Why coalescence matters in DeFi, not composability.

There’s much talk about composability in DeFi, “you know, like Lego blocks“. However, that analogy (composability === Legos) completely misses what’s special about DeFi. By thinking of Lego blocks, we run the risk of not building all those things which are simply not possible in traditional finance.

The ‘boring’ internet (aka everything non-blockchain) is already extremely good at:

  • Creating standards
  • Sharing or selling data
  • Having easy to use APIs
  • Using one way of moving data around (TCP/IP)
  • Using one way to secure the data (SSL/TLS)
  • Creating systems for running the same code on many different types of hardware
  • Combining modular functions (storage, user management, CDN, payments, biometrics, mapping, video playback, audio processing, …) into apps, in ways that abstract the underlying complexity and allow developers to snap things together and focus on the solution they are trying to build.
  • Stealing, copying, and cut-and-pasting code snippets or entire open-source codebases
  • Wrapping open-source code with thin but profitable convenience layers – “Launch your own app, site, store, or blog in one click – just change the name – deploy today“.

When we use the word ‘composable’ in any of those senses, we’re just describing how the old internet already works today. Sure, all those things matter for blockchains, too – imagine a world without the ERC20 standard, and we all know the headaches of having to mix and match EIP55 compliant and non-compliant Lego blocks.

Despite all of this being important for blockchains to work, there is much more here, that the old world cannot do, and that’s probably more aptly described by the notion of coalescence. Coalescence is the act of making or becoming a single unit.

We have all built a beautiful Lego, only then to have it fall off the table and shatter into all the building blocks we used during construction. Likewise, the traditional internet is easy to shatter, because there are trust gaps between each of the Lego blocks. Sure, it may look like the Millennium Falcon from afar, but when you drop it, all you are left with are the little pieces.

The one thing that the traditional internet cannot reproduce, is to cryptographically fuse (coalesce) building blocks into longer trust chains, which guarantee that input A leads to output I, via BCDEFGH. Ideally, you want to be able to coalesce this chain into a single operation, AI, with strong, mathematical guarantees that if you do A, then I will result. Using the Lego analogy, imagine snapping blocks together, and while you are doing that, they coalesce into an ever larger atomic object AI, without any cracks or failure points. That’s what’s really special about DeFi – the possibility of creating intricate multistep operations on-the-fly, without trust gaps in the resulting chain of operations. Very practically, an example of this would be to fuse atomic swaps AB, and BC, such that you now have a new atomic swap AC.

Please be careful with the Lego analogy, since it’s at odds with what’s actually novel about DeFi – which is probably better captured by the notion of coalescence, a (cryptographically) smooth whole emerging out of individual parts.


A privacy-preserving internet?

How a new generation of cryptographic techniques might allow people to transact in complete privacy.

The internet makes communication easier than ever before in human history. Scalable, low friction communication is not only about sending text messages to others but is central to all human activity. For example, marketplaces, both physical and digital, are coordination solutions that help buyers and sellers to efficiently discover one another. When it’s easy to communicate, it’s also easy to create markets for goods, services, and ideas. Today, about 1/2 of the earth’s population, some 4 billion people, use their phones to message others, learn, discover, consume digital content, and buy and sell everything from food to medicines to clothing.

So how is cryptography relevant to any of this?

There’s an obvious problem with communications networks – as they grow, they can quickly exceed the scale at which everyone knows (and trusts) everyone else. You might feel comfortable giving your neighbor some tomatoes in return for a verbal promise for some future fruit, but you hopefully will be more cautious with `spacecadet42` who just randomly messaged you on Craigslist. Scalable solutions to trust, identity, and security are therefore vital. This problem is equivalent to the classical key exchange problem encountered in symmetric cryptography – if a king wishes to securely communicate with a few other people, keys can certainly be exchanged by human couriers, but this approach quickly breaks down when millions or billions of people wish to securely communicate and transact. If n people wish to securely communicate, you need roughly n^2 keys. Likewise, if an enemy discovers your key and you wish to change it, having to rely on couriers or pigeons to distribute fresh keys is obviously not ideal.

