Gray Mirror

Share this post

Gray Mirror
Gray Mirror
The future of private computing
Copy link
Facebook
Email
Notes
More

The future of private computing

"These are basic human rights, like toilet paper."

Jan 12, 2024
111

Share this post

Gray Mirror
Gray Mirror
The future of private computing
Copy link
Facebook
Email
Notes
More
7
Share

In the future, all computing will be private. Here is how it will work. Or at least, how I want it to work. Let’s call this totally imaginary platform Butyl.

When you use Butyl, only you are able to see what you are doing or saying, and you can talk to anyone in perfect confidence. No external power can either filter or censor the whole Butyl network. Butyl can go full John Perry Barlow against the “weary giants of flesh and steel.”

Butyl is not magic. It is not even particularly new. It is just the combination of two technologies that already exist: confidential computing and deterministic computing. Let me briefly go over the user experience.

No, Butyl does not exist—not yet. Not exactly… I thought I’d share some ideas…

Signing up

To join Butyl: there’s a million ways. Here is one. Go to a store and buy a Butyl card. This is like a credit card. It costs like $10. On the front is your name. On the back is your secret. The secret is under a scratch-off layer, like a lottery ticket. Scratch it off and put the card in your wallet or purse. Congratulations—you are now on Butyl.

Your Butyl name, or planet, is a four-syllable nonsense word, like ~mastex-bintyl. Your Butyl secret is an eight-syllable nonsense word, like ~sorfyl-barteg-poltyv-hopreg.

Eventually you either get tired of Butyl and “churn”—or keep using it, and start to remember these mysterious pseudo-words. Once the secret sticks in your brain and the card stays in your wallet, you have a Butyl brainwallet. It is not just useful for Butyl—it can store and send Bitcoin, Ethereum, etc.

Either way you can lose the card. Put it in the microwave for 15 seconds. Or put it in a sealed envelope and send it to your lawyer. Ideally, you will never need to remember any other magic words—any secrets are made of this wallet. Butyl security is about putting all your eggs in one basket—and watching that basket, as Mark Twain said.

For your whole digital life, you should have one secret, which should be in two places: your own brain, and your own secure computer. And (once anything behind it really matters) split into shards among people you trust. Anything else is just a security risk.

Logging on

Go to butyl.org. Type in your name. Type in your secret. You’re in.

You had to enter twelve three-letter syllables punctuated by eight dashes, with no clicks or returns. You do this every time you open a new Butyl tab.

On a phone, install the Butyl app. Type in your name. Type in your secret. The app will re-prompt you for the secret periodically until it is sure you have memorized it. The secret is deleted when the phone turns off.

Elevator pitch

You logged on. Now what? What is this thing?

Your planet is two things: a crypto wallet and a private deterministic computer. The wallet is a four-syllable planet, which is your public name, and an eight-syllable secret, which is your private password.

The computer is either on or off. If the computer is on, you use your wallet through the computer. If the computer is off, you use your wallet through the front-end app.

To turn a completely new computer on: first, fund its wallet; second, tell it your secret. When you buy a planet card in a gas station, the computer will already be on.

You never have a reason to turn a planet off. It will turn off it if it runs out of money. When this happens, feed it more money. It will turn back on like nothing happened.

A confidential, deterministic personal server

Once you turn your planet’s computer on, you use your wallet through the computer, and you never see the bare wallet screen again—until you turn the computer off.

Your planet is a personal server in the sky. At first you use it just for communication, but eventually you want to migrate all those web apps you use to your own server. Eventually you will have your whole digital life in your own personal server.

You should have your own data and no one else should have it. You should be able to see your data and no one else should be able to see it. These are basic human rights, like toilet paper.

Why do you not have these rights yet? How will Butyl make them possible? And how does all this stuff work?

Deterministic computing

A deterministic computer is a computer. But its operating system works on a slightly different principle than the computers you are used to—“functional programming” instead of “imperative programming.”

A regular imperative computer has two memories—RAM, which goes away when you turn it off, and disk/files, which stay. Even a regular Unix cloud computer is literally an emulation of a 1970s mainframe. The CPU is always running processes which modify memory and disk. It’s like a live animal.

All computers are deterministic, but only at the bit level. Your planet is a semantically deterministic computer. Unlike the bit-level image of a traditional cloud computer, the state of your planet is always a meaningful and consistent data structure. Every time it gets an input event, it computes the next state and the list of output events, as a pure function which does not modify anything. You could play back the same series of events since the birth of your computer, and get exactly the same state. It is a sort of living thing, but more like a plant than an animal. And it only has one memory.

