Episode 479: Scott Dykstra, CTO of Space and Time & Purandar Das, CEO of Sotero

In this episode, Mike Townsend chats with Scott Dykstra, CTO and Co-Founder of Space and Time, and Purandar Das, CEO and Co-Founder of Sotero.

Microsoft-backed Space and Time is the first decentralized data warehouse. Scott also serves as a Strategic Advisor to Sotero and was formerly the VP of Cloud Solutions at Teradata.

Sotero is a Web2 data security platform that ensures your sensitive data is never left unprotected. Purandar previously served as CTO at Infogroup and CTO at Epsilon.

Host: Mike Townsend

Guests: Scott Dykstra & Purandar Das

We are also available via:

BuzzsproutYouTubeQuoraMediumTwitterFacebookLinkedInSoundcloudApple PodcastStitcher • Spotify Google PodcastPlayer FM

Episode Transcript

Mike: Today on AroundThe Coin, I interview Scott Dykstra, the CTO and co-founder of Space and Time,as well as Purandar Das, who is the CEO and co-founder of Sotero. The twocompanies work very closely together, so we thought it would be appropriate tohave them both on the conversation. Space and Time has raised over 30 millionat a 300 million valuation close partnership with Microsoft.

Over 50 people, and they've made great progress to decentralizeand provide encryption across data warehouses. We talked about how the twocompanies. Help with data privacy and security and what the emerging world ofservers, networks security looks like in a both decentralized and centralizedworld.

We talked about the influence of their technology on. Thisrising tension between Bitcoin and the US dollar, the sort of conflict betweenthe Federal Reserve and the ability to control the US dollar over the freeflowing value and cryptocurrency. And we speculate a little bit as to wherethings go.

It was a really interesting conversation and I hope you enjoy.

Mike: All right,Scott Purandar. I'm excited to have you guys on and talk about your space Spaceand Time in DeFi. Why don't we kick off the conversation with a little bit ofyour personal backgrounds on why you started the project and what you aretrying to accomplish in the world.

Maybe Scott, I'll point it to you. What were you doing beforeSpace and Time, and then what are you trying to accomplish with thisorganization?

Scott: Absolutely.Let's get right into it. Mike. Thanks for having us and definitely excited tobe here. Spent about a decade in enterprise data warehousing, building 500terabytes scaled databases for the Fortune 500.

It was really the opposite of what I'm doing at Space and Timein terms of centralizing the world's data into large kind of analytic blackboxes. Mable centralized. Massive data warehouses in the cloud controlled bylarge organizations, mainly in the Fortune 500. Great, great chance to learnabout how data performs at that scale, how to organize data at that scale andhow to solve analytic kind of challenges at that scale.

But I think what we, entering the world of Web3 and DeFi andseeing, you know, how, how blockchain has evolved over the last five years wasa chance to see. There's really a unique opportunity for someone, hopefullySpace and Time to bring in a new kind of paradigm for processing data atextreme Scale, on a global scale, where the constituents of that data, theowners of that data, the users of these protocols won't have to just give upcontrol of their personal data, and also the builders, the developers that arebuilding protocols in this.

Can, can actually have confidence that their data istamper-proof and has been processed in a way that is truly decentralized,community operated, community owned, and most importantly. Kind of proved ZKproof. So Space and Time is building not just a data warehouse that removes thecentralization of the world's data to these analytic black boxes in the cloudand decentralizes the world's data, but more importantly, provides proofs todevelopers that their data hasn't been tampered with, and that the computationsagainst their data are accurate, their SQL has been executed in a verifiableway.

Mike: And is this notpossible? Cuz when you say you're putting this valuable data everywhere in adecentralized way, The immediate thought is that's, well, there's more surfacearea for attack, but you compliment that by saying there's these CK proofs andthey're encrypted.

Could, could it, couldyou not have a system that has it all in one place?

You gain the efficiency you gain, you know, I'm sure it'seasier to manage if you just have one server. Could you not have that oneserver be safe with these encryption method.

Scott: I, I thinkthere are plenty of organizations that have done a decent job locking downtheir data into a, like you said, centralized single point of control in, inthe cloud or on premise.

And a lot of those organizations are doing just fine in web twoand haven't experienced breaches, or haven't you know, have, have controlledtheir data and locked it down in like, for example, a SOC two compliant way.But that's just the problem. And DeFi what's on chain. Smart contracts on chainneed to know that the processing of data off chain was done by multiple partiesin a verifiable way with verifiable computations.

And if you lock down data into a centralized database in thecloud or on premise, sure, you might have your own firewall behind that data,but how can a smart contract on the blockchain or any protocol related to Web3for that matter, Know that owners of that analytic black box, the owners ofthat single point of control, the owners of that centralized database aren'tjust logging in, changing a few rows of data and basically tampering with theentire data pipeline to and from the chain.

Mike: Got it. Okay.

So this effectively relies on distribution of control and bynot having. The control being in one place, you can increase the likelihoodthat the data is has not been tampered with. Is there, is, does there, is therea conflict when even though you might have multiple instances, it's still underthe purview of a government?

Like for instance, if you had, you know, 12 different datacenters, it seems distributed, but if they're all in the United States,Ultimately the federal government could go in and just shut 'em all down atonce or take all the data, or is there some other, per other viewpoint at whichthis still is a concern.

Scott: Yeah. What,what you're getting at is censorship censorship resistance, which really is thelast thing to touch on here. And censor censorship resistance is, is not justabout having a number of parties process the data available to compute on data.It's about globally distribute, distributing the nodes, the servers that holdthis data and process it in a global network of user operated, user ownednodes, community operated, community owned, data warehousing, something neverreally been done before as far as I know.

That en that that invites not just proofs, that things aretamper. But it invites censorship resistance of data makes it harder for datato be deleted, makes it harder for data to be, you know, for computations ondata to be locked down. So I think that's a huge benefit. You, it's a, it'skind of a side effect of decentralizing your data is you, you, you invite somecensorship resistance.

