WTF, Crypto

Pseudonymity in Crypto

December 01, 2021 Mark Lurie
WTF, Crypto
Pseudonymity in Crypto
Show Notes Transcript

There are billions of dollars entrusted in products built by completely anonymous and pseudonymous developers. What do everyday crypto investors need to know about projects with anonymous team? Episode details here

Mark Lurie:
Welcome to WTF Crypto, where we explore the crypto universe and peel back the layers of the onion to understand what's really going on and how it affects the crypto investing strategy. I'm your host, Mark Lurie, and as a caveat, nothing in this podcast is investing advice. Today, we're talking about anonymous developers with Curtis Spencer of Electric Capital. Curtis, welcome, and thank you for joining us.

Curtis Spencer:
Thanks for having me. I'm really excited to be you here.

Mark Lurie:
So, Curtis, you told me that there are billions of dollars entrusted in products built by completely anonymous developers. Is that true?

Curtis Spencer:
It is absolutely true. To be precise on our language, there is a difference between anonymous and synonymous developers. And I've been told this many times when talking to folks, that anon is an interesting shorthand that people use, but synonymous is the more precise verbiage here. So anonymous, I think the easiest way to think about it is say someone wrote a blog post and they just had a free form comment box at the bottom. And you could come in and write a comment. You would have no history of who you are. You could just write whatever you want. And similar, when you look at some of these blogs that have this, the discourse usually goes to a very low quality very quickly because no one has anything at stake. So with synonymous, you actually build up your identity over time.

Mark Lurie:
So if anonymous, that's in the bottom of a New York Times article, when people start trolling and just saying absurd things that are meant to flame the fire.

Curtis Spencer:
Yeah, or like YouTube video comments, because most of the time people will use a throwaway account or something that they don't care about at all.

Mark Lurie:
 Makes sense.

Curtis Spencer:
 Yeah, just to flame the fires. So synonymous folks will often have more time and energy invested in their synonymous identity than they do in their real world identity.

Mark Lurie:
Yeah.

Curtis Spencer:
And I think that's the big innovation we're seeing in crypto is because everything is open source. Oftentimes that works compared to 10 years ago where you would almost never invest in anonymous team that showed up with a pitch deck and said, Hey, we want to raise a million dollars and we're going to go build this thing and come back in a couple years when we ship it. You probably wouldn't do that. But now with open source code and a lot of ways you can improve the trust in a project, we're starting to see way more teams on the synonymous side raising capital right now.

Mark Lurie:
Okay. So there's a lot to get into here.

Curtis Spencer:
 Sure.

Mark Lurie:
 But just give me a little bit of context for how many users or how much money is actually involved in anonymous or pseudo anonymous teams.

Curtis Spencer:
Yeah. So top down, when you're looking at dollars wrapped in DeFi protocols, I mean, you're talking about billions. And you could look at the history of synonymous protocols. I mean, the biggest one being Bitcoin where it did start out as a synonymous protocol and it's a trillion dollar market cap.

Mark Lurie:
That's a great point.

Curtis Spencer:
But over time, that was like the nascent stages. More and more identifiable players started to get involved. So I think when you look at projects, there's this notion of progressive decentralization where you often have identified venture backed teams that start out very centralized. And a lot of ink has been spilled on this of, how do you get from a centralized company to launching a decentralized protocol? And there's ways to increase community ownership. And these synonymous projects start almost the reverse, where it starts almost with a smart contract or people putting out open source code. And it's very community and crypto native at the start.

Curtis Spencer:
And then it's this notion of progressive credentialization where it's more and more players start to come in and say, Hey, there's actually real value here. They bring their expertise. So in the case of auditors coming in and auditing that open source code, that's an example of expertise. And then capital funds and retail investors starting to put their assets in. So back to the original question of, how many billions are wrapped in these synonymous protocols? You're getting into the 100 billion, 200 billion range. And depending on how you count Bitcoin ...

Mark Lurie:
 That's really remarkable. I mean, that is an incredible observation about society. Before we jump into it, let's try to tie this back to how it affects people day to day. As I think about it, beyond just being an idiosyncrasy, which is interesting to know about, increasingly, with that amount of capital, it's actually something that it seems every day investors really should know about. I mean, they're using products where their money is either in, or potentially flowing through products built by pseudo anonymous or anonymous developers. And even using Bitcoin is something built by an anonymous developer. So if they're thinking about their portfolio or investing strategy, or just you using apps, it sounds like it's really something that they should know about and know how to interpret and know where the risks and the red flags are. Is that fair to say?

