Canton is the chain behind JPMorgan’s deposit token, DTCC, Broadridge’s $400 billion repo book, HSBC, Visa, and a growing roster of the biggest names in global finance. It describes itself as a public permissionless blockchain. But is it? Yuval Rooz, co-founder and CEO of Digital Asset, faces off against Alex Gluchowski, co-founder and CEO of Matter Labs, and Dragonfly managing partner Haseeb Qureshi in a live debate. The charges range from foundational: Canton cannot enforce financial rules without a trusted third party, its validators are permissioned in everything but name, and there is no universally shared ledger. Rooz fires back on all of it and, at one point, concedes something that may surprise you. If the label matters as much as the technology, this episode will force you to decide what blockchain actually means, and whether that answer has consequences for the institutions staking their infrastructure on it.
Get the latest news and updates on FINTECH.TV
Hi everyone.
Welcome to Unchained, your no hypere resource for all things crypto.
I'm your host, Laura Shin.
Thanks for joining this live stream.
Just FYI everyone that we pre-recorded this a few hours before the stream.
Before we get started, a quick reminder, nothing you hear on Unchained is investment advice.
This show is for informational and entertainment purposes only, and my guests and I may hold assets discussed on the show.
For more disclosures, visit unchainedcrypto.com.
Bitcoin changed how money works.
Citreya changes how Bitcoin scales.
With a trust minimized BTC and a native staplecoin, CTUSD, Citreya enables Bitcoin capital markets with lending, privacy, Bitcoin yield, and more.
Get started at Citreya.xyz/unchained.
Etherf is giving Unchained listeners 15% cashback on food and ride apps, and that's on top of the 3% you get on everything else.
Your bank is charging you to use your own money.
I switched.
Go to ether.F/unchained to claim your discount.
Today's topic is Canton.
Is it a real blockchain?
Here to discuss are Yuval Ruz, co-founder and CEO at Digital Asset, Haib Qureshi, managing partner at Dragonfly, and Alex Glukovsky, co-founder and CEO of Matter Labs.
Welcome, Yuval, Hassib, and Alex.
Great to be here.
Thanks for having us.
Excited to be here.
So we're going to start with you all.
You all, I'm sure you're aware that you're probably gonna be a little bit in the hot seat today, um, but I actually think you're probably somewhat used to it by now, judging from what I'm seeing on social media.
So, uh, let's just set a baseline for the listeners.
Um, why don't you maybe describe what problem you're trying to solve with Canton and how you structured it to solve that problem, and then we'll have Alex and Hassib kind of give the criticisms that that they wanna, um, have you answer to.
Sure, um, so first of all, uh, great to be here.
Um, I don't know if I'm gonna be in the hot seat.
Maybe, maybe other, other hosts, uh, or participants will be in the hot seat, but we'll see, um.
You know, I think that for me.
You know, when we, when we entered the space, so my co-founder started Cumberland, which is a big OTC trading desk.
We both came from DRW on your, uh, on the show, uh, I can't remember who it was, said that this was founded by DRW.
That's just not true.
We left DRW to start this company, but nevertheless, our view was we wanted to bring capital markets on chain.
And, and in order to do that, our view is that you need to be able to convince issuers.
To move their books and records to be natively unchained.
And in order to do that, you really need to solve the problem of how do you give settlement finality, get an issuer to be comfortable if they don't want their books and records to be public for the whole world to see.
There's a whole set of problems that you need to solve, um, and really how do you do that on a permissionless set of infrastructure.
So, it's not to say every application or every asset has to be permissionless, but it's actually kind of similar to the internet.
The internet is a permissionless piece of infrastructure, yet if you build a website on the internet, you're not kind of mandated to make your website uh public permissionless for everyone to be able to access it, or see the information that is stored on it.
So, you know, for us, we're trying to make capital and markets natively owned chain.
And there's a lot of features that had to be solved as a result of making that happen.
And actually, I just wanted to go back when you said that DRW didn't launch digital asset.
I mean, so you used to work there, you left working there to start it, and then I believe on uh Wilson, who is one of the, uh, who, who is the founder of DRW, that he is also a co-founder of Digital asset.
That's, is that correct?
Yeah, but DRW DRW has no um.
Access to digital assets, uh, GIs, or anything like that.
It's a separate company.
It's an investor in our company, so DRW is an investor.
They're not the largest investor, there are other investors, so, again, both Eric and I, our third co-founder has nothing to do with DRW, and he, he came actually from the world of cryptography.
So, it's just that me and Eric, my co-founder, started our career, well, Eric started his career, I actually started my career at Citadel.
And then moved to DRW and we both left DRW to start this company.
OK, and just to paint the picture for listeners, you know, you have deals with DTCC, uh, JPM is gonna do their deposit token on Canton.
Um, like you just, you know, Broadridge, who is, um, you know, a, a very, uh, more obscure Trad 5 player, I think, to the crypto world, but, you know, clearly embedded in that world, so you're sort of at the center of, you know, trends around our WAA tokenization, um, just, just general institutional adoption.
Um, privacy, stablecoins, you know, these are all huge trends happening right now in crypto.
So, um, you know, I think like you were sort of, I, I don't wanna call it stealth mode cause I don't think that's what it was, but to the crypto world, you didn't really come on the scene until, like, finally your token launched, and all of a sudden we see, oh, there's this token with a high market cap, um, that's on Coin Gecko, so, um.
I think that's why suddenly, just the last few months, there's just been a lot of um public discourse about Canton and what it is.
So, let's now start with the arguments.
Alex, why don't we start with you?
I know you have some criticism against Canton, so why don't you go ahead and lay them out.
So actually, hold on, before Before we go to Alex, let me, let me just jump in here because I want to set the scene of how we're going to fan the flames a little bit.
Um, because I, I don't see my role as necessarily criticizing anybody here, but more accentuating the drama.
So, you've all, I'm sure you're well aware, there's been a lot of drama in the last couple of months around Canton, a lot of conversation happening on Twitter on X.
Um, how would you summarize the drama that has, that has catalyzed around Canton?
Where do you think it's coming from and how would you summarize it for the audience?
I mean, my, my honest opinion, why the drama have been created is because we've been able to sign a lot of these partnerships and deals and nothing else.
Um, to be honest, I think that, um, some of the things that have been said, Canton is a centralized database with a coin on top of it, it's a permission network, um, you know, I can keep on going, are all things that, you know, first of all, are not true.
And second of all, I would say that if people really had those topics deep, deep in their heart, and really said that this is not good for the industry, I would say that those topics would have come about a lot of L2s, a lot some L1s, uh, that would have, I would say even worse characteristics than Canton.
Yet didn't seem to be problematic for the industry.
And I think that, you know, uh, very similarly, I would say that some of the partners that have partnered with us, if they were to choose different L1s to work with them, they would have been deemed heroes, and really like, uh, the, uh, the knights of, you know, on chain capital markets, and yet what they chose Canton suddenly turned to be the bad guys.
And again, as you know, as you know, this industry is uh very good at, um, You know, tribalism, and I think that that's for the most part, a big part of it, not necessarily because it's focused on on facts.
So to me, it sounds like the really short version is, they're just jealous, kind of.
I don't know if I, I don't know if jealous, but I think, I think that again, I think that we didn't do uh a pre-mine, we didn't go and, you know, publish all of these white papers.
That we're gonna, we're saying how we're going to change the world, and we've just very quietly executed, and now we're signing all of these deals.
Uh, just today we announced a partnership in Japan with Mizuho Nomura and JPX around tokenized JGBs.
We announced a partnership with Hanwa, you know, Visa, you mentioned JPMorgan.
Last week it was HSBC payments, and we're just executing on those things.
I, I don't know if they are jealous or what.
But, you know, a lot of people have been building positions, and, you know, they are defending their position, and I'm actually OK with it.
It's, it's normal for them to do that.
But again, I, you know, I, I, I would love to understand how what we're doing is so existential for this industry, and is so terrible compared to other things that have been hailed with so much praise to date, you know, we'd love to, we'd love to understand that.
OK, Alex, so go ahead with your main criticisms.
Sure, to, uh, uh, I think this is gonna be a really interesting debate, um, uh, to give some context to, to the, to the viewers, uh, we are building Previdium, a, uh, private institutional blockchain infrastructure on Ethereum, so naturally we are solving the, the same problem as you all formulated.
