You’re probably familiar with Bitcoin node packages, so what’s different here with Embassy and EmbassyOS? Matt Hill & Aiden McClelland of Start9 Labs join me to talk about shifting to a more personally sovereign paradigm, and what kinds of technology and hardware can take us there. We talk about:

• What EmbassyOS is
• What’s different vs bitcoin node packages
• Integrating Lightning into EmbassyOS
• Private messaging
• Set up
• Where we’re going

Links:

• Start9 Labs
• Matt Hill: @MattHill
• Aiden McClelland: @_dr_bonez

Sponsors:

• Swan Bitcoin
• Unchained Capital (code LIVERA)
• Knox Custody
• Hodl Hodl Lend
• Bitcoin Black Friday

Stephan Livera links:

• Show notes and website
• Follow me on twitter @stephanlivera
• Subscribe to the podcast
• Patreon @stephanlivera

Podcast Transcript:

Stephan Livera:

Matt and Aiden, welcome to the show.

Matt Hill:

Hey, thanks for having us, Stephan.

Stephan Livera:

So guys, I’ve been following your work for a little while. I haven’t you know gone really deep into it. Like I haven’t used it myself, but I’m interested to chat with you guys about it. But before we get started, let’s hear a little bit about yourselves. How did you guys get into Bitcoin and what was your professional background before this?

Matt Hill:

All right, well, I’ll start. So I definitely do not have a you know, childhood or early childhood background in computers or computer programming. I grew up in a bakery. My father owned a wholesale and retail bagel bakery. So I grew up in there. And that’s really where I learned about, you know, entrepreneurship and providing products to customers and customer support, et cetera. After college I took over the bakery, we grew that quite a bit, sold it. Then I started a business with my brother in plastics recycling which, you know, quite different than the baking industry. We had some success there. He stuck with it. I moved on he’s now largest recycler of plastics goods in the Mid-Continent in the United States. So after that business, I kind of pivoted totally and taught myself how to code and started building apps and found myself over at Salt lending.

Matt Hill:

Back in late 2016, I was hired on there as their first engineering hire, tasked with building out the technology stack at salt at the time was promising to the world and did not have as well as an engineering team to help carry it out. So you know, I started off at Salt, ended up hiring Keegan McClelland, one of the partners at start 9 who then brought in Aiden, who’s on the call with us now and Aaron Greenspan as well as part of that group. And even Lucy now who’s the developer for start 9. We’re all hires at salt lending. And we eventually moved on from salt. There was just nothing really left for us there. And we took the, the talent and the team and started up start9. And that’s what we’re doing now.

Stephan Livera:

Great. And Aiden let’s hear from you.

Aiden McClelland:

Yeah, I’ve been writing code since probably about the third grade. Started out doing, you know simple, basic programs on my dad’s TRS 80 computer after that moved on to doing some Java, some Minecraft mods and then when I got into college, I went to pursue a game development degree. After some time I realized that the more in depth computer science theory stuff was just more interesting to me. I pivoted to computer science, and then once I finished my degree, I started doing malware analysis with Norton Symantec. After that my brother Keegan and he reached out to me saying he had this cool project. He was working on in Colorado doing stuff with cryptocurrency, which I hadn’t known much about at the time. And so I started to go down the rabbit hole, learned a whole lot about Bitcoin and Ethereum and everything there. And came out to Colorado to work on the team at salt lending. And from there, I mean, you’ve heard this story from Matt. We moved on and we founded start9.

Stephan Livera:

Awesome. So let’s hear from you then, Matt, what was it that made you start start9?

Matt Hill:

So the team was the real driving force behind where we currently are, not the idea for start9 itself. When I was at salt, I was daily fascinated by the power and potential of the team that we had built there. And I felt like we were being restrained by the sort of limited scope and old-school business model to be honest of salt lending, which is, you know, do, are you familiar with salt before we keep saying this? Like, should we not?

Stephan Livera:

I’ve heard of it, but I haven’t, I haven’t looked into it too much myself.

Matt Hill:

All right. So Salts in the vein of like BlockFi or I think there’s a couple of others out there, but basically it’s, they hold in a very custodial way.

Matt Hill:

You’re a crypto as collateral and provide Fiat currency loans and then you pay interest and make payments. And if you miss one, we have the collateral, so we shave it off. And and it was a cool idea. I thought it was a cool business model. And there were definitely some challenges there on the technical side to solve, to make that work, especially in highly volatile markets, being able to liquidate efficiently you know, and effectively in rapid downturns, et cetera. And so the team that we built there was, it was extremely capable and I was just blown away over and over again, especially by what is now the start9 team in our ability to collaborate and solve problems very, very efficiently. And ultimately felt like we were being held back there. And it wasn’t interesting enough and it was also way too old school.

Matt Hill:

It was too custodial it was too trusted. It’s just not, what’s interesting about the space. We’re very much, you know you know, quote unquote Bitcoiners it’s not that nothing else is interesting ever. It’s just that, you know, we very much hold the tenets of decentralization and trustlessness as core principles and salt, wasn’t doing that. So we, you know, we moved on and the hypothesis was that if I were to shove all these guys in a room together with myself and and let time go by that something incredible would come up. And I’ve started quite a few businesses and I know that that is a a risk, right. There’s a time risk there for sure. It’s not like we had any income or anything like that. We did some contracting work, but, you know, a couple ideas came and went were going to do a Bitcoin derivatives exchange in the vein of a ledger X.

