On The Brink with Castle Island - Adam Healy (Station 70) and Josh Schwartz (Fordefi) on failover MPC wallets (EP.621)

Episode Date: May 8, 2025

Adam Healy, co-founder of Station 70 and Josh Schwartz, co-founder of Fordefi join the show. In this episode we discuss: The collaboration between Station 70 and Fordefi on failover MPC wallets. Anno...uncement here. The state of the wallet category Best practices for blockchain cybersecurity The future of bank custody for digital assets Station 70's Bunker product Station 70 and Fordefi are holding a joint webinar to showcase this product collaboration. You can register here. Learn more about Station 70 Learn more about Fordefi

Transcript
Discussion (0)
Starting point is 00:00:00 Today on the podcast, I sat down with Adam Healy, the co-founder of Station 70 and Josh Schwartz, the co-founder of Fortify, both Castle Island portfolio companies. Station 70 and Fortify recently announced a collaboration to create the industry's first failover wallet solution for disaster recovery. This is an impressive product release. I was super excited to talk about it on the podcast because I think it's a great thing for the industry. I think you'll enjoy hearing more about this one. So without further ado, here's my conversation with Adam and John. Matt Walsh and Nick Carter are partners at Castle Island Ventures. All of these expressed by them or the guests on this podcast are solely their opinions and do not reflect the opinions of Castle Island Ventures. Guests and hosts may maintain positions in the assets discussed in this podcast.
Starting point is 00:00:41 You should not treat any opinion expressed by anyone on this podcast as a specific inducement to make a particular investment or follow a particular strategy, but only is an expression of their personal opinion. This podcast is for informational purposes only. Brought down by bad mortgage investments, Lehman, which has 25,000 employees will be liquidated. The federal government loans American International Group, A, IG $85 billion.
Starting point is 00:01:02 This is a different kind of market, and the Fed is asleep. The federal government is stepping it to stabilize Fannie Mae and Freddie Mac, the two mortgage giants that have been threatened by the housing crisis. The Bank of England has pumped 75 billion pounds more to Britain's ailing economy with a new round of quantitative easing. You print a couple trillion dollars, and all of a sudden, people start to worry. So out of this worry, we have something called the Bitcoin. Bitcoin.
Starting point is 00:01:24 All right. Well, Adam and Josh, really excited to have two Castle Island founders on the podcast again. I guess this is a multiple-time repeat guest situation here. So thanks for joining us. Glad to be here. But we've never been here together, I think. That's right. That's right.
Starting point is 00:01:38 We're really excited about the announcement that you guys are collaborating here on the product side. So maybe just so we know who's talking here, we could just start with some quick intros. Maybe start with you, Adam, just introduction on yourself and then hop over to Josh. Sure. So I'm the CEO co-founder at Station 70. We provide a number of security solutions to the Web 3 space, best known for a bunker. which is our disaster recovery platform, business continuity platform. Been in the industry, about eight years was the CSO at BlockFi, before that was the
Starting point is 00:02:05 CISO at Back. I've seen a lot of things in those roles. And the idea around Founding Station 70 was providing generalized security solutions that used to only be available to the most sophisticated institutions. Awesome. And Josh, how about you? Yeah. So CEO and co-founder of Fortify, where one of the leading institutional MPC wallet providers,
Starting point is 00:02:25 We're working with over 170 institutions, including some of the largest trading firms, asset managers, protocols exchanges, tokenization firms, and other web three companies who want to interact on chain but need institutional controls as well as defy security and functionality to run their business effectively. We launched a product about three years ago and our clients collectively are transacting over 10 billion a month on chain. Like Adam, I also have been about eight years in the space, all within the wallet and custody. the area I started out at Big Go, I rang global sales, and then with the chief operating officer of Curve, which we later sold PayPal. It's funny how the 2017 era of crypto where everybody's at now, I feel like.
