Proposal for another Hardware Wallet implementation - bounty
Based on the discussions we had on the forum and in the CC meeting of 20th of June, I would like to open the discussion on funding a Grin Hardware Wallet with a bounty.
Note that this is not the same as creating a bounty, we first need to discuss as community if we need such a bounty and what for requirements such a bounty would have and what the added value would be for the community. This al started with this discussion on the forum
Do we need another hardware wallet implementation.
The first question to address would be if we need another hardware wallet implementation @NicolasFlamel already implemented Grin for Ledger, so there is already a hardware wallet supporting Grin. Unfortunately Ledger’s reputation took a hit, therefore there might be more need for yet another hardware implementation for Grin.
Should this be a bounty, or juts a fun project?
Another consideration to make is whether everything developed for Grin should be paid, either via Funding Request or bounty. For example, if we can compile the grin-rust wallet or grin++ wallet client for a device, it is only a little bit of extra code to add streaming QR codes for airgapped interaction. Meaning for a simple air gapped wallet, little development might be needed. It could just simply be someone’s fun project and a free contribution to the project.
What form factor should the Hardware Wallet be
I see two clear paths for a Hardware Wallet bounty
Implementing Grin for an existing, trusted, open-source hardware wallet like: Trezor, BitBox(2), ColdCard, Passport2.
Implementing a Grin dedicated hardware wallet on a cheap device everyone can buy and flash for air gapped wallet. For example the M5Stick-V would be suitable. This is roughly the same hardware as the Jade Bitcoin wallet from Blockstream.
Other considerations would be if a hardware wallet should have a security chip, or simply air gapped and using QR codes is enough security. This device could either run a rust based or Python based wallet. Optionally we could also use this device as 2FA device.
Do we need another Hardware Wallet? If so, what form factor, brand would you prefer? Should this be funded by the CC via a bounty, if so, how much? Let me know what you think.
Thanks for starting the discussion @Anynomous. I’ll weigh in:
Do we need another hardware wallet?
Yes. Our community needs a FOSS solution to cold storage, and none currently exists.
Should this be a bounty or just a fun project?
I think this should be a small-med size Grin only bounty. The bounty isn’t intended to be compensation for a dev salary. It is just a nice prize to reward someone’s efforts and get them involved with grin.
Maybe 50k Grin? At time of writing this is ~$2000 USD, which is not nearly compensation for a project of this size, but its still a nice prize.
Also, I don’t think bounties should track USD price. Just set 50k grin aside and forget about it.
Should this bounty for firmware of an existing wallet? Or for a new wallet hardware?
This should be a firmware only bounty. Custom hardware is expensive and would require a business to make it available to the community at any sort of scale. I think its better to piggyback off of other FOSS hardware wallets who already have supply chain, and we provide the community with a FOSS Grin firmware.
I will dig into the Jade firmware and see how much work such a project will be.
One problem I’ve already encountered is, much of the grin-wallet code is written in a way that can’t easily be made no-std (which is a requirement for embedded firmware). Unless someone sees a clean way to split out the signer from the rest of the wallet (e.g. the database, networking, TOR, etc), I don’t thinkhe grin-wallet reference design will be much help. Will need to port over all the pieces one by one and probably rewrite many from scratch to be no-std.
Committing 50k grin during all time low prices could rob the community fund of a big chunk of appreciation if the price were to rise. I personally think bounties should continue to be denominated in USD or BTC.
Otherwise we can make the bounty flexible, 5000$ in Grin up to a maximum of 42000 Grin.
In that way the bounty is protected against major moves up or down.
Update: I edited the numbers since I find a 5000$ bounty for such a project more than fair.
I understand tying to USD for funding requests where devs are planning their compensation, but for bounties I don’t agree. Dealing with exchange rates just adds bureaucratic confusion and frustration.
Even if grin price goes up 10x (possible, sure, but nothing about Grin’s economics suggests it should), $20k would still be a reasonable price for a project of this size.
But that’s just my opinion. We can do USD denominated bounties if that’s what everyone else prefers.
Small bounties are fine to pay purely in Grin, that is what we have been doing for some time now and why the CC has Grin miners. If it is a very large bounty (e.g. CoinSwap bounty)or if a developer specifically wants BTC, we can deviate and pay in BTC. Although I like using Grin for payments, we do not have to force it on people.
