Epicenter - Learn about Crypto, Blockchain, Ethereum, Bitcoin and Distributed Technologies - EthCC 3 – Flash Loans and Elbow Bumps
Episode Date: March 13, 2020This episode was recorded at the third annual Ethereum Community Conference in Paris last week and we were joined by Gonçalo Sá, Co-founder of ConsenSys Diligence, Jérôme de Tychey, President of E...thereum France, and Cassidy Daly, Token Designer at Centrifuge. We discussed the issues surrounding centralization and DeFi in token governance, the security complexities of composability attacks like the ones we saw recently which leveraged flash loans, and of course, the coronavirus.Topics covered in this episode:Gonçalo and Cassidy discuss their talks at the EthCC eventThe current points of interest around centralization in DeFiDefining ecosystem decentralization guidelinesIssues with token governance in DAOsSecurity complexities of comparability attacks and the recent flash loansHow the Ethereum community is improving response times to attacksEthCC, hugs and coronavirusEpisode links:Ethereum Community Conference 3EthCC - TwitterJérôme de Tychey: “Opening Speech” at EthCCJérôme de Tychey: “Closing Speech” at EthCCFriederike Ernst: “Prediction Markets” at EthCCCassidy Daly & Abbey Titcomb: “Putting the 'De' back in 'DeFi'” at EthCCCassidy Daly: “The Gateway for Real-World Assets into the Blockchain Multiverse” at EthCCGonçalo Sá TwitterJérôme de Tychey TwitterCassidy Daly TwitterThis episode is hosted by Sebastien Couture & Friederike Ernst. Show notes and listening options: epicenter.tv/episodes/bonus-ethcc-3
Transcript
Discussion (0)
Hey there, Sebastian here.
You know, the podcaster listener relationship is too unbalanced.
You know us a lot better than we know you, and we want to narrow that gap.
So please do me a favor and answer our audience survey.
It takes four minutes, and it will help us to continue producing content that informs and inspires you.
You can find the survey at epicenter.
Dot rocks slash survey, and at the end, I'll tell you how you can get a free,
keep-key, hardware wallet, courtesy of ShapeShift, to thank you for your
time. So thanks in advance and on with the show. Hi, welcome to Epicenter. My name is Sibbe Seng
Kuitou. This is the first of a series of bonus episodes and bonus content that was recorded at the
Ethereum Community Conference in Paris from March 3rd to March 5th. In this episode, Frederica and I sat
down towards the end of the conference to have an informal discussion with Gensalo Salle,
co-founder and security researcher at Consensus Diligence, Jerome de Tichet, president of Ethereum France,
and Cassidy Daly, the token designer as centrifuge.
We talked about the topics du jour and the things on everyone's mind of the conference,
including the issues with centralization in defy and token governance,
the security complexities of composability attacks like the ones we saw recently,
which leveraged flash loans, and of course, the coronavirus.
Now, just in the last few days, we've discovered that people who are at the conference
have tested positive for COVID-19.
I was in contact with some of these attendees, and so I'm taking the advice of
health officials and friends and quarantining myself for the next few weeks and monitoring my
situation as it evolves. If you think you've been in contact with someone who's tested positive for
COVID-19 or if you're showing any of the symptoms, please refer to your local health authorities
for the proper course of action in your area. I think it would also be helpful for everybody
to be transparent at this time so that people can take the proper precautions if they think
they might have been infected. We're here at ECC. ECC is about to end and we're
speaking with three very lovely panelists.
The first one is Gonzalo from Consensus Diligence.
Then there's Jerome who organized this conference.
And then there's Cassidy who does token economics for centrifuge.
And with me is Sebastian.
So maybe we can do a super short round of interactions
and maybe talk about the talks that you gave,
well, we're going to give here at ECC.
I can start.
My name is Gonzalo. I've been with Consensus Diligence. I'm one of the co-founders. I've been there for three years. And I'm also Director of Hugs at Consensus. That's an official title of mine.
I'm Jerome. I'm the president of Itcheram, France. We organize at CC every year the first week of March. And I had exquisite pleasure to receive a lot of hugs. And I had lots of sponsors that are recurring. Nozis is one of them. So thank you so much again.
