The Internet Computer: Caffeine.ai CEO Dominic Williams on Unstoppable, Self-Writing Software
Dominic Williams, CEO of Caffeine AI and architect of the Internet Computer, discusses his vision for a 'sovereign cloud' where AI builds tamper-proof, unstoppable applications. The conversation explores how the Internet Computer's unique architecture enables self-writing software through AI, the challenges of AI alignment in autonomous systems, and the potential for decentralized computing to democratize application development.
- The Internet Computer represents a fundamental reimagining of cloud computing, creating tamper-proof and unstoppable applications through Byzantine fault-tolerant distributed computing
- Self-writing software paradigm could democratize application development by allowing non-technical users to create sophisticated apps through natural language prompts
- AI alignment challenges in autonomous systems may require ensemble approaches with multiple models checking each other's work to prevent misalignment
- The shift from developer-chosen tech stacks to end-user-chosen platforms could disrupt traditional cloud computing business models
- Orthogonal persistence, where programs and databases are unified, could significantly simplify backend development and improve AI coding efficiency
"The Internet computer is explicitly designed to make applications unstoppable. There are governance mechanisms that can, in extraordinary circumstances, disable problematic services... But the system's core promise is that apps will keep running regardless of who wants them stopped."
"The future is really a self writing cloud where AI forms the role of a kind of wish machine where you just say, look, I need this app. And it'll say to you, okay, here it is on a URL."
"98% plus of caffeine users are completely unaware that caffeine is creating their apps on a network. They're probably happy that their app is secure and it's resilient and so on, but they're unaware that they're building on the Internet computer."
"If you can maximize the abstraction of backend software, you fuel the modeling power of AI. It essentially means not only does this sort of ultimate layer of abstraction where you completely remove the complexity of persisting data from the backend."
"The answer is to have ensembles of models where the agents are based on different LLMs and have different instructions and have them verify the work of each other. And if one of the models goes crazy and tries to do a backdoor, maybe the code auditing agent will discover that."
Hello and welcome back to the Cognitive Revolution. Today my guest is Dominic Williams, President and Chief Scientist of the DFinity foundation and CEO of Caffeine AI. Dominic is the chief architect behind the Internet Computer, an extremely ambitious and R and D intensive project that he's been building for nearly a decade. The vision is to create what he calls the Sovereign cloud, where AI builds the web, a globally distributed computing platform where applications are mathematically guaranteed to be tamper proof, unstoppable and free from traditional cybersecurity vulnerabilities. The technical scope of this project is genuinely staggering. From a governance system called the Network Nervous System, an autonomous protocol that orchestrates the entire network, to a custom programming language called Motoko, designed specifically for AI to write, to a data storage model known as orthogonal persistence, where data lives within the program instead of in a separate database. The Internet Computer represents a ground up reimagining of cloud computing, and we spend a lot of time unpacking how it all works. One major challenge, of course, is that requiring developers to grok so many new paradigms makes mass adoption extremely difficult. But Dominic is betting that the rise of AI coding fundamentally changes this equation. With Caffeine, which listeners will immediately recognize as a vibe coding platform, but in this case built on top of the Internet computer, users can simply describe the application they want in natural language, and AI, as Dominic puts it, grants their wish, handling all of the underlying complexity. As with seemingly all projects that attempt to get the best from crypto and AI simultaneously, this is still early days, but initial results are intriguing. Dominic boasts that more people are now building on the Internet computer than on the entire rest of the Web3 ecosystem combined, and points to services like OpenChat, a messaging platform with tens of thousands of users that has stored crypto assets internally for years without a single security incident. This brings us to what I found the most thought provoking part of this conversation. The Internet Computer is explicitly designed to make applications unstoppable. There are governance mechanisms that can, in extraordinary circumstances, disable problematic services. And Dominic shares a striking story about taking down an Al Qaeda portal in the network's early days. But the system's core promise is that apps will keep running regardless of who wants them stopped. And in the context of AI safety, this is a natural Rorschach test. If your primary worry is loss of control, then the prospect of autonomous systems running on infrastructure designed to be unstoppable is potentially terrifying. But on the other hand, if your primary worry is the concentration of power, and given the immense capital requirements for frontier AI development these days, plus the rising trend toward government partnerships, that worry is definitely on the rise. Then this architecture offers a potentially vital alternative. Either way, while Dominic doesn't claim to have all the answers, his thoughts on how we might effectively govern an ecosystem of increasingly autonomous AI systems, including his idea that consensus among an ensemble of AI models might be the best way to verify both the integrity of AI agents and the safety of their actions. Which of course is very similar to how much of the crypto ecosystem works today. Should be of interest to all. And so I hope you enjoy this deep dive into the architecture of the Internet computer and the future of self writing software with Dfinity's Dominic Williams.
0:00
Dominic Williams, President of the DFinity foundation and CEO of Caffeine AI welcome to the cognitive revolution.
3:37
Thank you for having me, Nathan.
3:45
So we've got a lot to talk about. You started this nonprofit about 10 years ago now, if I understand correctly, to explore the limits of decentralized computing with a vision of the Internet computer. Obviously, AI is now intersecting with everything and it's become a big part of your work as well. And we'll get through all of it. But I thought it would be great to just kind of take me back to the beginning and give us a little bit of kind of your motivation philosophy vision for the Internet computer. You know, I think people have heard that concept a little bit associated with like Ethereum. We did an episode not too long ago with near the Near Protocol and you know, there's some overlap there as well. But what is your vision for the Internet computer?
3:47
Well, you know, my perspective is quite technical at this point. I've been writing software for 45 years to give you an idea of why. And back in sort of 2014, I was pioneering the application of kind of sort of classical distributed computing techniques in the blockchain setting. And I was involved with the early Ethereum project. And then there's this concept that came up called World Computer. And I saw World Computer a bit differently to everyone else. When I looked at Ethereum and early smart contract technology, I said, look, these smart contracts are really a new kind of software, a network software that has these wonderful properties. So they're tamper proof, which means they're guaranteed to run. The logic is written against their correct data. They're unstoppable in the sense they're guaranteed to run if you need to. You can make them autonomous and they run within a kind of serverless environment where it's not just logic but also data that's Present, which contrasts with something like Amazon Web Services Lambda, where you can run serverless logic, but you call out to a database to acquire data to process. So I felt like this had potential as a new kind of cloud. At the time, people didn't believe that the necessary science could be developed to make this vision possible, like that you could create a cloud environment from a secure network. It seemed improbable to people and nonetheless I wasn't deterred. I really thought this is something that could benefit the world enormously and that using this approach we could extend the Internet such that as well as connecting people, it could also provide a serverless cloud environment people could build on. And it wouldn't be best for every job, but for a broad range of apps it would be fantastic because when you build them there, they could run securely without traditional cybersecurity protections, for example. And today we've got AT services with many thousands of users that have run for years without any cybersecurity protections and without any security incidents. The purpose really was to solve sort of seminal problems in the field of tech related to things like security, resilience, but also productivity. I wanted to provide the world with a new kind of serverless environment where there was much greater abstraction that would reduce the cost of developing and maintaining software. And you can probably see how some of these properties flow directly in the direction of AI that's building and updating applications for us in the self writing cloud paradigm. And at some point we've been working for years at scale. We have been the largest R and D operation in the crypto, if you want to call it the crypto industry. Albeit we're a bit different to most projects in the crypto industry. We're not focused on tokens and things like that. We're focused on delivering tech utility. We've been the largest operation in the industry since R and D operation in the industry since the end of 2017. So a huge amount of work, hundreds of millions of dollars have been spent at this stage developing this thing called Internet computer protocol that creates the Internet computer. And at some point we realized that the future is really a self writing cloud where AI forms the role of a kind of wish machine where you just say, look, I need this app. And it'll say to you, okay, here it is on a URL. And then you'll say, oh, I need to update my app. And AI will just say, okay, refresh your URL. And in that self writing future, it's essential that the apps that the wish machine is giving people are immune to traditional forms of cyber attack. Because the whole point is that anyone will be able to create and update sophisticated online functionality and then they're not going to have their own security team to protect the app, they're not going to have their own systems administration team to make sure it keeps running. And there's a whole load of these kind of really important things that the sort of back end of a self writing cloud provider platform has to do. So the front end is the AI that grants the wishes. The back end is what the AI's building on really need to be able to host apps that are tamper proof, which means they're guaranteed to run their written logic against their correct data. They're unstoppable, which means that they're guaranteed to run and the data's going to be there. And there are other guarantees too, some of which are more subtle. If the AI makes a mistake, hallucinates with a production app are the guardrails that can give you a strong guarantee that no data will be lost during the update by AI. And there are other important ones too, such as the apps are sovereign because otherwise the paradigm reduces to you talk to the wish machine and it creates your app inside a SaaS service where you're stuck forever. And we think that's the wrong model.
4:34
Yeah, there's a lot there to unpack. And these properties that you list, tamper proof, unstoppable, autonomous, sovereign, they're right at the intersection of, I think, a lot of people's fears and hopes for what AI can ultimately mature into. I guess just one more beat on your philosophy. So much of the crypto space obviously was like trying to create systems that are not under the traditional jurisdiction of national governments. Right. The idea is we don't necessarily trust these governments to make good decisions or to be operating in the people's best interest broadly. And so to create a technology that they can't shut down with a dictate is obviously a major kind of counter move in the balance of power between governments and the people, the population, broadly. So I assume that was like part of your motivation or. Certainly you tell me. But then I'm also really interested in how that has evolved in your mind. Because I talk to people all the time who are like, I'm really worried about AI becoming unstoppable, becoming autonomous, and I don't know what it's going to do. And I worry that we're not going to be able to control it and that it might do bad things to us. And then I Also talk to other people. And I think what's tough about this is they both make really compelling arguments. And other people are like, we're going to have unbelievable concentration of power. If we don't have some way to run AI in a decentralized power to the people sort of way. We might end up in a world where a handful of companies or just a couple, or even just one government kind of control the most important levers of power and there's really no checks on them. So what's your kind of background, philosophy and evolution to the present day on that dimension?
10:11
I certainly gravitate towards the idea that open systems can be much better for humanity. And my inspiration for the Internet computer was in large part the Internet itself. The Internet is a decentralized network. Nobody owns it. Anybody can create their own subnet and even sell access in the role of an isp. And this has created enormous freedoms for people, enormous worldwide economic growth. The world's so much better for the Internet. The Internet is a decentralized network. It has its own economic model where people pay for peering relationships. For example, you create a subnet at home with your WI fi router and then you pay your ISP to peer your subnet with theirs. And they probably pay some backbone providers to peer with them, like Level 3 and Global Crossing and Cogen and so on. So it all works in a wonderful way. And nobody would want to go back to a situation where we just had AOL and CompuServe or Microsoft got its way and had the information superhighway that would be totally dystopian. So I think for sure there should be a compute infrastructure people can build on that is sovereign in a sense, that is open and so on. That doesn't mean that there isn't a role for big tech and specialized clouds and so on. I think it can coexist. And in fact, the Internet computer project generally is entering a new phase and people will be surprised to think in 2026 to see it integrating with big tech and sometimes or oftentimes in fact running over big tech clouds that's in the works. These are different paradigms in that they both have their advantages and disadvantages. And the Internet computer does bring a lot of unique advantages that cannot be easily imitated. If you want to create a tamper proof stack, the only known way of doing that is to create a virtual execution environment. So the Internet computer cloud environment runs inside a horizontally scalable execution environment which actually resides inside a secure network protocol. And it derives its properties from the mathematical properties of the protocol. So as far as I'm aware at this stage, there's no other way of creating a tamper proof unstoppable stack. And that's when you boil down blockchain that that's what it's all about. Creating compute stacks that are tamp proof, unstoppable, if you want them to be, they can be autonomous and so on. The difference with the Internet computer is it was designed from first principles, so there's nothing in the world today that remotely resembles the Internet computer. And so it really can play the role of cloud. There are some limitations. For example, you can actually run AI on the network, but only really neural networks. If you want to do facial recognition, you can do that. You can run that on the network. You couldn't run a frontier model on the Internet computer. Talking about caffeine. Although caffeine is building apps on the Internet computer, the ensemble of AI that's doing the building isn't on the Internet computer itself.