And then finally, I think um, I think just, just the idea.alone That you've decentralized your data across an a global network of useroperated nodes also gives you infinite availability, extremely highavailability that you don't get from a single centralized server in the cloudor on premise.

Mike: Interesting.You know, the first thing I thought of when I, when I heard the name Space andTime, was that there was, There's some actual space happening. So I was like,oh, are these guys maybe sending servers to outer space? And then having likeorbital what do you think, what do you think about that?

I mean,

do you think that's in the next 10 years where there'll be datacenters in space because that's you know, resistance to governmentintervention, ?

Scott: You know, Ithink the the cost for compute would be a little high, right? , whereeveryone's very, very at extreme scale when processing terabytes or evenpetabytes of data.

Most organizations, first question is, what the heck is thatgonna cost? So I think if you move that data center up to space, maybe thosecosts would, would be, be challenging. But hey, there's plenty of use cases forit. We see Starling orbiting the planet every night. Look up at the stars andyou see a, a line of satellites bringing internet to the globe.

And if I'm running a query in you know, in the Outback,theoretically I could be on my phone on starlink in the Outback, executingqueries and getting back answers from Space and Time. So, I mean, crazy idea,but I love it.

Mike: Yeah, I mean ifyou, as long as you had the solar panel set up and you had the capacitors tostore energy, there's plenty of energy up there.

You just need to ship these things up there.

Purandar, I'd love to hear your thoughts on the, the company.So you guys have raised 30 million, I saw roughly 300 million valuation lastyear. 50 people, Microsoft got involved. What do you view the strategicdirection of the business going forward?

Purandar: My founderof Sotero. We are a Boston based startup focusing on data security. The earlyparts of this conversation, I think you kind of touched on a lot of the reasonswhy we started Sotero. The centralized database of data warehouse where a lotof datas moved into security.

In some ways it's, it's operational today, but not reallyeffective or. And the challenges with trying to move data into a centralizedlocation is obviously you're building a very, you're attempting to build a verysecured location that has very limited access. Limited access itself is a problem,right?

If I, if it's data, it needs to be available broadly for, foraccess and use. That's the value of data. So trying to put this into a into acentralized location. Limiting access goes against what you want to do withyour data. That, that's fundamentally one of the challenges. The other one isthe latency data is valuable when you can operate on it and act on it asquickly as possible.

Any latency diminishes the value of data. Current securityproducts don't really enable you to achieve business outcomes in real time.They.

Mike: Sorry, let me,let me just take a step back for a second. So, just to be clear

you are running acompany called Sotero, separate from time and Space and Time. Yeah.

Maybe gimme a little background on, on how these businessesoverlap and, and Yeah, how you, how you got here.

Purandar: Yeah. So,I, I mean my background is very similar to Scott's. I built data warehouses,but from a different perspective. I work for marketing companies that enablebusinesses to market people.

So we build all those terabyte, petabytes, database. That are responsiblefor a bunk for bulk of the, the messaging you receive, whether it's on the webdirect mail or email text messaging. We were doing all of those. It, it isgreat for businesses to drive revenue and opportunity, right? But when you lookat it from a perspective of consumer privacy or even privacy and security,there's very little of that there.

You're essentially kinda building platforms that violateprivacy or security. And looking at it from a technology perspective, reallythere weren't many solutions or there weren't any solutions that enabledbusinesses to operate, but still enable consumers privacy to be respected. Thatwas a genesis for us to start Sotero building a a data security product thatenabled the preservation of privacy.

But also enabled quick in, in real-time access to organizationsto, to drive their businesses. That was a gap that we spotted in, as Scott wastalking about, the, the decentralized data. And I think Scott can havepositions this really effectively, right? When you're talking about adecentralized data data data warehouse or data nodes, you're not talking aboutdata nodes or databases that are within your control.

You're firing them up on platforms or servers that are insomebody else's control. So the whole notion of tying down databases beyond afirewall doesn't exist anymore. How do you do that? How do you distribute dataacross millions in nodes but still preserve privacy? That's the partnershipbetween us, between us, they built the framework to, to be able to distributedata compute across millions and nodes into our time effectively.

We cannot give them the, the capability to preserve the privacyand the security of the data across those millions and nodes. That's thepartnership.

Scott: Yeah. One ofthe reasons I'm so, so excited to have Purandar and, and the Sotero teamsupporting Space and Time is we really couldn't do this without them.

And what Purandar is highlighting is that, Sotero enables Spaceand Time to be a, a truly decentralized data warehouse, while also maintainingprivacy and encryption as, as Purandar so elegantly put it on the, on theblockchain, most data is public. Sure there are encrypted keys and there'sencrypted data sets that a smart contract can decrypt.

But in general, we think about blockchain data as a public dataset. We think about decentralized data as public. And there are plenty of Spaceand Time developers, our customers, our partners, our developer community thatare building with public data, and we encourage that. But simultaneously, thereare plenty of customers, partners and developers in this space that don't wantall or some of their data to be public.

They need privacy. In some cases, think about like, risk scoresor credit scores that are going on chain. Think about financial markets thatinvolve private third parties and auditors that. Thinking about proof ofreserve and, and, and exchanges in banks sharing private information and publicinformation.

I think there, there's a use case for both. We highly encouragepublic unencrypted, fully world access data. That's great. We want open sourcedata, but at the same time, there are plenty of use cases. Healthcare, forexample, HIPAA compliance, where data cannot be public. And if you wanna bringthose use cases on chain, what do you do?

Well, you need, you need a way to connect all that data to thechain to smart contracts. And how do you connect it to smart contracts in atamper-proof or zk proofed way? Well, Space and Time, but where, but if Spaceand Time is a global network of decentralized nodes who are operating thosenodes well, a global community of minors, of node operators, just likeEthereum, just like Bitcoin.

But unlike Ethereum and Bitcoin, there might be healthcare datathat's, that's stored at scale. There might be private banking or third partyauditor data There. Credit scores, store it on Space and Time, and that's whereSotero comes in. Soter allows us to encrypt that data in the database itself,not just on the disk, but actually at the column level.

