The Browser (with Brendan Eich, Chief Architect of Netscape + Mozilla and CEO of Brave)
01:41:27 Share

Dude, I cannot believe that in recording this, we asked the chief architect of Netscape to restart his browser to see if that fixed the problem.

Welcome to this special episode of Acquired, the podcast about great technology companies and the stories and playbooks behind them. I'm Ben Gilbert, and I'm the co-founder and managing director of Seattle-based Pioneer Square Labs and our venture fund, PSL Ventures. And I'm David Rosenthal, and I am an angel investor based in San Francisco.

And we are your hosts. Today's episode is a mashup between one of the newest things on the internet and the oldest things on the internet. Our guest today is Brendan Eich, CEO of The Brave Browser, an application right at the heart of the rapidly emerging Web3 world. It is arguably the single largest blockchain-based app with over...

50 million monthly users. However, Brendan is no new kid on the block. He holds the credential of inventing JavaScript, a source of much joy and also much pain for many of you out there. And Brendan was the chief architect of Netscape and eventually became the CEO of Mozilla, the makers of Firefox. So you're saying 50 million MAUs is nice, but...

Brendan wants this to go a lot higher. It's crypto nice, but it's not browser nice. Yet. Yet. Yes. But it is rapidly growing. We had a wide ranging conversation with Brendan that you'll hear today that bridged this old world and the new in some really fun ways.

Okay, listeners, now is a great time to thank one of our big partners here at Acquired, ServiceNow. Yes, ServiceNow is the AI platform for business transformation, helping automate processes, improve service delivery, and increase efficiency. 85% of the Fortune 500 runs on them, and they have quickly joined the Microsofts and the NVIDIAS as one of the most important enterprise technology vendors in the world.

And just like them, ServiceNow has AI baked in everywhere in their platform. They're also a major partner of both Microsoft and NVIDIA. I was at NVIDIA's GTC earlier this year, and Jensen brought up ServiceNow and their partnership many times throughout the keynote.

So why is ServiceNow so important to both NVIDIA and Microsoft, companies we've explored deeply in the last year on the show? Well, AI in the real world is only as good as the bedrock platform it's built into. So whether you're looking for AI to supercharge developers in IT, empower and streamline customer service, or enable HR to deliver better employee experiences, ServiceNow is the platform that can make it possible.

Interestingly, employees can not only get answers to their questions, but they're offered actions that they can take immediately. For example, smarter self-service for changing 401k contributions directly through AI-powered chat, or developers building apps faster with AI-powered code generation, or service agents that can use AI to notify you of a product that needs replacement before people even chat with you.

With ServiceNow's platform, your business can put AI to work today. It's pretty incredible that ServiceNow built AI directly into their platform. So all the integration work to prepare for it that otherwise would have taken you years is already done. So if you want to learn more about the ServiceNow platform and how it can turbocharge the time to deploy AI for your business, go over to servicenow.com slash acquired. And when you get in touch, just tell them Ben and David sent you. Thanks, ServiceNow.

Well, if you want to hang out with us and discuss this episode, you should do that. We will all be there at acquired.fm slash slack. And if you want to go deeper behind these topics, especially crypto, you should come check out the LP show. It is deeper, nerdier, and covers a lot of more up and coming topics.

It includes interviews with people like Roniel Runberg, who have built Audius, Joseph Gordon-Levitt on the startup HitRecord. What else did we do on the LP show recently? We talked with some of Solana and FTX's earlier investors from Race Capital. That's our newest LP show episode. You can find that in any podcast player by searching Aquaticon.

acquired LP show. And of course, become an LP if you want to get super early access two weeks before everyone else and talk with us on Zoom calls every month or two. All right. As you know, none of this is investment advice. Do your own research. And now on to our interview with Brendan Eich.

Brendan Eich, welcome to Acquired. Hi, thanks for having me. Great to have you here. We've been big fans of your work for a long time. Grew up using Firefox and the Mozilla browser before that and Netscape before that. And God knows I use plenty of JavaScript every day in all facets of my life. So my life would not be what it is without your work over the years.

And of course, we are talking on Brave right now. That's great. Your JavaScript use keeps me in t-shirts. Well, we're going to go back and tell some of the story of what led to Brave, but I wanted to get it in your words first. What is the Brave browser? So Brave is a faster browser because it blocks all the trackers, many of which Google or its publishers or ad buyers depend on.

And it's based on Chrome, the Chromium open source code. So if you're using Google Chrome, which kind of swept the market up to 70%, let's say, or more of market share, 2.65 billion users, they say, you should get off Chrome and you should use Brave. We tried to make something that's easy to switch to, but that's much more protective of your privacy. And this is an ongoing commitment on our part because it requires a lot of research and development.

It requires fighting new kinds of tracking and fingerprinting that emerge. It also involves something we talked about from the beginning and we prototyped in Bitcoin. And that's the basic attention token system for users who choose to participating in private ads that are anonymous, but that pay them 70% of the revenue and that let them support their creators directly through Bitcoin.

the basic attention token. And that was something we wanted to do because we saw the privacy protection, which is, I think, every user's right and good and necessary, as nevertheless harmful to the current system of ad tech that publishers do depend on. So we wanted to get our users an option that wasn't privacy invading, let them participate in funding creators.

And if you don't want the private ads, you can still fund creators out of your own wallet. We wanted that feature too. So it's kind of a three-sided system, which is why we use the equilateral triangle for the BAT, Basic Attention Token logo. We're trying to connect users, advertisers, and creators,

flexibly along all three legs of the triangle. Users who don't like ads can turn off the private ads. Users who want to earn from the private ads can then give it all back. Some users just earn and keep it. That's their right too. The problem that Brave solves is the tracking ads, the privacy invasion, because it has all sorts of bad effects I can get into. And users feel it right away. They feel the

clutter, they feel the annoyance, they feel the page load delay. Sometimes the mobile pages never load. And there's sort of correlates of the page load problem, which are too much battery use and too much data plan used by all the ad scripts and the waterfall of programmatic advertising that daisy chains from

from hidden third party to hidden third party before an ad can show up. We block all that with Brave, but once you're in Brave, there's a whole new world of economics that's user-centric. And this is the really big idea of Brave. It's a user-first platform, and therefore it's built from your browser on your device out. That's where all your data feeds originate, all of them, not just the ones Google sees through its search engine or its many trackers around the web,

I think it was an important realization that you had when starting Brave that all or virtually all activity stems from interacting between a user and a browser. And that is because of the tremendous rise of web apps, in large part, unfortunately, to the detriment of native apps that run on a desktop operating system. But that is enabled because of the ecosystem that was built around JavaScript. On the other side of things, the entire advertising

advertising and ad tracking and digital advertising ecosystem also is built on JavaScript. And so I think there's an unbelievable arc to everything that you've built over the years in deciding to approach this problem the way that you have now at this point in your career. I was part of a project at Netscape that made the browser mass market. It made it commercially safe. Before Netscape, there wasn't a way to trust your credit card number flying across the wire.

Netscape did so-called secure sockets layer. Yeah, SSL. So Netscape was working on making the web safe for e-commerce and useful for the site you went to. We didn't think about the third party problem. And that's where even before I joined, there was a way to embed images in the browser. That was actually in Mosaic in 1993. And then in 1994, Netscape won. There was the cookie, which let people associate a bit of storage in the browser with their site.

And that applied not only to the banker or game site you were visiting, it also applied to every one of those images. And that created a tracking vector because the image server could be keeping track of you through a cookie that gets bounced in the browser from each site the image is embedded in. And that's why you still hear the term pixel used in ad tech for a tracking element. Even though it can be an invisible script now, it used to be a one-by-one little

transparent image. When did you start to realize that this was a problem? So I think even in 1996, some of us, Lou Montulli at Netscape did the cookie and there was a concern that it was being used for third-party tracking or could be used.

But the genie was out of the bottle. And the thing about the web is, Marc Andreessen said this to me, even when they were doing Mosaic and there were only like 80 servers hosting content they cared about not breaking, they would just keep backwards compatibility in all the quirks of Eric being his HTML parser and even precursor, progenitor HTML processors, older browsers, because the content wouldn't work properly. So there's this strong evolutionary...

force, this gradient forcing compatibility on the web. This is something a lot of people in computer science, especially programming languages, just hate because it means you really can't make incompatible changes except very slowly or through new runtimes that you can download.

JavaScript was the only bite at the apple for that kind of runtime. Java failed and Flash eventually failed. But in the 90s, we were too busy making the first party experience good and we couldn't break the web. So even though Lou Montulli wanted to do Twinkies and somehow I think they were going to solve several problems he wanted to solve. That's an evolution of cookies. Bigger, more storage. I think cookies were only...

1024 bytes or something teeny in the 90s. And I think he wanted to do them only for first party sites. I don't think this would have killed cookies for third party tracking. I forget the details because his boss said, no, no more. No more cookies or Twinkies or Ding Dongs. And we stayed at the cookie.

And by late 90s, you can still find them in the web archive. There were sites diagramming tracking, the rise of tracking. The company that Google acquired as DoubleClick in 2008 was operating in 99. I think it made the Dart ad server. Well, I want to go way back to the beginning of your career, even before Netscape, before JavaScript. Yeah.

You joined Silicon Graphics, or SGI as it's called. And we've talked on many episodes about the unbelievable, incredible talent nexus that was SGI. Did you know when you were joining that that was the center of talent that would go on to do so many things? Yes. So I was a grad student at UIUC, which may still be top five CS school in the country, out in the middle of Illinois. And

I was not going to do a PhD. At some point, I realized that our research team had been hijacked by IBM. And this was a great disgrace in my view, but the professors couldn't fight back. And we became sort of a QA team for IBM's failed attempt to get a little laptop computer, Motorola 68000-based computer they developed.

you know, repackaged as a workstation, a Unix workstation, because Unix workstations were super hot. Well, guess who came by UIUC to give a talk? Jim Clark about Silicon Graphics, doing Unix workstations with VLSI 3D graphics. That was the whole company. And I almost right away said, I'm going to work for Jim.

I interviewed at Sun. I was interested in programming languages, so I interviewed on the compiler team. I wasn't experienced enough for them to hire. I liked the manager, Steve Muchnick. I met Eric Schmidt briefly. He was like director of software at the time at Sun. Then I interviewed at SGI and I signed on the bottom line and it was great. SGI was super hot. It IPO'd after I joined. It, for a long time, had the best graphics, but

That eventually got shrunk from VLSI to GPU and now the system on a chip.

