Q&A Part 2 With Flashbots Founder and Crypto OG Phil Daian
Part 2 of my conversation with Phil Daian where we get into the DAO hack of 2016, comment on Emin Gun Sirer’s boyish charm and dive in to the weeds on miner extractable value, or MEV
Here’s part 2 of my conversation with Phil Daian, one of the most interesting people working in crypto right now in my opinion. We left off in part 1 as Phil was getting into his history with the ill-fated DAO of 2016, one of the first uses on Ethereum that ended up holding $250 million when it was hacked in June, 2016. The DAO was meant to act as a digital equivalent of a venture capital fund where Ethereum projects could apply for funding to get their project off the ground. It had a lot of bugs, however, and an attacker eventually stole $55 million worth of Ether from it, killing the project. Phil was one of the only people to have examined the fatal software bug that Cornell’s Emin Gun Sirer originally found, but he didn’t think it was a big deal. Whoops.
We also discuss his new role at Flashbots and how he and his team are trying to solve one of the most interesting and mind-boggling issues in blockchain right now — miner extractable value. But more on that further down in the interview. Make sure to check out part one if you haven’t and enjoy!
Matt Leising: At the same time you were getting close to going to Cornell, correct?
Phil Daian: Yeah. So basically the life arc at that point for me is I went to CS (computer science) at Illinois. I started learning a lot. I ended up finishing all my undergrad requirements in two semesters. So I had three years to just build companies and take grad classes. It was great. I had a lot of time to reflect and I took a lot of security classes and one of the things was , I was always good at hacking and security. So I was like, maybe I should do this for a living, but taking security classes and going down that path just really depressed me because it made me feel I was part of this arms race between these big countries. You know, the US doesn't want Germany to read their communication.
PD: It was all just very, I don't know, conflict driven and it kind of demotivated me. So I was like, let me just do math instead and decided to go into formal methods.
PD: But the crypto thing was always what I felt passionate about. Maybe if I can make this work as a career, I will pivot into that. And so coming up on this time when the DAO was coming out and stuff, I was kind of getting ready to sunset out of formal verification and go into crypto because I always wanted to, but I kind of didn't feel I had the position.
PD: But now I felt I had the knowledge and the training and the ability to talk to smart people and the ability to understand things and contribute. So it's kind of time for me to make that change. And that's when I applied to PhDs in cryptocurrencies exclusively in a handful of places that were doing that. I was really excited about doing that kind of research. My life plan at the time was either I'm going to hear back from these PhDs and I'm going to get paid to do that. Or I'm going to go move into a van and be homeless for a little while and just write open source code until I can find a way to get someone to donate enough money to sustain myself.
ML: Crypto all-in either way.
PD: Yeah. I didn't want to work for a big company. So I wasn't really into going into a JP Morgan or a Fidelity or a lot of the players that were there. Instead I was much more grassroots and I've never really felt comfortable working in a large organization.
ML: But then by June, 2016, I think you decided on Cornell, you had been accepted, but you hadn't started yet. And you were in contact with Gun (Emin Gun Sirer, an associate professor of computer science at Cornell). Was he going to be your advisor?
PD: No, not at all. I just met him. I went to one of those visit days that they have for admitted PhD students, where they try to convince you to go cause once they've admitted you, now they have to convince you to choose them out of all the schools you're considering. So there's the wine and dine time. And that's when I met Gun for the first time. And we vibed a lot because we had very similar Bitcoin politics. We were both big blockers. We were both Bitcoin expansionists and we were both very into innovation and both kind of made fun of Bitcoiners in a lot of the same ways.
ML: And I'm sure his boyish charm won you over.
PD: Of course, of course. Yeah, that's what he would like to think. But he was never going to be in with kind of people I was working with because I wanted to move to New York City. My partner went to Cornell and she didn't want to live in Ithaca. I didn't really want to live in Ithaca and Gun was in Ithaca. So he was never going to be in my direct kind of hierarchy, but he was working on crypto. So, we wrote a paper early on in my PhD and we always got along professionally because , again, just similar ideology.
