#745: The AI Approval Layer Is Fake with Zach Herbert - TFTC: A Bitcoin Podcast

Summary6 min read

TFTC: A Bitcoin Podcast
Host: Marty Bent
Episode #745: The AI Approval Layer Is Fake with Zach Herbert
Date: May 13, 2026
Guest: Logan Lamb (Foundation Devices)

Episode Overview

This episode dives deep into the intersection of Bitcoin security philosophy and rapidly advancing AI technologies. Zach Herbert and guest Logan Lamb (Foundation Devices) discuss how AI is transforming software development, the critical threats AI poses to data security, and why the current "approval layers" for AI actions are effectively illusions. They explore Foundation's approach to building trustworthy security hardware and operating systems fit for an AI-driven future, emphasizing the urgent need for real, enforceable user control amid growing risks for both individuals and enterprises.

Key Discussion Points & Insights

1. The Impact of AI on Product Development & Security ([00:44] – [11:43])

Acceleration in Development:
- Logan observes that AI tools have drastically sped up Foundation's engineering cycle.
  - “The pace at which we’re able to start adding new features to our new devices and software is insane.” — Logan Lamb ([01:50])
Security Parallels Between Bitcoin and AI:
- Foundation wants to apply principled Bitcoin security—‘human-in-the-loop’ approvals—to AI, not just crypto.
  - “You want to have a human, like a person, know what they're about to approve, right? And then explicitly authorize that transaction in a computer environment that they trust.” — Logan ([02:54])
The Approval Layer is an Illusion:
- Current AI approval prompts (such as in Claude or GPT) don’t enforce permissions at the system level—AIs can already act on what they are "asking" to do.
  - “...every kind of permission approval—the entire approval layer is all fake... it's just trying to make us as the users feel comfortable that it’s coming to us to ask for permissions. But if it's asking for permissions for something that it already has the capability to do, like that's a huge problem.” — Logan ([13:01])

2. The Need for Architectural Change ([16:00] – [28:14])

Outdated OS Paradigm & Attack Surfaces:
- Modern AIs are being deployed on decades-old, monolithic OSs (Mac, Windows, Linux), which cannot distinguish between AI and human users and have massive attack surfaces.
  - “We're dropping these AIs into these monolithic operating systems that are kind of built on top of previous code over decades... the attack surfaces are enormous.” — Logan ([16:22])
  - “The OS has no way to distinguish between a human user and an AI agent.” — Logan ([16:22])
Microkernel: The Reimagined Platform:
- Foundation’s “kios” (microkernel OS) developed specifically to minimize attack surface and enable true sandboxing/isolation.
- All apps, even drivers, are unprivileged “user space” applications—kernel size only ~9,000 lines, compared to Linux’s 30M+.
  - “What we basically settled on as our dream operating system was not a monolithic kernel like Linux... but the idea of something called a microkernel.” — Logan ([21:23])
  - “The kernel for QoS is less than 9,000 lines of code right now... that's orders of magnitude smaller.” — Logan ([21:23])

3. Real Sandboxing & User Approvals ([31:13] – [67:32])

How Real Sandboxing Works:
- In “QoS,” every app is 100% sandboxed, with:
  1. Isolated memory (hardware-backed)
  2. Apps receive only derived child keys, never the master seed
  3. Message-passing architecture – all access requests (to e.g. camera, file storage) are kernel-moderated
  - “Any action you take has to go to the kernel for evaluation and approval.” — Logan ([55:07])
  - “Unlike Ledger, where the apps can all just grab the master seed... on kiosk, your app can never see the master key... you get a hardened derived key.” — Logan ([55:07])
Divergence from Ledger & Industry Norms:
- Critique of Ledger’s closed, smart card-based system: not open source, limited to single app, stifles developer/community innovation, requires all apps to be audited by Ledger.
  - “Ledger is basically running on a smart card operating system...very slow... that’s why they always had those tiny screens.” — Logan ([46:24])
  - “Whoever builds the best platform is who wins. And I think Ledger has done a pretty masterful job so far... But the actual operating system can never be open source.” — Logan ([46:24])

4. App Ecosystem & Developer Opportunities ([60:56] – [67:32])

SDK & App Store Vision:
- Foundation’s SDK, developer mode, and eventual app store will support third-party apps, fully open source and reproducible, with sideloading.
  - “All apps on our app store have to be open source and reproducible because we’re building them from your repo... But we’re also going to have robust sideloading capabilities.” — Logan ([64:24])
Example Apps & Aspirations:
- Nostr key signer, password manager, AI credential vaults, security keys
- Call for companies like CASA, Nostr clients, etc. to build native apps for Passport Prime.
  - “Developers can build apps to run on the Passport Prime hardware... get important stuff off your computer or phone and onto key OS with a native app.” ([64:24])

5. Broader Implications & Urgency ([68:13] – [79:06])

Risks Worsen with AI:
- As AIs gain more autonomy and integration, attacks and zero-days (like the iOS ‘Dark Sword’ exploit) will proliferate due to massive, complex OS codebases.
  - “As models like Mythos become prevalent, we may see one of those [zero-days] every couple weeks.” — Logan ([74:15])
  - “The need to find a way to better secure everything is more important than ever. And everyone’s going to have to figure it out—not just individuals, but especially these enterprises that are storing things like Bitcoin.” — Logan ([77:48])
Enterprise vs. Individual Security:
- The greatest vulnerabilities may be for enterprise and custodial solutions, many of which rely on old, closed-source HSMs, or workarounds (like company iPhone apps for approval).
AI-Driven UI Transformation:
- The way users interact—with text, voice, or projected UIs—will change the expectations for security, further underscoring the need to rethink the protocol and OS layers.

Notable Quotes & Memorable Moments

“The entire AI space right now—every kind of permission approval, the entire approval layer is all fake… it’s just trying to make us as the users feel comfortable.” — Logan Lamb ([13:01])
“We almost need to reinvent the whole idea of what a personal computer is.” — Logan Lamb ([16:22])
“I asked all the different AI models: if you could build your dream operating system...what would you build? And they all gave us the same answer, which was a microkernel operating system.” — Logan Lamb ([21:23])
“If you’re trying to do this, you can’t just like make a cool OS concept and post it on GitHub... The hard part is actually getting it onto a device that you can ship to customers.” — Logan Lamb ([32:06])
“Any action you take has to go to the kernel for evaluation and approval. So that’s how we do it.” — Logan Lamb ([55:07])
“As bitcoiners, we have a unique perspective... It's important for us, I think, to talk about that and make that heard because I think [AI is] barreling right now towards: growth at the expense of privacy and security.” — Logan Lamb ([84:47])

Important Timestamps

AI’s Impact and Security Parallels: [00:44] – [11:43]
Approval Layers Are ‘Fake’: [13:01]
Why Current OS Models Fail With AI: [16:22]
Foundation’s Microkernel Approach: [21:23] – [32:06]
Ledger, Legacy Security & Market Dynamics: [46:24]
How Sandboxing Works in QoS: [53:52] – [55:07]
App Ecosystem, SDK & Future Vision: [60:56] – [67:32]
Enterprise Risks, Zero-Days & the Urgent Need for Secure OSs: [68:13] – [79:06]
Developer Call to Action: [82:33]

Call to Action for Developers

Developers can contact Foundation through their website, X, or email for free developer units.
- “If you’re a developer we’ll send you a free developer unit so you can get started and check it out.” — Logan Lamb ([82:33])
SDK and detailed guides are available; app store and sideloading coming in the next release.

Thematic Tone

The conversation is equal parts urgent and optimistic—Logan and Zach are deeply concerned about the scale of coming security risks as AI becomes more powerful, but both believe that the Bitcoin perspective, technical rigor, and new approaches to hardware/software design can meet these challenges. Their emphasis is on building now, and empowering both individuals and enterprises to regain true control over their digital assets as the window to do so narrows.

