Become a Creator today!Start creating today - Share your story with the world!
Start for free
00:00:00
00:00:01
#44 - Navigating crypto regulation, security, and Web3 Innovation with Palisade
33 Plays18 days ago
Manthan and Tom are the founders of Palisade, a company focused on secure digital asset management. Their extensive experience in technology and regulation shapes their insights into the cryptocurrency landscape.
Navigating Crypto Regulation
The podcast kicked off with a deep dive into the current state of cryptocurrency regulation, a pressing issue across the globe. Manthan pointed out that while the regulatory environment might seem chaotic, both regulators and industry players share a common goal: curbing bad actors and promoting responsible innovation. He stressed that clear rules are vital for newcomers and established firms alike, providing a roadmap to navigate the fast-changing crypto space.
Tom chimed in, emphasizing that regulation is a cornerstone for mainstream adoption. Most people prioritize convenience and security over the libertarian ideals that once fueled crypto’s rise, he argued. This shift has made regulatory clarity more critical than ever. The discussion also touched on recent U.S. developments, like the Trump administration’s strategic crypto reserves, which Manthan viewed as a positive step—though he noted the industry’s frustration with the lack of aggressive buying.
Palisade’s decision to base itself in France emerged as a key talking point. After exploring options like Estonia and Germany in 2022, Manthan explained that France offered a balanced approach—neither too lax nor overly strict. This regulatory stability, bolstered by frameworks like PSAN and MiCA, allows Palisade to operate smoothly across Europe, a practical choice for a small team aiming to scale.
Lessons from Ripple’s Regulatory Battles
Both founders brought unique perspectives from their time at Ripple, where they worked on payment systems during the SEC lawsuit. Manthan recalled the daunting notice delivered on Christmas Eve, highlighting how regulatory ambiguity can sap resources and morale. This experience cemented their belief in the need for clear rules to foster industry growth.
Tom expanded on this, noting that their five-plus years at Ripple—building its payments stack—showed them regulation’s role in legitimizing digital assets. Ripple’s partnership with Palisade, including investment, has been a boon, offering shared lessons from its legal battles. These insights have directly influenced Palisade’s proactive regulatory stance.
Tackling Security Challenges
Security took center stage as the trio discussed recent incidents like the Bybit hack and a social engineering scam involving Atomic Wallet. Tom stressed that Palisade builds much of its tech in-house to reduce vulnerabilities, with rigorous auditing and deployment processes. Human error, however, remains the weakest link, he cautioned—a point echoed by the host’s tale of scammers exploiting UI flaws.
Manthan advocated for a holistic approach, layering safeguards from infrastructure to user experience. Palisade’s platform enforces “least privilege” policies, requiring clients to define detailed operational rules. This verbosity, while sometimes a hassle, forces users to think critically about risk, enhancing overall security.
Visit Palisade | Follow Manthan | Connect with Tom
This podcast is fuelled by Algorithmic Cryptocurrency Trading Platform Aesir. Use code AESIRPOT20 at checkout for 20% off on all subscription plans, forever at aesircrypto.com
Recommended
Transcript
Global Perspective on US Events
00:00:08
Speaker
when you're based in well in Europe, but specifically in the UK, you've got this kind of almost like armchair ah psychology that's going on regarding what happens in the US.
Crypto Market Overview
00:00:19
Speaker
Like I like to look at all the chaos that has been ensuing in the US and be like, how is this going to affect us? And my God, we have had a crazy couple of months um in crypto, in in tech, in stocks, global markets, right?
Market Regulation and Crypto
00:00:35
Speaker
And I thought, I just wanted to start by like Trying to get your guys understanding of of where you think we are right now when it comes to the regulation, when it comes to the current market state, when it comes to the increased correlation between cryptocurrency um performance and stock and wider market performance and and everything like that.
Regulation's Impact on Growth
00:00:59
Speaker
I think I guess um the way kind of the way we think about this is more less about prices, but we more think about the growth of industry and how um how the policies kind of enable that or they kind of prevent bad behavior.
00:01:15
Speaker
um If we look at For example, the regulation that's currently in question about being overturned ah from the Biden administration about ah mandatory use of qualified ah qualified custodians.
Unifying the Industry
00:01:29
Speaker
I think the it's really like everybody's really on the same team. They're all trying to prevent bad actors and they're trying to um sort of like you know trying to do the right thing and trying to encourage good good behavior, making sure that people that are new in the industry that are coming in they have the right rule set, the right playbook in place.
Politics and Crypto
00:01:49
Speaker
um And also the people that are currently in the industry, they have good, clear path towards how to navigate then new the new sort of um technology, the new sort of changes ah that are coming in this industry. um So I think really everyone's on the same team.
US and European Policy Impacts
00:02:03
Speaker
It's, it's I think, they're...
00:02:07
Speaker
In this, when you add like you know political ah sort of like a stuff, it makes things look a bit like that like someone's trying to do A while it's actually ah affecting ah the otherla industry in Y way.
00:02:22
Speaker
um But I think the way we like you know if we look at the the way the Trump administration policies are around strategic crypto reserves, um And like the way they've kind of like, you know, like I think generally it's kind of seen as the industry is not happy with the fact that there is no
Long-term Custodian Approaches
00:02:38
Speaker
additional buying. It's just about ah holding the reserves.
00:02:41
Speaker
It's actually like extremely positive if you think about it. If you look at like, you know, 10 years back, ah like No one could have like really guessed it in a very clear way ah that the US would end up with this kind of policy.
00:02:52
Speaker
But I think sometimes it's kind of quite easy to get into like a myopic view that, okay, like this is going to hurt is going to hurt
Strategies Aligning with US Policies
00:03:00
Speaker
us. like oh The world's are it and there was going to be on fire. As custodians, we kind of take a long long-term approach, which is okay, this policy means potentially that it makes it easier for stablecoin issuers to be in US, like the Genius Act, Stable Act.
00:03:16
Speaker
um And it will potentially impact Europe in this way because ah Europe is also trying to trying to compete in this
EU and UK Regulatory Responses
00:03:22
Speaker
block. So as a as a kind of custodian, how do we make sure that we're kind of aligned with those requirements and we're there for our clients who want to ah leverage some of these policies?
00:03:33
Speaker
so So does that mean that you're working ahead in terms of the regulation that you expect is going to to ah start taking place in Europe and the UK as, I guess, as a snowball effect from what's currently happening in the States? You're working like ahead of that, I'm guessing.
00:03:49
Speaker
yeah Yeah, exactly that.
Defining Crypto Boundaries
00:03:51
Speaker
so So we did so we we work quite closely with our clients and and also the wider wider industry. um And we we we take lessons and we take a view that everyone's that's in this industry is trying to use crypto for like lots of different use cases.
European Regulatory Collaboration
00:04:11
Speaker
And the policy and the right regulation kind of tells us like, you know, where the guardrails are or where the where the cliff edge is where like, if you don't like, you know, walk in the right way, you're gonna fall down.
00:04:23
Speaker
um And we also look at how, ah like, if actually what the what the upcoming ah impact of a policy that might get implemented today is. um and we And we tend to work with
France's Regulatory Appeal
00:04:35
Speaker
we that. We work quite closely with the with the European regulators, ah yeah we're ah where regulated in France, ah so we work closely with AMF, to understand what is the outlook ah sort of ah for the French ecosystem. But also, right if a customer comes to us, we need to know where the guardrails are. We're not advisors, but we we as a product, we as a company need to have a view.
France's Role in European Operations
00:04:59
Speaker
For sure. ah Why France? ah For lots of reasons. um So we actually looked at a few jurisdictions two years ago. ah So company is three years old, and we started to look at jurisdictions in about 2022.