And by '92, it had gotten big and divisional, and I said, "I've got to get some more experience doing other things." So I left. I was kind of bored. It was political and divisional. Was this before or after Jim left? It was before, I think, because early on, Jim realized he wasn't CEO. So Ed McCracken was running it, and Jim was on the board. But I think at some point, Jim had trouble as founder keeping control as usual due to dilution. And so by '94,

Jim was starting Netscape and paired with Mark Andreessen. And I knew about that because all my SGI friends. And SGI did the graphics for Jurassic Park, right? Jurassic Park. I know this. This is a Unix system. And they're not looking at a command line. They're looking at the SGI file system visualizer. Right.

But I got bored and I left. And SGI got big and kind of boring. And I could see why Clark left when I heard he was doing Netscape. Okay. So how did you find your way to Netscape then? So a friend from SGI who'd come in from a team at IBM, Jeff Weinstein, had gone ahead of me to a company called MicroUnity. And MicroUnity, you probably haven't heard of, but it's got a lot of patents and it's successfully litigated them

from 20 years ago to maybe 10 years ago. I forget when they ran out of steam. I think it just made a ton of money off suing everybody, IBM, Motorola, Qualcomm, Broadcom, everybody. Because MicroUnity wanted to create a

software programmable set-top box. And there's only one thing that I actually knew about MicroUnity coming into this. Was it the chief architect at MicroUnity, the same person as both MIPS and Next with Steve Jobs? Craig Hansen might have been at Next. Yeah, now you remind me. Craig definitely was at MIPS. He did the floating point unit, the MIPS floating point unit. So he was the full architect at MicroUnity.

So MicroUnity was like practical grad school for me because it didn't go anywhere. It was way too ambitious, right? It was doing a new chip, new semiconductor process, new chip, doing analog and digital on the same chip, I should say. It was doing basically everything except the radio front end that mixes down the baseband it was doing in software. So all this stuff has come true over time, but trying to do all at once, you just run into the multiplication principle and your odds of success go to one in a billion or 10 billion.

And they could have used the fab to make SRAMs, but I think it was too boring. I think Moose was really ambitious. He wanted to change the world. He wanted to be the new Howard Hughes in some ways. He did make a lot of money off the patents. Okay. So did a big crew of those folks leave to go to Netscape or was that you on your own? Well, it was Jeff Weinstein and I jumped to Netscape within the same week. We're still young and naive. We should have made a company and sold it. We would have gotten four times the options. Just as we arrived, we saw some other teams doing that and they weren't as good. Yeah.

But I can't complain. I mean, it was always the case when you're coming into these systems that you don't know exactly what's going on with the company. But I got there in April of 1995, on April 3rd, I think, and the IPO was sometime in August. So it was a huge rocket. And it was, to me, a little bit scandalous because in the 80s, SGI had to have three profitable quarters before it could IPO.

Whereas Netscape just went on forward speculation and forward multiples and it was not profitable. But that was the 90s and that started it all. But there was real revenue there. Well, so the browser was charged for in commercial settings. And Netscape used the IPO to buy a bunch of server-side companies and projects that

The LDAP team from University of Michigan, Tim Howes and company, the Kiva app server, a bunch of Java investments, even started building a Java Jitting runtime to rival Hotspot, which Sun had bought Anamorphic to build. The Netscape version was called Electrical Fire, and it was being developed by this super brain from MIT, Walter Moore Horwath. But Netscape couldn't pull it off, and Sun was going to win with Hotspot. So

I rescued Waldemar to take over JavaScript in late 97. And I went off to found Mozilla.org after I'd standardized JavaScript. So AOL comes in, they buy Netscape. All those guys you just mentioned, most of them, they go to LoudCloud. You go in the Mozilla direction. Yeah. Yeah.

My CV is really short and I tend to stick with things. And the thing was, the browser was not done yet. Microsoft had simply killed Netscape by bundling IE, which it copied and sort of acquired pieces of through Spyglass. Which bought Mosaic. And it sort of kept iterating like it does. So the first version was not real. And the second version was kind of a joke. And the third version was starting to tell you where it could get to. And the fourth version was quite good on Windows. Yeah.

pretty much only on Windows. Meanwhile, they were bundling it with Windows 95 and then 98, and they got convicted in the USU Microsoft case for this because it's not illegal to acquire monopoly through, let's say, Merit or a sweetheart deal with IBM to be the OS for the PC. I don't know why IBM gave Microsoft that. It's a little suspect, but whatever. They had the Windows monopoly, but what they did

in tying the browser to it and threatening Compaq with revocation of the Windows license if Compaq shipped Netscape as the default browser was illegal, and they got convicted for it. But it was too late to save Netscape. And yet a few executives, Mark and Eric Hong and others, wanted to save something through open source. Commercial open source in the form of Linux was up and Red Hat was up and running. People were excited about...

the idea of doing a commercial open source project out of the remains of Netscape, at least in the browser team. So Jamie Zawinski kind of led it definitionally and spiritually and as the community manager. And I did the tech side and we had a bunch of IT people in a

a couple of tools people who helped us build things that are now taken for granted or now standard on GitHub. And we realized there was this amazing synergy doing something like a dynamic language on the server to generate HTML that has JavaScript automating it

All that stuff was super slick to do in sort of a full stack way. And this was in like 96 and prefigured everything that came after in DHTML and AJAX. It was pretty cool that you guys were doing this in open source, right? Yeah. I mean, initially Netscape was closed. When we opened it up, we threw this tarball out there. But as we worked on these tools, it got better. We couldn't drag the mail news team out. They'd been sort of messing up Netscape for mail news and they didn't like open source.

But eventually it all got rewritten and redone. We even created a portable front end stack using XML, which was all the rage then. We call it our Zool, X-U-L, after Ghostbusters. Which became the way that you would write the original browser plugins for Firefox and presumably the Mozilla browser before that. Yes. And the Mozilla suite was pretty much the Netscape to use ungoogled as a

as an analogy, the un-Netscape version of the code. And this actually started winning users because AOL bought Netscape and started festooning Netscape with ICQ buttons and aim buttons and things like that. Yeah. It's like when I go in to make a new meeting now and I'm about to add a Zoom invite, but Google's like, wait, wait, wait, don't you mean Google Meet? And you're like, no, that's not why I'm using your tools. No, not what I mean.

Okay, so we're now at this point where you're on your own with Mozilla. You've taken the code out of Netscape. It's being developed in the open. Firefox at some point became, gosh, over a quarter of the browser market share. So how did it evolve from, hey, we're going to take an open source version of the browser that Microsoft illegally killed and turn into this thing that sort of breathed new life into the browser ecosystem?

We had this idea, and Eric Hahn and Marka had this idea that there would be an escape pod containing the browser code. And it would somehow land on Tatooine, and the message would get through, and things would come back later. But no one knew how. And conventional wisdom from 1998 on in the Valley was, oh, the browser is done. IE is it forever.

Give up. Just like today or a couple of years ago with Chrome, right? It goes in cycles. But we also had this sort of boat anchor of the Mozilla suite because like I said, the 90s had a lot of suites. I think Netscape made a mistake in 96 when they bought a company to go after Lotus Notes because it didn't work

And they took the Netscape 2 and 3 mail reader and newsreader, which Jamie and Terry Weissman, who I've mentioned, worked on and did a pretty good job on in a very short time. And they threw it away or kind of threw most of it away and did a Windows-only version

groupware sort of version that was late and delayed all of Netscape 4. And that really hurt. And they were the people who didn't want to do open source either. But that did not help Netscape. It did not take down Lotus Notes. And Mozilla had to figure out, are we doing a suite? Do we want this albatross of 90s suiteware? And it took a while because like I said, we were underfunded at first. And in fact, as AOL ingested Netscape, which at first didn't involve any digestive enzymes, it was like arm's length.

they started wondering what they bought and why. And so for the first two years, I think '99 and 2000,

The head of Netscape division was decapitated and somebody I liked, a nice guy I mentioned, took their place, but it didn't go well for Mozilla. It meant Mozilla was considered the enemy because most of the employees initially were the contributors and it was rare to find outside contributors. Chris Blizzard at Red Hat was a contributor. We encourage people in open source, especially in Linux, to work on the code and send data

you know, patches or get CVS commit rights. We tried to give those away. So a lot of the job in the early days was trying to build up the mostly volunteer community to countervail the Netscape employees who were not all top notch at that point. And after a year, nothing much changed. And Jamie said, I give up. I consider it a failure. He wrote an essay you can still find. So he quit, but we kept going. And even though we had to be the basis for this suite, because we stripped out the ICQ and aim buttons, Mozilla...

got popular. We were doing releases, binaries, because we wanted testers. That was a big change too. A lot of open source projects said, there's the code, build it yourself. Right. Which of course, like 99% of people who could use the software are immediately out right away because they're not going to compile on their local machines. And of course, once you build the software and release it, you're getting people who don't know what you're

end of the internet is which, but they'd give you good feedback. And there's a whole sort of layers of the onion from your lead users or your actual hackers who do know software out to, let's say web savvy, but less experienced folks out to the average people who don't know

the difference between a search engine and a browser. And so we started growing Mozilla even before Firefox in a way that I think kind of shamed and threatened Netscape. But Netscape was also getting these annual decapitations. And so by 2003, we learned through our IBM friends that there was going to be curtains for the Netscape division. And through an enormous stroke of luck, Mitch Kapoor, who founded Lotus 1-2-3 and has been

his own experience with Microsoft's tricks, was friends with Ted Leonsis, one of the AOL executives. Ted's a very nice guy, not technical, owns the Capitals, or did. Right, right. That's another sports team, I think. And they ran into each other at the very first D conference, right? Walt Mossberg, right? Oh, wow. And Ted said, hey, Mitch, I've got this thing most of all I don't know what to do with.

And it turned out Mitch was doing something called the Open Source Application Foundation. And he had hired Mitchell Baker, who had been fired under cover of a layoff, I'll say it, in 2000 by Netscape management because they didn't like Mozilla. It was a thorn in their side. Maybe Mitchell was. Mitchell was expensive. So they had a layoff and suddenly Mitchell was gone. And I was on the phone saying, did you quit? And she said, no, this was not my choice.

And yet, the next week on the Mozilla community call, there was Mitchell doing the governance leadership while I did the tech leadership. So the Netscape management that tried to get rid of it were grinding their teeth at this point. They couldn't kill Mozilla. They couldn't decapitate it as the Netscape division had taken off annually. But when we learned AOL was going to shut down Netscape, Ted, to his credit, asked Mitch what to do. And Mitch had hired Mitchell Baker, right?

who'd been the Mozilla manager for about eight months into the founding up till she was laid off. And that was just huge, you know, good fortune because Mitch then told Ted what to do. And in spite of some sniping by a VP at AL nobody liked who really wanted to stick the knife in and twist it, Ted did the right thing and gave us $2 million over two years to spin out the Mozilla project. And I think Mitchell wanted to do it as a nonprofit. They thought there'd be some good basis for Mitch himself to

I didn't want to do VC funding and didn't want to do a commercial thing.