We want to bring traditional institutions, issues, uh, issues and capital markets and chain, and so we are in many of the same rooms where these conversations happen and we kind of, we understand the.
The perspective as it's presented to the capital market participants in traditional finance, and we see the debate that's happening publicly on X and in other public spaces, and what was striking to me about Canton, I think where the, the core tension where all like major criticism and emotional response of the community is coming from is.
There's quite a lot of misrepresentations around this specific project that uh is quite unusual for the space, like the, the, the statements we've seen made are not accurately reflecting what's actually happening.
So, I, I would love to talk facts as, as you've all invited and actually go and dive and and try to understand.
Not the theoretical, ideological, you know, uh, things, or, or is it permissionless, is it not permit, is it decentralized, not decentralized?
Who cares?
We're serving traditional institutions.
We, we have a specific set of customers.
We want to bring them on chain because it's gonna help the entire industry.
So we want to look from their perspective, what they're actually getting and what, what they're being promised, what they're getting.
And I think it starts with, with definition.
Uh, Canton is calling itself a public permissionless blockchain.
This is how it's spelled on the website.
This is what you all just said.
I think this is the core misconception from to begin with.
I, I, I believe, and I like I would like to understand it better in this debate, that Canton is not really a blockchain, because if you, uh, and like it's not about the definitions, it's not about semantics, it's really about the properties.
When you say blockchain, you're tapping into more than a decade of an industry with certain values, certain.
Certain value that was generated, some innovations, some new ways of doing things that were not possible before that this industry brought into existence, starting with the Bitcoin white paper, which actually where where the idea of blockchain originates from.
And so my question, my first question to you all in this context would be, Yuval, what is the actual innovation?
What's the invention?
What's the breakthrough that Canton has built that was not possible 10 years ago?
Why would something like Canton, uh, why, why you could not build it 10 years ago?
Um I mean, the ability to have, first of all, to say that Canton is not a blockchain, I mean, Canton follows a UTXO model uh that can be validated by multiple parties.
Um, you could actually have decentralized composability on Canton, which could not be done in a message-based architecture.
So, Canton does do a decentralized state management, which is the idea of a blockchain.
Um, unlike Previdium, which is a single source of, you know, RPC messages that can be called by their customers, uh, and we can talk about Alex, uh, ZK, uh, architecture.
But, uh, no other blockchain offers, you know, atomic composition of smart contracts with privacy.
So, you know, that's, that's what you can achieve on Canton, that you cannot achieve on other blockchains, to the best of my knowledge, including on Providium.
So when you say atomic composition with privacy, uh, you know, uh, you are talking about, uh, um, like you're, you're saying that this would not be possible to build with, uh, with traditional messaging systems, to which, um, this sounds strange to me, like the, uh, swift messaging, uh, is atomic, like the message is, is passed atomically between the two parties.
And so it does with uh with uh composition.
You don't have a guarantee without a without a reliance on a third party.
You don't have any guarantee of composition today.
So, so you're, this is amazing.
So you're talking, so this is, I agree with you, this is what makes the blockchain, a guarantee, like certain guarantees of enforcement of financial rules without reliance on third parties.
This is actually the, the point of the Bitcoin white paper where like the, the, the core problem there, the the question was solving is the problem of double spend.
How do you solve that?
It, it's actually in the abstract of the white paper.
How do you solve double spend without relying on the third parties?
And so my question to you is, how do you actually solve double spend without, with, with preserving privacy and with preserving the integrity of uh.
Um, the composability with whatever rules that you want to compose in Canton.
What's the mechanism that prevents the double span?
On Canton.
I mean, the issuer of an asset, and the issuer, I just want to be clear, can be a real world issuer, or it could be a decentralized party, like a Bitcoin, uh, is the mechanism that can protect, uh, you know, double spend, no different.
Again, it's a UTXO model.
They are a party to the transaction, and they are the ones that prevents double spend.
Oh, so then, yeah, it sounds like Alex's first point that maybe you don't, like it's not a blockchain, that it could have, it could have been done before blockchains existed, that it sounds like that exactly, exactly, it's like circles database can guarantee the same right, no, that's just not true.
Don't, don't, don't pick and choose what you want to listen to.
I said, Either have a real world issuer.
Or a decentralized party like Bitcoin is.
Bitcoin is a decentralized asset, so you could have a decentralized asset that doesn't have a real-world issuer, meaning there is no centralized intermediary that can prevent double spend.
But, but you're, you're like outsourcing, you're outsourcing that function to a different chain then.
But you don't, you don't, this is not present in Canton.
Yes, it is.
Why, why, why do you say, how do you prevent a decentralized, uh, sorry, how do you prevent a double spend of a Bitcoin, like you can put Bitcoin on Canton, is that correct?
No, I said that Bitcoin is a decentralized asset.
So it is, but you're, I'm, I'm asking you about Canton.
Well, there is an asset, CBTC, which is a decentralized asset on Canton.
You don't rely on one third party to actually prevent the double spend.
It's completely decentralized.
What, what does it mean?
Like, who, which party you rely on?
Which party lying like what's the actual mechanism that prevents the lying on a consensus no different than other other blockchains.
Oh, it's very different, double spend.
So hold on, my understanding, I, I might be out of my depth here, but my understanding of Canton is that the super validators are responsible for like they see all of the state and they manage all the state.
That's not correct.
OK, please, please, OK, sorry, I, I have clearly a shadowy understanding here.
You all, can you explain what are the super validators doing if they're not guaranteeing the correct state transitions?
Sure.
So, the super validators do 22 jobs on Canton.
Uh, what they do is they do act no different than validators on Ethereum and Bitcoin with respect to Canton Coin, specifically.
So, imagine with respect to Canton coin specifically, Canton Coin is a fully public permissionless asset, like every other crypto asset.
In addition to that, they run a composability infrastructure to actually compose transactions.
On those transactions, Hassib, they break, they behave more like ISPs on the internet.
They don't know what transactions they compose.
They act as an ordering, a decentralized ordering service, but they don't have, they're not validating.
The actual business logic of the there's almost like Bitcoin side chains that's sort of the relationship with Canton and the Canton Canton again on assets RWAs that are running on Manet, the super validators purely act as a coordination layer and a time stamping layer.
They do not get to see the transactions that they are actually helping to process.
So who validates the transactions?
Who guarantees that when you spend one UTXO that has some asset and produces two different UTXO as a result, the issuer of the asset, which could be of two types.
A centralized issuer, which is an issuer of a real world asset.
And a decentralized issuer, which could be an issuer of a decentralized asset, meaning it has no real issuer behind it.
Well, CBTC is a, uh, like it's not the Bitcoin validators, or Bitcoin miners who validate it, right?
It's, it's but it's a decentralized group of, yeah, it could be a some group of essentially a multi-s.
No, because they run consensus across them, Alex, and they know, they don't just sign transactions.
I, I understand that they're on consensus, but in the canton itself, when you do the, you consume one contract and you one double contract and you produce two different D contracts.
Like, how do you ensure that the same, you know, you have one Bitcoin locked in this one contract that you consume.
How do you ensure that you don't produce two versions of Bitcoin?
Cause your, your privacy infrastructure provides each party only with their view.
So, like, if I, I know, I know Alex, where you're going with the global state verification of an asset.
I, I, I know that that's where you want to go, and we're gonna talk about ZK Sync and some of your reliance on a third party that sees all the information, and they can actually upgrade the smart contract to be a malicious, uh, uh, smart contract without the user actually ever knowing about it.
We can, we can go into that.
So like, Honestly, I answered the question on Canton, you could have fully decentralized assets, and you could have centralized assets that rely on a real world issuer.
That way, you run the same risks that you would run on any public permissionless uh network.
It's absolutely not the same risk.
So let me then explain how I understand it, and then you can correct me if my understanding is wrong.
OK, and before you do that, just one quick note for the listener, uh, Alex mentioned DO contracts, which is digital asset modeling language that's specific to Canton.
It's basically like a smart contract on Canton.
I just wanted people who didn't know what that term was to know that.
Sure.