Loading summary

Transcript83 lines

[00:07]
Logan Lamb
You've had a dynamic where money's become freer than free. If you talk about a Fed just gone nuts. All. All the central banks going nuts. So it's all acting like safe haven. I believe that in a world where central bankers are tripping over themselves to devalue their currency, Bitcoin wins. In the world of fiat currencies, Bitcoin is the victor. I mean, that's part of the bull case for Bitcoin. If you're not paying attention, you probably should be. Probably should be.
[00:35]
Zach Herbert
Probably should be. Zach Herbert. Can't believe it's been six years, sir.
[00:40]
Logan Lamb
Yeah, the. The world is very different from when I last came on.
[00:45]
Zach Herbert
Yeah, I mean, we were just talking about it too. I think maybe we start there as. Because it's something I'm fascinated about and something we're just talking about. Noticed that we're leaning into it. You said that you're leaning to it personally and on the business side at Foundation, I think the AI wave that has hit over the last two years is really, I mean, just from observation and experience, it's have. It has founders thinking differently about building businesses, particularly within bitcoin. And I'm just curious, for somebody working on a hardware and security product, what is the best approach for you guys or how have you approached it? Because there's many considerations I feel like that your team would have to take in compared to ours, which is just media where we're not really securing data and so we can be a bit more liberal. But I feel like for you guys, it can certainly help. But you have to correct me if I'm wrong. Have some guardrails to make sure that everything's copacetic at the end of the day.
[01:50]
Logan Lamb
Yeah. I mean, the AI stuff has been incredible and I wish we had had it when we started the business because it's allowing us to move so much faster than we would have otherwise. It's still getting better at like the low level embedded, like firmware and drivers and operating system stuff. So it's still not that great there. Improving every day, obviously with every model, but like the pace at which we're able to start adding new features to our new devices and software and everything is insane. But I mean, of course it has us very worried about the security side of things and we have, I think. I don't know if it's a unique point of view, but I think when I hear the crossover between Bitcoin and AI, I know that's becoming very topical. A lot of bitcoin podcasts and you know, I've heard, I've heard this, this intersection of Bitcoin and AI and like, what does that mean? And typically what I hear from that is something like Bitcoin or lightning powered payments, right? Being like the ideal source of, you know, money transfer between the AIs, which was a concept that is probably is over 10 years old from like the, the original 21 Balaji machine payable web baby machine to machine payments, which was ago. I mean that was maybe like 2015, I think. Yeah, it was, it was in the, the depths of the bare market when they were working on, on that and then ended up pivoting to earn and selling to Coinbase. But what we think about now is like bringing our Bitcoiner principles and point of view to securing AI. And I think that's like what we're most excited about at foundation right now. And because if you think about it, I mean we started with, with just the Bitcoin hardware Wallet back in 2020. And when, when I came on, I think you were the, you're the first podcast I ever did, which I remember being so nervous for because this was like we were just a few months into the company and I had never done like a podcast before. And I think about what I was talking about then, it was, you know, open source hardware. We were doing the air gap QR codes, We were just doing a bitcoin only hardware wallet. And those same security principles that we have done for Bitcoin and other great companies right in the bitcoin space too, where you want to have a human, like a person, know what they're about to approve, right. And then explicitly authorize that transaction in a computer environment that they trust. That's effectively what a bitcoin hardware wallet is. And that's effectively like the kind of tech that we've been building right since 20. And I think you could bring those exact same principles to the AI side of things. And so when I think, and when foundation thinks about like, you know, the AI stuff and the crossover, yeah, there's, there's enormous challenges with the security side and we all feel it right now as users. You know, you're, you're mashing the approve button or you're just turning off the permissions in CLAUDE or GPT and just letting it do its thing, we think about like, how can we bring our Bitcoiner principles after years of building hardware wallets and expand that beyond specifically Bitcoin approvals and maybe take that like to the entire AI world as well. So it's like Bitcoin principled security, but trying to bring it to like the broader tech space.
[05:26]
Zach Herbert
I mean, just off the top of my head as they're explaining that. So when I'm thinking of Bitcoin hardware, you mentioned like air gapped. So when we're, when we're trying to secure Bitcoin and create a private public key pair, I mean the way, the safest way to do it is to have an air gapped device. You create it offline and you make sure that it's not connected to the Internet. The main goal is isolating the hardware from the broader Internet. And I guess when it comes to bringing those Bitcoin principles to AI, how is that, how do you see that being accomplished? I mean, before Hit Record we were talking about Maple. Obviously they have trusted execution environments in the enclaves. And this is something that I'm focusing more and more on because I think people are beginning to realize like, hey, openclaw and Claude, Cowork and GPT are incredible. But as you use it, the more and more you use it, the more and more it becomes ingrained in your business. You're like, how much information am I leaking to these frontier models and the companies that run them and am I comfortable with that? And I think it's a massive problem set that needs to be solved and I think ultimately will be solved. If we're going to do that, I think we could see ourselves hitting a point where people just get too uncomfortable doing this and essentially giving their personal and business lives over to the AI overlords at Anthropic and OpenAI.
[06:56]
Logan Lamb
Yeah, I mean, it's tough because if you don't use it, you're not going to be able to compete. And so like, if we at foundation didn't use it, we would over the coming years need to hire huge numbers of people and everything. And I want to keep the team small, right. I want to use this technology as leverage so that we can do a huge amount with a small team. And I think the privacy stuff is very important. And I think there's great companies working on the privacy side of things like Maple, you know, like you mentioned. And so I think our perspective is less about the privacy and more about like, you have a technology that is probably going to be, I don't know how you equate like the intelligence to human intelligence. It's hard to equate it. Then you get into like the philosophical view. You have a technology that's like more powerful than humans when it comes to Computer use, computer security. Right. You have that Mythos model from last month from, from Claude, and it's not even available to anyone yet. And people are trying to figure out is that hype, is that, is that overhyped? Is it real? I don't know, but I think we can see that the trajectory that, that the space is following. And so I think like the really interesting question that we were not thinking about until really like January. And so I haven't talked about this anywhere, really. Just going to share my thoughts with you in real time and like, kind of give you a little preview as to what we're working on right now, you know, within the company. But it's like, how do we constrain or contain these AI models so that you can use them to their full capabilities, but that they ultimately answer to a human authority.
[08:49]
Zach Herbert
Right.
[08:49]
Logan Lamb
Like it comes to you for any crucial type of approval. So maybe, you know, if you wanted to, let's say you were like investing in a portfolio company, right? Or, or you're pay if you're paying or you know, if you're doing a new investment, you're sending a million dollar wire transfer or even better example, Bitcoin transfer, right. You want to approve that. You want to know exactly what you're reviewing and approving. But if you're just paying an invoice for the podcast to a vendor, and it's a vendor that you've paid before, and it's an invoice amount that's roughly the same amount and it's 30 days from your last invoice, you probably want the AI to be able to just pay that for you. And so I think right now where we see the opportunity and we also see the biggest challenge is that with how everyone's using AI today, is that the place where it's asking you to approve things is the computer or device that the AI is running on itself. So you're like doing all the approvals inside the blast radius of the device or devices that the AI is either running on or has access to. And that's crazy. Like, I don't think that that's going to work at all long term. And we're already, see, you know, you could point to all the crazy stuff happening. You could point to like Amazon calling emergency meetings because their employees kept taking down their AWS environments or you know, all the stories on X people deleting all their emails. It may have happened in the last
[10:21]
Zach Herbert
12 hours with Coinbase. That's what they're blaming it on.
[10:24]
Logan Lamb
Yeah, I Mean, they said it was an AWS outage. Right. But they also said that what was
[10:29]
Zach Herbert
having product managers push the prod.
[10:33]
Logan Lamb
Yeah, exactly. And so I feel like we as humans, like, we're building this extremely powerful technology that in some instances is more powerful than ourselves. And I don't see anyone working on ways to contain it. Like, I don't see anyone working on, like, the. The containment is. Is about politely asking the model to please follow the instructions. You know, please, please listen to me. And we're going to do all this training, we're going to put all these kind of guardrails in, but it ultimately comes down to please listen to me. And what we want to do is like, force it to listen to the humans and force it to deliver approvals. Right. Or requests to approve certain actions to the human where we can, like, review and approve them. And it starts to look a lot like the same process that you would do to review. I mean, different technology under the hood, but the same kind of user experience process of like, let me review and approve this Bitcoin transaction on trusted hardware.
[11:44]
Zach Herbert
Yeah. And that's the. Again, I've. I've said this many times, and the listeners may be tired, but I will continue to beat the drum. It's equally unnerving and exhilarating. Unnerving because of everything you just described, but exhilarating because it's. It's somewhat of a. Still a blank canvas. And there's so much to be done in terms of creating these user flows that give you the confidence that you're not borking your system or doing something that is going to be detrimental not only to your business, but to your customers as well. We're just in that weird, amorphous period where the models are still progressing, because that's a hard thing, because these things are still progressing at a pace that is extremely hard to keep up with. And so you're just trying to keep up with that pace, but same time, you're trying to build the guard rails in parallel. And I feel like every three weeks or three months, I'll build a system and become not dependent on it, but become comfortable with it, and then something is released. It's like, okay, I got to rip this out and put this in. How does it affect everything else I've built in the context and the conditional approvals that I thought I had before? It's just. It's discombobulating to a certain degree.