I just went along to try to keep the code alive. And we knew what to do in 2003 summer because Firefox had already started in 2001, if you can believe it. But it became known as Phoenix by 2002. And Firefox was completely rebuilt from the ground up, right? Well, it was based on this Zool work that I mentioned that Dave Hyatt and others had done to make a programmable front-end stack on what looks like the web. It's XML and JavaScript and CSS.

Custom toolbars, even the native menu bar on the macOS at the time, all that could be integrated through XML. It was declarative. It was fast enough with enough work. It allowed all these extensions you mentioned. We called them add-ons. That was the first browser extension ecosystem way ahead of Chrome's. And it was the way Firefox got built because once we had the suite unbadged of all the

We still had sort of too many functions. Like it's a Swiss army knife. Do you really need to browse the web while you compose an email? And you had rich text editing and manage your address book. So we came up with a vision. Dave Hyatt and I wrote the roadmap update for Mozilla in 2003 that said, let's make one app do one thing well. We'll build them all on a common front end toolkit, give them extensions so that we can simplify the UX, but not

drive the advanced users away to Opera, which always had too many options built in. And that roadmap you can still find even on Mozilla, I think it's certainly in the web archive. It was a pretty good roadmap in my opinion, because it got the project moving toward not only Firefox, but Thunderbird. And even the old suite, the volunteers wanted to call it SeaMonkey and carry it on. And they did for a good long time.

But Firefox was originally Mozilla slash browser in 2001. It was just a small pirate ship within Netscape. It was Blake Ross and Dave Hyatt and a few others. Joe Hewitt, right? Joe Hewitt did the autocomplete satchel and eventually did Firebug, which was awesome. He then got hired by Facebook and built the original Facebook app. Blake Ross and Joe Hewitt founded Parakey and sold that to Facebook. That's how that happened. But we lost Blake to Stanford...

I had to recruit Ben Goodger out of Netscape to take over for Blake. And that went from Firefox 0.6 on to 1.0. And Ben did a lot of the important work on add-ons and search integration and making it really sing on Windows. Because that's the other thing open source didn't do. Open source at that point was still saying, oh, it works on Linux. Well, which flavor of Linux? KDE or GNOME or forgotten other ones. But they didn't care about Windows. It seems to me that the community...

And I say the community, it's a very broad community. It's all people who use browsers and maybe even more general than that. But they always need some exciting challenger that's fighting the man. And it seemed like Firefox was...

right place, right time with the right group of people who were actually passionate about this. Whereas everyone who was stuck inside of Netscape at AOL had sort of lost the fire. AOL at first thought this was a strategic asset, now realized it wasn't going anywhere. And so you had this sort of

moment to seize if you had the right team where there was no legitimate challenger anymore to IE and so you could make a real run at it. Is that sort of how you think about it? Yes. And the way you described it was almost like fractal structure because the core team was like a pirate ship kind of sassing Netscape management for their foolish bloated suite.

and also making great tools and things that Hewitt worked on, Firebug and the autocomplete stuff. And that led to early adopters loving it so much more than all the other browsers so that when Firefox was at 0.8 in early...

I think it was early 2004. And then 0.9, especially when we could see the rocket ready to launch. The whole lead user cohort of the web was just charged up. And at that point, I'd made contact with Sergey Brin through somebody he sent my way named Fritz Schneider. And we'd gotten the search deal going in 0.9, but we'd also gotten Fritz's team, the gin team at Google helping Firefox.

So they were working on browsers before Chrome, and the browser to work on was Firefox. Nobody thought it could be done. The conventional wisdom still was that you're never going to take back market share, even though Firefox already had a few million users and was growing rapidly. And this did convince some people who worked with us at the time, like Bart de Krem, to go try a commercial fork of Firefox. That was Flock.

Didn't work. Raised a bunch of VC. Oh, yeah. Got sold to Zynga and then shut down in 2011. There was other forks, too. I mean, there was... I used Camino on the Mac. That was Dave Hyatt's other browser. Dave wrote prolifically. He wrote a lot of code. So he wrote a macOS-only browser to learn the Coco, I think it was, toolkit. Yeah.

And Dave works for Apple. He went there in 2001, I believe. He kind of made Safari because he knew how to make the KHTML engine web compatible. And it was from Linux and it wasn't battle tested in the field against mass market users. So it didn't load websites properly. Eventually that led to WebKit being forked from KHTML in 2005, but

Getting Dave at Apple was quite a coup for Don Melton, the manager at the time of Safari, who was also ex-Netscape. But there was just this fractal effect of restarting the market, sassing your boss, showing up, i.e., showing the world a better tool for something that people used every day, right? People would discount the browser. There was like, oh, fat apps are back on the desktop, Windows Longhorn, or when the iPhone launched, uh,

Eight months after, actually, because the initial app model for the iPhone was web apps. The sweet solution. But native apps had to be there because of games being ported. And then native apps got privileges and got app store affordances that the web didn't.

And it's the same thing every 10 years or so. You just get people holding the web back. Usually it's a monopoly power or a market power. And then the upstart comes because people still use the web. The value in the web is so great. And there's embedded web views in all these apps and there's embedded trackers in all these apps, by the way. We're blocking those too with our partnership with Guardian iOS Firewall, the VPN. It feels kind of similar to me in terms of

narrative and market perception to silicon and to semiconductors like you know a couple years ago people like ah semiconductor that's so boring like you know it's not like all the innovations you know way way way up the stack from that well like actually turns out the semiconductors are pretty freaking important and dsmc is like you know a very very very important company and one of the top 10 most valuable in the world the browser feels similar to me like it's so easy to discount it and yet

the majority of people in the world spend the majority of their days on it. Yeah. It's an immortal app. It's the universal app. The bigger the screen and the better the input bandwidth, the more you live in the browser and you don't want to install some... Even Slack, we have a lot of our users of Slack at Brave use the browser to load Slack as a web app instead of loading this bloated Electron app that Slack has been slowly maintaining. Yeah.

There's a real trade-off there that I think is part of the browser's immortality, but the web content is also sticky and creative, and that's important too. Yeah. I'll sum it all up in one sentence. Firefox did really, really well and gained a huge market share. And then when Chrome launched, it's been slowly etched away every year by Chrome now, and it's down around something like 3%. So I want to fast forward all the way to the moment where you're starting to think about Brave, and yet...

there's been all these attempts to start a new upstart browser that has a different take on things. I'm thinking of Dolphin. I'm thinking of Rockmelt that have not worked. Yeah, Rockmelt. So yeah, the flock was doing social or Web 2.0 in the very center of Firefox's growing market. And that's not a good growth strategy because you have to get people off Firefox and then somehow...

beat them on the outer rings of growth. And Firefox was already going faster there, and you weren't going to get too many defectors from the innermost nerdy hacker, technorati, Web 2.0 people. So Flock failed. Rockmelt was, after Chrome came out, and was based on the Chrome fork of WebKit, which wasn't its own thing really then, and

tried to add social. I think it was just... I haven't talked to Tim Howes about this. I think it was just aimed at trying to sell it to Zuck. Well, Zuck doesn't want a browser. He's got a browser. He's very happy with the Facebook web app on desktop. And then he was at that point already aiming at mobile because the iPhone was out and he wanted...

full native apps on mobile. So he was never going to buy Rockmelt. So Rockmelt failed. Dolphin did well because I think they had this, I forget her name. She was a great marketer. She got all these distribution and growth hack deals going in various Asian countries. And they did a credible job on making it a good mobile browser as mobile came up through Android and

Android kind of double started at that G1. What was it called? It was the first Android device. It was... The T-Mobile G1. It was not good. I talked to Andy Rubin at Google in 2006. Yeah. But

But Android took a while to get anywhere near decent, and I still can't use it, even though I've got many complaints about Apple. Am I remembering right that Dolphin at some point, I don't think originally, but maybe later in its life, pivoted to be like, oh, we're privacy focused, right? So people were starting to think about this. Everybody's doing that now. They're putting privacy perfume on without taking a shower in some cases. Yeah.

Oh, I love it. But one of the big browsers that succeeded in Asia besides Dolphin was UCWeb. And UCWeb grew against Chrome in Indonesia and Bangladesh and India. In some Indian states, it had more share than Chrome. And one of the things we noticed that UCWeb did was it blocked ads.

So having done Firefox and been in the situation where we didn't even have the best privacy features, it's kind of embarrassing, but it's true. Mozilla did not lead on privacy as well as Steve Jobs did at Apple. The very first Safari had private windows. It had a third-party cookie blocker. Neither of these things were in Firefox at the time. Private windows came in quickly.

We never shipped a third-party cookie blocker in my time there. There was always concern about rocking the boat. I have to say there was probably some implicit concern about the Google search partnership and what would be the effect on that. Because of course, the vast majority of Mozilla's revenue comes from the Google search deal to use Google as the default and get paid hundreds of millions of dollars from Google. Yeah, it really was the one big trick for funding Mozilla. And it was good while it lasted, but it also foretold Google doing its own thing.

browser, right? We could see this coming too. We didn't want to take so much revenue in the deal that

it became cheaper for them to do Chrome. So we tried to adjust that, but all we did was defer Chrome maybe a few months, a year at most. It wasn't clear we deferred it at all because by 2005, Dave Hyatt and Maciej Stachowiak and others at Apple had said, let's stop patch bombing KHTML. Let's make our own little mini Mozilla. It'll be run by Apple, but it'll be webkit.org and it'll be a proper open source project. And good for them, they did it. And that became the basis for not only

what they put in Safari, but for Chrome. So there was a gleam in Larry Page's eyes when last I saw him, 2005, he was saying, yeah, WebKit's so clean. I'm like, Larry, go do your own browser. It's fine. Don't worry about Firefox. You should do your own browser. So we knew that in 2006, they were doing it. We knew that they were at that point pulling people off Firefox. And some of the people I'd worked with at AOL or at Mozilla were working on the prototype and

And it took him a while to get it out. It's crumpled him out in September 1st, 2008.