And it's really a pleasure to have the whole community gathering in France every year.
My name is Kasti working at Centrifuge, which is connecting businesses to financing,
giving them greater access and unlocking value that has previously been inaccessible.
Yeah, tell us about the talks you gave.
So I give one talk just about Centervuge chain and why we're building it today,
which is, I think, less controversial, more of a simple talk.
just to explain what we're doing and why we think it's interesting. And I think the more
interesting talk I gave was yesterday, together with Abby Titcombe, who's working at Radical. And we talked
about how we can start putting the D back in defy. So we looked at a few defy projects and
analyzed them and showed that actually they're really not actually decentralized. They're pretty
centralized. And then we talked about how DAOs can be used to start opening up different
layers of the system. In what ways are they centralized?
I'm glad you asked, would be great if you also checked out the talk.
Because we really dove into this.
I mean, I think you can have a really vague definition of what decentralized means and what
defy is as a result.
So there's everything from bank the unbanked to really getting into basically taking away
intermediaries.
So not having central control of basically like things like admin keys, for example.
but there's also an element of transparency as well.
And we think that DAOs are really good for basically tackling both of those things.
So decentralizing the control of the entire infrastructure,
but also bringing a large degree of transparency to the whole process.
Yeah, I think when people say defy, they often mean self-custodial,
and that's often enough.
So it doesn't really matter how decentralized the protocol itself is
or whether there's any owners with the protocol,
whether people can make changes and upgrades and so on.
Yeah, the self-custodial is usually the thing that qualifies things as Defi, right?
But I would argue that a lot of these projects,
they're just completely recreating what already exists today in the financial system
and not really adding a lot of value on top,
especially when just taking control of, I mean, some projects,
maybe they say, okay, we use a multi-sig for our contracts.
that's great, but like you're still one company that controls this multi-sig.
Like what is that actually decentralizing, you know?
So I really don't like the acronym DFI.I.
I think it's misleading.
It's not decentralized finance.
It's more disintermediated finance at best or recentralized on one single party that people
can audit.
But yet to be, I had enough time to watch all of the talks.
Like being the event organizer, I just running and don't see anything.
I saw your talk on a couple of WhatsApp in the diagram group saying,
oh, this is actually great.
So shout out to this.
And this year, the Defi track was one of the most submitted track.
We had 100 or something different submission for the Defi,
and we kept something like 40.
So definitely one of the big movements in the space right now.
Yeah.
I'm going to blame Jerome now for my talk earlier today,
that did not happen because of the zero people that were in the room.
So never give a talk during the last day of a conference in the first slot.
No, but I yesterday was in a really good panel with the AVE team,
so Stani, also Tom from Aztec about privacy,
a lot of talk about insurance and flash loans, obviously.
That for me has been the theme of the conference.
we're at a point where everybody's starting to get already annoyed by the topic,
but we've talked extensively about it,
how that ties into insurance companies that are popping up like Nexus Mutual and whatnot.
So that has, we've been having some really, really, really interesting talks about that.
I'd like to come back to what you were saying about how DFI isn't actually decentralized.
And I think the nuance between like decentralized and disintermediated,
is interesting. You know, would it make sense for the ecosystem as a whole to start thinking about
sort of the guidelines and best practices in the space? So from, you know, custody, but also
who holds control of like, you know, servers and things like that. Like, do you think that
would make sense for the space to start thinking about that collectively to sort of set standards
for like what Defi should be or ought to be? Yeah. It does.
I definitely think so. I hope that's where we were starting with our talk yesterday is trying to bring up what we think some of the initial standards could be. And one interesting case study that was really perfectly timed was compound's governance token. And I think it shows that they're also thinking about this. And they're tackling specifically a few different areas in terms of starting to open up access to really controlling compound as a
user. So the positive side is that they're opening up access to to make these decisions on where
the protocol is going to go. But the negative side is that they're choosing who they're giving
this access to in the very beginning. So I think it would be nice to start having conversations
about, I think, like something that's really close to me is what is this initial distribution of
power going to look like? Is it right to actually just choose yourself who the initial stakeholders are
and give them the power from the beginning.
And how does that affect decentralization of these decisions going forward as well?
So as someone who has started a DAO before,
it's enormously difficult to actually find a good initial distribution for voting power in DAO's.
