Equilibrium Group (Equilibrium Labs and Eiger) have been working together with Aleo for more than three years, so it was a great pleasure to talk with Alex Pruden, CEO of Aleo. We covered topics related to his experience leading a web3 startup, challenges and lessons learned along the way as well as the ZK industry more broadly. Below is a write-up of that conversation - we hope you enjoy it!
Aleo’s goal is to reboot the internet by providing a secure and more personalisable experience that’s powered by zero-knowledge technology. And when I say web - I mean across both web2 and web3. I like to think about web2 as the web of information and web3 as the web of value.
We try to achieve this goal by building a new layer 1 blockchain that is both private and programmable. Aleo leverages zero-knowledge cryptography and off-chain computation to enable scalable and private decentralised applications. Users execute transactions locally and the computation is contracted into a zero-knowledge proof. This gets posted to the chain along with the result of the computation and nodes can verify the proof to convince themselves that the computation was done correctly. All this means that both inputs and outputs remain private - they can only be revealed if the user wants so.
The privacy by default is in contrast to Ethereum or Bitcoin where all interactions are public. In addition, Aleo enables general-purpose programmability which means that you can build more advanced applications like identity solutions rather than just simple asset transfers as in Zcash and other existing privacy-focused chains.
We were working with Syrian rebel forces in 2015 and essentially training them to fight the Assad regime and ISIS. Many of those people were refugees who had been forced to not only flee their country but also leave behind a significant amount of wealth - both real property and savings in bank accounts that couldn’t be accessed outside the borders of Syria. So I saw people losing everything, most of whom had played by the rules their entire lives.
I learned about Bitcoin around the same time and at first just thought of it as an investment. It was only after I returned from that deployment and reflected on those experiences along with previous experiences I’ve had in the Middle East that it all clicked: Bitcoin was a bank account in your head that you didn’t have to trust anyone to access. You could take it anywhere and use it as long as you remembered your seed phrase or password, and start all over. That to me was the moment I was inspired to go into this field and work on this transformational technology.
At A16Z I had the opportunity to work with some amazing people and get to know many different companies across the space. One person that I met through A16Z was Howard, the co-founder of Aleo. So that’s how the conversation started for me to move over to Aleo and I was the first non-founder employee to join them. So I look back at the time at A16Z with joy and am thrilled to have them as investors in Aleo, but ultimately investing is its own world and requires a specific skill set. I wanted to be an operator from the start.
So the transition was actually quite natural since that was the original plan. I felt strongly about the use case of Aleo and wanted to effect change first-hand and be involved in the day-to-day operations, rather than be the one funding the change. I’m happy about where I ended up.
I honestly can’t keep track of the number of challenges we’ve encountered along the way…
One moment that really stands out to me is when we released a feature called deploy and execute. It sounds like a really simple operation to just deploy a program and execute it using zero-knowledge cryptography. However, doing it in a privacy-preserving, off-chain and secure way has taken us and the wider community 3 years of continuous effort. The infrastructure that was required includes a setup ceremony to derive the secure parameters, a blockchain and a highly available data layer that’s decentralised, a new virtual machine built from scratch and more. So we’re now finally in a place where people can deploy apps on Aleo and community members can be creative with what to build on top.
One tough challenge to highlight was around the consensus algorithm. Originally our plan was to do a PoW-based model called Proof of Succinct Work (PoSW). We had a testnet that was incentivised with several million Aleo tokens, but the algorithm was broken, effectively. One party was able to dominate the entire testnet. This was to some degree a public failure and a big challenge both from a PR standpoint as well as a technical standpoint. We had to effectively throw out the old consensus algorithm two years into the project and start from scratch. You can only imagine how discouraging that must be for people who’ve worked on it for two years.
But that’s all part of the start-up journey. It’s not one straight line, but rather a series of peaks and valleys. You just have to keep trying and iterating. One difference from the VC world is that at Aleo and startups in general, everything is existential. The stakes are a lot higher, which makes the lows lower, and the highs higher. So in general the amplitude of the wave is magnified.
One is being the CEO of a company that you’re not the founder of. It requires a lot of empathy and understanding to find the balance of leading with the founders in mind. I’m thankful that I have a good relationship with Howard and the other founders, but that’s something that’s been fairly important for me to keep in mind.
Another challenge is building a culture beyond the founding team in a remote working environment. I’m personally a big fan of remote work, but it’s challenging, particularly in a team where people haven’t worked together and some team members are quite junior. So you have to be quite intentional about this. And by intentional, I mean taking more time to do it. It doesn’t happen as automatically as it would in an in-person environment.
Lastly, on the personal side, I’m married and have a family. This job requires me to travel a lot and it’s obviously very high stakes. I often worry that I don’t balance my life correctly. There are a lot of things that require 110% of my effort and there’s only 100% to give. So it’s a constantly running optimisation problem.
I’m constantly asking myself that same question.
First off, we have a policy where people can take as much time off as they want. In addition, we have a very generous policy around maternity/paternity leave to make sure that people can be present in the really important moments in their lives.
With remote work, it’s easy to feel that you’re working all the time and that there is no separation or discrete time off. In order to combat that we try to designate time, particularly over the holidays, when the expectation is for people not to work even if they haven’t taken time off.
The company has also grown to a point where we’re big enough to not have any single point of failure. So that makes it slightly easier for people to take time off without feeling that the world is going to end while they are away.
All that said, I would be lying if I wasn’t saying that it’s highly demanding. Particularly on the level of the executive team, the job will take all that you give it.
