RedMonk analyst Kate Holterhoff and J Chris Anderson, cofounder of Couchbase and CEO of Fireproof, discuss trends in the data space including the history and importance of Apache CouchDB, the evolution of client-side technologies, and the local-first movement. Chris highlights the use of cryptography for data integrity and identity verification, as well as the future of data management in the AI era. He also shares Fireproof’s go-to-market strategy, open source philosophy, and approach to community engagement.
Links
Transcript
Kate
Hello and welcome to this Redmonk Conversation. My name is Kate Holterhoff, Senior Analyst at Redmonk, and joining me today is Chris Anderson, co -founder of Couchbase, and your most recent venture is Fireproof Storage. Chris, thanks so much for coming on the MonkCast.
Chris Anderson
It’s super fun to talk to you again, Kate. Thanks for having me. Y ‘all do really interesting work. And so anytime I’m around a red monk person, I want to hang out.
Kate
Well, thank you. So I am hoping we can begin with doing a little bit of history
Chris Anderson
Well, you might know me from Apache CouchDB, which was a really fun way to learn Erlang among other things. And I got into that because I’d been recording music and made a website for my friends to upload their stuff and went down the rabbit hole. And next thing you know, I wanted a document database and one didn’t exist except for this one that needed my help. And a year later I was helping found CouchBase and it was a wild ride from there.
But the whole reason I got into coding in the first place is to empower application developers like how I was when I started out, wanting to learn how to build a website so my friends could upload their music.
Kate
Man, so you’re entirely self-trained.
Chris Anderson
You know, I took some coding classes through school, but I studied philosophy.
Kate
Amazing, okay. Humanities man after my own heart, that’s great. Okay, so you, and you have some background in music as well. Did you do any particular instruments or did you have a specialty?
Chris Anderson
I’m about as good at playing the guitar as I am at writing code. So I was the guy behind the mixing board, you know, and setting up the microphones and stuff. And it was a lot of fun. I did some records with Portland bands that, you know, had big shows going on all the time and whatever.
Kate
Ha ha ha.
Wow, that seems like a really natural connection actually, the folks who are using those kind of computers and then this sort of application development that you focus on now.
Chris Anderson
Well, web developers and web designers are the ones who benefit the most from stuff getting easier. And there’s also a big overlap between folks like that and artistic community and music community. So yeah, these are my buddies from, you know, coming up.
Kate
OK, amazing. All right, well, so let’s talk about the genesis of CouchDB and why it was so important. What made CouchDB such an innovative contribution to the data part of the stack?
Chris Anderson
Well, I think the real thing that it showed was the connection between the web and the document database model. So the relational database model has been around since the seventies and there’s nothing wrong with it. It’s great for what it’s for. The document model also has things it’s great for. And at the top of that list is web applications because documents are shaped like the sort of actions users take in their browser. So.
If a user fills out a form and hits save or is working on a form and wants to come back to it, all that stuff is very much shaped like the sort of data that you would put into a CouchDB or a MongoDB or a Firebase or now a Fireproof.
Kate
Okay, that makes sense. All right, and so you have focused wholly on the data side of this, but you’re also interested in the front end. So what is this sort of intersection of client -side technology and data?
Chris Anderson
The there’s this movement, I guess, toward what you’ve identified it front end developers as a new King makers. And I think that’s because the front end itself is becoming akin to the container host architecture of Kubernetes and Docker from a decade ago, where the browser and a web worker runtime are kind of all you need to get your core application out there. So API integration happens there and API integration is where technology gets chosen. That makes the front end developers, the kingmakers and fireproof is the database they can integrate into because it runs inside of that stack instead of being another one of those APIs.
Kate
Okay, that’s yeah, that makes a lot of sense. So Fireproof came out of your background at CouchDB and actually some of your docs talk about like what I guess some of the sort of important players in this space and how you’ve sort of built on that to do something better. So you do want to give us like a rundown about what Fireproof is and like why you consider it to be such an important improvement.