Cryptography to the rescue, Part 1

Solutions to the key exchange problem were discovered in the 1970’s – first, in secret work by James H. Ellis. Soon thereafter, in 1976, Whitfield Diffie and Martin Hellman described the first practical asymmetric key crypto system, now known as Diffie–Hellman key exchange. Finally, in 1977, Ron RivestAdi Shamir and Leonard Adleman invented RSA, which offers both public key encryption and digital signatures. That’s what you are using right now to read this post, which is hosted on a server that uses SSL/TLS to create a secure channel between your browser and the server. Fundamentally, RSA and related cryptographic methods allow you to securely transact with banks, stores, universities, doctors, search engines, newspapers, and all the other mainstays of our digital lives.

Cryptography is not only good for solving scaling problems, but also has a long history of making entirely new things possible. Most obviously, cryptographic hashing (and ECC and digital signatures) allowed the double-spend problem to be solved, by creating immutable digital chains and a mechanism for distributed coalescence around one unique history of events, in this case, a noisy succession of peer-to-peer digital value transactions (aka Bitcoin).


As the internet becomes part of our daily lives, I’m sure we all have encountered situations that made us wonder. Here’s a really simple example – I recently posted a package at UPS, and several seconds after paying at the cash register, a message popped up on my iPhone encouraging me to use Fedex “for all my shipping needs”. UPS and Fedex are direct competitors in US shipping/logistics. Imagine all the things that needed to happen to make this one message on my iPhone possible – is my cell phone carrier selling my meter-resolution GPS location data, allowing Fedex to message me right after leaving the UPS store? Alternatively, is my bank selling credit card transaction data, allowing Fedex to see I had just paid for UPS shipping? Or, was the shopping mall I was in harvesting bluetooth packets from my phone to provide hyper-local targeted advertising? That’s only a trivial example, of course, but many of us are increasingly concerned about our data and how it’s being used.

A privacy <> service tradeoff?

Although data privacy and data use are receiving more attention all over the world, many of us take it for granted that we need to divulge information to receive relevant goods and services, or to be able to transact. If I like pistachio ice cream, I clearly need to tell people that, otherwise I’ll almost always get the wrong flavor. Important examples of this privacy <> service tradeoff can be found in finance, banking, healthcare, and education. To sell stocks on the stock market, it seems inescapable that you have to divulge the price at which you would sell your assets and what those assets are. Likewise, perhaps you are looking for a loan from a bank – to qualify for a loan, surely the lender needs all your financial information? Finally, when you visit a doctor, you take it for granted that you need to tell the doctor your symptoms to receive a diagnosis. After all, how else shall the doctor generate a diagnosis, other than by computing on your symptoms? This is where it gets really interesting. What if you could obtain digital goods and services, relevant to you, without revealing anything about yourself?

Cryptography to the rescue, Part 2

Here’s a partial answer. This example is from healthcare AI, but the underlying math is completely general. In Microsoft’s Cryptonet, leveled homomorphic encryption is used to (1) encrypt images at the source, (2) send those encrypted images to the cloud, (3) have the cloud computer classify the image, despite not being able to decrypt the image, and finally, (4) return an encrypted label to the person who initially encrypted the image. Put simply, only the person who initially encrypted the image is able to decrypt the output of the classifier. In the jargon of ‘privacy-preserving analytics’, the remote computer is an untrusted cloud worker able to perform useful computations without being able to see either the inputs or the results of all the work they are doing. It’s immediately clear why this could be useful in healthcare – you could use your phone to get a diagnosis from a cloud doctor without your (unencrypted) symptom data ever leaving the phone – moreover, the cloud doctor would have no idea what the diagnosis was.