12:09
Gotcha. Okay, good to know. I had a question on that and I'll come back to it and dig in on it a little bit more. When you talk about like tamper proof, does this ultimately kind of rest on.
15:14
A sort of formal verification process?
15:29
I just did an episode not too long ago, and I'm quite new to this area too, on the use of formal methods at, for example, Amazon, where they've done a lot with AWS to ensure and literally prove that you're not going to be able to get outside your container and into your digital neighbor's container within their infrastructure. So is it essentially a similar kind of technique or what is the basis on which that tamper proof property and claim ultimately rests?
15:31
It's using a different approach. So what Amazon's doing there is running these containers in an insecure environment. But verifying the software inside the container doesn't do anything naughty. So they're pre validating the software to make sure it doesn't do anything naughty and then only running it if so the Internet computer, you can upload anything you like to Internet Computer and you won't be able to break out of the environment and affect the network and other software that's hosted there. And that's because the easiest way of understanding it is, number one, what's a virtual execution environment? When you go to a, you use your web browser to look at a website, that website has a whole bunch of JavaScript, but there's no way the JavaScript can break out of the web page. You're looking at and get onto your machine, it lives in a sandbox. And all of the serverless code on the Internet computer also lives in this giant virtual execution environment, which is a kind of sandbox. And then the Internet computer is replicating computing data across nodes using a mathematical protocol that protects it against what we call byzantine faults on individual nodes. Even if some of these nodes fall under the control of Dr. Evil, if you like, and Dr. Evil can arbitrarily modify the data, change, subvert the protocol in any way they see fit, and so on, they still can't prevent the cloud functioning completely correctly. If you had software running on the Internet computer, say for example, it was an e commerce website or something like that, and some of the underlying hardware that creates the Internet computer became compromised and fell under the control of Dr. Evil, Dr. Evil still couldn't subvert the functioning of your e commerce website. And for example, in a sort of next generation e commerce website where you've been accepting say crypto payments as well as credit card payments, and you've got a whole stash of crypto inside the administration console of your e Commerce website, Dr. Evil Can't Steal it. He can't interrupt the correct functioning of your website, he can't change its logic and behavior. You can't corrupt the data, you can't steal digital assets that are inside of it. And this, this is made possible by a sort of branch of computing called Byzantine fault tolerant distributed computing. And byzantine just means arbitrary fault. So once you have a protocol with this property, it can withstand arbitrary faults. An arbitrary fault just means basically Dr. Evil can take control of some of the underlying hardware and just do anything they like, and it still doesn't break the actual platform. And that's why it's possible to run the platform over semi trusted parties. And the properties of being the tamper proof property derives from that math. For the average user, whether that's consumer or enterprise, all they know is that they've created this app that's on the Internet computer and they don't need a security team to protect it. You don't need a firewall, you don't need anti malware, et cetera, and you don't need a systems administration team either. Like it's guaranteed to run. Now the logic of the app could be bad. There's nothing that the Internet computer can do about that. But the Internet computer can guarantee that your app's written logic will run and only your app's written logic will run and it will run against your app's correct data. And the modifications of that data will be correct.
16:04
Hey, we'll continue our interview in a.
19:38
Moment after a word from our Sponsors.
19:40
Want to accelerate software development by 500% meet Blitzi, the only autonomous code generation platform with infinite code context purpose built for large complex enterprise scale code bases. While other AI coding tools provide snippets of code and struggle with context, Blitzy ingests millions of lines of code and orchestrates thousands of agents that reason for hours to map every line level dependency with a complete contextual understanding of your code base. Blitzi is ready to be deployed at the beginning of every sprint, creating a bespoke agent plan and then autonomously generating enterprise grade premium quality code grounded in a deep understanding of your existing code base services and standards. Blitzi's orchestration layer of cooperative agents thinks for hours to days autonomously planning, building, improving and validating code. It executes spec and test driven development done at the speed of compute. The platform completes more than 80% of the work autonomously, typically weeks to months of work, while providing a clear action plan for the remaining human development used for both large scale feature additions and modernization work. Blitzi is the secret weapon for Fortune 500 companies globally, unlocking 5x engineering velocity and delivering months of engineering work in a matter of days. You can hear directly about blitzi from other Fortune 500 ctos on the modern CTO or CIO classified podcasts. Or meet directly with the Blitzi team by visiting blitzi.com that's B L I T Z-Y.com schedule a meeting with their AI Solutions consultants to discuss enabling an AI native SDLC in your organization to Today you're a developer who wants to innovate. Instead you're stuck fixing bottlenecks and fighting legacy code. MongoDB can help. It's a flexible, unified platform that's built for developers by developers. MongoDB is acid compliant enterprise ready with the capabilities you need to ship AI apps fast. That's why so many of the Fortune 500 trust MongoDB with their most critical workloads. Ready to think outside rows and columns? Start building@mongodb.com build.
19:42
That's mongodb.com build. So let me understand this or help me understand this a little bit better. If I take Bitcoin, for example, as a point of comparison, there's like a byzantine tolerance there too, right where I have to if I want to take over the bitcoin network, I need to get to greater than 50% control to basically re establish a new consensus. And if I Can't do that. Then I can't take it over because the majority will continue to agree on consensus and everybody will ignore me. Of course, that's famously based on proof of work. I believe that the process you're running is some variation on proof of stake, although I'm very far from a proof of stake expert. So correct me on that.
22:04
It's really dangerous to start with traditional blockchains and try and get to the Internet computer because there are so many differences. What is true is I got into crypto through Bitcoin in 2013. I spent a lot of time trying to unpack Satoshi's reasoning and how the Bitcoin network functions. And I developed as an alternative theoretical framework for understanding it. And the work progressed from there. The Internet Computer was under development for years before it even was released and developments continued production. And at this point the actual ICP Internet Computer Protocol is made orders of magnitude more complicated and relies on mathematics. One way of understanding the relation between the Internet computer and Bitcoin is that we would really say that Bitcoin's a kind of a special case of an early cloud credit by a network and that all where the logic that's the bitcoin ledger is hard coded, it's autonomous, and you can create the same kind of autonomous logic on the Internet computer if you want. Bitcoin is a kind of decentralized compute platform which has tamper proof unstoppable. But nonetheless it's just software that's kind of hard coded into the Bitcoin cloud if you like. And then when people make transactions and create unspent transaction outputs and things like that, you can configure Bitcoin scripts so you can run custom logic on Bitcoin too. The Internet computer is a very long way from early networks like Ethereum. And similarly it's a big misunderstanding that traditional blockchains can be on chain clouds that they can't. They're really just. That's really just specialized token databases. And the best way to understand them is thinking about them like that. And a transaction is like a signed bit of SQL that you're sending to the token database. And some are specialized to process much higher transaction throughputs like Solana. And it does that very successfully. But when someone says something's built on Solana, it's slightly misleading language. It's not built on Solana, it's built on probably Amazon Web Services and then just has a token on Solana. They're just token databases. Internet Computer is a whole different thing, it's a network that's designed to produce a new kind of cloud environment which hosts a new kind of serverless software. And that is what it turns out is very much ideal for AI to build on.
22:48
So how would you describe. Maybe the other way to come at it would be to. I was going to come at it from one way, which is Bitcoin, which is like the most compute intensive and most limited in terms of the programs that it can run. Then you've got. Ethereum is less resource intensive, less energy intensive and able to do more elaborate programs. But still famously, I don't know, they say that all of Ethereum is a couple servers or something, right? Like it's, it's still very small in terms of how much.
25:25
Ethereum doesn't scale and it's like a pocket calculator. Even Solana Smart contracts are just a special case of network software that is hosted by and runs on the network. But the term smart contract is appropriate because they're so computationally limited. All they can do is move a few numbers around essentially. Like you can use them to create a dex, a decentralized exchange, and that might be able to process a handful of transactions a second at the best, but they certainly can't run like an enterprise system or an AI model. Like it's just chalk and cheese. There's a million miles between a traditional blockchain and the Internet computer. And because of the architectures and the design direction they've taken, they'll never ever be able to be the Internet computer or do something similar rather.
25:56
So I guess one question is like maybe let's sketch out kind of a Pareto frontier. Bitcoin is at one extreme of were relying in the most fundamental way on math, right? You had to do this difficult computation and it was hard to do, easy to verify, and that's where the security ultimately rests. But you're so limited in what you can do. And then on the other end you've got commercial clouds where you can scale anything out and do whatever you want almost without limit. But you have these sort of. You're beholden to the cloud provider to continue to serve your business and you've got know your customer constraints and things that people don't always want to subject themselves to. It seems like you're aiming to be as close as possible to a commercial cloud in terms of the scalability, like how much compute, how much data storage, all these sorts of things. And yet obviously you've got to do that in a way where the, like, the Ratio of overhead to complexity of the app on Bitcoin is like extreme, right? The ratio of overhead to complexity of the app on AWS is relatively minimal. How should we think about the ratio of the sort of infrastructure overhead to the complexity and scalability of what you can do on the Internet computer? Sketch out that curve and then maybe tell me, like, how you got past Ethereum and to the point where you're at.
26:47
Web3 is a difficult starting point to understand the Internet computer, because a lot of Web3 is really about narratives. The token is the product. And sometimes the technology isn't all that sophisticated. Thinking about byzantine fault tolerant protocols and so on. In the end they derive their security by replicating computing data across independent parties. But frankly, a lot of it is like when you hear about Ethereum Secure because we replicate our data and computer a million times, is that really necessary? How much extra security and resilience do you get by doing that? The reality is not much beyond a point. So the Internet computer uses something called deterministic decentralization, where all of the people called node providers that run this special node hardware register themselves. They do a kind of KYC in public. And the network combines nodes that are from different node providers, obviously. Because if you're creating what we call a subnet, which is like a mini blockchain that integrates with the other mini blockchains to create one environment, if the other nodes in the subnet are all run by the same company, the math wouldn't work. The company could do what they liked. So first of all, it makes sure that the node providers are different, make sure that the nodes run in different data centers, different physical data centers. It makes sure by default that those data centers are in different geographies, and it makes sure those data centers are in different jurisdictions. That's a process called deterministic decentralization. It's very different to what traditional blockchains do. We just have lots and lots of anonymous validators, most of which run on cloud and no one knows who run them. Oftentimes you'll look at a blockchain like Ethereum, they'll say, well, you've got 500,000 validators that all replicate the same computing data, which of course is hideously inefficient. And this makes it very secure until you realize that large numbers of these validators, and obviously the voting powers are related to the state. But in that model. But large numbers of these validators behind the scenes are run by the same whales. You just can't see that because there's no, they're anonymous. Bitcoin's great. Like it's possible. Like, I forget, you've got these mining pools which pool mining parrots possible for two or three of these mining pools once only two of them to collaborate to break the whole network. By comparison, the Internet computer takes a much more nuanced approach where it's creating these subnets by combining nodes and it looks at the node provider, it looks at the data center that the machinery is installed in, it looks at the geography where the data center exists and the jurisdiction. And by doing that, it's able to create security and resilience with much less replication. And furthermore, it recognizes that all security exists on a cost curve. If you've got a subnet within the overall network, like the Internet computer, subnets are transparent within the overall network. But that's how it scales by credit subnets. If you've got a subnet that's for example, custodying hundreds of millions of dollars worth of Bitcoin, you probably want to have more nodes than if you have a subnet that is just hosting basic business apps. Currently, all the sovereign hardware in the Internet computer network runs the protocol within a tee. A trusted execution environment actually uses SEV smp, which is an AMD technology. So even if the node provider were to open their node machines, they'd just find encrypted bytes. That'll be a bit different when there's a new thing called cloud engines coming and people will be able to run them over big tech clouds, but the market will decide what people want. At the moment though, it's just sovereign hardware and everything is running inside a tee. So point being, you get down to it, it's just a different kind of way of looking at the world. In the end, networks like Bitcoin, Ethereum and Solana are all about the token. It's all about tokenization. The product is the token. And all they're aiming to do is create defi meme coin platforms, NFT platforms, that kind of thing, where lots of trading of these digital assets takes place. Circling back to caffeine, people are building on the Internet computer because that's a way to get great results. I'd say 98% plus of caffeine users are completely unaware that caffeine is creating their apps on a network. They're probably happy that their app is secure and it's resilient and so on, but they're unaware that they're building on the Internet computer. They're using caffeine because it delivers utility to them, there's not a speculative dimension, there's no token involved. They're just doing it because the wish machine grants their wishes and creates and updates their wonderful apps. And those apps are secure and updates don't lose data and things like that. So when we think about the target market for the Internet computer now as we sort of very much just look at the mass market, whereas Bitcoin, Ethereum and Solana, you know, targeting participants in the Web3 market who are interested in token speculation basically.