Chris Anderson
Well, I’ve been working on it for like a decade plus. And my goal in that time has been, I had to encode. I’ve been watching the ecosystem develop and waiting for the time to strike. But my goal in that time has been to build the easiest to use database of all time. And that, you know, means that anyone can write apps, which is where I started out. And that’s more and more important in the AI era where it’s easier to write apps because you can have a prompt help you. And then beyond being the easiest, it’s designed to be the safest because it has cryptographic proofs for data integrity. And that means that if you have your, you know, recent code school grad innovating on a new feature that gets integrated to your enterprise application, it’s already going to have the proofs threaded through it so that, you know, all the user operations in that application can, for instance, be drawn back to like an identity root that’s in a non -extractable key pair, like a passkey face ID, touch ID type system. So it’s got that cryptographic integrity, but linked to these new norms, this new consensus that’s developing around identity and all done in a way where if you don’t know and you don’t care, you kind of get it right by accident.
Kate
That makes sense. So you’re kind of focused on the guardrails aspect of like making it hard to do the wrong thing and, and, you know, enabling developers who might not have the, the expertise in the backend and in ops to, you know, use a database solution that is, is going to meet them where they are.
Chris Anderson
Well, it’s really about making the right thing so easy because 80 % of apps have this core that’s like, I have a thing that looks like a document and I want it to be on more than one device and I don’t want to stress about it. I don’t really care what’s happening on the backend as long as I can access it. And there’s some access control requirements and you know, wouldn’t it be cool if all that stuff was, you know, industrial strength and cryptographically tracked and you know, but like who would build that, that’s too much work. So instead we do it for you.
Kate
Ha ha. Amazing. So let’s define some of these terms here. So you’ve mentioned cryptographic several times here. So how are you using it at Fireproof,
Chris Anderson
So the way we’re using cryptography in Fireproof is so that each operation is based on the state of the previous operation in the same way that a blockchain tracks its changes over time with signatures that can include the signature of the user that did the operation as well. And so the complete tree, when you have all the history together, allows you to Well, it’s completely tamper -proof. So if I have a set of, you know, if I have a database and you do some work on it and you then sync your work with me, you can’t do anything that I can’t roll back. And also, if you look at any of the given changes, it’s like Git in that you can see who did what.
Kate
so it sounds like there’s a sort of real time aspect to that. Is that an accurate way of framing it? Like, I guess I’m thinking of how PartyKit enabled front end developers to develop real time applications the way that Google Docs would update as you change things. And you can have multiple users using it at once. Is there some similarity there, some overlap?
Chris Anderson
Real time is table stakes for an application database. Because without that, you’re on an island with a single user and you have to come up with your own way to connect those users actions to each other. And next thing you know, you’re spending more energy on that than on writing features. So that’s why you see any one of the anointed top databases the last decade has a real time component to it. And Fireproof’s no different.
The difference with Fireproof is that because we run on any backend to fulfill our data anywhere promise, it means that we use the WebSocket that AWS offers or PartyKit or whatever you want to run on -prem or in your cloud account, as well as offering Fireproof Cloud, which is coming soon. But the idea is as an application developer N PM install, use Fireproof and that’s all you need to do.
Kate
Wow. Okay. So I like that. And this idea of zero setup, you have mentioned that you were inspired by SQLite for that. Uh, care to develop that idea a little bit?
Chris Anderson
Developers really want zero setup. There’s a movement going on right now called local first. And I think local first is really a feature, not a category. And the reason that I’m interested in it is because in order to have zero setup, you have to have local first. And by that, I mean, when you use fireproof.
You can work on whatever you’ve got. If all you’ve got is your laptop and no internet, then all you have on your laptop is a browser. That’s all you need.
Kate
Yeah, I’ve spoken with a few folks about the local first idea, Carl Svere among them. And yeah, it does seem to be a movement, I think, is a good way of characterizing it. Do you think that it’s the future? Is that where you’re putting your money?
Chris Anderson
Again, I think it’s a feature, not a category. And we’re going to see people building apps in that style and you’re going to need to be compatible with it. And it’s kind of a mode. If you can’t do it, then you can’t do it. So there’s only a handful of local first capable databases. And then among those fireproof and maybe a couple of others, but there’s really not much, not many others that are doing Merkle integrity and the cryptographic data provenance that Fireproof offers.