Matt Hill:

And once we saw the regulatory environment, just kind of laughed that off as like, there’s no way we’re going down that route. We’d have to all be lawyers rather than devs. And, and then one day you know, I went to go set up my lightning node and you know, Keegan had already had his running and we were like, alright, let’s, let’s hook it up and do some payments. And I sat down to do it. And, you know, 30 minutes later it was just like, you know, like, come on, like, I’m a technical dude. I can definitely do this, but it just seemed absurd to me how hard it was to get a lightning node up and running and, you know, get the channel created and balanced and just the whole deal. And I was just like, you know, so I sat down and said, how can we do this quickly?

Matt Hill:

And then Aiden and Keegan were like, all of a sudden, like, Oh my God, Bitcoin operating system we’ll build an OS you know, that is custom built to handle Bitcoin and Bitcoin related applications. And then things like Casa came into mind. I don’t think like myNode or any of them were around at the time, but Casa was really the forefront example in that space. So we started thinking in that direction, right? Thinking about not just a application or a service, but really a computing platform that could be used to run Bitcoin and Bitcoin related services like lightning. And the more we thought in that direction, the more we realized that those were not unique problems to Bitcoin, but they were actually problems to open source self hosted software in general, that many of the problems, one faces when trying to run a Bitcoin node is the same problem that they would face when trying to say, run a matrix server or a nextcloud server basically any self hosted, open source, sovereign computer software, involved command lines, and, you know, dependencies and configurations and stuff that nobody does.

Matt Hill:

And we were like, can we solve this in a general way? Can we build a computing platform that is capable of running all self hosted, open source services for everyday people? And that’s where we started going, and that’s what we built.

Stephan Livera:

Excellent. And so as I look into your website and look at what the project is looking to achieve, I see it as kind of like it’s sort of like taking that idea of, you know, the typical node package softwares, like myNode and RaspiBlitz and, you know, Nodl and things, but you’re kind of expanding that out to actually doing some of these other aspects along with it. So, as you mentioned, next cloud, which is the listening wanna work it’s kind of like a, it’s almost like having an office, but in the cloud, but on your own personal cloud sort of thing, and then matrix, which is like your own what’s it Riot/Matrix. So they came up with a new name.

Aiden McClelland:

like telegram Or, or things like that. It’s your own self hosted messaging platform,

Stephan Livera:

right? Yeah. It’s an ambitious goal, certainly. But I’m interested to kind of hear a little bit about that approach and what you’re using, and also probably a good point to start talking about embassy. So what is embassy?

Matt Hill:

So embassy is the name of our device. It is a personal computer more specifically a personal server which has just a computer. It just sort of serves a different purpose. You know, it needs to have constant uptime, constant internet connection servers are designed to run in the background, right? They’re not things that go in your pocket and are subject to, you know, airplane mode. They just run in the background so that you can always receive an email or a text message, even if you yourself are in the mountains or not online or whatever. So the embassy is a personal server and embassy OS is, you know, the real innovation, the embassy personal server is commodity hardware, and it’s a Raspberry Pi and micro SD card, a little speaker, you know by design, actually, we wanted to keep the hardware extremely boring and innovate on the software side.

Matt Hill:

So while we sell a hardware device, we’re actually a software company and embassyOS is our product. And embassy OS is a true operating system, right? Unlike projects that we support and like such as myNode or Raspibiltz you know, embassy as an actual operating system, as opposed to a, you know, basically a large batch script that pre-installed certain services in the sense that if you wanted to add a service, say to myNode like a new lightning service or BTCPay or something like that it would require a new OS right, the entire OS has to be updated. So it’s like a bundle deal. You sort of get all these services all for one whether you like it or not. And if there’s a problem with one of them, the entire OS needs to be updated and that’s fine.

Matt Hill:

It just doesn’t scale. It’s not a computing platform. It’s like a pre-packaged set of services and EmbassyOS is not that at all. And the Embassy is a true self hosted computing platform that is capable of running all self hosted, open source software including managing dependencies you know, advanced, complex configurations. In fact, you know, I’d like to let Aiden talk about a lot of this because much of it was his design and his blood, sweat, and tears. I’m just kind of the salesmen, so why don’t we let Aiden jump in here?

Stephan Livera:

Yeah, yeah. Because the interesting part with some of these operating systems is about how do you try to strip down or take out the unnecessary dependencies and things like that. So, yeah, perhaps Aiden, you want to expand on that?

Aiden McClelland:

Yeah. Yeah so yeah, for something like with myNode, they’re using,

Aiden McClelland:

Everything’s running basically bare on a Debian and distribution of Linux. So basically they’re using standard Linux package manager, stuff like apt and snap and installing all of these packages for Bitcoin and lightning and all of that stuff. Now the difference here is with embassyOS we built our own package manager. Right. And what it does is, is it really we use Docker to, you know separate out each app so that it’s running in its own virtual environment, right. With its own virtual file system, its own virtual network interface. And then we have the operating system manage a lot of things that internet services need to operate in order to run. So it manages the Tor configuration and the ability for the user to interact with it, configure it. And so when you package up one of these services, right, you, take like some binary, some application that a developer has built you put it together with whatever minimal set of information it requires.