This example only scrapes the surface of what can be done with new cryptographic techniques such as Fully Homomorphic Encryption (FHE) and Secure Multiparty Computation (SMC). These techniques can be used, for example, to privately match two people based on shared (or overlapping) attributes, which is of course the foundation of all classical financial markets and exchanges (leaving aside for the moment automated market makers which do not have traditional order books). If bids and asks can be cryptographically guaranteed to be private, and yet, buyers and sellers can still somehow discover one another, fundamentally new types of digital transactions with unique characteristics can be realized.

On a high level, the essential point is that the privacy <> services tradeoff, a fact of life throughout human history, has basically been eliminated, just like Bitcoin solved the double spend problem. In healthcare, there is no longer any reason to have to divulge your personal information, such as your medical symptoms, to get an accurate diagnosis. In finance, it’s now (cryptographically speaking) possible to trade without revealing the nature of your ask or bid, although suitable digital exchanges must first be constructed and deployed globally. Equivalent considerations apply broadly throughout the internet, not just for healthcare and finance, but essentially all matching operations across communications, content, and commerce.


Global problems like climate need global digital currencies

It’s Oct. 31, 2021 and the G20 climate summit just concluded. Based on initial assessments of the summit, little of substance has been accomplished. In contrast to the lack of political progress, atmospheric CO2 continues to rise and is now at 413 ppm, a new record despite the global economic slowdown due to COVID. It’s tempting to cast climate change as a purely scientific or technical challenge, to be ultimately resolved by more efficient solar cells or better batteries. However, even if energy technologies kept getting better, their global-scale adoption will require large investments in energy infrastructure, significant changes in consumer behavior, and, overall, a century-long effort (at least 2021 to 2121) to stabilize our climate.

The puzzling thing about all of this is that billions of parents, when asked what they wish for their children, have remarkably similar answers across the world – some combination of sufficient nutrition, health, and educational and economic opportunity. If this is the case, then why has progress on climate change been so slow? In my view, it’s because our financial systems are still constructed around 19th century notions that currencies and economic policies are there to benefit certain geographic regions (e.g. the US, Europe, or China) at the expense of other regions, rather than being purpose-built to tackle larger problems that affect us all. 

National currencies such as the US dollar or the Chinese Yuan are typically viewed through the lens of convenience – it certainly is easier to buy something from the grocery store with paper money as opposed to having to barter with, for example, chickens or potatoes that you have raised or grown. More importantly, national fiat currencies are also important strategic/political instruments that can be used to influence interest rates, employment, the outcome of elections, the ebb and flow of entire industries (like the US steel industry), and trade patterns with other countries (sometimes strangely-named ‘trade imbalances’).

At least for right now, we have multiple big global problems that affect us all, on the one hand, and on the other, numerous local fiat currencies focused on domestic agendas. Can we do better? A spark was lit on Oct. 31, 2008, precisely 13 years ago. Despite being initially labeled a computer science experiment by fringe anarchists, Bitcoin is now a global, distributed digital currency with a value of more than $1 Trillion; the overall value of cryptocurrencies now exceeds $2.4 Trillion. To put that into perspective, the most significant national climate investment proposal is the Biden administrations’ $36 billion for 2022. Certainly, Bitcoin is not perfect – most notably, its consensus mechanism is based on endless cycles of a trivial and deliberately wasteful and expensive calculation – but Bitcoin (and other digital currencies such as Ethereum) have three critical attributes of special relevance to global challenges. They are transparent, so everyone can monitor how they flow; they are immutable, so the entire history of each transaction is an unalterable part of our history; and the systems are global, distributed, and trustless, operating according to pre-set and unchanging laws written in computer code.

Objections to global initiatives frequently invoke questions about equality, transparency, fairness, and trust – you might be quite comfortable giving food to a neighbor you know needs it, but many of us probably think twice about supporting efforts run somewhere else, far away, by people whom we have never met, with murky financial structures, imperfect transparency, and ever-shifting goals and priorities. This is especially true when significant resources will need to flow from places/industries that disproportionally emit CO2 to places/industries that sequester CO2 or are most heavily impacted by climate change. 

