Bitcoin Forum

Bitcoin => Project Development => Topic started by: xor on May 31, 2011, 10:14:04 AM



Title: [BOUNTY] For security: Establish BTC foundation, hire full-time code reviewers
Post by: xor on May 31, 2011, 10:14:04 AM
Hi,
the biggest issue I see with Bitcoin is security vulnerabilities.
If someday the permanently online Bitcoin nodes hold billions worth of dollars a remote code execution flaw could be fatal for the Bitcoin economy. It would cause a shitstorm of bad news about Btc and probably permanent loss of trust in the currency. Considering that trust is the only thing which makes a currency real this must be avoided at all cost.
(Also, with the money of thousands or tens of thousands of people involved, I do think that the developers hold very much responsibility, and probably far too much responsibility for the open source development model of "we do some code&fix and then release it if we feel okay with it". There rather should be some formalized voting mechanism among the project management, if not among the community, since the community's money is being affected by any changes.)

As someone who has some experience with open source software (3 years of Freenet project) I see the following risk:
Volunteer open source developers are not bound to quality management.
They are more likely to do the "fun stuff" like writing new code than the important stuff like writing unit tests, reviewing code dozens of times, documenting their code, etc.
They are likely to release half-finished, undocumented, half-tested code at midnight due to euphoria about getting the new features out or whatever.

Freenet is a foundation which funds 1 paid full-time developer from donations.
This has the advantage of having someone who depends on not losing his job.
It has the disadvantage though that - since he is the only "reliable" developer (volunteers don't follow orders) - he spends most of his time writing new code, and little of his time with said security / code quality stuff.

IMHO a "trustworthy" open source project has at least 2 paid developers:
One who writes the new code, one who does nothing but reviewing it for security issues & writing black-box unit tests.
Both should be able to vote for getting each others fired of course  ;D

For something like Bitcoin, it might be very suitable to have even a 2:1 or 3:1 ratio of reviewers/writers.
One of the reviewers should be a mathematician - when messing with cryptography it is very easy to shoot yourself in the foot if you don't fully understand the maths of it.
The actual amount of developers can be scaled with the available funds.

Also, given that Bitcoin is a currency, it should be very easy to raise the funds for paying full-time developers - everyone in the community already has the software to donate.

So I suggest we hereby start a bounty to establish a Bitcoin foundation.
I have no idea about how a foundation is founded or which persons are candidates for hired developers, please give your input

I'll ask Ian Clarke to elaborate about how the Freenet project foundation was established, maybe he can help.


Title: Re: [BOUNTY] For security: Establish BTC foundation, hire full-time code reviewers
Post by: DukeOfEarl on June 06, 2011, 01:28:49 PM
the biggest issue I see with Bitcoin is security vulnerabilities.

Agreed, this is my biggest concern.


Title: Re: [BOUNTY] For security: Establish BTC foundation, hire full-time code reviewers
Post by: FooDSt4mP on June 06, 2011, 02:33:50 PM
I would recommend rotating the developers roles.  They will be more effective by both writing and reading the code.