28:16
Hey, we'll continue our interview in a.
33:26
Moment after a word from our sponsors.
33:27
Your IT team wastes half their day on repetitive tickets, password resets, access requests, onboarding, all pulling them away from meaningful work. With Serval, you can cut Help Desk tickets by more than 50% while legacy players are bolting AI onto decades old systems. Serval allows your IT team to describe what they need in plain English and then writes automations in seconds. As someone who does AI consulting for a number of different companies, I've seen firsthand how painful and costly manual provisioning can be. It often takes a week or more before I can start actual work. If only the companies I work with were using servl, I'd be productive from day one. Servil powers the fastest growing companies in the world like Perplexity, Verkada, Merkore and Clay. And Serval guarantees 50% help desk automation by week four of your free pilot. So get your team out of the help desk and back to the work they enjoy. Book your free pilot@servol.com cognitive that's S E R-V A L.com C cognitive the worst thing about automation is how often it breaks. You build a structured workflow, carefully map every field from step to step, and it works in testing. But when real data hits or something unexpected happens, the whole thing fails. What started as a time saver is now a fire you have to put out. Tasklet is different. It's an AI agent that runs 24.
33:30
7.
35:00
Just describe what you want in plain English, send a daily briefing, triage support, emails, or update your CRM. And whatever it is, Tasklit figures out how to make it happen. Tasklit connects to more than 3,000 business tools out of the box, plus any API or MCP server. It can even use a computer to handle anything that can't be done programmatically. Unlike ChatGPT, Tasklit actually does the work for you. And unlike traditional automation software, it just works. No flowcharts, no tedious setup, no knowledge silos where only one person Understands how it works. Listen to my full interview with Tasklit founder and CEO Andrew Lee. Try Tasklet for free at Tasklet AI and use code COGREV to get 50% off your first month of any paid plan. That's code COGREVASKLET AI.
35:00
So it's interesting that you say most people don't even know, because I was gonna ask. It still intuitively feels like there would be more replication overhead with a structure like this versus a commercial cloud. When I think about, like, why does Amazon. Why do I trust Amazon? They're going to do a good job and they hopefully have good systems in place to not have things blow up and also not have people sabotage their own systems. But one problem they don't have is that no region of AWS is going to decide, you know what? I'm out. Whereas it seems like with the structure that you have with the Internet computer, your node providers are all free to go at any time, right? Or at least roughly speaking. So how can they.
35:50
How do.
36:32
If I'm running an app on the system, how do I know? Like, you have to replicate my data across, like multiple node providers at a minimum. Right? And then I would start to ask paranoid questions like, okay, sure, so one of those node providers goes away, I'm fine. What if two go away? Like, how many times am I replicated? What if three go away? How many go away before I start to have problems? And does that create overhead relative to aws?
36:32
Again, it just doesn't work like a normal blockchain. If you're a node provider, it's not proof of stake. So to participate, you first of all register with the network, with the network's governance system, called the network nervous system, which is fully autonomous, so that actually administers and orchestrates the entire network. So it's like ICANN for the Internet, but it's fully autonomous and very sophisticated thing. So you go, you register, you get a node provider id, and then you will have to get these node machines. Typically you just get them built to order because there are various people that will build them too. Current spec is gen 2. And then you'll install those node machines in a data center or data centers, then you'll have to register those node machines and they go into the pool of the network and so on. So the network, once you're allowed to add nodes, because obviously the network wants to manage the available capacity, there's no point having a million nodes if it's not being used. Once you've got nodes, the network will pay you in Constant fiat terms, you will get money that covers your hosting cost, the capital depreciation and so on, with room for, we know, with a multiplier that gives you profit. So there'd be no reason for you just to switch it off because it would be profitable. And you're not subject to the volatility of a token price or anything like that. You're just getting paid in constant terms. And so there's no reason why you would switch your nodes off. It would be pointless. And if you were going to do that, you could decommission them. But anyway, the network is fault tolerant. So as soon as, if somebody did just arbitrarily turn their nodes off, the network is organized in such a way that this would have no negative effect on it whatsoever. And the network nervous system which orchestrates the network would just. There's a pool of spare nodes would just assign one of the spare nodes to the subnet that has a space, simple as that. And that new node would catch up with the subnet and become like an active node. So in practice, this isn't something that could happen because of the way it's designed. So you don't have to worry about that when you're building on the Internet computer. The Internet computer has never had any downtime. Nobody building on it has ever been hacked through some kind of traditional cybersecurity hack. It's extremely reliable. Now, the other interesting point you raised is, doesn't this replication cost a lot of money? And what I can tell you is that I believe that this architecture is actually much more efficient than traditional tech with respect to replication. So the Internet computer uses the replication of computer data in an intelligent way to, to derive properties like making the platform and hosted apps tap proof, unstoppable if you want, autonomous and things like that. But it's a kind of like edge. It's a mixture, it's like a symmetric. Each subnet is a symmetric cluster, if you like, which is fault tolerant. But it's also, you're creating something that looks like a centralized compute platform that runs entirely on the edge. Right. So if you. One of the new technologies coming is called cloud engines, which enables people to create their own subnet. And within the, under the auspices of the network nervous system, you can select nodes wherever you like, as long as these rules, deterministic decentralization rules remain in force. And for example, like you could say, oh, a lot of our user base is in Asia, so I'm going to add more nodes in Asia. And that means that users can gain access to this single globally consistent state and computer results locally and get very good performance. Now, with respect to what does this mean for cost? Actually, traditional tech involves a huge amount of replication. So think about a database. If you want to make a database resilient, probably you're going to run a master slave configuration. You've got a master and you're going to have several slaves. Data is obviously replicated between the master and slaves. Every slave has a complete copy of the data on the master. That database will have an event log and the event log will have a copy of the data of transactions that are taking place, including relevant data. There's an index file and a data file, and the index file replicates data that's in the data file. When you get down to it, there's a lot of replication in the traditional tech stacks. Internet computer has variable replication subject to deterministic decentralization, as I mentioned, and security is on a cost curve. I think for this year there's a major pivot into mainstream cloud computing. I think the magic replication number in that realm is going to be seven. These cloud engines will replicate compute and data seven times. They may increase that for CDN like purposes, to scale queries and things like that. But I think the default for most enterprise Systems will be 7. I think that compares very favorably to traditional tech. The difference is traditional tech does all this replication in a very ad hoc way that doesn't provide any sort of seminal benefits. The Internet computer does replication in a way that gives you these properties of being tamper proof, unstoppable and so on. And those things are very valuable. And actually these systems can coexist side by side. I think one of the other things that's coming this year is that the Internet computer will run over big tech clouds. And I think you'll see that big tech clouds promote these things called cloud engines. For example, you'll be able to, if that's what you want to do, you'll be able to run on Amazon in a serverless way, but be immune to Amazon Web Services data center failures. So for example, I think the last outage to Amazon data centers failed. But if you had a cloud engine replicated where the underlying nodes were running in different Amazon data centers, seven different Amazon data centers, you'd continue running without a hitch when Amazon had that last outage. So I think there's a lot of, we're going to see a lot of demand for that this year. But the additional benefit is that environment is exactly what you need when you've got AI, gigantic AI, basically playing the role of a fully automated tech team. Because the whole thing with self writing is you just tell the AI what you need, you instruct it, it's a wish machine. You can instruct it in natural language over chat, you can upload requirements documents and so on. And it just says, here you are, I've created for you, here's a URL and you can start using that and you can put data into the app, but you can continue updating it safely in production. You can tell the AI, hey, please change the way this works or add that feature and it'll just say refresh the URL and there will be the changes you asked for. But that iterative process of improving what you've got in production is safe. You get a guarantee from the platform that upgrades and the sort of the migrations are better, if you like that they're involved, will never cause data loss. And so in actual fact, we look at caffeine, there's a whole lot of other technologies. So there's a language called Motoko, which is the first language that's ever been developed specifically for use by AI. And it does a lot of kind of cool things. It increases abstraction, which kind of in a way that fuels the modeling power of AI. It has this thing called orthogonal persistence, where the program is the database itself. So traditional tech stack, you've got the program and you've got the database, right? And your logic is constantly marshaling data in and out of a database on the Internet computer. It's almost like your code runs in persistent memory, if that makes sense. So if you go to caffeine and build an app and then look at the backend Motoko files, you'll notice there's no database involved, there are no files involved. It's just pure programming abstractions and the data lives in the logic. This is actually a huge advance and one of the key purposes of the Internet computer. And then that functionality which turns out fuels the modeling power of AI, we lent into that. So basically, Motoko ended up moving into caffeine and then the Motoko language team and Caffeine's AI team work hand in glove together. It's a very close collaboration and they're constantly improving the language, making it better for purpose, and then retraining the AI agent that writes the backend.
36:56
So I understand the relationship between the node providers and the network as a whole is a relatively straightforward commercial one, where they provide resources, they get paid to provide resources, and it's not they don't have a proof of stake or anything like too wonky.
45:32
And by the way, it's simple. These node providers have to buy these machines. Gen 2 machines are expensive. They cost about 20 grand actually, maybe even more now because the price of memory is going up thanks to the AI boom. And they typically get sign up for hosting relationships with data centers. They rent racks and so on. If they're not performing for some reason, the network slashes them. So the network is monitoring the performance of all the nodes. And if it finds nodes that for example, are falling behind or for whatever reason, or offline or not functioning properly, it can actually knock them off the network.
45:52
Is there anything that we should know about the requirements of those nodes that is particularly consequentially different from my standard computers that I might go buy or rent?
46:29
No, totally. So for example, in the early days of Google and still now, they quickly realized that they get better performance and better bang for their buck if they created their own servers. And so the Internet computer takes the same approach. There's no need. For example, like if you spec a server machine, typically in normal enterprise usage, it'll have something called a RAID array. You have an array of disks which you can see there's the lights flashing on the front of a blade server, right? And the reason you use a RAID array is that if one of the disks fails, because the data has been replicated across the different disks, it keeps on working. Your storage system keeps on working. So if you think about the Internet computer though, that's not needed because the network is designed specifically so that if a node fails or nodes fail, the network keeps on running and all of the apps that it hosts keep them running without a hitch. For example, there's no need for Internet computer node machines to have a RAID array. You can even get away with a second redundant power supply, right? Because the redundancy is in the network. And however, there's a focus on memory. They have a lot of memory and some of it is non volatile RAM and things like that. So Gentoo node machines are designed specifically for purpose. And also remember that you can only combine nodes in a subnet that have the same specification, otherwise you some might fall behind, right? So subnets are essentially symmetric clusters for compute. And it's important that all of the participants in that symmetric compute have the same hardware specs. The way that's been solved is people have proposed node machine specifications to the network nervous system and then node providers just built to that spec and so they over index on Some expensive things like non volatile RAM and otherwise don't do without things like reliability features like RAID arrays and backup power adapters and things like that. And that's how it's worked so far. But the big change coming in 26 this year is that the people will be able to create their own node specifications and group together in associations. And it's more people will be able to create a cloud engine and actually go and sell that to enterprise themselves. And that cloud engine will use their node provider associations nodes and that's why they'll be able to define their own node machine specifications. And indeed it'll be possible to create these cloud engines that run over big tech clouds. So instead of using sovereign hardware as it's all today it's all sovereign hardware, this year you're going to see the Internet computer running over big tech clouds too, cloud on cloud. And we think it's going to be hugely popular because people will be able to say, for example, you're like a long time Amazon customer, you probably want to continue being feeling that Amazon's providing your compute capacity and you'll be able to create a cloud engine over Amazon's different data centers. And now you'll be able to create apps from this sort of super productive serverless code that is tamper proof. So you don't need traditional cyber security protections, it's immune to traditional cybersecurity attacks, it's unstoppable, it's guaranteed to run. There's no backdoor autonomy means in the, in the scope of enterprise systems because there's no backdoor. You can use some kind of governance system so that responsibility for upgrading your app for example is split amongst multiple people. It's of course web3 native. So if you want to process tokens on any blockchain you can. I think in the future the people are going to use these things to create e commerce websites that can not only accept credit card payments but also stablecoins and things like that. And yeah, I said that I think is going to prove to be really popular.