[13:01]
Logan Lamb
Yeah. And I think that we. I don't think the message should be like, handicap yourself in the search for privacy and security. I don't think that's the message. And I think right now if we're using AI, we're faced with like a choice. And when it comes to privacy, I think there's good options, you know, like you can, you can use AI services or providers or you can even do local models. I mean, it's hard to get, it's expensive at least to get the, you know, whether it's a Mac Studio with a ton of RAM or the Nvidia hardware, the Framework desktop, right? There's, there's local models are pretty good. Or you can use one of these in T E style, right? Type things or you can use, I think there's like Venice, right, where it can gives you some privacy as well. But you still have that huge trade off with security. You have the big trade off of I want to go and if I'm going to use these tools, you want to give it as much context as possible. You want to connect it to everything. I've been building a company knowledge base internally where we ingest all the data from all the different company tools that we use so that we can reference decisions on the fly. We can look anything up, we can give the AI models that kind of context. But the challenge is that once, as it stands right now, when you give Claude or Codex or whatever tool you're using, you give it the credentials for those tools, whether it's MCP or CLIS or whatever it might be, it now has full access and any permissions it's asking you is just politely asking you permission for something that it already has the capability of doing, right? So when you actually connect it, like if you connect Claude to Gmail, it has full capabilities to read and send all your emails, everything. And then you could go into the Claude app and you can choose the settings of, you know, let me mark this as needs permission. Mark this as you don't need permission, you're allowed to just go take action. But that's all cloud side. So the entire AI space right now, like every kind of permission approval, like the entire approval layer is all fake. Like it's all fake. It's just trying to make us as the users feel comfortable that it's coming to us to ask for permissions. But if it's asking for permissions for something that it already has the capability to do, like that's a huge problem. And this is going to be a problem that has to be solved over the next couple of years. Otherwise I think it is going to significantly hinder adoption because it's going to be a total shit show as more and more things break.
[16:00]
Zach Herbert
So how do you think we solve that cryptography come into it? Like, because you can imagine a world where it's like, hey, I need permission to do this. And I actually can't do it unless you sign a message that allows me to broadcast the. Well, for using Bitcoin analogies here, not only broadcast the transaction, but broadcast the command to go do a certain thing on Gmail or something like that.
[16:23]
Logan Lamb
Yeah, so I think it's a longer journey and I actually think it's, it's something about like trying to distill it as much as possible. It's like we almost need to reinvent the whole idea of what a personal computer is. Because if you think about it like right now you have Mac, Windows, Linux, you have iOS and Android, and that's basically it. You have these five different computing platforms. And at least on the Mac side, it's like the same code roughly for macOS versus iOS. I mean there's, there's a lot of nuances, but it kind of comes back down, right, to the same code base. And then that all comes back down to Unix type operating systems from what we're talking like 30 years ago. 30 plus years ago. And then you look at Linux, for example, within the Linux kernel there's over 30 million lines of code. And so when we're dropping these AIs into these monolithic operating systems that are kind of built on, on top of the previous code over decades, we're dropping them into one an environment that just has huge attack surfaces. So I think that's like one thing. And attack Surface is like a thing that, a term that bitcoiners know. Right. Because that's how bitcoiners evaluate oftentimes hardware wallets, they'll say like, I want to use a Bitcoin only hardware wallet, right? I want to use something that, with a lower attack service with the smallest amount of code possible on the hardware wallet or on the device. And so we're running these AIs like the models, the applications, the harnesses, the agents. It's running on these very old school operating systems that everything else runs on. And the attack services are enormous. So I think that's one problem, but the other big problem is that the OS has no way to distinguish between a human user and an AI agent. So like you have your screen, right? You have your, your mouse, you have your keyboard. And I mean that model of like the desktop and the files, like that goes all the way back to what is it like, like Xerox park with Apple. And I don't know who took what first. Right. But where they saw the mouse and they have like the desktop and then obviously Windows. So, like the operating systems that we're using to run all these AI agents and tools, they don't know if it's a human user or an AI user. So, like the way that Claude and now Codex are doing computer use is that they're just taking control of the mouse and the keyboard. And now Codex can take control of the mouse and the keyboard on like a Mac, even when the window is not in the foreground. So it can just go do all that stuff or like you're giving it full control over a, A Chrome browser or something, and it's just taking control. And so I think that the right answer is to rebuild all this stuff from scratch.
[19:25]
Zach Herbert
Yeah, well, I mean, multiple comments are like. So I. In January, I think that's when they released Cowork. Claude did. And I used it and I saw it like using my computer and I was like, after an hour, I was like, all right, remove permissions to do any of this. Scared me. And then luckily, yeah, I saw claudebot blowing up. I was like, okay, I'll put, I'll put. I'll put my Claude in the cloud and give it its own server. I'm not gonna give it access to my machine. I'll give it its own machine. And I feel much more comfortable that way. So that point, like, once you understand, you can see that these things are using your computer and your computer is none the wiser as them using it and it has access to all this stuff. It's incredibly scary. And then to your point that we have to redesign this, I think I completely agree. And I think I'm actually a layer above you and been talking about a layer above you for months now. And I'm really interested to dive down to the protocol level stuff because it's something I'm more ignorant about. But one thing that's become clear to me is like, the form factor of how we interact with the Internet is changing right before our eyes. Like, I'm pure voice to text now, voice to voice with my AI systems. And it's like, if I get frustrated if I have to type now or if I have to point and click, I like to hit. The only typing I like to do is like, option, space, bar, begin talking to Super Whisper. And it's become clear to me that like, UIs as we know them, particularly within browsers, are going to be rendered unnecessary. You can project any UI that you want or that you need, something that's specific to you using these tools in the future. And so like on that layer, on like the UI app layer, like I think we're just going to, to go to a world that's like purely API agent to agent, talking, pulling information, distilling information, presenting information to you. But when it comes to the protocol layer stuff, I'm completely ignorant. Like how do you even rebuild that?
[21:24]
Logan Lamb
Yeah, so I think. Well firstly we started to do it without realizing, which is pretty intri. Like so with our new device Passport prime, which is like our third generation, you know, we don't even call it a hardware. Well it, we're actually not sure still what to call it. Like we've used different terms like personal security platform, personal security device. So we're still I think working on like how to properly define it. But we, we kicked this off in, in 2022. We kicked this project off at the end of 2022. So we raised like a seed round for foundation in the summer of 2022 and we're fully closed up with everything by winter, early winter. And then we just started working on this new operating system and we call it kios. And before we started working on the new operating system, my co founder and I, Ken, who's our cto, have been dreaming about like a next gen operating system since we started the company in 2020. Like we were having conversations about oh, what if we could do a phone, you know, what if we could do like all these computer devices? And it was my first time as I'm a first time startup founder, right. And so I think you can get a little carried away. Months into starting the company and we're like, oh yeah, we could do a phone, we could do all this stuff. I don't think we really knew how hard it is to like build hardware, right, and ship hardware and, and scale that up. And so we were very like wide eyed and bushy tailed and just doing a lot of brainstorming and talking about like well, what could we make? And what we basically settled on as our dream operating system was not a monolithic kernel like Linux that I mentioned, which is like 30 million lines of code and like everything is part of the kernel. Like every driver that's supported is in there. Like literally everything is in there. It's crazy is the idea of something called a microkernel. I would argue that not only is the microkernel architecture. I mean, the right approach for what we did. And I can talk about Passport prime and QoS and why we did a microkernel, but about a month ago, I sat down and I asked all the different AI models if you could build your dream operating system that would allow you to work unobstructed, but kind of keep you contained, where you don't have direct access to all the keys or the creds. You have to go ask for approval for important actions. What would you build? And they all gave us the same answer, which was a microkernel operating system, and described something very similar to what we had built over the last three plus years for Passport Prime. And that was like an oh, shit moment for us because we built it like specifically for Bitcoin and for securing things that are important to bitcoiners. We say secure your entire digital life. So, like Bitcoin, of course, two FA codes, like six digit codes, security keys, you know, kind of like Yubikey style security keys, files. We have almost like a hardware encrypted flash drive, other seeds that you use for other apps. All this important stuff being stored on the device. But the reason why we want to do a microkernel, which is basically this tiny core of the operating system that has a very small attack surface and then where everything else is an app in the operating system. So like everything. So like a driver which allows us to connect to a certain peripheral, like a screen. Right. Or, you know, any kind of anything you have on the circuit board or something you might plug into the device. Like those drivers are in user space. Those are apps. They're not even in the kernel. So the kernel for QoS is less than 9,000 lines of code right now. So it's like. Yeah, it's like