Curtis Spencer:
Yeah. And I think it's a spectrum because, yeah, I mean, if you're interacting in DeFi these days, you're likely having assets flow through something that a synonymous developer has worked on. And so I think when you're evaluating that, it's all about risk profiles. So I think there's table stakes things that synonymous developers do to increase trust in their protocol. So I think if you're looking at a brand new smart contract, and the first thing to look at is who's audited it. If it's a trusted auditor in the space, that's an immediate green flag.

Mark Lurie:
So maybe let's come back to that. Before we do, could you give our listeners a sense of who you are and your background in the space, so they can contextualize where your thoughts are coming from?

Curtis Spencer:
Yeah, absolutely. Yeah. So I'm Curtis Spencer. I'm one of the co-founders of Electric Capital and we're a venture firm in the space. We invest in equity businesses, layer ones, as well as across the DeFi stack. So in many synonymous protocols, as well as identified teams. My background before crypto, I was a distributed systems engineer for many years and an entrepreneur, started and sold two companies before focusing full time on crypto. And I think one thing as a firm, why we spend so much time on this is we are all developers. Everyone on the investment team has a computer science background and often have participated a lot in the open source realm.

Curtis Spencer:
So seeing crypto is the second coming of the open source movement where it's like now we actually have incentive compatible systems where the open source code is not just running behind the firewall of a massive organization. It's running in the open and you can see the code being executed. I think that's the big innovation here and why open source protocols can be shipped and start to wrap huge amounts of money. And we're just starting to see this trend more where more and more folks are deploying directly on chain. They don't need this longer R and D phase. They can actually start deploying on testnets, deploying on mainnets and get real capital wrapped up in testing these systems. So the feedback loop on quality has definitely shortened. Yeah, that's a bit on me.

Mark Lurie:
Makes sense. So you have insights from the investing side. You've actually been a developer yourself, and you've engaged with open source communities. That is a great background. You were also a software engineer at Facebook, a member of the senior technical staff at Oracle. And you have both your bachelors and masters from Stanford in computer science.

Curtis Spencer:
Oh, thanks. Yeah.

Mark Lurie:
Great. So let's step back and get a little more precise about the phenomenon we're observing. So could you give us a few examples of anonymous teams? Bitcoin is one. I'd love to understand a few more concrete examples of where there are these pseudo anonymous projects and how they've emerged.

Curtis Spencer:
Yeah, so it's interesting because you see almost a full spectrum of teams that could be all synonymous teams, where there might be one identifiable person and a bunch of synonymous devs that join. Or the reverse where the founder of a project might be synonymous, and then you have a bunch of identifiable folks coming into the mix. So a few concrete examples, the privacy coins in general have a lot of anonymous origin stories. Monero is a classic one where it's actually the crypto note paper was penned by a synonymous academic named Nicolas Van Saberhagen. And then a bunch of people made implementations of of that paper.

Curtis Spencer:
 And yeah, the first one was ByteCoin, which was forked away by the Monero community. And then the Monero community ended up being much stronger and adding a bunch of features over time. But they have a very identifiable key person, which is Ricardo Spagni, otherwise known as Fluffy Pony, but then a bunch of synonymous developers in his orbit building on the Monero protocol. And I think he's since stepped down as the head maintainer. And now the project is very decentralized with a bunch of identifiable researchers plus synonymous developers.

Mark Lurie:
I see. And can you explain what Monero is when you say privacy coin?

Curtis Spencer:
Yeah. So it's a layer one cryptocurrency with the main focus being private and anonymous transactions.

Mark Lurie:
I see. So it's Bitcoin, but less traceable.

Curtis Spencer:
That's right. Yeah.

Mark Lurie:
Got it. I mean, I can understand, I guess, why someone might want to be pseudo anonymous if they're developing something that is less traceable than Bitcoin. That's not always something that in particular I would think regulators would be a fan of and perhaps for good reason.

Curtis Spencer:
Yeah. And I think it might be worth digging to why a team may want to go anon. And I think this is one of them is if you're building something that has a potential for regulatory blow back, and private untraceable payments, I think, is one of those, I think there's also a lot of flexibility that being an anonymous team gives you. You can push the envelope on what's possible, so you can really dig into that code is law.