00:05:13
Speaker
And li I think initially we started looking at ah Estonia, Lithuania, um lots of different, like ah including Germany. and and And one of the things we found consistent was that there were There were really like three kinds of jurisdictions.
00:05:29
Speaker
One that was like, just come here, mate. Like, just come here. Establish the company. Grow your your business. We'll support you. We're on your team. And that's great. um Second was like more like, no, don't come here. We don't like but on like crypto. This is like new new kind of stuff.
00:05:47
Speaker
um And then the third is is is more like, okay, we kind of have a perspective on this. And we think it's going to be X, Y, Z. If you like it, it's great. If you don't like it, um we'll see you later.
00:05:57
Speaker
um And we preferred the last approach because then there were effectively guardrails there for us to follow and for us to look at rather than a jurisdiction that was super open and then which might shut at some point or it might tighten rules at some point and then we'll have to aggressively restructure or work through those sort of uh changes in 2022 france was really ah i think i would i would say like the most forward-looking uh yet sort of like balanced ah jurisdiction compared to at least uk which is very like high level
00:06:35
Speaker
like guideline based approach where instead of giving you exactly what to do, like, you know, ABC, they kind of say, okay, you need to think about X, Y, Z, ah which is super high level.
Decision-making in Crypto Incorporation
00:06:47
Speaker
For France, it meant that if we were compliant in France, it would not be difficult for us to then be compliant in like anywhere else with more vague regulation or more tight regulations.
00:06:58
Speaker
Yeah. I see. Okay. The other thing to add to that, I think is, um, that so PSAM really set the way for Formica.
00:07:10
Speaker
um We are in France under PSAM and I think having those guidelines in place um and the framework with which we operate in in France as Mantham said has sort of set pathway to work and operate across the rest of Europe, I think which was really, really key for us, especially as a small team with a small compliance team and department at the beginning of our journey.
00:07:37
Speaker
you How can we passport very easily across different jurisdictions within Europe? And PSAN and Mika has allowed us to do that. That's cool. that's ah That's interesting. I always thought it's interesting when you when you know the decision making process that takes place behind deciding where a crypto company should incorporate.
US Market Entry Strategies
00:07:57
Speaker
Because it's something that probably very few other companies think about, right? Like that there's think about any other industry. you don't have that thinking process in mind. What you think about is, okay, um do I really want to dodge taxes?
00:08:11
Speaker
In that case, I'm go to probably going to set up an offshore a holding company or something. um But you don't think about, it oh how ah how is there how is this industry going to be regulated five years from now? And am I going to be like booted out of the country because because of that um So it's always interesting. I know companies that have incorporated in Estonia for those very reasons. I know companies that are still operating in the UK.
00:08:33
Speaker
And I know that up until now, a lot of companies have have run away from the US because of the uncertainty and because the crackdown and everything that that went along with it. ah Where do you guys stand when it comes to US and US markets? Do you have a plan already in place? Are you formulating a plan to to enter the market or anything like that?
Startup Challenges with US Regulations
00:08:52
Speaker
I think from a strategy perspective, we're still sort of looking at what the demand is and what that what the like how the ecosystem shapes itself. ah We're more plugged into Europe at the moment in the in the sense that we work with companies that are using crypto for various things like being able to issue stable coins, being able to issue real estate.
00:09:13
Speaker
And I think from a US, the way we look at US is more... more that US is seen as its leader in the space, but um the and the rules are still quite um different. And like if you look at like you know if you look at three years ago, the government position on crypto is very different to what it is now.
00:09:33
Speaker
Like the lawsuits ah with like DeFi sort of the protocols and um and like you know large companies. When you're a startup, you like getting into a lawsuit with SEC is quite daunting prospect because it can it can really burn like, know, funds.
00:09:53
Speaker
And I think, and that's just about arguing who's right or who's wrong, less about even winning because you need to have the, have the like, you know, gasoline tank to even even get to that point.
Positive US Regulatory Developments
00:10:03
Speaker
um And like, you know once you're in the and the bad list, like it's kind of,
00:10:08
Speaker
that's also bad for future prospects. So I think the way we kind of see that is from our perspective for for like US as a kind of like jurisdiction, where we're still looking at and more clarity to be, to be, we can have.
00:10:23
Speaker
We have lot of prospects actually today who are based in US, s but they're also operating in sort of Europe. and and we happily work with them. um And I think, but it's really about just just like looking, like lots of positive things have come out in last year.
00:10:40
Speaker
It's just about watching it a bit more and kind of like seeing the direction it kind of goes and seeing how that matures and how that shapes.
Palisade and Ripple Partnership
00:10:50
Speaker
Yeah, definitely.
00:10:51
Speaker
um I also noticed that you guys have um you've secured managed to secure investment through Ripple. ah So they're one of your partners, which is fantastic. Congratulations on that front.
00:11:02
Speaker
um I wanted ask if you have the same kind of um or or at least a similar approach to to regulation or if Ripple are sharing some of their learning and experiences um ah through the battle that they have had um and if you're if you're benefiting from that at all.
00:11:21
Speaker
yeah
Ripple's Regulatory Journey
00:11:22
Speaker
Yeah. So I think you mantan both Madden and I came from Ripple. We spent over five years at the company building out a lot of their payments right stack. During the the most of the time that I spent there, Ripple were not a regulated entity. They were really building and selling technology.
00:11:39
Speaker
um I think as there's yeah over the last few years, as there's now more sort of clarity in in the digital asset space, and Ripple have gone after specific licenses, um especially around like their payments flows, et cetera.
00:11:53
Speaker
um you know I left Ripple three years ago with Manthan to build Palisade. i think since the the moment we stepped out of Ripple, for us, it was always
Ripple's Influence on Palisade
00:12:03
Speaker
regulation. It was like very, very clear from day one that for crypto to succeed, regulation needs to come in.
00:12:11
Speaker
And so from yeah day one, as I said, of the strategy always ways to go after the necessary licenses. um yeah Ripple has been a great partner for us, yeah not just in terms of yeah the the fundraise, etc., but also in terms of that ongoing learning and that those shared experiences.
Ripple's SEC Lawsuit Impact
00:12:31
Speaker
um and we We work very, very closely together on stablecoins, payments, wallet infrastructure, etc. And I think we continue to sort share those learning learnings as we go forward. Actually, just to offer that, one thing I would say is ah Tom and I were actually working at Ripple when they received the notice from SEC.
00:12:51
Speaker
um And I think that was on ah on a Christmas Eve ah or something like that. was Was that when you decided to to just jump ship? It's like, no, I don't want to deal with this, guys.
00:13:02
Speaker
Goodbye. It's been a fun ride. You have SEC notice, here's my notice. Exactly. yeah h No, but i think and yeah i think ah like there there are like learnings from there, like the way they approached it and the way they kind of um sort of ah looked at that lawsuit and and and and kind of put the facts together. and i mean like there were There's a lot on YouTube, obviously, um because ah there were lots of legal analyses on how it could go one way or the other. um
00:13:34
Speaker
But I think, yeah, there's been... There's been learnings primarily around um just how important regulation is and and and how important regulatory clarity is and what can happen if if that's not the case.
00:13:45
Speaker
I think Ripple's been one of the one of the ones that's kind of spearheaded in this space um with that lawsuit and and eventually
Regulation and Mainstream Adoption
00:13:52
Speaker
like winning it. But more more so the impact that that's had on the wider industry is that it's kind of clarified a lot of things. but It has clarified a lots of things ah beyond just XRP as a currency or...
00:14:03
Speaker
oh like token. um And that's been really, really ah profound for the wider industry. Oh yeah, 100%. Yeah, ah I've always believed that a good part of why they're doing this is for, for the you know, as ah as a side benefit for the clarity of the wider industry, not not just, you know, Ripple um and then their own token,
Transition to Mainstream Finance
00:14:24
Speaker
100%.