Starting point is 00:03:04 Yeah, it's crazy. I mean, you go back and look at where people started, and a lot of people have started companies, which is great. I guess that's a sign of a healthy ecosystem. Yeah, indeed. Well, Josh, I want to start with you on the Fortify side here. And obviously, this collaboration, this announcement, I think is just a big deal from a user perspective. So I'd love to get your impression of just what the wallet landscape looks like now,
Starting point is 00:03:25 what some of the trends you're seeing, and then maybe dovetel that into why you wanted to do this collaboration with Station 70. So we've definitely started to see, I see now over eight years, but even over the four years that Fortify has been around. We've seen some additional wallets come around. We've started to see many wallets fall into particular areas or buckets that they focus on. I like to think of the world with four main areas. You have the QCs or regulated custodians who are holding other people's assets. You have the on-chain wallets that folks know SESAFE and squads. You have embedded wallets, which are enabled folks to launch end-user, our secure retail
Starting point is 00:04:04 hold who have wallets. And then you have more of the institutional non-custodial wallets. We fortify fit into the last two. So we offer clients who want to hold their own assets, whether they're training firm and the asset manager, want to hold their own assets. And then at the same time, we enable exchanges and other retail-facing platforms to launch embedded end-user wallets securely into their applications. As you know, our story was where the first use case for digital assets was just buying
Starting point is 00:04:31 and hoddling tokens and maybe using it for C-by Settlement, most of the V-1 wallets were just built to protect transfers. And all of a sudden, about four years ago, we started seeing institutional defy take off at a real scale where we started seeing access to liquidity, yield, and another on-chain use cases and the wallet infrastructure was just not able to handle that. It just weren't built for that. So we heard all the stories of people blind signing, really large transactions or the fact that someone had a wallet that enabled them to adapt on a particular chain, but all of a sudden, if an asset manager wanted to go after some other opportunity, they're like, wait, my wallet
Starting point is 00:05:04 doesn't even support this chain. And I always give the example, imagine a traditional asset manager saying I have one platform to trade IBM stock, but if I want to trade Tesla one day, I'm screwed. And so the idea, this is the main three differentiators that we launched Fortify with, I say, as like connectivity, so we built our own browser extension that works completely cross-chain. So if users are on uniswap, Jupiter, or osmosis, they have the exact same workflow. We support over 90 chains and we support connectivity to any gap on those chains, over 90% of dBL. The second is clarity. So we provide smart contract enrichment and transparency.
Starting point is 00:05:40 You actually know what it is you're going to sign before you sign. And then, of course, are the controls. Before a fortify, there were control that enabled when I want to do a transfer to a particular address require, you know, the following rules. But if I wanted to do something on chain, if I want to interact with a contractor, change allowances, there just was no context to be able to create those types of rules. I want to get both of your guys' impression on this. But since the last time either of you was on this podcast, we have had major league security
Starting point is 00:06:06 incidents in this industry, the by-bed hack, which I think was the largest hack, probably the largest financial crime of all time. You guys, or security guys, you see something like this. What's your reaction, just from a crypto macro perspective on what the industry is doing here? I'll start off with my points and Josh can jump in. I would say Bybit is maybe second to FTX. I think FTCS was bigger. It's not the largest, but the second largest.
Starting point is 00:06:28 And some of us know way more about the FTX debacle than any of us would like to think we do. But I think at the end of the day, things like Bybit, it manifested at Bybit, but it was root cause, some very bad, what I would just call like, Web 2 security hygiene over it's safe. So we won't get too deep into that, I think, on this podcast, but at the end of the day, I think the basics matter. And what we saw it safe was they weren't doing the basic.
Starting point is 00:06:51 The 101 level security stuff wasn't getting done. And we honestly have seen that time and time and time again. I've been on a bit of a tirade on LinkedIn lately talking about some of these like 101 level security failures that we've seen industry-wide and even beyond the crypto and digital asset industry. And I think as I think about our station 70 and Fortify are working together as it relates to the recently announced partnership, I wouldn't say it's 101 level because it's really hard to do right. Josh and I can both attest. It took us a very long time to integrate and build this.