So what happens in reality is the standard demo contract provides the, the rules that, so the, the, the way like in uh uh well, please correct me if if I'm wrong, like I, I'm just gonna be sharing my understanding, obviously you're the expert here on on Canton, but the Canton functions as not as traditional um account-based uh blockchains, it's a UTO model.
So each contract is a separate UTXO.
Sorry, like Bitcoin, UTXO, yes.
Exactly, like, like Bitcoin, so like all UT cells are encrypted, so you only see the, the hash, like only like individual parties that are designated by the Dammel can see what's inside the UTXO and um when you, uh, and it it basically acts as like each of these UTXO is really a multi-S SIG, a small multi-SIG with a number of parties.
Who are privy to the state approving the state transition.
Like you're, you're, you and, and the validators, uh, kind of, uh, or the mediators serve the role of the counter of these votes.
If you, if you get enough of the votes, then you, the jigsaw is consumed and, and new, new contracts are being created.
And so what really happens there to prevent the double spend is the standard demo finance contract templates require the issue.
To always be the co-signer and authorizer of every transaction, uh, and this creates two big problems that that directly, uh, go into the, the Canton's claims about integrity and privacy.
On the one hand, your integrity now completely depends on the integrity of each individual, um, issuer.
And, and so what this practically means, and I need, I, I, I really need, we really need to clarify this.
You depend on the signature of a single hot server, which is basically exactly the same trust assumptions as what happened to layer Zero yesterday with the DVN101 Multi-See approving the invalid transaction.
And if this happens, if the issuer gets compromised by a sophisticated attack like a state level actors like North Korea.
The, the situation gets a lot worse because now the uh minted assets are gonna propagate throughout the network without anyone being able to catch it, creating the systemic risk for the entire network.
Thank you for bringing that up, Alex, actually very good, very good uh example.
So what, what I would say, but, but, but first is, is this the correct description of what happens?
No, it's not, but, but um, can you, can you, can you clarify what actually happens there?
So, the nice thing about Canton is that we don't rely on an issuer um to save us.
Unlike in Providiums, where an issuer, whether intentionally or unintentionally hacked, as you said, by North Korea or whoever, can upgrade your smart contract without your knowledge as a user of a Previdium.
Can upgrade your contract with sync.
Alex, now I'm gonna talk and you can listen and you can refute my claims later.
How about that?
So, I am, you know, so within a block, a user can actually upgrade the smart contracts of ZK sync.
Can literally drain an account, downgrade the contract, and all you're going to get as a user is an RPC call from a closed sourced piece of software.
Again, your Providium is closed source, which is not a good idea for a security base.
Yes, it is, your, your, your privacy one, your open source one, is not the privacy one.
Can upgrade a contract, drain your account, downgrade the contract, and all you're going to see is a proof that EVM processed the state transition correctly.
You have no idea why your account balance went down.
Again, in order for you to know your account balance, you have to keep on pinging an RPC.
You don't even have the state on your own note.
Uh, Providium just writes some kind of a proof to Ethereum Mainnet.
Which you have no clue what that proof actually proves, other than EVM acted correctly.
Um, and that's it.
On Canton, what I would say to you is that in order for you to actually do a state change, first of all, you need to have multiple parties agree to a state transition.
The issuer would be one of them.
So, already your point about a 1 out of 1 signature is a bit odd.
But second of all, I would say if someone wants to change the smart contract, which I would assume on Providium's the issuer has, or the operator has that right, if you want to do the the proxy model of being able to upgrade software without to have anyone's.
At least on Canton, what I would say is every user would know that there's a change to the smart contract, because they are the ones that are actually validating the transaction.
They're not looking through an RPC on some proof that they were not even participant to creating that proof.
So, again, first of all, your description is incorrect, and second of all, I would say that the attack vector on a Providian user, not only is worse, the consequences are even more terrible than Canton.
So what happens on Canton when the issue is compromised is.
It's not that any of the individual smart contracts that exist before gets uh gets corrupted, but instead the share will just mint a huge amount of the token and inflate the, the token supply with the underlying asset being fixed, it means that everyone is going to lose the, the like corresponding uh proportion of the asset they lose.
Uh, well, what happened on yesterday with layer zero and what happened last week with parity was not that individual users were compromised.
Let me just finish this here, I was not interrupting you.
Uh, but the, uh, the, um, asset was printed.
There was an unauthorized inflation of the asset for, for the polka dot and for the kelpdao.
So the, the attacker basically just minted a huge amount of assets for themselves and dumped on the market.
And like inflated, like it propagated for the market.
This is unpreventable in uh in Canton and not just unpreventable, it's undetectable.
It's way worse than in public blockchains where there is a single canonical state that everyone can see.
So what you describe about Previdium is uh it is, is like absolutely incorrect.
Whenever you have a public change on any smart contract on Ethereum, it's gonna be visible.
Anyone will see what's happening in the block.
It's impossible to hide.
So, like, if something like that happened, it would be publicly visible.
And we can talk about the consequences, what this means, like, you know, we're, we're, we're serving institutions, they have very different requirements from the cipherpunks.
They have other mechanisms to to correct, but you, you, you cannot hide the, the uh uh the change of, of the smart contract.
But in Canton, you cannot prevent it.
You're exposed to the same exact attack vector as what happened yesterday to layer zero.
And you cannot detect it because if this happens in a, so the way the way the attack unfolds is this the issue is compromised.
They get a proposal, proposer or like submitter who is also um basically like the attacker just gets a some asset to themselves, then they go and make a submission to the issuer.
The compromise server signs the submission and the attacker ends up with.
Hundreds of millions of dollars' worth of assets.
And then they slowly start propagating this through the system.
Tell me how you prevent this.
So I just want to be clear.
So first of all, um, real quick because you said that it's not closed source, um, Previdium use open source licensing model.
The ZK stack is fully open source and provide all components required to run a standard link chain, period.
Previdium trademark adds a closed source enterprise modules that enable private permission permission deployments for institutional environment.
This is correct.
There is no contradiction.
The protocol part is fully open.
The protocol part is, is open and visible.
What's closed source is the middleware that you run to control, you know, to connect to your banking systems, to connect to your authorization systems and so on.
They don't touch on the protocol in any way.
Well, it seems like a stack that does privacy uh with closed source uh should uh enter and the privacy, the vertical part, smart contracts, zero knowledge proof circuits, everything opens first, fully open.
Literally your writing says to provide privacy.
Uh literally I just explained.
Explain what this means.
It's a middleware that you use to configure the access of the users and the role-based account model.
OK.
And yeah, this episode isn't about Prividium.
Um, so just, no, no, no, no, no, no, no, sorry, sorry.
If I, I'm totally fine, but if a person who runs a chain.
That I think is it's fair play.
I think it's fair play.
I think, I think he gets to punch back.
We can't author of the claims about his, his, his, you know, to say, to say that Canton is not decentralized, but a Providium is run by a centralized party that gets to see everything and right, I don't care if it's decentralized or not.
Again, I'm saying you have properties that you, you advertise certain properties that you don't possess in your system.
Your system is worse than public blockchains in terms of integrity, uh, in like containment of systemic risks, like it's in fact it's worse than the traditional systems.
So what, what like, Uh, it does not have the characteristics of a blockchain, so I would, I would describe Canton as a mediated messaging network, and from this perspective, it has a role to play in the traditional finance, you know, there are some workflows that don't require a blockchain, and I, I believe the Canton is actually deployed in some of these workflows, maybe like with, with something like Broadridge where it's essentially being used as a, as a like better database, a database with.
Um, uh, specific financial workflows that, that are more easily configurable and, and it, it has a value there.
It's just not a blockchain, and it does not offer the properties of a blockchain.
So, again, I just wanna take, I just wanna take your, your attack vector.
What prevents today from any stablecoin provider, if they got hacked, to mint a billion dollars worth of stable coins on chain.
How do you know that they got hacked?
You, you will immediately see the transactions happening, like they they are a lot of mint coins.
Right, uh, the way, so the way they, they, they usually works, I'm, I'm replying, I'm, I'm replying, I'm replying.
Someone mint a billion dollars of stablecoin on chain.
Yeah, cool.
And they didn't know that.