00:14:24
Speaker
um And Tom, you mentioned something about, you know, you thought that in order for crypto companies to get clarity, then regulation needs to happen. It's something that I totally believe in. um But, you know, more recently, I've been thinking about you know, the very beginning of of crypto and what he meant to start 2008, crypto maximalism. It's like, fuck the police, fuck the banks. We're getting it ourselves, right?
00:14:47
Speaker
And now you see like crypto bros on Twitter ti tweeting about like BlackRock bought another like 2 billion in in Bitcoin and stuff. And part of me just thinks whether this is just a... the way that Silicon Valley likes to adopt, ah expand and extinguish, but applied to the crypto industry itself, right?
00:15:07
Speaker
You bring it into the main into the mainstream industry, um framework, you bring it into the to the financial framework that we have, you incorporate it into it, you promote it, and then eventually it becomes part of this system.
00:15:21
Speaker
So therefore, i guess the benefit that you would have gained with unstoppable money becomes very much stoppable through the legal framework, which is a bit of a weird thing to kind of try to balance out.
Regulation as Essential Integration
00:15:33
Speaker
Yeah, yeah, 100%. I mean, um that sort of early libertarian view, in my opinion, is is long gone. you know when when we're not going to have ah We're not going to see that sort of vision come to fruition, whether you agree with that or not.
00:15:48
Speaker
I think what we're what we're seeing now is like the digital assets and crypto being legitimized um and set up for mainstream adoption. i think you've also got to remember that most people, that most um majority of people are not libertarians.
00:16:06
Speaker
and What they care about is convenience and getting on with their lives. And they want to be able to do that in ah in a safe environment. So if something goes wrong, what's the recourse? What's the framework that's going to protect me? And I think, you know, regulation is there ultimately to protect the consumer, although that's that's what the premise of of regulation is.
00:16:25
Speaker
Yeah, definitely. Definitely. I agree. I think that that vision has kind of definitely moved to the wayside because I don't think there's any other way that this could have happened. We don't live in this idealistic bubble where, you know, as nice as it is.
Challenges for Unregulated Cryptos
00:16:40
Speaker
I just think it it's once you look at it, you know, in hindsight, it's Yeah, it's it's not possible because you even have things like, right, you've got, you still got things like Monero, which is and will remain unregulated, which is exactly why a lot of the big cryptocurrency exchanges, they just stopped listing it. It's been delisted from Binance. It's been delisted from a few other exchanges as well, which means, you know, what is the benefit of an unstoppable, you know, anonymous private coin if you can't buy it and you can't send it and you can't exchange it, you know?
00:17:13
Speaker
Yeah,
US Regulatory Critique
00:17:14
Speaker
exactly. oh yeah I'm sure it will continue to to function. And it will be used by, you know, people on the fringes. ah But it yeah I would imagine that it will not, you know, be taken up by the mainstream ah because of regulation.
00:17:29
Speaker
Yeah, for sure. I'm just going to ask both of you one more thing regarding the current state of the US regulatory framework and everything, and then we can move on from there. Are you both tired of of winning? Because I sure as shit, I am.
00:17:43
Speaker
Man, look, i just go to be honest, I was i was like... for Trump when he came in, because he came in with some really good ideas um regarding the market, you know, free markets and all that. I supported all that. Even his ideas of tariffs. I'm like, I listened to a three hour conversation on tariffs from him and Joe Rogan. It was super in depth. I'm like, I really want to get like his really like real understanding of this.
00:18:05
Speaker
I'm like, yeah maybe it's not that bad. You know, car manufacturers selling cars in the US and making them in the US as opposed to China. It's good for the business, good for America. And then, oh my fucking God, I wake up every morning.
00:18:16
Speaker
I see the markets tank. You know, come to 2 p.m., which is about the time now, you know, US markets open. just going to check my phone now to see if they've already gone down. They have not today.
00:18:27
Speaker
But almost on on U.S. market open, crypto market just tanks day in, day out for the last two and a half months. And it's it's really weird to reconcile the fact that we have all this regulatory clarity and the president's bullish as hell, leaving aside you know the coin stuff.
00:18:45
Speaker
Trump meme coin and Melania meme coin.
Global Economic Uncertainty
00:18:47
Speaker
um But then on the other side, the markets are taking a beating incessantly. So what do you guys think about, what do you guys make of the the current situation?
00:18:57
Speaker
is it Is it a good, are tariffs good? Are they bad? Is it too early to tell? i don't know.
00:19:06
Speaker
I mean, I think we can't deny the economic situation, which is really what's driving the prices and what's driving the markets. ah I'm not an economist, can't ah cant I guess, break down the actual impact of tariffs and like how it how it works.
00:19:22
Speaker
I mean, I think there's been a lot of retaliatory tariffs from other countries as well. So it's it's a bit of a like a tariff war or some situation that's effectively been created because of ah offered some of those policies and ah some of the executive orders.
00:19:39
Speaker
from yeah From like a broad brush market perspective, It's just, I think, the uncertainty of what might what might happen or what what the long what the long-term impact of of that is going to be, which is what's really driving that negative sentiment um in the space. I mean, if you look at like any blue chip stock, like it's going to take a lot of beating. So it's not necessarily ah because the asset isn't performing um or ah or anything specific about...
Market Behavior Driven by Fear
00:20:09
Speaker
ah about the actual online um ah like company or even even in crypto, like the actual asset. But it's more just about just just a general economical confidence.
00:20:20
Speaker
I think as much as Bitcoin ah supporters would like to... I think that Bitcoin is an asset that's completely separate to the US. It is tied very much um to that.
00:20:34
Speaker
and And we see the impact of that day in, day out. Yeah, we we see, I'm seeing the market psychology at play and it's very clear, right? It's very clear that um on most days, people are hedging their bets, closing their positions. If those are marginated positions, you know, just ahead of the US market, because everyone's got like, what if he wakes up with one more tariff today? Why do he drops another one on us?
00:20:55
Speaker
It's that uncertainty. Yeah, for sure. And I think like that that's shaken a lot of the ah confidence over of an otherwise very bullish market and very bullish start of 2025. I don't think it's a long-term thing, personally.
00:21:08
Speaker
um ah But yeah, I guess we'll just have to wait and see how it all plays out. I think technology trumps over ah the price. That's actually an interesting point. like it It kind of highlights...
00:21:20
Speaker
how important certainty and and sort of unlike stability is to any amount of clarity that you might have in like anything. Because if the vi there's uncertainty, if there's instability to do with, you know, what might happen tomorrow, if that's what people are asking, no amount of clarity or support for like crypto, for example, would like ah make the markets happy because there's that, there's that unlike fear that's always there.
00:21:48
Speaker
um And that, I mean, fear wins. The fear is the most primal instinct. um And that will always win.
Speculative Nature of Crypto
00:21:55
Speaker
Yeah, yeah, yeah, for sure. Fear and greed. And this is one of the ah big reason why a lot of people are are are part of this industry, you know, for the speculation, for the gains, for the, a lot of them are hunting for that the next gem or whatever.
00:22:06
Speaker
And well, it's, you know, it's got its benefits. It's got its perks because the the the industry does get exposed to a wide number of people. And then some of those, you know, are getting a bit more curious and starting to look into the underlining technologies, the startups, you know, the people that make it happen.
00:22:21
Speaker
and But then it also means that at least to some extent, this has been, i wouldn't call it a seasonal industry or a seasonal business model, but you definitely get more business during bull markets. You get less business during bear markets. So you really got to adapt your strategy, I feel, as ah as a, um you know, you really have to account in your business model
Exchange Challenges in Bear Markets
00:22:42
Speaker
for that.