Aiden McClelland:

And then you have to basically tell the user how to interact with it. Right. What can you change about it? What else does it need? And so what we did with EmbassyOS is we set up all these configuration files and we made it easy for a developer to basically just define what their application needs, define how to configure it, and then just run a command line script, right? It’s called app mugger pack (?) on our backend. And what it does is it is it takes all of this and bundles it up into our own archival package format. And we, we can then install that and it, like, we’ll never, you’ll never be able to make your system dirty in a sense with one of these things, you can install it, uninstall it, and then it’s completely gone. And it will interact with everything else and only the ways you want it to interact with everything else. So that’s like really the huge benefit that we get over things like myNode, where it’s just this arbitrary set of packages.

Stephan Livera:

I see. Yeah. So is that sort of, I’m not sure if you guys are familiar with the Nix Bitcoin project, is it kind of a similar vein to that idea?

Aiden McClelland:

We’ve thought a lot about using NixOS, so we aren’t using NixOS right now as our base distribution, but we, we are very interested in the next project and we might actually end up using a lot of their tools going forward, but we, yeah, we built a system that does something similar. Ours is based off of Docker though, instead of nix.

Stephan Livera:

Gotcha. Yeah. Yeah. So I guess just to sort of bring it to the more practical realities for a listener, who’s thinking I want to use this and what kind of things can I use if I put embassy OS on my computer, or if I set up a Raspberry Pi, what kind of services or things can they expect to see?

Matt Hill:

Yeah. So here’s where I can come in. So, you know, everything that we’ve just been talking about is very kind of back of house. It is what the developers see. And by developers, we mean anyone who wants to package up an open source, self hosted software service. So if there’s something in the wild that you like, or someone, you know, likes like some sort of self hosted note taking app, or it could even be another blockchain network, right? Another, another cryptocurrency. It doesn’t matter if there’s something that you like and would like it to be very easy to run. You can, whether you are the original developer of this service, or you’re just somebody who wants to see it more readily available, you can package it up using our software development kit that Aiden was just talking about. And at the end of that, what the user sees, right?

Matt Hill:

The end user experience here is a sort of shopping experience that is very familiar to people like on your Android or iOS or MacOS store. You browse for services, apps that do, you know, various things different categories, you know, finance and word processing and whatever. And that’s going to grow very rapidly over the coming 12 to 24 months. And you cook something that you want to install and it’s one button and it grabs it and installs it on your computer. And with zero configuration with no, you didn’t have to touch the command line. You didn’t have to touch a .conf file. You didn’t even have to know how any of this works. And a few seconds later, you are running this piece of self hosted, open source software on your own computer, in your own home. And it is hosted on its own Tor v3, hidden service and accessible from any Tor enabled browser.

Matt Hill:

So you push a button and 60 seconds later, you open the Tor browser and visit a unique Tor V3 address that was created behind the scenes. And you are now using software from anywhere in the world that is running on a hardware device, sitting in your home. Not only is it private and secure, but nobody even knows that you did this. There was nobody part of this equation. So, you know, we currently offer Bitwarden, which is a self hosted password management service. Now a Bitwarden also has hosted solutions, right? It’s an open source project, but they have to make money. So they have hosted solutions because they know that very few people will do the command line experience and set up their own server and run their own self hosted password manager. So what we did is we took Bitwarden in, packaged it up for the embassy and made it available to anyone as a one button right now, anyone on earth can run their own self hosted, totally private Bitwarden server over Tor V3 without knowing anything I just said, without knowing any of the technologies that made that possible. Bitwarden is a very popular one.

Matt Hill:

I personally use it for all my password management. My family uses it for their password management. It works in Firefox. It works in the Tor browser. It works in brave Tor tabs. Everything we do is over Tor absolutely everything in terms of the user experience.

Stephan Livera:

Yeah, that’s cool. I use Bitwarden myself.

Matt Hill:

Yeah. Bitwarden’s fantastic. Right. Especially if it’s self hosted, that’s kind of our whole value proposition. It’s like, wow, privacy and encryption are great, but if they’re custodial, you’re missing the revolution. You’re missing the point here, right? The danger is in custodianship. It’s in third-party trust. And it is very hard, very hard to avoid that in this world, almost everything you do involves a trusted third party, because it’s so hard to not, and we have made it easy. And we’ve been in the wild now for almost eight months and we have many, many users and they’re all very happy. It works great. So let me go down the service list so far. So we have bitwarden which is very popular. We designed our own peer to peer messaging protocol that works over Tor V3 because there wasn’t one. So we wrote our own and you click a button and 60 seconds later, it’s running on your embassy and you open up a Tor browser plugin, your Tor V3 address.

Matt Hill:

And what you end up with is a beautiful, simple, very simple messaging interface that I can now use your Tor V3 address, which is essentially your handle on the, on the peer-to-peer network and send you a message. And that message is arguably the most private message on earth, right? Like we take the stance that although cups is super limited in its feature set it is arguably the most trusted consumer messaging app, sorry, not the most trusted, the least trusted and most private consumer messaging application that has ever existed, right? Not only is it end to end encrypted like a signal or a telegram secret messages, but there’s no third parties, right? If I’m using cups on my phone, in the Tor browser, I send a message over onion routed over Tor V3 to a server in my home. The server in my home sends an onion routed message over tor V3, to the server in your home and the server and your home sends that message to your phone. Nothing touches a trusted third party. Everything is onion routed end to end, and everything is encrypted end to end. And to do this,

Aiden McClelland:

If you use telegram or signal also to communicate in encrypted fashion with other people that you know, those organizations, as well as your ISPs probably know who you’re talking to. And with something like cups, no one on earth, not even your ISP knows who you’re talking to.

