Your lesson should also include preparing interviews just like you prepare an exam. It sucks but it's a standardized process to evaluate some capabilities that decrease the risk of losing $$$ for the company that hires you.

I've built a similar product for a well-known company in the space (and competitor to this company & Coinbase) and co-led the development of the crypto custody at Novi (Blockchain subsidary of Facebook). Happy to answer more questions though they do not provide much insight into their technology publicly.

Curv provides MPC-based crypto custody solution wi. I'll be over-simplifying but they allow private keys that protect large sums of cryptocurrencies to be split in encrypted portions called 'shares'. These shares are both created and used in a fully distributed manner (just like threshold signing / or 'multi-sig'). You generally define a threshold 'm' out of 'n' that's mathematically required to get a valid cryptographic signature.

An attacker would need to compromise a sufficient quorum of these keys simultaneously in order to sign blockchain transactions that would extract the funds somewhere else. As you can imagine, the complexity of such attack is highly correlated (and actually tends to grow exponentially due to several factors) to the quorum threshold 'm'.

Curv seems to allow financial institutions and all kind of institutional investors to create the shares, manage them and use them securely to sign transactions.

The argument they provide which makes little sense to me is that there is no 'private key'. They just seem to play with jargon as the shares are pretty much equivalent to individual keys in a multi-sig system, or at least hold the same power and have same results in compromise scenarios.

The difference between multi-sig and no private key is that the former is an implementation of the blockchain protocol (e.g. different in Stellar and Ethereum) while the latter is a generic algorithm/service. Different layer.

Yes, I just meant that in practice the risks are the same from a security perspective (and most legit blockchains support multi-sig at this point), especially for the shares so I wouldn't call it 'no private key' :D

> Happy to answer more questions...

Does these kind of solutions work for every cryptocurrencies? For example does is support Bitcoin? Or is this something that needs some kind of smart contract like those provided by Ethereum?

And another question: what about optionally fully anonymous transaction as in ZCash, does the scheme work to sign tx done using ZK proofs too? Or fully anonymous ones, like David Chaum's upcoming "xx coin"?

So there are lots of papers and work that has been done for MPC over ECDSA, EdDSA and Schnorr (that covers the majority of the crypto-currencies). MPC unfortunately sounds unfair to me at the moment because it's not widely available for retail in a production-grade state afaik.

The only blockchain-native mechanism that's getting more popular but unfortunately not supported everywhere yet is multi-sig. I consider multi-sig equivalent in term of security to MPC in practice. Bitcoin and many blockchains supports multi-sig addresses (ethereum does this through smart contracts but is still very much a native feature).

Heh, the $150 Trezor Model T supports the "m of n" key thing. Repackaging the tech and selling it to business is really not a bad startup idea.

Multi-sig for retail is great, and I use it myself. But you're held to a completely different standard in term of security and compliance as a financial insitution. And this applies to: software, hardware, operations, ceremonies, business continuity (what if the business goes bankrupt, what if country 'xyz' gets nuked etc..).

Please take note that Spotify pays sub-market salaries for these cities. The reason being that they do not offer RSUs but instead public stock options without any discount.

- Typical FAANG compensation: X base pay + Y RSUs + Z signing bonus

- Spotify: X base pay + Y stock options (public, so equivalent to you purchasing stocks really) + no signing bonus

Spotify gives you the choice of RSUs or options or straight cash. https://hrblog.spotify.com/2019/06/13/show-me-the-incentive/

Cool, they must have changed their comp structure then as the previous model was an immediate "no-no".

The pay isn't particularly attractive compared to other tech companies in those cities, but it's still massively better than 99% of other places in the world.

What's the difference, for the laymen

Say Spotify's share price is $100, and as part of your compensation you are given an option to buy 100 shares at $100 in 5 years time

If Spotify in 5 years time is $500, you buy 100 shares for $10k, and immediately sell them for $50k, making a $40k profit (or you keep them).

If Spotify in 5 years time is $102, you buy 100 shares for $10k and sell for $10,200, making $200

If Spotify shares in 5 years times is $90, you don't bother buying the shares, but your options are worthless.

Now imagine you were given 100 shares instead, but couldn't sell them for 5 years (an RSU - or restricted stock unit)

In 5 years time, if Spotify is $500/share, your shares are worth $50k

In 5 years time, if Spotify is $102/share, your shares are worth $10,200

In 5 years time, if Spotify is $90/share, your shares are worth $9,000

Yeah this model sucks, unless they give you A LOT more of these options than they would give you RSUs. Then it could work out, if you believe in the company.

You only earn money if the stock price appreciate

I'm envious of your laymen speak.

Exactly right.

RSU means they gave you the stock at price X. Options mean, they gave you the right to buy the stock at price X sometime in the future.

so its like call options where employer eats the option fee?

Yes, except I think they usually just issue new stock when you exercise and dilute the existing owners instead of actually paying someone else for an option.

Stock options aren't equivalent to just buying stock.

They are equivalent to letting you travel back in time to the date when the strike price was set to buy stock based on your future knowledge (and using your future money).

That's obviously not worthless. It's much harder to determine the value of than RSUs, but it's potentially very valuable.

What are you trying to say? Anyone can demand a greater salary if their qualifications are in demand. If they are not - they should consider working on learning new skills which are in demand.

What would you recommend now?

Other than learning skills (getting new qualifications because your current qualifications are not in demand) which are in demand and pay what you wish to be paid?

> Some of them made 150k, 200k, 250k - while other people, also qualified, make salaries that are not enough to start a family and have a decent life.

I don't understand why they are arrogant. Is it because despite making that level (which is objectively nowhere near the ceiling for global SDE salaries), they still want more? I can understand the cognitive dissonance of viewing that number without context, but I think it might be worth taking a look at something like levels.fyi.

Look at engineer salaries at FAANGs at top hubs such as SF, NYC, LDN. The reason they are so high is because the companies need to pay that amount to get access to the talent they need to run their companies. If they could pay less, they'd save billions (maybe trillions), so they would have already tried that. And indeed they did, before they got taken to court for collusion lawsuits.

The truth is, as high as engineer and tech salaries are, they're high for a reason. They get very expensive things done. I don't see anything arrogant about that. On the contrary, what I would find arrogant is expecting them to do that without taking their fair share.

Fully agree, this is why I didn't put numbers and only mentioned pay structure and market rate.

250k is about median, I wouldn't consider it well paid.

How is Docker a success from YC? Pretty much the opposite no?

Has it officialy failed yet?

I am currently on a H1B and got married in May in the US. Unfortunately, my wife was on a diplomatic visa (lost her job due to the pandemic) and her organization will not allow a change of status to H4, as a result she has to go back to her country.

Given the current H4 visa ban, it seems like we'll have to be separated until next year. What are our best options for her to come back in the US and switch to H4 before January?