00:22:42
Speaker
If you operate on commission fees like exchanges do, you're going to have a hard time when the bear market comes 100% time. Yeah, definitely. I think, yeah, yeah, there's definitely a sentiment that exchanges win either way. But I think ultimately, yeah, there like there's a there's a huge impact on volumes.
00:22:59
Speaker
Yeah, definitely. I mean, even on DEXs, we see, I think that Uniswap started charging for ah trades through the UI. I think that was a few years ago. um But even even that's driven by by the on-chain volume.
00:23:10
Speaker
and And you see that obviously go down during ah ah bear markets. Yeah, I would actually really be interested to see any any numbers regarding layoffs from previous bear market. I mean,
Adaptation During Market Cycles
00:23:22
Speaker
we know what happened. We know because last cycle, there were a lot of companies that simply did not have a sustainable business model offering like huge APYs and you know staking rewards that were just not sustainable once once the market stopped pumping.
00:23:34
Speaker
um And you'd be curious to see if there were other companies that survived and what are some of the challenges that that they had to go through in order to to make it. What were you guys incorporated ah during during the last bear market?
00:23:47
Speaker
Yes, we we actually incorporated in 21. Okay, cool. Yeah, I think, I'm not sure if that was bear or bull market, but. I think 2021, you were still bull. I think you were like around, but maybe around peak bull, if I'm not mistaken. ah Yeah, I mean, it feels like ah ah an age ago now.
00:24:08
Speaker
It does, doesn't
Palisade's Market Timing
00:24:09
Speaker
it? Yeah. Yeah. For sure. um So do you guys want to get a little bit into the product? Because I'm really curious about, you know why we've built Palisade, what it stands for, and what are some of the technologies that you used?
00:24:21
Speaker
Do you want to start with like an overview of of the product and your vision? Yeah, sure. Yeah, let's do it. um So we'll both have a stab at this, Manthan, shall we? Yeah.
00:24:31
Speaker
So, you know, as I said, like Manthan and I, we we met a number of years ago Ripple. We spent around five, six years there building out their payment stack. And we saw, you RippleNet, the payments network, go from, you know, low millions to ah billions in in daily and and weekly volume.
00:24:50
Speaker
um One of the the things that we kept hearing at Ripple was that yeah as these payment companies and these banks move into the world of digital assets and start using ah digital assets as a way to move
Palisade's Product Offerings
00:25:04
Speaker
money across borders, one of the things they really need is is wallet infrastructure and other functions and utilities on top of the wallet to sort of ah help them with that their operations.
00:25:16
Speaker
So it's not just about the payment rails. It's about the security of those operations too. right There was really only one or two sort of players in the space of the time offering private key management and fit for enterprise.
00:25:32
Speaker
And so we left in 2021, started Palisade really to provide payments companies and banks with wallet infrastructure fit for payment services.
00:25:43
Speaker
And we've been doing that ever since.
Secure Infrastructure of Palisade
00:25:45
Speaker
I think the way that we often describe Palisade, it's as a full spectrum digital asset custody, wallet infrastructure wallet infrastructure firm, providing everything from secure private key management,
00:26:00
Speaker
provisioning of wallets, um all the way up to sort of tokenization of stablecoin. yeah I think the key question that we're trying to answer is,
00:26:11
Speaker
what if you had a set of tools available to you for managing keys, managing governance, managing, ah it you know, DeFi the connectivity to like other platforms.
00:26:23
Speaker
And these were delivered in a composable way that you could you could use them to build anything. ah So you could use them to build a stable coin. ah issuance
Composable Digital Asset Tools
00:26:32
Speaker
flow. You could use it to build a market making bot or a platform that can effectively execute trades on the on chain.
00:26:39
Speaker
ah You can use it to build ah robust asset management for but managing treasury for yourself and for your customers. um So Palisade is built on on these like pillars that effectively allow you to oh sort of like combine different ah ways of custody assets, different ways of governance, different ways of interacting with on-chain contracts or like other things um in in order to build solutions for loss lots of different use cases.
00:27:09
Speaker
So ah today in Palisade, what that means is we support different custody models from uh self-custodial using mpc uh and and shared custodial using mpc where if you're a client you can you can use mpc to ah not only hold your assets you can he you can share some of that with your clients uh give them some sort shards uh you can um you can design wallets um for your for your for your clients and customers and retail wallets using your technology
00:27:40
Speaker
um to being able to use Palisades HSM to securely store assets with us ah under the regulated entity.
Custody Models at Palisade
00:27:48
Speaker
um And all of this is is ah ah works with our governance platform and it works with our execution platform, which effectively allow you to then use this to um do do ah things like issuance.
00:28:04
Speaker
So, for example, you could have... the pallets that HSMs hold the issuance keys and you can issue assets using them ah into a MPC held treasury wallet, which is like held by your LPs, by your partners.
00:28:21
Speaker
um and And in ah combining this, you are effectively getting safety from best of both worlds where you are getting a regulated issuance flow using HSMs and you're getting the MPCs kind of ability to like manage risk um and being able to have this signature-based governance system ah in order to manage this like vast pool of assets that you're sort of holding.
Retail Wallet Services
00:28:47
Speaker
got you Thank you. um Do you also offer wallet services as well or is it just the infrastructure layer that you're focusing on? We do. End user wallet services.
00:28:57
Speaker
Yeah, we do. So we're we're not a retail facing company. It is infrastructure, but we have a but very specific product for retail wallets. So if you're a payments company, for example, i always use this one because it's it's quite an easy one to help illustrate the different types of products we offer.
00:29:15
Speaker
If you're a payments company, um you likely have end end users. yeah We offer a very specific type of wallet for those end users. Those wallets are secured with ah with a passkey.
00:29:29
Speaker
um yeah Some companies are calling those like embedded wallets, for example. you You log into the payments company's user interface and you get provisioned an address and by default.
00:29:40
Speaker
And then that wallet is protected by a passkey or a password or something like that. um But yes, the full spectrum of sort of like wallet infrastructure and and custody services that we offer, ah rather than being you know super dogmatic about a specific technology or type of wallet, we understand there's not a one size fits all and every company that comes to us tends to have similar but not identical requirements.
All-in-one Approach Differentiation
00:30:09
Speaker
got you Yeah, I assume there's some there's some um requirements that most companies tend to have, you know, and then you just um you you adjust um as and when needed. So you mentioned that at the time when you first incorporated a Palisade, there was just another um just another solution that was offering this infrastructure service for enterprise level.
00:30:29
Speaker
um What does Palisade do different from from that provider and and other infrastructure providers if there's any if there's more now? i'm I'm assuming that this is a growing industry.
00:30:40
Speaker
Yeah, for sure. so I'll have a step at this first. I think you know one thing that we, part of our sort of longer term strategy is that if you're building in Web3, you come to Palisade and you don't need to go anywhere else.
00:30:53
Speaker
We look at a lot of our competitors today and what they've done very well as they've they've they've established partnerships with other infrastructure providers. So if you need a wallet, you go to one company, but if you need to tokenize an asset, you go to another company.
00:31:09
Speaker
um And then if you need DeFi, you go to another company. ah Palisades longer term vision is that we become like this all in one solution with secure wallet infrastructure at the core.
00:31:21
Speaker
Got you. Okay. and And the solution, is that available right now or you're mostly focusing on building the wallet infrastructure first?
Technical Stack and Security Compliance
00:31:30
Speaker
we've We've spent the last two years building the wallet infrastructure piece and and now we're building other components.
00:31:37
Speaker
um Today, if you're if you're looking to tokenize something like a stablecoin, Palisade's got you. If you need wallet infrastructure, Palisade's got you. And now we're starting to build out other features as well for DeFi and and other aspects of Web3.