Would you prefer to give 1% of your income to a traditional charity seeking to address climate change, or would you prefer to give the same amount to a global, transparent, distributed climate change effort run according to preconfigured laws written in computer code, with a 100 year time-horizon? Such an effort would require fundamental improvements to cryptocurrency infrastructure (the nuts and bolts) to address scaling, cost, and energy use of the current generation of distributed currencies. As Bitcoin and Ethereum show, global financial systems no longer need to be trust-rooted in geographically-defined entities but can instead emerge and run stably (13 years and counting) all without a clear geographic center, faithfully and transparently executing – in the case of Bitcoin – a preprogrammed logic and specific financial strategy. CO2 does not know or care where it is; perhaps national efforts to address climate change will welcome help from distributed financial systems that operate according to preprogrammed computer logic to address major global challenges. 


AI and the rise of zero-cost healthcare

In many AI/ML papers, classifiers are scored by well they do compared to human doctors. For example, a (made up) title could be “MyNextGenClassifier does 0.6% better at finding 2 mm brain bleeds than human radiologists at Memorial Sloan Kettering“. Let’s unpack that. The title implies that the goal is to do “better” than a human, where better is defined as higher classification accuracy. This is the kind of thinking that got IBM into trouble with their attempt to “revolutionize” cancer care. In their original take on cancer care, the notion was that their technology would serve as an adjunct to 12 world class human cancer doctors, and make sure that e.g. new therapies or drug combinations would not be missed.

Let’s think about this from a different angle. For code running on a silicon-based computer, there are dozens of potential optimization functions. Beyond accuracy relative to a human, there are also cost-per-diagnosis, energy efficiency, reliability, accessibility, stability over time, scalability, privacy, and ease of use. Unfortunately, considering the set of medical AI papers (of which there are somewhere between 25,000 to 75,000, depending on how you count), we have somehow navigated ourselves into a corner – the vast majority of these papers focus on accuracy, which is not really where Healthcare AI shines.

For something different, we could for example look at the energy-efficiency and climate impact of a hospital with 200 human doctors vs. a hospital with zero human doctors (and only nurses). This type of hospital would presumably also be more cost effective and better able to grow and shrink with real-time patient demand, such as during a pandemic. Similarly, we could ask about the hidden cost of untreated/undiagnosed conditions. Especially in communities of color, the US healthcare system struggles to provide suitable levels of care – patients might not have insurance, they may not trust their local providers, or there may be any one of many barriers that can make it hard to access care. Digital health classifiers and recommendation engines can offer convenience, 24/7 ease of access, and privacy guarantees that are hard to realize in a traditional medical setting.

The real power of digital health is not to be 0.6% better than a typical human doctor, but to provide entirely new capabilities that health systems built around human doctors fundamentally cannot. Most obviously, once a classifier has been trained, deployed, and is used to help 1 million people, it costs almost nothing to use the same classifier to help all 7.9 billion people on earth. Why not make the entire diagnosis step of healthcare all-digital (and free)? With a relatively modest investment, it is entirely conceivable to build (and open-source) classifiers for the top 10 human health conditions and make those available globally. The world’s computers run on open-source software – the world’s health diagnostics system should, too.


FeverIQ: A global deployment of secure multiparty computation

Healthcare involves the exchange of unsecured information between two people, right? After all, how could a doctor possibly help you to stay healthy, without knowing anything about you. But things are changing.

There are two major intersecting trends. First, computers double their compute performance every year or two and are beginning to rival and exceed human performance in multiple clinical specialties, such as radiology and dermatology. This allows us to broaden our views of who, or what, doctors are. Second, it’s possible to compute on encrypted data, such that only the person who generated the data can see the computation results.