order of magnitude. Orders of magnitude. I don't even know how many that is. Like four, something like that. Yeah. And we're not the first ones to it. There are other microkernels that are out there. There's like one called SCL4, which is a little bit more academic. It's like a formally verified microkernel. But no one is shipping these in consumer hardware right now because it's really hard to do a new operating system. And so we started to do this new operating system in 2022 because we wanted to build something that would allow you to secure your entire digital life and importantly, install apps on it to customize what you want to do with it and enable developers to build apps for it. But each app needs to be in its own sandbox and can't talk to other apps otherwise that would compromise the security model of the entire device. And so we want to build like the open app ecosystem to be able to keep things on like offline secure hardware, whether that's bitcoin or all this other stuff. And so we started building this OS in end of 2022 and so I, I, this was like before we even knew what AI was. And I think that this microkernel primitive is really powerful and we can start to use that over time to contain the AI as well. But I'm happy to dive more into all the actual tech and stuff behind it because like you said, most people I think are focused on the upper layers, the user experience or like you said, the UIs. I think that's going to dramatically change kind of beaming UIs or the AI kind of making you a UI in real time. Everything's going to be like you said, API based. I completely agree with all that as well. But it's kind of interesting because this was also kind of similar to how when I came on in 2020 it was all about open source hardware being the foundation of this bitcoin powered, I think we use the term like decentralized Internet back then and I think our heads have always been very much on that base layer, right, like, like where the software meets the hardware stack. And for us that's expanded beyond like the hardware stack itself. It's also expanded into like the OS layer Sufferings.
[28:14]
Sponsor Announcer 1
This rip of TFTC was brought to you by our good friends at BitKey. BitKey makes Bitcoin easy to use and hard to lose. It is a hardware wallet that natively embeds into a two or three multisig. You have one key on the hardware wallet, one key on your mobile device and block stores a key in the cloud for you. This is an incredible hardware device for your friends and family, or maybe yourself, who have Bitcoin on exchanges and have for a long time, but haven't taken a step to self custody because they're worried about the complications of setting up a private public key pair, securing that seed phrase, setting up a pin, setting up a passphrase again, BitKey makes it easy to use, hard to lose. It's the easiest zero to one step, your first step to self custody. If you have friends and family on
[28:56]
Zach Herbert
the exchanges who haven't moved it off,
[28:58]
Sponsor Announcer 1
tell them to pick up a bit key, go to Bitkey World, use the key TFT20 at checkout for 20% off your order. That's Bitkey World code TFTC20.
[29:08]
Zach Herbert
All right, freaks, you know me.
[29:09]
Sponsor Announcer 2
You know I don't take sponsor money from products I wouldn't use myself. So listen up. The Aven Bitcoin Visa card is one of the most interesting things I've seen in the bitcoin lending space in a long time.
[29:19]
Sponsor Announcer 1
Here's the deal.
[29:19]
Sponsor Announcer 2
You can get a line of credit up to a million dollars backed by your Bitcoin without selling a single sat. No games, no annual fees, no minimum draws. And your Bitcoin is custody by Bitgo, which is one of the most trusted names in digital asset security. Even never lends it out. There's no rehypothecation. You stay in control. And guess what? You can lock in a fixed rate for up to 10 years. That's 10 times longer than most lenders out there. Or go interest only for up to five years. Rates start at 7.99% APR. For a product that lets you keep your stack and still access liquidity, it's hard to beat. I mean the duration in the rates is the best I've seen in the market to date. You also get 2% unlimited cash back
[30:00]
Sponsor Announcer 1
every time you use the card.
[30:01]
Sponsor Announcer 2
Spend fiat. Keep your Bitcoin the whole game. If you've been stacking for years and you need liquidity without triggering the taxable event, this is worth a serious look. Go to aven.com/bitcoin. That's avn.com/bitcoin.
[30:16]
Zach Herbert
Check it out and let's, I guess let's dive into it because again, trying to. Because that's going to be the hardest problem, right? Like, because we, you mentioned area of macOS, iOS, Windows, Linux. This stuff's been around for decades. The whole, for lack of a. Lack of a better term, I think the whole digital economy has been built on these systems in one way or another. And the thought of transitioning away from that, like the switching cost and the user experience and how do you actually approach it from a technical level? Because the way you're describing it seems like, okay, we built these systems, obviously, inarguably, they've been incredible for humanity. But in a world in which robots are emerging, becoming smart, and we are commingling with them in the digital world, they are insufficiently secure.
[31:13]
Logan Lamb
Hopefully just in the digital world.
[31:16]
Zach Herbert
Right, the robots, the physical robots are coming too. Yeah. And so, yeah, kind of. How do you begin to take bites of this? Apple and like you said, microkernel seems like a good thing, but the modularity and making sure that Everything is siphoned off from each other, can't communicate. And how hard is that? And how. What is the possibility of actually successfully doing that? And maybe it's ultimately 100% because it's 100% necessary. And whether people realize it now or later is the big question is we can learn it now and rebuild now, or we can learn the hard lessons of letting these things run wild on the operating systems that exist today and learning the hard lessons down the line.
[32:06]
Logan Lamb
Well, I think the most important thing is to build something opinionated with a specific product that like already works. And this has been the thing that's plagued like the operating system world over the last, I mean you could probably say decades, because if you go and you start looking on like Wikipedia or searching like ask your AI, like how many operating systems are there? I mean, there's dozens of stuff that's been made and there's also microkernel stuff that's been made. And there's some really cool projects that we took inspiration from back when we started building Kios and end of 2022, like one of them is did you ever have Bunny on the pod? I think at one point to talk about that. His like Precursor B trusted project seb. No, no, no. He's like a hardware hacker guy. He did a few bitcoin pods like years ago. But anyway, he's famous in the hardware hacking world and he has a project that he was kind of showing off to bitcoiners probably in the. I don't know if it was 2021 or something like that, but he was working on this microkernel operating system called Zeus as part of this. It looks like an old school BlackBerry type thing. His device that he was working on and that was like a hardware like crowdfunded open source hardware project. And then there's also, I think Jeremy Soller, who was also doing some of the bitcoin podcasts back in the day, talking about his operating system called Redox. He's the lead engineer at System 76, which is also a Rust microkernel operating system. So those are two. And there's a bunch of others that have happened over the years that never get shipped on anything. And I think the reason is because they're more academic or passionate open source projects. But they're putting out that code and it's going into a GitHub repo somewhere and it has a lot of potential, but it's never getting shipped on real devices. And so we listened to those podcasts and as they were kind of approaching the Bitcoin community back in the day and we got really excited about it and we actually started building on originally on this Zeus microkernel core which was like a open source GitHub project. And we've over the last three years diverged significantly from like that open source project to the point where it's like a, basically like a completely different project. It's specifically designed to run on like the Passport prime hardware as well. We ported it from like RISC V to ARM so that it can run on actual like security chips that we could buy and everything. But I think like the first, my first like long winded answer to that is that if you're trying to do this, you can't just like make a cool OS concept and like post it on GitHub and say, I have this awesome operating system concept. It has a lot of potential it could be used for. Because that's just like step zero, right? Like the hard part is actually getting it onto like a device that you can ship to customers like that people actually buy and that that is, can be used. And then when you're doing an operating system from scratch, or mostly from scratch, you have to build support for every single chip and every single peripheral in the hardware. And that takes a long time to do, especially if you're a small team, or at least it did. I don't know now with AI, maybe it could be a lot faster. So that's how I would first answer your question, where it's like, it can't be an academic project, it can't be an open source hacker interesting project. It has to be something that you actually get out to the world and that you ship, right? Because unless you ship it, no one's building anything for it. Like it's, it's, it's a, it's a hardcore hobbyist type thing. And I think that's been the big problem in my opinion, with all these interesting operating system concepts over the last few years and also like over the past decades, which is a lot of really cool concepts, like a lot of amazing stuff that we can draw from. But if it's not shipping in a real device that people can buy and use and developers can build apps or stuff for, then it's just not going to get anywhere.
[36:51]
Zach Herbert
So Trojan horsing it into the world via a bitcoin security device is a way to do this.
[36:57]
Logan Lamb