00:31:51
Speaker
Cool, cool. um All right. Talk me through your tech stack. um um like if Is if any of you are a technical founder? I didn't ask. Both of us, actually. We're both technical founders, yeah.
00:32:02
Speaker
yeah Oh, fine. This is going to be fun then. All right. Okay. Then that walk me through the decision-making process of your of your technical stack, ah both for all when it comes to on-chain infrastructure, but also...
00:32:14
Speaker
off-chain traditional development, what's, or you know, what's powering up your backend, you know, anything that's not sensitive, right, that you want, that you're happy to talk about, that's what's powering up your backend, your frontend, what's your like JavaScript framework, what you using, do you use AWS, infra, all that sort of stuff.
00:32:31
Speaker
Yeah, so we, I mean, Tom and I have both worked through companies that have gone through SOC 2 and like ISO and a lot of different ah certifications, including pen tests and things like that. So when we built the the first software,
00:32:46
Speaker
cut off Palisade or the first version, it had the foundations there to, that it was secure. It was eventually, ah we went through an audit and we made sure that it was, it had the right foundations in place.
Deployment and Integration Details
00:33:01
Speaker
um And that's really the core focus for anything that we do is that we want to make sure that like the default thing that you get for anything that we deliver is ah certainty, ah security, and ah integrity.
00:33:18
Speaker
So what that means is for for our the way our stack is laid out, it kind of reflects that. um Today we in terms of um In terms of the stack, um we i mean everything that we use is on Amazon, um and we're just ah going towards multi-cloud to add that additional level of resiliency.
00:33:37
Speaker
ah We're deployed across two UK and ah France regions. ah France is ah specifically important, obviously, because we're we're regulated there, data protection laws and things like that require us to keep the data there.
00:33:53
Speaker
um And UK is a very helpful ah secondary kind of a failover, ah but also have a ah sort of geolocated services there so we can we can provide better service.
Optimizing Signing Latency
00:34:05
Speaker
um the actual product suite and and how how it interacts with it with the actual stack um so for example we have an app uh mobile app that allows you to hold shards on palisade um and addition to the app you we have what we call the cloud sign uh so cloud sign is a co-signing service that our clients can run on their own premises that effectively connects to uh to like palisade uh central um and this effectively means that palisade while we have a sas platform which is a uh which is a platform deployed across multiple regions ah with backup dr um ah deployed across different regions we also have uh palisade servers deployed on um client infrastructure which could be in like any of the regions across the world um so for for example the clients can hold shards on their phones and obviously the phones can be
00:34:58
Speaker
can be traveling or be in Switzerland. Right. um ah Same for the for the co-signing
Infrastructure Flexibility and Security
00:35:04
Speaker
service. That could be in any like any of the um ah could be in any of the regions.
00:35:10
Speaker
um What's actually more important for us is while we do provide high-speed signing, so our signing latency is very, very low. um And that's kind of one of our key ah focuses is that if Palisade gets a request to sign a transaction and we are eventually...
00:35:27
Speaker
we have the app and the co-signers ah coordinating signatures, it's important to keep that latency extremely low um because the use case of that can be wide ranging from some market making to um a sort of being able to just move assets like 100 billion dollars worth assets um because everything that goes around that can take some time as well.
00:35:50
Speaker
So ah I'm not sure if that answers the question or if the if you want to lay down like what the... some so Some of it, yeah, some of it. but part Partly does, yeah. I mean, we we quite heavily use um ah GraphQL.
00:36:04
Speaker
ah GRPC is our favorite um ah choice for fly internal communication. and i think, yeah, ah ah service mesh is quite is quite critical to our use case to making it, ah to effectively enabling multi-cloud.
Security and Monitoring
00:36:20
Speaker
um And the way we see infrastructure is that, I mean, ah at the Palisade, like we use Kubernetes ah that effectively manages our deployment ah infrastructure.
00:36:31
Speaker
um And it's quite important for us that the stack that we have is not tied to a a but a a cloud provider like Amazon, for example. um Despite the fact that we actually use Nitro a lot, like in our stack, like the Amazon Nitro, which is a secure enclave service,
00:36:49
Speaker
um we we are still multi-cloud and we still sort of um use technologies that allow us to ah sort of port that over to different ah different cloud providers.
00:37:01
Speaker
Yeah, I would i just add a a few more things to that. I think like, yeah Security is at the core of what we do. And so yeah we have hundreds of processes built into the way we build the software, we deploy the software, yeah who gets to audit the code, approve code, push to main, et cetera, et cetera.
Balancing Security and Functionality
00:37:21
Speaker
um So we actually try to build as much as we can in-house to remove the number of dependencies. ah we've We've seen recently, you know um ah Dependencies are that one attack vector that you need to be aware of dependency injections.
00:37:37
Speaker
And so we try to remove those as much as possible. and Our user interface is built and with HTML, JavaScript. And I think JavaScript presents many problems when it comes to security and attack vectors.
00:37:51
Speaker
So we try to you write as much pure JavaScript as possible. Um, and I think that goes, that's all the way from the front end to the back end. It's like we've built as much as we can import as little as possible.
00:38:05
Speaker
That makes sense. So you don't rely on TypeScript at all on the front end or back end? No, we do use TypeScript. Yeah, so um I tend to use those interchangeably when I talk about front end scripting. But yeah, we do absolutely use TypeScript.
00:38:19
Speaker
It's essential for for for what we we're building. Yeah, there's no TypeScript on the back end. But the core thing we do is have lots like the core thing that we that we do is ah we have lots of ah So internally, we have like lots of tools that constantly monitor for for overla threats. ah we like Anything that we use, as Tom was talking about in the supply chain attacks, is like very, very
Comprehensive Security Strategy
00:38:44
Speaker
important to us. So um we make sure that, well, ah we have alerting systems in place and we have internal um operation center that we use to like monitor for ah for ongoing threats.
00:38:55
Speaker
um And we're part of ah ah industry groups that ah that we that effectively allow us to share intelligence um on different kind of attack vectors. um But I think, like, you know, on, yeah, i mean, I can talk a lot on that front, but that it's it's a and I've talked about it in one of my blog posts, but what's really important about security is actually that you can't just take an approach from from kind of one angle and and kind of like say that that's secure and then move on to next. And then it's it's about a holistic view on something.
00:39:29
Speaker
And you have to attack it, if actually not from all angles, but you have to attack it really from all angles. um And you have to incrementally sort of add layers like an onion because if you if you take an approach where where for example um you use the strongest like you know scell certs um but you have no way of like rate limiting where you have no way of um sort of making sure that like if you've got ddos you've you've got strategy there um it doesn't matter, right?
00:39:57
Speaker
Because sure TLS is not. So that's quite a simple example, but there is, yeah. So I think from ah from a platform perspective, I think that's really where we spend 90% of our time trying to just um make sure that that we're we're on top of the threats and also make sure that our architecture is still relevant and and
Social Engineering Threats
00:40:15
Speaker
we're... ah sort of asking hard questions like well we we invested x amount of days in this particular thing um is this still relevant and uh like if this is vulnerable um we need to get rid of it or we need to find a solution um and that's i think really quite hard to balance
00:40:36
Speaker
Yeah, and security isn't just about ah the infrastructure, right? It's ah it's everything, it's like end-to-end. It's not just about the private key or are your servers secure? Are they you're running code in a a confidential compute environment or in a private network?
00:40:51
Speaker
it's It's everything all the way from that to the the user experience and how that end user observes and signs transactions. and We saw this in the Bybit hack.
00:41:04
Speaker
Essentially, blind signing was if that was if if there was bri huntning wasn't there, they could have prevented this. right If there was more transparency, that's a way to observe what they were signing.
00:41:17
Speaker
Some of that, we've been able to prevent that. And so, you know, the designers on the team are thinking about security as much as the back end engineers.