Mark Lurie:
What do you mean by code is law?

Curtis Spencer:
So this is a motto of ... I don't know where it originally was coined, but definitely in the early days of Ethereum, it was invoked a lot, especially with the original DAO hack where if we're just writing code for this world computer, anything that's legally executable code is the law. And as long as the system executes that, you don't have a moral need to adhere to the laws of the traditional world, because you're in the laws of the world computer.

Mark Lurie:
I see. And so it's like if you were to write a contract and you included a term accidentally, and you don't like what happened with that contract term, you're stuck with it.

Curtis Spencer:
 Yeah.

Mark Lurie:
And in the same way, code is law means that if the code does a certain thing, then that's allowed and that's what was intended, even if the person writing the code did not actually intend it. Is that ...

Curtis Spencer:
Yeah. And this is where you get into the moral question and the DAO hack. The code is law proponents would say, well, this is how the contract was written, and this person is able to make a call into it that drains the contract of a hundred million. That's the law, but then [crosstalk 00:12:27].

Mark Lurie:
That's how the code was written.

Curtis Spencer:
Yeah, exactly. And then there's other people saying, well, actually the code was intended to do X and this was an unintended side effect. So we think we should fix this forward and fork the code base. And that's how you ended up getting Ethereum and Ethereum classic. And [crosstalk 00:12:44] moving forward, that event is much rarer. You're not seeing hard forks all the time whenever there's a bug in a smart contract, but that was early enough in the history of Ethereum where everyone thought maybe it's worth rolling it back for this one time. It's like you get one Mulligan.

Mark Lurie:
One Mulligan. Well, as I recall, 14% of all Ethereum was locked into the DAO contract. So I guess it was a pretty big deal for the community at that point, in 2000.

Curtis Spencer:
Yeah. It was a too big to fail project. I think it was 2015, but maybe early 2016. I can't remember.

Mark Lurie:
A while ago.

Curtis Spencer:
 Yeah.

Mark Lurie:
So being a pseudo-anonymous developer you think lets you push the limits of code is law, is that right?

Curtis Spencer:
So that's one angle is like, yeah, you can develop any economic primitive you want. The limit is your imagination as opposed to what the U.S. regulatory framework might allow for, for instance. Or you can create incentive mechanisms that maybe your coin could be labeled a security if it failed the Howie test. So you get this flexibility on innovation. There's also a personal safety component. Say you're on a multi-sig of a very high profile, a multi-billion dollar contract, it's actually probably pretty nice to stay synonymous in that way. So there's the personal safety component, but there's also this ...

Mark Lurie:
You don't want to literally be kidnapped and made to give up your crypto.

Curtis Spencer:
That's right. Yeah, or torpedo a protocol for instance, right? I think there's certainly risks there. And then I think not just that. In talking to a few synonymous teams, there's also this fear of failure where say a bunch of retail investors are wrapping assets in your protocol and you do mess up. You do all your best efforts, but you still have a bug where someone exploits a flash loan and tricks your protocol into leaking value. Now you've let a ton of people down. And I think there's this feeling of doing that with your meatspace persona turns you into this pariah for the rest of your life, because you lost a ton of people's money. And so there's this fear of you want to be innovative and try this stuff, but you don't necessarily want to put your whole reputation on the line for it.

Mark Lurie:
It's scary. You're putting yourself out there. I mean, that's a reason a lot of people don't pursue entrepreneurial projects in the first place, because they're scared of failure. They're scared of being seen as have failed, which is a shame. But I guess being pseudo-anonymous removes that fear and helps people take risks.

Curtis Spencer:
Yeah. And I mean, you do have to applaud the people that do it with their real persona, right? I mean, they're putting a lot on the line and that's why oftentimes when you look at these protocols with key person risks, yeah, you got to applaud them. I mean, they're really putting themselves out there, especially if they're U.S. based.

Mark Lurie:
Yeah. Yeah. Well, there's another component to it, I guess, which is if you're experimenting and you're really not sure if something works and yet people are putting millions, hundreds of millions, even billions of dollars in what you're building, but you know it's impossible to be sure it won't be hacked, in some ways being pseudo anonymous is actually more honest because it's a signal to those investing that they should really make their own decision. Whereas if you put yourself out there, you're signaling to people that they can rely on you for doing the diligence. And in some ways that's almost a more honest transaction [crosstalk 00:16:21] if you're really not confident.

