I Love Blockchain. But, Let’s Talk Open Source.
Believe It or Not, They Are BFFs
I’ve been a part of the blockchain space since 2017. Blockchain — distributed ledger technology (DLT) more broadly — is typically some sort of open-source endeavor. Put differently, not only the use of the technology is multiparty, but its development too. I think many of us would agree that DLT is too powerful and valuable to be owned by a single organization.
Developing in the Open
When a software is open source, it means that there’s a community behind the code, and that it’s developed both collectively and in the open. As opposed to closed-source or proprietary approaches, open-source software allows any user to evaluate, use, and improve the code. When code is developed in the open, it also becomes subject to hacks and attacks. However, those hacks shed light on vulnerabilities that developers in the community can address and as a consequence, make the original code more robust. At the end of the day, visibility and transparency help establish confidence in a technology, whether that’s blockchain or something else. A new piece of technology is hardly ever perfect and it doesn’t need to be. It just has to be better than the alternatives, and be continuously enhanced.
Open Source Is Key to Blockchain (and Tech Innovation)
The most popular distributed ledger technologies are open source. In other words, open source is fundamental to DLT. Notions of collaboration, decentralization, and transparency — which are fundamental premises of blockchain technology — don’t go very well with the closed-source and proprietary concepts. I believe that openness is key to make a blockchain project work, and it starts with the code.
Ethereum is open source — you can fork code and reuse functionality others have built — and has a large community of developers behind it. The Hyperledger Foundation’s enterprise-grade blockchain software projects are all open source, and growing in number. R3’s Corda Enterprise offering is open source. Solana is an open-source project. The list goes on. Solana, in particular, is number eight on the Cloud Native Computing Foundation’s latest project velocity ranking, which measures the level of activity of open-source projects, and is published every 6 months.
Open source has been around for 30+ years, and is clearly not specific to blockchain/DLT. It is key to technology innovation in general. Some think of open source as a software development model and highlight its collaboration and decentralization aspects. Others look at it as a business model and see monetization opportunities through paid features, support and services. Some take a chance and think about it as a supply chain for technology. Let’s just say that none of them is fully right and none of them is completely wrong. ;)
Open Source Realities
An open-source approach enables agile and fast growth of software, and can incorporate changing market needs and innovative features quickly, and on a continuous basis. Although being open source is not a guarantee of security, it does have the potential to be more secure than closed-source alternatives. However, the assumption that open-source software involves many eyes that monitor, detect, and resolve problems, may not always be the case. I’d say that those projects that don’t have an active and sizeable developer community behind them, will eventually fall apart.
Security continues to be a factor that holds back adoption of open-source technologies, especially in the case of traditional enterprises that use a lot of legacy systems, and are more conservative and risk-averse when it comes to technology choices. As a former technology industry analyst, I must add that ‘security’ — whether real or perceived — pretty much always takes the podium when it comes to IT pain points. Nonetheless, there are cross-industry organizations like the Open Source Security Foundation (OpenSSF) that are dedicated to further advancing the security of open-source software. In any case, according to Red Hat’s recent The State of Enterprise Open Source report, 89% of IT leaders believe that enterprise open source software is as secure or more secure than proprietary software.
Although open-source projects are not necessarily governed by a foundation and can also operate under the auspices of a single vendor, foundations provide the value of neutrality and a platform where corporations — even competing ones — collaborate, with no one single company calling the shots.
Strategies around open-source software have evolved over time. For those who are skeptical about the success of the open-source approach from a business point of view, just think about how Red Hat got acquired by IBM for US$ 34 billion, in 2019. Other examples include MuleSoft, bought by Salesforce for US$ 6.5 billion in 2018; SUSE’s acquisition of Rancher Labs for more than US$ 600 million; and HashiCorp, valued over US$ 5 billion in a US$ 175 million venture round in 2020.
By adopting an open-source strategy, companies can take advantage of community-based innovation while also driving mass adoption. In the DLT space specifically, as previously discussed, the name of the game is definitely open source. Blockchain projects don’t need to start from scratch and reinvent the wheel — they can build on existing, solid codebase. Leveraging open-source code can save projects considerable time and money.
Leveraging open-source software, and building a commercial strategy around it, is what many blockchain specialist vendors have been doing — more specifically, using open-source software and open standards as the foundation of their offering, and capturing value by addressing needs and opportunities that are not solved by the upstream project.
What is called the open-core model, is often used by companies to monetize an open-source software. This approach combines a feature-limited version of a software that is free to use, and a commercial version that is proprietary. Many developers find this approach to be untrue to the open-source culture. This model must be executed with a lot of finesse to avoid alienating developers.
Although many open-source companies have been embracing the cloud model to some extent — with the promise of offering both ease-of-use and cost-efficiency to customers — there have also been some challenges around public cloud providers offering hosted versions of popular open-source software at low cost and adding their own value-added services on top of that, and giving nothing back. In the database space in particular, CockroachDB and MongoDB, for example, switched to stricter open-source licenses to address those challenges. CockroachDB switched from Apache License 2.0 to Business Source License (BSL), so users can use it or embed it in their applications, run it as a service internally; but cannot offer a commercial version of it as a service, without buying a license. However, three years after each release, the license converts to the standard Apache 2.0 license. MongoDB switched from GNU AGPLv3 to Server Side Public License (SSPL), which explicitly states that anybody who wants to offer MongoDB as a service, needs to either get a commercial license or must open-source the service in order to give back to the community.
I don’t think I’m going to shock anyone by saying that with anything that is highly innovative and disruptive, you may first aim for the moon, then you might need to come back to earth, in order to — at some point — land among the stars. This is true for any open-source technology, as well as all the strategies that people and organizations are building around them.
I do believe that open source is a fundamental element of technology innovation (including blockchain/DLT of course!) — it’s just the perfect fit for collaboration, decentralization, and transparency.