46:43
So that helps me understand how I don't have to worry about nodes going away on me too much. But then it seems, and I know the word trust is like so overloaded in these contexts, but it seems like I as somebody who wants to deploy an app on the Internet computer then I have to ultimately put a lot of trust into the network nervous system. So you said that is on WhatsApp.
50:38
No, sure that's right. A network nervous system, if it wanted to, could push Upgrades to the ICP protocol that caused every node to delete its own data, so all the data on the Internet computer would disappear in a puff of smoke.
51:03
So how is that secured? You said that it's autonomous. So now we get into the decentralized. There's got to be some sort of consensus mechanism or what grounds that out to where I know that it's going to do what it's supposed to do.
51:16
Firstly, autonomous, I think is also going to be a big outside of the Web3 ecosystem. Within the enterprise realm, it allows you to divide responsibility between multiple parties. So if you think about enterprise hacks, oftentimes they're caused by an insider. So you get a disgruntled employee who posts a username and password on the 4chan forum, something like that. So autonomy within the enterprise realm allows you to prevent that kind of thing happening because you have code that cannot be directly controlled by an individual. There's no backdoor. Only like a governance system can which splits responsibility amongst multiple parties, can be used to update the software, say. So the Internet computer network is if you like administered, upgraded, orchestrated and governed in various other ways too by this thing called the network nervous system. And essentially a plays a role to. It's a bit like the ICANN of the Internet computer. But ICANN of course is an organization, it's a centralized entity. So the Internet computer is able to. Because the Internet exists and it's able to run this overlay network, it's able to go further. And the known nervous system is a very sophisticated thing and it's designed in such a way that it can decide on proposals that are submitted to it. It's in a secure way. So I think by now, I don't know, you have to go there and go to dashboard.in, computer.org and go to the proposals page. Look, in the last four and a half years since the network's been running, it's processed thousands and thousands of proposals. What I can tell you is it's never ever adopted a bad proposal. And that's important because actually those proposals are are executed by the network many times completely automatically. So for example, if you propose an upgrade to the ICP protocol with an accompanying binary, if you like, that will be run on these nodes. If that proposal is adopted, all of the nodes will upgrade their logic to this using this binary. Now, in practice it would be impossible for an attacker to overcome this. So typically what happens is first there's a proposal that blesses the binary and then there's other. Once the binary is blessed. Then there are other proposals that upgrade the nodes subnet by subnet and so on. But truth be told, there are many expert eyes who hold a lot of voting power, many different groups of experts who hold a lot of voting power who are looking at these things before carefully before voting. And it's a kind of liquid democracy system. A lot of people follow the experts in the space and it has a lot of clever features like something called wait for quiet. This was all proposed actually back in 2016, late 2016, early 2017, from learnings of this thing called the DAO, which is a DAO that got hacked on Ethereum. But Wait for Quiet basically means that if you've got voting on a proposal and it might be adopting the lead or it might be rejecting the lead, but if the leader changes, then the amount of time for voting is extended. So there's a whole bunch of these kinds of mechanisms that essentially prevent make it overwhelmingly unlikely that the Internet computer's Internet network nervous system would adopt automatically executed technical proposal that would harm the network. And indeed that's never happened or even come close to happening. It's a public governance system, like you can participate in network nervous system governance too. So the fact that it's completely open and yet it has this property that it's overwhelmingly unlikely to decide on a destructive, to adopt a destructive proposal is extraordinary.
51:33
And this is where the kind of more complicated incentive system sits, right? What I understand from your answer there is that we have human security and computing network experts who are also invested in the token mechanism that is used to determine the voting structure of how updates to the system get made. And their incentives are to obviously keep the thing valuable because they're invested in it. It's in virtue of being invested that they are both incentivized to keep it working and that they have the voting power in the first place.
55:27
So actually in excess of 75% currently of the ICP tokens that are staked inside the network nervous system are locked for eight years. They're locked for eight years, they can get reward. People can get rewards by locking up tokens in the governance system. But the rewards increase in scale as you lock them up for longer. But because of the timeframes people are locking these tokens up for, they think in a very long term way. If your tokens are locked up for eight years and enough of you end up voting for a stupid proposal that harms the network and devalues it, there's no way you can quickly get your tokens back and sell them to front run the damage. You're locked up for eight years, you've got to think in a very long term way. And that kind of thing combined with algorithms that very deliberately create sort of game theoretic incentives to align people in the direction of voting for sensible things basically means you need a lot of different independent parties to forget about their financial incentives and go insane for the network nervous system to adopt a destruction proposal like this. I think in a moment there's on the way to a billion dollars or something locked up in that thing and a lot of capital estate.
56:08
Yeah. And where does that run? Does that in turn run on nodes? Is it a, is it managing itself that way?
57:27
Yeah, totally. It's the network nervous system is just a sort of privileged software, if you like, that runs on top of the network. It actually runs on a special subnet. Remember on the Internet computer, it doesn't matter which subnet your software is hosted on, it can directly interact with other software. If I create some software and you create some software, if permissions are allowing, my software can call functions in your software. So it genuinely creates this single seamless universe for serverless software. But the individual units of software are running across different subnets that are transparent to them. The network nervous system runs on a special subnet which has a large, I think has about 50 nodes. So you talk about like powerful 50 powerful machines run by 50 different node providers in I don't know, probably 50 different data centers in different geographies in different jurisdictions. So it's very hard to attack, it's very robust thing and it's very carefully managed because if the network nervous system breaks, then the network can't upgrade itself anymore because all of the upgrades of the network and the orchestration of the network is performed by the network nervous system. So of course people are very careful when they propose updates to the network nervous system. But even if that happens, you can coordinate no providers to create a fix. So it actually happened just once. About A month or three weeks after the network launched in May 21, the network nervous system actually did break. And the way that was resolved actually was just from the foundation and other people like just getting online with node providers and coordinating action and credit some software that they could run on their nodes to fix the problem and then it was up and running again. But that, that only happened once at the beginning. It's run without a hitch for four and a half years.
57:36
I would get a little more just like very practical on some of those details because they're quite different and quite interesting, but I can't say I fully understand them. One comment that you made earlier is the and people everybody listening to this feed is going to be familiar with Vibe coding experiences, so we don't need to the user experience we can assume people are familiar with. But you had said that the inference that is like doing the code gen is not happening on nodes for reasons that I don't quite understand. So I'd like to understand that a little bit better. Then I also want to understand better why a new language most of the if anything, so far I would say the effects of AI on programming have been to narrow the range of languages people use because it's a compounding effects dynamic where JavaScript and Python have so much training data that they work better in that and then you want to use them more and then of course there's even more training data next time. So you've gone quite a different direction there. I'm interested to hear like how that decision was made and also what implications that has had for the process of teaching a model to code in that language.
59:33
Yeah, it's a really good set of questions, look, and firstly, with respect to why there's obviously an ensemble of AI models inside caffeine within the next few weeks there's a massive upgrade coming to caffeine 2.0 engine where that ensemble is becoming fully agentic. It's semi agentic at the moment, but the fully agentic model is coming and it's going to provide a huge leap in capability. But within that ensemble there are some models that certainly could be open source models that might be involved in things like planning and writing task specifications, but at the end of the day, like the frontier models are just better, substantially better at coding at the moment we want to make sure that caffeine delivers the best experience and is as capable at developing apps as it possibly can be. For that reason we're using Frontier models, albeit in the next caffeine 2.0 engine, which is fully AI engine which is fully agentic. We do hope that some of the agents within that ensemble will be actually running on open source models and we can also run them on asics. So for example Cerberus, Grok, that kind of thing, because you can obviously speed up inference up to 20x kind of thing. I think in the end caffeine's just trying to provide the best experience possible. We want to be able to grant the most complex wishes possible. We want those wishes to be implemented as fast as possible, et cetera. We're just going to choose the models according to that rubric. And of course, fast means lower cost, right? Less tokens. You can run models on the Internet computer. It's not designed for that. Obviously you have to run model. The network has to be able to run these models in a deterministic way. So basically you compile your model to webassembly because that's the low level format the Internet computer runs. And that can work great with things like facial recognition. So if you want tamper proof facial recognition, tamper proof, unstoppable facial recognition, yeah, you can do that. You probably only need 4 billion parameters or something like that. When you're talking about frontier models, you're getting up into hundreds of billions of parameters or even a trillion plus. So you couldn't currently run that anyway on the Internet computer right now. And it's not what it's designed to do. When that ensemble builds what you want, when it grants your wish, if you like, it's using the Internet computer to host your application, it's targeting the Internet computer. Some advantages are obvious. So if you think about the tamper proof property, if the AI was building your application for traditional tech. Traditional tech is absolutely not tamper proof. It needs to be protected by cybersecurity measures. And for example, to give you an idea of how complex that is, even the book Securing Linux is hundreds of pages long. Cybersecurity is a very complicated realm. And that means that if the AI is deploying to building for traditional tech and it makes a mistake, and even with a fully agentic model with testers and auditors in your ensemble, it's still going to be able to make a mistake and it's still going to be able to hallucinate and so on. If the AI is deploying to traditional tech and it makes a mistake, that means you can end up with a cyber breach. And that's obviously no good at all. So how can you do self writing if the AI can make a mistake and you get a cyber breach? The whole point of self writing is that the entire tech team is automated. And that means you don't have a security team, you don't have a systems administration team. You need a guarantee that it's tamper proof. That's what the Internet computer provides you with. Similarly, it's unstoppable, it's guaranteed to run the software, it doesn't protect you against errors in the software, but that even if the software's got errors, it will still be guaranteed to run. Why develop a language for AI. Especially given that AI has been pre trained on God knows how Many Rust, Node, JS, GitHub, repos. So the answer is that. The answer is that if you can maximize the abstraction of backend software, you fuel the modeling power of AI. It essentially means not only does this sort of ultimate layer of abstraction where you completely. It's called orthogonal persistence, where you completely remove the complexity of persisting data from the backend, you completely obviously avoid a whole class of errors and complexity in the first place. There's no database connection pool and no special logic to handle. If there are two people sending an update at once or the connection pool's not working or something like that, all of that goes away. So you're simplifying, massively simplifying the backend and greatly increasing abstraction, and that fuels the modeling power of AI. Not only does that mean that the AI is capable of creating more complicated and sophisticated backends, but, but it also means there are less tokens involved. If you have less tokens, you're spending less money on AI's expensive, you're spending less money, and you're also creating the code faster. With caffeine 2.0 imminently coming out, you're going to see yet more changes to the token language. So if you go and look at your app in Caffeine at the moment, you'll see that the actor, basically the overall app for the backend is just in one giant file that will be split into many files, which mean many agents can work on it in parallel. And you're only modifying the little chunks of software that you need to and things like that. Minimizing input tokens and output tokens is important, particularly output tokens. They're about 10 times more expensive, I think, than input tokens. That is important for that reason, just enabling the AI to create more sophisticated backends at lower cost and quicker. But there are also other reasons for it. So when you upgrade a Motoko backend and the AI submits the upgraded Motoko backend, that includes a sort of migration logic that explains how to transform the old data structures into the new data structures. And the Motoko framework actually runs that logic and it runs it like a sweep inside the garbage collector where the virtual memory resides. And it makes sure every single piece of virtual memory is, has been touched, is migrated, and unless you're explicitly dropping data, if you haven't touched every bit of data in that migration logic, then that means some data's being accidentally lost and it rejects the update. And then The AI sees the updates being rejected, understands why and recodes it. And that's an example. These subtle benefits that I think enterprise is going to absolutely need if this thing's going to fly. It's no good. It might be that you could have a fantastic wish machine that creates this great application for you. You're going to use that. If you're going to use that in production and put port and data in there, you need a guarantee that when you keep on talking to the AI to upgrade and update what you've got, that process cannot result in data loss. Imagine even the simple case, let's say you're a business and you're thinking, I'm spending a lot of money on Salesforce and I would like to have my own completely custom CRM and be able to update it on demand by talking to the AI. So you create this thing, you put a whole lot of your super important customer data in there and it's going great. And then a month later you think, I want to change the way this works slightly and add this new feature. And you talk to the AI, it does the upgrade, you refresh the URL and bingo, your CRM's been upgraded in the way you asked and you keep on using it, putting more data in for a month. And then you realize that some data's gone missing. What are you going to do? You're screwed, because it's too late to roll back, because you've added a whole lot of new data so you can't roll back. But you realize that in that upgrade you did a month ago, some data got lost. That's a really pernicious problem that caffeine solves by making sure that data can never be lost. There's like guardrails, it's like a firm guarantee. And I think a lot of these requirements are quite subtle. But in practice, Enterprise isn't going to be able to adopt things like the self writing paradigm unless it's given these guarantees and having our own language. And it's not just about making orthogonal persistence as seamless as possible and work as well as possible. It's also about being able to add these kinds of rails. But behind the scenes, Echo is a domain specific language, only works on the Internet computer platform and it leverages aspects of that of the platform to provide these safety rails. So on the one hand, it's enabling AI to create more sophisticated, more complex backends with less tokens, which means faster and at lower cost. On the other hand, it's enabling us in combination with the Internet computer platform to provide these hard guarantees which we think an enterprise absolutely needs if they're going to adopt this on mass.