Encrypt that data before it's sent out to this network so thatthe operators of these nodes can't manipulate steel or unencrypt that data andkind of use it for the for, for non-compliant purposes.

Mike: Okay. That wasa good explanation. Let me ask maybe what's the dumb question, but why? I'mtrying to get a better sense of like the boundary condition here.

So why would Space and Time not have a function or feature toencrypt the data on the, like you said, the column level on the database?

Scott: Well, this isone that Purandar gonna have a great answer for, but I'll give really quickanswer and hand it over to him because it's really, really hard. Space and Timeis tackling enough massive challenges as it is.

The last challenge that I want to go tackle is in databaseencryption. Well, we're not talking about on disk encryption. Sure. That's,that's solved that a few lines of code in a, a few python functions and we canencrypt on disk, the cloud, Amazon, Google, Microsoft, they all krypton disc.What parameter has built is something truly unique.

And that it actually encrypts data at the column level in thedatabase, which is extremely challenging to do. I'll let, I'll let Purandar.

Mike: BeforePurandar, before I even dive in. Just to clarify on disk versus on column or ondatabase. This means like the data itself, if I have access to the database, ifit's, if it's unencrypted on disk, that's less desirable because I can stillsee the data on in the database, but exactly. Maybe help me better understand.

Purandar: So Mike, I,I, I mean, you, you put it very well, right? I mean, everybody, it's widelymisunderstood on people. Say, we encrypt our data OnDesk and we're good. Whatit actually does, nothing from a database or a usage perspective case, whensomebody accesses the database, the data is completely visible.

It, the OnDesk encryption is preventing somebody from making acopy of the dis or making a copy of the file. Beyond that, it provides nothing.The flip side of the challenges when you encrypt. Attributes of column withinthe database, you immediately lose functionality cuz you can't run queries ondata.

Our patented technology is the ability to run queries onencrypted attributes. Though you lose no functionality, you lose noperformance, but you preserve the, the privacy of the security of the databecause now somebody logging into the database without authorization seesnothing. And so that's the value proposition that we make.

Mike: Is that, isthis basically and maybe it's difficult to explain this in basic terms, but isyour algorithm the abil, it's an algorithm to decrypt the information and run aquery and then re-encrypt it.

So how can you run a query and encrypt?

Purandar: That's thebig difference. So the, how can you run a query question is academicallyanswered fairly easily.

Right? There's a, a notion of Encryption, a homomorphicencryption that in theory provides the ability to query any encrypt encrypteddata. The problem with homomorphic encryption is that it's performanceintensive and really not practical at all. Several universities in, inorganizations, the big, big ones have also have all tried at it, but have notbeen able to crack that problem.

We actually, that's, that's where our technology lies. That'swhere our patent is, and we've been able to, to develop. Technology thatenables the querying of encrypted attributes without the need to decrypt them.So in our scenario, you have database in one of those nodes, you have adatabase that's in on hosted on unknown.

You have data in there. We've gone in there and encrypted theattribute. The querys running against that will run on encrypted attributes.They don't need to decrypt it to actually run a query.

Scott: Yeah, andScott, so think about it. What it really comes down to is, Encryptingeverything and then not being able to actually process that or encrypting thedata that actually needs to be encrypted like a phone number or a social or a,a credit card number, or some healthcare information, or some private bankingnumbers.

The books encrypting the data that needs to be encrypted andthen being able to actually operate and run complex queries, space, run space,and times business on that data. That's very different than just encrypting ondisk where everything's gets unencrypted before you process it, and then itkind of defeats the whole purpose, right?

Then you, then you move to like, you know, a future we see of,of, of enclave trusted execution, environment based compute. The problem thereis you, you, you can't run a massively parallel, massively scalable Kubernetescluster of data warehouse nodes in one little enclave in the cloud, right? Ilove the, the, the future of of, of confidential compute that like clouds, likeMicrosoft Azure are bringing to the table where you can actually runcomputations in a completely encrypted vm.

But unfortunately they're very expensive and they don't scaleto a data warehouse scale. We're talking about terabytes or petabytes of data.That's why we need Sotero. And then what we can do then is we can connectencrypted data to smart contracts. We've developed a ZK proof for sql. So thatwe can prove that our SQL execution was done correctly and that nobody hasactually changed the data or manipulated the data.

Sotero can can prove that the data remained encrypted. So youcombine encryption with a zk, proof of the actual computation on the data. Andwhat do you have? You have the next generation of secure computation for smart contract.

Mike: Interesting. Ohwait, let me just make sure I get this Sotero concept. So there's some, so yousaid academically Purandar, the, the ability to run any sort of query say like,okay, give me everybody who lives in Oregon, right in my database to run thatkind of query. You, you're basically looking for the word Oregon and you'rereturn that has that, so it's, it's scanning everyone and then it's quicklysaying, is it these characters are not, Yes or no, and then it creates a list.

That's what we mean by queering in encryption. There's like a26 randomized character, and you're, look, the, the algorithm would look atthat character, the, that string of characters and say, is it in Oregon? Itsounds like a little bit of black magic to me, but I also really have no cluewhat I'm talking about.

How is it, I mean, could you even describe a little bit insimplistic terms of how this can, how this works?

Purandar: I mean,obviously without going into too, too the technical, technical details cause thatthat is probably not very appealing or interesting to somebody that's listeningto this, right? I mean, the query that you brought up, if you look at a variantof that query, say, gimme all the people that whose names have or in them,right?

That's a much more complex query than just saying, gimme allthe people that live in Oregon, cuz that could be, in some cases, a fairlystraightforward string match. So when you have partial matches, that's a range.Query or a like query that requires a lot of complexity in how the, the, thequery is executed.

We actually, when we encrypt the data, we build an intelligenceinto the attributes so that our algorithms can go in there and scan them toidentify the various combinations. And it's not just a fixed combination,right? When you think about all the permutations and combinations in a nameitself that you have to match, that's what, that's the intelligence we buildinto our encrypted tokens. So that we can go in there and query there.

