2020 Q2: Bitmark CEO’s Observations to our Investors
To: Bitmark Investors & Advisors
From: Sean Moss-Pultz
Note: This article series is taken from Sean’s quarterly letters to Bitmark investors. We share them publicly one quarter after they are written to give everyone a deeper, transparent look at Bitmark’s perspective of the world.
Dear Investors & Advisors
Observations (from the future)
This is a letter from the future. It’s August of 2021 and even though we do have a vaccine, it’s not widespread. IP disputes between the US, Germany, and China (all contesting patents) are holding back deployment while the pandemic continues to punish society. But there is some silver lining. COVID-19 was the catalyst for a desperately needed transformation. Just about every sector of society moved online, acknowledged the defects of their institutions, and began to invest in better infrastructure.
2001: A Space Odyssey, the legendary Stanley Kubrick film, opens with the “Dawn of Man” sequence where apes surround an extraterrestrial Monolith:
Apes are going… ape shit, screaming and fighting and everything else you imagine apes would do. With a bone from a dead zebra, one ape beats another over the head. More jump in and beat that ape to death. Something feels desperately wrong. Everything is escalating. You realize you are witnessing evolution in real-time. Somehow the Monolith triggered a jump in evolution, starting with tool use and then quickly becoming weaponry.
A killer ape throws a bone into the air, and it turns into a spaceship orbiting Earth — human evolution summed up by the most audacious film cut in history.
More Monoliths appear. One is uncovered on the moon. Humans are dispatched to have a look firsthand. Upon arrival, that Monolith triggers a high-pitched alarm that accelerates another evolution — this time the machines become intelligent. (And not very nice.)
Perhaps we humans didn’t stay on the moon long enough to evolve. 2001 came and went and instead of HAL we got Facebook.
Or maybe SARS-CoV-2 was our Monolith, wreaking havoc on humans, forcing us to evolve through selective pressure. Everything accelerated. Anything that could move online did move online to survive. At the same time, we built artificial intelligence into everything around us. If this continues, our world will change more unrecognizably in the next decade of the 21st century than today’s world changed from what it was 20 centuries ago.
For the first time in human history, we are all connected with our machines and fellow humans into a massive hive intelligence. Opportunities to organize and govern in radically different ways are emerging everywhere. Finally, we have our chance to solve the big problems inherited from the past.
But make no mistake: humanity is at a dangerous tipping point. Yes, we have the potential to create a world of prosperity, beauty, and happiness for all. But it’s also quite probable we end up like 2001 with HAL murdering the humans.
To make sure we create an exponentially better world, we need to engineer better rights for humans. Yet, equally as important, we also need to make sure our AIs are engineered with a sense of rights and humanity at the deepest level possible. Doing this is Bitmark’s purpose. This is Bitmark’s ambition.
Earlier this year we released the second generation of the Bitmark Protocol, renamed as Bitmark Rights System. Even though “system” is overused, the easiest way to understand gen 2 Bitmark is as a system with the following components:
- Rights Capabilities: programmable rights to digital resources
- Enclaves: storage and computation for data
- Charters: standards for grouping and using enclaves
Gen 2 Bitmark was developed with Blockchain Commons. If you remember from my Q4, 2019 update, I said that Christopher Allen thought Digital Property Rights could be embedded directly into digital assets using cryptographic “Object Capabilities”. We could turn property rights in a new form of a digital bearer asset — that blew my mind!
That’s what we did in Bitmark gen 2. It was so important to get to a point where rights could be maintained autonomously, without the need for a centralized server. Gen 1 Bitmark, to be clear, could define rights. But we had very limited ability to constrain and enforce usage. And what we did have was centralized. Let me explain why this improvement matters.
When a system such as an OS or website is presented with a request for a resource (e.g., data, device driver, service), it needs to decide if it should actually do what is being asked. The method it uses to decide is called “access control.”
All modern computers use an access control system that separates the “things” we are talking about (designation) from what we are allowed to do (authority). Since the early 1970s, information security people have known that this approach is fatally flawed. It leads to ambient authority issues. Yet amazingly, it never got fixed. Before we introduced Rights Capabilities, it didn’t matter if we’re talking about Windows, macOS, Linux, FreeBSD, iOS, Android, or whatever — they all separated designation from authority.
Object Capabilities was an alternative security model proposed in the late 70s for access control. Designed to address ambient authority problems, they work by coupling designation and authority. This allows access control to be regulated by possession of the resource alone, similar to how financial resources can be accessed simply via possession of a bearer instrument.
Rights Capabilities are cryptographic Object Capabilities. They are standardized for recording, transfering, using, and programming rights to digital resources (e.g., data, files, services). Cryptography tightly couples the description of what rights are given to which entities for which things. If you haven’t been granted a Rights Capability to do something for a specific resource, you are cryptographically barred from doing it!
The blockchain makes Rights Capabilities autonomously transferable and auditable, without the need for a trusted third party. Rights Capabilities are also programmable. They can be monitored and modified directly in code, creating a dynamic rights ecosystem totally unlike anything in the physical world.
You still might be thinking these are obscure technical problems. They are not. Never forget: “the cloud” is just your stuff on other people’s computers. When you put your data on another computer, totally out of your control, you want to make sure your rights are clearly defined and cryptographically enforced!