So basically because you want to give it to people who care,
so as not to make a tax too easy,
because most people who vote,
I mean, if you just give it to random people, it's like that's a non-starter.
So you need to give it to people who are interested.
And then you need to measure to a certain extent how interested they are.
And they need to convey the interest in some way or other.
And it's super difficult to find a workable way of doing this.
So what do you suggest?
I mean, actually, I loved what DX Dow tried to do.
I thought that was a really good example of how to do it in a way
where you're really considering giving both open access
as well as access to people that care.
So you targeted people who are already using DutchX
and you said, okay, if you're using Ethereum
or one of the other tokens on DutchX,
if you're an active user,
then we're giving you the opportunity
to self-select to get power in this governance.
And I thought to me that made more sense
of an initial model than top-down just select
as compound is doing, are investors
and basically just giving it back to the VC whales
that already exist in projects like Maker.
So by no means do I want to say that
compounds model is good or fantastic
or should be emulated a lot.
But with the DXDAO, so basically you could get
reputation in the Dow by trading on the Dutch X,
but you could also get reputation by just
essentially locking up ether or other tokens
that are listed on the Dutch X,
which was,
was seen by many people as starting a plutocracy in a way,
because basically you give power to people who already hold a lot of funds.
Yeah, it's a difficult problem.
I'm going to make a plug for something that a colleague of mine just put out two days ago, actually,
Morellian, because following all the things that we were seeing,
all the attacks with BZX, with a bunch of like composability in DFI,
we thought there must be a guideline for people to be able to assess these things, right?
More from a security perspective, obviously, not purely from a governance one,
but the first point in that blog post is exactly admin privileges, right?
So knowing that something is not decentralized from the moment that it is deployed
should be really important to the end user.
Yeah, I think that's true.
I just wanted to come back on the criteria that should be used for this,
especially for voting.
I had an interesting discussion with the guys from Unlock.
There was their idea, so I'm happy to share it.
So the idea was like, okay, let's look at how many, well,
let's count the addresses that are interacting with the contract,
and the address that interact the most should get better voting power
because they interact,
and also wait that with the number of,
the total number of transactions that they have done,
in a ounce, so as to
consider that voting is
it's actually expensive
to vote. You need to read what you are going
to vote on and you need to make a transaction.
So at least picking people that
do a lot of transactions means that
for those people, they are already
blockchain handy.
They will actually vote.
But it sounds like a terrible idea
to just give voting rights to
investors because they have investors and
they barely move their talking.
and they have barely used their wallet since they got the token in the first place.
I mean, you've seen this before with Maker, right?
So basically, the Maker governance, there were a couple of Makerways
who, by combining their Maker tokens or even individually could have pushed any sort of update
to the contract without a grace period.
So I believe that's now been fixed.
So basically now there's a 24-hour lock period implemented before things actually follow through.
But, yeah, I mean, it's a dangerous path.
I guess we are completely experimenting with governance with the DAWS.
They're like, okay, let's set up a governance model and see what it looks like.
And it turns out that in the real world example of governance,
there are responsibility associated to this governance,
but also a salary associated to this.
Like when you elect the mayor of the town, he gets paid
and he gets paid on your own dollar.
So whenever we will have a, I'll be curious to see a DAO started like this,
like, okay, this is going to be run as a DAO.
We're going to elect some people.
Those people will get money out of the pocket of the users,
but the users can have a liquid democratic way of just saying,
like, oh, you're not representing me anymore
because you're not doing a good job or you're not voting here.
You missed two votes, guys, come on.
See those empty seats at the parliaments?
No, that's not fine.
I just asked if you were trying to build a new country,
secretively.
He's starting with a castle.
We're starting with the castle.
I'll tell you about the castle if you ask me.
Yeah, well, maybe a bit later.
But I wanted to come back to something you were talking about earlier with regards to
composability attacks.
I'm by no means a security expert.
But how do we, teams like consensus diligence, find these composability attacks when no one has
executed them?
And as the space continues to grow and there are more
like money Legos, like more composability attacks will emerge, presumably.
Yeah.
And so how do we make sure that these things don't just become like commonplace?