Mike: So you're, isit, would it be accurate to say you're looking for patterns across theencrypted data and that

Purandar: any queryis, any search query is patterns, right? Mm-hmm. , yeah. Yeah. In, in, in manyways that's essentially the gist of the solution.

Mike: But at the sametime, it's not, it's not decrypting it, it's just looking for the pattern.

Purandar: It's notdecrypting none of the data. So that, that's one of the other challenges withencryption, right? You either have server site encryption or client siteencryption. Server site encryption, is what you're saying. It's like decryptthe data, stage it plane, text, run the query, get the results, and thenencrypt the data.

Again, that's a lot of overhead and really provides noprotection because at. I mean, you don't think a database is that are sittingidle. Right? They're being used all the time. So the data for the most part isstaged in plain text. And that's the vulnerability that any query that's comingout Got it. Has access. That's what we saw.

Scott: Somethingthat's, that's helpful to understand too is like Space and Time set out toconnect SQL query results directly to smart contracts in a, in a tamperproofway. In a, in a d decentralized trustless. Thankfully sql, as complex as it is,is a kind of a limited scope. It's, it's a wall boundary.

It, it's not just arbitrary compute, you know, it's not like,you know, I can't go write like a, you know, 4,000 line. Python script that hasjust an arbitrary computation. SQL does have a kind of a limited set ofcomputations, wear clauses, aggregations, you know, group eyes sorts order by,you know, those kind of aggregations filters.

It's, it's got, it's got a wall boundary of the different typesof computations. It does. Thankful that allowed Space and Time to develop anovel zk. Literally zk SQL proof we call Proof of sql. That proves that ourcomputations were done. Correct. It also allowed the Sotero team led by parerto build all the kind of the, the operations they need to do on encrypted datawithin that wall boundary of sql.

It's extremely complicated. Now, I wouldn't want to take onthat encryption challenge. I'll leave that to ER and. But it, it because it's awall boundary and not just arbitrary, random, any, anything goes. Mm-hmm. , itallowed us to build a ZK proof and allowed him to build encryption that canactually operate on that encrypted data sequel. Got it. Prints on thatencrypted data.

Mike: Okay.

So if we move back up,like, think about this from like a higher level, abstract sense. You have theability to. Say, like I even think of, you mentioned healthcare data. Even if Igo and buy a coffee at a coffee shop, that if I pay with Bitcoin and the coffeeshops owns my Bitcoin address, they can see all my transaction history, theycan see how much is in my Bitcoin wallet.

So that's not ideal if you have the ability to have all thatinformation private. And then the private aspect means Space and Time sends itto a bunch of different servers, and then it's encrypted all the way down sothat no one can hack it. At any point, that's, that's like basically the valueproposition, right?

Scott: Yep. If I,yeah, Val, the value prop that Space and Time brings to the table is we canprove that the data we're handing to a smart contract, the query results thatwe're handing to a smart contract are accurate, verifiable, and have not beenmanipulated. The value Sotero brings to the table is ensuring that hackersaren't stealing that data when it's being moved.

Mike: Gotcha. Okay.And so the primary, when you think about this and you get excited to buildthis, this feature, who do you immediately look at and say you are gonnabenefit? Is it Microsoft when they host like big servers? Is it futurecompanies that have yet to be built? Who's like the first low hanging fruitcustomer you approach?

Purandar: No, I II'm, let me take a shot at answering that question. Yeah, I mean, I think partof what we've not discussed about, and I think, I mean Scott has it in the backof his mind, what they're building is gonna be the future of data warehousing.If, if that's even the, the right trace for it. The whole notion ofcentralizing or could collect data collection, putting it into a centralizedserver, processing it.

Getting the results and applying the results to some systemthat's not connected to it. I think it's gonna go away. The Mona Air forcompute resources and, and effort time involved in data collection, butcleaning it, processing it, staging it, operating it, running analytics on it,and pushing the results out.

It's not sustainable given the volume of data and the amount ofdevices that are popping up. A framework like what Space and Time is buildingis the future, whether it's for smart contracts today or decentralized datawarehousing in the future. That's the, that, that's the paradigm that's goingto emerge out of there.

Still keeping data secure across the, the entire transaction iscritical, which is what the, the Space and Time platform provide keeping datapro protected as it's be, as it's stored and operated on is what we bring tothe table.

Mike: Got it. Okay,so I'm clear on that.

Is this, is this, does it have to be, do you use the worddecentralized? I mean, you have it right in your description, or is it justredundant? I mean, if you had three data warehouses that each had the sameinformation on them is that decentralized? Is too decentralized? Like what doyou think realistically we converge at is a hundred like

Scott: Yeah, I thinkthat's a very valid question. What we set out to do and what we're gonnacontinue to do all throughout this year is add more and more user operated datawarehouse clusters across the globe. I don't think three data warehouses allowned by Space and Time Inc. Is decentralized. To your point, that's redundant.And a lot of folks would in, in the space wrongly, probably call thatdecentralized when you just have a few nodes and a little mini network and its.

That's a private network that's very, that's still verycentralized. What we're building is something that's community owned andoperated like Ethereum, right? Where anyone across the globe, Mike himself, canspin up a Space and Time cluster either in his own data, either in his basementor in in the cloud, right?

And then contribute that cluster back to the Space and Timenetwork and receive a token payment, a token incentive for the work that hiscluster does. What we, what we, what we aim to have is a couple hundred nodes,at least across the globe, in the same way that like Polygon might have acouple hundred validators across the globe as an example.

I, I think a couple hundred is, is enough to, to begincensorship resistance. It's not perfect, certainly not Ethereum or, orcertainly not Bitcoin level of censorship resistance. I think there are stillchallenges there. I think it's, there's further decentralization needed, andthat's where the ZK proof comes.