Starting point is 00:07:20 It's very complicated when you're doing things that involve large sums of money and cryptography. It's got to work. It's a no-fail mission. There is no oops, we can do that differently next time. It has to work every time and the first time. So when I think about the big security challenges that we've seen in the industry going back a number of years, safe slash by bit being the most recent and being massive in terms of dollar loss and some of the downstream consequences we've yet to see if the threat actor group that's associated to that ends up being true, which I believe it is, is through this partnership, what we're arming customers with, what we're enabling customers to solve, are really just putting in place more of those safeguards. Josh talked a little bit about
Starting point is 00:08:03 traditional finance a second ago that are common in the traditional finance space, right? If you're a hedge fund, you likely have prime broker accounts with multiple firms. You don't just have all of your eggs in one basket. And that's what we've been able to accomplish with this partnership is through Fortify standby wallet and through some new features, a feature we call swap, secure wallet account transfer at Station 70's bunker product, which is our flagship institutional disaster recovery platform for self-custody wallets. We've been able to integrate that standby wallet with the bunker capability in the SWAT feature to really provide customers' resiliency across wallet provider. So let's think about a world where your primary wallet provider for some reason isn't Fortify.
Starting point is 00:08:45 I don't know why that would be the case these days, but for some reason it's not Fortify. You have a primary wallet provider and they have an outage. What do you do? You can come to Station 70. You can get your keys. You can rehydrate new wallets. You can do things, but that's really not the experience that customers want. We've gotten feedback from a number tier one, customers that say, yeah, we don't ever want to have to take control of our keys without some type of wallet as a service as an intermediary. So we got to thinking about that. We said, well, what if we can get a wallet partner like Fortify to provide something like a standby wallet, where then at Station 70, if your primary wallet provider has an outage, you can just log into
Starting point is 00:09:24 station 70 and essentially push your MPC key backups to Fortify, run through a secure import process. This is all done in a zero knowledge way, and get back to business. I think in the traditional finance context, it's very much a no-brainer in the crypto and digital assets space. Nothing like this exists anywhere else. We wouldn't have built it if there was something else that was similar, but no one has this technology. It took us a very long time to build. And then we talk about data breaches and coming back to the security discussions, let's say it's not an operational outage. We just saw a very large power outage for 12 plus hours in Western Europe in the last 24 hours. But let's say it's not an operational issue or some
Starting point is 00:10:02 grid down issue or a large cloud provider issue. issue. Let's say it's a data breach. So your primary wallet provider sends the famous tweet that is famous in crypto. We're taking our systems down for unexpected maintenance. That's the tweet that basically the next 10 tweets are going to be we had a data breach. That's the first one that lands. Let's say that happens. You as the customer are now effectively in a race condition with the bad guy. Because at the end of the day, it's a self-custody wallet ecosystem that we're talking about. So you need to sweep your assets to net new addresses that have never touched your primary wallet partner, your primary wallet service. So how do you do that? You log into Station 70 using
Starting point is 00:10:39 our bunker product. You use the SWAT feature to shift your keys over to a firm like Fortify that has standby wallet implemented. Fortify then can enable you to then within Fortify sweep all of your assets to net new addresses. And now you have essentially clean addresses that were never impacted by that data breach. There's obviously some complexity there with some staked assets and some other things. But we're talking disaster mode. We're talking data breach mode. So those are some of the tools that really should be table stakes. I'm shocked as a multi-company see-so that a lot of the stuff doesn't exist. And that's why we're building Station 70 and across multiple products, because these are tools that we either wanted and we built in house or we wanted and we never built,
Starting point is 00:11:19 but we accepted those risks. I think those risks are just unacceptable today as the industry grows. So between Fortify standby wallet and Station 70's bunker products, specifically our SWAT feature. You now can move your assets through moving the private keys cross-wallet platform to solve for some of those operational or security resiliency problems. It's just fascinating that this is actually technically possible. I've had this on the wish list for a while, but I feel like it seems really complicated. And I know we're not going to get into the details necessarily on how the math works on this, but the fact that it's even possible seems pretty amazing to me. Josh and I've been talking about this for a year. Matt, you and I have been talking about this for probably more
Starting point is 00:11:57 than a year. When I first thought of this as an idea, I literally had no idea if we could build it. But I think on both sides of the team, we have some really smart folks. Josh, you probably have some other reviews on that. Look, I think in general, folks have been asking the question, as long as I've been in the space, what happens if my wallet provider gets hacked? And firm to our security-minded, go through some good steps like rigorous vendor selection process. They always ask are one of the best security best practices. And by the way, back to the Bible hack, it's good that we have people that, of course, when these things happen, you know, what happened here and what can we do to prevent this? These are always good steps people take. And of course, the other thing