The reason we don’t all have our own personal servers in the cloud right now is not that we don’t want personal servers. It’s that the only personal servers we can get—in or out of the cloud—are personal Unix servers.

Since I had a personal Unix computer in 1986, I can tell you with confidence: 2024 will not be “the year of the Linux desktop.” For like $10^10, NeXT/Mac did make personal Unix work—as a client, not a server—basically by building a whole new OS on top of the OS.

Running a virtual Unix box is like owning a dog—a husky, with “high wolf content.” Nothing like a husky if you need to pull a sled. Running your Butyl planet is like owning a cactus—a very resilient plant.

Occasionally you need to make sure your cactus is watered. Occasionally you need to need to make sure your hosting is paid. If you don’t pay, your computer turns off, and you need to pay to turn it back on again. Don’t try to make your cactus pull a sled—it’s a private computer just for you, not a back-end for 5.5 million users.

Confidential computing

A confidential computer (like Intel SGX) is a virtual computer that runs within a secure enclave. When code runs inside an enclave, the computer outside them cannot see into the enclave. However, the computer outside can prove what code the enclave is running. This is called remote attestation. It is a normal thing that works right now.

It is simple to prove that a deterministic computer is executing correctly within a confidential enclave. When your hangar boots up ~mastex-bintyl for you, it obtains a proof that it is running a standard Butyl interpreter in its enclave—and a proof that, on top of this interpreter, ~mastex-bintyl itself is a standard Butyl node, running a standard version of the Butyl OS, with given versions of known applications.

And when you share your name and secret with your hosting service, you (or at least the front end you are using) verify that it is a standard hosting service. There is no trust—beyond your trust of the standards. All you have to trust is Butyl itself.

(There of course has to be a human standards body that certifies these standards and packages. But it is hard to corrupt a standards body whose only goal is correctness. The NSA never (quite) succeeded in corrupting encryption standards, for instance.)

Not even a court can order a hosting service to look inside its secure enclaves, because a court cannot order anyone to do anything they physically can’t do. The host can be told to shut down ~mastex-bintyl, even to give its contents to the government—but the government, without your secret, has only random bits. The host has the secret—but only inside the enclave.

Moreover, if ~mastex-bintyl runs not on a cloud server, but on a box in your closet, and if it has permission to send packets through one extra hop on any public confidential server—no one can find you, your closet, or ~mastex-bintyl. You are in truly sovereign cyberspace. Use it wisely, please!

Radical trust

It is great to use the tools of confidential computing to create a new cloud-computing universe in which users do not need to trust their hosts.

But we can actually do much better than this. We can create a network on which users trust each other—or rather, each other’s software.

Butyl is a peer-to-peer network of private computers. In Butyl, your name is a network address. If you and a friend are running the same app, these apps can send each other network messages. But… is it really the same app?

Suppose you want to run an app like Signal which auto-deletes messages. But your “friend” installs a hacked app which actually saves the messages. Signal uses the weary tools of flesh and steel to keep this from happening. But Butyl is truly decentralized (not to say that Signal isn’t awesome). So it can’t use these centralized devices.

With confidential computing, your hosting service can use an appropriate blockchain to post an unforgeable proof of the full-stack configuration of ~mastex-bintyl. So long as this proves that your planet does not permit apps to misrepresent their identity, it proves that your planet’s messaging app will be the same app that your friend expects.

Many applications are possible with the radical trust that full-stack attestation creates. Cheat detection is no longer necessary in games, for instance. Restrictions on data handling can be applied across the network. Agreement protocols (like a blockchain) do not even need “Byzantine” resistance to hostile nodes (but pencil it in anyway lol).

The promise and power of radical trust is important enough that social user interfaces should show friends in different colors depending on whether they post a correctness certificate. There is really no fundamental reason in any context, even when hosting your own planet, not to run in an enclave and publish its certification. You are not revealing any private information when you reveal that you are under radical trust.

Radical stability

The normal way to use Butyl is to use a confidential hosting service. But you can also use (a) an ordinary hosting service, (b) your own secure enclave, (c) your own ordinary computer, or (d) your own storage device.

A stored planet does not, of course, compute. But nor does it decay. So long as none of the bits rot, you can put ~mastex-bintyl on an SD card, leave it in a safe-deposit box for 100 years, then load it into an Butyl interpreter—whether a 2023 interpreter, or a 2123 interpreter—and it will work perfectly. A stored planet is not dead, just sleeping.

Radical stability means that a new computer can always serve an old computer. There is no general way to make the opposite true. But every time you write a new version of any protocol, you can write a translator that implements the old protocol in terms of the new. A truly ancient planet will find itself talking through a truly giant stack of these adapters, but its feeble cries will be heard.