Matt Hill:

Yeah. They don’t even know that you’re having a conversation.

Stephan Livera:

Right? Yeah. It’s like knowing the social graph of a person is often more important. So that’s kind of an important factor. And I guess I know the signal guys debate back and forward and people would debate with signal about a contact discovery and things like that. But yeah, I guess with the installation of these different services and things, is there ever any kind of concern around, I don’t know, maybe the services that might take too much CPU or hard drive or bandwidth for someone’s home connection, or how do you kind of get around those kinds of concerns?

Aiden McClelland:

We do have to be very careful about performance. It’s always a constant battle because we are running like on a Raspberry Pi, right? It’s, it’s the newest, best beefiest Raspberry Pi, but it’s still a Raspberry Pi. And so we’ve always just been making a continual effort to make sure that everything has the minimum possible footprint that it can, right. We stay away from things that do server-side rendering in order to prevent a huge amount of latency. We try to stay away from things that rely on massive Linux distros. And we, operate with applications that are designed for low resource environments. Right.

Stephan Livera:

Yeah. And, and I think the other part that’s also tricky with these projects as well is sometimes things just go wrong when you’ve got to, you know, it’s kind of like a, there’s a bit of a tech support, or there’s a bit of a, like, there’s a need for kind of community telegram channel or things like that for people to troubleshoot when say an upgrade goes wrong and little things like that as well. So I can, I guess these a little teething issues and things like that. Do you guys see that as well with your embassy OS and the users using embassy?

Aiden McClelland:

Yes. I mean, we have very little insight into these devices once they leave our door. In fact, we have no insight except what is shared with us voluntarily by the users. So if somebody has a problem, there is this discovery process that has to take place, of them telling us what they did and what the screen is saying. And we’ve even had a couple more technical people, you know, thankfully some of our very early adopters were quite technical. And so could you know, root into the SD card and, and start doing some, some investigation in there. You know, thankfully we have had no major issues, right? We haven’t had any kind of disastrous shipments that, that bricked people’s boxes. We’ve had some bugs, which is very expected. And we are building better analytics tools into the OS, such that if, and when things go wrong, users can voluntarily if they want to share anonymised system data with us so that we can investigate what may have gone wrong and fix it in an upcoming release. You know, a problem that we face as a challenge I should say is that we can’t force people to update anything at all. There is no over the wire connection to start 9, we have no connection to your device. So the only way that you can get a new version of Bitcoin or the new version of embassy OS is to update it manually through our marketplace. So we can’t like make a fix and ship it over the wire to everybody, right? It’s the only way that we can fix it is by making an announcement saying, Hey, there was a bug with this previous release. If, you know, here’s what it was, here’s the fix. And if you want to update it, here’s the new, here’s the new app. So we have to be very careful about our updates, our releases you know, testing is a big deal. We have to make sure that we’re not shipping bad code because it’s hard to fix.

Stephan Livera:

Yeah. I’ll tell you what, that’s an experience eyesore as well with even with things like myNode, where sometimes like a bug or an update might have a bug in it. And I think that the guys over at myNode sort of started shifting to having like a beta channel where like the more advanced users would be on that channel kind of thing before having like the release go out to the, everyone, go out to everyone, that kind of thing. Also I’m interested to just talk through just to clarify for listeners, what’s the install process. So let’s say they want to buy and make their own embassy. What would that look like? And then what’s the process when they want to start using it on their phone or on their computer and things.

Matt Hill:

Yeah. So, so currently the only way that you can get embassy OS by buying a embassy from us the code is in the, in the pipeline of being open sourced, we’ve just finished our licensing and we plan to open it up in the next couple of weeks now. You know, part of the reason for that is because we were, yeah, so it, it was a process we wanted to make sure we did it right, and we’re releasing it under a unique kind of license. It is the entire source code will be available and it’s under a license that is called the start 9 personal use license. And what it enables anyone to do is use the source code for themselves in any way, shape or form that they see fit. They can view it, audit it, copy it, download it, fork it, clone it, whatever, use it, compile it and install it on their own Raspberry Pi, no big deal. And they can do all that for free. The only thing that the license prohibits or restricts is the distribution of the compiled code. As in, we don’t want people you know, putting our operating system on their own Raspberry Pi putting their brand on it and selling it over the world.

Stephan Livera:

Right. I see. So it’s kind of like a, not for commercial use,

Matt Hill:

Correct. It’s not only is it not for commercial use, it’s that it’s a non distribution of the compiled object code. It’s like, we don’t want somebody compiling embassy OS from source and then shipping the fully compiled, like bootlegged, you know, code to over the internet to everyone.

Stephan Livera:

Gotcha.

Matt Hill:

Right. So it’s, it’s like a minor little four-foot fence type of thing that we are using to, you know, try to try to maintain a business model in the open source world. It’s very, very difficult to do. And we are constantly thinking about this and constantly thinking about how to you know make it work in a way that doesn’t violate any of our principles. And so this is a great starting point for us. So today you buy the hardware and it shows up at your house, you plug it into the wall and you are up and running connected in less than 60 seconds.

Matt Hill:

It’s a very simple process that has been tested against entirely non-technical people. Anyone can set this device up in about a minute. It’s very easy. And you communicate with the device, you use it by visiting its unique tor address. So when you set the device up, the setup app, we call it right. It’s just a, it’s a native app for iOS and Android called set up app. It’s got one purpose in life, and that is to set up your embassy. So it comes in the mail. You open the setup app, the setup app actually passes cryptographic material, private keys from the client in your hand. So that, you know, that we didn’t like pre-seed the device with keys that we have or something like that. The keys are generated by the client at the time of setup and then passed encrypted to the device over the local area network, using the zero con protocol.