I'm, I'm, look, I'm, I'm replying to you that the, the way they structure, like I, I, we, we cannot talk about every issue because they all have different, uh, procedures in place, but, uh, the way, so I'm, I'm not deeply familiar with how all of them operate, OK?
But I, I'm familiar with the industry-wide best practices.
And they run something like this, um, in exchanges, you have hot wallets and cold wallets, and you have different degrees of different permissions on what, what can be.
Uh, done with hot wallets, like they usually have lower limits, and then the most of the assets are in cold wallets.
Uh, I assume the issuers operate a similar model.
I'm not familiar with exactly how they structure this, but there is a huge difference with the model.
One second, you, you wanted to attack Canton by saying the issuer got hacked, so can we acknowledge that the issuer got hacked?
Because you can't say like, oh, they, they run these great services and all of that stuff.
I'm going with your claim, the issuer got hacked.
So now suddenly you're saying that the issuers are all very safe, like, I'm just going with your model, just go with me.
The issuer got hacked.
You started by saying the issuer got hacked on Canton.
So let's just say that sure, uh, fine, fine, fine, like the Depending on how the issues are structured, if they have a single function mint which is operated by a single hot key on the hot server, that's a really bad design of security for the t-shirt, and I don't know half of them are running.
Typically they, they do.
Sorry, well, Alex, let, let's just give, let's just give, let's just assume somebody is hacked stablecoin issuer, and they meant a quadrillion dollars USDC.
Let's, let's, let's take that hypothetical.
Just $100 million.
OK, a nice, a nice billy, a nice billion dollars.
Let's say they, they meant a nice little billion dollars USDC.
All you see is that now USDC, given the war that has happened in the Middle East, have had really good issuances.
It's just part of normal business, right?
You just saw another half a billion dollars of USDC add to the chain.
So what, what really, like, what blockchains give you are the uh rules that can be enforced.
If you encode your rules as like, I can do anything, there are absolutely no checks on what I can do, sure, this can happen.
This is not how it's usually structured.
Usually have to attack vector, your entire attack vector was that on Canton, if the issuer gets hacked.
Canton is terrible.
That's your, your, your, your model depends on the issuer, uh, enforcing every transaction.
Any RWA on any permissionless chain relies on the issuer not being.
Yeah, so I, I feel like, no, no, no, no, no, no, if Alex went down this rabbit hole, I would like for him to dig himself out of it, and my point is, the point is we need to stop throwing these, these parachutes into these holes, because we can't go into these corners, and then like again, the referee is separating the fighters, like he just said, an issuer got hacked, an issuer minted an an uh an amount of money.
On Ethereum, on, on, on Solana, on any of those things, and nobody knows that the issuer got hacked, even the issuer themselves.
Part of business, of course, of course they know, of course they know, like on public blockchains, any hack would be immediately visible, but that that that's the thing.
How is the hack?
It's a, it's a, it's a legitimate issuance.
Exactly, like they, everyone would see that the the issues would happen, that there is a certain amount, you know, they, they can have monitoring systems that observe the public state.
Here, they would not be able to monitor this.
The issuer is the one that needs to say we got hacked, because you as an observer, even though you've seen $100 million of USDC issued or USDT or whatever stablecoin, that even though you could see it.
All you know is that another $100 million have been added to a public permissionless chance.
So you agree with me that the only person who could say, we got hacked, these are 100 bad million dollars.
Are they sure?
Can we at least agree on that?
Uh, that, uh, that.
Um, You know what, you know what, I, so I, so we're, we're gonna, we're gonna call this right now because we need to move to ads and then cover a whole bunch of other topics before we, before our time is up.
So just give it some time.
We have to move on.
Raised by the bell wouldn't be a fuck time.
So uh, in a moment we are going to discuss, uh, whether Canton is permissionless and, um, and dive into other things.
But before that we will take a quick break from the sponsors to make the show possible.
Bitcoin changed how money works, Sarea changes how Bitcoin scales.
Sarea uses Bitcoin as both the settlement and data availability layer.
As Bitcoin's application layer, Citrea enables the first trust minimized BTC on a fully programmable platform and a native stablecoin for Bitcoin, CTUSD.
Citreya offers Bitcoin capital markets with lending, privacy, payments, Bitcoin yield, trading, and predictions.
Citreya expands Bitcoin's utility without sacrificing its security.
Citreya Mainnet is live.
Get started at Citreya.xyz/unchained.
Etherfi is giving Unchained listeners 5.
15% cashback on rideshares, groceries, and restaurants right now, which honestly is kind of wild for a card like this.
On top of that, I'm getting 3% cashback on every single transaction, using my actual crypto.
No conversion fees, no nonsense.
My bank never once did that, and it goes beyond just spending.
You can borrow against your holdings at 4%.
Or less, which is super useful if you don't want to sell your assets.
You can also earn on all major assets, up to 8% APY just by holding.
And moving money is just easy.
No hidden transfer fees, no friction.
It just works globally.
If you want to check it out, go to ether.F/unchained to claim your offer.
That's ether.F/unchained.
Back to my conversation with Yuval, Alex, and Hassib.
So, I definitely want to tackle this question of whether Canton is permissionless or not, and I think in order for the audience to understand this, we need to discuss the issue of the super validators.
So, Yuval, before we dive into the meat on this question, I just had a very quick little fact check I needed to make, which was, can you clarify the number of super validators?
Because I saw 13 on a few different sites.
I saw 46 on the tie.
I didn't know why there was this discrepancy.
46.
It's just that they choose to run on like uh node operators, and those are the ones that are 13.
0, OK, that's interesting, cause, yeah, multiple sites said 13, but, but only one said 46, so I wasn't sure.
OK, so then why don't you just define what a super validator is and give some examples of the different types of institutions that are in that group, and then explain why it's invite only to be a super validator.
So, um, I'll start with the end, which is not invite only.
Um, the the model of how do you become a super validator has a process no different than any other chain.
On Ethereum, you have to stake 32e, on certain chains you have to stake even more, on certain chains, you can't even become a part of the sequencer.
Most L2s, you have a centralized sequencer.
There is no multiple, um, uh, participants in the sequence.
There's some L1s, like, I think Hadera, closed, uh, closed network of uh of a few uh entities that can run the the sequencing.
On Canton, everybody can Become an SV assuming the network agrees with a supermajority, that they are an additional value add to the network.
So, there's nothing, there's nothing that would prevent Unchained from saying, like, we think we can add value to the Canton network, and as a result of that, uh, will become.
So, we decided, we decided that, you know, in most chains today, um, You know, the model is, is staking.
Uh, our view is that although staking has some interesting properties, one of the things that a lot of chains have had a lot of challenge is how to actually bring activity to the network.
And our view was that although securing the network is a very important component, Our thought was that actually adding sweat equity and value to the network is much more important.
And, and, and, and again, We can be, we can be challenged that it was the wrong decision, it's stupid, it's all good.
But our thesis was, so many chains have written really good technology, have done a really good job actually creating really novel, interesting technology, and then fumbled on the go to market.
And therefore, what we said is, Securing the network is important.
But actually, we wanted the people that own the network, the super validators, not own the whole network, but own kind of like governance uh on the network, and uh make important decisions, would be those that actually are not just staking the network, but actually have skin in the game, meaning they have put a significant part of their business, or an important investment in the business.
And therefore, anybody can apply to become a super validator.
You put uh a proposal, and if you got a supermajority vote by all of the super validators, you join as a super validator.
And those names will go all the way from small wallet providers that have been early in the journey of Canton and have put quite a lot of investment.
To defy protocols that have built on the network and have made serious investments in the network, all the way to Broadridge, or Tradeweb, or SBI or DRW or Visa, right?
It's not, this is not a closed source network of the, you know, Wall Street cabal that is like trying to like, preserve their um strength.
It's the idea is that everybody can participate, but our measurement.
Of why you should become a super validator, is because you add some kind of nonlinear value to the network, compared to just being a passive participant on the network.
That's really, that's really what a super validator is.
So you all, let me, let me sharpen this word because permissionless in crypto and blockchain is a very special word.
It's like, you know, it's like, it's like the word democratic.
It has all these other extra valence that we put on it as a culture because it's been so core to what has made crypto crypto historically.
So, explain to me, um, so you've, you've countered many of the people online saying that, oh, Canton's not permissionless.