So the reason Merkle integrity matters so much in a zero setup data anywhere database is because you know, without a doubt that you’re looking at the same snapshot, no matter where you are. And that enables enterprises to run workloads on the edge that they can only run in centralized data centers today.
For instance, if you’re doing some kind of inventory tracking, you could have a fireproof node set up in the warehouse with fireproof running on the user’s mobile devices while they’re scanning, and then sync all that up to the cloud later, but without the question marks that usually come with an intermediary.
Kate
what are some other things that you recommend for folks who are looking into a database solution or caching or anything that is going to affect how their app performs and interacts with data management?
Chris Anderson
I think the stack today is about making it easier to build apps without things that aren’t the value holding you back. And that’s always been the case, right? My whole career, you see this innovation with, I think Netlify paved the way with Jamstack and now Vercel is really owning, having a super quick way to iterate on code for experts. But all of that presupposes that you’re working on like, project, right? It’s kind of like that. You’re already capitalized the layer that the thing is, you know, has a team or has been, you know, you made it to that next level. And there’s a, like a blue ocean for supporting these applications that haven’t been named yet. That maybe are ephemeral that maybe work with a data set that an LLM cooked up for you or extracted from some other thing. And it’s was so easy to write the app. What’s going to happen soon is it’s going to be easier to write the app than find the app. And when that happens, then you’re going to need like an island where you can have data that you trust.
Kate
And so the place where data is, I think, is part of this conversation. We’ve touched on this a little bit. So, you know, the word edge gets thrown around. My colleague, Steve O ‘Grady, has some strong feelings about that. But the idea of IPFS is a part of your, again, sort of greater philosophy behind FireProof. So how is the edge coming into this larger conversation about where we’re putting this data?
Chris Anderson
Well, there’s a ton of opportunity there. And so you mentioned SQLite earlier. And if I have other competition in this new generation of databases, it’s a bunch of companies that are using SQLite to build something that’s cloud enabled. And so there’ve been some core changes in SQLite. They give it a similar persistence model to Fireproof. It doesn’t have the proofs, but it is multi -writer safe in the cloud if you manage it right. And so…it takes some expertise to manage it right. But if you’re willing to do that, now you have a product you can sell as an edge enabled database. So Fireproof aims to be all that in an open source done already package instead of requiring a startup worth of engineering to wrap it into fit for purpose.
Kate
Okay. And so you mentioned your competition a little bit. You’re a co -founder. You understand how crowded the market can be. What is your plan in terms of a go -to -market strategy? Like, how are you going to make Fireproof a success?
Chris Anderson
This is the fun part and I’m really inspired by what Meghan Gill did at MongoDB. I’ll admit that they really whooped us at Couch and they were also inspiring at the same time. And what they did, Couch had a great community, an amazing community, but it was kind of focused on those early adopters that first got into it and we had a lot of fun. But Mongo’s approach was really outward facing and inclusive and made space for a whole bunch of different kinds of users.
And then also really showed up all over. And so this ground game, I think is something that 2024, 2025 is ready for. So we’ll be doing fireproof day across the country and around the world. And that’s an in -person event where, you know, maybe me or somebody from the team is there to get the local community started. And once folks are buzzing about it, then we support that locality, you know, with sponsorship to keep the event going.
So I think that’s one way to take the market. And there’s a bunch of nuance about how to build content that is really compelling for that audience. But that’s my favorite thing to do. So it just really feels like being set up for that thing I’ve been dreaming of for a decade.
Kate
And so do you have a DevRel team at Fireproof right now?
Chris Anderson
We’re essentially running as an open source community. And so we have worked with a few contractors and had a couple of folks speak speak us around the world and friends of Fireproof. Volker Mische filled in for me at Berlin’s local first conf because I got COVID and couldn’t go. And he’s kind of a hero of the community. So it was not the worst thing that could have happened.