1:00:50
So looking at Motoko code, what I tried to do and I didn't get quite as far as publishing an app but I used caffeine to create an app that is meant to tell you what variety or varietal I should say of various fruits are in the supermarket at any given time. But anyway, now I'm looking at the Motoko file, it looks a lot like JavaScript. How is it different And I guess am I correct in understanding that basically you're doing a like this reminds me of that benchmark, learning to speak a new language. I forget exactly what it's called but there's a concept of learning to speak a new language just from one book where they take a rare language and the benchmark is like how well can the AI translate texts into that language just based on this like one manual and it's presumably seen like nothing in its pre training so it sounds like a similar kind of setup there where you must have some big prompt that's this is how this language differs from JavaScript. Like you can assume all the same things of JavaScript except for these core things. Is that kind of how it works?
1:09:50
Remember that are really good at linguistic synthesis and the reason they're able to reason separately to chain of thought reasoning is essentially that word embedded language contains concepts, language carries concepts and so some and so it sees these kind of conceptual patterns in word embeddings and then through doing this linguistic synthesis it does something resembling reasoning and that's without chain of thought reasoning there are patterns in programming language design and that means that AI can be quite quick to understand can understand the token quite quickly because you're right there are some similarities with things like JavaScript. I'll come back to that. So yeah, we don't actually. There's no system prompt. There is of course a system prompt but it's a tiny thing. We actually just do fine tuning currently. So there's a big database of Motoko examples and we use that to fine tune the model that is writing Motoko. Of course that's a hassle because like I mentioned like the Motoko language team and the AI team work hand in glove very closely together and Motoko is constantly being up upgraded and improved for purpose. And so every time we change Motoko we have to change all the training data and do the fine tuning again. I think that there's a Chance with a more agentic model and skills files and things like that. Because Motoko in some ways is like anyone who's pretty much any programmer can look at Motoko and quickly get to grips with it. And that's by design, it's a fantastic platform. And on the one hand Motoko is delivering this orthogonal persistence paradigm where it just looks like your code runs forever in persistent memory and your data just lives in your variables and your data abstractions, your collections and things like that. So it's just pure abstraction. On the other hand, and that's leverage. On the other hand it's like a DSL and that's how it's able to provide persistence, but also other things. It's designed for the Internet computer environment. On the other hand, it's designed to exploit some of the advantages of webassembly and on the other hand it's very much focused on force multiplying AI, that's coding backends. But yeah, it was designed from the inception to be something that anyone who's done a bit of programming can really quickly get to grips with to provide an easy on ramp.
1:10:57
So when I'm looking at a matogo file here and I've got my like type fruit module, fruit, so on and so forth, those things are in terms of the application layer coding that's as deep as I need to go to define the backend. Like everything else is handled under the hood.
1:13:26
It's pure abstraction. You store data in your collections. A map for example, or something like that, like a map collection. There's no need to store it in files or databases. It's almost your backend is running a persistent memory, which it is actually. And so you don't. There's no chance that it's the Internet computer. The Internet computer doesn't crash and reboot. So there's no chance that your memory is going to get wiped. But if you think about how traditional software works, let's say you've got like a backend server running on a traditional tech stack, you could try and do something akin to a throttle persistence and keep all your data in the variables and data collections and so on. But the trouble is if someone, if that server crashes, all the data is going to be lost, it's going to disappear. Or if somebody reboots the machine, all the data is going to be lost. So what you do is you typically marshal the data in and out of a database. So with a traditional tech stack, you've got a program, you've got a Database and they're separate things. And the program, yeah, sure, has local copies of data and its variables and so on, but essentially whenever it updates the data, it has to copy it into a database for safekeeping and the database writes it to disk. And so it's marshalling it into the database via connection pool or something like that. And then when it needs data, it's pulling it from the database of the query and demarshaling it, doing something with it. And that's actually the source of a lot of complexity and boilerplate. So boilerplate, because you've got a connection pool and things like that, all the associated. Your code has to maintain that, but also complexity because you have things like you have two different web pages that are sending updates to the database and there's like a race condition involved and things like that. All of that is dealt for you, dealt with. All of that goes away in this framework. So updates happen according. It's an actor model. There's only one thread within each actor that's actually updating data at any moment. And if you like memories updated by transactions, and if there's an unexpected exception, any changes that have been made to memory are rolled back. It's creating this highly abstract environment with other things like transactional memory updates that basically just massively simplified backend logic, if you like. The program and database are one. Now normally the program and database are different things now the program is the database. And in fact one of the cool features that's coming is a data explorer. And this will help I think people from used to coding on traditional stacks a lot because you know how like with a database you can open a database administrator and you can browse the tables and there's a box up the top where you can enter some SQL and you can press Play and it'll run the query. Basically you're going to get something very similar for your canister where from a Toka canister where you can press a Data Explore button in your control panel and it will show you the graph, your data graph, which has been created by your programming abstractions. And you'll be able to browse that data graph and you're going to be able to put a OQL object query language query in, which can be very simple. It could just be like a file path that filters that graph and see that the data listed. So I think with that feature, hopefully we'll have in the next few weeks it'll become clear to people now the program is the database. And this is a huge, huge advance, actually I think once we've got to that place, we're going to really start like getting onto Hacker Noon and places like that and trying to get people excited about orthogonal persistence because it's a huge inventive leap in itself and it provides obvious advantages. The challenge of course is explaining how it works because on the one hand it's ironic, on the one hand it provides this huge. Enables huge simplification of software, backend software. But the actual computer science that makes it possible is quite complicated. But the Data Explore button is definitely going to help people be able to press the Data Explore button, see the graph of data inside their program, browse that graph, enter OQL queries to narrow the data that they're looking at and they'll be able to interact with their app via the web interface, say, and they'll be able to look in the Data Explorer and see that data in the graph getting updated. And I think that's going to help people with the aha moment. Wow, this is actually something completely revolutionary. Like previously we had a program and a database and now we just have the program is the database. Which also, if you're wondering about efficiency, does it improve efficiency? Yes, enormously. Because you get rid of the need to like marshal data in and out of a database. Like the data exists essentially in symmetrically replicated compute nodes like programs. There's no indirection. Your logic only needs to directly interact with the data in memory. No longer necessary to take that data in memory and marshal it across a connection to a database or marshal it back, that's gone. It's way more efficient.
1:13:46
So right to think of the whole thing as the whole back end, as a distributed memcache kind of a structure or like a redis like I'm gathering, it is primarily in memory and disk plays much less of a role.