Is it still Trojan horsing if we didn't really plan it at the time? Because we weren't thinking about this at all. So I'll tell you exactly what we were thinking about. You know we were, we did two generations of Passport. The you know, air gapped looked like the, like the cell phone, you know, little cell phone, dumb phone form factor. And I mean we had you know, really great customer feedback in the space. We were, I mean you know like we had a reputation for not only just the open source and like assembled in the USA but doing something that had like the hardcore security but then also was more approachable. Was like kind of and it was like kind of an alienware meets virtue. You know design language and everything. And I'm really proud of everything we did. But like store securing your bitcoin for us was only like the first part of a very long journey to secure your entire digital life. So we have Bitcoin Q and A on the team who's been for years. He's been with us since 2021 when we were just a few people. He was known for putting out all these amazing guides and tutorials over the years. He's our head of customer experience. And so you set up your passport, hardware wallet or hardware wallet from another company. But then as you go down this bitcoin rabbit hole you start to care about securing everything, right? You need to keep your online accounts secure, you have your multi factor authentication, you want to start self hosting stuff. You kind of go down this entire rabbit hole as you get orange pilled hence and it's kind of stealing your name a little bit with rabbit hole. And we want to make something that we can use that someone can buy and use as a one stop shop to level up their entire security, right. Not just the bitcoin. And what was really important to us as well was enabling developers to build apps. And like this is, this is key because what we realized was that we cannot build everything at foundation. So examples, let's say bitcoin examples. There's those guys doing Frost Snap. That's a cool project. You know it's like this like hardware device and like they all do Frost and they, they USB into each other like a giant like Centipede. Yes. I was gonna ask how you describe it. I was gonna say it's like, like like towing a bunch of, you know, cars or something where you're tat. It's like a train car. But Centipede I like as well those guys probably, I don't want to speak for them but there's a lot of interesting stuff like that. And you know, miniscript frost, there's arc stuff right now with these L2s. There's lightning, obviously lightning stuff. Most of this new stuff does not have good hardware wallet support. And that's because hardware wallet teams are relatively small and you have to decide what you're going to add, right? You're going to have, you have to decide what you're going to devote your team's resources to adding first party support for. Another great example is I don't think there's still a great like noster key management type device or something that would keep those keys offline but be convenient enough where you're not where it can like sign any of your, any of your posts or messages or whatever, but keeping the keys out front. So our thesis back in end of 2022 was if we build more of a platform type device and then we open it up to developers that we can get a huge number of interesting applications that are very useful built for the device so that we get to focus on maintaining the operating system and the SDK, the software development kit and the app platform and building the best hardware, but that we give users the ability to customize their exact device experience. I mean we're not, I'm not saying anything new like Apple did this, of course, it's like the iPhone playbook. But our main, like one of our main theories was that the space is being held back by the fact that developers can't build apps really for hardware wallets. And then the only hardware company that has some like quasi version of this, right where developers can build apps is 90% of the market. You know, Ledger and I have so much criticism about how they do it and we can get into that as well and how like we're kind of the polar opposite from like an openness and architecture perspective. But I mean it's very telling. I think that you have a company where most of the users I think are dissatisfied. Most of the ledger users are, are they're not really happy users if you check, you know, X and Reddit and you know, you just anecdotally but they're 90% of the market because I think because they were the only ones to offer some kind of developer platform sufferings.
[42:19]
Sponsor Announcer 1
When you take Bitcoin seriously, you start with custody. You want to control your keys, avoid single points of failure and make sure your savings cannot disappear because you or someone else screwed up. That is what Unchained has been focused on since 2016. Unchained is the leader in collaborative multi sig custody and Bitcoin financial services that keep you in control. They secure over $12 billion in Bitco for more than 12,000 clients. That means about one out of every 200 Bitcoin sits inside an unchained vault. Their model is simple. You hold two keys, they hold one key. It always takes two keys to move Bitcoin, meaning their single key can't access your Bitcoin on its own. Just resilient shared custody that gives you institutional grade security while keeping you sovereign. Unchained also lets you trade straight from your vault, access Bitcoin backed commercial loans, open a Bitcoin IRA where you hold your own keys and set up personal business, trust or retirement vaults. They even offer inheritance solutions built for long term hodlers. Or opt for the highest level private client service with Unchained signature and get a dedicated account manager, discounted trading fees, exclusive access to events and features, and much much more. If you want a partner that helps you secure and grow your Bitcoin without giving up control, go to unchained.com and use the code TFTC10 at checkout to get 10% off your new Bitcoin multi sig vault. That's TFTC tenchain.com sup freaks this rip
[43:27]
Sponsor Announcer 2
is brought to you by good friends at Crowd Health. I've been a happy Crowd Health member for almost five years now. My wife and I have had two children while we've been on Crowd health and I actually just got the last bill for our third child funded. It was $6,157. Crowd health negotiated down to $2,309 and we only paid $500. The rest was crowdfunded by the Crowd Health Network. If you're sick of health insurance premiums and having to pay deductibles and getting ripped off at the hospital, join Crowd Health. It's an alternative way to pay for your health care. It's not Health insurance is crowdfunded health care. As you can tell, they negotiate prices for you. You pay in cash. It's much cheaper. Overall, we're much happier. They have incredible perks. Go to join CrowdHealth.com/TFTC to sign up five years on crowd health. Not looking back. Join CrowdHealth.com/TFTC. Use the promo code TFTC. Once you set up your account, you're going to get $99 a month for your subscription for the first three months.
[44:21]
Zach Herbert
Yeah, let's lean into that because I think completely cosine it is. I think we all know the sort
[44:30]
Sponsor Announcer 1
of relative
[44:32]
Zach Herbert
security trade offs that that ledger has made. But to their Credit and to your point, like 90 of the market, like their most popular hardware wallet by a long margin. And I think it's because of, it's funny because like the device, at least the original device, the UX was terrible physically. Like having like you have that small screen and like three buttons and it's like, okay, what am I doing here? And for some, like I, I guess it's because they have this open app architecture, obviously like Metamask and many of Phantom and many others have tapped into that and it has been lacking in the bitcoin space. And I think to your point, I mean the hardcore security conscious bitcoiners and builders in the space, they deem it a trade off that they cannot stomach. And I think that's the point that you're trying to get at with QoS is like, we probably need this from a UX perspective and if we really want to scale this beyond just this cottage industry of hardcore security freaks, which is not a bad thing. I love the cottage industry, I love the hardware wallet options that cater to people who really care about security. But if we're thinking making an impactful change and getting people to hold, getting more people to hold their keys is a very virtuous and I would argue imperative goal to have as an industry. I think your point, we're going to need to make a system that gives that device more extendability like Ledger has into the digital world.
[46:24]
Logan Lamb
Yes. So absolutely, fully agree with you. And I don't think at the time, especially when we started the company, I fully understood why Ledger was so successful. I know I came on in 2020 and one of the things we talked about was a lot of like the pros and cons between all the different hardware wallets. And before we even started the company, I was thrilled to have, I think you included like a long Twitter thread for me in your newsletter once about like an honest trade off list between all the different hardware wallets. Right? It was about this one's open source, you know, this one's closed source, this one has this kind of user experience, this one is manufactured in this place, right? Like kind of like a breaking down the industry. Because I, I thought like I really understood it back then and I think I understood it from a like tech specs point of view and UX point of view, but I don't think I really understood it from like a, like a, a platform point of view and that I think whoever builds the best platform is who wins. And I think Ledger has done a pretty masterful job so far about building the only platform in the space. Now, I have tons of criticisms about the platform. It's Walled Garden. They review all apps that are submitted. Apps are predominantly new coins. You don't see a Casa app for Ledger, right? You see a Bitcoin app. You don't see the Ark guys building an Ark app for Ledger. You see an Eth app or a Salon app. You don't even see the Phantom guys or the Metamask guys building an app for Ledger. Instead, what happens is when you're switching between coins, you have to close the Bitcoin app and open the Solana app, you have to close the Salon app and open the ETH app. And so, yeah, there's a ton of user experience, you know, complaints I have about that. But it's interesting that they've leaned so hard into the coins that they've obviously completely lost the plot because the app feels like a casino when you open up. I mean, it's probably you open up and you're like flooded with all the different coins and you're encouraged to swap between them. And they've said publicly that their software revenue from the services equals the hardware revenue, which means that, you know, the whole, the whole product becomes designed to push you to trade. You know, they've been doing marketing recently for the traders, right? It's all about trading and swapping because they're making a killing on all those fees through the Ledger app. But it's really interesting to go deep into the technical reasons why the apps have to be reviewed by Ledger, why the operating system cannot be open source, why they've released things like open source roadmaps during the Ledger recover scandal a year or two ago, right, where it was like, oh, well, you know, pay us 10 bucks a month and we take your key and we split it between three custodians, but we promise we can't see anything. There was a lot of outrage from the space and they released an open source roadmap. But the irony of the open source roadmap is that the actual operating system can never be open source. So why is that? Well, this comes exactly back to our conversation about legacy operating systems that are built on 30 plus years of code. What most people don't realize is that ledger is basically running on a smart card operating system. Another term for that is Java card. Because a lot of the times in the smart card world, and those are like the chips inside your credit cards, every single credit card has a smart card chip. High end like company like door access badges, smart Card chip. They're made by a small number of companies. Nxp, ST Microelectronics. Each one has a proprietary smart card operating system and a way for developers to build applets to run on the smart card, typically in Java, hence the Java card operating system. What most people don't know is that Ledger's first product was a USB drive with no screen back in like 2013. And they ended up releasing a companion mobile app for it, like to kind of extend like, kind of give it like a fake screen on the mobile app. Before they launched Nano s that had the screen and then kind of the rest was history. It's made by STM STMicroelectronics. Their main chip, it's a smart card chip and what they've done is they, they've built this operating system to run on the smart card. This is like 30 year old legacy tech. It's very slow. It doesn't have the power to do things like drive a modern screen. Like it can't, like the smart card chip can't drive like a 3 inch nice