“Knife” — the first code license violations tracking tool

“Knife” tool is one of the most important and controversial feature of codum which goes hand in hand with licensing. Since it is a never seen before tool, discussion about “Knife” takes everywhere codum co-founders appear. Today nobody could explain “Knife” tool better than codum CTO and co-founder Kestutis Januskevicius.

Image for post
Image for post

What is “Knife”? Why is it called “Knife”?

“Knife: is the first code license violations tracking tool created by codum. To understand “Knife”, you have to understand “Fork” first. In development language “forking” is when a person makes a copy of code for the purpose of its modification. However, developer who forked the code is most likely going to update it differently from how the owner of code was writing it. “Knife” will literally cut the development and distribution of such matching pieces of code if they were found to be used without license. That is why we called it like that — fork and knife is always served together.

What problem does it solve?

“Knife” solves more than one problem. Firstly and most importantly, it will track unlicensed distribution and modification of code in use. It is very important because today code markets do not get mass adoption only because of the lack of code (which is also an intellectual property of developer) security. Without the right tools protecting it, code can be easily stolen aside from possibility to track and stop the theft. In this case after the code gets licensed on codum, “Knife” is going to find unlicensed derivatives and its distribution online, and disclose it not only privately, but also publicly.

How does it work?

Technically speaking “Knife” is the license violation tracking functionality service provided by crowd computing nodes running 2nd layer codum services on top of EOS blockchain. In other words, “Knife” algorithm will compare all the licensed code in codum system and later on outside of it (simply everything on the web). “Knife” tool will start crawling the internet only after it will evolve by starting to make smarter decisions and avoiding false alarms. As it will scan more and more code, “Knife” will know more code variations and more ways of its distribution. All this tool “learning” process will allow “Knife” to grow and protect licensed code better every day.

What are the limitations of “Knife”?

As we have talked previously, “Knife” has to be “learning” to know how different the same code can be. Because of that at first “Knife” tool will be kind of blunt and stupid. However, amount of false code license violations and the number of missed violations will start decreasing with each code and its variation scanned.

On the other hand, “Knife” tool checks only hashed checksums of the files. In other words if the stolen code was modified to be different from its original and it was pushed without the modification history (as initial), “Knife” tool will miss it. However, this issue is going to solve itself because this thief-developer has to put way more effort and time to make these code modifications when updating the code from updated origin, than he would spend on creating the original code himself. At one point mistake on the thief-developers side will be made allowing for checksums to match during the update process and “Knife” will discover that it was stolen only by checking the incoming update.

Is “Knife” a mandatory and also paid service for codum users? (Do I have to pay for “Knife” tool if I am selling code on codum? Is it a mandatory service?)

If you use codum, you are as well using “Knife” tool. It is not possible to opt-out. Also, users will be paying for it indirectly, as it will be funded from the service fees they pay to use codum platform in the first place as well as from the license sale commision fees.

Are there any familiar tools like “Knife”? If so, how “Knife” is different from them?

None that we are aware of.

What will happen if I bought the code outside of codum platform and “Knife” tracks it?

If the code is known to codum “Knife” crawler and it detects parts of it on your public website, you will become a potential violator of the code license. However, there are a couple of possible scenarios. In first one, the owner of original code does not have a valid license in effect for the code in codum — nothing happens to the potential violator of the license. In second scenario, owner of original code has a valid code license on codum — it is his responsibility to have a mechanism to grant a license for you (assuming you have an EOS and codum account), even if you purchased the code outside of codum platform.

If my code was stolen, how does “Knife” help me?

At the moment, “Knife” tool main function is to catch the thief. Not to punish the thief, nor to stop the illegal use of code, but to track the violation. If you already know that your code is stolen and where it is used, “Knife” tool cannot help you anymore. However, if you know that it was stolen (for instance, it was hacked from your computer) and you have no idea if it was used somewhere online, “Knife” tool can help you find it after you license this code in codum. If and when license violation is found, you will be informed about it by codum with the details about who is the violator and where the code is found.

Codum is the first code market in blockchain. You can learn more about it from its future articles on codum blog or at codum.io. You can also take part in the ongoing fundraising of codum by simply following this participation tutorial.

Feel free to join us in our telegram chat.

Written by

- the community driven, decentralized code market based on eosio blockchain infrastructure and distributed source code collaboration platform git. www.codum.io

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store