At the end of the day - What you don’t do today, you have to do tomorrow. And there’s just nowhere around that.
I think hierarchy is absolutely required when you get beyond 10 people, especially in a remote setting. Flat organisations are often celebrated in startups, but in my opinion, it never works. Instead, you end up with an informal hierarchy of who’s the CEO’s best friend or the CTO’s drinking buddies, and everyone is trying to work informally to influence the decision-maker. Whether or not you think you have a hierarchy, you do.
That means it’s really a matter of being intentional about it. Doesn’t mean you can’t move fast or that there have to be rigid boss-employee relationships, but I do think having a clear structure around who reports to whom, who’s responsible for what and knowing who ultimately makes the final decision is crucial in an organisation above 10 people.
This comes with processes, especially in remote settings where communication is a bigger friction. When the whole team is in-person, you can just call a meeting there and then. In a remote setting, you need to schedule a call and make sure it works across multiple time zones and then summarise it afterwards for those that couldn’t make it. So it’s just way more work for a basic exercise of communication.
We feel that one way to mitigate that is by building mutual trust between people. This is why we’re adamant about meeting once a quarter and spending time together in person. There’s often no goal other than people being in the same room and getting to know each other as human beings. It sounds really simple and honestly, it is. But it makes a big difference to meet in person and build that trust, which then makes it easier to operate and communicate in the remote setting.
There are always tradeoffs, but we have a very clear Northstar of what we’re building. The two key properties that we’re trying to embody are privacy-preserving and decentralisation. So whenever we need to make a decision, we look to these properties.
Take performance as an example. We want users to be able to interact with a browser and use it to generate proofs. There is a lot of work needed to enable this and make it fast enough, but we feel it’s important to give users the option to generate the proof themselves. You can allow outsourcing to external provers, but unless you’re providing both options you’re forcing users to trust and use an intermediary.
That said, going from the principles to practical implementation requires a lot of iteration and there are often many ways to achieve the same end goal. For example, when we got started we thought that it was necessary to go beyond transaction-level privacy and also hide the program that users interacted with. This was achieved by essentially wrapping two different SNARKs almost like an onion, which you can imagine made things a lot slower and therefore less user-friendly.
Eventually, we decided that we could adhere to our principle of protecting user privacy without including the program. That was a tradeoff, but it enabled us to have a better user experience while still achieving the principles that we were aiming for.
The biggest and most important one is use cases. There are a lot of ideas of what it could be used for, but zero-knowledge technology is still not deployed in any application with real traction and actual users.
This extends to crypto more generally. People often fool themselves into thinking how far along the industry has come by looking at vanity metrics like funds raised or total value locked. However, those are not useful indicators of progress and adoption. I do think adoption will happen and ZK plays an important part in this, particularly around identity and making the internet a safer place, but we still have a long way to go. We need to show people what this technology can do.
When talking about ZK specifically, performance is a common issue and generating proofs can be quite slow. That challenge is thankfully rapidly disappearing thanks to ZPrize and other efforts. One advantage of having a lot of VC money going into the space is that there is a ton of research being done at these companies that get funding. Not all of it ends up being monetised, but it’s a huge public good that others can build on. So while this space can sometimes be competitive, most of the time it feels like a collaborative effort with everyone trying to push the industry forward.
The application of zero knowledge and machine learning is one topic, especially now that machine learning is the hottest thing outside of crypto. I think it’s an amazing technology that will undoubtedly change humanity. There are a few different areas where zero-knowledge technology can be applied within machine learning.
One example is using machine learning as a tool while preserving privacy and having some guarantees about the use of data. ZK could for example be used in federated learning to prove that you ran your mini model correctly before it gets aggregated into the main model. It would reveal nothing about how it was done and keep the underlying data private.
Secondly, I think application of ZK within identity-solutions and proof of humanity will become really important. Given the low friction, it’s likely that 99.9% of content on the internet will be generated by non-humans in the future. If you assume that we’ll constantly spend more and more time on the internet, then that means an increasing part of the world is generated by AI. I think we will want to know what content is generated by humans - at the very least for sentimental reasons.
A separate topic is that a truly privacy-preserving end-to-end model of the internet requires more than just zero knowledge. From the area that I categorise as advanced cryptography, zero knowledge is the furthest along and has seen the most investment and research. However, there are other techniques like multi-party computation (MPC) and fully homomorphic encryption (FHE) which are important as well. They solve slightly different problems and a truly privacy-preserving end-to-end stack of the internet involves all three of those.
You’re starting to see some of these interact with ZK in an interesting way. For example, using MPC can enable you to delegate proving to three different provers rather than one. None of them see the data and even if one of them misbehaves, the other two can still complete the computation. That would prevent us from having to walk around with a GPU in our pocket while still not sacrificing decentralisation or privacy too much when outsourcing proof generation. This is an active area of research that’s evolving quite rapidly.
I hope that it empowers users to own their own data, interact on their own terms and preserve privacy in a personalised way. So an internet that’s safer, but also a better experience for users.
I also hope that crypto becomes an integrated part of the internet, like TLS, rather than being a separate application that users have to download. Everything should work through the browser in a seamless fashion without sacrificing efficiency or personalisation.
Finally around AI - I think it’s an amazing tool that we should be able to take advantage of without letting the bad parts of it overwhelm all the good things. And I think crypto can do that. So it allows us to both have our cake and eat it.
Thank you, Alex - this has been a blast and I’ve learned a ton from this conversation. Really appreciate you taking the time to do this!