But yeah, we’re aiming to grow the team. You should see the GitHub repo. There’s a bunch of stuff happening. There was a wave earlier in the year, but this new wave is a lot bigger. So the community and the use cases that are coming into the Discord are getting richer and more interesting every day.
Kate
That’s fantastic. Yeah, you can’t go wrong with just integrating community sentiment early on, making sure that those voices are heard and, you know, tapping into that enthusiasm. So that’s a good strategy. Okay.
Chris Anderson
All right. Well, like I said, I write code about as good as I play guitar. And that makes me in this context, to me, my best use is more of a band leader. And so it’s great to have people come along who write code a lot better and faster than me. And then, you know, I’ll be on the phone with you every morning for two hours. If you’re writing code better and faster than me, it’s super fun. Let’s do this.
Kate
Yeah, I love that. Yeah, I think having, you know, recognizing strengths is obviously a big part of leadership, but also is important to, you know, making sure that a community like what you’re building at Fireproof is a thriving one. so I am interested in the lightweight component.
A big part of the front end kingmaker is this idea of like an API economy and making sure that we’re able to integrate these tools easily. And so I’m interested in like, can you dig into how it’s able to be lightweight? I mean, we do have some technical folks on this audience. I mean, maybe try to keep it so that the marketing folks can at least follow along here, but like how’s that possible?
Chris Anderson
So if you look at the competition I mentioned, that’s based on SQLite, they’re wrapping SQLite in Wasm, which works, but it’s an additional layer of abstraction and additional thing to wrestle with when you’re bootstrapping your system. Fireproof is written in pure TypeScript and can be included in any page with just a script tag. And we are like sub – hundred kilobyte and getting smaller. So it’s more like the jQuery of data than the React of data, if that makes sense.
Kate
It absolutely does. And you know, it’s funny, I just, you know, I’ve been doing some research onto code delivery, especially in the JavaScript ecosystem. So the idea of like, do we need to have a build step? Is it important that we have compilers? Like what is the future of Webpack? Why is everything written in Rust right now? And it seems like you’re a big part of that conversation. And it’s also funny to me that WebAssembly comes up all the time when I’m having these. So yeah, and the idea of like having a script tag the way that we did with jQuery as instead of having these sort of elaborate, you know, build steps.
You know, this was decades ago, but it was easier. The developer experience was better back then. Do you see everything moving that way? Yeah.
Chris Anderson
Well, that script tag, that script tag matters so much because the applications that could benefit the most from fireproof are things like a Salesforce app that nobody who wrote the app still works at the company. And you just want to get in there and add some feature or script some report or do some customization. And you don’t want to rely on just browser scripting, but if you have it in a provable database with cryptographic integrity that integrates with your single sign on.
then all of a sudden it becomes tenable to extend applications in this really cheap way. So yeah, the script tag has to be ready to go, not just for the users who are getting started, but also for the enterprise use cases.
Kate
Okay, that makes sense. All right, and then talk to me about the server aspect of this. Like, where is this data going?
Chris Anderson
You get to put it wherever you want. So we talked about zero setup earlier, but zero setup only gets you so far if you don’t have a data anywhere promise, because you’ll bring your new feature to your backend team. And Fireproof’s goal is that that interaction is just, you know, they can ask whatever questions they want. They’re the backend team, but the answer always has to be yes. So can you run it on AWS? Yes. Can you run on Azure? Yes. Can you run it, you know, on your own iron?
Kate
Okay.
Chris Anderson
Most of the time people are just going to use our cloud anyway because it’s easier. We need to support anywhere you can run it. And that enables cool things like provable video delivery for self -driving cars. So we’re not just a cloud solution.