00:41:28
Speaker
and Yeah, yeah. that that That's very good. I was just about to bring up um this this example. We had a guest a couple of episodes ago and um he's an investor, and a professor and an investor in in new technologies and cryptocurrency.
00:41:42
Speaker
And he's recently experienced um a really um unique case of social engineering, right? And that's when you really got to think, like you said, Manthin, like holistically, because your stack tech might be like super robust.
00:41:58
Speaker
But if there is, you know, some some degree of of of a vector of attack from social engineering, that that kind of also needs to be addressed in the same manner.
Social Engineering Attack Example
00:42:06
Speaker
um the that The attack was...
00:42:10
Speaker
I don't remember the wallet's the wallact name. i don't want to say that the name because I don't remember it off the top my head, but I can i can give you the name afterwards. It's actually it's really interesting. So um they were asked as investors to prove that to prove their funds for a proof of funds wallet.
00:42:27
Speaker
So they were asked to transfer a certain amount of crypto onto this wallet. Initially, the hackers or rather the scammers asked for $1.2 million. dollars um They were a little bit concerned with with the amount. So they've only transferred, I think it was about $200,000 or $400,000.
00:42:43
Speaker
um And then they've they've shared the proof of funds with the scammers and then the scammers asked them ah before they they do anything, before they perform any transaction or anything like that. They wanted um they wanted them, the investors, to to send a small amount of crypto to make sure that you know you're sending to the correct address and and whatnot.
00:43:06
Speaker
Good practice in general. You want to be doing that. Well, the way they went about it is they presented ah the investors with a QR code. And when you scan the QR code, there were a couple of things that went wrong here to like the the full breakdown of the of the UI, right?
QR Code Transaction Vulnerabilities
00:43:22
Speaker
When you scan the QR code, you get a wallet address, but there are some wallets that also let you embed an amount. right in that QR code. So it also takes the amount that the scammer or the or the the the one that requests the funds puts on that code.
00:43:37
Speaker
um That would have been fine. It's still, I think, a bit weird to be including the amount in a QR code when you make a request, but that would have been fine. if the UI worked the way it should have.
00:43:49
Speaker
Now, instead of it doing the conversion between whatever token they were sending to to us to USD, um it it didn't work properly. So it showed as, let's say, 50 or 10 Bitcoin or whatever equal 1 USD.
00:44:08
Speaker
instead of the amount so that could have been a failure from an oracle or something like that not being able to fetch the price nobody in fetch the conversion and then underneath that there was a conversion rate i think in in in usdt but instead of them using instead of them using the the coma they use the full stop so instead of you thinking that is you know however much it would have been, you know, $200,000 or whatever, it read as if it's $2, which would have been the test amount that they wanted to send.
00:44:42
Speaker
So because of that, they approved the transaction and they sent all this money to to the scammers.
00:44:49
Speaker
Well, I mean, I think that's... ah We saw something similar to that in the Bybit attack, but in the Bybit's case, it was actually manipulated and and like, effectively replaced, right?
Token Vulnerabilities on EVM Chains
00:45:01
Speaker
Um, uh, I mean, there's like so many attacks, there's dust attacks where like, you know, you, you might think, okay, like if I'm going to send money to this OTC broker and I'll have them send some, like, you know, one cent or or something to me and I'll copy their address from on chain, but you have the attackers kind of like, you know, coming on top of that.
00:45:21
Speaker
And then you, if I actually copy the wrong address and then when you actually send the amount, you are sending the amount to the attacker instead. Um, The token is actually like a minefield because if you, like at least on EVM chains, tokens are s smart contracts.
00:45:35
Speaker
So yeah yeah if you receive a token and you add it to the to your like you know list of assets they want to work with, But if that token has or if that token is a malicious contract, it can it can it can just take the permission to like spend your like other assets or um and I think that's why like our core philosophy is that we want to serve high volume use cases, which is which is the place where all of this is like um like There are all kinds of attacks that can happen in that case, ah especially with customers that we work with that deposit into AMMs and that we use at DEX.
UI Role in Security
00:46:13
Speaker
And there are lots of different ways to steal funds beyond just being able to ah like you know so ah sort of trick someone into sending the wrong amount.
00:46:23
Speaker
I think, but even at that fundamental level, it's very important to get the get the UX right and get the UI right, ah all the way to having additional safeguards in place on the backend to tell the user, hey, is this really what you what you intend to do?
00:46:39
Speaker
like are you sure that you're going to send this and and instead of repeating information the user should be presented with something else that's a slightly different uh view on that so rather than saying you're about to send like two dollars worth ah bitcoin it's maybe a different take would be this is the execution result like this is the execution path that this transaction is going to take uh are you sure because there's also a um a way that you can kind of uh you know, where the users, like, if you present too much information to the end user, they just check out.
00:47:11
Speaker
For sure. And it's just like, oh, yeah, I've already seen that. Okay, fine. I'll just approve it. It's fine. doesn't matter. um Or like, you know, a lot of times it's like, oh, yeah, I'm going to approve it because like Joe on the team approved it. So I'm just the second approver. So, you know.
00:47:22
Speaker
um So it's really about thinking critically, well, how do we um make the platform so that users are in
Security-conscious Operations
00:47:30
Speaker
control? ah So throughout our platform, we um embody the principles of least privilege, which means that customers have to specify everything that they want to do.
00:47:39
Speaker
It's a little pain. um So some customers ah do say, well, it's quite verbose. we have to We have to like have to have the policies in in kind of place for these actions we want to do. But you're doing a complex action.
00:47:50
Speaker
ah you're you're depositing You're zapping into an LP pool that's going to go through lots of different like contracts. You need to be conscious of that. And just the practice that the customer has to think through ah what the policy will be for that action effectually means that they are they are kind of informed and they they will...
00:48:13
Speaker
And the question, like, is this the right way that we should be doing this? Because this is exposing us to a lot of risks here. Yeah, definitely. I think just add one one more bit to that. I think we we have a ton of clients who are on board with Palisade. They're setting up their their operations.
00:48:30
Speaker
They start building out their policies for different assets and wallets. And it's really the first time they've thought about security in any sense at all. And so there's there's definitely like um a level of education, I think, with with a lot of our clients on how to set up what the best practices are, et cetera.
00:48:48
Speaker
um But we're definitely seeing more and more that the the human is the weakest link in the chain. For sure. And as the infrastructure and the technology advances, the private key stays secure.
00:49:00
Speaker
very difficult to compromise that becoming more and more difficult. But the humans are the weakest link. And it's them that are being compromised.
Trust-based Attacks Examples
00:49:09
Speaker
Yeah, I've actually just found the name for that wallet. It's called the Atomic Wallet.
00:49:12
Speaker
And I've also found the link that the that the guy sent me over. So this is, um if you you you guys might find it interesting, um he's documented everything about that scam, the way it works, the way like the numbers don't properly update on the wallet.
00:49:26
Speaker
um and the way they got taken advantage of. ah It's effectively of a long con. it's It's people establishing trust over a long period of time, you know sometimes even a couple of months, pretending to be influential people or important people in the crypto space, and then eventually hitting them with this with this exploit. So they had to be very specific about them depositing money in the Atomic wallet rather than other wallets that don't have that that UI jank. Yeah.
00:49:52
Speaker
yeah and but Let's be clear, this isn't anything new. This has been happening for decades before Web3, especially that type of scam there, where you're in it for the long game and you're building up trust with the person that you're attacking essentially.
00:50:12
Speaker
Oh, for sure. Yeah, it happens across industries. It happens outside of business. Just think of the the Tinder swindler, if you guys ever seen that one, right? The guy pretending to be a multimillionaire just riding in private jets. Crazy.