Starting point is 00:12:37 they do is they diversify their assets through multiple wallet providers. And this is what we see a traditional lot. As a match by Jefferson Sleiman Brothers, no one had only one PB. So the idea of having multiple wallets to protect. And that's great, although it doesn't actually handle the problem of what if I need this particular address? The blockchain is always on, but my interactions may be tied to a particular address. And so think of like two very point of examples. Say I'm in exchange and I have thousands and thousands of addresses that I've spun up for each individual user of the exchange. And I have this so that when each user deposits crypto into the exchange, I have user attribution. And I know that when this address gets a deposit that's Adams and when this
Starting point is 00:13:20 address gets a deposit that's Matt. And I've done a lot of work. in order to build the right wild infrastructure to protect them. Well, now all of a sudden, my wallet's become inaccessible, and I have no access to any of this, I had basically shut down as an exchange. And having other wallets that I could spin up doesn't really help because it takes a lot of time to then spin up that kind of setup and tell all my users, this is your new addresses, etc. Another good example, think of all the OTC and institutional trading that's happening between
Starting point is 00:13:48 asset managers and trading firms, and everyone has your settlement instructions. And imagine if all of a sudden those settlement instructions all have to stop. So if this is talking about even just a couple of days, in effect, institutional crypto market stops if someone loses access to their actual addresses that they're used to interacting with. Until now, this did not exist.
Starting point is 00:14:08 Even though you could have had another wallet and you could transfer funds into another wallet, to be able to control the same addresses that you created with one wallet provider and now control them securely with another wallet provider without compromising the security integrity of the keys itself, it really almost sounds like magic upon magic. I joked like NPC already for many people sounds like magic.
Starting point is 00:14:29 This is like magic upon magic. I mentioned this before, but there was a story back when I worked at Bloomberg, just about 10 years ago, there was a story of the UK had to halt a treasury auction while I was there because the Bloomberg terminal was down. This is in 2015. It made us realize, of course, this is insane. I literally can't raise this money because,
Starting point is 00:14:50 is a technology is just inaccessible. And it makes us realize how much in general we have a reliance on technology. The beauty of digital asset markets is supposed to be that this is always on, that this is resilient. And yet this was a major gap in the market where we still had the same problem where institutions were dependent on their particular wallet provider to access their addresses. And the fact that with Adam and his team and with us were able to actually solve for this, you can completely continue always on, always operational.
Starting point is 00:15:18 all is just a really cool story. That's crazy about the Bloomberg outage that actually impacting the treasury market. That would be a convenient excuse if you ever have a failed treasury auction coming up. Anyway, just tell Bloomberg to go down, I guess. Josh, the other use case that comes to mind is if you are engaging in activity with a smart contract that has maybe a vesting schedule attached to it, where you have to engage with the same wallet address for the next four to seven years, this just feels like a better way to ensure resilience in that type of a setup as well.
Starting point is 00:15:50 Yeah, that's right. So when we first talked about importing private keys into Fortify, the first time we encountered it was exactly true. Because since our lead differential and we started the company, it was around Defi, and we did have people who were locked in long-term staking or investing contracts, and they say, hey, we love Fortify, but I can't move because of following. So we already had to solve helping clients import private keys, and we've done so. we helped in exchange import over 200,000 addresses into Fortify and completely move.
Starting point is 00:16:22 I think those are a little different because in those use cases, it could be planned. Time is not really working against you there. You can create a process for transition. And sometimes, depending on what it is, we always have clients that want to come to us from another wild provider. Sometimes it's just cleaner and simpler to just, if you're not tied to those addresses, just spin up new wallets under Fortify, transfer your assets and unchained, and that's easy. To your point, sometimes they can't because they're locked in contracts where they need control
Starting point is 00:16:49 that address. And so we're able to help import that. I think what's really unique here is the SWAT and the standby wallets specifically happened at a time when you didn't plan for it. This is something that you have to know, this is BCP. You have to make sure that when this thing happens, you can instantly fail over and then continue operations. And that's why we needed this partnership to work. And for any other pieces that many, to Adam's point, even sometimes when someone is doing just their own transition, many clients don't want to ever hold their backup keys. We always tell clients that even though we enable it to self-custodial wallet, so in theory, clients can hold their own backup keys.