Matt Hill:

So the embassy will actually receive this cryptographic material and then using that material will generate a Tor V3, hidden service and spit it out at the end of the process. And so the end of the setup process, which again, takes a few seconds is a URL, a .onion URL, and with an instruction that says, go shove this URL into any Tor enabled browser. And you will literally be talking to this physical device that’s sitting in your home from anywhere in the world. And now that you’re talking with this device, that’s sitting in your home, well, you can do stuff, right. What are you going to do? Go shop, go shop for services, hit the marketplace and browse for things that you want to run on your own server. A couple of them, I mentioned earlier, we are launching five new services tomorrow, which is part of partly why I wanted to get this show scheduled is because we are in the midst of the largest release as a company that we have ever had minus our first initial release.

Stephan Livera:

Great. So let’s talk a little bit about the new stuff coming. And I guess actually one other point I wanted to touch on there is just around user interface, because it depends who you talk to and who you know, who your friends are and family are but some people don’t even have laptops or desktop PCs that they use, right? I mean, obviously you guys and me, and probably many of my listeners are in the more techie category, but there are a bunch of people out there who their main device is their phone. And so this is actually an interesting that is an interesting point that struck out that stuck out to me there, because this is compatible for that kind of person. Basically, they, if they’ve just got a router at home because their family has a router at home, well, then they can plug in the embassy and all they need is a phone to actually interact with it. Whereas with some of the other kind of node packages, you kind of need a laptop or a PC to really interact with it.

Matt Hill:

And the command line usually, yeah, ours is just a browser. It’s a mobile responsive web app. So you are using the device in your home. Like you would use any website. It’s a private website that nobody else in the world even knows exists, but it’s your website and it’s your device.

Stephan Livera:

All right. So look, let’s talk, let’s chat about some of the new services that are coming to embassy. What are they?

Matt Hill:

Well, the big story of the day is lightning. So, you know, when we set out to build this company before we even knew what it was, when we thought we were building a Bitcoin operating system the intent remember was to get lightning running. I didn’t like how hard it was. And so we got it. It’s, a year later, one year later. And instead of just having lightning, we have this whole fricking computing paradigm. We even built our own Tor browser, which I didn’t tell you about because the ones for iOS are crappy. But anyway, so as of tomorrow, we will have lightning and to emphasize the fact that we are a sort of computing platform that offers choice and privacy and, you know kind of doesn’t, doesn’t pass judgment on what people want to do with their own computers and servers. We’re launching both C lightning and LND and users will be able to install one or both. They could run two instances of lightning on their server if they want. But yeah, it’s a little bit of a choice and competition in the marketplace. We think it’s good

Stephan Livera:

In terms of interacting then with that lining, how would that, how would the user, like, for example, let’s say that user wants to install LND on the embassy and on their computer. They want to run zap and connect to it. How would they do that? Or how would they operate the lightning node from their computer?

Aiden McClelland:

Yeah, we have, we have a general interface built into this also for like exporting data from an app. So when you install LND, LND has some extra information that tells the operating system, what information the user might want to know about it. And so for LND the big thing is the LND connect URL. So once you’re done installing LND you start it up, you can go to the properties section of that app. And then it’ll show you a QR code that you can scan with your zap wallet. Once you install LND you can open up the application page and go to the property section, and it’ll show you a LND connect QR code. You can scan with your Zap wallet app, or paste it into your Zap desktop app.

Aiden McClelland:

And it will just use it from there. But we also are deploying with LND as a separate service ride the lightning, which is a web application for interacting with a lightning node, and then ride the lightning specifies on the embassy that has a dependency on LND. And then when you install, ride the lightning, it’ll automatically configure itself to be able to talk to your local LND node. So once you do that, you can install, ride the lightning, it’ll spit out a unique Tor V3, on your URL. You paste that into your browser, and now you have a lightning app in your browser that you can play with and it’s connected to your own lightning node, right?

Stephan Livera:

Yeah. So basically listeners who are not familiar check out my earlier episode with Suheb, we spoke about RTL but basically you can manage your lightning channels using this dashboard, and you can in fact make payments from it also. So that’s cool. I noticed you mentioned also lightning terminal. So can you tell us a little bit about that also?

Aiden McClelland:

Yeah, it’s actually the same situation there, right? Lighting terminal is just a web app and we can, we can have it deploy in the same way.

Stephan Livera:

Awesome. And how about on the C lightning side or what kind of options are there for the users who want to do say, C lightning and then spark or things like that?

Matt Hill:

Well, there’s currently one option. There’s only one wallet in the world right now that is capable of connecting to a remote C lightning node over Tor. And that is fully noded. And that’s the only one. So we, you know, we actually, even if you want to talk about the HTTP.

Aiden McClelland:

yeah, so for a while C lightning never had its own HTTP interface. And so there was no real standard for how to connect to a C lightning node that wasn’t running on your same device. So things like spark things like the lightning rest server that ride the lightning uses. Those are all ways of transforming the RPC interface. That’s on a Unix domain socket into like a rest API that actual, like remote applications can use. And they all did it differently. We are using a very, very simple lightning plugin so see like HTTP plugin that we built because Blockstream had asked us to build it. And the one that uses that right now is fully noded now spark is something that we’re looking probably to deploy soon, as well as its own app, right. Because that’s a web app and we can do it that way. But there it’s just not ready for deployment yet. Cause we haven’t spent the time to test that.

