Hi, excited for my first use of the StarkNet Shamans platform. Would love to share some thoughts and get feedback on the intended license for the StarkNet provers, which should be made source available when we get to the decentralization phase, hopefully by the end of this year (2022). You can see the license here, and a discussion of it in this blog post.
Briefly, the Polaris license allows developers to use and modify the prover code in any way they choose, as long as proofs are sent to a smart contract address that appears on a whitelist. This whitelist is append-only, so one may never remove from it, only add to it. In particular, if you’ve been using the prover code to interact with a particular smart contract (say, StarkNet’s), you’ll know that you may continue using it indefinitely in the future.
The question I’d like to address here is WHO IS THE LICENSOR? I.e. Who makes decisions regarding the whitelist?
When we conceived of Polaris, StarkNet was merely an idea, not a flourishing ecosystem. But over the past year we realized that it makes no sense for StarkWare to be the licensor of the StarkNet prover code. Rather, it should be the StarkNet ecosystem that decides on its fate. Thus, StarkWare has decided that the licensor of this code will be the ecosystem. While the exact governance mechanism for the ecosystem is still being worked out, imagine some standard crypto-economic model that allows a community to vote on important decisions like upgrades to the StarkNet core, or changes to the Polaris license - the topic of this post.
In this case, the StarkNet ecosystem may vote to keep the whitelist restricted only to StarkNet smart contract verifiers. It may negotiate with other chains to agree on conditions under which new verifier smart contracts are added to the whitelist, effectively creating new StarkNet ecosystems on other chains. It may also decide to expand the whitelist to allow all smart contracts to be added, effectively allowing all blockchains to create their own StarkNets and coming very close to full blown open source. Finally, the community may also decide to just drop Polaris and replace it with Apache 2.0 or MIT.
Why would the StarkNet ecosystem decide to limit the Polaris license? My first answer is that if I didn’t have strong arguments, I’d still want the ecosystem, not StarkWare, to decide on this. But I do several reasons the ecosystem might want to limit access: (1) several notable dApps, like Metamask, Zcash and Uniswap, have opted to leave full blown open source in favor of more restrictive licenses; if they chose so, maybe StarkNet will want to limit access as well. (2) Licenses have been useful in the past in preventing abuse and free riding by various large entities that have not contributed to the development of the code/ecosystem but nevertheless wanted to reap the benefits of an ecosystem’s contribution. (3) It’s well known that with licenses, going from restrictive to lenient is easy; going the other direction - from lenient to restrictive, is much harder. So better start slightly more restrictive, than lenient. (4) We’ve seen quite a few cases of projects using open source code developed by others, much to the chagrin of the OGs who worked hard on the original code. It should be the ecosystem’s decision whether its fine for others to use the code, and we’ll leave it to the StarkNet ecosystem in this case.
So, with this preamble, I’d love to hear your thoughts - what are the pros and cons of using the Polaris license, assuming it will be the StarkNet ecosystem that controls it?