You say, no, it is permissionless.
Um, can you explain what you mean by that?
What does permissionless mean in the context of Canton, um, and what does it mean and what does it not mean?
So, permissionless to me is that, first of all, everybody should be able to build an app on the infrastructure.
Everybody should be able to participate in the infrastructure, meaning I should allow any person to be able to connect to the infrastructure, participate in the infrastructure.
It doesn't mean that um just by connecting to the infrastructure, like I gave the example on the internet, I will have access to every asset on the network, or that I will have access to every application on the network.
And again, everybody can try to become a super validator on the network.
It doesn't mean that they will be able to, um, and again, I, you know, I think that I see your point about like it's democratic, again, I, I challenge that because I would say that most L2s then would not fall into this democratic, um, um.
Definition, and yet nobody said a word about it, because again, it's a centralized sequencer.
The operator of that sequencer, the day that they want, can flip the switch, moving from public permissionless to fully private permission, and all of your assets now are locked on that L2, right?
You cannot do anything.
They can decide unilaterally to censor any person that they would want on that L2.
Again, I gave an example, there's a few L1s.
That have a permissioned set of validators running the consensus for them.
My, my view is that I would say that Canton is much more permissionless than those, but again, we came up with a different model of how to set who can participate as a super validator.
I don't know, I can't remember what's the number for some of the L1s today, but in order to be a full node from a staking perspective, we're talking about tens of millions of dollars.
That is not very permissionless in the sense that like, most average joe cannot become a full note, right?
So, I guess my point is, we just came with a different definition of how you can join in a permissionless manner.
It doesn't necessarily mean that everybody would be able to participate in it, right?
You, you agree with me that not everybody can become a full node on Sui today.
I mean, your definition of permissionless is basically you come and ask for permission, and then if it's granted, then you can participate.
With that, so I was gonna say something like that.
I, I feel like you're painting this equivalence between there being a minimum requirement on Ethereum and Solana and these other chains, which isn't the same thing as like kind of needing to apply on Canton.
And then being granted the permission by the existing validators.
Like there is literally a permission moment of entities deciding, you know, will we let you in or will we not?
So that's not such thing as meeting a minimum requirement.
Sure, just to be clear, uh, in order to meet the minimum requirements, a group of individuals came and set their permissioning about it.
So, just because you could say, what what I'm happy for you to say is that the permissioning on some chains are a bit more objective, or more objective in the sense.
But again, if 2/3 of the full nodes on Solana, or SI or Ethereum were to come together, guess what?
They can change those permissioning today.
And they have done that in the past.
So, so you're, you're, you're, you're, you're again, yeah, I mean, but I like I said, so I would still say that one is meeting a requirement, and then the other like you apply and then you're granted permission or you're not.
You're meeting, you're meeting the requirement as of right now, I guess is my point, and again, like it's, it's like saying that uh these networks are fully permissionless and And then we find out that a chain went down, because the foundation did not pay the AWS bill for all the notes.
I mean, we can take this to an extreme of how we want to have these arguments.
Everybody can say, I want to become an SV and if the SVs vote in their favor, that is fine.
On every chain today, if 2/3 of the full nodes decide they want to censor one of the full nodes, they can do that as well.
And again, there have been multiple examples how all the pure definitions.
Um, uh, immutable, not true.
There have been hacks, we forked the hacks, I mean, it's no longer immutable.
All of these definitions that we claim to be so pure are only true until they're not.
And my only point is, again, I'm happy for Canton to be criticized, that it is not permissionless in the same way that Ethereum and Solana is.
I'm totally fine with it.
I'm, I'm totally.
In agreement with that, I'm explaining our rationale is that anybody can become a super validator, and if you look at the spectrum of the types of companies that are super validators on Canton, there is no very unique way of saying like, oh, they're clearly going after just banks, because they're as as of right now, there's not even one bank that is a super validator, maybe not for long, but as of right now, there's not even one bank that is super validator.
And there are traditional FMIs and then there's also like really new DG kind of like uh crypto providers that are all SVs.
So clearly we are not trying to permission only Wall Street people, we just thought this is a model that would actually create value to Canton, as we've actually been able to prove, and that's it.
I mean, I, I don't have anything else to.
To defend, and I think that this is where where where we started.
My point to Hassib was.
I think that suddenly everybody's nitpicking can on use of the word permissionless, because like I said, I think Hadera is a permission state of validator.
Nobody's like going and throwing flames about like, why are they calling themselves permissionless.
Nobody's to your earlier point, Hadera is not winning, right?
You guys are winning, which is why there is this spotlight.
Yeah, but so we you all, I, and I like, I don't wanna belabor this, but I, I think it's more that like there is actually a moment where the validators are granting permission to whoever is kind of like applying, so it's just, it's just like.
I don't wanna go into the semantics.
I understand the points you're making that, you know, all these different entities are setting standards, and like, you have to meet them or not, and this is something that is decided by a certain group.
Like, I, I get your point.
I'm just saying that there is an actual moment where permission is either granted or not in Canton, but I do want to ask about that, like, what percentage of entities that have applied to become super validators have actually become super validators or been rejected?
For the most part, all have been approved.
Not necessarily, not necessarily immediately, there have been feedback from the network about like, hey, this is not enough value given where Canton is, but again, stellar, Ripple, B&B, every L1.
Fully permissioned set of uh validators again, I, I'm, I'm just, I'm just very eager to understand in a non in a non-bag in a non-bag uh kind of uh yeah, well, so you all, let me, let me say like I agree with you that there are a lot of chains that have this kind of structure where basically You have a central group or committee that decides on who's going to be led into that committee, and they participate in consensus and they're basically stewards of the chain.
Um, the difference is that usually the way that we describe the consensus for these networks is proof of authority.
The authority can be a single party, it can be a small committee, um, but generally there's a term for that, it's been around forever.
It's a long, long history of proof of authority chains that have these kind of committee-like structures.
It sounds like that's what Anton is doing, not that dissimilar from a lot of other chains that have this kind of, um, you know, institutional banking oriented go to market like Stellar, like, like Ripple, um.
I guess the, the, the, the reason why you're getting all this pushback is that, again, it's like calling something democratic, right?
It's saying, well, you know, it is democratic because if you want to vote, you can apply and then we'll decide whether you get to vote.
Like you could, you could argue that's democratic, but that's not what people mean when they say democratic, right?
Um, I think that's why you're getting such an allergic reaction to the use of the word permissionless is that it's a very special word in cryptoculture.
The the word democratic is a very special word.
Listen, I appreciate that, but I, I think I will again disagree, because I don't think that anyone would say that B&B is proof of authorship or something like that.
And again, most of the chains, I, I can tell you it's until Canton started getting a lot of heat, I think would have all described Hadera, stellar.
Ripple, B&B, Base, Arbitram, I can keep on going as public permissionless chains.
And I don't think that they would have gone into that nuance.
I just don't, but again, I gave my thesis, our thesis is that the SVS can go up to 100, can go even beyond, right?
There's nothing, there's nothing that actually, there's no cap on that, on that model, and I guess from my perspective, I, you know, I've explained that a lot of chains when they design their tokenomics and their structure, are trying to solve a specific problem.
And, you know, some chains said, oh, in order to have the token rally faster, we'll just create the the full node that you have to stake significantly more money.
They didn't actually solve for the usage and actually building on the chain, and, you know, other other drawdowns to what we've done, again, clearly from a marketing perspective, we're getting heat from using the wrong word in its purest form.
On the other hand, you could say, look, we've actually brought stakeholders that put a lot of skin in the game, and actually build a lot of things without any grants.
We've given today two grants from the Canton Foundation.
But what about rewards?
The rewards are objective, Alex.
They're for everyone to see, so, they are objective.
There is no kind of foundation that did a pre-mine and then sitting on a treasure of dollars that is deciding in a very opaque manner who gets who gets what reward and for what reason.
So, yeah, we actually align the incentives in a much more objective way with the builders.
And who decide what degree of rewards you're getting as a validator who joins.
What do you mean?
Well, well, you're saying like it, it's unlike grants, we have a transparent and straightforward model of who gets what.
So I'm, I'm wondering like who, who decides what level of super validate you, you, you have these different levels, right?