We realized that just having a few, having a network of useroperated nodes across the globe is not adequate. There's another technology youneed to add onto that, which is a zero knowledge proof that the computation ofall those 200 clusters across the globe are doing the right computations, arenot manipulating the data and, and when we send data to smart contracts,especially we have.

A hundred percent sure that we're setting the right databecause there's, there's value at stake here. A lot of these query results thatwe're sending to smart contracts are like, are like, who should receive a, alending? You know, who should, who should get a loan on chain? Who should get adecentralized lending opportunity?

Things like what, what's the price of a crypto option of a perpor a European settled option? Things. You know, hell, what, what is the priceof a, of an actual asset itself? And if that price is wrong, or, or Yeah, oraggregation on that price is wrong, it's gonna mint value on chain. For ahacker, what I'm getting at is having a, just a global network of decentralizednodes solves half the problem as zk proof solves the other half, and then werealize, oh, oh.

There's still, there's still a third issue, which is dataprivacy. Now, well, everything I just described works great for public data.Now, finally, we bring in Sotero to solve the, the last piece of this, which isnot just public data, but also do all these operations on private encrypteddata for the enterprise.

Mike: Okay. A and whotoday as a stands I both want to ask you kind of two questions. One is, andthey. Dance together, really.

I wanna know like, howfar along are you guys in like real world value delivering and then who loses?Like what's the old technology that is gonna, you know, fight and kick andscream on the way out?

Is it like Google and Amazon, a w s is that, or do you viewthem as like they're gonna become more competitive? Help me walk through likethe landscape of how is this going? Who. Yeah, what are the competitors and,

Purandar: yeah.Thanks. Thanks, Ben. I mean, we are working with some of the largestpharmaceuticals, some of the largest telcos in some of the financial servicescompany all around preserving the privacy of data in, of attributes in adatabase to be, to be very simplistic, right? Use cases span across protectingclinical trial data that's being shared.

Both internally and externally, GDPR compliance, the, theresidency requirement of enabling organizations to collect data in the EUstored in the us and be confident that they're not gonna be under pressureeither from administration or from their consumers of keeping the dataprotected.

We also enabled revenue analytics for one of the largest telcocompanies. Where they collect petabyte sized petabyte amounts of data on amonthly basis that they run revenue analytics.

Mike: And so you sayyou're working with, is that you have like 10 customers paying like 10 grand amonth kind of scale? Like can you mention revenue or customers, or how are you?

Purandar: I mean,think it's a million dollar relationships on an annual basis. Mm-hmm. The, thecomplexity, the technology aspect of it is great, right? What we enable themacross the board is meeting business outcomes, reducing the latency that ittakes to move all this data and put all these safeguards in place.

Because with that, you can still move with the speed ofbusiness without having to spend huge amounts of time moving data back and forthand putting all these. Additional products are safeguards, whether it's ondiencryption, privilege management, et cetera.

Mike: Got it. So itsounds like the pitch might be, Hey, large healthcare company, stop using a w sand start using us because it's more secure. Yeah. Is that in a nutshell?

Scott: Yeah.

I think something that helped me understand the value prop of,of Sotero when I, when I first started talking with brander and understandingthe incredible technology they've built. Is, you know, I, I was like, Hey, whatthese centralized analytic black boxes that are centralized databases, it, it'sa similar question, Mike, that you asked me at the beginning of this podcast.

Hey, hey, brander, these centralized databases in the cloud,like, Aren't they already kind of locked down? They already kind of have theirown firewall in the cloud. Aren't, aren't they behind their own SOC twocompliant kind of user role-based access rules and user access rules? And Pre'sanswer was, well, sure, but there's so many, there's so much more securityneeded.

We hear about breaches all the time where, you know, anorganization followed all what, what they thought was all the rules and theseare not. Boring old, you know, 1970s era banks we're talking about modernhigh-tech companies that all of us use on a daily basis. Just look at the newsthat are getting breached.

And their data is, they thought their data was encrypted ondisk, or they thought they had followed SOC two compliance and they thoughtthey'd done everything right. But that's still not enough. You, you, they'readditional security never hurts. Mm-hmm. .

Purandar: And, and Imean, it's the complexity of the systems. That's the big challenge, right? Imean, when you think about a system, there's no isolated system. Every system,every network is interacting or integrated with hundreds if not thousands ofdifferent applications and endpoints. Centralizing writing data to disencrypted doesn't solve the problem of one.

If not, are many of those people getting into the network andgetting access to the. If that happens, your disable encryption is useless,your firewall is useless. How do you protect?

Scott: And then froma Space and Time perspective, we, we can't lock this infrastructure downbecause it's not all owned by Space and Time.

Sure. Space and Time is gonna be deploying some percentage ofthe nodes in the network as we, we have to. But then a larger percentage willbe deployed by the community. We don't have access to lock down a firewallaround that data. We can't put a SOC two compliant wall around those otherinfrastructure nodes in the network.

Those other systems in the network, sure we'll put a SOC twocompliant wall around our own and our own rules around our own. Nodes in thenetwork, but Sotero comes in to help encrypt the data before it's sent out toall those other non locked down nodes operated by the community. We, withoutSotero, we wouldn't be able to actually do any computations on private dataSpace and Time would have to tell our developers, our developer community, youcan only use public transparent data when you use Space and Time, which got itis great.

We encourage that, but that's only half of our use case. Theother require private encrypted data.

Mike: And Scott, sowhere is,

where do you see the line between maybe a traditionalinfrastructure development and this Web3 DeFi word that gets thrown around? Isthat just the, the, the number of computers or servers that, I mean, you saynodes, it's nodes and servers interchangeable.

It's just like a room with large computers and fans.

Scott: Is thatfunctionally Sure. I, I think that's a. A purist would argue, you know, all anode is a specific server. I'm saying a node is just one component of thenetwork. A a a little cluster of a Kubernetes cluster, a little Kubernetescluster of servers.

You're right, you asked the question a minute ago, like, Whoare, is, is, is Amazon a competitor? Are the clouds or competitors? Who, whoare you fighting against? It's not the clouds. I, I think the clouds themselvesare just, the major hypervisors are just offering servers. I mean, most ofEthereum runs on aws.