I'm going to say that there are like two sides to these latest attacks.
It just happened like in February and last week.
They're like arbitrage opportunities, right?
So purely just trying to get money out of like different exchanges based on
arbitrage and there's actual bugs in the code. What happened in the first time around,
so February 14th, I think, was that there was actually a bug in the code. The sleepage check
was not working properly, right? So that's an actual bug. And that's why the second claim
to Nextage Mutual paid out. Now, thinking about composability, and this is, you just gave you an
opportunity for a great plug, for people to go watch Bernard Mueller's talk from earlier today,
at ETHCTC, Thursday, I don't know, 11, 20 something.
We'll link to it.
Great.
He just presented a new feature that was baked into Mithril.
Mithril is one of our security tools, so it's a symbolic engine.
And he's able to pull on-chain data and actually attest that there is an arbitrage opportunity.
So what I think, two things.
The bugs were here to correct, and those can be solved atomically.
Someone comes to us with a code base, and we can.
can look at the codebase and think about like the bugs that are in there and maybe some
external dependencies. For the arbitrage opportunities, we'll start seeing a lot of bots that
will start to even out the market. And these attacks will keep happening in a much smaller scale
until like everything starts getting evened out. So one of the tricky things with
composability attacks is that it's really difficult to actually pinpoint one specific party who is at
fault because basically anytime anyone puts a new money Lego module on the market are they under
an obligation to test this with all other modules or should there be like a stamp of approval by someone
who pays for it right is this who actually who actually make sure that this is checked
that's a that's a really good hard question that we thought a lot about there should be some
sort of like community bullying for this type of thing and especially when there's things
like Ave coming out, right? Like, Ave comes out.
Flesh loans, guys, nobody knows what this does.
Everything broke.
So this was definitely not for AVE to pay for anything like this, right?
Like, I don't think it was average responsibility to pay for an audit for the composability
of all these pieces, right?
They just enabled some new patterns.
Some security assumptions were completely broken by flash loans, right?
You always think, oh, he, an understanding.
attacker would never have this amount of money. Well, now they do. So I don't think it's obvious
responsibility. I think there should be a way. We should find a way, but a community is so hard.
Like, it has been so hard for the past three years for us. Like, Ethereum is hard and community
in Ethereum is harder. So I don't know. I don't have a good answer for it.
I mean, when you say the hypothesis was, nobody would ever have this much money. I mean, for
for the POS research between
Casper and the various
flavors of Casper, it feels like we've
been considering every
hypothesis and always thinking like, hey,
but what if someone had so much
money, would it be able to do this,
to do that? So I guess that we
did the work on other topics.
So it's kind of good that now we get
to battle tests, those kind of hypothesis that
seemed a little bit unlikely
back in the days.
I spoke to the AVE guys
two days ago, and
Mark made a great point.
There's 7,000 Ethereum addresses that could have did one of these attacks.
What's different about flash loans that we should have had the security assumption that this can happen?
Because there are accounts that have this much money.
Yes and no, in a way.
So yes, in the sense that this could have already have happened.
There are whales that would have the capability to perform such attacks,
but there's the reputational risk of doing so, right?
Usually these accounts are not really anonymous,
and even the pseudonymity of it is like so many times compromised.
So if somebody would perform an attack like this,
there would be a reputational hit.
I think that's the safety factor in there,
that it doesn't exist anymore
because a lot of like 16-year-olds that live in their mom's basement
are now thinking, oh, I have $10 million that I can use.
to hack something.
That's a pretty flaky safety factor.
I mean, reputation.
Especially in the times of tornado cash and similar mixing engines, right?
Look at the different accounts that could have done that.
I'm curious to see the data, but I guess some of those, most of those addresses are
people that got the money in the ICO of Ethereum and haven't touched their accounts.
So luckily, those investors that don't do much with their ether and just sit and hold
are helping the security of various protocols.
But, I mean, we are not completely safe from a shady exchange
to be like, hey, I got lots of money in my cold wallet.
So why am I not attacking those unfair competition?
They are even centralized.
They are decentralized.
What is?
It's not normal.
This is maybe somewhat of a contentious point.
But I actually think the people who are doing these attacks,
now obviously they're somewhat shady.
and, you know, if they were and they would give back the money.