Grin currently has big inflation. CC getting enough Grin at time X can only be achieved in two ways:
they buy it over time, finish buying at time Y
they instantly buy at time X, overpaying a lot
The problem with the first one is that time Y is probably not near time X, so the btc/grin price would likely drop, so CC ends up overpaying also in this case. People need to understand that grin’s linear emission brings also some bad things (eg. in first years it’s very risky to hold it, so holding it to pay for bounties is no different). Forcing payments in grin would likely lead to instant sells, since most would probably prefer to get btc when grin’s inflation is so high. So i’m against forcing payment in grin, i think we should let the contributor choose.
Grin inflation is same as Bitcoin first 4 years. Imagine Btc devs doesnt want Bticoin for ‘‘so called high inflation’’
In those terms, we paid Bitcoin when it was 3k-5k period. Price is irrevelant.
Monero bounties paid in Monero,
Litecoin devs get paid in Litecoin,
Shitcoin devs get paid in shitcoin,
I am against paying an uncommitted developer who takes the Bitcoin and bail away. If we dont trust, believe GRİN as a payment, who will ?
show me their current inflation rate and an example where a coin with such high current inflation forced people to accept that coin for bounties and had problems finding people to do those bounties.
it doesn’t matter if he goes away or stays, bounties are well defined tasks, whoever completes one gets the payment and can disappear forever. Paying that person in grin doesn’t reduce the chance of him leaving, it only reduces the chance of him even accepting the task since it would be hard for him to get the same value when selling it due to low liquidity.
the main problem is that there’s currently no demand and inflation is a big reason (i’m all for linear inflation, i think it’s the fairest one, but it has its own “properties”). So i’m also against 50/50 forcing. We don’t need bounty developers to get paid in grin, we need bounty developers to complete bounties. I don’t think we’re in a situation where we can be picky and demand payments in grin, we should let them choose.
i showed you above, but since you dont really know what is the inflation, you fail to understand.
You already dont know what is Grin inflation, but you are always against all the time Grin payment, usage, exchange etc, solo excuse is inflation since 3 years.
You should better reread the Grin and understand it.
Less ad hominems please. It’s entirely possible for a person to exist who’d like to help Grin and still not accept Grin as payment for many reasons including liquidity and legal concerns. Forcing some constraints on people may close the door to potentially good candidates. Let’s try to respectfully disagree rather than trying to turn ourselves against each other because people dare to think differently…
In a way the CC protects against these fluctuations through mining our Grin. Although not exactly the same it is similar to gradually buying in. For small prizes and bounties the above is not an issue since we generate enough Grin. For larger payments we encounter the above described dilemma with buy ins.
I agree with both arguments a) use Grin as default for smaller bounties and payments, b) let contributors chose payment in BTC if they prefer it. So far I have been pleasantly surprised with how many people actually ask to get paid in or receive bounties in Grin .
Since when Grin began to apply law and order? Local or international ?
Has it become a company centralized ; we dont know ? Who s law you are referring to and which country’s law ?
What you fail to understand is the function of inflation change, linear function and exponential function in this case, are totally different, so comparing grin’s emission to btc emission (even if only for the first 4 years) makes no sense (for what we’re debating here - holding grin) because with grin you have way less incentives to hold long term in year 3 for example (let alone that it’s a small cap etc). How am i against grin exchange when i’ve tried implementing a testnet exchange with different flows (the ones i thought were good and would improve UX)?
Yes, it’s his concern and some will just decide not to do the bounty. So you strictly reduce the set of potential bounty hunters.
That makes absolutely no sense, you think i would be wasting my time here for so long if i was against it? To me grin makes the most sense for SOV - not today, but for future generations.
In some countries using private cryptocurrencies can be considered illegal so some would want to avoid being paid in grin.
I suggest that instead of attacking me you give arguments of why you think i’m wrong (for every single point that i’ve made). That way we can have a useful debate, everything else is pointless and wastes everyone’s time reading it.
2069 is a key year with 2% inflation imo (1.5bln coins)
In local payments maybe, I know some countries where it is illegal to use any crypto-currencies, at internet it makes no sense when you are not touching physical things and fiat money like p2p to force regulators to spy for your internet traffic.
We are all Brothers In Grin, just having different vision
For me Grin is on the floor against USD, but can be not against BTC, so choosing BTC can be the best option, but holding GRIN is also a case for a future.
Every bounty is just another step to make Grin better, demand will come when technology will be ready To Be Used By Anyone Anywhere.
.