Stephan Livera:

No. Great. Well, yeah, I mean, it’s good to see it’s more options out there because it seems like right now I’ll say lightning doesn’t have as many of the options. Right. I think Zeus has it as well, but it’s, it’s one of those things where I’ve used I’ve been using LND more myself. So I’m not as familiar with c lightning. But yeah, so that’s, that’s certainly really cool. I think it allows more and more people to just play around with lightning and get used to using it. And it’s still a very early space, right. I think right now for the more casual lightning user, they might just use one of the easy phone wallet apps that are kind of you know, have certain trade-offs and things about it. But for the user who wants to be more self-sovereign, this is a way to get into that.

Aiden McClelland:

Another thing that’s interesting about this deployment here as well is that the Bitcoin node that we run on the Raspberry Pi it’s a pruned node and lightning has historically always wanted an unpruned node. In fact, for a while, I believe even LND required a TX index. That’s not true anymore. But so what we, what I had to do is I, built a service to put in front of Bitcoin core which will basically allow a Pruned node to pretend to not be a pruned node. And the way that it works is it services, these getblockrequests. And if a block has been pruned from the desk already, it’ll reach out to the peers over the network and validate, like fetch a block and validate it against what the pruned node has already validated, what has already verified.

Aiden McClelland:

And then it will return that back to the client. That’s requesting it. Now it’s a little bit slower, but generally the only reason that things like LND and C lightning need that full block index is because they occasionally need to fetch older blocks or for the initial sync, which a lot of people don’t mind taking awhile. And what this does is it allows people with much, much smaller resource requirements. They don’t need a half a terabyte solid state drive in order to run their lightning node. All they need is, you know, the 550 megabytes of space for block data and what the other four gigs for the UTXO set. And then they’re good to go.

Matt Hill:

Yeah, we think this is a pretty big deal in terms of you know, so the service that he’s talking about is, was known you know, to very select people who are using it as BTC RPC proxy. And what it was is a service that sat in front of your Bitcoin core node. And granted you user accounts, fine-grained permission management, such that, you know, I could give out my Bitcoin Tor URL to you and set permissions on it, such that you could only make certain RPC requests, and I could ban you from making more harmful RPC requests, like ones that shut down the node. And so it was a very simple, useful little wrapper for Bitcoin core that just, you know, allowed you to create multiple user accounts and set permissions. And what we did, what Aiden did, was go in there and augmented this service to also do this dynamic block fetching. So what we are now calling Bitcoin proxy will be available on our store tomorrow and is useful even outside of the context of lightning, right? So if you are running a pruned Bitcoin node on the embassy or otherwise, right, let’s just say, you’re somebody at home running a pruned Bitcoin node. You can now install Bitcoin proxy, it’s open source MIT code, right, right out on, and will also be available in our store.

Aiden McClelland:

And instead of hitting your node directly, you hit your Bitcoin proxy node. And now any wallet that you are using will think that your node is a full node, a full archival node. It will think that it’s unpruned, and you can set fine-grain permission management for all the people and applications that you want to use your node. So it’s a very, very useful service, even outside of the context of the Embassy or of lightning. One of the biggest ways that it’s useful is that a lot of things that are capable of running on a pruned node say C lightning and BTC pay, right? So both C lightning and BTC pay can run against a pruned node, but both of them want to control the pruning, right. They both want to take control of Bitcoin core and the pruning process. And so you can’t run them both, right? You can only run, C lightning and BTC pay. If you’re running a full archival node until now, now you can run a pruned node, put Bitcoin proxy in front of it, and then point both C lightning and BTC pay to your proxy URL, which will now trick both of them into thinking that they’re dealing with a full archival node.

Stephan Livera:

Interesting. Okay. Yeah. I yeah, I didn’t know that about it. Although I knew, I knew the common, like a standard set up for a BTC pay, even if you use like the web deploy lunanode, which is one that I have it uses a pruned node and it does LND, C lightning, but I guess yeah, what you’re, what you’re going to is more about being able to get get the blocks and tell it to, you know, even if it’s not like that typical setup, this is more like the like a bare metal setup, right? Like it’s on your own device on your own hardware. Yep.

Matt Hill:

Yeah. It’s more, it’s more modular.

Stephan Livera:

Yeah. Right. Yeah. I’m with you. And also while we’re talking Bitcoin core and things, we should probably also chat about other wallets that interact with it and things like now, for example, Specter, which I’m a fan of recently which I understand connect can connect through. Do you have plans to support those kinds of wallets for the users who want to do let’s say hardware, wallets, or multisig against their embassy?

Matt Hill:

Oh yeah. Yeah. So Specter is one of our favorites. In fact, one of our community members did a big tutorial last week on how to hook up Specter with the embassy. It’s funny that it required a tutorial cause it’s really, really easy. Basically at the end of installing Bitcoin core on your embassy, a Tor address pops out and then you take that tor address and put it into specter. And you’re done assuming that you have, you know, Tor running on your desktop, which Specter requires.

Aiden McClelland:

Most of the guide was centered around how to set up Tor with specter. Yeah.

Matt Hill:

So yeah we really like specter and it works great with the embassy right out of the box.