Starting point is 00:17:26 We always recommend that they use folks like Station 70 because this is what they do. This is what they're good at. And a lot of times you deal with smaller funds, for example, at traders, they're not entirely sure where their backup key is, how to secure their backup key. and then sometimes they don't even realize this is the whole thing and you lose this, you're really in trouble. So I think in general,
Starting point is 00:17:45 having someone like Station 70s screwing their keys is already a lot. Therefore, even if they're doing a transition, not during a time of failover, they can, of course, trigger that transition also through swathing station seven. You're going to hop in there, Adam? Yeah, Josh was 100%.
Starting point is 00:18:00 We really see Bunker as a toolbox for disaster recovery. However you want to use those tools, we believe in empowering the customer, empowering the users, it is self-custody, as Josh said. It's your sovereign assets. We're not going to dictate to you how you use the tools or the technology. We certainly have some opinions on backup quorums and some other security policy things that we've just seen dozens and dozens and dozens of these now as we've been onboarding customers over the last eight or so months.
Starting point is 00:18:28 So we certainly have some opinions on it, but I think at the end of the day, where I think the industry is going from a maturity perspective, from a security perspective, from a resiliency perspective. Some of that's going to be driven by regulators. Some of that's going to be driven by firms not wanting to be negligent. Some of that's going to be driven by just good hygiene for operational best practices is things like standby wallet, things like having redundant wallet capabilities. We're already seeing that with some of the more sophisticated firms. They want multiple wallet providers using the prime broker example from Tradfod. And then us sitting there in the middle as the disaster recovery, you kind of business continuity toolbox, having tools like,
Starting point is 00:19:06 SWAT within that overall bunker product set that allows you to really have full control of your keys. Because that's what I care about, customers, firms, having that full control and doing it safely. We don't want to set folks up for failure. We've seen that time and time again in the industry where the tooling lacks. Josh, you mentioned blind signing. We've seen these scenarios unfold so many times. And to me, as a security professional who really cares, I feel really bad when that happens, knowing that those things could have been solved. If the U.S. was better, the tech was better. And I think what we've built together is shockingly good, super complex.
Starting point is 00:19:44 I've even had, I've talked to some firms and they're like, is this real? Is it here today or is this coming in six months? No, no, no, like, we can demo it for you. We can no joke show you how this works, cross-to-allet platforms, assets end up at Fortify, and then from there, you're back in control. That's where a lot of the industry is going to go, as we continue to I'm sure you guys can probably attest to this also. Every cycle, there's a major blowup, whether it's legal blowups across major players,
Starting point is 00:20:13 whether it's financial crimes, whether it's data breaches. My hope is, as bad as it was for some, data breach was the blowup for this cycle. And now the cycle will continue to play out, and we're going to be knock on wood in a good place. And there's nothing worse that happens. And I feel like the way that we solve it as an industry to prevent future cycles, this cycle from things that are worse from happening is we have. to be very serious about resiliency, better tools, security, good operational hygiene. We have to treat this like it's a real asset class because it is now, shocking.