But I think they're actually doing the security of the system a favor
because now is the time you want to find out about these composability attacks.
You don't want to wait until there's more money in the system, right?
The attacker of the Shanghai attack, at least put in the hex data,
the partner house.
It was like attacking the Ethereum blockchain with insult,
like go back to your home, don't stay in Shanghai.
It's useless what you're doing.
But the attacker stayed completely anonymous.
on the flashstone attack?
I don't, I'm not sure.
Yeah, I don't think we have any data on like who performed.
I've heard several people say they know, but...
Oh, I'd be interested now.
So who knows?
But yeah, even still, I think there's an opportunity for flash loans to make this much more accessible, right?
So, like, whales have, like, have an incentive not to break things, right?
Because they are invested in the ecosystem, too, right?
it's reputational and also they're invested.
It's their own money.
They're invested in the success of the network.
I can not all practically any eth and still carry on these attacks.
And that's the whole issue here, right?
Like I could just like short ether or maybe try to buy a lot of maker and break defy.
Like a lot of these, the problem is that like even not speaking,
flashlands have a lot of composability problems, right?
They make these arise, but even they could be used for something that is like made to break some defy protocol atomically, right?
Isolated silo.
They could be used like that.
Yeah, and I mean, we don't know what they can do, right?
So basically, I mean, there's so far we've seen and heard about two things, a Oracle manipulation, which is how the BZX happened.
And then basically this governance hack where basically you buy a lot of maker tokens and then do like a tech on the maker system.
as far as I know, those are the only two things we have heard about,
and I'm sure there are others.
During the conference, we released a private key hidden in a video.
I don't know if you had time to play this game.
Private key was found in like two hours,
and I was following the track of what happens to those ether.
They went straight to another address, and then boom, on by Nance.
I was a little bit sad.
I would have loved to see those ether being too.
transfer on a I don't know compound turn of the cache or something just uh he didn't use it this way
i wanted to ask you guys like what do you think about uh oracles and i'm glad the topics came
came into the discussion because um i've been thinking of maybe proposing that we include some of the
relevant information like uh usd to to if it's apparently uh very very well uh followed pair
U.S.D. to EVE directly in the extra data of a block.
So it can be used directly in the block and have the miners sign in a way
or maybe use different oracles that would sign the data and put this data in the block.
So it becomes available by block, directly in the block and not being brought into the blockchain somewhere else.
What do you think about it?
I don't have a strong opinion on Oracles, but we've been talking to some,
companies that are getting ready to launch their decentralized options for
oracles, right? So stuff like Wheatnet comes to mind immediately. I think that
Chainlink has a lot of head start. So let's see how this plays out.
What do you think is, sort of dissect the response to the attack? Do you think the community
and the space is responding well, are taking like the right steps to prevent
these things in the future or the thorough discussion and thinking around this sort of thing.
Yeah, definitely.
I think we're getting much better.
One thing that has gone much, much better is there incident response time as a community,
as a tribe?
I think Ethereum was very disorganized when I first started getting into the space.
A lot of things were wrong.
But then like people from older industries, industries that are more used to having standards and proper methodology for a secure life cycle of a product and development in general started trickling in.
They came from the aerospace industry or from the cars industry, right, from the automotive industry.
And they brought such good practices.
And I learned a lot.
Like, seriously, I'm barely a security practitioner myself.
I've been learning a lot.
And yeah, I think we've gotten much better.
And this time around, people were responsibly disclosing the flaws.
Everything was handled, apart from some BZX communications, everything was handled very smoothly.
Everybody got to learn really quick what the implications were and go back to older projects.
And now this is more from a security auditing perspective.
Everybody got the time to go back to their older projects and check for possible nefarious
interactions.
That's interesting.
That brings up kind of your earlier point about decentralization in D5.
If the incident response also relies on like specific people being contacted and being
able to take action on things, does that mean that we're approaching, you know, better
decentralization or of course, it's great that incident response times are getting better,
but do we need to move towards a future where specific people are not required to act on
on these sorts of things, like the attacks are...
That's a real problem.
I think when it comes down to it,
you're going to have to rely on specific people
who are able to solve the problems that are there.
I mean, we can't just rely on an anonymous person
stepping up to fix something.