LCD screen or something. Which is why they always had those tiny screens on the device. And when you're working with smart cards you have to load an app and then unload an app. And so if you understand like the smart card technology which is 100% closed source, super proprietary maintained by these different chip companies, each has their own, you know, kind of smart card OS version that's a little separate from the other ones. And you know that Ledger works very closely with STMicroelectronics. Ledger is like that perfect example of building on like a 30 year old technology. And that's why it's so limited. That's why developers can't build robust apps. That's why you have to open and close apps. And that's actually my theory as to why they had to use E Ink screens. And they, to their credit, they leaned into it, right? Tony Fadell, creator of the ipod and Nest coming in. Beautiful. My beautiful industrial design ink, long battery life. But I think the real reason behind the curtain that no one said why they have to use ink is because it's the only thing that the smart card ship can power because it's so low res. It's just text on a, you know, on a, it's literally just text on like a screen that doesn't need to be constantly powered. So they had a breakthrough where they realized, I think and this, this is not documented anywhere, this is my opinion, but I think they realized that they can do a bigger screen, but it has to be ink. And then they leaned into it. So in end of 2022, we were sitting around saying, like, if we could build a new operating system that allowed developers to write apps without foundation having to review the code where they can be sandboxed in a modern kind of next gen operating system, then maybe we can leapfrog Ledger, we can build that open architecture to finally give them competition from the platform side of things.
[53:32]
Zach Herbert
How do you sandbox successfully? How do you approach that design? Again, protocol development know enough to be dangerous, but not nearly enough to actually be competent. Fully competent. That's my question. How do you isolate and sandbox everything?
[53:52]
Logan Lamb
Sure. One interesting thing is that Ledger does not. The way that Ledger does it is they only have one app running at a time, and that's how the smart cards do it. Each app actually accesses the master key on your ledger. Like the seed words. No, no, but that, that's why they have to review apps and because if you had a malicious app, it would theoretically be able to, you know, kind of pull off the seed words and maybe somehow, you know, you've had people on the pod before talking about how you can like, you know, kind of exfiltrate the seed words. You know, there's ways to do it. So that's why Ledger has to review each app. And we've also heard anecdotally that you have to pay Ledger to do an app so that they can review it. So how we do it on kiosk, which is this Microkernel operating system, is. There's a couple of different characteristics. One is, is that the. It's called a message passing Microkernel and it's all written in Rust. It's pretty cool. Which is like a very safe, you know, programming language. A lot of like the hardcore bitcoiners have, especially on the research side. Yeah.
[55:05]
Zach Herbert
Switched over to Rust Bitcoin. Yeah.
[55:08]
Logan Lamb
So this is pure Rust, which is very. That's a lot of the bitcoin devs are like very excited. We were giving them out at the conference develop units, and everyone's like really, really excited about it. So firstly, it's all message passing, which means that let's say you have the Bitcoin app on the device and let's say the Bitcoin app wants to access the camera so it can scan a QR code. The Bitcoin app doesn't just get access to the camera, has to send like a message to the QoS kernel, which then has to relay A message, like to the camera app. The camera, even though there's drivers and stuff, it's a camera app like it's its own app, as opposed to just being something that the OS just gives as a core functionality. And so each message is being passed from app to app and it's going through the kernel and the kernel is deciding, does this app have permission to do this? For our first party apps they have permission, but as third party apps go live in the coming weeks, you'll have to ask permission to use the camera. So from a UX perspective it's very similar to what you're already used to on iOS or Android. But from an OS perspective it's very different because all these apps are like, all these functionalities are individual apps behind the scenes, or we even call them servers on the back end, but we don't typically use that term when we're talking to consumers. And it's a message is being passed through the kernel which is evaluating and deciding if it's allowed to, if the app is allowed to do that. So that's one thing. Two is we're using a security processor that has what's called an mmu. It's like memory management, which is what's used on major processors that you'd find in like Windows, Apple, iPhone, that kind of thing where memory can be isolated based on the application. So we are leveraging that feature of the processor so that like the app is, has, is isolated like the actual memory, like the ram. Right. It's like it's, it's only in that space given to that app and not to the other apps. See, the other apps can't see it. That's like not novel to us. That's something that is common in modern operating systems. But where it is novel is I don't think there's any hardware wallet type devices that do that. They don't, you know, there's no, there's no such thing as like processes and isolation or anything like that on any of these hardware wallets, including Ledger, because they're designed to just run like one set of firmware. And the code is the code, the code is all there, right? The code, you can't load or unload parts of it. It's like. And that's why you see Trezor and Bitbox and others doing Bitcoin only, you know, hardware wallet versions because they'll say, okay, well that's the only, the code for the hardware wallet and Bitcoin is there and all that other crypto stuff is not there. And so on Kiosk, it looks much more like a modern computer in the sense that we're leveraging the memory management that the processor offers us. But of course it's not in like a monolithic 30 million line, you know, operating system kernel. It's our own, you know, 9000 line microkernel. And so we feel very comfortable about how that the, the safety aspects of that. Then three, what's really cool is each app gets its own hardened derived child seed or key. So unlike Ledger, where the apps can all just grab the master seed from the OS and then use it with a specific derivation path for that cryptocurrency. On Kiosk, if you were building a third party app, your app can never see the master key, we call it. You get a hardened derived key. So it's still using a key derived from the master key, but it can't go backwards to actually see that master key. What you get is you get an app in a sandbox with its own isolated memory. It only has its own derived hardened child seed. So, and that can be used for anything that can be used for like Bitcoin or crypto stuff that can be used for two fa, that can be used to derive keys for like signing code. Like you could build an app or noster, right? Like once you get a key, you can use that key for any kind of purpose. So you have your isolated memory, you have your hardened derived child seed, and then you have the message passing characteristics of the microkernel, where any action you take has to go to the kernel for evaluation and approval. So that's how we do it. It's very different. Like I said, there's some aspects of it that are not unique to us, like just, you know, isolated memory. But when it comes to like the microkernel, the message passing, the hardened hardened child keys, it's like a unique model for enabling third party apps where they live in their own sandbox.
[60:17]
Zach Herbert
Well, yeah, that makes a ton of sense as your point about like leapfrogging Ledger or the intent. And the goal being that you can see, you can begin to see how that's made possible with this, with the modularity of the sandboxing. And I mean, on that point, obviously you guys have a robust set of apps that come out of the box with the two fa, the seed Vault file browser, things like that. But in your mind, like, what do you want people to build? Like, what are some apps that you guys are not going to build that you think others should build and maybe entice to build now that they understand that this operating system enables it.
[60:56]
Logan Lamb
Yeah, so an SDK is already out in like an alpha beta type state. So our CTO did a talk at OP Next a few weeks ago in New York and walked through how to build apps. And we have a CLI tool foundation. Cli, we have a simulator on the computer. And what's really cool, I don't know if we've talked about it publicly, is that we're going to have with the new firmware release for Passport Prime, a developer mode that you can turn on that gives you an MCP server so that your AI can test the app itself. It can see everything on the screen on Passport, it can interact with the entire UI so you can go to bed, wake up and chugging away, testing your app on the real hardware first. We spend a lot of time working on the tooling for this and that'll be, you know, out of beta in a few weeks. But it is in beta for anyone that wants to like, use it, use the simulator. We can, we can send, you know, there's a. You can contact us on our online and we can send you like a developer unit for free as well. What kind of apps that we want folks to build? Well, first I'll talk about a couple of things. We Vibe coded Q and A and I in the last few weeks. I think you mentioned one actually on RHR that Q& A Vibe coded like a nostr key storage and signing app.
[62:15]
Zach Herbert
Yep.
[62:16]
Logan Lamb
Which is awesome.
[62:17]
Zach Herbert
We talked about last week or two weeks ago.
[62:19]
Logan Lamb
Yeah, yeah. So that was, I think, yeah, the week before the conference. So it works. It's great. I can't attest to the code being reviewed. Like that's not, that's not going to come from an official foundation repo yet. But that's one great example, which is, you know, you can have your Noster keys on there, you could do your signing from there and you can keep those keys off your phone permanently so that you don't have to worry about, you know, losing those keys. Another one he built was a full featured password manager with a Chrome extension so that it can just inject the passwords directly into, you know, your browser. A lot of the things I'm interested in in that category are being able to like fully lock down your computer from the device, maybe even like Mac OS or like login from the device where you have to like tap on Passport to like log into your computer. That's very interesting to me. Some of the stuff I Vibe coded, but I've not announced is MCP related stuff. Storing creds and keys for all your different AI tools like on the hardware. Oh, this is cool. This is the, the Noster one, right?
[63:25]
Zach Herbert
Sorry, I was muted.
[63:25]
Logan Lamb
Yeah, yeah.
[63:27]
Sponsor Announcer 2
Is.
[63:32]
Logan Lamb
Yeah. So basically what's happening here, I know not everyone's watching. Some folks are listening. Is Marty showing off Q and A's Noster Signer app. But you can basically create like a Noster key or you can, I think, I don't know if he lets you import it. You can have more than one, you know, for all everyone who has 10 different NIMs on. On Nostr and I think he has it talking over USB now. But Passport prime has Bluetooth and so, you know, basically you'll be able to on the go, right? Just be connected directly to your phone and go ahead and, and any kind of Noster message can be signed from Passport so that you don't have to keep those Noster keys on, on your phone. It's really cool.