Starting point is 00:20:43 We've all been working towards this for a long time, and it's here. And I think stablecoin adoption, we were talking about this before we started recording, Matt, that seems to be growing exponentially. Banking infrastructure seems to be growing exponentially. So in parallel with that cybersecurity infrastructure, wallet infrastructure, and overall resiliency has to grow in parity. That's where I kind of wanted to go next, and hopefully it's not a blow up. But one thing that is super obvious from where I sit is that a lot of the banks and the broker
Starting point is 00:21:10 dealers are starting to get a lot more active over the last three months. It's clearly regulatory driven, right? Sab 121 going away and we're going to get a market structure bill, the OCC and the FDIC have both eased up on crypto-related activities. So we're going to be living in a world this year where there are big banks that are trying to custody Bitcoin and other types of cryptocurrencies. I look at this and I just say, how many people on planet Earth really understand MPC and are they working at those banks? These are bearer assets that I don't think a lot of
Starting point is 00:21:42 these banks have experience safeguarding. So I worry about that. How do you guys see that playing out? We have a crypto-Ci-Sat group that is kind of all the key players that we would all know. It's all the C-Sos from across the industry that have been around a long time. And I've said in that group many times over the years that there's probably 100 people in the world that could actually design custody. 45 of them are in this group chat. You layer an MPC, it's a small number. People that really get it and then can intersect it not only at an academic level, but in a practical level for at-scale wall. It's a really small number.
Starting point is 00:22:17 And I don't think many of them work at banks. And I would judge that based on some of the conversations I've had with some of the banks. They're looking for partners. And I think that's probably the right model for them. And I think one of the failure modes that I've seen, whether it was it backed, as part of kind of the broader ice ecosystem, which is obviously an intercontinental exchange, just to be very clear, ice is a loaded term in the algorithm these days. But whether it was there or at other banks that I've spoken with in the last handful of years is they treat a lot of their wallet infrastructure that they've built in-house as just other network devices. Oh, that HSM is just sitting there in Iraq next to all the other HSMs. And that signing service is sitting there on a VMware box, sitting next to 500 other virtual workloads.
Starting point is 00:22:58 And that's a very dangerous and very bad way of looking at it, because to use the word that you just use, Matt, these are bare assets. And there's no clawback. It's not just wire transfers. So I think that there's a combination of real enterprise cybersecurity knowledge, MPC knowledge, custody knowledge, wallet operations knowledge, that I haven't been super impressed by that cross section of knowledge existing at any bank. Josh, what's your take on this? It's a race, right? All these banks are going to have to be in the game. What's your take on how this unfolds over the next year? I agree with that. I think that there's definitely a knowledge gap there, and we see it from the conversations that we're having with them. I think the other piece that all these banks have to also think about is how they will first dip their toes in the water versus how they'll eventually go out their overall infrastructure.
Starting point is 00:23:46 The first business, which is going after the EPP custody business is a little more plain vanilla custody. you're sort of okay probably with deliberately slow and clunky process, which actually has some operational benefits in a sense for that particular use case. But as the banks start thinking about what it actually means to offer a full stack of on-chain transaction capabilities, obviously this is where things I can see come into place. This is where you have to have an always-on-and-al capable to transact infrastructure. And of course, that's where the impact vectors of the risks increase. And I think there is a gap there. We see it again, just from the number of conversations that we've had over the last couple of months have been increasing,
Starting point is 00:24:24 I think the likely path for them will be to partner. Some of them as expected will try to go out of their own and then to add this point will either fail or realize that because it's a race, it'll just take too long and it'll be easier for them to partner. I would just add to that. I think it's partner or smartly acquire. And when I say smartly, I don't mean how banks normally acquire things and then suck them into the vortex of bank processes and systems. One analog that I use often is the way Walmart did e-commerce. And we can argue maybe they missed the boat, Amazon and all these things, but they've got big Walmart and then they have Walmart Labs, which used to be called Walmart Labs, out in Brno. And it was really a separate lab,
Starting point is 00:25:03 the separate ecosystem that was charged with moving e-commerce forward. And if a bank were to take that approach, if they maybe were fundamentally opposed to partnering, which I think is probably the best option for most of the banks, to be clear, and they were to go the other path, my word of caution to anyone at the banks that will listen to this because Matt has a very diverse audience is do it smartly and think about it as almost a separate entity similar to how like the Walmart Labs piece as a case study unfolded when they were getting e-commerce up and running. If you pull it into Borg, try and make it part of the bank, it's going to fail and you're going to have the same problems that we've seen with other large acquisitions. Yeah, I agree with that. I think you'd have to