Curtis Spencer:
Yeah. That's a good point. It's like the buyer beware. It's like, I'm putting this stuff out there and it's open source, freedom of speech code that's running. Yeah. You evaluate it yourself. And that goes back to open source ethos too. If you look at a lot of these open source licenses, they often have something in it like that. If you look at the MIT license or the GPL, I think it has something where it's like, Hey, I'm not taking any liability. This code, use it as you see fit. And yeah, it could break your system or destroy your hardware and your data center, but I'm not liable.

Mark Lurie:
Yeah. It still might surprise a lot of people because just as there's a human impulse to fear the perception of failure, there's also a human impulse to chase glory. And being pseudo-anonymous sacrifices a lot of glory. I mean [crosstalk 00:17:24] it's amazing that Satoshi hasn't told the world who he is. I mean, he really must be a well grounded guy in order to avoid doing that. I don't know whether it's admirable or surprising that pseudo-anonymous developers don't want more credit.

Curtis Spencer:
Well, I think you could turn it the other way though. A lot of these folks that start or become major contributors in a protocol synonymously, they often are building up their E clout, their reputation in the metaverse that is different from their reputation in real life. And so they can lead this double life. If you looked at [inaudible 00:18:03] or a 0xMaki from Sushi, these guys are very well respected, synonymous devs. And some people know who they are personally, but they're able to build up this identity. And if they launched a new protocol, they would probably have an oversubscribed investment round just based on their track record. Right? So they are building up this reputation, but they also get to decouple it from their real world identity.

Mark Lurie:
Yeah. It's really interesting because 0xMaki, that's his handle, right? His Twitter handle, let's say. And if you think about it, what's the difference between John Snow and 0xMaki? It does bring you back to what's an identity? Because those are both names and it's like, who do you choose to trust? And so it sounds like some of these pseudo-anonymous developers are building up identities online to the degree that they almost are more valuable than so-called meatspace identities offline.

Curtis Spencer:
Yeah. I think they definitely have more sway. If you think about it, the platform that they've now built on the online space, they have way more reach than they probably would in the physical realm.

Mark Lurie:
Yeah. Wow. So how do you go about building an anonymous identity that people trust? That seems like a [crosstalk 00:19:31] thing.

Curtis Spencer:
Yeah, it's a tough nut to crack, I think, starting from the bottom, right? I think when I look at newer projects, the big thing is, yeah, progressive credentialization where you're starting out with just a handle. And then it's almost a pure meritocracy, right? You write code, you ship it, you get it audited, you do a guarded launch and get money wrapped in there. You put bug bounties out, you just are very active. You're putting out good research. There's all these things that people do in crypto where, yeah, you can't rely on a Harvard education or something. You have to just put stuff out there and people realize it's quality or not. And yeah, it's very pure in that regard, right? You can come from any background and as long as you're putting out quality, people will put money in it [inaudible 00:20:22]

Mark Lurie:
There is this sense, at least in the U.S., of a lost frontier where it used to be the case that you could leave the old world, come to the new, leave the city, go to the frontier, start fresh, everyone on an equal footing, put your past behind you. And today in the real world, that's really just not possible, whether it's your education or your accents or a million other things, which there's a lot of path dependence on and can often limit your ability to get ahead. But in many places, what you're describing here online is that ability to enter the frontier and be judged just on your merits. Again, it is quite pure.

Curtis Spencer:
Yeah. And I think we're just scratching the surface of how clean of a slate it can be when you come in, with a lot of privacy preserving technologies, the ability to have mixed nets. You can literally come into this world and be just a brand new baby and not have any of the baggage from the real world, for better or for worse. I think a lot of people probably want to rely on the baggage from the real world because they've built up all that clout, hence why you do have a lot of identifiable players in the space coming in, but I think you need both really. I think you need the synonymous part of the ecosystem. A, it's very crypto native, but B it's just, that's how you push the envelope as well.

Mark Lurie:
Okay, but how anonymous are these people really? I mean, if the NSA or the CIA really wanted to figure out who these people are, do you think they could do it? Or is this some spy level stuff?