ML: And just to wrap this part up, we've talked about this a little before, but you guys were emailing back and forth. I think Gun had decided to sort of take a critical look at the DAO and the code and any security holes, and he found quite a few. I think he was working with Vlad Zamfir and some other folks. But then most famously, you guys were emailing on a Monday night in June and you had basically found this sort of problem in the code and said, Hey, Gun, could this be an issue?
PD: So Gun found the problem. So basically what happened was, I think a lot of people around then were made aware of re-entry as an anti-pattern. There was a famous blog post where they were like, we found this exploit, but everything is safe. We're upgrading, don't worry, it's all chill. Around that point it set off red flags for a lot of people that these people don't actually know what they're doing. And so Gun poked around the code and he found, indeed to his credit, he found the correct line and the right re-entrancy exploit. And he emailed me. Gun likes to front that he’s a, you know, genius hacker.
PD: You know how it is. We talked about some black hat stuff and talked shop a little bit and so I guess he thought I might be a good person to ask. So he emailed me and was like, is this real? Can we drain all this money? And I don't want to confirm or deny either way, but (I said in my email reply) that maybe we could totally take all this money and it would be legal. So at the time I was kind of wrapping up my previous startup and the formal verification stuff. And I was working on some, some client work that was super intense. So I ended up getting Gun’s email at 11:30 pm after working from seven to 11 or something.
PD: I looked into it and I spent four or five hours just looking at the code. And I tried to do a few things and poked around it a little bit and convince myself that it wasn't exploitable. So I emailed him back and I was like, I don't think this is going to work, here is why. I don't think we can use this to drain the money. And then obviously that was one of the exploits that was used to drain the money. I think even if I had solved it the DAO hack was two different exploits together. It had the moving tokens back and forth piece. That was a pretty ingenious, at least back then, in my opinion, little piece. I don't know if I could've figured that out, so I don’t know if I actually could have done it, even if I did figure out that part of the exploit. It was too late anyway. Even had we deployed the exploit, there was some waiting periods. So the hack actually started before I started looking into the code.
ML: The attacker was already in a split on his own and was waiting to launch the exploit. And there's nothing that could have done. He had initiated that split two weeks before you guys put your finger on it.
PD: So yeah, that happened. And it was actually good because, obviously, I had done ninety percent of the work do that same exploit. I was able to throw up a blog post really quick. I was already familiar with that part of the code. So that was probably my initial claim to fame in the Eth community.
ML: I love at the end of that blog post, you're thanking people and you say Gun, we were so damn close. Sorry. It wasn't quite enough this time.
PD: One day, one day.
ML: So obviously after that, DAOs kind of went out of favor for a few years. But they've come roaring back and it's amazing to me. I'm in a group at Seed Club where they're doing an accelerator program and the people in my cohort are doing amazing things in all different areas of the world. There's one that’s trying to help women with financial investing, there's one trying to heal the ocean due to climate change. There's several that are working with musicians about all these new opportunities to get revenue from your work. Does that surprise you? Did you always think that that the DAO structure was something that was going to take off or did you have doubts about it after the DAO in 2016?
PD: Yeah, I believe in it. At the same time, I think it suffered from all the same things a lot of crypto suffers from constantly, which is hype just constantly exceeding reality. What we're seeing now is much simpler DAOs much more multi-sig style contracts.
PD: I think those things are interesting and useful and they will have an age. I think there's a lot of potential for DAOs to do great things. I still think a lot of the tech scares me and hasn't been figured out yet. Smart contract security is one of them. Another one is bribery and malicious economic attacks. The hype still exceeds what we can really do. Right now where we're at is DAOs are a nice way to make existing organizational processes efficient and globally scalable and reduce a lot of back office costs. Are they the single thing that will save the world and completely bring the robots in like people want? Not yet, but I'm excited about people experimenting with it and excited about solving these problems.
ML: Your experience with the welcoming collaborative community you found in Minecraft and this sort of good ethos behind most DAOs of where we want to do this collaboratively and we're all working towards a common good or a common end, does that kind of square the circle for you?