Starting point is 00:25:42 look at the Bell Labs model or even look at how some of the successful traditional financial firms have entered crypto to date. Fidelity comes to mind as putting it separate from the core entity. Josh, I want to double-click into something you said. It teases something I've been thinking about a lot. So you bring up non-MPC custody for deep cold in the Bitcoin use case. But I wonder if you're going to see this trend of MPC being the desired platform, even for assets that aren't bearer assets. And so we had the Canton Network guys on the podcast a few weeks ago. And in a repo agreement, the collateral actually does live off chain. But you could see the policy engine of something like what you've built actually being the core reason why you'd
Starting point is 00:26:25 want to have an MPC set up to use something like that. So I wonder if you're seeing that as maybe the buying persona is diverse in terms of why they like MPC. First, I would probably separate the MPC from the policy controls. Hosted an institutional wallet, in a sense, has three main components, leaving aside defile the rest of the pieces of our stack. But three main components, you have the key management layer, you have the policy and authorization layer, and then you have the blockchain connectivity, the fact that it's hosted pushing the chain monitoring for status, etc. The middle layer, which is the governance tools, the policies, et cetera, to your point, this is always very valuable as an out-of-band policy enforcement process. But that could actually
Starting point is 00:27:05 happen regardless of whether it's MPC, whether it's multi-sig, whether it's some other form smart wallets. And so actually, we've thought about this also. Should we, at some point, when the rage of the kind of abstraction wallet should come into play? It's not our policy approval process is not specific to having to use an NBC as a management layer. So I think that that part is certainly true that it's not trivial to build the entire policy approval process and enforcement process. That's independent from the choice of using NPC, which of course has its benefits and speed and the trade-off between security and utility. The fact that there are NBC cold as well where some of the shares can actually be completely off their gap, but even independent,
Starting point is 00:27:46 the fact that you can have shares online, but completely never having come together, think like NBC is the best iteration today of key management that works cross-chain that really optimizes between security and utility. But that's different than your point, the fact that people really like secure-hosted wallets because they also have all three of these pieces, specific policy and governance piece. That's a helpful way to frame it. I hadn't thought about it that way. So I guess the policy engine being discreet does make a ton of sense.
Starting point is 00:28:16 And yeah, you could see that being just a popular feature in and of itself in a lot of these use cases. Adam kind of gets to something we've talked about over the years around crypto exporting things to the real world that we invent here. I do get the sense that this MPC wave here, we're going to be using it for way more than just moving Ethereum around on a blockchain. I hope so. I think it's one of the most novel uses of cryptography, the digital assets side of the ecosystem that we've seen in a very long time. Obviously, the white paper and all of these things fundamentally have shifted the way a lot of us think about monetary policy and moving assets. But MPC specifically is I would say like on that level of game changing technology and where we are today. So I think for us at Station 70, we're in the business of building security products. Bunker is a generalized cipher text management platform.
Starting point is 00:29:11 That's the way that we often describe it to some folks that has a robust set of security policies and hardware-based encryption and other things. So along the lines, is what Josh was saying, whether you're storing other types of backup material within Bunker or MPC backups, it doesn't really matter. It's ciphertext by the time we see it anyways because we have it all set up in a zero-knowledge way. So there's a lot of extensible use cases, I think, for Bunker and some of the other features within Bunker, whether that's SWAT or something like custom upload, which is another feature.
Starting point is 00:29:39 We have Bunker is very quickly becoming a very, very advanced cypher text management platform that really is being used for business continuity and disaster recovery, but as a lot of other use cases. And then, you know, for us and just being super selfish, we have some other products in the pipeline that will be coming out that we think will actually solve some very real challenges in Web3, but also back in the Web 2 enterprise context, specifically around identity. we're excited to be talking about those at some point in the not too distant future. But we will see how adoption goes across the different Web 2 versus Web3 space,
Starting point is 00:30:13 especially for our identity product. But I think it would be very obvious if I was sitting in like a Web 2 cybersecurity shop or a Web 2 VC or a Web2 enterprise to start looking at some things that are really on the forefront of cryptography like MPC. And so these security tech that's being built in Web 3. Yeah, it's fascinating. Hopefully we continue to see more of this exporting things. that were created for the crypto ecosystem into the real world.