Curtis Spencer:
It really depends. So I think there's degrees. So I think some people might just create a new Twitter account and post from that and use their same machine. But I think there probably are teams out there that are doing some Snowden level best practices around this stuff. I can't remember. It's, I think, the anonymous hitchhiker guide or something, and it's a way ... if you really wanted to go deep on being super anonymous, you just have to follow this path that's in this online handbook. And it's a pretty deep rabbit hole, like getting new phones. You can't use a cell phone if you would want to preserve your anonymity from a state level actor.

Mark Lurie:
Yeah. Well, it strikes me that it actually gets really hard to operate if you are following that path. I mean, how do you even get in a call with a team member? And if you can't get on a call with a team member, it's probably much harder to collaborate on a product roadmap.

Curtis Spencer:
Yeah. And it's interesting. In practice, I think a lot of the synonymous teams know who each other are in the real world. And then the masks that they put to outsiders is one of synonymity, but they know who each other are, so they can get on calls. They can go work in a coffee shop. But I think the team that have grown and then hired a bunch of anons later, I think that's the more challenging one where it's like you're bringing somebody into the fold and you might not know much about them. And so then they have to build up their reputation to you. And there's a little bit of like letting the fox in the hen house there. A brand new synonymous developer coming in, you have to double or triple check their code, because maybe they're introducing a vulnerability into a well respected protocol. There's a lot of risks there, but I think it's the teams that are just starting out and they all know each other personally, that seems like a pretty easy one to understand the trust levels there.

Mark Lurie:
That's a great point. That seems very scary to scale an organization with, a bunch of anonymous team members.

Curtis Spencer:
Yeah. [crosstalk 00:24:21] I think it's super challenging.

Mark Lurie:
Yeah. Has anyone done this best in your view?

Curtis Spencer:
So I think Sushi seems to have done a reasonable job of this, where they have a bunch of identifiable and pseudo-anons on the team. I don't know what their code review process looks like, especially on onboarding new folks. But I think as long as you have policy level controls, how contract changes occur or how new front end code goes out to the UIs, it can be done well. But yeah, I mean, we have one pseudo-anon our team, but we know who he is [crosstalk 00:25:00] personally.

Mark Lurie:
 Okay.

Curtis Spencer:
And so it makes it a little bit easier on the trust level, but if there was ... I don't know if we'd be ready to hire a full pseudo-anon that we don't know anything about.

Mark Lurie:
Yeah. I mean, on the one hand, I cannot imagine if something went wrong, going to your investors, your LPs, and explaining that the reason that some money was misappropriated is because there was this person on the team, you had no idea who they were much less a background check. From what you're saying, it sounds like doing this, getting pseudo-anonymous developers on the team actually may force you to implement some best practices and processes that may actually make teams stronger in the end.

Curtis Spencer:
Yeah. That's a good point. It's like you end up having to introduce more process earlier, but it probably makes you a much stronger team. You probably have really good engineering practices around code review and double and triple checking deploys.

Mark Lurie:
Yeah. I mean, if the assumption is that any one of the people writing code could potentially be a malicious actor or a black hat hacker, then there's a way lower likelihood that there's going to be little accidental bugs too.

Curtis Spencer:
Yeah. I can't remember who gave me this analogy. It was many years ago, but the idea is if you want a very robust system, it's like you're a sprinter, but you're always wearing galoshes. But then if it rains, you're always prepared. So you go slower in a normal race, but you're always in this state of robustness, but then you'll get outperformed in a short term sprint by someone in just super lightweight Nikes. I think with crypto though, you want to move a little bit slower and not lose any money. Right?

Mark Lurie:
Yeah.

Curtis Spencer:
It's definitely ... you don't want move fast and break things.

Mark Lurie:
 Yeah. Yeah. Interesting. So you've actually invested in anonymous or pseudo-anonymous teams before. Is that [crosstalk 00:27:01] correct?

Curtis Spencer:
Yeah, that's right, whether it's through DeFi activities or direct investments in teams. An advisor is one as well as you're in finance, which didn't start synonymous, but over time it has a lot more anonymous devs on the team.

Mark Lurie:
So what was your diligence process in those cases?

Curtis Spencer:
That's a good question. I mean, a lot of it comes down ... In general, our framework is team token technology and then community. And I think community is one of the strongest signals, especially for synonymous teams where you look at what's happening in their discords, what's happening in their telegram rooms. What is the overall community sentiment? I think that's one of the most important signals. And then when you look at team, even if you don't know someone's credentials, you can look at their open source code base. You can see what's deployed on chain. You can see who's audited it, how many bug bounties have been collected on it or are outstanding. You can look at how they use formal verification tools.