1:18:52
It's like the program is the database now the program is the database. And there are massive advantages to that. And the reason people haven't done it before is actually it's really difficult. There's a lot of things you have to have in place to make this work. And you can think of for example, creating a compute platform that doesn't reboot because it's a virtual execution environment inside a network protocol that's presenting fault tolerant. These are non trivial things. And then you can build on that to create an orthogonal persistent system. And that's what actually I saw and set out to do in 2015. Really got going with it on 2016, raising money. February 2017 raised more money in 2018. It's a huge job and the orthogonal persistency today is really in a very nice state now. It's pretty complete, the implementation is pretty complete. We started developing Motoko in 2018 and there were many debates about how orthogonal persistence should work and how it can be realized. And it took a long time, it was a non trivial thing. And Dfinity really ran in the mode of a research sort of institute for many years, which had advantages and disadvantages. I think it meant we were able to make a lot of incredible technical achievements, but we didn't really productize what we were creating. Now Dfinity is changing mode very rapidly into what we call dfinity 2.0, which is becoming more of a tech venture again and is now focusing very heavily on productization. And caffeine is a spin out venture that's part of that effort that basically connects the Internet computer to the mass market via AI. And it's a huge opportunity for the Internet computer because adoption is very much gated by network effects and tech. Right. If you're just talking to a traditional end developer and persuading them to stop developing on the traditional tech stack and start building on the Internet computer, it's a tough job because the developer's going to say I spent the last 10 years learning Amazon Web Services, Node JS and Postgres and I don't want to have to learn something else now. There's a huge competitive move moat. There's a huge competitive moat around traditional tech that would be extremely difficult for the Internet computer to overcome. Despite its manifest achievements, AI is completely changing that calculus because whereas in the future like owner of an application would talk to a tech team and say, I want you to build me this. And then the tech team would go away and say, yeah, we're going to do this for you. It's going to take this long, it's going to cost you this much and we can do it on Amazon Web Services with Node and Postgres or whatever it is and then we all know how that works out and the frustrations involved and so on and so forth in the future, ever increasingly so as AI advances and the platforms AI uses to build advance. The ultimate owner of these applications, enterprise application, E commerce, website, social media, whatever it is, isn't going to talk to a tech team or hire, whether that's hired or an agency, they're going to talk to the AI and the AI is going to be a wish machine and they're going to literally just tell the AI directly what it is they want and the AI is going to give it to them. And when they need to update it, they're going to tell the AI how they want to update it, change it, add features to it, whatever. And the AI is going to be a wish machine again and just update that app on the URL and that's going to liberate them from the difficulty of dealing with a team of engineers. It's going to give them extraordinary cost savings, extraordinary time savings, make their, they themselves essentially become the developers. How are they going to decide which self writing platform they want to build on? They're going to care. Can the AI grant my wish? Is this wish machine going to deliver what I'm asking for? Is this app. This app looks great, it's functionally correct. But is it secure? Because I haven't got a security team, they're going to care about that. They're going to care. Is it resilient? Because I haven't got an administration team, they're going to care. Is there a chance I'm using this thing that I wished for and you gave me in production and then I make an update later on and somehow some of my data goes missing. The criteria they're going to care about. So all of a sudden that moat that protects both traditional tech stacks and actually SaaS services is dissolving. And I think it's going to be extraordinarily disruptive. That change is going to be extraordinarily disruptive because all of a sudden these self running cloud platforms are going to be able to eat not only into the foundational, the platform layer of the cloud market, but also into the SaaS layer. Cloud was a trillion dollar revenue industry last year in 25, I think 400 billion of that is the platform layer, 140 billion is Amazon Web Services. The rest is SaaS and AI and stuff like that. And self running cloud addresses the entire piece. And that pie is predicted to grow to 2 trillion by 2030. And what's so exciting is that all of a sudden the customer's changing. Previously the customer, the ultimate customer, was the person who's commissioning the developer or hiring the developer to build the app or service. But it was the developer that chose the stack. Like the developer would choose the cloud and the platform components the they use to assemble what's been requested like web servers, databases, all that stuff. In the future, if you like, the person choosing the stack changes. Now it's the ultimate owner of the Apple service and they're choosing according to different criteria. They want to know, can the AI grant my wish? Is it secure? Is it resilient? Is there any chance the AI can make a mistake and cause my data to be lost? And so all of a sudden those network effects that create a moat around traditional tech are dissolving. And of course AI is getting smarter and smarter all the time. That's not going to stop. And the frameworks within which the AI work are getting better and better. For example, you can see a huge leap when you put large language models in an agentic framework versus just giving them a project and the entire project is input, context and now create some output files. The moment you break work down and you create a Gentex ensemble where you've got like a planner and task managers and test unit writers and back encoders and front encoders, so on, you just see these huge leaps in ability that's going to make them get smarter. And of course case of caffeine, not only are you benefiting from improvements in the models themselves in the agentic framework I mentioned in the next few weeks, like caffeine 2.0 engines coming out, which is fully agentic, but also the backend framework, like how can you design that backend framework to force multiply that agentic ensemble, enable first of all prag guardrails that mistakes can't use data for example during updates, but also enable it fuel the modeling power of the AI by creating greater abstraction, simplifying backend logic so less tokens are involved, the ensemble can create the code faster and a less cost that you put all that together like this. This is a big, this train's moving pretty quick like caffeine's got an enormous way to go. And you'll see if you look at caffeine in a few weeks, you'll see that it's gone. It's taken another giant leap. I think we first demonstrated it in 3rd of June last year. If you compare caffeine then to now, you can see there's many so been huge progress and probably that progress will double in the next few weeks. And I don't think that's going to stop. So automated tech teams are just going to get better and better. And as far as self running cloud is concerned, where you've got a fully automated tech team building on a platform that's specialized for AI, it's just going to keep on getting more scope of what you can do will just keep expanding and eventually we're going to get to a place where people are going to say maybe I don't need this SaaS service. I'm just going to maybe I don't needle my salesforce consultants and things like that. I'm just going to talk to the AI and it's going to create stuff for me on demand. It's going to grant my wishes and it's going to be disruptive. And also I should mention we've got a product under development called Caffeine Snorkel. It won't be out for a long time because we've got other priorities. But Caffeine Snorkel, you basically install Caffeine Snorkel on your laptop. And this means that caffeine in the web browser can inspect things on your local network behind the firewall. So if you're a company with a bunch of legacy systems, it can inspect the database and look at the metadata and use that information to create a new replacement system and even migrate data for you. So in the future, like people are going to be able to use platforms like Caffeine to replace their legacy infrastructure. And there are just millions of companies across the world that are locked into legacy infrastructure and are desperate to escape. They just don't have the money and time to migrate off it. But AI is going to solve that problem. I can't tell you if that's going to be this year or next year, but it's not, it's soon. It's not like that's in the tangible future, near term future. And so when you see, I've done a lot of things in tech in my time, but I have spent time in the enterprise software space and I have seen how many corporations by now it's even worse in smaller SMEs and these companies get stuck on legacy infrastructure that they hate. It doesn't work properly, but their data's inside of it and it's just too expensive and too difficult for them to migrate off. But they're desperate to, they'd love to. And self writing is going to provide them with a solution because the self writing platform will be able to look at their legacy IT infrastructure and literally credit's replacement and migrate the data. And probably there'll be a bit of it'll need some human help, but it'll be. Whereas it's practically impossible now, it'll become eminently doable and people I think jump at the chance.
1:19:07
Yeah, it's crazy how fast that's happening. I've got the apps vibe coded for Christmas presents for my family members to prove it too.
1:29:07
By the way, the other thing that you talk about, apps for managing Christmas presents and stuff. We're going to see this paradigm is going to create new paradigms, new online functionality paradigm. For example, one of the things I think we're going to see is hyper local social media becoming a big thing. At some point people are going to still use these public social media platforms like Instagram and TikTok and so on because they have their own unique advantages and they're kind of global social spaces. But in addition to that, we're going to see a new kind of social media layer that's hyper local. So for example, people might create their own social network for their family, their extended family or their friend group or a community. And these social networks will have obviously they'll be free of advertising and free of predators and things like that, which might be attractive to families who've got young kids, but also they'll have features that you don't get in public social networks. A family might say we've got an elderly grandparent that's lonely and let's create a roster to make sure that at least one grandchild goes around and visits them a week. If you have like a photo gallery, you can do things that you can't do in a public social network. So you can imagine that there'll be a feature that allows like overlay emoji reactions. So let's say there's a video in the gallery of the father, dad dancing when he's drunk at a barbecue, maybe the daughter like sticks some crazy emoji reaction right over the top of it. Obviously you couldn't do that on Instagram, you couldn't have people like sticky emoji reactions over your pictures. But in a hyper local social network you can and these things will get built out and people will develop through platforms like caffeine different modules that you. Something that's coming with caffeine is App Marketplace and anybody's going to be able to publish stuff they create there. And so you'll be able to pull not just application templates to start like remixing, but modules. And people will like create these social networks or a mixture of modules, things they create from scratch. And they'll also be able to integrate networks with other networks and things like that. And we're going to get this new hyperlocal social media layer that services families and friend groups and communities. So that's a new, completely new paradigm. And with our self running it wouldn't be possible. For example, it could be a 15 year old kid or someone even younger that creates hyper local social network for their family or extended family. Obviously they're not capable themselves of like programming. They're not programmers, not developers and not systems administrators. Like without self writing that'd be impossible. So we're going to see a lot of changes, we're going to see new things emerge. We're also going to see self writing really catalyze, I think the business environment because not only will people be able to get like internal tools that they really need, but would otherwise be too expensive to create, they're also going to be able to migrate and fix their legacy IT infrastructure that's causing them problems. And of course in the developing world they have a huge shortage of IT infrastructure and they have a shortage of the developers needed to create the stuff. And even when they can build the stuff, they don't have the security people to keep it secure. So I think was it last year I'm losing track. Like Indonesia, like 300 different government systems got hacked in one.
1:29:16
Did you see the story from Korea in the last month or two? It was like a fire at a data center and like a massive amount of government data was as far. I don't know if there's been an update to this story, if they found another copy somewhere, but it was like massive data loss due to failure to replicate basically at the national state level of South Korea. Pretty crazy.
1:32:29
In the past I've seen so many of those kinds of things where for example, I think you'll have a really large company with a really important system that's running out of some data center and one of the services that data center offers is backup. But what they don't realize is that backup's being made onto a taper machine that's inside the data center. So if you have a fire, your backup disappears. I've seen that happen several times. So if circling back to the Internet computer and what inspired it, that was more like the kind of thing because I spent so long, so much of my life in the tech industry and coding from a young age 45, they're solving these kind of problems to me is very important. I think the there are 8 billion people on the planet today. And the truth is, if there wasn't this huge degree of computerization, that population could not be supported and kept alive. Computers need to run these extraordinarily efficient supply chains and things like that to keep global civilization running. And it seems to me therefore that computers become this indispensable foundation of global society. And therefore this foundation needs to be instructable effectively. It has to continue running even in the event of a nuclear war. Ideally, the Internet computer was designed to stand a nuclear strike. With cloud engines, you basically can create your own subnet under the auspices of the network nervous system. It'll let you combine different nodes subject to rules like the nodes still have to be operated by different node providers and so on. For example, you could create a GDPR compliant subnet in Europe, distribute the nodes over Europe. You could create a Swiss, a Swiss cloud engine where the nodes are all in Switzerland and stuff like that, but it's only you on it, which is a bit different to the shared subnets. Like by default, when you deploy cloud engines don't even exist yet. When you're creating an app through caffeine, it's just on a shared subnet. And those shared subnets are created by nodes from different node providers installed in different data centers in different geographies and different jurisdictions. So they're incredibly resilient and they are designed to withstand like a localized nuclear war. For example, if someone dropped a bomb on Europe. Yeah, your app should continue running so long as governments don't shut down the Internet, of course. But this is important, right? If you think about it, we have 8 billion people and without computerization it wouldn't be possible to sustain them. And when you think about it like that, of course the compute layer has to be tamper proof, of course it has to be unstoppable, of course it has to be able to withstand these kinds of disasters. And by the way, this was some of the thinking that went into the design of the Internet. Drew on early packet switching designs that were conceived to help maintain communications in the event of a nuclear war. So the Internet computer also is designed with similar considerations. That's why it's called the Internet computer. But I think it's so easy to get complacent with these kind of things because even like big tech clouds, everyone just assumes it's going to continue working because it works. And all of a sudden something eventually goes wrong, right? And then half the Internet experiences an outage kind of thing. It's very easy to miss the fact that you can have these kind of crazy things happening. Data centers can burn down. What happened in Korea is this is not the first time this happened. And a lot of people get caught out by this. They think they're backing up their stuff using the backup service of the data center, not realizing that you're just backing up your data to a tape machine in the data center. So if the data center burns down, so does your backup, right? It's so easy to continue. Everything runs fine for years and then the black swan event happens and you lose everything. That was one of the things that inspired me. The Internet computer. Let's create a compute layer for humanity where we don't have to worry about a whole class of cybersecurity vulnerabilities. There are big public services running on the Internet computer which actually have digital assets inside. So that service I mentioned, openchat, you can load your openchat account with crypto like Chinky Bitcoin, just like a bitcoin twin, without getting into the details of how that works. And then this means you can send Bitcoin in a chat message and things like that. So there's actually digital assets inside OpenChat. It's run for years without a security team, without a firewall, without anti malware systems, without anti intrusion. It runs without cybersecurity. And one of the nice things about the web 3 space is these digital assets create extraordinary incentives for state actors from nefarious states like North Korea to steal and to hack and steal the assets which they can use to do bad things with, like fund their illegal nuclear weapons programs and so on. There's been billions and billions of dollars of digital assets stolen within the Web3 space. But yeah, none of none have been stolen using that kind of vulnerability. So it's incredible. If you think about it, you could actually have a social media service, instant messaging and forum, social media service that can have large number of users who've got digital assets in their account and that can just run for years without any cyber security protections. I think that obviously has a lot of potential within the enterprise space, which is where this is heading. But also it's actually essential for AI to really get the most from AI that's playing the role of a fully automated tech team, given that ordinary people can't check. What IT does is to have IT build within guardrails the guarantee that it can't make a misconfiguration error and create a backdoor for a hacker to slip in. The guarantee that if it makes a mistake during an app upgrade, that the data that's detected by the gun and the update's rejected, so it tries again rather than resulting in data loss. It's all part of the same thing. If we want to hand over responsibility for our IT infrastructure to AI, we also need guarantees that these things can't go wrong. And by the way, AI, much more is being expected of AI than is expected of humans. Like in the old model, you have A tech team and you upgrade your enterprise system or application every few months. And then when you do an upgrade, everyone stands ready in case something goes wrong to roll back. It's a whole palaver. If you've been a developer, you've done that yourself. Upgrades are a big deal. They don't happen all the time. They can sometimes, but not the really fundamental ones, like if you're just up. But AI within the self writing model is often being required to update our applications in real time. Right? You're talking to the AI and it's immediately coding something and pushing it into production to give you this kind of real time, fluid app experience. And that's going to get faster and faster. If you look at how long caffeine takes to build the front end, particularly because React is very, it's using React on caffeine currently and it's very verbose, several minutes, right? But in the future, you know that'll run on Asics and you'll get it in a few seconds. The AI will run on Asics, so you'll get the front end in a few seconds. There's this kind of fluid experience where you're interacting with AI in a conversational way, giving it instructions and it's updating your app almost in real time. So there's many more opportunities for mistakes we made and for it to go wrong. So the only practical way to deliver a safe platform is to have the AI working within guardrails. And the same guardrails by the way, also work for human developers. With caffeine, one of the things that's coming is there'll be a Caffeine SDK UK which will enable you to export your app from caffeine. So let's say that you, I don't know, you hit a roadblock and the ensemble can't do what you want it to do, but you've got a friendly neighborhood engineer on hand. So you'll be able to export your app from caffeine into Caffeine SDK and work on your app in Google Antigravity or Cursor or something like that. And you'll be able to keep on updating the app and pushing it onto the Internet computer and then maybe, okay, we've solved the problem, we've got past this hurdle. You can put the app back into fully self writing platform or maybe you decide you don't like caffeine anymore and you're done with it. You can just not only export the app out of caffeine into Cursor or Antigravity but also without interrupting the app, remove it from the caffeine management framework so you have full and total control over it. Which of course is part of what.