When you combine those two things – powerful classifiers and ability to compute on encrypted data – you end up with something new. You can begin to imagine a world where healthcare is both affordable, costing fractions of a penny per diagnosis, and completely private. In the last few months, we’ve built the world’s largest deployment of Secure Health, in which computers work on encrypted data to give people useful insights, in this case, a personalized COVID risk estimate.

We’ve also decided to make the data we obtained from millions of people around the world available to scientists and doctors, as a starting point to further discovery and impact.

The preprint is out:

This is only possible because millions of people in 91 countries thought that this was a good idea, and took a leap of faith to share their symptoms and test results with the FeverIQ efforts, which uses Enya’s secure multiparty computation API to classify and learn without their data ever leaving their phone. Thank you, to each one of you.


CancerBase – first lessons has been up and running for a few months now. About 1000 people have signed up and many of them suggested at least one new feature. We are preparing to launch CancerBase 2.0 this winter, based on everything we have learned so far. Here’s just one example – dozens of people complained (nicely) that we downsampled their physical location on the map. We did this to ensure anonymity, which makes complete sense if you are approaching medical data as a scientist or a lawyer. However, some patients have a different perspective. Their point is that they are a real person with a real name and a real location, and they want everyone to know about them and their disease, and they want their dot on the CancerBase map to be right on their house. We added a checkbox to CancerBase so that everyone can now specify their personal mapping/geolocation preferences; since medical and other personal data belong to the patient, of course they should have complete control over how the data are used and displayed. It’s been amazing to work with everyone on CancerBase and we are growing quickly. Stay tuned for CancerBase 2.0, which will feature a common API and support several patient-centered applications.


Fast Global Sharing of Medical Data?

Why is it so hard to access medical data for science? Almost without exception, people with cancer are very open and eager to help. They are surprised about this problem, too – they assume that the data they give to medical centers are somehow broadly shared and accessible to the global research community.

In one study I was involved in, it took several years to work through the legal paperwork to access stored medical images, and even then, the images were subject to myriad constraints. If people can go to the moon, and 2.08 billion people on earth are active smartphone users, why are medical data frequently still stuck in, figuratively speaking, local libraries with only a limited selection of books?

The strange thing of course is that, fundamentally, medical data belong to the patient, and therefore, if a patient wants to share his or her information, they should find it easy to do so. The most telling conversation for me was a father with two kids. When asked about data sharing, he said said he could not care less about who saw his medical records; rather, it was much more important to him that as many scientists as possible had access to his data, so that his data would make the largest difference and hopefully reduce the chance of his kids having brain cancer, like he did, at some point in their lives. That made a lot of sense to me.

I still do not fully understand all the barriers to efficient data sharing in cancer biology, but I’m curious about standard web technologies that can help patients share what they wantwhen they want, and to whom they want. If a patient can share a movie, a picture, or a book within several seconds around the world, why is it sometimes still difficult for them to share their medical information?

For a while I thought the major problems had to do with the rules and regulations surrounding medical data, but that turns out not to be the case. The simplest way to start thinking about crowd-sharing of medical information is that millions of people around the world already crowd-share medical information. For example, women with breast cancer sometimes wear pink t-shirts to raise awareness, and they then circulate these pictures on social networks. That’s an example of someone sharing medical information – namely, their cancer diagnosis – in the form of a picture.

A few months ago, I started to look into web technologies that could potentially be used to help people share some of their medically-relevant information within 1 second. I chose the 1 second standard arbitrarily – it seemed like a reasonable number. Much below one second you run into various technical problems, but if you are willing to wait a few hundred milliseconds, the technologies are all already there: inexpensive, massively scalable, and globally deployed.

What if each cancer patient on earth had the ability to broadcast key pieces of information about their cancers around the world, in one second? 

If you are curious, here is the White House fact sheet announcing CancerBase, and here is a little bit more information about how we started out. The actual site is at It’s an experiment run by volunteers, many of whom are cancer patients, so bear with us, and if you can, help out!