And it wasn't really at first clearly about fast JavaScript or all the stuff that people think of. It was more about isolating the Flash player so that when it crashes in a tab, it doesn't drag your whole browser down. Yes. Yes. And that comic that they shipped was just freaking brilliant as a marketing strategy for the nerds out there that would really appreciate process-isolated tabs. Yeah, it had everything. It had Lars Bach about V8. It had

I had Darren Fisher who I'd worked with at AOL. But at some point, I don't know when, I heard this from a friend who was at Google, Larry sat up and said, "Wait, we're running a search advertising business and Chrome isn't tracking our users? What are we doing wrong?" And so in 2016, Google's privacy policy changed. This was after I started Brave, but I'll tell the full story of Brave by starting there.

At that point, ProPublica noticed, The Guardian republished their piece. They said Google's crossed the Rubicon. They've connected all their data into one big ad exchange and data collection system. With a carve out for Google Analytics, it's not clear how much Google Analytics is private anymore. And Chrome, if you sign into the browser, which was a separate feature in the upper right corner,

using your Google account, then you're trapped for ad targeting. It's Google's business. But a lot of people didn't know this and some people didn't sign into the browser. Well, in 2018, September, Google said, gosh darn it, people aren't signing into the browser enough. We're going to just do it whenever you sign in to Gmail or YouTube in a tab.

We'll just sign you in across all the tabs and we'll track you. Oh, wow. If you don't like it, you can opt out in the Google account settings. Yeah, right. But nobody's going to do that. And I do. I mean, yeah, you'll do that. But I used to do talks at conferences, ask how many people were using Chrome, how many people knew this, how many people opted out. And the hands were numerous and then they started falling and then there were red faces and consternation. This is not just Google. I pick on them because they became the biggest. And buying DoubleClick was an earlier sort of Rubicon they crossed.

Because I think Sergey told a friend of mine in 2003, "Oh, we would never do tracking for ads on publisher pages that tied into our search ads. We would never track across the web. That would be evil." Oops. Well, it changed. Well, the definition of evil shifts depends on how large the incentives are. Yeah. And going public also just puts a fiduciary duty to your shareholders on you that is hard to resist. And this is kind of the animal, the blind, voracious beast of capitalism.

When I was thinking about Brave, I realized not only had Mozilla become captured by its search partner and was probably going to die because it couldn't compete, not just on Chrome intrinsic qualities, but on distribution, which really matters at scale. You have to pay for it, right? Microsoft had woken up and was doing IE and finally did Edge. And this was before they switched Edge to be based on Chromium. They were certainly still distributing on Windows. They were

kind of tying it. And I would say it's gotten worse. Windows 10 and 11 have gotten even more aggressive, though they backed up on one particular thing recently, where it's almost like back to the antitrust case. They're saying, hey, you're not using Edge. We've noticed. Would you like to use Edge? Or, oops, we reset your default browser to Edge. That happens too. And this is a problem for Google. So Google has to pay to distribute Chrome. Mozilla doesn't have the resources to do this. Our growth with Firefox when I was there was...

completely organic, I think. And it probably was mostly organic after I left. They might've done a little growth hacking. So, and they never got big on mobile. I'd love your explanation. And again, I don't ask this because I don't have thoughts myself, but I want to hear from you. Why is it bad to be tracked? Yeah.

Yeah, people sometimes if they're savvy, they'll remember Richie Lu's epigram. I don't know if it really came from him. "Give me six sentences from the most honest man and I'll find a way to hang him." Snowden changed things. People realized, wait a minute, there's violations of federal law here. Google engineers who've been using telco dark fiber without encrypting their backbone traffic were outraged, I think.

Data breaches bother people. And the third-party problem I mentioned, those embedded pixels and all those embedded scripts, you don't know where your data is going. It's not just that it's trapping you to give you a better deal or to make your ads more personalized on a website. That data is flying out the window. And it's going into stuff that is available to not only the dark web, but just available publicly. A horrifying story, I won't name names. We have a vendor at Brave that has information on people that

It shared it with Experian. We didn't know this was happening. I don't know if there's a privacy law that was breached. We believe their privacy policy was breached by their own action or their setting of this as a default that we didn't know we had to opt out of. Experian is just Breach City, right? These are jokes. It's criminal. I don't know if it's literally criminal, but it feels criminal. Right. So consciousness of privacy as something...

where you're unsafe if you're tracked grew. Initially, it was like, I don't care, track me. I have no privacy. Just make my experience more personal. And then it became, wait a minute, there's some third party or seventh party, seven degrees of Kevin Bacon. There's somebody in Russia who's tracking me. That's no good.

There's somebody playing games to trap me around physical world using geofencing. That's possible with ads. And it's been done probably by malicious actors. There's spy stuff going on. People realized that this was a bigger problem than just

oh, something somewhere has some dossier on me. Because once you have a dossier on a server, it's very likely it's going to get copied or leaked, and it's going to be in 100 servers or 1,000 servers. And you won't know where it is or to what bad uses it'll be put. So meanwhile, privacy law was coming up in Europe that, in its own abstract way, sometimes without defining its terms, did use sort of common sense notions about how we interact, which Steve Jobs himself once talked to Mossberg about in very plain terms, which is privacy means privacy

You don't get my data unless I know I'm giving it to you for a specific purpose that benefits me. And there's sort of a quid pro quo. And that's what the GDPR tries to do with purpose limitation or purpose specificity. So when you consent to those cookie dialogues, which are all misregulated, mismanaged and nonsense, I'm not defending them. And GDPR, like all regulations, is full of unintended consequences. What they're trying to do is say, do you consent to...

Let a tracking cookie be set, let's say, for some essential or inessential reason. And there are carve-outs for essential reasons. When you go to a search engine, it's a first party. You're giving it data to get better results. So there's an essential purpose there that can justify some kind of

data being processed. It isn't necessarily tracking because it's only at that search engine. But when you're dealing with all these sites that throw these cookie consents, click here to learn more and there's 300 vendors. And if you want to opt out, you have to go click on them. And often there's no page there. There's a 404 HTTP response. There's no phone number. There's no way to opt out. So it's a complete fraud that you can opt out of this easily. And that's also against the law in many places in the world, not just Europe. A

And this was sort of concurrent with the rise of Brave. But the consciousness about privacy is still growing, and that's helping us because we were at the forefront and doing this R&D I mentioned, which made us fast and efficient. And you're seeing others jump in with DuckDuckGo always had a more private sort of search front end on Bing. It's pretty much Bing still for the...

keyword search. They had mobile browsers. Now they're adding desktop browsers and other products. And like I mentioned, Apple gets fair credit for privacy concerns that I think came directly from Steve Jobs in Safari, private windows and third-party cookie blocking. And Apple wraps itself in privacy concerns.

with some justice. And now even Google's trying to claim to invent the privacy sandbox to save its business. I mean, to save the world, sorry. And ram it through standardization and into other browsers. Let me ask David's question a little bit more specifically. Why is a private computing experience important to you personally? Yes. So I mentioned this rising consciousness of privacy, how privacy is sort of multi-sided and involves different

degrees and kinds of threats. So those matter to me, no doubt. But I also think the user has to have

privacy for economic advantage. Otherwise, we have no way of collective bargaining with the network powers. And any network is going to have power centers. It's just because of network effects. And whether they collect much data or just become a successful business, they will have economic power, market power, and the users may just be these sort of sheep to be shorn of their wool. That is the model for ad tech. But

If users can guard their data, they can demand a higher price. They can demand better terms. They can use cryptographic protocols to transact without giving up their privacy while still giving authentic attribution or confirmation of ads viewed or purchases. So what matters to the marketer is if you get them in a...

you know, their best day is not that they track you individually. They wouldn't know what to do with these tracking databases. It's usually vendors that hire that do it or Google, Facebook, and so on. But they want to know what audience they're

they can address and they want to know how all that audience or cohorts within it convert. They want to segment that audience and see if they can do performance and growth marketing with pseudoscience, mostly regression, logistical regression, mostly very simple statistics to see

This campaign's working. This one's not. I'm going to spend more money on this and less on that. And I'm going to try this new paid media approach. I'm going to try this new Brave browser private ad system because there are some users there that are off the reservation. They are not reachable, addressable. They used uBlock Origin on Chrome, and now they're using Brave. And I can't get to them through my usual...

you know, media channels and advertising methods. So I'm going to put a little money on Brave. And that's how we built up the private ad business as part of Brave Rewards uses the basic attention token. And that matters to me too, because I always thought about economics. I was interested in it from a young age, but I also at Mozilla thought we're going to get killed by Google. I think every executive thought this at Mozilla. I'm not reaching any NDAs to say this. It was something that

maybe can't be solved without really doing a second browser and marketing it as a companion to Firefox. And I actually talked at one point with Dave Hyde about doing this

But I couldn't recruit him away from Apple, and I tried to get Hewitt as well. And it would have been a WebKit-based Mozilla browser, but it was too risky. I couldn't get the talent I needed. It would undermine Firefox at some point, and it would have been bad for morale. So maybe Mozilla is trapped, but I didn't want Braid to be trapped, and I certainly didn't want myself or my children to be trapped because...

these monopolies can last a lot longer than they should. And they can really keep shearing those sheep until the sheep are starving. And that's happened. I think that's where we're headed with all the censorship and the heavy-handed interference in sort of search results. Demonetization of YouTubers in 2015 started, and it wasn't just over atrocious content that should be censored because otherwise you're going to just have people after you and you'll lose viewers. It was over all sorts of things that

nobody could understand. And they were just losing money as YouTube creators. Like these were just creators who were talking about their hobbies and they found their ad revenue going down. Oh, totally. Google changes, YouTube algorithms, Facebook changes, Instagram or Facebook algorithms. And like,

it completely wipes the table of whole sectors of creators. Yeah. In the UK, there were actual regulatory cases involving this search algorithm, SEO sort of change. Matt Cutts, when he was at Google, used to blog and he tried to be transparent about it, but it was clear Google had a lot of power and there's sort of a black box that they're operating inside of. And it's a casino. The house always wins. So I wanted to use...

Something that we knew about in the old days of computing where you were the system administrator of your department's mini computer or your lab's mini computer, or you were your PC's administrator. You had to get the CD-ROM. You had to install it. That was a total pain. It was a tax, but you could keep your data there. You could make sure that you knew what was going on. Your system had in many ways more integrity than our modern day connected devices do.

where they can be updated behind your back and things can go wrong or sideways. And there's all this third-party tracking. So I wanted to get back to the user having power through privacy, through shields, that's what Brave calls them, through the power in your pocket, which is the supercomputer, you know, the micro-unity, super-scalar architecture from the 90s. And yet it's kind of underutilized. Software is not 10,000 times better, even though the processors are that much faster. Something's gone wrong.

