The other day @JustAResearcher asked questions on keybase that have come up from time to time (quote below, em mine). I tried to answer these extensively, and am now cross-posting these on the forum for visibility and posterity purposes. So that next time someone asks, there is a resource to refer them to.
keybase://chat/grincoin#general/9641
justaresearcher
01:23 - Yesterday
Question: with us not having an official GUI wallet why don’t we fund ironbelly and grin++. Especially grin++,as it’s one of the most used wallets and nodes in the ecosystem. Think David requested money for an audit but was rejected. Why is this?
keybase://chat/grincoin#general/9703
lehnberg
09:20 - Yesterday
You ask questions that mandate long answers. I’ve not run this past the core team, and I’m writing based on my own personal recollection of things. If anyone feels like I’m misrepresenting something, you can correct me below.
Regarding the Grin++ audit:
David reached out informally (to me in DMs) to ask about what the core team’s opinion on funding his audit was before submitting an actual funding request.
At that point, I made a first mistake by responding in private. Instead I should have encouraged David to make a public funding request like anybody else so that it could be discussed it in the open with the rest of the people (on Gitter at the time) during one of our regular meetings. So that individual core team members can express different opinions (instead of me giving a single collective answer), so that other people than only the core team could have had a say about it, and so that there would be some actual documentation for posterity reasons. So you and the other people who have wondered about this over time could read the meeting notes and get insight. I regret not doing so, in hindsight it feels so obvious. I try to avoid entertaining such questions in private nowadays.
But at the time, which was more than a year ago, I did, and we did. We felt we wanted to focus the funds we had (which I think was ~ $400k worth but might be wrong), on making improvements to the Rust codebase. It wasn’t clear how long those funds would last, how the price of BTC would move, or that we were to get a second coinbase donation. We didn’t feel at all like we had an abundance of funds. It still doesn’t feel like that to me for what it’s worth, but it’s certainly a better picture today than it was a year ago. The audit budget was sth shy of 10% of total funds, and it didn’t feel like it was the right use of the funds we had.
Some of the points we qualified that opinion with:
-
We had just completed two major security audits of the Rust codebase (and paid a lot of money for one of those) and were only a few months post launch.
-
when the C++ implementation was first announced, there was a lot of skepticism about the rationale for creating a different implementation in a language had the memory safety issues Rust tries to solve for, and that led Grin to be written in Rust in the first place. I don’t know if you can imagine how it feels when someone first takes a codebase in Rust and rewrites it in C++, and then asks the Rust maintainers to fund the security audit for it. It’s really hard not to be trolled by that, even if I’m sure David didn’t mean it this way!
-
there was also the question of setting a precedent. At the time, the grin++ codebase was a few months old and had been written by one person singlehandedly. An impressive feat by any measure, but what happens the next time someone writes a Grin implementation in Go? Or python? Or Javascript? Are we supposed to fund audits for those as well? What are the criteria supposed to be?
This was some of the thinking we had. We were not unanimous or feeling all equally as strong about them. But ultimately we encouraged David to ask for funding from his community of users instead.
On the one hand, I’m glad this turned out really well for David; He received full funding and was able to do his audit, and it also led to his future work on the Litecoin mimblewimble extension blocks. In total, more funds were raised that was put to use for Grin related development. And reading the audit results, it also looks like it was really productive to have an audit as a lot of improvements were identified.
On the other hand, knowing the schism it created between the core devs and grin++, it feels like we (and by we I mean mostly me), could have handled that better from a strategic point of view, and that’s my second mistake. Rather than acting out of principle and the logic outlined above, I should have given more consideration to the value in supporting the wider ecosystem.
Hindsight is 20/20, knowing what I know now, I would have tried much harder to find a good faith compromise. One where David and Grin++ would have gotten some kind of support, without establishing bad precedents for the future.
Hope this answers the audit part of your question! Regarding funding wallets, please hold the line…