Like, uh, tiers, uh, with the higher tier, the, the more reward you get, like who decides on this.
It's vote, uh, all, all the super validators, uh, applications are public for everyone.
OK, that, that's fair.
So, so basically it's a permissionless model where an initial set of participants decide, uh, uh, who becomes the next participants, uh, and how much they will get.
And um Um, that, that's fine with me.
So it's it's I, I, I think that like I have much less problem with the uh with Canton calling itself permissionless, because.
It's really obvious for everyone what it is.
If you have to apply and you get, you guaranteed permission, uh, you can call this a permissionless, like it, it's, it's very, you know, everyone who has listened to this conversation now make their, will make their mind, uh, and will, will have an opinion.
I, I think it's like, it's very straightforward.
I think it's a lot more interesting to talk about whether it's uh a blockchain or not because they, those, the, this definition gives very different properties, and I think we have not yet explored all of them.
Yeah, I actually, so why don't we um go into that part, because like, I, I, so, you know, I am not a technical person as most people know, but from what I could tell of what I read, it did seem like Alex's point earlier about how the point of Canton is more around messaging was um was valid, and, you know, it wasn't totally clear to me, so like, and, and, you know, maybe this could apply to literally any RWA on any chain, I'm not sure, but it's sort of like, if Canton were to break or any chain that's holding uh or that's, you know, uh processing transactions for an RWA.
Then what does that mean for that asset?
Like, does it not really affect the asset because there's simply another sort of backup system that can handle, let me try, let me try to, to, to frame the question.
Uh, the, it's not about the asset, it's about enforcing financial rules without the trusting, trusted third party.
This is what Bitcoin White Paper was about.
This is what Ethereum is about, this is what all the public blockchains, what blockchain technology in general offers.
This is what the institutions also look up to blockchains when they embrace this technology.
You know, if you are, if you still depend on some trusted mediators or or trusted third parties to enforce certain properties, it's not a blockchain, it's, it's just messaging, maybe cryptographically.
Facilitated messaging between multiple parties, maybe it's something like a DocuSign for tokens, when, when the all parties agree, they can see their, their state, like whatever we like we mutually agreed on, they approve this, it goes forward.
Uh, what blockchains enable beyond this bilateral relations.
Is enforcement of financial rules.
In aggregate across like for smart contracts that encompass multiple parties, which can be permissionlessly joined.
And these are, you know, it, it goes from simple use cases like enforcing a token cap.
To some more really interesting and and exciting topics like uh liquidity pools, defy, um, margins, uh, automated marginal liquidations and collateral management, all of that is not possible on Canton without a trusted third party which you completely depend on and basically this one on one, Uh, multi-cur style, so hold on, hold on, hold on.
So, it seems very intuitive that like anytime you have a centralized issuer you are trusting a third party, right?
Like there's, there's no universe in which you have issues, no, but, but in Canton you only depend on them because in, in, in Canton there is no way to enforce, uh, the rules by consensus by the entire network, the way Bitcoin and Ethereum how many times did I tell you to go and look at CBTC, which is a decentralized asset on Canton.
I mean, maybe you should go and look at it and come back and revise your statement.
Second of all, um, it's kind of, it's kind of odd, I have to say, to sit and listen, um, to, to this argument, because again, a Providium relies solely on an operator to write proofs for you.
It's, it's, it's, I'm, I'm just trying to understand most of the things that happen of the hacks, where an issuer-based asset, forget about Canton.
The reason why these hacks have such a bad outcome is not because of the centralized issuer, because if USDC or USDT were involved in a bad hack, and the hacker wasn't smart, and actually stayed on those centralized issued assets.
Guess what?
Eventually, why why do people get so angry at Circle with the previous hack, is because they didn't act fast enough to prevent from the hacker from actually moving into permissionless assets.
So, the issue is not with relying on a centralized issuer.
Actually, we would have been happier, as we've seen a lot of the crypto space saying, if the centralized issuer were to intervene.
Sooner, rather than allowing actually these assets being traded and swapped into permissionless assets, where then they can no longer interfere.
So, again, on Canton, no different than any other public chain, the issuer is centralized in real world assets.
And they have different properties or similar properties to what they would have on public permissionless chains.
We have stopped the conversation earlier from explaining to me how if the issuer was not aware that they were hacked.
Similar to any other public chains, how you as a third party observer of what seems to be the same type of activity that they do the same day, all day long, would actually prevent anything bad happening from again, having this newly minted assets be swapped into a permissionless assets, which is what always happens when these hacks take place.
So, again, I would say that at least on Canton.
As a party to a transaction, nobody can upgrade the smart contracts on you without your knowledge.
You are the one verifying the transaction yourself.
You're not relying on a third party doing a proof for you.
Right?
And again, we're we're gonna go back in circles, and, and Laura, I, I, I have to say, if, if you're not technical, I think that it's dangerous, especially with someone who has reached like you, to say, but it sounds right.
I can tell you that if Canton goes down for Broadridge.
It would have a systemic issue on running what today is close to $400 billion of repo, and I would say that within the next 12 months, we'll get closer to $1 trillion worth, which actually does have systemic uh implications on banks that need to meet liquidity threshold.
Now, would, would those uh banks and people like Broadridge consider alternative in the case that one of their Uh, uh, liquidity pathways had an issue, absolutely.
But I will tell you that assets that have, uh, applications on Canton are no different, and I would say in most cases are just as systemically critical, and Canton is not just a messaging base.
Again, I would say that any RWA, the actual asset is not the token, it's the asset that sits in a fund admin off chain.
Right?
That's, that's the reason why people want some of these RWAs to intervene when there's a hack, because no money is actually being stolen from Circle.
The treasuries that they have are still at Bank of New York Mellon, the bank deposits are still at the banks.
What actually happens is someone goes and takes a USDC that has been stolen.
And swaps it into Bitcoin or Ethereum, and that's where the control is lost.
So it has nothing to do with real world assets that are being stolen, and that's it.
I mean, I just, I just think that it's important.
To stay factual, and not to say like, if I'm not technical, but that sounds, that sounds right.
So I want to ask you then just to explain, because some of the things that I read about Canton were that for the sync domains, they are in charge of message queue, sequencing, they do time stamping, uh, for participant notes.
I also heard.
I think you said earlier in the podcast and on other podcasts that Canton does not do state.
So can you just, oh, I said on this podcast that we do state decentralized state management, and I would say that every, every blockchain uses messages.
I mean, mempool are messages waiting literally in a memory pool before they get committed into a block.
I mean, RPC messages, I mean, like we can just keep on going.
There's messages everywhere, the way that computers communicate.
Let me, let me maybe sharpen the question a little bit.
So it, it's, I think the charge that, uh, Alex is levying when he calls it a messaging system is not literally that, OK, well, obviously all blockchains send messages.
Um, I think the claim is more that it's not load bearing, right?
So, uh, normally when people think of USDC, it's like, OK, if I get USDC.
I know it's a bare asset.
I now have a claim on this dollar, and it doesn't really matter what circle says.
Obviously they can later freeze me or whatever, but barring that, this is mine and I have a claim to it.
The claim, I think, and Alex, correct me if I'm wrong, when you say it's a quote unquote messaging system, is that it's more like these are digital twins, in the sense that, OK, Broadridge has their own back end, they're recording who their counterparties are and who owns what in these reverse repo transactions, but basically what's happening on Canton is just like a, a replica.
Of what's happening on their own system.
Maybe it's faster, maybe it's easier to read, maybe it's easier for everyone to synchronize on, but it's not load bearing in the same way the USDC is load bearing.
Hassib, just, just listen to what you just said in your words, not mine.
I can hold USDC stable coin.
And it's a bearer acid.
Granted that USDC doesn't freeze me.
I mean, you yourself said it, so it's not a bear exit.
Like, I mean, there's, there's, it's a spectrum, right?
It's a spectrum, right?
There's, there's a, it's a bare asset unless I, I, I think this entire like like, uh, well, thank you for answering the question, but the answer is not the question I asked.
I asked you about the enforcement, again, I'm gonna come back to the to this original idea of blockchains.
Blockchains is something that enforce that those are systems that enforce financial rules without reliance on third, uh, trusted third parties.
And Canton cannot ensure this.