In honor of the lightweight MVP, we built the open source component first, and it’s based on a cloud stack that we know we can stand up quickly and we’re in the middle of doing that. What’s cool about the cloud stack that Fireproof is building is that it’s based on UCAN, User -Controlled Authorization Networks, which is a kind of, it’s an extension to JWT that’s self -signed by those non -extractable key pairs that pass key like touch ID and face ID make available to the browser. So the value of a non -extractable key pair is that it can’t be hacked. It’s, you know, even the creator of it can’t get the private key. And that means it’s pinned to the device and whatever security context the device put it in, like the browser tab session. So you have the ability to trust it.
hasn’t been unduly duplicated, but then it means you have to use all the tools at our disposal from the self -sovereign identity world in order to compose the user’s identity out of a quorum of their devices and allow them to recover their identity from a trusted cloud or more than one if they want. And so Fireproof plays well with that ecosystem, which is growing, but I think part of the new consensus
that without cryptographic data provenance and without cryptographic identity, you can’t trust anything, isn’t a deep fake targeted spam anymore. So you see that with Apple’s contact key verification, which is the new feature that allows you to know that it’s not somebody with a voice synthesizer pretending to be your partner calling in distress. And that is, that’s why I call targeted spam.
but it’s easier to make than it is to consume and it can have real consequences. So that’s gonna be addressed up and down the stack, which is why I think it’s important that the next day query of data have proofs integrated from the ground up.
Kate
Yeah, that’s huge. And so you’re bringing up the issue of AI here, maybe a little obliquely. But yeah, I mean, if the conversations today around data are really intersecting with the AI hype now, how is Fireproof contributing to that conversation? What is your AI strategy? And also, what’s a use case in terms of AI?
Chris Anderson
A mature fireproof would absolutely be the right tool to build everyone’s familiar chat GPT user interface. Each database down the sidebar or each chat session down the sidebar would be a database and those can be shared independently with different collaborators. And your main user content can be in a personal database that’s just for you. The interactions with all the different timelines you can go down in a chat are already modeled in JSON. So it’d be super easy for the OpenAI engineers to integrate Fireproof. And then once you do that, you have a super, you already have offline for anything that you browsed. And you’re just set up to like eager sync the important chats to the users, other devices, et cetera. And so there’s no reason you wouldn’t use something like this today, especially that you get the cryptographic proofs.
So that for instance, if I was open AI and they don’t sign the results or if they do, it’s the recent change of the API that come out of the LLM. But if they put their own cryptographic signature on what the LLM says and use an app like this, then they are no longer susceptible to a screenshot, you know, reporting on misbehavior, right? You can’t fake those screenshots anymore. You’d have to actually provide a provable link.
Kate
wow, that’s huge. Why do you think they’re not doing that? Are they planning on it? Is that the future?
Chris Anderson
Well, I was already using that interface when I started on Fireproof so it’ll be ready for that stuff soon. We’re still in beta and 1 .0 is kind of like on the horizon of our roadmap.
Kate
Sure, sure.
Okay, yeah, super interesting. And actually, yeah, I was gonna ask about the roadmap. So yeah, talk to me about dates here. Like, what is the roadmap? And actually, when were you founded?
Chris Anderson
So I’ve been working on this since February, 2023. That’s when I started actually writing code and integrating the components that I, you know, was got close to working at protocol labs and the first alpha was ready about two months later. And I spoke about it at the conference and got feedback from people in the community and then realized that
the advice, write one to throw away is correct. And so the beta is a completely fresh implementation and TypeScript. And we’re in the middle of doing the refactor to, by a TypeScript expert. Like I said, it’s always good to have people who are better at coding than me contribute. So the, the fun thing about TypeScript is that we can enhance the correctness of the code along this vector. Like turn it up to 11.
But we didn’t change the way it behaves at all. It’s exactly the same to a JavaScript developer, or as far as how the data flows, all the tests are the same. But now all the types have really strong integrity.
Kate
Yeah, the TypeScript movement is very strong. I know there’s jokes about the JavaScript purists, but more and more I’m hearing folks are all in with TypeScript, that it’s a good way to go, especially with large teams, that you want to make sure that you’re adhering to types. And yeah, I mean, the Amplify just moved to TypeScript,
Chris Anderson
Yeah, it’s hard to get away without it when you’re doing something complicated. That’s what I learned on that write one to throw away.
Kate
Interesting. All right. So, but the community you mentioned is already very robust. And so how many stars do you guys have on GitHub and how many folks are contributing to the repo?