Starting point is 00:30:37 You've seen it a lot in financial products, I suppose, with the perpetual swap and the AMM and things like that. But it's really leveraging the math itself is probably the most powerful thing, especially when you look at password managers and 2FA solutions that are really bad. Last pass, we can look at some of the problems there. Anything centralized is often going to be bad from a security perspective, unless you do security really well. There's a lot of things that could be solved, where we've solved them or we have
Starting point is 00:31:04 have good plans to solve them in Web3 because the stakes are just so much higher. We're talking, again, bare assets that can't be clawed back that have a lot of value attached to these private keys. Something I say a lot to folks is whether it's a firm like Station 70 or it's a wallet provider like Fortify or it's a custodian, the qualified custodian, your business in most ways that you could describe it is you have to be really good at private key management and security around private keys, whether they're MPC key shares or whatever it is. You have to be really good at that. And then now go look at other enterprises outside of those three demographics I just mentioned. I've seen the inside of a lot of Fortune 500 companies, of a lot of tech firms, and none of them
Starting point is 00:31:45 were really good at private key management. It's like none of them were like world class at it, with the exception to maybe like one. So being able to say, hey, we built a lot of really sophisticated security and operational product within Web3. Here's some use cases that we can solve in Web 2. I think that's great for all of us. And it would allow us to export some of them. beyond some of these financial products, some of the cool tech that we've built into some of the broader enterprises, the broader industries, just beyond digital assets. That makes sense. Guys, this has been great so far.
Starting point is 00:32:16 I want to go a little bit deeper on just how people can learn more about how this product works. I don't think it's the type of thing you'd be able to intuit based on just a podcast episode here. So how would you think about directing people to learn more about this? So I think there's two things. One, both Station 70 and Fortify are very accessible companies. I think we both have a very good customer service. But what we're going to be doing in the next couple of weeks,
Starting point is 00:32:38 and we'll make sure there's a link. We'll send it over to Matt, and we'll make sure there's a link in the description of this podcast, is we're going to be doing a webinar where we'll be able to talk a bit deeper. We'll have some more time. We'll have some of the technical experts on the line to talk about the standby wallet architecture with the bunker swat architecture, how that works. And then we'll actually be able to show a demo of it during that webinar.
Starting point is 00:32:57 We've had plenty of people that think it's not possible, but we'll show you how it works. I think that'll be pretty impactful. aside from that webinar, which we hope all of you show up for, info at station 70.com is a great way to get a hold of us. Josh, I'm sure you want to chime in, too. Yeah, sure. Reach us at our website, Fortify, F-R-D-E-F-E-F-I-F-I-F-F-I-F-I-F-F-I-F-I-F-E-F-F-I-F-E-POTE, I would just say that we're continuously, and you can, enable some really cool things like collaborative wallet use cases for Tri-Party. We've had some
Starting point is 00:33:37 interesting examples of new iterations where asset owners keep their own custody and enable advisors to transact on their behalf. And all this stuff is really great. But at the same time, the reason I think we're so excited about this is as we can tend to innovate new use cases, it is so super important for providers like us in Station 70 doing what we can to make sure that the institution is resilient to make sure that this market is always on and to make sure at that story that I saw 10 years ago with the Treasury auction in Bloomberg does not happen in our ecosystem. So our goal is to make this super frictionless.
Starting point is 00:34:10 This is a pure play BCP plan. I don't see how anyone would not want to have this. Pricing-wise will be very, very aggressive and almost it's set up to be a no-brainer because I think this is the role of folks like us in the space to make sure that we prevent stuff from happening. Definitely sounds like a complete no-brainer. And congrats to you guys for building this together. This is something that's just good for the overall health of the ecosystem, obviously really good for both of your companies, which I'm excited about as well.
Starting point is 00:34:36 So really appreciate you guys coming on the podcast today. Thanks for having us, Matt. Thanks, Matt. Thanks for listening to another episode of On the Brink with Castle Island. To find out more about Castle Island, visit castle island. Visit castle island.vc. To listen to all of our podcast episodes, please go to On thebrink-podcast.com or just click on the tab in our website. Thanks for listening.

There aren't comments yet for this episode. Click on any sentence in the transcript to leave a comment.