Prevalence of Social Scams
00:50:24
Speaker
yeah Yeah, absolutely. I wonder how many years he kept bawling for before he eventually got caught out. I think it was quite a while. yeah Yeah. what was Wasn't there ah on another one where there was a woman that was supposed to be the part of the elite and and was sort of she was just kind of part of the high society and just just based on impression and ah people just let believed her.
00:50:48
Speaker
And that wasn't that wasn't like really the case, but it was just, yeah. Yeah. Yeah. It's crazy. Like, i think I think some guy also said it, like, you you put on you put on a suit and half the people will believe you, you know? You put on a police suit, they'll believe you're a police officer, then you put on, you know, a janitor suit and half of them, you're just the janitor at the company, right?
00:51:08
Speaker
yeah Yeah, fraudsters. I think like the problems are are old, but money is now moving at light speed. So yeah um mean like the impact of that is massive.
00:51:21
Speaker
Yeah, and and I think for for a lot of people, um the technology and these new concepts of like crypto, stable coins, overwhelming enough. um And and sort of like ah that lack of knowledge makes you very susceptible, I think.
00:51:38
Speaker
um bit of an easier job for fraudsters. ah for the fraudsters Oh yeah, definitely. I mean, that there will be people willing to take advantage of of you know blind spots in in any new technology. So it's not ah is no criticizing, oh, right, well, hacks happen in crypto. Yeah, they happen everywhere. they happen they there's there's you know there's that the The Nigerian Prince email scam is still ongoing to this day,
TypeScript Rewritten in Go
00:52:04
Speaker
believe it or not. I remember receiving these emails as far back as, I don't know, 2008 or something.
00:52:10
Speaker
they're They're still going out, which means that there is probably still a very small amount of people, probably minuscule, but not zero, that fall for this scam, which is kind of frightening to to to to believe. Absolutely, yeah.
00:52:26
Speaker
um i meant I meant to say, because you guys said you're using TypeScript. So there's a couple of really cool things that I've just discovered regarding TypeScript recently. I wanted to share them with you. um Number one is, are you guys aware that TypeScript is being rewritten entirely in Go?
00:52:41
Speaker
Which I was really interesting. That is interesting. I did not know that. um we yeah We enjoy Go at Palisade. and We have a number of services that are written in Go.
00:52:52
Speaker
That's some cool information. I need to go away and do a bit of reading on that. 10x improvement gains. So 10x compile time gains and everything. So it should be a lot smoother. The IDE should you know be able to fill in the context and everything almost immediately.
00:53:07
Speaker
um It's fantastic. I'm looking forward to see it though it won't be up until... version 7, which is probably going to be 2026, 2027 or something like that. ah But they're working on it. It's a massive project and it's fantastic. Before this, I had no idea that TypeScript is written in TypeScript. And I i swear to you, I spent probably like an hour and a half trying to compute in my brain.
00:53:29
Speaker
um how how like How does that work? Yeah, I mean, I was actually looking at the Goz repository, like Golang's repository on GitHub, the source code repository, and like 90% of the code is written in Go. 99% actually.
00:53:42
Speaker
Yeah, that's weird. ah That's some weird like recursion black magic. How'd you make that happen?
Self-hosted Language Insights
00:53:49
Speaker
its I think there's a, i I've read about this, like in and my compilers ah class at uni, like there's a cutoff point. Like, so when you create a new language,
00:53:58
Speaker
it's initially like you're you're using um like very low-level languages to ah to like bring that into fruition, like C++. c plus plus But there's a cutoff point. Maybe it's like a Turing complete or something like that. But once it gets to that point, you can then use it to write itself.
00:54:14
Speaker
So then you go and replace all the C++ stuff. And then as you add new functionality and new like versions, you then update it and then you use those new paradigms in your subsequent like releases. and yeah it's right Right. So you compile it in C or whatever assembly, well, probably not assembly, but you compile it in C and then you recompile it again and then again and then again. yeah And then you kind of get to a point where you've got a compiler that's sort of stable in, go like you know for example, Go compiler is kind stable and then you can write basically Golang inside go using Go's compiler. And it's, yeah, but it's weird recursion.
TypeScript Programming Challenge
00:54:48
Speaker
Yeah, yeah that that's fascinating though. that That's really cool. I would like just love to to look at that process and get in and get into that.
00:54:55
Speaker
um And the other thing that I meant to mention, and and and this is this this video I came across on YouTube. There is this guy that spent two years making Doom run on TypeScript types.
00:55:08
Speaker
exclusively in TypeScript types, nothing else, just pure TypeScript types and well obviously custom custom TypeScript types that is written. ah It's such a project night. it's It was such a nightmare project. The guy describes that if you look at all of the types that ah TypeScript has out of the box available for you to create and play around with, and then you look at all of the types that he had to create in order to get Doom to compile in TypeScript types, it's equivalent to the difference between ah ah relatively how large Jupiter is compared to the sun or something like that.
00:55:40
Speaker
well Wow. It's insane. It's an insane project.
Creative Programming Solutions
00:55:43
Speaker
and I love this kind of stuff where it's just, can I do it? You know, you're not wondering whether you should, but just whether you can. Yeah.
00:55:52
Speaker
it's it' it' It's like that guy who um who built the world's smallest game. It's like it's in kilobyte or it's like it's in bytes or something, I think. Where you can play stakes, basically. And like it just keeps shrinking. I think there was a i saw a Reddit post about him saying that he managed to save like 100 bytes or something even more by, i don't know, doing something.
00:56:13
Speaker
And it's like, it's like why? Because you can't. Yeah, yeah, that's crazy. and And a lot of these things comes out of ah like a real necessity back in the day. like if you and There's another fascinating example with ah with Quake, one of the original Quake games. They had to determine exactly the trajectory of a bullet.
00:56:31
Speaker
um So there there would have been a more complicated way of ah of going about it, which by the time would have computed that, the map and the position and everything would have changed. So they went for a...
00:56:42
Speaker
God, I don't remember. there There was that reference, that like ah famous reference in the code that was a reverse... ah a fast reverse square root or or something like that along these lines.
00:56:53
Speaker
um And it literally had like the next line in the code was a comment saying, what the fuck? Probably another developer that just looked at that. What are you doing? They were referencing a point in memory instead of a number. It was it was all sorts of weird, but it was it's crazy to see how you can like hack what's possible to do with a language with a compiler to save on speed and efficiency.
00:57:15
Speaker
Yeah, I think yeah like i think like the we're a bit almost cursed with the amount of resources we have now to so develop anything because there's just too much. like Compute is money, basically.
00:57:26
Speaker
And if you're like building something, you can just... I mean, like even ah like a normal like MacBook, for
Computing Resources and Creativity
00:57:32
Speaker
example. like yeah like I have an M1 MacBook, and um it's like magnitude more powerful than my first computer, which was which is a Pentium 3.0.
00:57:40
Speaker
128 megs of RAM. and um And I think even like you know look at ah before that, when these games came out, it was it was very restricted hardware, which led to some really creative thinking and creative solutions.
00:57:53
Speaker
I think now with the too much compute power, oh yeah, if it runs slow, just add add more cores, bro. like It's fine. Exactly. It's not a good like way because it effectively is a thief of critical thinking.
00:58:08
Speaker
um And it's a, I mean, especially now with AI as well, ah with like your cursor and and it's great to go from zero to 60 because or zero to 10, even like where you can get something working very, very quickly.
00:58:22
Speaker
But you really need like you really need the skills to critically think about the solution.
Constraints Driving Innovation
00:58:26
Speaker
and it's like, well, whether this is the right kind of thing, is it even the right problem i'm I'm solving? Maybe the problem isn't to do with ah my experience.