Curtis Spencer:
So there's all these ways that you can look at code bases and get more trust and quality signals by looking at a lot of these third party signals that come in. Even just a simple one, is the contract verified on Etherscan? And so you can actually go and look at, does the code match what's been deployed on chain? I mean, that's a basic table stake signal. And then token, actually, I think the token economics of a lot of the pseudo-anonymous projects are just way better, because they have to think about it much earlier. I think the Curve project is interesting, right? If they launched relatively early, you have this blending of synonymous with fair launch where you get something out there and you actually have to figure out your token economics much before like a venture backed project that will launch it, token in a couple years.

Mark Lurie:
And a fair launch being one where tokens are distributed to the entire community very early on [crosstalk 00:29:06] instead of held back for early investors.

Curtis Spencer:
 Yeah. And I think no one's really cracked the nut on what a real good fair launch is. I think there's things that are fairer than others, but oftentimes large liquidity providers still end up getting the majority of tokens. And there's been some good work done on anti-whale provisions, quadratic scaling, where you distribute to the square root of someone's wallet balance instead of their entire wallet balance. So there's ways to level the playing field, but more often than not, the professional investors do find a way to get the majority of tokens, even in a fair launch.

Curtis Spencer:
And then I think the last one we look at is technology. Is the team bringing something really innovative to bear? And oftentimes the synonymous teams, because they don't actually have to work in the regulatory framework, can sometimes be more creative in what they can ship. Sometimes they're less creative in that they're drafting on some R and D by a venture backed project. The classic examples are all the compound forks or uniswap forks, but then often they'll put their own spin on it. Maybe they'll support more permissionless market creation or new markets being added for more risky coins, for instance. So I think there's a lot of ways that you can characterize innovation.

Mark Lurie:
Makes sense. What are red flags you look for? I mean, what should people stay away from that they see?

Curtis Spencer:
I think it's constantly evolving, but I think the big ones are just ... There's a sense you can get on, is it a cash grab? Is there too much going to the team of the tokens? And it feels like an anti-fair launch, lack of audits. And there is something to waiting a little bit too. Oftentimes if a contract is deployed on chain, even if there's a good actor, sometimes you don't want to be the first money in it in case there's a catastrophic bug, especially in an unaudited contract. So depending on your risk profile, waiting a bit till things have been audited and shaken out a little bit [crosstalk 00:31:22] can make more sense.

Mark Lurie:
I guess when you let something become battle tested, it dramatically decreases the chances that there is some sort of a hack or exploit, or it would've happened already. There's also, I suppose, an element of incentives, right? If you're an anonymous developer or pseudo-anonymous developer and the project is successful enough, doing anything improper might actually destroy more value for you than just acting ethically. I mean, there's an incentive to ethical behavior once enough value has been created in a project.

Curtis Spencer:
Yeah. And I think one of the ways that this is encouraged is by codifying a lot of this in the smart contracts themselves. Right? So I think when you look at a lot of the bad behavior or unethical behavior in the ICO wave, a lot of that was because a lot of these teams were able to just raise huge amounts of money with no strings attached, nothing that they would actually have to do a deliverable on. And now they would just have the treasury and they just weren't encouraged to act in the best interest of everybody. I mean, many did, but many didn't, right?

Curtis Spencer:
Whereas, now you can put a lot of these governance modules to work where the team has vesting contracts. So you have some amount of the token going to the team for long term sustainability, but they don't get it all on day one. So there's a lot of ways that these teams can set in stone that they are going to be good actors. And I think that takes away a lot of the risks. It's no longer you're just giving people 25 million bucks to go build something in theory.

Mark Lurie:
Super interesting. I mean, reflecting back on what you said earlier about pseudo-anonymous teams, motivating more rigorous coding standards and processes. In the same way, pseudo-anonymous teams can motivate the creation of better incentive structures that might end up in even better outcomes than if people cared less about ensuring the incentive structures were correct, because they knew who the person was. And they could presumably go after them in, I don't know, court or just cause reputational damage. So it almost may end up better.

Curtis Spencer:
Yeah. I mean, I think they'd definitely have to be more thoughtful on it, right? I think when you look at an identifiable, well credentialed VC backed team, most of the time, they're not going to run away with the money because they're taking a lot of personal brand risks to do that. So they can move little bit faster. But if you think about it from maybe a regulatory standpoint, having an on chain contract of how you're going to get your tokens out as an early team member, it might end up being better than something that is not as well thought out.

