Let's put to bed the myth perpetuated by Coinkite employees that COLDCARD is in any way open-source today.
Open-source has a clear and globally recognized definition, and being open-source *matters*.
How it started:
How it's going:
DISCLAIMER: Obviously I work for Foundation, a competitor to COLDCARD, but the views I lay out here were already true before joining Foundation.
I would be just as happy if this led to zero sales of Passport but got the truth out there.
Freedom and integrity matter.
For background, COLDCARD was started as a free and open-source project that forked some of Trezor's code base way back in the day, and inherited the copy-left GPL licensing from Trezor:
https://github.com/trezor/trezor-firmware/blob/master/LICENSE.md
Copy-left licenses like GPL are a fantastic tool to ensure that your code and any derivative products others make using any part of it *must* remain open-source no matter what. No one can take your code and build a closed-source product.
GPL = good.
https://gnu.org/licenses/gpl-3.0.en.html
In 2020, a small team of 4 founders who loved the open-source movement and wanted to build a more approachable and easy to use HWW started Foundation, and leveraged some of the code from COLDCARD's open-source repos, specifically around PSBT signing.
This was *100%* above board, compliant, and within the spirit of both open-source and the specific licenses on COLDCARD's codebase, those being GPL.
Foundation gave clear and generous credit and committed to always keeping the code open-source:
When NVK realized that the open-source ethos allows for competitors to use parts of your code base and build better products (i.e. compete in a free market), he decided that he would rather build a legal moat and move to a "source-verifiable" license:
https://github.com/Coldcard/firmware/blob/master/COPYING-CC
This move meant that COLDCARD was no longer open-source, and was instead merely available for download and viewing. While people could come along and contribute code as they saw fit, they could never build or sell *any* product using COLDCARD code, even if kept open-source.
How do I know this is what the MIT-CC (or "Commons Clause") license now used by COLDCARD means?
Because the website for the license created by the original authors of the license spells it out in plain text:
MIT-CC is an interesting license on its own right, and isn't evil or anything, but it is certainly not within the realm of open-source in any way.
It is a clear departure from the definition of open-source that is globally recognized:
Why does all this matter? First, it's important that companies in the Bitcoin space honestly and openly discuss their approach.
If Coinkite doesn't hold a core ethos with the open-source movement, they are able to do so *but users/customers must understand the implications*
Obviously I believe in freedom and Coinkite are free to do what they want with their software, but their stance is antithetical to the open-source movement and is made more clear by the day.
Not only do they prevent the free use of their software, they actively go out of their way to harass and attack others who do the same thing they did - use open-source code and build something awesome out of it.
In the image above, NVK attacks an open-source contributor (who also works at Foundation) for using his free time to help the Monero community with forking Foundation code and creating something they want from it.
AKA the entire purpose of FOSS being mocked and insulted.
Why does open-source matter?
When a project is open-source, it means that not only do they share a freedom-focused ethos with you, but it also incentivizes other developers and companies in the space to build on their work.
More eyes on the code and devs building around a codebase means more secure code, a better and flourishing ecosystem, and far better verification that the code actually does what it's supposed to do.
It also means that if the company producing the software goes under, someone can jump in and pick up where they left off.
If Foundation had to shut down for some reason, any one of you could start a new HWW company from our code and open-source schematics and we'd applaud.
Open-source also means that companies are forced to compete by prioritizing users needs, not building products locked behind laws or lawyers that don't have to keep up with the times.
More competition in a free market means you, the customer, wins.
When code is *not* open-source, it means that there is no core incentive for others outside of the company building the product to review the code, build around it, or contribute to it.
As no one could ever create something they can sell with it, why build around it?
When code is *not* open-source, it also means that the contribution made, even though technically visible, can never help to grow the broader ecosystem and benefit the whole of the Bitcoin space.
It builds monopolies, not free markets.
Bitcoin is about freedom, and Satoshi's decision to use permissive open-source licenses was intentional and fitting with his attempts to build an open and inclusive monetary network.
Open-source is the reason Bitcoin has flourished and so many amazing tools have been built.
While everyone within Bitcoin is free to choose the licenses they want for their projects, if they choose source-verifiable or closed-source they must be up front and honest about it, and users must understand the massive tradeoffs involved.
The information in this thread is all readily visible and I've linked to it all directly, so please feel free to do your own research and confirm my claims independently.
You absolutely should DYOR in situations like this.
Please note that @NVK has not replied to any of the claims made here and has instead chosen to block me, so I am unable to interact with any of his tweets.
I have no doubt he's subtweeting about this but be aware I have no way to respond to him or his personal attacks now.
Since sharing this on Twitter he has so far called me a "spook", a "white knight", a "FOSS commie", a "bitch", and a "grifter" in the span of 12h all while blocking me.
TIL FOSS is just "commie zealotry" π