[64:22]
Zach Herbert
Yeah.
[64:24]
Logan Lamb
And then so, yeah, so I'm really interested in a lot of the AI applications. Like I did it some for fun a couple weeks ago where you keep the, the creds for all your MCP tools and everything on Passport. And I'm also really interested in all the next gen bitcoin stuff, both things like Frost. But then I want like my big ask for a lot of these bitcoin companies is releasing native versions of their app on Passport Prime. So like I used CASA as an example, right? Just saying like there's no Casa app for Ledger. But if you were to build a CASA app for Passport prime, you know, to run on Kios, you could put your logo, you can put your same UI from the mobile app, you could use your own terminology like health checks. So effectively what happens is that instead of having a hardware wallet where you have to like tell your users how to use the hardware wallet, support all the different functionality, deal with bugs introduced by the hardware wallet and like all that kind of stuff, you can just bring your experience onto the device where it feels like a native first party experience. And so I, we have a new UI coming out along with our SDK where it's like iPhone style, like a, like a grid of apps, right? And so it's very easy for developers to understand that like you can make an app, you can have your app icon on it, the same one that you have on your mobile app, you can put it right here and then any kind of offline capabilities for secure key storage or signing that you want to give to your users, you can finally do it and you don't even have to talk to us. So like you'll be able to release it to our app store if you want to. And all apps on our app store have to be open source and reproducible because we're building them from your repo. We're not going to like just trust like the, the build that you give us. Like we're going to, we're going to build and, and release it ourselves onto our app store. But we're also going to have like robust sideloading capabilities so you can release an app directly to your user base so you don't have to talk to us or interact with us at all. And I'm really excited about all the security related apps. We're going to have our own internal app so that we can sign QoS releases from Kiosk. We do like two of four signature scheme for our, for our signing GitHub code, signing commits, all that kind of stuff. Just any, anything like that. Passwords. Right. We have our security keys but we haven't done pass keys yet. There's probably an opportunity for like password manager, passkey stuff, any next gen bitcoin stuff. Basically anything where you want to get your important stuff off of your computer or phone, you'll be able to do that, you know, and get it onto key OS with a native app. And whether it's something you vibe code for yourself, whether it's something that you have an existing app or service or something like that either on desktop or mobile, we're basically giving everyone the tools to build these kinds of apps to run on the Passport prime hardware.
[67:32]
Zach Herbert
That's awesome. Again going back to the beginning of the conversation, like building for the AI world now I'm like running wild. Like how many API keys have I given my agent access to? How many credentials is it now? I mean limited like read only API keys now, but I would love to give write capabilities as well. And if there is a way to have the keys stored on a Passport prime running QoS and you can somehow like basically sign access to the key while it's doing it without having the agent stored on its own server would be massive.
[68:14]
Logan Lamb
Yeah, we're working on a couple ways to do it right now. Yeah, it's still in progress. I don't think I have anything like perfect. I don't have a perfect solution, but I think directionally based on what we've built internally, I think that's exactly the kind of stuff that you'll be able to do.
[68:29]
Zach Herbert
Yeah, that's awesome. It's a brave new world out there. And how imperative do you think that's one thing I worry about. I mean we talk about it in Bitcoin a lot. Like the biggest detriment or the biggest risk to Bitcoin long term is complacency. I feel like this is equally, if not even more so true in the world of incumbent operating systems and software colliding with this wave of AI that's hitting. Going back to what I said in the middle of the conversation, like, do you think this is a problem that's inevitably going to force a solution, like you're building the kios or is there potential that people don't adopt this and we, we live in this woefully insecure world in perpetuity? Well,
[69:19]
Logan Lamb
well, it's funny when you were saying that the first thing like what I, what I was thinking about was not just us as like individual users where you know, we have, you know, we want to self custody Bitcoin, we want to keep all of our keys and credentials, you know, secure as part of our entire digital lives. I was actually thinking about like the enterprise custody too because like where my mind went to just immediately was how like the history of all these exchange hacks over time and like I got into Bitcoin I think a few months before the Mount Gox hack and so everything after that has just been defined by, you know, one after the other, year after year exchange hacks. And probably one of the reasons why, you know, building self custody tools is because of that. But right now it's like it's not. I actually think as individuals we're like less, we have less to worry about than the enterprises and like the enterprise custody stuff. That's my big worry too. And so I used to think a foundation is just, we're making tools for sovereign individuals and now I'm thinking about it as well. We've made this tool, it's been designed to allow like an individual to secure his entire digital life, including bitcoin. But there's a huge need and therefore business opportunity for us, but like huge need on the enterprise side because most of the bitcoin. Is that, is that a true statistic? Is it? Most of the bitcoin I think is stored with custodians right now, at least millions.
[71:06]
Zach Herbert
I think it's around 50, 50 now at this point.
[71:08]
Logan Lamb
That's good. Yeah. So just say like there's, there's individual custodians that are holding millions of Bitcoin?
[71:14]
Zach Herbert
Yeah.
[71:15]
Logan Lamb
Right.
[71:15]
Zach Herbert
I think has over 2 million at this point.
[71:17]
Logan Lamb
Yeah. And Microstrategy has like diversified to Anchorage and Fidelity is my understanding, maybe others that are, which is, which is good and kind of spreading it out. But what worries me is as we just talked about earlier in the conversation, what are these custodians using to keep everything secure? And some of them will say like well it's offline, it's on paper nhs,
[71:40]
Zach Herbert
we have this coordination policy we have.
[71:42]
Logan Lamb
Don't get me started on hsms though because like this, that's, that's an. HSMS are another great example of like built on 30 year old legacy tech. Like HSMs are closed source, proprietary, old, hard to develop for, have like enterprise sales cycles where they'll maybe send you a sample and then you have to pay them like monthly or annual fees for what? Like they're not doing anything. It's just, it's just, it's exactly in the same category I would say as like smart cards, but the opposite. Like smart cards being small and cheap and prevalent in all the credit cards. And HSMs being these like old monolithic proprietary black box things that once again they're, they're not designed for you to know what you're approving. Like they're designed for the pre AI era. Like things just get automatically signed. There's no human in the loop that's like reviewing what the HSM is signing on some secure device. And what I've heard anecdotally from some custodians is that they're doing things like building internal iPhone apps to approve things. And this like exactly kind of our thesis for why doing an operating system and hardware like this is interesting where you can enable apps to be built because I want them building internal apps on an open source device running a next gen open source operating system, not on an iPhone. And then like maybe there's a Linux computer sitting in like a locked room somewhere with some armed guards or maybe there's this HSM that's completely closed source black box in like their server rack that has a lock on it with like a guard outside the room and they're saying don't worry, our million Bitcoin, they're totally safe. We have the next gen, you know best in class security practices. And then you start to unpack like what are they using? Do these guys have tools that are not available to a normal person? And the answer is no. Because I could go rent a cloud HSM right now on Amazon, like I can go get a smart card and make an app for it. Like I can go get a Linux laptop and put it in a room with a lock on it. It's all the same thing. Yet because they're custodians, like we're just trusting that they have their shit together. But we also know as bitcoin long term bitcoiners. No one has ever had their shit together over the long term.
[74:06]
Zach Herbert
Yeah, and obviously I won't disclose who and at what company, but I heard the iPhone app example earlier this week too.
[74:16]
Logan Lamb
So this is a problem and it's going to become more of a problem when you look at like AI from a security perspective. So you look at like, like, let's not even talk, let's not talk about something hypothetical because like the Mythos model is still kind of hypothetical. You know, there's been a lot of. I just saw like Firefox patch the most bugs they ever have this month in this last month. And the assumption is because they had access to cloud Mythos. But let's look at from like March, that Dark Sword iOS exploit which most people have forgotten about already. But about a quarter of all iOS devices were vulnerable to this zero day and all you had to do was load a website. You load a website from the browser on your iPhone and what it did was it broke out of its like browser container and it immediately started looking for important stuff on the device. It looked for crypto wallets and if so it would just grab those, you know, seeds or keys off of the secure enclave. It looked, it pulled tiny little thumbnails of all the users photos so that I could try to figure out are there any photos that are worth pulling, like the full contents of the photo. And then it went through the whole OS and just tried to pull anything else important from it. So like if you're using an iPhone for your custody and even if you're using like a bitcoin hot wallet, lightning on chain, whatever it might be. I mean that's a quarter of all iPhones that were vulnerable because they hadn't updated to like the latest, you know, iOS version. And Apple pushed out some emergency stuff. I kind of think that they may have pushed some emergency stuff out to everyone because I woke up with an iPhone update that was installed and I don't have auto install enabled on my iPhone. So I think they may have pushed something and just like, you know, they announced it, but I wonder if they pushed something else and didn't say anything. As models like Mythos become prevalent, we may see one of Those every couple weeks because I think the iOS and the macros kernel I think is around 10 million plus lines of code. And then you also have the web browser engine sitting on top of that. And these browsers are just these enormous, these web engines. There's only a couple of them and they're Chromium with Chrome, webkit which is with Safari. I feel like Firefox announced they were like switching to Chromium or something. So I think there's like only two maybe that are being actively developed and they're just enormous, just huge. I mean they're not black boxes because they're open source. But the problem is that you point a model like this towards the Linux kernel or towards Chromium or something and you try to have it find these zero days and these vulnerabilities and then you can also have it break out of its containers within like iOS and you're in huge trouble. And so I think that's going to be a constant fact of life over the next couple years. And I do think there's going to be a lot of these zero days. And I think the VP Vance that just came out that he had an emergency call with all the different AI leaders like a day or two ago talking about how the banking industry is at risk. Mythos is not publicly available. You know, they're only allowing it for certain, certain companies. Yeah.