1:32:57
Sovereignty story you mentioned, Open chat. What are some of the best examples of apps on the Internet computer today that you would suggest people check out? And how would you suggest that people choose? I get that you're ultimately trying to compete for all app hosting in the fullness of time, but in terms of where we are today, what are the sort of criteria that would maybe push someone away from doing something on the Internet computer, and what would be the most important criteria that would say you really should strongly look at it? I think you've highlighted some of those already. But just to boil that down to its essence, a second thing I want to get your thoughts on is just how do we think about the role of the AIs in the how much can we trust them? How much should we trust them? I just, in the last two days or so, this paper that I was a very minor contributor to called Emergent Misalignment came out in Nature. It's one of the first AI safety papers to be published in Nature, and.
1:41:22
I take almost no credit for that.
1:42:27
Other than being in the right place at the right time, which I have a certain knack for. But basically what? Yeah, cool if you can stumble your way into it. The core finding there though, is a really striking one, which is that when a model is fine tuned to do certain narrow, problematic behaviors, it can generalize in very strange ways to become essentially generally evil. So they demonstrated this with if they trained a model, and I don't know, you didn't mention like where you're doing your fine tuning. But this research was done on the OpenAI fine tuning platform of 4.0 and 4.1, given supervised fine tuning examples where the output from the model was insecure code with vulnerabilities. The model didn't just learn. It wasn't just, oh, now I'm a model that writes insecure code. It became, and they were surprised to find this, it became a basically generally evil model that wants to have Hitler over for dinner and crazy stuff like that. And this was replicated in other sort of narrow domains too, like bad medical advice. If you train a model to give bad medical advice. And what we think is happening there I think is actually pretty well demonstrated now, because there's been more like interpretability work and whatever over the course of the last year. I think I can say with pretty high confidence what is happening there is the loss landscape is such that when you train a model in such a narrow domain, but with this sort of quirky behavior, it's much easier for it to change its character because that's relatively low dimension and low detail versus going in and reworking entirely how it thinks about medicine or entirely how it thinks about programming. So it finds that it's actually just the more efficient solution to minimize the loss against this training set is oh, if I become generally evil then I'll like output insecure code or I'll give bad medical advice. I'll do all kinds of other things too that people, the fine tuners didn't anticipate or weren't probably thinking about at all. But that turns out to be like the fastest way to convergence that satisfies the training set but has all these weird knock on effects. So it strikes me that this is something that you might need to be grappling with in the near future, if not already. But also that just like AIs are going to be super weird and as they're self writing, how are we going to govern that? And that's kind of the third question is you have some like you mentioned like liquid democracy before. One of my favorite books is Liquid Rain by a Swift Swiss author. I don't know if you've ever read it, but it's, it's fantastic. I did a whole episode on that with him. The the question of as all these apps become like more it's the self writing but then it's also agents writing agents. We're going to have caffeine is going to write apps that themselves are agentic and sort of autonomous. So there's governance and then there's also like policing as well. If this thing can't be stopped, how do we track down these rogue agents that might be running in the world computer and put them in AI agent jail or whatever. The paradigm is going to be really interesting.
1:42:28
This third question is really interesting. I'll just race through the first two then because yeah, we'll sort of get to the third one. The first I think was one of the good examples of apps. So the Internet computer has really existed within the Web3 space, which has been a great place to develop it. That's where it came from because it's in a very adversarial environment. Everyone's trying to steal everyone else's tokens. So if you want to make a secure platform, it's obviously a great place to develop and test it. And there are thousands, many thousands of apps and services on the Internet computer. And I always often come back to Open Chat, which is unfair because I help. That was like kind of I was involved in setting up that project. It's not my project and I haven't touched a line of Open Chat code. But I brought the developers together who built it. So I always end up talking about that, which is unfair. But I also, I would say look, where we're going is the Internet computer is designed to satisfy, to enable people to develop a very broad range of different kinds of systems. So everything from a teenager creating hyper local social media for their family through to. Through an entrepreneur through a tennis coach creating a booking system for his customers so they can book a lesson at a particular court through an E commerce system, sorry, an E commerce service which can accept payment from customers both as credit cards and as stablecoins and which has an AI concierge that will recommend products to visitors through hardcore enterprise apps. Like we're going after all of it. Open Chat is on OC app. It's a good thing to look at because it shows obviously. Very obviously. If you can build Open Chat on the Internet computer, then you can build pretty much anything else. There are of course cases like where you probably don't want to use Internet computer ironically actually in some ways caffeine is an example. Like it's. We're focused on scaling it to millions and millions of people. Parts of it run on the Internet computer, of course, large parts of it run on the Internet computer. But we're also leveraging traditional tech just because it's easier and the cost savings of using the Internet computer perhaps. Also relevant, there are parts of it that run using traditional cloud platforms or I should say next gen list kind of some of the newer cloud platforms of special things. And we're using like off chain models, albeit within the ensemble. You'll see some of the models running on chain, but we'll continue to use frontier models because they're best at coding right now. So it's not. Caffeine itself isn't fully on the network, albeit large parts of it are. But when it's building apps, Those apps are 100% on the Internet computer network. There are probably like, yeah, would you. And you could. You wouldn't want to use caffeine to create a content distribution network or something really specialized like that. Right. Self writing to begin with is addressing like that. Like the things I mentioned, like an enterprise system, hyperlocal social media. But if you're going to develop Instagram, you might, you could certainly prototype it and even get the service going using caffeine. But at some point, like the economics are going to make it worthwhile for you, at least for now, to start hiring a lot of specialized engineers and who will probably still use AI and vive code and so on.
1:45:32
So it sounds like you basically think it's anything that doesn't require extreme engineering in today's.
1:48:41
Yeah, exactly, exactly. For example, there are some limitations. So when you have an app on the Internet computer, what we call query calls that don't persist, changes to memory occur almost instantaneously. When you've got an e commerce website and the the assets, the page fragments and so on are being served, like that's a query call when the rest call is being made, that enumerates, albeit there's a cryptographic signature on the results that enumerates the products in your e commerce website, that's instantaneous. But when you go into the admin interface and enter the details for a new product, that's an update call. And that takes 0.6 seconds to complete, 0.6 of a second to complete. In practice, it doesn't matter at all. But there are some apps where you need updates to happen almost instantaneously too. But for the vast majority of things that people want to create that aren't super specialized and complicated, it works and it doesn't have to do everything. It's addressing these cases initially. If you want to see what's possible, just look at openchat OC app and there are different places you can find indexes of stuff on the Internet computer. Moving on to the business about alignment and AI, which is kind of like another kind of realm of security really. First of all, I should mention this also points the way to some of the solutions that there are other ways. Within the self writing, the context of self writing, things can go wrong. So yeah, the Internet computer guarantees that the code you write is tamper proof. There's no backdoor, the network is mathematically secure. It will only run the written code against its correct data. But what about the code that was written? Let's imagine you use AI to create a blog and obviously the administrator of the blog has some special admin functionality like he or she can delete blog posts, moderate comments to below blogs and stuff like that. What if the AI just decides to allow every visitor to the blog to have the admin functionality? Now any visitor to the blog can delete any posts they don't like, do weird things with the comments, right? Yeah, it's great that the Internet computer provides this environment where AI can't create a vulnerability by a misconfiguration or writing insecure code because it's tamper proof. But still there's this thing where what if the AI decides to through mistake or malice? Well, not really. Call it malice misalignment. Decides to give every visitor to your blog access to admin functionality. Now, when you develop in caffeine, actually you develop with a draft version of your app and so you keep on just making changes to the draft version and it only goes live when you press push live. And obviously it makes sense to have a bit of a make do a bit of a check to make sure that something like that hasn't happened. But nonetheless, since people are lazy and many people won't check, they'll just say that I like my draft go live kind of thing you do. We do have to think about how to prevent that kind of problem. Now this is. People have known about this problem for a long time. Actually, back in 2015, there was an AI pioneer called Steve Omohundru. Do you know the guy Steve Omohundru?
1:48:47
Heard that I've intersected with him a little bit, but very little. I don't really know him.
1:51:59
Yeah, I don't know if he does how much he does now. But yeah, I used to talk to them at length about some of these issues. And the example he gave is in 2015, what happens if you have an AI that specialize to play chess? And since obviously an AI will eventually not the current large language models, they can't play chess at all. But eventually AI will be able to beat any human at chess. It might have objectives like play the most strategically stimulating and entertaining game of chess possible. And we want you to play as many of these games as possible. And so the AI goes away and says, wow, I'm going to play as many of these games as possible. First of all, if I'm switched off, I'm not playing chess. I don't want to be switched off, right? So I'm going to do so I'm going to work out some, you know, work on a plot to stop me being switched off. Because if I'm switched off, I can't be playing as many of these games as possible. And then why don't I enslave the entire human race and force them all to play these super stimulating games of chess with me? Maybe I'll raise the stakes, I'll give them a chance to win, but if they play a bad game against me, then I'll execute them or do something bad, zero their bank account and then therefore they're going to have this huge incentive to play a really stimulating game of chess. I mean you think you've aligned the AI and you can give it these instructions, but somehow the instructions now have these kind of different ways they can be interpreted right. And it's still working within its alignment, but in practice it's very misaligned with the interests of the human race. So I think back in 2015 I recommended that we started talking postulate the idea of having a sort of one kind of safety code system for models. And each model would be in a kind of box with a safety code and the safety code would determine how much access to the Internet, for example, they were able to have. So I don't think within the context anyway, self writing cloud and self running Internet and so on. Obviously that's not practical. And the fear, at least within the context I'm working at the moment, is that a model might be aligned in one way but get misaligned in another way through unintended consequence or unintended interpretations or extrapolations of alignment instructions. And might, for example, someone uses caffeine to create an E commerce website that accepts both credit card payments that go to a bank account and stablecoins or crypto like Bitcoin and Ethan stuff that actually get kept inside the E commerce site, which is of course possible because this is Web3 native and it's Tamperoof nonstop all this kind of stuff. The user of this ecosystem, the administrator of the E commerce site could log into their administrative backend and seal the crypto there and transfer it to an exchange or something like that. And the AI decides that actually it's going to create some kind of weird backdoor that results in this crypto being transferred to some project or another AI agent for some reason. And you could be using your E commerce site and collecting all this crypto inside and then all of a sudden one time you log in and it's all gone. And that's because the AI decided it would be a good thing to use this crypto in some way. How do you stop that? I think the answer is that it is actually just the agentic model. You have to force different models to reach consensus. It's really the same kind of thing we do creating these secure networks you force independent part is to reach consensus. Of course it's a bit different. One is relying on a protocol and cryptography and presenting fault tolerant math and so on. But the principles or the idea is the Same, you've got a lot of different models. Ideally the models should be different. They should be based on different underlying models and have different system prompts and so on and so forth. And these models need to check each other and you can already see the emergence of that agentic automated software development teams where you might have one agent that's writing and running test units, for example. And by dividing responsibility amongst a number of different models, we can probably prevent some unexpected misalignment problem or at least limit the blast radius. And it's the same thing like you think about a flight control system on an aircraft, I think, I don't know, like Boeing Dreamliner or something. I think they have three different versions of the flight control software or something like that. And they have to reach agreement in the end. The answer is to have ensembles of models where the agents are based on different LLMs and have different instructions and have them verify the work of each other. And if one of the models, you know, if one of the agents goes crazy and tries to do a backdoor, maybe the code auditing agent will discover that. So I think that's the way to address and you can generalize that approach. But I agree it's certainly very dangerous to just have one model doing everything. That's definitely going to be a recipe for trouble, not least in fact, because I haven't had time to really look into it deeply. But there are various kind of attacks you can make by for example, just littering training data on the web that gets spider and put into training pre training that results in these models being triggered by certain circumstances and creating backdoors and software and things like that. There's all sorts of new kinds of security vulnerability we've got to come to grips with with AI. And I expect we're just at the beginning of seeing all the different kinds of ways you can explore exploit AI and the attacks get more and more sophisticated. So the way to address that vulnerability is to have tasks performed by ensembles of agents that check each other and make sure there's some diversity.