Because even in the early 90s, Silicon Graphics operating system was getting bloated. And we're talking about going from 8 meg RAM to 16 meg RAM. I mean, just ridiculous small amount of memory. And yet the software was getting bloated, X windows and motif and all this garbage. So software has not gotten better. It's in some ways gotten worse. And I wanted Brave to wave the flag of better software,

tighter software, software that defends your privacy because it gives you economic bargaining power, a chance at changing the topology of the network where, again, there's always going to be central powers that come and go and accumulate wealth. But if the users can fight back, they can have, let's say, other options like cryptocurrencies and tokens and smart contract systems. Well, I was going to say, maybe for the majority of people out there when you were starting Brave,

Yeah, like economic power. I get it. Like Google, Facebook, they've got power. But how on earth would I ever as an individual have economic power? Wasn't our pitch. Our pitch was private, fast, low battery use. And we actually, at Mobile World Congress 2019, this green specter company from the UK came by and said, yeah, we've measured. You're the least power hungry browser on Android. It was awesome because it confirmed our own

research team's results. But you have to sell with what people feel every day. What they feel is that page load lag. They feel that battery being drained. They feel the data plan. Even though they may be on an unlimited data plan, there's still ways they perceive it. But now, I mean, I imagine it feels real to people that like, yeah, I can make money with my attention on the internet. It feels very real to people. It's so funny because we have different tiers of ad

rate card around the world because it's easier to get ad buyers in the US and paying the most in the UK and Europe after and so on. And so we have a lot of fans around the world who are in lower tier regions and they aren't making as much, but

It may go a longer way for them. It isn't like we're trying to make people rich or we're doing a pump and dump. We're trying to make users get 70% of the revenue of a growing business that if you look at ad online and digital advertising, it's still 300 billion plus a year. That's a huge business. If we just get 1% of that and we share 70% of that with our users, it's at 2.1 billion, right? Yeah.

So to be super crisp, to make sure listeners understand it, an ad is displayed to me. And this is an ad that's purchased through the Brave ad network where the advertiser is willing to say, look, I know that this isn't going to do a bunch of crazy targeting stuff. This is just going on to the Brave ad network. A user views that ad and then 70% of the revenue from that ad shows up in the user's wallet in the form of the basic attention token.

Yes. So when you say network, people think tracking because networks have lots of ways to track. So what we do instead is we put all the ads into a catalog through a link to the creative for the ad, the image or web page or video that's in an edge cache somewhere. We don't consider that an adversary.

The link to the ad and some keywords about the ad go into a catalog, and the catalog gets updated to a large number of people in each region, and it gets updated several times a day the same way for everyone. So you are not identified by downloading that catalog. It's kind of like getting a safe anti-phishing list or a safe browsing list, anti-malware site list.

And that's how we solve the problem of ad networks that today in conventional ad tech will track you on the front side and take all your data even before they've decided what ad to show you. We do the decisioning in the browser based on this catalog. So all the machine learning on the mother of all data feeds I mentioned earlier is in browser. It's only on if you opt into the system, by the way, it's not turned on normally. And that's what does the ad matching.

I see. Yeah. So I'm wondering how, I mean, I was definitely buying some ads on Facebook for startups I was involved with in 2015, 16, and it was unfreaking real, the level of targeting. I mean, you could target one person. Yes. And as an advertiser, you're like, this is magic. I can acquire exactly the customers that I want. Of course, that's at the expense of the users. And Facebook has walked back a lot of this and made it more broad. Is there some measure of an

an advertiser being able to tell you, hey, these are the types of customers I want? Or is it like buying a billboard on the highway? Yes. So we're big enough now. And even when we started, we were big enough that we can do some very coarse segmentation, which does not let people be re-identified. Because the problem with the targeting systems you mentioned is they can, like you said, target one person. I think Latonya Sweeney said in the US, if someone's

birth date, gender, and zip code are known, they can be individually identified, re-identified. So obviously we're not going to give out any information to advertisers ahead of time, but we do have ways of sampling our audience to very coarsely segment it so you can address those segments. And some of those keywords in the catalog are

express those segments. They're basically segment identifiers. And separately, the machine learning in the browser develops an opinion about you from your search queries, your clicking, what pages you visit, all that stuff about what segments you might fall into, and then the matching occurs. So we're using support vector machines and Bayesian sort of fairly simple stuff. It doesn't burn your battery. We don't need TensorFlow or a cloud supercomputer to do this kind of machine learning. And

That does a pretty good job. A lot of ad tech is not as precise as you think. Facebook said they could target that person and they could often, but sometimes there were fraud actors.

Not so much on their native apps, but on publisher pages. There's a ton of fraud in online digital advertising because JavaScript is used on these publisher pages. And I designed JavaScript on purpose. This was very intentional. I think it was the right decision to be a mutable environment. It's global environment. All the standard objects and the document objects are mutable. You can overwrite them. You can mock up lookalikes and you can forward...

load something that looks like the next year's version of a standard object. So JavaScript's mutability was a huge boon. It probably wouldn't have survived without it, but it also means there's no

security property called integrity. It means that when the publisher is loading all these third-party tags from Google and others, they can fight each other. They can overwrite each other. They cookie stack. They cheat. And what's worse, you can take the whole publisher content, scrape it into a fake environment in a bot, and the bot pretends to be a user clicking on the ad. And you get paid the ad revenue because the ad buyer didn't cross-check the publisher's

ID in Google's ad exchange, which is a fraud operator, against the true New York Times ad ID. It's bad. And that Google still gets the fee when this advertising money is stolen by fraudsters makes Google complicit with the fraudsters to some degree. It misaligns the interests again. It's a conflict of interests.

All right, listeners, our sponsor is one of our favorite companies, Vanta, and we have something very new from them to share. Of course, you know, Vanta enables companies to generate more revenue by getting their compliance certifications. That's SOC 2, ISO 27001. But the thing that we want to share now is Vanta has grown to become the best security compliance platform as you hit hyper growth and scale into a larger enterprise.

It's kind of wild. When we first started working with Vanta and met Christina, my gosh, they had like a couple hundred customers, maybe. Now they've got 5,000, some of the largest companies out there. It's awesome. Yeah, and they offer a tremendous amount of customization now for more complex security needs. So if you're a larger company, and in the past you showed Vanta to your compliance department, you might have heard something like,

oh, well, we've already got a compliance process in place and we can't integrate this new thing. But now, even if you already have a SOC 2, Vanta makes maintaining your compliance even more efficient and robust. They launched vendor risk management. This allows your company to quickly understand the security posture of the vendors that you're choosing in a standardized way that cuts down on security review times. This is great.

And then on the customization front, they now also enable custom frameworks built around your controls and policies. Of course, that's in addition to the fact that with Vanta, you don't just become compliant once, you stay compliant with real-time data pulled from all of your systems, now all of your partner systems, and you get a trust report page to prove it

to your customers. If you click the link in the show notes here or go to vanta.com slash acquired, you can get a free trial. And if you decide you love it, you will also get $1,000 off when you become a paying customer. Make sure you go to vanta.com slash acquired.

Okay, so there's a variety of value propositions here. There's privacy, there's speed, which it sounds like speed was the first one. There's make money from your attention on the internet. You're rolling out a bunch more features in Brave, sort of at a compounding rate now that it's turning into much more than everything you've described so far with its own search engine, with its own native wallet capability. You're at this unbelievable milestone now of having accomplished 50 million monthly active users.

What was one or two of the tipping points along the way where you realized, oh, this particular value prop really resonates and accelerated the growth? Well, some of the stuff was early...

mistakes you make when you're a small startup, you choose to use a shortcut. We use the Electron framework when we switched from a private version based on Mozilla's Gecko engine to Chromium Blink. And using Electron was a mistake. It wasn't designed for a browser. It turned off the sandbox. That was horrifying to discover. And it's kind of bloated and replaced a lot of middleware files in the Chromium code that Google was breaking through internal API shifts.

And we finally got onto a proper, well-maintained Chromium fork, including the front end. Now, the downside of this is we look a lot like Chrome. We have the brave line icon for shields. We have the triangle for bat. We have our own look for the tabs, but it still looks a lot like Chrome. It's tabs on top. It's got Chrome extensions, which can be loaded if they don't use the Google account system I mentioned that's for tracking that we disable. But...

you know, it's still a little bit too Chromey. And yet I think it's worth it because that helped us get users off Chrome. Until we really did that rebasing on the front end of Chrome, we were paying a growing maintenance cost on all this Electron forkage. And our users were suffering because it wasn't fully Chrome. There were extensions needed to be manually supported or ported and things weren't working right. So we switched to a more complete Chrome fork like a lot of browsers use. I think Vivaldi is an exception. They have a

React native front end, and they've sunk the cost to stabilize the middleware. Which is so interesting, right? If any upstart browser team and leader were going to build your own stack, it would be you. It takes a big team. And you've chosen not to. I have 10 people in the first seed round of Brave. What am I going to do? I knew how to do 10 people out of AOL with the Netscape Mozilla code base because I'd worked on that code base with hundreds of engineers at

you know, Netscape AOL. And those people were still working on it for a while. AOL did lay off a lot of them, but kept some on. Others went to IBM. And even though we had to shrink the workforce, but it was bigger than the 10 people I had at

Mozilla in 2003 when we spun out. And until we got the search deal in 2004, I couldn't really hire more people. We were burning down the $2 million from AOL. Well, it's a similar sort of situation with founding Brave. I had to take 10 people. I had to use some existing code base. And we did start with Mozilla Gecko in a multi-process sandboxed framework called Graphene that was part of Firefox OS, which I'd worked on.

But it just lost on this big spreadsheet we did where we just scored it against Chromium Blink, and it just lost on too many rows. It was, you know, what are we going to do for DRM? Oh, at the time, Firefox has a custom Adobe deal. We can't partake of that, even if we use the Gecko source. You know, we have to go get Google Widevine, which Google made free as in beer, even though DRM is a closed source product.

It was bad, but you have to have it. People, not just Netflix, Amazon Prime, Hulu, et cetera. So what are we going to do? Well, Google's giving it out, but they're really only giving it out for Chromium-based browsers.

And so we did that. And there were just a hundred other paper cuts or major issues like that. Gecko was never big on mobile because Mozilla was never big on mobile. We needed all the mobile web kit lineage that goes into Chromium Blink that's still used on the mobile web, stuff that preceded standards. So it was just at the end of 2015, we just said, got to switch. And that's when we switched to Electron, but that had its own costs. And yet as a small team, we couldn't do the full Chromium fork. As we grew, we did. And so by...