A whole range of security problems plaguing us today could be addressed using this new approach. This includes many kinds of injection attacks, cross-site request forgery, cross site scripting attacks, click-jacking, and most of the threats in the top 10 security risks list. These are all arguably manifestations of this one conceptual flaw first noticed in the 1970s!
Development of the Bitmark Rights System was largely funded by the Taiwan Health Pilot. Finding alternative ways to fund infrastructure was a strategy I picked up from reading early quarterly reports of Tesla. Much to my surprise, I learned Tesla increased cash flows by selling electric drivetrains to Mercedes and Toyota. And even though the long-term goal is to occupy Mars, SpaceX transports cargo to and from the International Space Station to develop their infrastructure . Understanding how Elon Musk thinks about this gave me courage to reduce resources on our consumer apps and push as hard as possible to develop our core infrastructure.
Personal data control and processing in a Rights Capabilities paradigm looks nothing like the traditional paradigm. Let me use our Taiwan Health Pilot to illustrate some important differences.
Right now, in August of 2021, about two million people in Taiwan (roughly 10% of the population) are sharing their health data across studies in an open data network. In these studies, scientists and researchers like Dr. Ho, are using this data to make discoveries that are rapidly improving the lives of all participants.
Technically speaking, individual citizens hold their data in personal health enclaves, PHEs. Hospitals and clinics, as part of the pilot, were given Rights Capabilities to automatically push patient data into PHEs. The Health Pilot mobile app uses Rights Capabilities to pull data from personal devices, such as wearable devices or consumer health monitors. This builds up a full, longitudinal data profile. When individuals opt in to participate in studies within the open data network, their Health Pilot apps show what’s available based on their profiles.
Let’s say a match is found for a study on children with prediabetes markers. When the parent (guardian of the child) joins, they would get private, precision health recommendations. At the same time, their data safely helps advance preventative health for everyone.
Behind the scenes, Rights Capabilities to the individual’s PHE are delegated to a matching algorithm (an AI) that finds studies across the network that could help the individual or their family. When a match is found, the consent to proceed is secured, and the individual is added to the study’s Charter. Built into the Rights Capabilities are the methods for data transfers or queries that can be performed. All the regulation (think HIPAA, GDPR, etc.) is handled automatically and recorded for future audits.
This model of massive-scale, low-cost studies and trials was science fiction for decades. In Taiwan, thanks to the Bitmark Rights System and the support of a courageous Digital Minister, it’s real.
Bitmark’s business model is to license and support Rights Capabilities for enterprises, primarily in the medical/healthcare sector. But we also have a number of crypto companies as customers. We help them handle assets like Bitcoin or ETH. When access control goes wrong with crypto assets, there is usually no recourse!
By the way, Bitmark developed several apps based on Rights Capabilities:
- OurBeat. A community and rights platform for music beat makers. It stores beats in enclaves and records specific rights for them, allowing others within the community to freely reuse beats and for people outside the community to license them. This was built with KKBOX.
- A2P. A community and rights platform for visual artists. It allows them to sell collectible digital prints, record rights, and retain their provenance using the blockchain. This was built with Casey Reas.
- Autonomy. A community and rights platform for public health. It allows community members to store health information in personal and community enclaves while ensuring that they retain authority over that data.
I’m not sure it’s possible to overstate the significance of building a better system for rights.
Rights shouldn’t be an afterthought or a necessary byproduct. Rights are the pillars of our society. They’re fundamental to civilization. They determine what we can do in society, what we can use, what powers we have, and what protections we enjoy. From free speech to property ownership, from privacy to freedom of movement, from the privilege to vote to the expectation that we won’t be discriminated against — rights embody the best parts of our humanity!
Unfortunately, rights are being eroded as we transform from a physical society to a digital society. Again, Facebook is the worst actor in this space. Hardly a month goes by without some privacy violation. Of course it’s not just Facebook, all the major social and professional networks hide from people the logic (algorithms) they use to make recommendations and guide our behaviours. You share information about yourself, but you have no control over the corporations that are reselling your information to advertising networks and other data collectors. At their core, these networks are predicated on people falling prey to addictive behaviors. They are massive AIs relentlessly solving corporate profit maximization rather than general human benefit maximizations. All costs are externalized to society.
But it’s not just the networks where we lose our rights. Music, books, and movies are being released online, but there’s never a secondary market: once a creator removes something from sale, it’s gone forever. One you buy something, it becomes dead capital.
Worse, we’re not even thinking about how we could be using the advantages of the digital world to expand on traditional rights. We could be engineering new rights that radically unlock the potential of the digital world. These new rights could be autonomously controlled by the people to whom they have been granted. As nearly all parts of our economy move online, there are enormous possibilities to create a new era of programmable rights.
Artificial intelligence is no longer science fiction. AIs are everywhere. It’s time for us to get serious about what kinds of AIs we want to foster and what kinds of values we want them to have. We cannot assume that the freedoms we want AIs to to respect and enforce will automatically emerge. “I’m sorry, Dave. I’m afraid I can’t do that.” should never be an acceptable response from a machine.
That’s the mission of Bitmark: engineering rights for a better humanity. The goal of our core product, the Bitmark Rights System, is to give you a full array of rights: protecting your privileges, and using the power of the digital world to take us all to the next level.
That’s all for now. Stay strong.