Mark Lurie:
Super interesting. There's another thing that makes me think about how this can be better for projects, which is when you have a pseudo-anonymous team, not only does it encourage better coding processes, not only could it encourage better incentive policies, but it can also encourage better community engagement and a richer community, because it has to be grassroots and you don't have one person who has outside sway.

Curtis Spencer:
Yeah. I mean, I think that's true to some extent. I think you're always going to have a more open community in a project that is open source on day one and talking through governance decisions on day one. I do think the venture backed non anon projects can also get there too, where it's like they have a route to exit to community, but I think it's usually not baked in from day one. And that's why we in general encourage more teams to stretch their open source legs early, get stuff out in the open. And it definitely slows you down a little bit in some regard. But I think it increases quality of not only the code, but also community engagement because it always feels better to be contributing to a project that's open source. I think it just matches the ethos of the space.

Curtis Spencer:
And there's this feeling of a little bit of fear, I think, for teams where they're like, oh no, now the code is out in the open. Maybe somebody copies it or people see it and they see our style. It might not match theirs or something, but I think it's worth getting over that hurdle, especially in this space, because there's always going to be somebody going to copy your stuff at some point. But the thought is, is if you're the originator or the innovator, you can always move faster on your own code base.

Mark Lurie:
Well, let's talk about that a bit because it does strike me that if there are pseudo-anonymous developers who can copy code developed by non-anonymous developers, that that may play with the incentive structures for innovation in our economy.

Curtis Spencer:
I think it could, but if you look at it, it depends, I think, on the protocol and how hard something is. I think oftentimes you're not seeing a lot of really low level cryptography [inaudible 00:36:59] being forked and cloned, because I think the number of people that can actually deeply understand those protocols are probably limited. Whereas at a DeFi primitive, yeah, you're seeing uniswap forked everywhere. Right?

Mark Lurie:
But yeah, uniswap was forked by Sushi. And so you have a company that raised a bunch of money and spent a lot of time developing something. And then the pseudo-anonymous development team copies it and does it on their own.

Curtis Spencer:
Yeah. And I think that's why you saw Uni V3 switched to this other license where it really discouraged people from forking it because, yeah, at some level there is a morality to using someone else's IP. Yeah, it depends on the open source license, but I think this one now has made it so you're not going to see a Sushi take that code wholesale. Maybe you'll see a complete [inaudible 00:37:57] anonymous fork take it away. But then I think that will limit institutional investors or identifiable players coming in because there's a morality question there of that just doesn't feel good. You're just taking this person's IP and they explicitly said, don't do that.

Mark Lurie:
Yeah. There is a morality issue, but there's also an IP protection issue. Right? I mean, one of the reasons we've developed life changing drugs is because there's IP protection, and after you develop it, you can monetize it. And so I guess I worry that there are surely plenty of actors who have a different view of morality. And so they will violate this principle of IP protection. And without that, it can impact economic growth.

Curtis Spencer:
Yeah. That's a good question. I think the space is still struggling with what the right answer is there. I don't have an answer for it. I think with open source code, you're always going to see some amount of just wholesale copying without attribution. I do think the upside of that is limited though, as especially more identifiable players come into the space. People are going to use uniswap because it's a household name at this point. It has identifiable players. They're in a regulated market and we'll see where the SEC does end up coming down on it. And I think you will see them using Sushi as well, because I think Sushi has enough institutional players involved at this point. So it's gone through this progressive credentialization, and it does feel like it's operating in maybe a different regulatory framework because it wasn't this venture backed pro project. But it still seems like they're acting in a reasonable, moral ground. They fork the original, but they haven't taken the uni V3 code base, for instance. So they've drawn some lines, so they're honor bound.

Mark Lurie:
I see. So you feel like this is a theoretical concern, but not a huge concern in practice.

Curtis Spencer:
Yeah. I haven't seen a situation yet and probably someone will call out one where a project has stolen all the innovative work of another, and then supplanted that and become the standard.

Mark Lurie:
I see. So for context, uni swap, their token, for example, has a significantly higher market cap than Sushi's token. It looks like today that's about 17 billion, whereas Sushi is much lower.

Curtis Spencer:
Yeah, and so I think there's the innovators premium.