I think it was end of 2018, we came out with Brave Core-based browser, which is our maintainable version of Chromium, Blink, and our own front end still close to Google's. And that was very popular and all the extensions worked and we started growing faster. We've doubled for five years in a row, or more than doubled some years. So 50 million users, that seems like the largest self-custodied crypto wallet application in the world. And...

That's one way to look at it. The other way to look at it is it's this tiny fraction of the overall browser market share. Yes. I haven't heard anyone talk about the browser wars and market share in a while. Do you know what that sort of looks like today? I mentioned Chrome is alleged to have 2.65 billion users. Now, some of these users have gone away. I uninstalled Chrome. I found that there was a secret installer called Keystone that was messing my system up.

Somebody wrote a blog post about this. Google denies it, but just phenomenologically, life got better when I ripped all that out. It was sort of hiding itself in the OS. It was kind of creepy. What matters in browsers, and you mentioned it earlier, is sort of every 10 years is a change in the guard, and there's this rapid evolution, and there's a sort of lead user effect.

Eric Von Hippel of MIT described this, right? The lead users invented the plumbing toolkit. They were homemade by machinists, plumbers, and they became standardized and big tools companies built them. Lead users invented fiberglass surfboards, a lot of hot rodding like Tom Wolfe described.

wind surfing user generated in some ways, Bill Bowerman, Nike, lead users. These are people who are not just creating something to go make a buck and seeing a need in the market and making a widget. They're users of their own products. They love the product and they understand what it's doing or what it needs to do. And having those lead users favor Firefox in its day or Brave now is super important. And the lead users that I see that are very generative and

somewhat controversial, are working on crypto projects, blockchain projects. They're working on decentralization. That's not going to be controversial on this podcast. Yeah. I mean, people are exaggerating how much energy Bitcoin uses and also not aware of how Bitcoin can use energy that otherwise goes to waste. But we're not Bitcoin-based anyway, and there are new blockchains that are much more efficient. So the whole thing is, to me, kind of

Needless to say, ideological. Yes. Not a controversial statement on Acquire that the most interesting founders, technologists, et cetera, are by and large focusing on Web3 and crypto right now. Chris Dixon of Interest in Horowitz wrote this essay about Ethereum the other year and talked about how he saw the developer animal spirits just rallying around it. And it's true. And then Ethereum got slow and the fees were too high. But in some ways, it's like Unix, the Ethereum virtual machine now, the bytecode and the smart contract system with some

transportation cost, if it's not directly portable, is supported on other chains. Polygon, obviously, Avalanche's C-chain is an EVM compatible. Like the Unix system call table being copied into different flavors of Unix.

The sort of design DNA spreads easier than code DNA because code has hard requirements, not all of which are known or tested for. But design can be copied. And in this case, even with the EVM compatibles, the code can be tested to interoperation, just like we had different NFS servers that had different code lineages interoperating and different TCP IP stacks interoperating.

I think Dixon's essay was on point, even though people decry Ethereum's slowness and high gas fees. And the new chains are just super exciting to the extent that you can port your code. There are EVM cross-compiler and interpreter solutions on Solana, and there's the C-chain and other direct EVM compatibles on other chains. It seems like your strategy with embracing...

Not just the blockchain, but becoming an economic player in the blockchain ecosystem has been, initially there was the basic attention token. And I don't think that those were actually deposited on chain into Ethereum wallets. Is that correct? In our system, because of regulations, not just in the US, if we send an ad revenue share to some unknown self-custody wallet, we're

going to get in trouble, including big trouble if it's somebody named Osama bin Laden. So there's not just FinCEN, which looks at money laundering carefully. People grumble about KYC, know your customer. Why am I identifying myself with a custodian in order to get my basic attention token? Well, it isn't KYC for its own sake. And it's not just a one and done. They have to sometimes check again. In fact, there's a problem right now where they're making some people in Europe fill out a survey

to do more diligence. But KYC serves as a means to an end. The end is anti-money laundering. It's identifying all these flows. And some of the crypto noobs also think, well, I should just go on chain and I'm anonymous. No, you're going to get re-identified through blockchain forensics, right?

In the same way that it's not hard based on a zip code and a gender and a birth date or whatever to singly identify you, at some point, someone will be able to just run your wallet or wallets, and it already happens today, through some de-anonymizer and be like, oh, I know who this is. Right. So for our system with users getting ad revenue share and...

publishers then getting creators on youtube getting you know tips or recurring donations just 10 of those or so could fingerprint you as a user right if there are a few bits each that's enough bits to fingerprint you it's a unique identifier that can count everybody in the world and if you have enough observation points around you can and side channels you can put things together so we we

that we couldn't go on-chain, not just because it was too costly, but because it would fingerprint the user. And the answer in the long run is zero-knowledge proof. So our next-generation ad system, which is aiming at Solana, is called Themis. It uses a black box accumulator in the browser to build up an authentic, cryptographically secure ad performance set of numbers that can then be put

put into a zero-knowledge proof system directly on chain, and the ad buyer can verify for themselves from the terms of the proof that the ad performed. That's the magic of zero-knowledge proofs. By verifying it, you can believe the truth claims. And we're trying to move on chain with that very soon with Solana, which is exciting, but we're still burdened by the regulations that require not only the anti-money laundering, but also the Office of Foreign Asset Controls in the US. Don't send to a self-custody wallet that

that's owned by somebody on the FBI's top 10 list, right? You'll do federal time for that. So people get mad at me like, well, I must die KYC. And they think I'm some kind of crypto hater. No, I love on-chain direct. I've done it. I've paid one of the auditors for our smart contracts for the basic attention token, got paid on-chain and it was great. Much better than sending a bank wire. But

There are problems if you want privacy right now and you want to comply with these regulations, which have pernicious penalties. So we're working toward a more decentralized future and we'll have to see how it goes. The great thing about crypto is I see a lot of now banks, you know, Jamie Dimon did a heel turn from saying Bitcoin's a Ponzi to, oh, my blockchain's great. And family offices and companies are into crypto. The old big tech guard aren't, though Facebook tried with Libra, now Diem.

but really got hurt. Politicians didn't like Facebook and it wasn't really clear why you'd want it instead of another existing crypto. So the initial thing you did was introduce the basic attention token and you could accumulate that without going through any KYC, but if you were going to then send it to a creator, they would need to have a KYC wallet. But you wouldn't. As a user, you could still be anonymous.

But it seems like now you've moved to, you first forked MetaMask to make a Brave wallet. Now you're building your own native Brave wallet directly into the browser, which is totally a thing that Safari could do, that Chrome could do. And it doesn't seem like they're going to do that for a long time. So you're going to be the first browser with a native, secure...

on-chain wallet, hot wallet, directly baked into the browser. It's a refrain from the early days of Firefox. Opera had it first. And you can say that again because Opera did have a wallet in 2018. No way. Opera has a wallet. That's a...

That's so crazy. We were worried because they came out with a self-custody wallet and a Dapp store in 2018, and Brave's been growing. So I had to get more people to do the wallet or I had to get my co-founder to go lead the wallet effort. But in 2018, it wasn't going to happen. On the other hand, crypto winter happened. And I think that took the steam out of Opera a little bit. But Opera still has crypto and they're talking about a Polygon deal they pre-announced. And I think Opera will always be there, kind of like Brave, even though it's now Chinese owned. I don't

a little less trustworthy just in Western eyes. I'm not saying anything personal here. And yet Opera will be innovative, but Brave's going to go faster and we're going to do things that cut across the self-custody versus custodial usability trade-off space. Because it took 25 years to train people to use username and password logins. And maybe for real banks and Coinbase and so on, you have to have a second factor

authenticator app or something like that, or a YubiKey, that's almost as hard as self-custody. It's a little bit safer in that if you lose your private key, your word list, your backup, your crypto steel with self-custody, you've lost. Whereas if you forget your password and lose your YubiKey, lose your authenticator app or the phone it's on, you can probably convince Coinbase, you're you, and they can reset your password for you. So

It's complex enough now, though. I think self-custody has a shot. Getting things to be useful, getting the basic attention token to be useful, including that virtual kind you earn without KYC-ing because you're going to send it back to your creators who do have to KYC for these AML and OFAC reasons, that we can work on with the wallet. So we're going to make the wallet sort of blend with the Brave Rewards system as much as we can. We're going to make it multi-chain and

We don't have any religion about blockchain. We like Solana. We agreed to make it the default for multi-chain dApps where they don't express a preference for default and the user doesn't. And that choice of default the browser can make, that's important. That's how search deals get done. That's why Google only pays for default because they're king of the hill and they figure they'll get the traffic anyway. That's what they say. Whereas Bing does and DuckDuckGo and others, Yandex do search deals with browsers and

even if they're not the default. They'll pay for traffic. But even still, a lot of people are going to get wallets for the first time. This is pretty awesome. It is. It's exciting. It's also, you've seen what happened with MetaMask. They took off very cleverly at the time Uniswap did its V3, I guess it was, and just started getting a lot of swap action that made them a lot of money. And that was from people using MetaMask and self-custody, I would guess. I've not got a good figure right now.

Most of those users don't have a hardware private key device like a Ledger or a Trezor. And so they're keeping that word list safe in some safe place, I hope. I talked to somebody, an anonymous user of Brave in Africa who was a Hex fan, and they were wondering why the Hex founder was feuding with us because he's kind of a nut.

But that all blew over. But this user, I said, how do you use it? He said, oh, I've been buying crypto for five years. I use MetaMask, right? Or four years, I guess it was. And I said, oh, do you have a ledger or a treasure? No, I'm really afraid I'm going to lose it all, right? Well, sure, you can recover access to the wallet, but that still means you're piling up wealth in a browser extension, which are known to be hackable, or at least not as secure as if it was in a browser itself. And on top of all this, it's always connected to the internet. The extension is just weaker now.

both in terms of its powers, but also its security model. If it's doing its own secure store for a private key, it's just in a weaker footing than a native app by design. Then we see this all the time. If you tweet and you mention MetaMask, I joked the mask that is meta because I didn't want to say it, you'll get all these phishing support accounts pretending to be your buddy, impersonating my friend David Walsh who was at Mozilla and now is at MetaMask.

And they'll try to say, DM me or go to this Google form and we'll help you get your key recovered. And sometimes the topic wasn't even about lost funds. And you go to the Google form and right above the fine print from Google that says, don't enter any personal, private data or passwords in this form is a field saying, give us your 12 words, your 20 words.

So these fraudsters just swarm onto this. There are bad actor companies in the ecosystem right now that are trying to tell you, hey, for a nice experience to have all of your wallets aggregated here, type in your secret phrase from your local self-custodied wallet into our thing.