So when, when, when, like for bilateral agreements, sure, we don't have a trusted third party, we just, we, we sign messages between, it's, I mean, I don't know how many times I'm going to repeat the same thing, and you're going to keep on ignoring it.
You could have an asset on Canton, which has a decentralized party.
That's not a.
What does it have to do with asset?
I'm not asking about the asset.
All right, all right, I'm gonna, I'm gonna put a kibosh on the thread because I, I don't, I don't think we're making progress, um.
I I I just, I'm just gonna say that we had this conversation with your co-founder, uh, Shaul, and Shaul confirmed this.
He admitted it in a, in a public thread with me that yes, Canton cannot do this.
Canton cannot do anything.
Canton cannot enforce aggregate property.
I'm gonna, I'm gonna actually cut the thread.
Cutting this thread.
Um, I, I want to come back to this point, you all, cause I think it's a very interesting one, of your claim that like, well, um, is it not also true for USDC?
Like, is there really a difference here between, um, what, what I'm describing with USDC and what maybe is the, is the trust model on something like Canton.
Um, I'd like to, I'd like to hear, um, Alex, your, your reaction to that, to that point.
Um, do you think there's a difference between an asset on Canton and something like USDC?
Um, that's an RWA on Ethereum.
I think everybody agrees that this is the canonical model for a permissionless, quote unquote, RWA.
Uh, but to you all's point, like, Circle can decide to delete your coins at any time.
And in fact, people are calling for USCC to delete people's coins.
So, what exactly is the difference?
Is there a real difference worth noting here, or is it purely a cosmetic one?
Uh, so, uh, let me describe what's possible on Ethereum.
I don't know if circles specifically follows this, but what's possible on Ethereum, that is not possible on Canton, OK?
So on Ethereum, you can set limits.
You can, you can create a smart contract.
And you, you, you can make it upgradable with uh the cold keys that you call in the hold in the cold storage by circle with a multi-sequel whatever.
And this smart contract enforces limits.
So it says, like, sure, the servers can mint some amount of tokens up till, you know, 1 million per day.
And beyond this point, it requires manual confirmation by people.
Right?
You can't do this on Ethereum.
I don't know if Circle does this, but you can do this.
You cannot do this on Canton.
On Canton, your asset can be compromised up to 100% of the asset by compromising a single server.
That's my point.
OK, well, let's assume for the sake of argument that Circle does not do that.
Let's assume that Circle just has mint function and they can mint as many as they want.
Then, then no difference, then no difference.
I'm talking about the capabilities of if the, if Circle just does the, like, you know, they have a mint function and it's controlled by a single hot signing key, sure, like the, the, the only difference will be that it's gonna be immediately publicly visible to everyone, that circle supply all of a sudden jumped like 100%.
On Canton, it's not going to be visible, it's gonna propagate silently through the system.
That would be the only difference.
Alex, but I really think that this level, at this, at this point in time, I would literally say if you literally just can actually um go and open an account.
Talent on Twitter, you could hack all of Providium's.
You keep on just propagating this lie, and I keep on trying to say to you, you could have a decentralized party, and you can keep on just propagating this lie on a live, on a live show, and we're just gonna technically prove you wrong, and you're just going to keep on propagating a lie, which is not very good for someone like yourself to do, and I'm just telling you.
That we're gonna make some proofs on Previdium, on what you can do with Previdiums, and I think that it's not gonna look good for you.
So, you could keep on making this claim, and I'm just trying to tell you, let's just go under your assumption that an issuer got hacked, whether it's a single server and a multiple server, and I'm going to make the claim that we cannot prove on this call, neither you or me, and I'm actually recommending that you stop making the same claim, even though I'm telling you that you're wrong.
That let's say an issuer have been hacked, period end of subject, whether it was a single server or multiple servers, and just answer Hassib's question.
That happened.
What can you do on Canton, or what can you not do on Canton?
What protections do you lose on Canton that you get from any other chain?
You don't, you're on Canton, you rely solely on the uh on the multi-sick.
On the Ethereum, you rely on smart contracts that are enforced by the network.
This is the difference.
So you know, in Ethereum, you can construct smart contracts that are going beyond the multi-s.
On Canton you can't.
So explain to me like a smart contract that will say you can't mint more than a million dollars at a time.
Exactly, and beyond that threshold, it will require a different set of keys.
In Canton, you cannot do that.
You cannot do that because it's gonna be enforced by the submitted transaction by the issuer or or by the complicit uh party with the issuer.
And in Damel, uh, you know, the mediator will not see it, they will just count votes.
They will just just not count votes.
It's just not true, just absolutely not true.
You could have fomenting all of the protections that you said, that even if a signature by the issuer would not be able to, again, all of the parties that are participating are the ones validating the smart contract.
You would actually have to change the smart contract first.
And to say now I can actually mint a different smart contract.
That's it.
It's just, you're just, you're just spewing falsehoods here without actually doing you can't enforce aggregate properties of your asset, and this is what your co-founder confirmed.
So you cannot do like, uh, I guess we'll have to take it after the uh the debate, and we'll we'll just provide the RPIC and you'll provide your PIC.
But in Canton, you rely on hot servers, and this is basically what happened yesterday with uh with layer zero.
You, you, you can't enforce the, uh, the, like the network cannot enforce the rules.
The rules are always enforced between a small set of a finite set of participants.
You cannot have an open contract that everyone can verify, uh, that that does not rely on it.
Then I were to tell you a decentralized party, and you're going to keep on ignoring it, and I'm going to keep on reminding it.
And Canton coin is literally an asset that invalidates your whole statement.
So to say that Canton can't have it is just ludicrous.
Again, you, you rely, you rely on the multi-sick of the coin issues, like if you, if you put more, more, uh, servers into multi-sign, sure, you get it, it gets better, but it's still a multi-sick, it's not a, uh do you mean decentralized enforcement.
You run a BFT across them.
I, I don't understand this whole point about a multi-sign.
Your, the, the BFT is uh uh a consensus between them, what authorizes the transaction is the signature on the uh like on by the mediator.
Meditor approves the transaction.
All right.
Um, we, you know, we're running up against time.
So, I'm, I just wanna make sure that we touch on, uh, two more topics.
So, we're gonna, let's talk about the CC coin.
Um, as far as I understand, a large amount of CC, Canton's native token, was used to, um, incentivize validators.
So, a good percentage of the token was accumulated by super validators who were invited early.
So, Eval, I know you were upset by this question somewhere else, um, but I figured it was worth getting your response here on the record.
So, Austin Campbell tweeted, Canton has many problems, the first of which is a governance problem.
I do know many institutions who have looked at Canton and said, why would I invest deeply in a thing where others pre-created all the tokens and who use it only because DRW is paying them to.
Um, what, so what's your response to that?
I saw like some back and forth with uh you and your team with Austin, but if you could just, in your answer, explain what the financial incentives were for those early um partnerships and activity on the network as well.
Uh, what were the financial incentives for people that participated in Ethereum early on?
I mean, Oh, so there wasn't anything beyond just Like, you'll get in early.
Absolutely not.
And honestly, like, here, here's what I will tell you.
I am willing.
For me as a company, first, so 1st, 1st of all, again, DRW did not create Canton.
Right, and, and actually one other question, sorry, for the early participants, they were just earning from the start.
There was no kind of like pre-allocation.
No.
OK.
No.
And, and, and, and here you go.
I mean, we, you know, it's so easy for someone like Austin to put a statement that DRW paid, which is actually making, you know, putting a lie for eternity on, on, you know, on something that he will ever, you know, have to defend, where he got that information, but Which, which network today, like, if I build an Ethereum today, like, should I go like, well, what's my financial incentive to build an Ethereum?
No, you build an Ethereum because it actually solves a problem for you, and it actually generates for you as a business.
So, that that that this idea that uh people will not build on Canton, which I'm actually surprised because I would like to understand which financial institution today did not announce that they are already building on Canton or participating in Canton.
So I don't know which community bank Austin is talking to, but I would like to understand, right?
Um, you know, there's no, there have been no payments.
I'm actually happy as as kind of like the creator of the technology, to go head to head, who can get an audit done on his company more efficiently and cleanly, because we haven't done any token deals, we haven't done any payment deals, like, you know, I know it's annoying for people that Canton is a top 20 chain without doing all of those funny stories that crypto have been doing for a very long time.