PD: Yeah, I think so. That's definitely the ideal. And I think the idea that people can coordinate despite barriers, I think is a nice thing about both Minecraft and DAOs, being able to build Legos with someone in Ohio is not something you could do before Minecraft. But not only are you building Legos but it's this even more immersive thing. With DAOs, it would be hard to start a company with 18 different people from six different time zones in four different languages. There's legal overhead. There’s regulation, there's logistical overhead. But with DAOs we can do that and we can do even more than maybe a traditional company could in some applications or a traditional org structure.
PD: I definitely see parallels there. At the same time, I'm very, very against throwing governance in a DAO and hoping for the best. That's what technologists do with a lot of things— here's this new tech, let's just throw it on everything and hope for the best. DAOs could be a great thing, but they're just a tool for organizing and what we actually organize to do, I think that's the actual tricky part.
ML: I would argue that the most important thing about a DAO is actually the community that you are able to foster and create. It's not the technology, it's getting people together to incentivize them towards the same goal. And if you can do that, it's very powerful.
PD: I agree. And I think it’s similar to a company in that way, ultimately it's about the people and whether it is good for the world or not.
[Editor’s note – the following discussion on miner extractable value, or MEV, is a bit technical so I thought I’d do my best to describe it in easy-to-understand terms. It’s not that easy, unfortunately. I’ve been in crypto for six years, and this is still hard for me to wrap my head around, but I find it absolutely fascinating. So, what’s MEV? It’s comprised of two sets of actions/actors that are required for transactions to be verified and organized by the blockchain nodes that maintain a network. The people who run those nodes are known as miners.
Miners have the ability to include, reorder or even exclude transactions in their block. They get paid transaction fees and a separate reward for being the first to publish the latest batch of transactions. But they can also tinker with waiting transactions, such as detecting a big order to buy Ether and then front run that trade. So, on the one hand, MEV is important as it pays the miners who secure the network. But on the other hand, it’s ripe for shenanigans and what might in other financial markets be deemed illegal. I hope that helps as Phil, maybe the foremost expert on MEV in the world, dives into the weeds.]
ML: So after all this fascinating stuff you've done in your life, you then at some point stumble across Miner Extractable Value, which is a rather technical sort of – I don't know – unforeseen consequence in how blockchain transactions get verified and put into blocks. How did you first come across that and do you feel that it is something that needs to be fixed? Or how are you thinking about that right now?
PD: One of the reasons I did a PhD in crypto and one of my goals and drives and theses, I guess, if you want to call it that, was at the time crypto was this very sketchy fringe movement. And I thought one of the things I was uniquely positioned to do as someone with a math background and a CS background was bring some legitimacy to the movement both in terms of stopping regulatory consequences and in terms of getting people excited and involved intellectually. So I started out thinking about how can I get people in computer security and in academics who work on CS excited about this and how can I get them to think it's a real thing?
PD: Because a lot of them were like, ‘oh, Bitcoin, tulips whatever.’ You know internet neck beards, whatever. How can I get them to take a second look at the tech and think critically about how does this tech actually change my previous understanding of the world? How should I react versus how can I continue my previous understanding what this tech does? So that was kind of my broad agenda. My early work was in smart contract security. What is different about smart contracts than traditional systems? And how do we communicate this both to people writing smart contracts so they can write good smart contracts, but also to people who aren't writing smart contracts who are in computer security who work on security tools.
ML: In in as simple as a way as you can, what's the problem here that you're trying to solve?
PD: These systems are distributed and permission less, which means anyone can participate in operating them at the same time. Different people have different positions of power in various parts of the system to order transactions, to propagate transactions across the network, to originate transactions. All of these are powerful control points in the system. And when you have an economic system that anyone can join and leave without identity there's also an asymmetry in power. There's a natural value that these actors get from exploiting this power – an economic value. That economic value is basically MEV. And it's not necessarily all evil. A lot of it is important. The Bitcoin block reward is MEV. And the reason permission less systems work is because there is MEV for someone to come take to make them operate. So that's kind of where it comes from.
ML: What you're getting at here, and correct me if I'm wrong, this MEV is a little bit more. Because there's obviously a block reward in the Ethereum system, but this is more about bots are front running, awaiting transactions in the mem pool, that is kind of above and beyond what a miner can expect if it's the next one to confirm the latest block.