And I've seen this on Coinbase, but I know there are others. We are not yet trained on what these secret phrases mean in the way that we're trained about passwords. And it took 20 years and it took 20 years to train on credit cards. And so we're telling people, hey, this is like a username that you can type in anywhere. And it's completely defeating the purpose of that as security. Same thing for QR codes. QR codes have become shorthands for links. I go to my neighborhood pool and I can scan a QR code with my iPhone and then sign in on the web form. But.

But QR codes are also used, especially in crypto, for spelling a private key. And you should not be putting them on paper for somebody to scan ever. And you're right. There are, let's say, bad or sketchy actors who are trying to collect these things or passwords and email. There were services over the years...

There still are that will say, hey, we'll read your email for you. In fact, DuckDuckGo is building one, but I think they're keeping it clean, right? It would blow them up if they cheated. They're just trying to strip trackers from your email and you get a duck address if you want it. But better if it didn't have the clear text of your email messages at all. And so in Brave, if you use webmail like Gmail, we block those trackers at the endpoint where the secure session, the TLS session terminates.

But this whole thing about dual models, something's a public key or a public link, something's a private key, and they're both getting forced through the same UX metaphors is a problem. And training users, maybe getting to a better state of play with hardware wallets where they aren't just this anxiety-producing dongle that you're worried, did it break? Did I forget my pin? Did I send to the wrong address? You probably want these things to be more like a phone, something that's more useful to you in your digital life.

You don't want to have anxiety every time you transact. You want to have the sense of security and that you're winning. And that's the other thing I would say about Brave. We can make your built-in wallet a positive sum game. It can collect non-pump and dump

yield opportunities from DeFi if you want to put some assets in. It can collect that revenue share. That's another positive sum game we already have. So we're trying to make crypto be part of your daily life in a way that doesn't provoke anxiety. Am I being phished? Did I lose my pin or my passphrase? You bring up this just ever-present trade-off in computing, which is security versus user experience. And I frequently think that

When I'm doing something in crypto versus I'm doing something in the regular bank TradFi ecosystem, and...

My bank, for better or for worse, has taken a lot of the headache away. And I have a pretty good user experience. It's not confusing. I know what I'm doing when I'm wiring money from one place to the other or making a transfer from one account to the other. I lose some of my liberties because they have the option to remove my assets if they determine that I've done something illegal, even though I'm like, well, hey, I didn't do something illegal. If they determine that I did, they could seize my assets.

they can make a profit on me. They can arbitrage the cost of capital to their returns when they take my deposits and deploy them elsewhere. I should be getting all that economic upside. But what I've gotten in exchange for giving up my liberties and my economic opportunity is a pretty good user experience. And we're at this place in crypto right now where we've taken a hard left and we've said, I want to own everything. I want to be hyper secure. I want to have all my privacy and

And what we're left with is... Be unbanked. Yeah. Yes. Also be a bank. And it is a brutal thing to have to manage all this stuff right now. Yes. This calendar year is going to be big because not only adding more chains, I think I agree with Vitalik, we're not going to do complex multi-chain transactional models. So people are working on those using...

threshold signatures. I think the main thing is we'll have the chains people want to use and the yield farmers go where the returns are good and the users follow. So we'll make that all as automatic and convenient, but you'll still have to turn it on and we'll have safeties on it. And that UX will take a lot of work to develop because design is still an art. It absolutely is an art, right? You can

the space is too large to do sort of AB testing in any credible timeframe. You have to call some shots, get some users telling you what to do, collaborate with those lead users I mentioned earlier. And then I think at the end of this year, we'll have a wallet that will be super awesome, not only for using crypto and DeFi and so on, but also if we do it right, some of our custodial partners can virtualize your plastic from your wallet. So they can give you

like privacy.com does, like the Apple card does, they can give you a MasterCard number from a block that they allocate from that isn't your number. So your security is better. It's like the generated email addresses that Apple and others are doing. And if we virtualize the credit card, then we can actually put e-commerce in the browser. We can deconstruct Amazon, every site without having to change its merchant name.

JavaScript, which is not going to happen easily, can have an option where you can use something like a virtual credit card that could even be topped up with crypto or draw on crypto. I've got one question for you as it pertains to this decentralization versus user experience topic. Moxie Marlin Spike pointed out in his recent post that, and this is a quote, to make these technologies usable, the space is consolidating around platforms. Again,

Again, people who will run servers for you and iterate on that functionality that emerges in Fiora, OpenSea, Coinbase, Etherscan. And my question for you is, do you think it is the case that the user experience that users want and the developer experience and sort of ecosystem speed that programmers want

necessitates these centralized choke points no matter what generation of the web we're on. So it's hard to beat a server when you want to do something like index Ethereum's history into a database with multiple ways of querying it. So I'm not going to do that on my machines. I'm going to use Etherscan or something like it. And if Etherscan has trackers or bad ad tech in it,

I'm going to use Brave and block those. But it's hard to beat a server sometimes. And I agree with Moxie, right? I like Moxie a lot. I met him once at Mozilla in the old days. He and colleagues did this blind context matching system, contacts, I should say, like your address book contacts for Signal. Because they had this problem that your friends are on Signal. Signal uses the phone number as identifier. But how will they help you find your friends without...

reading your address book, which is a privacy problem. And the way they did it used chown blind signatures and hashing and so on. And it's clever and it runs in a secure enclave on the server, which is something we're also using at Brave. So I agree with...

Moxie's essay, there's a larger toolkit from cryptography, the original crypto, which some of my cryptographer friends are still mad as crypto has been an X by cryptocurrency. But there's a larger toolkit and it works on servers, on centralized systems as well as in decentralized systems. And decentralized systems, even Solana, there's always a trade-off. If you really want certain guarantees...

and certain latency, you're going to want a server. And you're going to want even the network to that server to be provisioned a certain way. So there's no free lunch, and there's a larger universe in which I think blockchains and peer-to-peer networks make sense, but also servers will endure. That's why I get annoyed when people think that Web 2-- oh, Brave's 2, Web 2. Well, Web 3 is not going to replace Web 2. It's going to extend it in a way that eventually, perhaps,

If it's like McLuhan's laws of media, it's going to mock and torture Web2. But that's far in the future. In the meantime, it's going to be extending it so that we can get users using it. And there are ways that users will want to use it that are going to be like Etherscan or a proxy farm like Infura runs or Bison Trails, or there'll be servers you'll want to go to. But if you have these cryptographic protocols, if you have strong, muscular clients like Brave...

If you have that market power as a small user through essentially unionizing with other users of that client, then you should be able to get better privacy, better security properties out of the server. It shouldn't just be raiding your data. It shouldn't be just betraying you in some way while it's whispering in your ear. It should be a fairer deal. And that can be done with cryptography broadly construed. So I liked Moxie's essay quite a bit.

Our sponsor for this episode is a brand new one for us, Statsig. So many of you reached out to them after hearing their CEO, Vijay, on ACQ2 that we are partnering with them as a sponsor of Acquired. Yeah, for those of you who haven't listened, Vijay's story is amazing. Before founding Statsig, Vijay spent 10 years at Facebook, where he led the development of their mobile app ad product, which, as you all know, went on to become a huge part of their

business. He also had a front row seat to all of the incredible product engineering tools that let Facebook continuously experiment and roll out product features to billions of users around the world. Yep.

So now Statsig is the modern version of that promise and available to all companies building great products. Statsig is a feature management and experimentation platform that helps product teams ship faster, automate A-B testing, and see the impact every feature is having on the core business metrics. The tool gives visualizations backed by a powerful stats engine, unlocking real-time product observability.

So what does that actually mean? It lets you tie a new feature that you just shipped to a core metric in your business and then instantly know if it made a difference or not in how your customers use your product. It's super cool. Statsig lets you make actual data-driven decisions about product changes instantly.

test them with different user groups around the world, and get statistically accurate reporting on the impact. Customers include Notion, Brex, OpenAI, Flipkart, Figma, Microsoft, and Cruise Automation. There are like so many more that we could name. I mean, I'm looking at the list, Plex and Vercel, friends of the show at Rec Room, Vanta. They like literally have hundreds of customers now. Also, Statsig is a great platform for

for rolling out and testing AI product features. So for anyone who's used Notion's awesome generative AI features and watched how fast that product has evolved, all of that was managed with Statsig. MARK MIRCHANDANI: Yep. If you're experimenting with new AI features for your product and you want to know if it's really making a difference for your KPIs, Statsig is awesome for that.

They can now ingest data from data warehouses. So it works with your company's data wherever it's stored. So you can quickly get started no matter how your feature flagging is set up today. You don't even have to migrate from any current solution you might have. We're pumped to be working with them. You can click the link in the show notes or go on over to statsig.com to get started. And when you do, just tell them that you heard about them from Ben and David here on Acquired.

All right, well, I want to move on to our grading section here. And even though this isn't a sort of traditional Acquired episode, or we've necessarily told the whole history and done our teardown analysis the way we typically do, Brendan, I am curious your take, what does A-plus look like for Brave? Let's just say three years from now. In some ways, it's an epoch away. In other ways, it'll be here as soon as we know it.

What does success look like for the company? If we keep doubling or better, three years is eight times 50. So it's 400 million users. And once you get to that scale, you start to get distribution opportunities like being on phones. Pre-installs aren't really happening outside of the apps from the OS superpower like Android, Google, or iOS, Apple. But Samsung's out there and there are new phones coming up in the world. And there's always a lower end of the market that's getting better thanks to the hardware getting better.

better and sort of trickling down. And so I would like to see us get to that scale because then I think distribution could go in directions that right now is harder to do organically and will cost you a lot if you have to pay for it. But that's kind of a mundane business thing. I think if you get anywhere near 400 million monthly users, you have enormous clout, especially if they're lead users still, in standards. And standards matter still because a lot of businesses...

want to not only compete, but sort of cooperate, the coopetition model. So you get ongoing web standards still in spite of Google's dominance and somewhat strong arm tactics, you still get standards evolution. Crypto is for each blockchain, its own set of standards, often run by a core team. But there's, as I said earlier, greater sort of de facto standardization on things like EVM compatible chains or

smart contract systems or things you can do with compilers and interpreters, even if you don't have an EVM work alike in your node, in your network. So when we get to the scale of toward 400 million or more users, we will have opportunities to do things, including with the basic attention token that we couldn't have done out of the box earlier. And that would look like having a

something more competitive with Google that's decentralized. And we're not just aiming at Google. That's like sort of driving by looking in the rear view mirror. Google's a hundred year company, so was General Electric, but it ended up a tax dodger and a subprime lender, right? This is not a good ending. Thomas Edison was spinning in his barrow. Google may end up that way sooner or later, but we're looking at a world where users are sovereign. That's the vision I mentioned earlier. You have these

machines without being a burden to sysadmin, you should have say over them. You should have benefits from them. And it's not just economics in some money-grubbing way. Economics, really, the Greek word means something about

home economics or about the home or the scale of human life where you live most of your life. And things have become very fraught and dehumanized at larger scales. But if we can get people operating better at smaller scales, then I do believe this will be good for the world. And I'm not just talking pie in the sky, hobbits in the shire stuff here. I see this with the creator economy. I see this with the YouTubers and the other creators. I see this with NFTs for all the clowning that goes on with NFTs.