Ethereum's not competing with aws. In fact, if anything, AWS isa conduit to enabling Ethereum. And, and you know, we have a very tightpartnership with Microsoft, but yet we're deploying Space and Time clusterseverywhere. Tencent, aws soon. Of course a lot of our infrastructure's onAzure, and we believe Azure's leading the charge of confidential compute,trusted encrypted environments, enclaves, future technology that will enableeven more security for Space and Time, even more privacy for, for private keysand management of data.

But what I'm getting at is the, the hypervisors themselves arenot the competitors. The competitors are developers and companies that arebuilding in a centralized analytic black box. Companies that are doing all oftheir processing of data in a way we don't even understand. Like if you go to,if you just something as simple as web two credit scores, traditional creditscores.

I'm not gonna call it out any credit score companies, but youknow what I'm talking about. How do they come up with that calculation? Sure.There might be some consortium that came up with a model. For exactly how yourcredit score should be modeled. But why do all four of the credit scorecompanies give you a different answer when you look up your credit score, Mike,because it's an analytic black box.

You have no idea how they're processing the data. You don'tknow whether it's accurate. You don't know whether someone from Experian loggedin and like changed one row of data and could have manipulated your credit score.And that's one little example. Think about. Larger examples where money istransferred on chain at the scale of millions or billions of dollars.

How do you know that, that, that, that that's coming from anoff-chain world? That's accurate. We're talk, we're talking to so manydifferent like options, trading protocols on chain that are building DeFioptions, decentralized options on chain, but they're doing their optionscalculations to calculate the price of those derivatives of chain.

Where is the confidence that those calculations are beingexecuted correctly before they're being brought on chain? Space and Time bringsvisibility and transparency to that through decentralization. But Sotero allowsdevelopers building on Space and Time to still keep private information thatneeds to be private.

Private and keep public information that should be public andtransparent public before it's brought on chain.

Mike: Got it.

Okay. And, and so from a, from a user's perspective, like thepeople who are trading options, in your example, They are going to feel thebenefit from this in the confidence that they have in the data not beinghacked.

I mean, is hacked like the primary problem this all solves?

Scott: Hacks inmultiple senses of the word word. Yeah. Yeah. Like Sotero, I'll, I'll letPurandar talk in a minute about how, so the type of hack that Soter. At a highlevel, like Soter is preventing breaches of data. Mm-hmm. People stealingprivate sensitive data.

Right. Based in times technology. R Z K, proof of SQL preventsa hack of people logging into the database and just changing a few rows of datato, to, as an example, manipulate the prices of options before they're broughton chain or manipulated credit score before it's brought on. We we're notpreventing people stealing data.

In fact, we're trying to open up and make data transparent.We're preventing people manipulating data, changing the values, Sotero preventsthe stealing of that data. Go ahead, Brandon.

Purandar: No, no.Yeah, I Scott, that, that was perfect. Right? I mean, the, the portion that,like, like you said, it's, it's, it's an interesting, the way Scott put it,right?

It's both a platform to enable public adoption, right? And aplatform to enable you to move your private data confident with confidence thatthe data is security and the privacy is not violated. They kind of likeconflicting objectives, but that's essentially what the partnership here isachieving.

Mike: Okay.

So I'm curious to get your thoughts on this. What is, who isthe primary suspect in this? So you have obviously hackers that wanna stealcredit card data, healthcare data. You know, all sorts of data. They wanna holdcompanies at ransom, like target or hospital or something. And then there's thegovernment.

To me, it feels like on the edges, those hackers like yeah. Youknow, build all the software, stop them. But the, the government's like aunique case where they're. High risk in my view, because they might just dosomething like, Hey, we need to stop all bank transfers and we need to stop allcrypto. Like just recently, the signature bank that was shut down the, thecrypto bank, the, they said the, the government made a mandate that said, oh,the company or the bank that buys signature cannot reinstate the cryptofunctionality.

Like crypto can't be a part of banking basically. And so itfeels. It's like we're moving closer and closer to the federal government,recognizing that there's a, there's like a direct conflict of interest betweenhaving the cryptocurrency world operate and flourish and having control overthe monetary policy.

And, you know, as we saw with like the bailouts of the banksjust last week, it, there's a lot. Anxiety involved in keeping the US Bankssolvent. And so the Federal Reserve has really two levers. They can raise interestrates, drop interest rates, or they can print money, but they can only printmoney as long as you don't have an easy escape route.

Now, as. Quick aside, I was reading yesterday, there was thislike 1930 1930s rule where the government seized all the gold in this executiveorder. And they basically took everyone's gold because they wanted to have thiscontrol of the monetary currency. And I, I, I can see a similar thinghappening.

Bitcoin is the obvious, you know, poster child right now, wecan move money back and forth between Coinbase crack and buying. There's a fewof them. Do you see this technology being helpful in preventing like a, likesomehow like, yeah. Tell me, Scott, what are your thoughts on that?

Scott: You're reallyasking two questions. You're highlighting two important topics. One iscensorship resistance, and the other is private auditing of sensitive thirdparty banking information. The partnership of Space and Time in Sotero actuallyis trying to offer value in both of those spaces. Space and Time as a globaldecentralized network of servers all across the world, many outside of the USand many on clouds outside of the US or private data centers outside of the usOperated by a global community of like-minded Web3 individual, mostly minorsadults, but people that run park here.

Got it. Th that that offers a level of censorship resistancearound data that hasn't been seen before in the data warehousing spacespecifically, do I think that, for example, 200 clusters globally is adequateto, to stop a government? Maybe not. We'll see, that's t v d. Maybe you needthousands. Maybe you need b Ethereum or, and or Bitcoin level of, of, ofdecentralization for true censorship resistance beyond any cbd.

C central government, central bank. That's half of what you'rehitting on, the other half is around how do we ensure that the financialinstitutions that we're interacting with on a daily basis are being, are, areliable and, and showing proofs of their reserves and proofs of their, of theirbooks, and they're doing things that are not fraudulent or, or harmful to the,the constituents of that financial institu.