Chris Anderson
We were up to like, 85 or so on the alpha repo when I threw it out. And now we’re up to 200 on the new repo. So it’s still pretty fresh, but we’re getting, you know, contributions from folks at wall street hedge funds and people writing, you know, whole new connectors for like react native and people, writing a SQL adapters. We connected to any SQL database as a backend.
Kate
Nice. -huh.
Very cool.
Chris Anderson
So the community is showing up with use cases. One of the fun ones I want to mention, because we talked about protecting against some of the downsides of AI, but there’s a bunch of cool upsides you get if you do the proofs infrastructure, right? It’s like, the whole proofs infrastructure is a little bit of a moat, but once you’re on the other side of it, there’s an ecosystem that you can join. And one of the most interesting parts of it is based on the idea of deterministic computing where if I provide a function and some data, then the lowest bidder can be the one to run the function across the data and get me the result. And we can check their work. Fireproof is great as infrastructure for enabling those kinds of backend applications.
Kate
And do you have an integration strategy? I mean, we mentioned Vercel and some of these different vendors, but how? I get that the script tag doesn’t really need an integration, but are you working with any other vendors just as part of your strategy even for marketing, making sure that folks are aware that you exist?
Chris Anderson
It’s a super fun way to meet users. The way I think about it is that Netlify and PartyKit and AWS have all spent a ton of energy finding people who should know about Fireproof. And we want to work with them anyway, because if you already know about Netlify, you don’t need to use Fireproof Cloud. Like use it on your fifth app. Like go ahead and use Fireproof in your Netlify for a while or whatever. And the on -ramp there has to be super simple. And what we’ve found is that all these providers have toolkits where we can write the integration and then come to them with code. And we show up with an awesome example app and documentation and it just works integration. Then they’re super happy to have us, you know, featured in their sidebar and write that co -marketing blog. And every time we do that, we light up a whole new segment of audience. So we plan to just keep doing that across the board. There’s a great blog post, “Welcome to the Team.” It’s really about the most high level vision and it touches on the reasons that the cryptographic data integrity, you can’t have the super easy for beginners developer experience that we want to offer unless you also have the cryptographic data integrity. And then a whole bunch of philosophy about like.
Well, yeah, we could piece it together from existing stuff like SQLite and existing heavyweight crypto libraries, or we could write something super lightweight and fit for purpose for the browser because that’s where we want to find our developers. So kind of meant to as the contributor base broadens, be a touchstone that I can go back to and say, wow, that’s really cool. Like, have you considered this or for people who want to come in and figure out where they can help to see where they’d be aligned.
Right now we use a ton of help. It’s about time to refresh the documentation for this new TypeScript API and upgrade all the existing example applications. So that’s the kind of stuff that scales that people want to get involved in an open source project.
Kate
Love it. What is the license on your project?
Chris Anderson
Everything so far is dual license Apache MIT. And I’ve seen this movie before they can, you know, they can go sell fireproof for me. And, you know, I don’t necessarily want to make that super easy. So there’s components of the cloud that we haven’t written yet that we’re not sure on the license. It’s going to be some kind of source available. And that’s a, an up in the air thing. I’m not worried about like community repercussions or ramifications on that front, because we’re not talking about changing the license on anything existing. It would be like some component that you would need if you were trying to copy us and you were AWS.
Kate
All right, that all seems reasonable. Okay, so we are about out of time. Before we go, how can folks hear more from you? What’s your preferred social channels? Are you planning on speaking at any events this year? How do folks keep up?
Chris Anderson
Go check out jchris on Twitter. And if you want to see us at an event, either keep up with our blog on fireproof.storage, or we hope to be at NodeConf.eu. That’s later in the year.
Kate
Amazing. All right, so it’s been an absolute pleasure speaking with you, Chris. Again, I am Kate Holterhoff, senior analyst at RedMonk. If you enjoyed this conversation, please like, subscribe, and review the MonkCast on your podcast platform of choice. If you are watching us on YouTube, please like, subscribe, and engage with us in the comments.
Chris Anderson
Thanks, Kate.
No Comments