And actually, we'll be looking into NFT as a basis for further, you know, sort of tokenomics for our creators in this new year. We want to see fans and creators directly connect, and we want to see them do it without

you know, being demonetized or interfered with, censored, all that stuff. And if this can be scaled up, it forms all these little networks that have these logistic curves that have their exponential phases that everyone loves. So people should want this for good business reasons, but you can't rate it through ad tech or tracking. You have to have a better platform and better sort of network for it. You have to have crypto in both senses, Moxie's

And that means people who have KYC'd themselves so that they can receive tokens? Yeah, or if enough people have self-custody, maybe...

we'll hang the self-custody wallets on the creator side and you can just do an on-chain send on a fast chain with low fees and you don't have to go through KYC at either end. Now that was always what people told us to do. You should only do direct on-chain and

I looked at it and even with our Bitcoin prototype, it was too expensive. I talked to people like Bology of 21.co, which Bitcoin bought. I talked to the Open Bazaar founder who'd actually DM'd me first. He said, "We're thinking about adding BAT." And I said, "Aren't you Bitcoin without a fee? Why do you need BAT?" And he said, "Well,

Nobody wants to send Bitcoin. They want to hodl it, which is very true and which at the time would have been a good strategy. Just sit on it. Don't shave those Bitcoins to send something, send scraps to your favorite YouTuber. And people will send Bitcoin. People are using Lightning or Jack and so on are all excited about it, whatever. There's lots of options for this. But

Getting people to do direct on-chain sends is still challenging for the UX reasons we mentioned, the usability, the security, the sort of familiarity on both the sender and the creator who receives it. But with Brave at 400 million, we can hang self-custody on all sides of our ecosystem, even the advertiser side, the full triangle. And people can go peer-to-peer. They don't have to go through custodians if they don't want to. Now, like I said, if you're worried about law enforcement, which you shouldn't be if you're

unless the government's gone bad, then blockchain forensics and exiting on a regulated exchange will still let the law enforcement do what they need to do. We're not trying to stand in the way of law enforcement doing what it should do. But this idea of getting to a big system of direct on-chain sends

By starting there and limiting it to only those cases or limiting it only to Lightning, which I was told to use before it was ready, years before it was ready, doesn't make sense. We've gone the other way. We're pragmatists. But as we grow and as we keep the custodial options going, we'll add the self-custody options and see what wins. Makes total sense. I'm sure you've thought more about the success case, but what's the failure case? What are the existential risks at this point? So there's always risks of some bad macro event or some bad crypto event.

Crypto gets banned in the US or something like that.

Don't think it's going to happen. One of the reasons is because I do see too many rich people partaking through their family offices and so on. But I do think there's a risk there, and I can't quantify it too easily, so we're just trying to carry on. It's hard to hedge anyway. I think there are risks with big tech. Big tech could still misbehave, and it still has even political power, though. It's been getting beaten up more and more by both parties as time goes on. But that's a risk. Do you think that Facebook or Google or any of the others could

ship a wallet in Chrome, for instance, or actually really embrace this? I bet there's somebody at Google who's looked at this. I know Google had a wallet or may even have a wallet team that does some outward bound stuff and they never connected it with Chrome. They never put it together. PayPal is going to do their own stable coin or whatever. You're going to see more wallets and maybe you'll see them in big browsers, but I don't know if they're going to get into the

that we're getting into early, which is the frontier. And that means they may just be stuck in the old world. It's very much like the age of discovery. We're going to be building the Wild West and then the lights will come in and the streets will get better paved and we'll be there already. And we'll be selling pickaxes and shovels

The old world is back there, the Ancien Regime, kind of corrupt, unwilling to innovate. Maybe they stole the gold, but their banks then stole it from them through compound interest. I love it. You're the sans culottes. Oh, yeah. The Fugger family made out, the Habsburgs did not. So, you know...

Google may have a wallet, but it might just be a me too. And it might be kind of weak when they do. Can you imagine the default switching from sign in with your Google account to authenticate with your in-browser wallet? There's just no way. It really is hard for Google to innovate. They're just a big company and these big companies have their own

problems, not just the innovator's dilemma, but at least that much. And I just don't think they're going to be a huge threat, but they could use strong arm tactics to hurt us for sure. All the bigs could. And then there's our own execution risk and our own sort of competition with the growing new wave of privacy products, where I think we have to just compete. And it's competition's good. We learn from each other.

There's a marketing component as you grow across the chasm where you're trying to convince people who don't know, again, a search engine from a browser that,

Your product is more private, it is faster, it's more trustworthy, it's got other good properties. - Who do you consider your competitors? So is it, would it be like Square or Block or Metamask or? - No, so we're trying to get people off of Chrome and that's a matter of getting people to see that it's easy to migrate. You can even co-browse for a while, you don't lose anything. And then you can cut the cord with Chrome.

People switch from Firefox. That happens over time because it's going down and people can see it and sort of there are problems there. We can get people off Safari, but Safari is still privileged in Apple's OSes and kind of tied. So that's hard. Edge is somewhat privileged in Windows, which is a little hard on us.

We're competing, I think, for thought leadership with other privacy firms. So there's Jumbo Privacy, which isn't really doing a browser, but it's coming up with stuff. It's another venture funded thing. Deftico has been out there a long time and they've built up quite a reputation and brand name. You see their signs in airports. So they've done sort of a marketing first approach and gotten to a reasonable annual turnover from what I understand. And that's got to be considered a competitor because they're doing desktop browsers on top of mobile now.

But we look at the pie that we're dividing up as very large. If you're taking users from Chrome, we could both take and not really interfere with each other. The worst case to me would be Duck and Brave start

blooding each other in some mixed martial arts match to claim the privacy mantle prematurely. That seems needlessly destructive. But it is difficult marketing across the chasm. You have to say, "We are more private," or, "We are better," or, "You should use us because we're faster or more complete. We block these threats that the other guy doesn't." And so some of that will have to happen. It's just going to have to happen for marketing reasons.

All right. Lightning round of carve-outs. David, give us your first one and you and I will go first and then we'll kick it to Brennan so he can think on his. I'm going to make it easy. My carve-out is a book about halfway through that I started reading because I saw you tweeting about it while you were in Hawaii. Project Hail Mary, Andy Weir. So good. Really enjoying it so far. So good. It makes me think about everything from scientific principles when I look around in the world. I don't know that book. What's it about? It's Andy Weir who wrote The Martian. This is his newest novel. Okay. And...

is story told in such a way that it's really fun to let it surprise you as you read the book. So I don't want to spoil it. Yeah. The Martian was good. Cool. All right, Ben, what'd you get?

My quick one is the second book that I read on vacation, which is Open by Andre Agassi. His co-writer or ghostwriter, I don't know the right term, but it's the same Pulitzer Prize winning writer who helped fill night with Shoe Dog. And it is written in that same page turning thriller style. And Andre Agassi had an unbelievable career ups, downs,

Shout out to friends of the show, Jeremy over at Tiny and David Perrol, who at Capital Camp recommended the book to me. But it was just awesome. Highly recommend it. So I've not been reading enough and I owe a friend at Apple a reread of his new book, which is his first novel. But I...

This is kind of negative, but I think it's important. Mike Schellenberger's San Francisco is worth reading if you're from the Bay Area a long time like I've been, because it ain't good. I remember much better decades in San Francisco and I hope come back somehow, but Mike diagnoses it pretty directly. I also would recommend an old book that a friend who only reads old books recommended to me, which you can find free copy of online, like LibGen, you can get it. It's called Dynamic Economics by Burton Klein.

You've never heard of Burton Klein. Burton Klein looked at how firms grow and how they start. Sometimes the Skunk Works projects, he actually looked at Kelly Martin's team. He looked at the trader's aid at Fairchild. He looked at the China Lake Sidewinder, the first practical heat-seeking missile development. And he made some killer observations about

structure, sort of sociology, anthropology, hierarchy about how firms go from innovation to rent-seeking to outright vampiric badness. And he had four kinds of firms. So anyway, Burton Klein, Dynamic Economics. It's an oldie, but underappreciated and still very much relevant. I wonder if I should give Elon Musk a pointer. Yeah.

Brendan, thank you so much for the time. We're going to let you run. Where can listeners find you on the internet and Brave on the internet? So brave.com.

Five-letter English word domain name. We got it in 2015. We got it from the nuclear polka combo, Brave Combo. It's a Texas band, the friends of Matt Groening, the Simpsons creator. He's put them in Simpsons season 17. And they were honest musicians, and we gave them bravecombo.com and paid a reasonable price. So brave.com is it. I'm on Twitter as Brendan Eich. I'm on Reddit as BrendanEichBrave.

Easy to find. BrendanEich.com. I haven't updated in a while. That was a historic blog post, but some of them are still relevant to do with Trust But Verify, also WebAssembly, JavaScript stuff. And on Twitter, the Brave handle is called AtBrave. It seems to be search banned for some reason. I'm not sure why that is. We have Attention Token. That's another Twitter handle. We have Brave Support if you need support. You can always tag me, Brendan Eich. Awesome. Brendan, thank you so much. Thanks. It's fun.

David, that was super fun. Brendan is such an internet legend. Oh my gosh. What a man for all seasons, literally. Yep. Well, listeners, thanks for being on the journey with us. Another fun episode. As always, if you want to check out more and you're like, I need more Acquired right now and there's not any new episodes yet and you want to go deeper, go check out the LP show. Search Acquired LP show wherever you get your podcasts.

Come discuss this and hang out in the Slack, acquired.fm slash Slack. We got a job board. You're looking for your next thing. You're part of the great resignation. Maybe you're thinking about being part of the great resignation and you are thinking about, you know, you want to float your name for something, but you don't know what that something is yet. We also have that feature on the job board. So go to acquired.fm slash jobs. Find your next dream job. And we will see you next time. We'll see you next time.

Who got the truth? Is it you? Is it you? Is it you? Who got the truth now?