00:58:34
Speaker
size of my textures. It's to do with how ah how but quickly I can ah load it from memory or how quickly I can uncompress them. Maybe I should have them in a in some kind of format. Like this is why, you know, the, on Xbox, the, uh, games that were on the disc were so big because, because they had the same textures, if actually on the different parts of the disc.
00:58:58
Speaker
So when you, when you load the game, because it was like a spinning hard drive, uh, it meant that it gets more chances to load textures and having to do a full circle.
00:59:09
Speaker
And that impacts, um, on, in, in sort gameplay. And, um, Yeah, it's fascinating. But I think, yeah, I mean, it's crazy that those were the solutions at that time. Now with SSDs, you don't have you don't even have to think about it.
00:59:23
Speaker
You just put the game, you know the SSD is going to be like, I don't know, like you know ah something in insane speed. And you never have to think about any of the constraints other than your idea or the limits to with which you can push your application.
Gaming Industry's Performance Issues
00:59:38
Speaker
Yeah, but but that that does um create some shortcuts, which I guess, depending on the industry, they're they're they're not best practice. And we've seen that happen recently in gaming. ah We've seen DLSS and gaming companies often over reliance on DLSS and frame generation to the point where games are unoptimized. They get sent out the door as quickly as possible. Half of them, they they don't even run it at 60 frames per second without DLSS, right?
01:00:05
Speaker
and And that's a big problem because, like you were saying, it stops people from actually thinking and coming up with creative solutions. you know Instead of thinking about, oh, the form of my mesh and how many ah polygons it's it's got and you know making sure that the light only displays there, everything is just thrown at a high level in Unity or whatever, and then it's slapped AI and DLSS frame generation on top of it.
01:00:28
Speaker
It runs fine, but if you take that away, there's games that barely run on... like but last generation graphics class like 4090, like trying to run some games at 4090, like The Last of Us 2 was a recent example, there's probably a couple of others too.
Crypto Constraints and Innovation
01:00:43
Speaker
um um i was just I was just shocked at the performance. Yeah, I think, i mean, I think ah the way the Yeah, the I mean, I can talk all day about optimization in games because um like I think the like this is why games have been actually going down in quality. Because like if you if you look at the the games now versus like games back in, like you know even i would say 15 years ago,
01:01:07
Speaker
um there was way more emphasis on like the experience and and about pushing the boundaries of the of the hardware and and like making making software really lean and kind of, ah I think like there's no game optimization anymore. It's just um like almost like an uncut like you know version um from like a developer's machine to to to a computer and you just hope that that it's going to be, that it's going to play well with your log graphics card, whatever that that is. If you're on AMD, you might have to play more.
01:01:35
Speaker
But um yeah there's a lot of reliance on on just, oh yeah, like, you know, like like like I think the blame has kind of, shift it to the consumer it's like if the if it doesn't work it's your fault it's like well like the game should be optimized and and if like you know like that uh meme from iron man which is if if like those devs can do it in a cave with with like you know with with very like primitive tools um i think and i think like i mean in
01:02:06
Speaker
like you have that You have some of those constraints in crypto.
DLSS and Performance Scalability
01:02:09
Speaker
like if you If you look at on-chain execution, um like which is kind of slow on sort of Ethereum, you see L2 is kind of coming in and trying to like innovate by doing roll-ups and and are using ZK proofs.
01:02:21
Speaker
um And if you look at like MPC tech, for example, like that's there's a lot of there are a lot of bottlenecks at at a CPU level with what you can do with cryptography. And there are some sort of creative solutions like TKL-S23 is quite an interesting one where they're using pipelining to kind of solve the problem of um just like, you know, very noisy, very heavy protocol that's exchanging ZK proofs constantly.
01:02:44
Speaker
um But I think you really only get like innovation when you have constraints. and if you're sure just but if you're completely And if you're completely unconstrained, you're very much focused on the limit of the brain and the solution that you can push like in terms of like the horizontal rather than vertical.
NVIDIA's Performance Strategy
01:03:03
Speaker
No, that's ah that's a very good point. And I always think about DLSS as a ah some kind of paradigm shift run. Instead of getting 30 frames, now you get 300 frames. But there there is still a plateau there.
01:03:14
Speaker
You cannot keep getting that, right? Like we've got DLSS 4 on a fifth generation now on NVIDIA cars, which add... three fake frames or AI frames to every real frame. Now, let's say there's going to be another one that adds six. At which point does the image get diluted and broken enough that this is no longer scalable? Is it 10 frames you know for every real frame?
01:03:34
Speaker
It won't scale infinitely. So there will be a point where you can't just rely on DLSS and frame generation alone. Yeah, it's it's a it's a point that Jensen says. I have enough yachts.
01:03:46
Speaker
Fair enough. Yeah, the guy's a fucking rock star. yeah
Tech Competition and Innovation
01:03:51
Speaker
I mean, I think, ah wasn't there like a technical like analysis of his Cockerell jacket, which was ah someone someone said that could that that correlates to Nvidia stock price and the quality of the GPUs.
01:04:04
Speaker
I did see something like that. That was very good. But I think you're right. I think it is about the... it is like, ah like the, like the fake frames is a good example. Like that's kind of being used as a, as a way to say like, Oh, like, like the, the new version of GPUs have like four X, the performance or two X, is it really with the diluted frames? Like if you, if you do discount that, like, I think someone said it was only 10% better than a, the 1590 was only 10% better in like real terms compared to 4090. Um, yeah.
01:04:35
Speaker
And like, it's really just 4090 under the hood with the fake frame insertion. Um, ah Yeah, um I don't know. I think, um yeah, I think techno i think um with the lack of competition, I think this is kind of why we're here at this stage.
01:04:52
Speaker
Yeah, yeah,
Palisade's Future Plans
01:04:53
Speaker
no, definitely, definitely, guys. um I had a lot of fun, really good conversation. Do you guys have anything that you want to add, any any releases that you want to tease or or anything at all regarding Palisade?
01:05:06
Speaker
um I think the key thing... I would add is that we're working on a lot of different key management protocols. um And I think, so our goal is that we want to make it Palisade as the one-stop shop for everything that you will need to secure assets in crypto, ah which is not limited to how we do it today, which is MPC and HSM.
01:05:30
Speaker
um The vision for Palisade is that the MPC protocol, the underlying key management us ah algorithm, the um like the actual HSMs, we want to abstract all of that away to make it easy for customers to access their assets.
01:05:47
Speaker
um In real terms, what it means is that if you're using Palisade today and if there was a a better way to do MPC using a new algorithm, you don't have to worry about that from a customer standpoint. ah Palisade effectively enables that.
01:06:05
Speaker
So working on something very exciting um in that area. um Alongside that, we're also working very exciting in ah we're also working on some exciting upgrades to the way we do our HSMs and to facilitate some of the newer regulator requirements. For example, Senator Bank of Bahrain have a a requirement ah for clients to ah hold a certain percentage of the customer's assets in core storage.
01:06:33
Speaker
ah So we're ah working on a few things that that support that. but Our core vision has been that this platform is ah flexible, it's composable, and it allows you to ah cater or to ah design for for variety of use cases.
01:06:50
Speaker
um And we're effectively, by moving ahead of regulation, we're effectively catering for that. Yeah, I think i the the final thing that i would say is like if if you're looking to build in Web3, you're moving from Web2 to Web3, building something cool you need to be building on Palisade, will get you to market very, very quickly, very, very securely, and with everything from your wallet infrastructure all the way to tokenization and beyond.
01:07:20
Speaker
Fantastic. Well, thank you so much, guys. um It's been a great
Interview Conclusion and Outlook
01:07:23
Speaker
conversation. i would love to have you both on us sometime in the future, and I wish you all the best. Thanks a lot. Thank you, Andre. Thanks so much.
01:07:30
Speaker
See you. Bye-bye. but