest and support the project, token is available on a few exchanges:
find current exchanges here: https://coinmarketcap.com/currencies/maidsafecoin/#markets

The people behind IOTA are cryptography amateurs at best.
And the technology is not even decentralized.

https://casey.github.io/iota/

Zeno_Gantner,

So it’s under development. I’m glad there are researchers that research new technology and try over and over again. The knowledge acquired can only be helpful for an other blockchain like technology.

Excuse if this sounds like a rant but I’m not happy with the statements. Maybe it’s just a communication problem as I’m sure you have good intents.

Am I still on Mycroft or is this an Airbus forum?

I hope that’s a typo. Openness may be desired but privacy is REQUIRED.
When was it that you abandoned the lines you posted just 11 days ago (time of you writing the quoted text).

In comparison with devices for the data kraken vendors: Mycroft offering a fraction of the features for 0% improvement on privacy? I’m not sure this will sell well.
Even Google, Apple and others are using the same words to lure people into their data leeching sinkholes. They too probably try to desire both privacy and openness. But where is the difference that makes Mycroft stunning and stand out? Where is the dedication towards privacy with no rule bending and legalese to circumvent the marketing slogans?

Being open is NOT enough. That caters to developers - who will be your customers though? All developers selling each other fluffy little skills and being happy over blockchain tokens?

Real users couldn’t care less if the product is open or not - they want selling points and privacy is a MAJOR on that list since the competitors provide the majority of what Mycroft does plus a LOT more. However, they do it for a high price: your privacy.

The MAIN reason I backed for is for privacy. Maybe I’m completely alone with this but if that’s not (and will be for longer than 11 days…) THE main goal here I’m not seeing where I should take my happiness over the product from. I’m not keen on seeing blog posts on privacy excuses every few days.

Either you’re 100% privacy aware and offer the options required or you’re not. Being open in my books just means making it plausible that those words are true. As a pure user I have no other need for open source design of a product.

This is why I never enter my house through the door. I just live in the woods and enter them from a different direction each day, pretending nobody comes by and sees me. Even our brains are a single point of failure. Why would boundless and limitless distribution of data lead to a stronger system? Especially if it’s early adopter tech failing left and right on a daily basis? That’s just a metaphorical statement to me - it lacks any real world application.
Yes, some redundancy is good. We have one mouth but we have two eyes and ears. I’m not sure if just having more would generally fix anything or make it stronger? It’s just theoretical.

On that note: how can anything be an assistant if it relies on distribution? Would you hire an assistant that spies on you 24h / day and distributes all data collected, without being assured that privacy is 100% guaranteed?
It’s scary to even help with tagging right now because there are family conversations and more mixed in there, some are… interesting.

Maybe I’m stupid but why would a Blockchain currency fix issues of developer compensation for distribution to Mycroft? Common and real issues like abandoned skills, bugged skills, broken after updates, security issues, etc.?

How do you even measure a contribution?
Writing a good trojan that passes the audit undetected and still grabs data?
Changing meaningless fluff data?
Adding a skill that’s well liked and much desired vs. one that’s niche? First comes first wins?

I see no purpose in relying on Blockchain to pay devs who’re providing great software. To be really honest here: I dislike the current gen Appstores we have on most platforms today. They are full of junk, broken, buggy, cloned and stolen apps. Uninspired and just there to make money - not there to build a great product. With only very few exceptions. I don’t see how blockchain would fix this.

What I’d prefer is

1. if you’d ask for money where money is needed
2. provide tools so that users can easily craft an AI with skills they need to do things they want it to do for THEM (visual programming?), having access to really simple to check profiles / script addons and
3. if it must be if you’d buy skills from devs and look after them and maintain them. Do a bounty program for example - but don’t surrender our existence and data to random people all over the globe

Whenever I need to sign a privacy policy I can do nothing but raise my eyebrows. Even the new GDPR compliant policies… for example Blizzard Entertainment Privacy Policy - Legal – Blizzard Entertainment
Basically they’re saying everyone has access to it - operatings and all, including 3rd parties.

Requesting an update.

Your users are against the idea of using a blockchain. It seems as though your users are more knowledgeable on the subject as well.

Will you be proceeding with this or not?
If you are going to proceed, then you will kill your business. Sure, you may get more developers, but who are you going to develop for if your user-base has jumped ship?

Harsh reality: We don’t need your business to succeed. Your codebase is public. If you cease to exist, your project will be forked and maintained by others.

Think this through.

Edit:

It seems like you’ve already pulled the trigger

I hope it goes better than the last 10 months of your failed adaptations of Bitcoin… In the mean time, keep an eye on your analytics and watch the trend line slowly fall.