I'm not saying that SVB did anything fraudulent. What I'msaying is there's, there's a way for in the DeFi world or in the, or in thefuture of banking that we're quickly heading towards, I see. For moretransparency around what's happening on the books. Sotero would allow you know,private sensitive third party information to be shared via Space and Time fromone bank to an auditor or from one financial consortium to another.

There's, there's a, there's a way to lock down and encrypt thatdata where only folks, that only the consortium of auditors that have theprivate ease can look. That's important from a private sensitive third partydata auditing perspective. But from a transparency perspective, we can alsobring more transparency to this financial space.

Open the books up and say, Hey, here's my proof of reserves.Here's my proof of of my bond of my bond assets that I'm holding. Like so manyof these collapses recently, both in DeFi, CFI and in banking, I should reallysay CFI in banking have been via, not, not these financial institutions notbeing transparent.

Hmm. Purandar, I love your thought.

Purandar: Yeah. Yeah,sir. Yeah.

You touched on one point that's really important, Scott.There's two different perspectives to what you brought up, Mike, right? I mean,taking over like the Signature Bank stuff and saying mandating that he can't dosomething or threatening to take something over, right?

There's two aspects to it. One is infrastructure. The secondone is data. Infrastructure. Even if they can't take over the infrastructure, Imean, most departments can put some kind of pressure on that, right? Right.We're gonna eliminate access to it, or we're gonna cut off your uh, I mean,basic internet connectivity, right?

So you can't operate. That's one thread. The second thread isaccess to the data, which is all the, the gdpr Nice about, right? Giving thegovernment access to consumer, citizen information about EU citizens. That pieceof it is what we also saw through this, right? That access to the data isessentially driven by what's card product.

It's the private keys or the encryption keys in our solution.The encryption keys are, the keys are owned by the owner of the data, not bythe service provider, like with the Microsoft one, with an apple, where thegovernment can go to Microsoft and Apple and force them to decrypt the data sothey can get access to it.

What we do is saying, you are the owner of the data. You havethe. You are gonna be the one that's making a decision on whether you wannashare this with somebody or not share this with somebody. So even if somebodygot hold of the infrastructure, whatever authority it is does not have accessto the data.

Mike: Got it. Okay.

Do you do you feel this tension in in, in this I dunno ifconflict is the right word, but that there's an obvious tension between owning.Buying, trading, selling goods and assets using cryptocurrency versus using itwith Fiat U s D? Certainly. You know, I think we'd all agree that the US GlobalReserve currency is put being put under increased pressure.

People outside the US have far less incentive to even hold U SD because they don't pay taxes in U S D I mean, one thing if you live in the USyou have to have U S D in a bank account. You have to pay taxe. And so there islike a common denominator there. Whereas if you're in another country, you knowEl Salvador is a good one that just recognized BTC as a national currency.

So they presumably would accept taxes in that. They could havethe whole system running on that. The US government probably is gonna be superslow to move in that direction because they owned the printing press, theyowned the, you know, they owned the printing machine. I, I just wonder if. Ifwe're moving forward like a Space and Time and so Dar moving forward, like tome, it seems like this time over the next five-ish years, five to 10 maybe isthe time when all the smartest people building on DeFi Web3 and all this coolencryption technology should be moving towards building an infrastructure thatis highly resistant.

Government seizure because if a government came in tomorrow andsaid, Hey guys, like you can't use Bitcoin, we're gonna shut down all theexchanges. No banks are allowed to use crypto. Like it, it immediately hurtsboth of your, I would imagine, right? It's gotta negatively impact yourbusinesses and probably the whole ecosystem.

And so what, yeah. What are your thoughts on, on that?

Scott: You, you'reonce again asking like three or four questions in one and they're greatquestions. Like, I think, I think we can wrap here, like to answer a few of thethree. Sotero and Space and Time are not blockchains, we are not crypto fairpoint. So we're, we have some level of immunity to the ups and downs and swellsof, of crypto. And Sotero itself is, is the DA is a data privacy company, dataencryption company. So a parameters business is helping organizations acrossweb two and Web3, name your across DeFi, cfi, and everything else. Keep dataprivate. So he, you know, he's not at the whims of government regulation aroundcrypto, whereas Space and Time's a little closer to that.

Right. We are, we are playing primarily in the Web3 space. Weare helping DeFi organizations and CFI organizations connect you know, data tosmart contracts and process data in a more tamper-proof way. So we're, we're alittle closer to that, to that world. And, and sure, we're not a acryptocurrency, we're not a blockchain.

We're a decentralized data warehouse. We do intend to drop a, atoken at some point when the time's right, when, when I can do so with someconfidence that I'm not gonna get put in prison from, from the s e C orsomething. I'm saying that jokingly. But at the same time, like I think, Ithink we're gonna see the few chains that adequately decentralized prior tothis government intervention from the.

Those few chains, you know, Bitcoin, Ethereum, and maybe one ortwo more, I don't know, that have enough global validators outside of just AWSUS availability zones, right? That could actually maintain a global reservecurrency or a global gold, if you will. Like, you know, I think you saw a biguptick in Bitcoin price as soon as all the news about SVB signature and othersgoing.

Going down. That was a big boon for Bitcoin, right? Bitcoinpop. Why? Because people saw that as uh, oh, weirdly, now Bitcoin is a saferreserve currency than, than, you know, bond like. And, and, and that creates aglobal market that people can move currency nearly instantly on chain. But thelast thing I'll say is that's probably only applies to the chains that havesufficiently decentralized prior to all of this happening.

Mike: Good point.Good point. Purandar, did you wanna comment on, on that? On, I just find it sointeresting and so important this Yeah. Inevitable conflict of interest.

Purandar: Well, yeah.I, I, I think, I mean, there's just a lot of, it's only times in that space,right? I think the government, the US government, for example, is still tryingto figure out how to adapt to it.