But I think the governance mechanisms that we develop
going forward are going to have to be able to account
for responding to things like this in an efficient way.
And that does mean, I guess,
You could call it a degree of centralization, but I wouldn't see it that way.
I would see it more as delegation of if a problem comes up, we as a community decide who is going to be able to fix this.
Yeah, but I think that should be defined by governance to some extent.
Yeah, I agree.
The delegation of these responsibilities fallbacks if such responsible person is not available or, you know.
Yeah, but I guess what I'm saying is that it shouldn't be that we're not falling back on someone.
I think we're going to need to have specific parties that we go to in order to be efficient if we want to tackle problems like this.
We can't just leave it until the problem comes up to then decide and have a governance vote just on this specific problem.
I think that's not going to make sense.
So having processes in place that themselves are decentralized, being able to have a governance vote around what to do if something like this comes up beforehand.
And I thought the response to this was super interesting because I saw a lot of,
lot of negative responses on one side, but I would tend to agree with Frederica a lot more that
this was actually a good thing that this came up because it brings up issues like this.
What do we do if this comes up in the future and how do we do this in a way that is actually
in line with our values as a community? And then being able to say things like, okay, if someone
can get a flash loan for a ton of MKR and swing a maker vote, well, obviously that
means that the governance there needs to be changed and updated. And it's, I think, great, that that's
coming up now and it can be changed and addressed now, compared to doing this when it's maybe a much
bigger disaster potentially. I think that's a real problem, to be honest. Like, there's the security
community in specific has created repositories of security contacts for several companies, and
some of them are still blank, like big companies, big treasuries that, like, have
no real way for us to contact them at any point in time.
That's pretty scary.
I'd like to get all of your thoughts on ECC,
and if we were to take a snapshot of the space at the moment,
what would we see in that snapshot? Where are we at?
I think I've always loved ECC as a conference
because to me it seems really focused on just being able to talk about issues,
which is what we've done today.
I really appreciate the conversations that I've had here.
And I find it super valuable as a conference for that.
I don't feel like anyone's shilling something to me.
And I think this year was no different than how it's been in the past.
And to be honest, I was a little worried that it could be
because we were in a much nicer location this year, which is actually wonderful.
I appreciated the really academic feeling of the last years.
But it turns out that we didn't need to be in a kind of.
kind of run down academic institution in order to have that vibe.
No, I thought it was wonderful.
It added to the feeling that I was there just for the people,
just to have these conversations.
I wasn't there for the place.
And I think this year it's much nicer, and I've appreciated that.
But I've had just as many really valuable conversations,
and even though I wasn't able to go to as many talks as I would have liked,
I had really great conversations with other people around the conference.
And I believe all the talks have been recorded and have been put on YouTube.
So it's very much on my agenda to watch all the cool talks that I missed at home.
Agreed.
So everything was live recorded and posted the same day.
That's really impressive because there are conferences and I'm not going to name them
that take a really long time to post the content.
I agree with that Cassidy was saying it was like C.C. was always the,
the youth conference that I went to
with the strongest technical content
year after year.
The venue changing
didn't change anything about it.
Congratulations, Jerome.
It's always amazing.
Thank you for the kind words.
You'll all be invited again next year.
So about the change of the venue,
we had a lot of complaint last year
in the year before that the venue
was pretty cool but hard to get around in,
especially because the world
were very apart from each other.
So sometimes people got lost and honestly,
the school is not meant to gather so many people.
So when we have the fire alarm or we have any problem,
it's really a mess.
Whereas the venue this year is way more professional
owned by a professional company of event organizers,
like GAL event.
So definitely it looks way more professional,
but it was also a test for us
because the school that we were supposed to host it in,
the same school, was having a very much
was having renovation work, so we had to find a new place.
And we said, well, let's try to ramp up our game
and try to see if we can host it in a very professional place,
meaning that it will cut a little bit more money.
So the tickets were a little bit more expensive than last year,
20 euro more.
And we wanted to, also we expected to have maybe 20% more attendees.
So we had the 700 in the first year,
$1,200 the second year.
So we were like $1,600.
it looks feasible.