Mark Lurie:
1.4 billion.

Curtis Spencer:
Yeah. There's the innovator's premium and I think the good actor premium that especially institutional investors care about. I think a lot of people come into the crypto space, I guess, this newer wave of institutional capital. Some come at it from the sound money approach where it's like, okay, this is an inflation edge. And they're buying Bitcoin and that's a certain subset of investors. And then there's this other that are like, Hey, this is the new wave. This is the new mobile, this is the new internet. And so we're going to be investing in innovative platforms. And when you look at who's pushing out the innovation, those are the teams that you want to back. And so they'll often have the premium to them.

Mark Lurie:
How do you think regulation plays in here?

Curtis Spencer:
Yeah. This is the billion dollar question in terms of ... yeah, I think in the context of this conversation, the synonymous teams have an advantage here where they're operating in a different regulatory framework. We'll see if that does hold up. I think world governments are very powerful and if they come up with world level regulation, they can be applied. Maybe these teams will be in the same footing as a uniswapper or compound, but for now it seems like they are a bit de-risked in that they don't have a presence in the U.S., for instance.

Mark Lurie:
Do you think the SEC would view a project or a token as more or less of a security because its team is anonymous or identifiable?

Curtis Spencer:
I don't think so. I mean, maybe it'll be one input in the decentralization or common enterprise test, but it feels to me that a lot of these synonymous teams are common enterprise. If it's a bunch of people working in a garage and they happen to just have anonymous profile pictures, that's still a common enterprise at the end of the day. I'm not a lawyer, so take all of this with a grain of salt, but my sense is it probably doesn't help that much. I think things the fair launch or distributing the token ownership very early and not having multiple fundraising rounds probably helps more with whether a token is a security or not.

Mark Lurie:
So what can governments do to regulate anons? You mentioned some sort of world enforcement structure, but what is there that they can do today, or are their hands really tied?

Curtis Spencer:
I think this is a broader question on DeFi. What are the weak points in DeFi for regulators to potentially bottleneck? I think one is the KYC angle, right, where it's like maybe having high level action where it's like any address that participates in a particular contract needs to be KYC. So you have to provide a proof. Maybe it's a zero knowledge proof that Coinbase KYC'd your address at some point, so that's one route that you could go. I think most DeFi people would probably not this route because I think it kills a lot of the beauty of DeFi of being open and permissionless. And assets can flow very freely and there's not centralized arbiters.

Curtis Spencer:
It's like, I guess, it does come down to, are we in peace time or war time? In a war time scenario, the only thing that a government could potentially try to do is maybe shut down Etherium validators, right? Or co-op them. That would be a nightmare scenario. And that's why I think decentralization at some level does matter, right? The more decentralized your network can be, you make it very hard for a state actor to shut the whole thing down, which would help preserve the safety for these non region synonymous teams to continue to innovate. But my hope is that we can come to some compromise where regulators feel, Hey, this is actually a very powerful system. We want to ensure that people are using it in regulatory, compliant ways while not killing the innovation.

Mark Lurie:
Yeah, really tough because the more they do to try to regulate identifiable projects, the more they push people into the world of anonymous or pseudo-anonymous projects. And it almost seems counterproductive for them. It really puts them in a bit of a bind.

Curtis Spencer:
 Yep, because I think that would be a really bad end state of the world where everyone is pushed into being synonymous team and offshore, where then the next 10 coin bases or next 10 uniswaps happen offshore. And that might be okay from a short term perspective, but if you think about it from the U.S., it's actually a horrible outcome where this whole set of innovators move offshore and capital will flee and jobs will flee at the end of the day.

Mark Lurie:
Makes sense. Well, I very much hope that that does not happen.

Curtis Spencer:
It'll make your life harder for sure.

Mark Lurie:
 Yeah. Curtis, do you have an anonymous identity that you've shared with no one until today?

Curtis Spencer:
None, no comment.

Mark Lurie:
I think that's the right answer. Great. And is there a Twitter handle that people can go to follow you or read more about your thoughts?

Curtis Spencer:
Yeah, the best one is either Electric Capital on Twitter, or mine is Jubos, J-U-B-O-S.

Mark Lurie:
Awesome. Well, I will be following you. Thank you for joining us today. It is a brave new world, new identities, multiple identities, and a bunch of societal implications that result from that.

Curtis Spencer:
 Yeah. Thank you for having me. It was a blast.