TIL that the new @Relai Lightning wallet is not custodial. 👀
nostr:note14llzskluxw78scv33wt94n68wyrhzqgym6dqskjwcvzks2vdwenqznf88c
Discussion
👀
I just assumed it was and didn't think about the fact that I had to open a channel to use it, yesterday.
But non-FOSS. Hence non-useful.
Protecting code you've put a lot of effort into is legit.
Everything is a trojan until proven otherwise. With closed source, it's next to impossible to prove otherwise.
protecting code from being read by programmers is like a singer never recording their voice to share with others
Recorded voices are being copied by AI.
idgaf about copying machines, that's life
they will never be able to copy creativity, that requires suffering and luck
If you can't easily monetize creativity, you'll end up with less people being creative because they'll be busy with a day job.
that's why we have lightning network - this enables legit micropayments to monetise work directly
i pay for my relays and media hosting this way and i'd pay this way for a really polished OS as well this way, sadly this OS (zorin) has a pay option but not bitcoin or LN, which is partly why i have decided not to, and the value add isn't interesting to me
but i pay for my intellij IDEA and it's great, and they are very interactive in the support system, gave me a reasonable workaround for an issue i was having with titlebars
Well, being paid for creating issues and then heroically solving them is a part of a lot of modern business model.
oh, the CSD thing is an epic pain in the arse on linux in general, and the workaround costs me about 30 vertical pixels in exchange for the window titlebar responding to the mutter click events (i have middle click lower, so this makes it one click to switch between two maximised windows)
but yes, they call them features but most of the time they are bugs for a long time
If you do need something as bloated as IDEA, then something is wrong from the start.
But that's not the point. The point is: "create a virus and then make users pay for the antivirus" business model always has worked on those who can't see any other option.
the problem is due to the dumbasses out there in the world who think that a million languages in one project is not a problem
i was happy with goland before, and it has a core feature that i use all the time - an actually working symbol hyperlinking database - and yes, it is brittle, i often need to force it to regenerate, but there is no other way for me to be able to quickly go from a usage to the definition than in intellij, nobody else has done the work to make it as reliable, vscode is a joke, and it does so many things in the background with zero notice, intellij only does a few odd things that it doesn't show me that it's working, and yes they are annoying as piss
and yes, not just open the source, but make the interface expose the workings to those who are interested... that's why i log religiously
My personal habit would be to protect my intellectual property until I'd established a market position.
Or to only publish the core bits, like we're doing with our SDK.
not going to work with bitcoin et al
instant distrust from everyone
personally i don't want any binary only stuff on my device if i can avoid it... and actually, i think the only such things i have are games, but at the same time many game companies have found it helps their sales by enabling devs to extend the game... look at the Source engine and all the things that have come out of that
a game that is noncompetitive is fine to be closed source because it is of little consequence
really, competitive games need to be open source too or else you get the endless bleat of gamers saying that the system is cheating them
security by obscurity doesn't work, this has been proven over and over again, and almost always, bad things are hiding in closed source binary blobs, just like Luxferre says
This isn't "security by obscurity", it's "protecting trade secrets" as an alternative to using the court system to enforce patents and licenses. Lots of open-source libraries are protected by licenses, so you can't legally fork and build off of them for a paid product.
But we can study these libraries and decide whether or not to trust them.
Those "trade secrets" often contain algorithms taken from FOSS or ripped from other companies' software.
I guess this issue will only be over once IT businesses will be obliged (by regulations or by natural selection — time will tell) to sell real work, not thin air in the shape of binary copies and license keys.
But the sad truth is, more and more companies just use this "trade secrets" excuse to conceal their own (or govt-issued, who knows) malware in their products. Oftentimes, they don't even try to hide this in their EULAs, which basically say "once you install this on your computer, it's no longer yours but ours".