Radical stability means that no upgrade decreases a computer’s capacity to communicate. Old protocols can always be understood. Old files can always be read. Nothing rots.

Until it upgrades itself, the old computer will not be able to serve new computers—since it has no way to understand their new messages. But if everything it does as a client works, the old computer will always be able to upgrade itself. Until it is up to date, it cannot do anything for anyone—but it can ask anyone to do anything for it.

For radical stability, every version of every protocol at every level needs an adapter every time the protocol changes. The adapter is a server for the old protocol and a client for the new. Sorry but it’s worth it. When you update, trickle out the update as slowly as possible, so each adapter gets plenty of practice. Butyl has no “flag days” when everyone sees a “to continue using FooApp, please update the Foo app.”

Hosting

Obviously, nothing here is magic.

Your Butyl computer is running in a hangar, or trusted hosting service. The hangar can prove to you or anyone else that it is running a trusted Butyl software stack. Its privacy and integrity cannot be compromised, even by the hangar company.

Normal users never interact directly with their hangar. They buy a planet which has already been activated. They pay the hangar through automatic deductions from their wallet—which the hangar can make, because it also knows their secret.

All Butyl networking is tunneled over connections between hangars. Not only are these connections encrypted, but the hangars themselves are remotely attested—they can certify that they are running legitimate Butyl hosting software.

The hangar of a planet is set on the blockchain. Changing this setting moves the planet. Clearly, whoever made that planet card already set the hangar—probably to himself. If you are working from scratch, and try to activate a planet without setting a hangar, you kick off a little invisible ad-style auction which is over before you know it.

Choosing a hangar is about price versus performance, nothing else. Also, an inactive planet costs nothing. The hangar will only charge you for the computing cycles you use, not (as in traditional cloud hosting) the time you are running.

Security

Any reasonably-secure name/secret pair that you can hold in your brain should be a wallet—it should enable you to store, send and receive digital assets.

The Butyl name/secret pair uses the linguistic hardware in your brain to remember sounds and symbols together. Instead of a wordlist, we make up nonsense words—base-256 in syllables, base-256*256 in trochaic feet. In two feet, like ~mastex-bintyl, there are 256*256*256*256, or about 4 billion, Butyl planets.

Yes, there are only 64 bits of entropy and a 32-bit salt. But these go into a key extender which hashes on them for about a second—so a brute-force search takes 2^95 seconds. Which would be quite a while. Even if computers get a little faster.

For this to be safe, the whole hardware and software stack behind the browser/app must be absolutely pure. Anything else could be a trojan that could steal your whole Butyl life. Actually don’t use a library computer.

On the other hand, we already accept that any device that trojans us—a keylogger, etc—can do essentially total security damage. Your phone is probably safest—probably.

And unless it is more convenient, there is no point in a more secure login process in which you prove your identity without revealing your core credential. Nothing else within the system is designed for any intermediate level of trust. Once you log in to your Butyl planet, you are in and can do anything—always root, like on a classic PC.

When you log in on the web, you are running a JS app. The whole back end of this app must be locked down like Fort Knox—an airgapped static configuration. Uploading a phone app to an app store is just as security-sensitive, of course.

Many things about this will seem crazy to security experts. Sharing your private key with your hosting service? What is this madness?

The poor usability of many crypto designs is often the result of inadequate sensitivity to human factors—notably, insensitivity to the complex kinds of trust relationships that human beings consider normal.

Of course, to operate your computer, the hangar needs to know your key—at a certain derivative level. What is safer in sharing a derivative key rather than a master key? Sure, there are powers the hangar does not need—like the power to sell your planet. Some risks are mitigated by the derivative key. But losing the derivative key, but not the master key, is still a disaster—why have multiple kinds of disaster?

If we embrace this key-sharing (think of it as polyamorous public-key security) we have an easy way to pay your hangar: automatic debit. Note that “automatic debit” is a common interaction pattern in the tradfi world—but its potential has been largely ignored in the crypto world.

And of course, with a fully attested software stack, it looks much more reasonable. You can share your keys with a hangar if you are not trusting the hangar company, but rather trusting Intel SGX.

By taking what an autistic, reactive security attitude considers an unacceptable risk, but a more nuanced threat-model analysis finds reasonable, achieves the desired human-factors result of never having to think about hosting. The system is completely decentralized (butyl.org is only a convenience), yet feels completely unified.

Sequel hook

But… what do you do with your Butyl computer? Maybe something for another post…

111

Share this post

Gray Mirror
Gray Mirror
The future of private computing
Copy link
Facebook
Email
Notes
More
7
Share

No posts

Ready for more?

© 2024 Curtis Yarvin
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More