Stephan Livera:

And so then that could also be useful for the user who needs to, let’s say travel around. And like, as an example, let’s say I’ve got a, you know, 2 of 3 multisignature and I’ve got three different hardware wallet devices, and they’re in three different safety deposit boxes or something like that. Right. And I could take my laptop and say, I’ve installed, Tor onto that. And then I know the Tor address for my embassies specter, if you will, or Bitcoin core, whatever or actually it’s specter. And then I could go around to those three different locations or two locations rather, and sign from that location connecting back to my embassy. Right?

Matt Hill:

Yes. Except for that, it would be your Bitcoin core URL like specter does not get installed on the embassy. Specter is a totally isolated, you know, client side wallet. And it can point to your own self hosted backend, similar to fully noded which is where we really work best right now. Right. So, you know, we are building a modular system where it’s like, you can run these backend services and then use clients that are, you know, elsewhere that are native apps on a mobile phone, or that are hosted web apps, doesn’t matter. Anything that is capable of saying put in your backend address, put in your Tor address here. We can accommodate. And that’s very rare, most of the systems that provide like sovereign clients where it’s like, this is your client running in your browser has always expected you to be running the server on the same machine.

Matt Hill:

Right. This is like the deal with spark and Y you know, we don’t support it yet is because it makes this assumption that you’re full node that your C lightning node is running on the machine with it. And so it took some creativity to figure out how to sort of break those things up, such that users could selectively install something and not something else, or, you know, sort of, it’s more ala carte. It’s an ala carte approach to personal sovereign computing, as opposed to this, like, you know, you can purpose your server to do this one thing, and that’s kind of all it can do. It’s a general purpose computer now.

Stephan Livera:

Very cool. So let’s chat a little bit about some of the other things that are coming up on the roadmap or any other services that you wanted to highlight, because I was just looking on your website and you’ve got a fair few other things that you’re looking to put on here. I mean, you’ve got just on the website, I can see Pi hole, Wireguard, next cloud matrix, WordPress, IPFS. Do you want to just chat a little bit about your ideas with those?

Matt Hill:

Yeah. I mean our service roadmap is, you know, broadly speaking all of open source software anything in theory that could be run on a computer can be run on the embassy. That is the operating system that we have built. Now we’ve put our roadmap up there because, you know, we are going to take the liberty. We’re going to take the initiative to package up services that we think people want, right. That we want ourselves and that we think other people want so that we can build a business, right? It’s like people wanted lightning. So we went out into the world and took it upon ourselves to take existing lightning software, LND, C lightning, ride the lightning and package it up such that it can speak embassy OS and can be used by people who run.

Matt Hill:

Embassy OS now in the future, we don’t expect to be doing this right. Anyone who, you know, any individual or organization that has built some open source software probably for free on donations or because they’re passionate about it. And they want more freedom in the world. Like, you know, often times the motivation behind these open source software services is that it’s not a business it’s that people believe these things should be available in the world because the world would be a better place with them. The problem is that nobody can run them because running requires the command line, et cetera, et cetera. So what we’re doing is we’re putting an SDK out there and telling every open source developer in the world, Hey, have you built something that’s cool that you wish everyone could use? Basically you can package it up now using our SDK.

Matt Hill:

It’s actually quite simple such that everyone who’s running embassy, OS, whether it’s on an embassy or on their own, you know, do it yourself hardware can now download, install, configure, and run your open source software by pushing two buttons. Right. They don’t need to know anything about anything about how it works in order to run your software over Tor V3, right? Like so think that’s a very like attractive, cool thing. And we already have two community developers who have now taken it upon themselves to go out into the world and package up software that they think is cool so that it can be distributed on the embassy platform. So the embassy has the potential to become really the platform and distribution medium that open source software has needed in order to, you know, eat the world, like it just needed a platform, it needed a way out of the command line,

Stephan Livera:

Yeah, it needed a certain user experience and just convenience layer to kind of pull everything together into a way that’s cohesive because a lot of these open source pieces of software, they kind of all work on their own and you kind of need a way to kind of stitch it together and make it easy for someone. I’m also curious as well. So if you were to add a lot of these services, would that potentially be too much for say a Raspberry Pi4? And would you maybe look at having like a higher level computer or like, like a, maybe a more premium level embassy device that people could use to kind of, for example, let’s say they want it to run next cloud and have a lot of their hosted documents and things like that. Do you think that would warrant going, like having other kinds of devices to kind of power it?

Aiden McClelland:

Yeah. Well, so it’s not, it’s not just as simple. The short answer is yes. Like we were, we plan on releasing additional devices with more power, different specifications for different use cases. But also in addition to what we have right now, you could also just buy a second embassy and put a different set of apps on the other embassy, if your original one’s already overloaded, the point is you can, they’re very general like units, like a single unit of computing that you can add together to get the full set of what you want.

Matt Hill:

The physical location doesn’t matter. And, and, you know, not only that, but because these things are all a cart, right? The fact that we offer, you know, say a hundred services a year from now, doesn’t mean that you have to run any of them, right?

Matt Hill:

These are available on a marketplace, like the app store. And so you have, you know, if you go to install Bitcoin, and then you go to install, you know, a Ethereum, it’s like the OS is going to tell you can’t do this. It’s just like, you’re going to try to download this service and you’re going to hit run. It’s going to, like, you don’t have the computing resources to run the thing that you’re trying to run. So, you know, go get an external hard drive of this size and plug it in as in the OS is aware of its own environment and the services that are running on it and can provide the user with simple dewy buttons and drop-downs to, you know, explain to them what’s going on and what they can do to fix it.