So let's have a bigger venue
and maybe also plan for
2021 that we keep this same venue
and instead of packing everything
on the first three days,
around just three days,
let's take the venue for the whole week
and unpack the thing on maybe five days
and keep it up on the weekend
for workshops and all the stuff.
So that's what we had in mind
and as you may know
there was a pandemic outbreak
during the months before
and during the week
and I'm glad to say that we survive this pandemic outbreak so far.
We'll see.
We'll see.
In two weeks.
Yeah, nobody died at HCC yet.
I hope nobody will die.
I hope we will be.
It did cough a couple times and I got some looks.
I was in a booth and I was coughing the entire week.
So we had given pretty explicit.
it's best practices, don't cough on each other, don't sneeze on each other, don't share
the tissues, don't share the needles, like make sure that you have a propriety.
People are really good about not touching hands though. I mean, if there's one thing that
marked this conference, it was elbow bumping. And I wonder if in future ETC editions,
people will continue to do the elbow bumping. Me, being the director of Huggs at Consensus,
Entitle me to an email from the legal department asking me not to hug people.
Wow.
I do want to point out that while nobody was touching and, you know, that was all fine and good and everybody was like washing their hands and everything,
everybody used the same spoon to pick up, to grab their food security again.
So many challenges.
Everyone's an epidemiologist in these times.
I mean, basically, people came up to me.
They were doing like the elbow bump thing and, you know, it's a little bit awkward.
And then, you know, after, you know, like, trying this, you're like, oh, you know what, come here.
And then they give you an enormous hug.
So I'm not sure.
I'm not sure that.
You cannot avoid the gonzara or griff green all the time.
At some point, you just get hugged.
There was also a second ex-time and hiccup, namely that Heath Paris was cancer like two weeks before.
Can we talk about that?
I mean, do we want to get into the drama of it?
Yes.
So I heard that actually quite a few people were upset because East Denver charged so much for their sponsorships
that they felt that there was a runover to East Paris and that the reason why they weren't able to
raise as much as they had wanted to be able to host the event was in part due to East Denver charging so much.
I wonder if you've heard the same or if you totally disagree.
So I just, we were jumping into this topic.
I just want to say one last thing about coronavirus, if I may so.
This is the more pleasant conversation.
We had 12 to 17% of cancellation among the speakers,
not counting the one that showed up in the room and the room was empty,
so they didn't want it to do the talks.
We will revise a number later.
So it's roughly 30 speakers that didn't come.
Some of them were very famous ones that we were very happy to have,
and then we couldn't because personal reasons,
because fear, because reasonable doubt about their health
or because company policy that tells us that not come.
But nevertheless, we managed to have most of them by video remotely.
We integrated it to the talks.
It's not as good, but still we managed to produce the content, so that's fine.
And a lot of them actually had to get up in the middle of the night for that.
So, I mean, there were a lot of talks from the States,
and they happened at 2 a.m. local time or something.
Yeah, which showed the dedication of those speakers,
and I'm very happy that we still managed to do that.
And from our side, we invested heavily on time,
trying to bring the Chinese community,
the Japanese community, the South Korean community,
and the Taiwanese make them aware of the event
and in hope that they will come.
And finally, we will bring them to France for SEC
because this is what is lacking every year.
And this year we failed miserably because of the virus.
But nevertheless, we'll go again next year.
Yeah, maybe I shouldn't get into this, but picking up on what Cassidy said, that's entirely true.
And I've never met John Poller, but he got really upset at me on Twitter because I said that there was a lot of centralization in funding the East Chapters, East Global Chapters.
And I think that's true because what you as a company do is that you allocate a certain amount for community efforts, right, for marketing.
if one person asks for a big piece of the pie,
obviously the pieces of the pie that are left for the smaller chapters
are going to be a lot less, right?
And we felt that trying to put East Lisbon up,
a lot of people back out of sponsoring
and some others said that they just simply didn't have the cash
to do it after Heath Denver and all the other chapters.
But there were also companies who actually
did not sponsor East Denver because of that. So we actually, we had noses we thought about it.
And then in the end, we didn't because we thought we could get much better value elsewhere.
