Fear and Loathing and Open-Source
Open-source is one of the major concepts in the cryptocurrency space as the whole industry basically grew up on it. Nowadays, building a crypto project without publishing at least a part of your code on GitHub is considered to be bad manners.
Most of the developers involved in open-source projects are driven by the same goal: create a product that they will use themselves. This way, you get deeply involved and know about every single issue at stake. Could you think of better motivation?
But there’s a flip side to this. Running a business based on an open-source model can be rather tricky.
Firstly, you have to consider that it’s going to, at the very least, double the duration of the whole development process. And, since the issue of time can be especially critical for startup projects, this could be a massive game changer.
Secondly, there is something delicate about exposing your flaws to strangers. It takes courage. It’s definitely not for everyone.
Finally, there is this native fear that revealing the insides of your product will simply breed multiple copies. So you, basically, create your rivals yourself.
But all these points certainly have their counter-arguments.
Concentrating on a brighter future instead of getting immediate benefits is a great strategy and has proved itself many times for many companies and individuals. You just have to figure out if an open-source model will generate you real value in the future.
Also, exhibiting your code might significantly improve it: the more number of un-blurred eyes watching, the higher are your chances are to find errors and perfect your work.
And there’s no better impetus than healthy competition!
Open-Source as a New Concept
In all fairness, if you decide to share your code with the whole world to examine, it can really help with improving your technology, provided there are enough people who have the time and ability to review your code. Critics would have to stop withholding and take a good long look at your creation. The general public would feel a little more secure as you’ve actually reached out to them (simply by going open-source) and made a move to gain their trust.
The open-source model allows for an easy entrance for absolutely anyone to launch a fintech startup. Start simple, write a line of code on top of Bitcoin or Ethereum’s blockchain and see where you can go from there. Monetizing your product won’t be an easy thing to do (unless you’re eager to gift the world yet another token) but it’s not impossible.
And above all, building an open-source project is simply exciting! It becomes less of a job and more of a passion project. Going open-source will definitely help you realize that from now on, it’s not about the amount of hours you and your team spend in the office. Suddenly, it’s about learning and contributing to the community now. It’s about getting unbiased feedback, mastering your programming skills, and helping others. If you get stuck at some point, you don’t have to fight alone as you can ask the community to help you. However, it’s not all rainbows and butterflies, prepare yourself for harsh criticism from your fellow developers and get ready to toughen up.
A Question of Trust and The Power of Community
I recently came across this article by JP Aumasson, a cryptography researcher and engineer, in which he explores the topic “Open source crypto is no better than closed-source crypto”. He classifies four main groups of crypto bugs and his major point is that in order to find crypto errors one would require a very specific set of skills. The harder the bugs are, the less the odds are of finding them, which means that all these open-source measures won’t really benefit security on a higher level as there are very few people who can actually make a meaningful contribution. A few competent people, too much code, and too little free time.
His other point on putting your code out there is also rather curious:
“You can speculate that companies willing to share their source code for audits or other reasons do so because they’re more confident in their code’s quality (the opposite is also true, when companies ask for an audit because they know that their code sucks.)”
And then let’s appeal to the philosophical side of the open/closed-source problem: can you really trust anyone?
Let’s be realistic, consumers have no clue about code, bugs, spyware, or backdoors. Moreover, as I’ve mentioned earlier, not all developers have the right set of skills (or time) to review a certain code. This means we have to depend on the judgments of those who claim to be competent. But competent people are still people which means that they also make mistakes. Even the guys from Ethereum. Remember DAO?
So here’s the thing — we have no choice but to trust those reviewers. And how can you be one hundred percent sure they are not compromised or making a mistake? With closed-source, you choose to trust reviewers on the App Store or simply believe in the image that was created by the PR masterminds.
At the end of the day, you still have to trust someone one way or another.
And here’s where the power of community comes into play. In the open-source model, you have to build a strong community that you can trust and it’s crucial to invest a lot of effort in this task. Of course, it is hard. It’s hard to find and attract the right people and make them believe in your idea.
But the open-source concept grants you access to a whole world of enthusiastic people, with no political or economic borders and no bureaucracy to hinder you. And then, for a second, think about how you’re going to raise your money via venture capitals and organize the whole routine from scratch for your ‘traditional’ startup, and tell me what’s harder.
The Bottom Line and New Beginnings
Open-source is a revolutionary way to design a product you would want to use yourself. A variety of approaches, freedom of development, general transparency, and collective work — those are the state-of-the-art principles for creating a meaningful product.
I hardly doubt that it will ever replace a closed-source model, which works just fine for many companies and individuals who prefer to walk the beaten path and make a stable living with tough deadlines and a clear strategy. And there’s nothing wrong with that.
As I said, open-source is not for everyone, and each company should really take their time to figure it out. It took us a while to go forward with the decision to make Lumi Wallet and just go for it. The amount of work that had to be done seemed overwhelming. But after we sat down together with our team and delved into the pros and cons, it became obvious that it simply must be done. And in the final analysis, closed-source and crypto do not match very well.
Right now I’m happy to announce, that we are finally mentally prepared and have already begun to follow through on this concept. We’re doing our best, and are planning to have Lumi Wallet go open-source in the summer.