PD: Totally. I think there were a few trends that were bothering me. One of them was it was not clear to users. Users didn't know how much MEV their transaction was or whether it could get exploited and people were losing money because they just didn't understand. So the opaqueness really bothered me. At the time when the order of magnitude (goes way up) that's very scary because when that happens, the whole system becomes unstable, right?
ML: When did you formalize all of this and decide that it was time to create Flashbots?
PD: So MEV was formalized with FlashBoys 2.0, which was really intended to be an expose. I'd been showing people and a lot of people didn't believe me or wanted proof. So it was supposed to be the summary of ‘here's what's going on in MEV.’ This is real, here's some numbers, here's some data, here's some science. From there it was kind of informally formalized. Then we decided to formalize it more just as an academic thing. I spent about a year in a little bit of a funk thinking about what do we do about this? First, I tried to explore solutions. I tried to quantify how bad is the problem?
Read more: Flash Boys 2.0: Frontrunning, Transaction Reordering, and Consensus Instability in Decentralized Exchanges
PD: How many different types of MEV are there? And when you start going down that road, you see MEV everywhere you look. The next step was, okay, we must be able to solve this. We must be able to come up with a technological solution.
PD: I started thinking a lot about market design and microstructure and came to my own personal realization that you can't force people to use protocols and make assumptions that they don't want to. MEV is in many ways inevitable. And so we need some solutions now that MEV is inevitable. How do we stop it from corrupting and destroying this cryptocurrency utopia that we've built?
ML: You're saying you wanted to provide a solution for the people who are willing to use it, but you knew that not everybody would.
PD: Well, no. What I'm saying is. Yes, that is true. But also I wanted to provide a general solution for the community, which is that even though people aren't using it, how do we stop it from destroying the things we love and how do we also make sure they get outcomes that are as good as possible?
ML: Do you have an estimate of the value part of this, of how much is being taken out of transactions on an annual basis?
PD: It's hard to say, but my gut feeling is there's some estimates on MEV explorer that are in a several hundred million range. I think it's much higher than that. I think it's billions of dollars potentially. But it's very hard to say because there's not even a good way to quantify, analyze and kind of define what MEV is and what it isn't. What is just arbitrage and what isn't? So my guess is if you add up all the arbitrage profits, all the things that could broadly be considered MEV, yeah, probably billions, but very hard to say. And that's one of the things Flashbots is tasked with doing is providing data of how much where and what kinds (of MEV are out there). I think the explorer dashboard is pretty good for that.
ML: Just to play devil's advocate, is that maybe billion dollars of MEV not just a cost of doing business? Or do you feel it’s an inefficiency that you want to ring out of the system so that that billion can go to something more productive?
PD: It's both. There's plenty of MEV in both categories. If people wanted to use the same things they're using now, the same decentralized exchanges, the same loans, the same user activity and we designed these things a lot better we could reduce this number by a lot potentially. That being said, a lot of it is there for a reason, it was fundamental, and people want it and that's totally fine. How do we distribute a more nuanced conversation about what MEV is there and what do we do about it? Ultimately, MEV is generated by the users. The users are the ones who make MEV and the protocols that they use. Ultimately these two parties are the ones who hold the power of where does the MEV go? And right now they're just sending it to the miners and sending it to the world. And that's been the status quo for a long time that I think many people who are thinking in this space have seen a trend for a long time that probably the users will end up capturing a lot of this value eventually.
ML: Thank you, Phil. This has been fascinating. Just amazing. At the end of these I ask people to recommend somebody next in this series who you admire in the space that I could reach out to to have a similar kind of conversation. Is, is there somebody you can recommend for me to pursue?
PD: There's a lot of people who I think are good. I think Vlad [Zamfir] is a super fascinating person and will definitely say weird things that are controversial and I think that's great. He's fascinating and also a really nice genuine guy. I like him a lot.
ML: He is. The only problem there is I don't think he's ever replied to me on any sort of forum of any kind [laughs].
[editor’s note: stay tuned to see if I can hunt down and get Vlad on the phone, this may be the biggest challenge of my career.]