It's too long and I'm too tired to copy-paste it all here, but it's high time I finally comment on the ridiculousness of Coinkite/COLDCARD trying to pretend they are still open-source and playing word games to convince people of their abandoned ethos.
Being *actually* open-source matters for many reasons.
https://twitter.com/sethforprivacy/status/1651039483419058177
Nitter link (privacy-preserving frontend for Twitter): https://twitter.com/sethforprivacy/status/1651039483419058177
Hey Seth - what is your steel man for why Coinkite have chosen to do things this way?
You've taken a very particular hard-line FOSS-maximalist position and also implied the MIT license is strongly **not** FOSS (although it actually is for most intents and purposes).
Also, I think worth mentioning here that this issue does not affect the quality and security of Coinkite products.
#[4] did this because he is afraid of competition and loose on ethos. In other words, because he is weak.
You're confusing MIT (FOSS) with MIT-CC (not FOSS, source available).
It does affect quality and security of their products. Fewer people can build on top of their code means fewer eyes on the code means fewer bugs discovered and patched by the wider ecosystem.
They chose this path because it helps them build a legal moat around their products instead of compete in the free markets.
MIT-CC is *very* different and a complete 180 from MIT itself, just to be clear here.
ColdCard uses MIT-CC which is a restrictive "source-viewable" license and not open-source at all.
The only benefit to their license choice is protecting the company at the harm of the broader ecosystem.
Respectfully, I don't think you're being fair here. That's not a steel man.
The site you linked to make your case that the license is "not within the realm of open-source in any way" is really helpful and worth a read if people actually want to "DYOR" as you suggest: https://commonsclause.com/
I'm a layman, but for the most part this seems extremely permissive. Like 95% of maximum open source.
For example, here it indicates that you can build on top of it and sell your software. To claim this is harmful is an extraordinary claim which you don't seem justified to make:
"
**May I create, distribute, offer as SaaS, and/or “sell” my products using Commons Clause licensed components?**
Yes!
Commons Clause only forbids you from “selling” the Commons Clause software itself. You may develop on top of Commons Clause licensed software (adding applications, tools, utilities or plug-ins) and you may embed and redistribute Commons Clause software in a larger product, and you may distribute and even “sell” (which includes offering as a commercial SaaS service) your product. You may even provide consulting services (see clarifying discussion here). You just can’t sell a product that consists in substance of the Commons Clause software and does not add value.
"
That last paragraph looks ripe for lawyers to sort out and suck more money up out of free enterprise.
Even though Foundation forked from the permissively licensed code, NVK and co still continue to launch plenty of accusations Foundation was/is a re-skin of Coldcard with no substantial changes to the code, which isn't the case.
It is clear NVK's choice of this license had 1 goal: prevent Foundation from building on the code.
This decision was and continues to be bad for the Bitcoin space and antithetical to FOSS principles that led to Bitcoin in the first place.
Seems like Foundation benefits substantially already from Coinkite's work, and continue to do so. Probably wouldn't exist at all without Coinkite.
License clearly allows them to build on top of Coldcard firmware, so long as they are also adding value. It's disingenuous to claim it's not in the realm of open source, because it obviously is.
If I were to **actually** steel man the probable logic for Coinkite's decision its that they wanted to contribute their code and let it be scrutinized, but they wanted some assurance against a much bigger and better capitalized manufacturer doing a full clone (or even many smaller ones cloning and distributing on Amazon potentially putting users at risk).
I doubt there would be any issue with other firms producing products with improvements or different security models. Just seems like a personal issue between Foundation and Coinkite, and Seth is pressing it as a negative marketing campaign which just fuels the fire.
I thought Foundation devices looked interesting and I was open to buying one, but this marketing approach has left a sour taste. Probably won't ever buy from them now, but good luck to you all 🏳️
First paragraph, yes foundation forked from coldcard and have always made this clear. Just like coldcard forked from trezor.
The MIT commons clause license website faq explicitly states it shouldn't be considered open source.
Sounds like you're running with incomplete information and ignoring the facts on the ground.
I don't give a shit what product you use. Have fun.