Stephan Livera:

Yeah. I think that makes a lot of sense. That’s a good for it to be built out. Let’s talk a little bit about sustainability and revenue and so on. I certainly appreciate that you’re trying to do this the open source way while giving people self sovereignty what’s the thinking around revenue and keeping the model sustainable. Is it mainly going to be like device sales revenue, or do you have other ideas in terms of ways to keep it an ongoing sustainable project?

Matt Hill:

So device sales are definitely the revenue right now. That’s how we make money and they’re growing. This is actually gaining popularity. So that’s great. Now we are also, because we ship internationally have to deal with a lot of shipping and duties fees, which is a big deal. Sometimes can be half the price of the device itself. And so what we’re going to do is start selling the OS. So we are just now finishing up our online platform that will allow people to purchase embassy OS from us. And, you know, just click a button similar to how, you know, Microsoft sold operating systems back in the day, we’re just going to sell the OS. And it’ll be, you know the cost that we sell it at will be basically what we currently sell the hardware at minus the hardware.

Matt Hill:

So, you know, the OS is really our value proposition. It’s where we make money. The hardware is, you know, we’re not marking up the hardware per se. We’re just, you know, making it, that is the most convenient way to possibly run embassy OS is to buy a device from us and plug it into the wall. So we’re selling convenience there. But for anyone who wants to build it themselves can just go buy a Raspberry Pi 4 a little speaker, like we’re going to have a little, do it yourself kit. And then they send us some Bitcoin and we send them the OS and they go to a website type in a little, you know, product key that we ship them when they bought it and it’ll download EmbassyOS onto their computer. They can then flash it onto an SD card and put it onto the Pi.

Matt Hill:

So what this does is it allows us to sell globally without worrying about shipping and distribution and, you know, regulations and customs fees and all that stuff. So we’re really looking forward to being able to ship our software globally, as well as hardware for people who want the more convenient path. And then in addition to that you know, we are going to be getting quite involved with lightning now that we’re up and running. If we are selling embassies and embassy OS and facilitating the installs of lightning network, we’re definitely going to be getting involved. So we plan to be pursuing the sort of lightning you know hub lightning service provider approach and getting involved there. And then, you know, we also have opportunities to do sort of trust, minimized custodial services for people who want say cloud backups of all their data, because keep in mind, you are storing, you know the price of total trustless sovereignty is responsibility.

Matt Hill:

All your critical personal data is sitting on a hardware device in your home. And currently we allow you to do backups using a USB stick, right? You put the USB stick into the pie, it pops up on the embassy OS, and you can, you know, backup your service data and then take the USB stick and put it somewhere safe. But that’s not super convenient and it’s very manual. And so we are exploring monetization opportunities around, you know, totally anonymous, encrypted cloud backups and potentially even notifications, right. So how do you know what’s going on with the device in your home? If you can’t get emails and phone calls and text messages and push notifications about it and all that stuff is extremely trusted and very dangerous if not done properly. So we are working on some sort of distributed protocols where we would not be the only marketplace participant, but building out sort of distributed networks of quote unquote post offices where people could, you know, set up their own Twilio account and AWS, you know, SES email server and serve as a service provider, a sort of a liaison or facilitator of notifications for others around the world for fees over the lightning network,

Aiden McClelland:

Mainly to like interface with the legacy systems, right, is things like email and text are all very centralized and very custodial.

Matt Hill:

So you can sort of federate those to a degree and you know, allow trusted marketplace participants to provide services to individuals and sort of relay communications on their behalf encrypted fully obviously. But you know, those are more on the sort of speculative you know, evolutionary track for our company. We believe that the opportunities for us to participate in the new economy will be tremendous and we will be extremely opportunistic as they come about. But what we’re really happy about is that we have this like very brick and mortar tried and true business model, like this gritty low level business model, where we don’t need some sort of like, you know, angle on the decentralized economy to have our business. We’re not sort of rolling the dice in that sense. We have a fantastic product that involves real world logistics that has never been seen before and we are selling it and we have been selling it for almost a year now. And people, our customers are very happy. They love us and they’re telling their friends and our sales are growing

Stephan Livera:

Well. That’s great to hear. And I think it’s a really ambitious project, but it’s one that I want to, I would like to see these kinds of projects do really well because I think it allows just a whole new level of self sovereignty for people out there. So guys, thanks for joining me. And if you had any closing thoughts and where can listeners find you online?

Matt Hill:

Our website is start9labs.com. We also have a Tor V3 brochure website. It’s just a mirror of the.com website, which I don’t have memorised but it’s online. And yeah, I mean that’s where you go to learn about us. It’s where you go to buy an embassy. And then lastly, I just wanted to seal up here. I know we’re out of time the fifth service that we’re launching tomorrow, we never got to talk about it real quick. Is a service called Pastebin. I don’t know if you’re familiar with, ViaCrypt basically a way to, you know, share a one-time ephemeral self-destructing message by sharing a link with somebody. So Pastebin will now be available on the embassy starting tomorrow. And it’s just like ViaCrypt except self hosted. There’s no ViaCrypt. There’s no central server. So arguably it is the like darkest, most secret, craziest way to share information across the world that has ever been available to a non-technical user.

Stephan Livera:

Thanks, Matt and Aiden for joining me on the show today.

Aiden McClelland:

Yeah.Thanks to you. Stephan

Matt Hill:

Thanks for having us.