I know it's annoying.
But we have been patient, we've been working on this for 11 years, we haven't done shortcuts, we've tried to do things the right way, right?
And, you know, I, I don't know.
I guess it's going to continue to be annoying that we're gonna continue to grow the activity on Canton, and just do things the right way.
I, I, I don't know, I don't know, like, there haven't been any payments.
Anything, I mean, like, you know, so I don't know, I don't know even how to respond to someone who clearly has no information to come up with a statement that DRW paid people to join Canton.
Like, honestly, like, it's just, it's just outrageous that people even give the stage for statements like that without actually saying, wow, that's a big statement.
Can you prove that to us?
And if you can't prove it to us, you're no different than Candace Owens saying that Brigitte Macron is a man.
You're literally a lunatic.
At this point.
Thanks for calling me a lunatic.
I appreciate that.
No, I said I didn't say you, I said Austin.
I think he's talking about Austin.
He was talking about Austin.
He wasn't talking about you.
Austin said that DRW paid, uh, you were just reading his tweet, right?
He makes this kind of statements, which are big statements.
Better be able to come with the proofs.
Right?
I mean, like, I think it's, I think it's extremely unhelpful for this industry to make these kind of statements.
And not be able to back them with facts.
And I think, I think that giving the time of day to these type of things is not good for us as an industry.
Whether you like Canton or not, I'm happy with the criticism, but to blame people for effectively bribing people without coming with facts, I actually think is not something that we should give the time of day to.
OK.
All right, well, um, I mean, there's a lot of, uh, other questionsism.
I'm just gonna ask you about one more, which I actually think this one was the one that kind of kicked off some of the public debate about Canton.
It was when Rebecca Reddig called out John Wilson, who is a co-founder, as we mentioned before, of Canton or of Digital assets, for his remarks at DS when he said that MEV was not quote unquote, suitable for financial markets.
Um, you know, a lot of people were, you know, noting, well, actually MEV exists by different names in Tradfi, so I wondered, you know, what your response was to that.
I would love again for anyone to give me in redify how you can reorder transactions once they hit a matching engine.
I would love to know that, because that's what the MEV does.
It reorders, it gives someone the ability to reorder.
Uh, and, by the way, messages, Laura.
So messages come into the mempool, and you as an external participant who looks at the mempool can make a payment.
To reorder those transactions.
I would love to understand where that happens intrat fight.
Again, I'm happy to get criticism, and I'm happy to have these conversations, but when people make these big statements on payment for order flow, payment for order flow can be criticized.
I'm totally fine with it.
But someone who actually pays for order flow has to meet best execution, cannot reorder transactions, cannot say, oh, I'm getting this order from Robinhood, and therefore, I'm gonna, first of all, do all of my orders, and then I'm going to execute.
Not allowed to do that.
Criminal, cannot do that, right?
So, making a comparison between payment for order flow and MEV is just not an apples to apples, but because people don't understand the nuances.
It sounds good, we're against the bad guys.
The bad guys are the Citadels, the DRWs, the all of those type of players, but again, in Tratfi, once an order hit the matching engine, based on price and time.
You cannot reorder it.
It's just not possible, and that's the only criticism was that at the end of the day, payments for order flow and high frequency players have shrunk the spreads on markets, and they have provided better execution.
If you get reordered your message because someone saw that your order has enough interesting market data in it, where they want to go ahead of you, I'm trying to understand what's the value.
For the person who submitted that order, and I think that all the Don claim is that you don't have to have MEV yet people choose to have MEV.
There are chains that don't have MEV, and the question is, why?
What is the value?
And I would then go and ask some chains that claim to have a lot of fees on their chains.
Why is the majority of the fees on their chains are actually MEV chains rather than just regular uh fees.
So if most of the fees on your network are MEV, someone should ask themselves, well, why are people willing to pay so much money for MEV?
People are not stupid.
There is value, right?
People don't spend money for no reason.
So clearly there's a reason why people spend money on MEV.
And I think that all that Don is saying is that if you're Wellington.
I don't think you would be OK.
Wellington is an example.
I didn't have to come up with a specific name, but any type of, and you send a big order.
And you know that people now can see your order and decide to reorder transactions.
His view, personal view, is that that's not suitable for markets, and again, that can be criticized, but to say that there's MEV in Tratfi, I don't know.
I've, I've yet to see an actual concrete example where people can reorder transactions.
Which is what, OK, I'm gonna speak, run through a bunch of other criticisms that I came across because I think it's really good for people to be able to hear your responses to these.
So, um, Sven Werner, uh, published a few in an article, and, um, well, actually, we'll start with, uh, one about, um, privacy.
So, I guess, or, or sorry, about independent verification.
He said that, um, in Ethereum, when you mint a token, the entire network sees it and can verify its existence.
And by the way, I'm quoting um Gabe Shapiro, who summarized this in a tweet.
He said, in Canton, each participant.
Stores and processes only the data relevant to its own contracts.
There is no universally shared ledger, just a virtual global ledger composed of private ledger segments that exchange cryptographic proofs.
And so Werner concludes, quote, If Goldman Sachs tokenizes an asset on Canton, that token is just a data entry.
It has no independent market presence.
Unlike a real tokenized bond on Ethereum, a Canton-based bond cannot be independently verified unless Goldman Sachs allows it.
What's your response about that?
Cool.
So I, I will, I will, uh, again, hopefully show, uh, my, uh, level of integrity, which is, that is a true statement.
There is no public verifiability on Canton.
That is true.
On Canton, only if you are a party to a transaction, you could verify that transaction.
That's a true statement.
Now, I think that um understanding that our view is that the most important thing when it comes to financial services is that parties to a transaction agree on the state of the transaction.
And that although we are going to introduce in the future, as of right now, there is no public verifiability.
And again, I go back to my example earlier, and I don't want to open this because clearly we've been going in loops around it, and nobody would have been willing to actually answer my question.
When we deal with issuers.
We are, by definition, taking a risk on those issuers.
And the only people that Sven is correct, if, if, if an issuer minted more coins on Canton, there is no public state, you don't get to see it, but my point is, if that issuance was malicious, you are relying on the issuer to tell you that it was malicious.
So the fact that again, you would see an issue.
An issuance uh happening does not tell you anything.
And again, I would, I would then venture to say that the thing that happens on public permissionless chains, is that when something bad happens with respect to a real world asset, what does the attacker do as fast as humanly possible?
They move out of a real world asset to a permissionless asset.
So nothing can then happen to them later on with respect to this asset, because clearly if a real world issuer were to know that something bad happened, they would immediately freeze it, and would prevent, you know, prevent from the assets to move, as we said on USDC and USDT and everything.
So, I am willing to accept, I think people will be surprised how soon public verifiability is coming to Canton.
But it's not because we actually think that, and this is where maybe I would go against them.
This is not to protect you from Goldman issuing a bond, or at the end of the day, when it comes to real world assets.
The issuer will decide what and who can do things with their assets.
You could have an issuer say that an asset is fully permissionless to move on Canton.
They can't decide to do that.
The type of use cases that we want to bring Canton to have north of, you know, a few billion dollars of unchained fees are not these use cases.
Like I said, you will see JPY versus USD is one of the busiest busiest financial corridors.
But these are tradfi organizations, and we think that doing these things natively on chain provides a lot of value.
So, it's not, it's not for me to disagree with Sven.
What he stated is, is factually true.
I, I disagree kind of with his conclusions of what are the implications of that, and very soon you will see public verifiability on Canton as well.
OK, I know we're at time.
I'm just, I just really wanna ask you about one more of his criticisms.
We gotta wrap it up.
OK, OK, OK, well, um, we'll have to, we'll have to call it.
We, this, wow, this was intense, um, not the most well organized discussion, but it's OK.
That's kind of the nature of these things.
Thank you everybody for tuning in and thanks to all of the participants, I see, Yuval, and Alex, especially you all.
Um, I do feel like you were in the hot seat, um, but you managed it very admirably.
So, um, yeah, this was a great discussion.
I hope it was informative for people.
Thanks for tuning in.
I've enjoyed it.
Thank you, Laura.
Thanks.