Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Armory
Re: Will the free open source Armory wallet continue to be developed going forward?
by
Roy Badami
on 16/11/2015, 19:30:31 UTC
Quote from: goatpig on November 13, 2015, 02:59:12 PM
There are ways to distribute a closed source that's pseudo community reviewed: get a few key community members to sign a NDA, deliver them the code, reproducibly build the software and have every member sign the hash. This scenario is suboptimal on both ends though. Users don't want sign a NDA and the business doesn't want to expose the source to that many individuals, NDA or not.

Bitcoin is an open source market. You have no business developing core functionalities like wallets if you're not prepared to reveal the source and be scrutinized. Closed source and DRMs are old models, mostly created and maintained by the entertainment industry (for poor results). Trying to force that on the Bitcoin market is just a recipe for failure. The revenue model should adapt to the environment, the opposite approach is silly at best.

I'm no business man. I think the crowd funding model is a reasonable way forward for any long term FOSS project, but I can't fathom what a sustained revenue model would be like. I do think we do not yet have enough applications on top of Bitcoin to design such model. It's very possible some top layer app will "rule them all" and bring closure to the business cycle. Maybe Armory coupled with a hardware signer and a high level of customization could become the stack of choice to run Lightning payment channels in the future. Maybe the future of streaming will be proof of payments on some sidechain and decentralized distribution on top of namecoin. Time will tell.

One thing is certain, Bitcoin's business cycle is very long, and some people jumping into this market are too quick to dismiss this parameter.

A product can be source-available, without being under a FOSS license.  This allows the community to review (without the need for an NDA) but only to run under a restrictive license (or possibly not legally to run at all without paying a fee).  Of course, not everyone will respect the license, but you have recourse to the courts if someone builds a business on your software illegally.  Recourse to the courts does rely on you finding out that the business is illegally using Armory, of course.  It's not perfect, but broadly speaking big financial institutions are likely to care about compliance.

Another compromise would be a closed source online component with an open source offline signer.  That's not perfect, either, but at least it gives a high degree of assurance for cold storage applications - which I presume are the main draw of Armory.  It's still far from ideal, though, since there's a very real risk that the government could require ATI to put a backdoor into the code.  Even though I'm not doing anything that would make me a target for government action, the very presence of such a backdoor would still increase the attack surface of my online system.