MacLane Wilkison (ZeroDB) Intro
forward this to your friends to join our growing helpful grassroots community of founders, investors, and advisors at www.startupstudygroup.com/slack ssg.space / contact: charles jo 650.906.2600 – twitter @charlesjo
This is an exercise to help our 400+ members get to know each other better. Like all exercises, this is opt-in.
Initial template questions by Charles Jo, Terrence Yang, Alan Daniel.
Founder contact info:
What is your elevator pitch of startup (super quick summary)?
ZeroDB is an end-to-end encrypted database that lets clients run queries without exposing the decrypted data to the server.
Why should anyone use our product?
Because it offers a superior security model to current alternatives. Since the server has no insight into the nature of the data, the risk is much lower. Even if an attacker successfully infiltrates the server, she won’t have access to the unencrypted data.
What’s your personal story and startup story?
I graduated from the University of North Carolina in 2010 and worked as an investment banking analyst at Morgan Stanley for two years, covering media, tech, a telecom companies. I left in 2012 to start an education technology marketplace that matched students with tutors via an online classroom. Eventually, I discovered Bitcoin and went way down the rabbit hole, working on lot of different projects, including LoanCoin, Blockchain University, and a blockchain-based collateral registry in South Africa. ZeroDB was a side project my cofounder and I had been kicking around – we posted about it on Hacker News and there was a ton of interest. We decided it was a more immediate opportunity than anything in the cryptocurrency space so we’re focusing on it exclusively now.
How can SSG community and others help you and your startup?
Evangelize ZeroDB to developers and get them building on it. Build things on top of ZeroDB yourselves. Introduce us to enterprise/SMB customers who would be interested in licensing a commercial version and/or purchasing a hosted solution.
What are your top priorities?
Get provisional patent filed. Start opening up the beta to early sign ups. Identify the exact use cases that we can make money from. Get paying customers.
What kind of timeline are you working with now (projects for next month, 3-6 months, year?
Limited beta starting after provisional patent filed. Starting pilots with enterprises/SMBs ASAP. Once we’ve done that, start raising a seed round (May-ish).
Do you see competitors in this space now? Who are your top competitors and why?
No one is architecting their databases in this way yet. Some companies tried to do query logic client-side in the ‘80s/’90s but it failed due to bandwidth constraints at the time.
CryptDB (http://css.csail.mit.edu/cryptdb/) allows users to make compromises between security and functionality. On one end of the spectrum, encryption can be probabilistic, which is highly secure, however it precludes any database queries. On the other end, is order-preserving encryption, which is deterministic and allows users to compare values, at the expense of security (e.g., dictionary attacks).
CipherCloud (http://www.ciphercloud.com/) offers “cloud security,” but their technology is proprietary so it’s unclear how secure it is. We believe it’s some combination of CryptDB and keeping the index separate from the encrypted database.
If fully homomorphic encryption (FHE) becomes a viable technology that would be a serious competitor. (No one we’ve spoken to thinks FHE will be viable any time soon).
Current database companies (e.g. Oracle, Mongo) could copy our technology.
Why are you and your finding team the ones to deliver this product to the world?
We’ve built it, we own the IP, we can offer better support than anyone else.
How many users have you talked to?
We’ve talked to the SVP of Information Management at a large bank.
We’ve talked to the founder of a network security firm
We’ve talked to several founders/CEOs of tech/software companies
We’ve talked to lots of developers/database people/cryptographers/academics
What have you learned from talking to users? (asked by @yangterrence)
ZeroDB’s current architecture doesn’t work for large banks because they have strict permissions controls and don’t want to give write access to clients (in this case, bankers’ laptops). They also are scared of opening so many more channels to the database server as they feel that opens more points of attack. They are also concerned with sharing tree nodes with a client that might not have access permissions for all the entries contained in that node (this is an issue when you have multiple clients with different permission levels writing to the same record)
The network security firm said small/medium-sized software firms might be interested in using ZeroDB to secure their IP and source code as it’s currently vulnerable on places like Github.
We’ve been able to identify and address weak points in our implementation, including concerns related to scalability.
Some companies are interested in exploring use cases around AML/KYC
Do you have any co-founders? How well do you know them?
Two – I’ve been working side-by-side with Michael for over a year on various cryptocurrency/blockchain projects. Michael is a physicist from Moscow Institute of Physics and Technology and has worked as a software engineer at LinkedIn and several startups. Ali, who I’ve known for about a year, joined recently to help with fundraising, biz dev, sales, and product. He’s a long-time Silicon Valley guy and previously founded Nexsi Systems (raised $90MM, but launched on 9/11 right before the crash, ouch).