So Eat Paris last year was organized by Eat Global and it went very smoothly. Like, well, we
at Iterham France, we took the responsibility of the contract because setting up a legal entity
and taking the contract and so on, we already had it. So we took gathering and video and
and some of the fees for the venue,
we took it on our account,
but we let Eat Global raise money
from the sponsors
and it distribute the rewards
and let the,
organize them,
what they wanted to do.
So right after It's Paris,
like we announced that we're going to do
8C again,
and we started to get in touch
with the Global on organizing It's Paris,
and we really waited for a long time
before having what seems to be a confirmation
that we're going to do,
do it and then
feeling that they were really committing on doing it.
So we move forward with other partners
and other organizers and other
caterer and so on.
And unfortunately, they bluntly
decided to not do it to Paris
in late December
and do it London the weekend before
instead, which was really
a huge surprise from us. So we were
left unorganized and thought like
damn, we need to find someone to organize
this Akaton because ATCC is already a
big push to do.
So in early January, the department of this organization,
the department of decentralization very nicely raised their hands and said like,
yeah, we're going to try to see what we can do.
And unfortunately, it was too late for them to actually manage to lend the minimum
amount that we required to actually organize this.
And I don't know if that's because of it, Denver,
but I really thanked Dodd of trying to do so
and in the end I was just like
well people going to London and getting food poisoned
that's never mind
a lot of people from the EF came back from London
saying like well I'm super hill
I cannot do my talk can I be rescheduled
can I be this, can be that so like I would say it's karma
maybe but in the end we are
we are landing at Paris anyway
I'm not going to let anyone tell us
that we cannot do hackathon, we are going to do in a hunt hackathon.
So this is first next Saturday day, and I'm going to announce that this at the closing speech,
we're going to still go to the venue and host workshop on discovering Ethereum
for all the students that applied for each Paris and are in town and want to learn more about Ethereum.
And anyone that wants to have a workshop or present what they are doing,
they are more than welcome to do so.
So at Paris is still happening.
little at Paris but still at Paris
Are there any things you'd like to
Leave our listeners on
What's next for all of you?
Where are you heading to next
Any other exciting conferences or events
That you're going to attend
If they're not cancelled
The Dealey team will
Is excited about the Solidity Summit in Berlin
So I think we'll have the whole team there
And we're going to think about some solidity
April 29th and 30th, I think.
So join us for some security fun in Berlin.
Nice.
I think I'm going to go to this event as well.
If I'm allowed to travel, I don't know.
But I'll probably do that because I really love solidity issues.
And on my side, the next step will definitely be preparing for HCC next year.
And I hope that all the people that hear about HCC or listen to this.
podcast will mark their agenda at cc is happening every year the first week of march and we open the
call for speaker around november i'm not really uh looking at any events in the near future i of course
am always excited for berlin blockchain week which is going to come up at the end of the summer
but that's pretty far out so in terms of the the near term i think i'm just going to be heads down
working on our lunch.
Cool.
Yeah, half of humanity could have vanished by then.
Congratulations, Jerome, on putting on this really great event.
I mean, we're super happy to be here and we'll be here next year and the year after.
As long as I live 20 minutes away, I'll keep coming.
Thank you, Jerome.
Yeah, thank you.
It was lovely as always.
I'm also very much looking forward to Berlin Blockchain Week.
So this year, it's September 8 to 16.
I really like ECC because it's got this community spirit.
And I think, you know, from out of all the conferences, actually DeppCon comes closest to that.
So basically it's also fairly affordable prices.
And it's a lot of the development community, it's absolutely no shells.
So, yeah, Berlin Blockchain Week is where it's at.
Thanks to all of you.
Thank you for joining us on this week's episode.
We release new episodes every week.
You can find and subscribe to the show on iTunes, Spotify,
YouTube, SoundCloud, or wherever you listen to podcasts.
And if you have a Google Home or Alexa device,
you can tell it to listen to the latest episode of the Epicenter podcast.
Go to epicenter.tv slash subscribe for a full list of places where you can watch and listen.
And while you're there, be sure to sign up for the newsletter,
so you get new episodes in your inbox as they're released.
If you want to interact with us, guests or other podcast listeners,
you can follow us on Twitter.
And please leave us a review on iTunes.
It helps people find the show, and we're always happy to read them.
So thanks so much.
look forward to being back next week.