The subject of open source vs. closed source is the one that ignites headed discussions. The general consensus in the crypto community is that open source is the way to go. Open source solutions are considered much more transparent and secure, because they are peer reviewed, so it’s safe as it can get. Being open source opens the code to an unlimited number of inspectors who can quickly rectify any security issues that emerge. Besides, open source goes in line with the ethical code of Bitcoin introduced by Satoshi Nakamoto.
Does that mean that developing a closed source or a partly closed source solution is simply bad tone when it comes to blockchain? The thing is, it’s not as straightforward as it might seem at first look. As of now, OWNR Wallet is not open source, which becomes the matter of our community concerns from time to time. This is why we would love to shed some light on this dilemma and our position.
While the Linus’s law suggests that open source software has fewer bugs than its closed source counterpart, it’s not always that simple. Most bugs in open source apps are found in the process of code review. And while a big level of activity on Github is usually a sign of an actively developing project, this activity can often illustrate the statement of quantity not being equal to quality. Some bugs, the hard bugs, usually, the most crucial bugs, can only be found when a reviewer has experience, background and certain skills which may not be the case with beginner coding enthusiasts. Some developer researches suggest that the level of bug recognition and correction in open source software isn’t always ahead of that in closed source specifically for that reason. And what’s up with the closed source in this department? Closed source projects are usually commercially aimed, so their runners are interested in fast and high quality results, which means it's in their best interest to hire highly qualified staff with expertise in their field.
It is not a secret that many projects that claim to be open source aren’t full stack open. In the majority of cases, these projects would only disclose their frontend tech, such as building mobile apps, user interfaces and so on. Most backend code is either not disclosed at all or is provided as freeware which isn’t meant for dissembling. In regard to cryptocurrency and blockchain projects it’s the blockchain parsing, data processing and the connections between the UI and the core. If you have ever wondered why so many blockchain projects use Bitcoin Core, Ethereum and only a handful other fully open source blockchains as a base, this is your answer. This approach still gives developers plenty of elbow room to customize and build upon the existing code, but it also requires skill and expertise in anything more advanced than the basic ground, provided by the open source infrastructure.
This means that not everyone will be able to build a cryptocurrency exchange based on the Ethereum platform without a rather vast and very specific set of skills. Skills that take a huge amount of time and effort to master. Which makes the closed source projects’ wish not to disclose their more advanced and unique findings very understandable.
While open source wallets are considered to be the safest option, and rightly so, they aren’t absolutely bullet-proof. Disclosing your backend technology means not only full transparency of development business processes but also giving hackers an opportunity to have a very close look into the tech innards and find a weak spot.
This is not just theoretical thinking, it has happened before, to boot, with one of the most widely used open source wallets, Electrum. Users lost funds immediately after installing an update, the biggest sum amounting to 1400 BTC. Of course, this can be countered by saying that the developers of a closed source wallet can implement all sorts of malware into their code, and this is indeed a possibility. However, close source projects being mostly commercial means their developers have a very important thing to lose - their reputation. Reputational damage from a hack like the one that happened with an Electrum user would incinerate any commercial project, while Electrum was let off with a shrug. When so many people take part in open source development, it is very hard to find the responsible ones.
Open source development has become such a crucial feature in a new blockchain project that many used to view an absence of a Github account as a flaw and a sure sign that the project may be a fraud. However, this has less meaning these days. Many projects started leaving Gihub after it was bought by Microsoft, an epitome of all things centralized and closed sourced.
Many influencers in the field of blockchain also do not consider being open source a necessary virtue for a blockchain project to have. Stephen Graves, CEO or CertifiedTrue, said, that while open source is great for asynchronically updated projects, dedicated teams may prefer more closed environments, such as Jira or Confluence.
Being a dedicated team is also one way to speed up the development, because in this case human resources are distributed in the most effective way. Something that is impossible to achieve in an open source. This is why some open source projects run by enthusiasts during their leisure time are known for moving at a glacial speed.
We at OWNR feel that while being open source is a great way of showing transparency and improving security, being closed source is a way of showing dedication. We also intend to share some of our findings publically when OWNR ecosystem has more milestones completed.