Is it in inevitable? Who. You brought Ecuador and, and they'rejumping on the bandwagon. I mean, they're doing it because it's beneficial tothem at this point. We, we've also seen China put a lot of clamps on digitalcurrency because it doesn't suit them and it provide, it limits their abilityto manipulate or manage the, their currency.

It's evolving time and, and I think Scott drinks up a greatpoint. It's the ones that have sufficient size today that are gonna survive inthe future. That size gives them credibility. In, in, I think in some, in someways, the, the SVB crisis is also demonstrating the real value of thatalternative current.

Yeah. So it's only times. I think there's a lot, lot that needsto evolve, but. The technology to do distributed data wareing, the, the, theneed for data security or privacy is not going away regardless of whatframework the world decides to adopt.

Scott: Yeah. I, ifanything, this might be honestly kind of good for soter, for Sotero and Spaceand Time as more while we, while we go toward more transparency, we also movetoward the need for privacy, for things that need to be private. We need to beprivate.

Mike: Yeah,

no, I mean that's why I asked the question is that it seemslike the, like I try to mo, I try to take a step back from good and bad. Likeis it bad if the Federal Reserve prints so much money so quickly that the U s Dis inflated and loses its dominant position as a global reserve currency?

Is it good or bad? I don't know, but it's going to happen. Imean, it's happened to the Dutch Empire, to the Roman Empire, to the BritishEmpire. It's probably gonna happen again to the US Empire in the next, I don'tknow. Right. Are you familiar with like Ray Dalio's rise and falls of Empires?It's like we're just talking about timing here.

These things tend to move slow and then really fast all atonce. So I, I think the, the really fast all at once. Probably didn't start,but man, last week was crazy. I mean, it could have, it, it's like you couldsee how the tinderbox is there and you know, I don't have to show you guys, butthe, some of the graphs on like the debt and it's like, it, it points to asituation where, yes, maybe it's early, but maybe a lot happens in the thirdinning.

I, I like to think of these things as like, you don't knowwhat's gonna happen, but you can pro, you can fairly accurately understand thehigh level incentives because they don't change very fast. Like the Fed haslike two levers. It's not overly complicated. Yeah. The second order effectsare over are quite complicated.

Maybe the political landscape changes and that introduces morecomplexity. But at the end of the day, regardless of what political parties inpower, there still is a desire of the centralized government to maintaincontrol and monetary flow. And that's why I just think like, what are we doingenough?

Like am I excited about the progress on the DeFi front that atleast preserves. You know, the freedom of money, right? Like this country wasstarted on the premise of freedom of speech because, you know, in Britain, likethey had a king and you really couldn't say what you wanted. And so like,freedom of money might

Scott: be, I thinkyou're, you're, you're bringing up valid points and I, and forgive myinterruption here. Yeah. But you know, It's a, it's a rollercoaster of feelingsand emotions from different political groups in the United States, right? Noteveryone is pro crypto and not everyone is anti crypto. There's differentparties that have different viewpoints, different motivations, and, and I thinkyour whole, like, what you're bringing up is like, you know, we, we, we'vefound on freedom of speech, why can't we have freedom of currency?

I kind of get it, like, I, I want DeFi and CFI frankly to boom.I believe in Web3. I believe in this future of decentralized technology thatfacilitates decentralized finance in a global kind of , a new swift as you'llbut I can see the motivations of regulators and I can see the fraud that's beenhappening within the Web3 space.

And I can see the motivations of regulators to want more tightcontrol and, and, and make the US dollar more important than Bitcoin. I getthat. I think. Political parties move left and right and fight and change andthings. There's gonna be a rollercoaster. DeFi is not going away. It maytemporarily be potentially even outlawed in the US for a short period of timebefore that changes back the other direction globally, DeFi has won.

Bitcoin and Ethereum have decentralized. They have adequatecensorship resistance. They are not going away in the. For a short period oftime, TB D Hmm.

Mike: That's a good,that's actually a, a good perspective is like, it really is such a global worldand these things aren't gonna happen all at once, even if the US puts pressureon other companies to say, Hey, you also have to ban Bitcoin mining.

I mean,

do you see Scott in that scenario that the US is globalinfluence? Expand to be a significant threat. Obviously if it just was in theUS borders, but realistically they would put pressure on.

Scott: Sure, yeah.Look, anything's possible. But my opinion and humble opinion is that anything'spossible for a short period of time before it swings back to other way.

True. And you know, with that, Mike, it's, it's been anabsolute pleasure talking and I, I appreciate all the great questions both onthe tech side and on the on the, the commentary on what's happening in cryptoright now. Cause it's, yeah, on one hand it's a little terrifying. On the otherhand, it's, it, it, it presents an opportunity for us to when things swing backthe other way, really fix things when they swing back the other way.

Mike: Yeah,absolutely. And Purandar, Scott, where are you guys on the internet personally?Are you tweeting, blogging, anything you wanna throw out there on the personalsizes?

Scott: Sure. A quick,quick shill, quick plug for the Space and Time, Twitter and Space and Timedisc. Space and Time DB on Twitter. Also, our discords popping off fordevelopers and, and folks in the, in the community that wanna start building onSpace and Time.

We're close to an open beta, likely in May, and we're reallyexcited about that. I'm at Scott Dykstra on Twitter and would love to, to totalk if you're interested in building on the decentralized future.

Mike: Sweet andPurandar. We'll have all the links to the company in the show notes. I'm, I'msure similar to Scott there. Did you wanna mention anything on the Sure.

Purandar: Company isat Sotero Secure. And I personally am at DA gp. What's the gp? It's my nameshortened.

Mike: Oh, okay. Yeah.Love it guys. Really enjoyed the conversation. Thanks so much. And I wish youguys continued luck at all the Endeavor.

Scott: Hey, thanks somuch.

Purandar: Thank you,Mike. Thanks for having us. Scott. Always a pleasure to talk to you.

Scott: You as well,Purandar. Take care my friends.

Mike: See ya.