Many Faildows users still don't realize how large of a technogenic catastrophe this could cause if M$ decides to flip the switch.
not just microsoft but a whole heap of companies have embedded backdoors and kill switches in everything, they can easily fabricate a "cyber apocalypse" any time they want to
this is part of the reason why it's so important to understand that hiding source code is ALWAYS a red flag, no matter what, no matter what you think about market advantage, these dark places are almost always hiding something and if they aren't, someone will see the opportunity and plant something malicious in there
that's what the original easter egg was too... and the dude that did that did it in protest against the culture of the software company
maybe you don't have bad intentions but hiding your source also enables someone to piggyback on flaws you made in your code that determined hackers can exploit
so, yeah, nah... FOSS for anything that has value, or GTFO
People put a lot of effort into Unstoppable Wallet and made it open-source and available for everyone and made independent audit results public. This is how it should be, especially when it comes to money storage.
You can have independent audits without open-source.
If so, then you can fake their results.
If you're that suspicious, then just don't use it.
I'm not going to pretend to lose sleep over this, when I don't care, just because you do.
Of course I won't use it. I only use anything non-FOSS when the circumstances don't offer me any other option. Like for work, where I have to use damn M$ outlook/teams with basic intune check because the customer isn't yet educated enough to know about human-friendlier alternatives. Or, for onramping fiat to crypto, there's one KYC-only wallet I use, and the only reason I even registered there is that it actually allows (to some extent) to bypass our governmental restrictions.
Yes, I am a bit paranoid, but that's why I'm still alive.
I'm not less paranoid, just paranoid about different things. Like banking regulations.
Relai has a business case that isn't derived from the software.
I use Relai for purchasing Bitcoin in Switzerland from my German bank account. I can now immediately swap that Bitcoin (that I don't send into cold storage) into Lightning and send it to my other Lightning wallets.
So, I use Relai like a throughput account.
This adds value, in my opinion, regardless of FOSS. I'm not moving enough money for it to really set me back, if I lose it.
Ok, I understand, you use Relai the way I use [redacted] (obviously can't disclose the name yet) to onramp fiat. But then, it's not so relevant whether it's non-custodial in this case. Of course, one should move the funds out to a more secure/trusted place immediately after onramping.
It just might be confusing and/or misleading to put an equal sign between real non-custodial wallets that have no interaction with fiat/banking (and no reason not to be FOSS) and those who do provide onramp/offramp and thus have to comply with the rules of fiat world.
Relai isn't Phoenix or Zeus or etc. Different wallet, different use case.
Non-custodial does still add value because they can't come under pressure to hand it over to the government, if they don't hold it.
They might not hold it but... Can you export the keys to reuse elsewhere?
Can you prove the keys aren't leaving your device?
Being non-custodial doesn't make much sense without being open-source. Atomic Wallet was non-custodial too, but that didn't prevent the grand theft.
True. Well, pick your poison. 🤷♀️
yeah i have a custodial bitcoin thing that solves all the friction problems for me holding my money as bitcoin also... this month has been a particularly shining example of the benefit of holding bitcoin instead of fiat
We encourage self custody, whether on our wallet or any other wallet you prefer.
That's why we have the "send to external wallet" feature when doing a purchase 🙂
Most FOSS code is garbage, let's be honest, and hardly anyone reads it.
FOSS is just to make it easier to fork, which is a business decision.
I have been using FOSS for ages, exclusively. No issues. This is the way.
Garbage code is garbage. With open source apps you can see it beforehand and avoid it, unlike with propriotary where you have to get rekt first.
Closed source + money stuff = Govt/IC scrutiny & unilateral involvement, often done silently
It's a recipe for disaster; it's why we use nostr 😎
If relai provides value, then use it, but don't lose sight of the forward risk you're assuming from those very powerful adversaries going forward 👍
That is unavoidable, if you want to stack over EU banking accounts.
Yeah if onchain isn't an option and we wanna go straight to lightning, we'll have to deal with tradeoffs (or just do the work to run a real node)
Bisq or HodlHodl can help with the fiat bridge in EU for onchain. In the US, Bisq offers the usual interbank services, but also offers US money orders, basically cash in the mail 😉
It's definitely not easy, but it does work.
impressive