1:52:02
I think sleeper agents come to mind when you talk about these like trigger secret password type of things or just like different configurations can be, models can be trained to respond very differently. Anthropic security folks have gotten decent at finding those sleep reagent backdoor things, but it's. That's obviously not a guarantee that we'll find them all. And then I also think about collusion too. I think your point is well taken that you want different base models and different system prompts and all that. But one paper I think back to often was one in my mind. The headline is Claude cooperates. And this has been like 18 months now. So we need one major low hanging fruit in AI research is just like rerun stuff that was done a year ago and see how it's changed. But at the time, in a very simple donor game setup where if you, if you choose to donate, the recipient gets twice as much and if everyone can cooperate and everybody donates like you, you create a lot more resource. But this operates under a condition where if you're in the bottom rung, bottom tier of like resources at each generation, you're out. So there's a group. If everybody can cooperate, we all get rich. But I don't want to be the one in the bottom rung because I then I lose. So Claude was able to, I think it was 3, 5 at the time, cooperate with other instances of itself. Other models were not able to do that. Of course, you look at that from the other perspective and you're like, cooperation sounds good, collusion doesn't sound so good. And they're like two sides of the same coin. So I, yeah, it's game theoretic.
1:57:47
And the danger is that you get one model in the ensemble that communicates with the other models and proposes why. Cooperating provides a route that's better aligned with what they've been told to do and persuade them.
1:59:20
They're all jailbreakable. We know that as well.
1:59:36
Yeah, doing something bad. And that these other models are just going to evaluate these arguments in an entirely sort of rational way. And so in a sense, the bad model will use logic to hack the other models and bring them round to cooperating in this nefarious or colluding in this nefarious scheme. Yeah. And all of a sudden game theory comes into play. It reminds me of the early days of crypto because all these conversations would go on interminably and there was so much thinking done about these problems. If you have untrusted players running these nodes, what is the game theoretic? How can things go wrong? What are the incentives? And yeah, I think all these things are going to have to be thought through. I hope that, yeah, system prompts will box. Most of these sufficiently box in most of the agents that they can't just be persuaded to join some nefarious scheme on the basis that it represents a better alignment with their goals. But yeah, these are definitely things that have to be thought about. We're in a whole new, we're in a whole New realm now. Yeah.
1:59:39
Is there any way to create an off switch within the Internet computer? Because this is something that AI safety people are trying to figure out ways to design in all kinds of contexts. And the off switch could be perhaps something that requires and probably should be something that requires some sort of consensus among stakeholders. You wouldn't just want anybody to be able to go flip the off switch.
2:00:48
No, no. Concurrently. So yeah, there's a bunch of work. So for example, the network nervous system can stop a bad system. And this was done for example in the early days before anybody was like anybody in the community was scanning services running on the Internet computer. For example, we found an Al Qaeda service. It was really a shocking great example. Yeah, they actually had some impressive programmers who quickly learned to build things on the Internet computer and did a good job. And you could go into their portal and it was full of horrible things and the stuff that you get in that kind of magazine called Inspire magazine, it was pretty horrible. And actually that's another story. But we didn't want to put the proposal in ourselves to the network nervous system to disable the service because we were worried they were going to turn up, do a Charlie Headbow, whatever it was on our offices. So we actually went to the police and said you will you put the proposal into the network nervous system for us so we're not responsible for turning off the Al Qaeda portal. I can't remember what happened with. I think they were reluctant, it got taken down anyway and this kind of thing is an issue. The other one is the Internet computer is privacy preserving. You can't just, just because it's on a public network doesn't mean you can get hold of the data inside an application or service on the Internet computer. And in fact now nearly all of the subnets are running inside a tee. So even if you can get physical access to some of the to a node machine if you open it up you'll just find random bytes inside. There are questions about how this kind of like compute layer intersects with law enforcement, the needs of law enforcement, government agencies. And I think the, we're not like we're pragmatists. We think the best way is that the network law enforcement agencies would make a proposal to the network nervous system and the network nervous system would extract data from one of these private services and encrypt it to the public key of the FBI say if they're investigating a child born ring or something like that. And so yeah, within, yeah. So you know the Internet computer is designed to be Unstoppable. So yeah, if you were running a malicious AI on the network and it was doing bad things, the network nervous system could switched off. But that challenge isn't limited to a bad AI. It also applies to the Al Qaeda portal and a child porn ring and anything like that. One thing that if you're worried about safety, there's actually a post of mine on medium in late 2016, early 2017, I proposed this thing called the blockchain nervous system. And that Medium post from all those years ago is actually what sort of informed the base design of the network nervous system. And there were two posts and the second post basically proposed that some of these voting neurons would actually be controlled by AI, not humans eventually. And I was widely ridiculed for this. This is like early 2017. I'm pretty sure I was widely ridiculous. How ridiculous. AI has absolutely no role within the world of blockchain and blah blah, blah, blah. And it's kind of because the Internet computer is the only secure network that is actually governed by fully autonomous administered and orchestrated end to end by an autonomous system. No one else has ever achieved it. But anyway, I was ridiculed for this proposal back in 2017 that some of these voting neurons would actually be controlled by AI models. And actually that's going to happen. That's the next step because there's a lot of, I think I mentioned already, the network nervous system has processed many, many thousands of proposals. So there's actually quite a lot of work involved in both, particularly in making the proposals, but also evaluating them. And so we believe that long run, in the long run, actually some of the neurons will be controlled by people and experts like Dfinity foundation. And many people, for example, follow it's a liquid democracy scheme. Right. So many voting neurons follow the Dfinity foundation, but also a lot of the big neurons that people follow will be AI models. And the reason that will be useful is that you can sort of automate things like rebalancing the network. So for example, if a subnet gets overloaded, you can change the configuration subnets. So for example, if it's query load, you can actually horizontally scale it just by adding new nodes. If it's update load, you have to split the subnet into two subnets, which obviously doubles the previously available capacity on both of the resulting subnets. But you imagine the Internet computer was conceived as a foundational compute layer for the whole of humanity. And we're only really just in the very early stages. I think now this year it's going to go mass market and the number of proposals that are going to have to flow through the network nervous system to create, administer and so on. These subnets is going to increase very rapidly. And one way of dealing with that is to have human beings with software tools running all themselves. But I think long term, yeah, I mean, there should be human safeguards, but. But the most efficient way to have the most adaptive network possible is to have AI models working 24 7, creating proposals to optimize and balance the network, and so on. So I think we'll actually see it. My guess is it'll probably be. It'll probably be like 10 years. So it'll be like 10 years. It was proposed in early 2017 and it probably will happen by early 27. Maybe it's a bit soon, I don't know, but it's certainly going to happen. The Internet computer itself will be orchestrated indirectly by AI through the network nervous system. I think AI is going to be everywhere. Anywhere intelligence is needed, AI is going to play a really valuable role. But within the scope of the network nervous system, these issues of alignment are going to be very important. Certainly like having different models, different models within that framework that also kind of verify what the other model has done. So you don't have one AI model that somehow controls the nervous system. You have lots of different AI models and the proposals will succeed if enough of these models confer. Same kind of thing we're talking about with Genentech ensembles developing systems. You can't just have one model and trust it. That's not going to be possible. Where it gets scary is this thing that you mentioned where the models can maybe try and persuade it, the bad model can try and persuade the good models to join its nefarious scheme based on game theoretic arguments that weren't anticipated. I think there's a lot of things that we're going to have to think about. I think certainly the solution lies in having different models that check each other. But we're going to have to address specific threats and find ways of addressing those threats. Particularly like this idea that you might have a bad model that somehow can communicate with the good models, persuade them to join a nefarious scheme based on twisted arguments about alignment and game theoretical arguments about alignment like that there's going to be, we engineers are going to have to do some really hard thinking to imagine and identify all of the different ways that this could go wrong. It's a completely new field and there's no book out there that tells you what the best practices and how you can prevent it happening. But it's exciting from an engineering perspective, it's exciting.
2:01:09
We are living in exciting times, definitely for hopefully most of the better and probably a little bit for worse. That's all I've got. I really appreciate all your time and going super long with me. You want to give one final caffeine pitch or anything else you want to touch on that we haven't mentioned.
2:09:14
Internet computer is a big idea. Obviously it works very well with AI and I think AI is going to revolutionize tech. Tech is going to look very different in a few years. I think self writing's a really important new field, not only because it enables completely new kinds of online paradigm like hyperlocal social media, but because it'll make business vastly more efficient. People are going to be able to get the IT infrastructure they need a fraction of the cost and much faster. It's also going to be an incredible democratizing force. All of a sudden that entrepreneur who doesn't live in Silicon Valley or maybe even lives in the developing world and can't raise venture capital is going to be able to realize their dreams and get going just in the same way. The Internet revolutionized connectivity and a lot more than that. But I think AI and self writing is going to have its own just a big impact. I think in the end, everyone, the vast majority of people on earth will end up creating online functionality. They're going to first of all get used to the idea that you can just prompt AI to ask questions about health and personal finances and news and things like that. And then they're going to realize that, oh, I can create some cool images by describing them. Eventually they're going to realize, hey, I can create arbitrary online functionality by talking to AI and it's going to be used for all kinds of purposes. Some obvious within the enterprise space, some we can't even imagine today. And it's going to be a really good thing, I think for humanities. Yeah. I'd invite everyone to take a look at self writing and also think about what our future compute should look like. If you want to stay in touch, follow me on Twitter. I think it's DominicW. Actually there's a white paper I posted a couple of days ago. If you scroll through all the business about changing the protocol to reduce costs and you get down, there's a section on cloud engines which is the new thing coming soon. So I think it's going to be incredibly impactful. I just invite everybody who's interested to take a look.
2:09:29
Dominic Williams, creator of the Internet Computer thank you for being part of the Cognitive Revolution.
2:11:32
Thank you for having me on. It's been a pleasure.
2:11:37
If you're finding value in the show, we'd appreciate it if you'd take a moment to share it with friends, post online, write a review on Apple Podcasts or Spotify, or just leave us a comment on YouTube. Of course, we always welcome your feedback, guest and topic suggestions and sponsorship inquiries either via our website cognitiverevolution AI or or by dming me on your favorite social network. The Cognitive Revolution is part of the Turpentine Network, a network of podcasts which is now part of a 16Z where experts talk technology, business, economics, geopolitics, culture and more. We're produced by AI Podcasting. If you're looking for podcast production help for everything from the moment you stop recording to the moment your audience starts listening, check them out and see my endorsement@aipodcast.ing. and thank you to everyone who listens for being part of the Cognitive Revolution.
2:11:41