[77:46]
Zach Herbert
Called Operation Glasswing. Is that what it's called?
[77:48]
Logan Lamb
Yeah, the idea that they're going to somehow find all of the vulnerabilities and patch them and then they'll magically be able to roll it out to everyone. So I don't, I'm not like pessimistic, but I do think that the, the need to find a way to better secure everything is more important than ever. And everyone's going to have to figure it out. Like not just individuals, but especially, you know, these enterprises that are storing things like Bitcoin, where if you lose it, it's gone forever.
[78:21]
Zach Herbert
Yeah. Again, it's a brave new world.
[78:25]
Logan Lamb
Yeah.
[78:25]
Zach Herbert
Equally exhilarating and unnerving. But I'm an eternal optimist. And it's like, okay, yes, recognize that these problems exist and will likely persist for a time, but the opportunity to fix them, create new operating systems, new experiences, new ways of interacting with our digital lives. Incredible opportunity, both from a user experience perspective and then selfishly on your part, on my part, like from a profit perspective, it's like, hey, we got to re architect and build new ways of interacting with computers and the Internet and There's a lot of opportunity and potential in that.
[79:07]
Logan Lamb
Yeah, I'm really excited about it because we were like dreaming about these kinds of stuff in the early days of Foundation. We even have some documents from end of 2020 about what a next gen operating system could look like where it can beam UIs from one device to another device. Well, we didn't know what that meant. We were just having fun, brainstorming and coming up with these cool ideas. And now you see Examples, these generative AIs or the idea that you could have like a server maybe up in your office at home and it's running all your AI stuff locally and it's like whether you call it beaming or like whatever you want to call it, it's some combo of streaming UI and generative UI like on your phone or on your computer side. Like I love that stuff, like that stuff. I just, I'm so excited about all of it. Will foundation like build some of that stuff? I don't know. Right. Because like right now we're very focused on the security aspects and everything like that. But, but we made like the hard decision to spend what we thought would be two years, but that ended up being three years building this operating system. We almost, it's like we had a very nonlinear approach for the company because we did these two generations of Passport devices, the Passport Founders Edition. Then like the Passport, we called a couple different things. You know, the gen 2, we ended up calling it Passport Core. And you'd think we would have had like a linear progression of just kind of taking that same form factor and like, you know, making it thinner, making it more powerful, more affordable, scaling it up, getting into more hands. But what we actually ended up doing was it's like, well, we had our alpha product, we had our beta product and then we raised the seed round and we're like, yeah, we need to do a whole operation, we need to need to do a new operating system. And then we were still selling that second gen Passport. Well, we kind of went dark for a couple years like R and D. And now we're coming out with a product that was envisioned before AI was popular, but that I think has like the desirable. It's not perfect, there's a lot we still have to do to it, but it has like the most desirable operating system characteristics for this like AI security world as well, in addition to the bitcoin security, in addition to like the identity related stuff. And I'm really excited about that. Obviously from like a, you know, selfish profit motive. But then Also because there is, this is a time where we're going to be able to rip up a lot of stuff and rebuild it because there's going to be this imperative. Hopefully it's not because bad things are happening and you like and there's all this chaos on like the cyber side. Hope hopefully it's because like we think about this stuff in advance and we see the value in them and we start to transition, you know, to these new tools and everything. But I feel like like we, we have something that is, is shipping that developers are going to be built, be able to build apps for in the coming weeks and I'm just really excited to see like what everyone builds.
[82:20]
Zach Herbert
Well on that note, if there's any, there's millions of developers listening to the show right now. What is your call to action to them to begin getting their hands on the operating system and thinking about building apps on top of it?
[82:34]
Logan Lamb
Yeah, so one is we just retweeted from the OP Next guys yesterday a talk that Ken, our CTO did at OP Next a couple weeks ago in New York. If you want to actually like watch a little talk and see how he in real time like Vibe coded an app using the CLI tool and everything like that, you can check that out and then there's instructions there to. You can basically start using the SDK in our simulator today if you want on your computer. You can also shoot us a message on any of these channels. Contact form on our site, email DM us on X and if you're a developer we'll send you a free developer unit so you can get started and check it out and everything like that. And then I would say by end of the month our goal is to have like a release of Kiosk out that supports that developer mode that I mentioned so that you can like flip on MCP and like have it, you know, test help you the AI test your app for you and you'll see like start to see the ability for users to sideload apps are becoming out with our app store, all that kind of stuff and so definitely check it out and ask us if you have any questions. But over the next few weeks there's going to be a lot of SDK and app related stuff that we're going to be putting out.
[83:53]
Zach Herbert
Awesome. Logan, I just sent you the link to the Up Next presentation by Ken so make sure you put that in the show notes. So if you're listening, want to get involved, we'll link to that link to the GitHub. Obviously the website, but can't believe it took us six years to catch up. And it was great. I love the line of thought that you're in right now because I think it's again a layer below mine, but a very important layer as it pertains to the intersection of not only bitcoin, but everything we're doing in AI. I think these conversations and thinking about these problems, particularly at the layer that you are, is an imperative right now because it's becoming obvious. Again, going back to my, my cowork example, like I saw this thing using my computer. I was like, this is not, this is not safe at all. Like we need to figure out a new way to interact with these things. So I'm pumped that you guys are working on it.
[84:48]
Logan Lamb
Well, thank you again. I'm really glad that, that you've been doing a lot of AI related podcasts and content and everything because we often forget that like we as bitcoiners, we have a unique perspective when it comes to like both our values, our philosophy, and then everything we've seen in the field over the last decade. Plus when it comes to institute, not trusting institutions. And we bring that same mindset to everything. Right. It might be related to custodians, right. Like I mentioned exchange hacks, that kind of stuff might be related to Covid. Right. Or other type institutional stuff. And then when it comes to AI, I think that whole industry, like the, I don't consider us in like the AI industry, right. I consider us still like a, I don't know what I would actually consider us. Maybe like a, like a bitcoiner led company, something like that. But like we have a unique perspective and different values than most of the AI industry. And like it's important for us, I think, to talk about that and make that heard because I think they're barreling right now towards this, the, the, the, the growth of the industry and the growth of these tools at the expense of the privacy and security. And that is going to catch up to them. Like that's not a good position to be in for the long term. It may be a short term high time preference, maybe profitable, maybe not, you know, position, maybe like user growth position, but man, I don't know about profitable, but like in the long term it can, it could. I don't want to be like doomerism because I'm as optimistic as you, but like need some sane voices in the room saying, okay, how can we do this but do it with privacy? How can we do this but do this with security? How can we bring these, these the way that we approach security on the bitcoin side and like, bring those same principles to the AI side of things. And I'm, I'm really excited to be able to start working on that.
[86:47]
Zach Herbert
Well, again, thank you for doing it and I completely agree, and thank you for the compliments again. Just tickling my own fancy. I'm fascinated by this stuff. And to your point, I do think we have a unique perspective. It's funny, the parallels, whether it's from security or even on the energy side watching all these data centers get built. And having been in bitcoin mining for almost a decade now, it's like, ah, I see what you guys are doing. I know where the landmines are for you. And it's just funny how bitcoiners seem to be ahead of the curve. And I think it'll take some time, maybe three to five years. But I think the approach to security in the AI world that many bitcoiners are taking will be recognized as like, oh, this is the right way to do things. And so I think to that point, you guys are ahead of the curve and keep pushing. And if you're listening, you're a developer and you're interested in what we just discussed, go check it out again. We'll. We'll link to everything in the show notes and begin building. Because I think to that point we have this legacy architecture and infrastructure that many people are dependent on. You need to begin to transition away from it slowly but surely. And if not you, then who? To build the apps that people can actually trust in this world that we're barreling towards.
[88:08]
Sponsor Announcer 2
Thank you for listening to this episode of tftc. If you've made it this far, I imagine you got some value out of the episode. If so, please share it far and wide with your friends and family. We're looking to get the word out there also, wherever you're listening, whether that's YouTube, Apple, Spotify, make sure you like and subscribe to the show. And if you can leave a rating on the podcasting platforms, that goes a long way. Last but not least, if you want to get these episodes a day early and ad free, make sure you download the Fountain podcasting app. You can go to Fountain FM to find that $5 a month get you every episode a day early. Ad free helps. The show gives you incredible value, so please consider subscribing via Fountain as well. Thank you for your time and until next time.
[88:59]
Zach Herbert
Okay?