Open Letter about ICS999 License

[ctzurcanu]

Dear @larry0x , We have contacted you on Twitter, but our messages from our lead developer @loredanacirstea (and from myself, @ctzurcanu) remained disregarded. Our work covered the same usecases as your ICS999 and more. It was developed and demoed one year ago already using IBC with Cosmos EVM (Ethermint and Co.) environment. We have enlarged to cover CosmWasm recently.

Why we have not published our work on ICS repo? Because GitHub does not enforce the correct type of licensing at this moment. This IBC tech can easily make chains become infected with thievery and we did not want our effort and product to become accessory to illegalities. Our solution is to offer it only to the chains that adhere to it by contract and acts of governance to favor lawfulness (expressed planning for malintent does exist in Cosmos such as this blatant example). Our license is called The Provable Moral License (PML) ver. 1 and it will be managed on the Mythos chains.

Your pinned tweet reads:

If you copy other people's code into your project, please do it in such a way that preserves the original author's commit history, or if this isn't possible, attribute the contribution explicitly in the file or in README

Let's respect the original author's efforts

Thanks

We will see if you will decide to change what you have done up to this point and give a sign of acknowledging prior art.

[larry0x]

Hi @ctzurcanu, this is the first time I've learned about of your work "nBridge". After reviewing the demo video at HackAtom Seoul 2022, I concluded the following:

ICS-999 has fundamentally different architectural designs from nBridge

• nBridge works by deploying identical copies of the same contract across multiple EVM chains; a call to one such contract is mirrored to all others. In contrary, ICS-999 simply deploys a "proxy" contract on the host chain for the controller account.
• A key feature of ICS-999 is that the controller can compose multiple "actions" (registering an interchain account, transferring a token, making a contract call or query) into a single packet, to be executed atomically on the host chain; the controller is given a callback after the actions have been executed. nBridge does not appear to allow multi-action composition or give callbacks.
• ICS-999 has fungible token transfer (based on the "denom trace" mechanism first coined by the ICS-20 spec) and cross-chain queries enshrined in the protocol. nBridge does not appear to have these.

Due to these reasons, I think it's baseless to claim that ICS-999 took inspiration from nBridge.

ICS-999 does not share any source code with nBridge

• The EVM precompile for nBridge doesn't appear to be source-available
• Even it was source-available, I'd guess it's written in Go, so not usable in ICS-999 which is in Rust/CosmWasm

These being said, it is a good point that I should have acknowledged prior works that I did took inspiration from. I have amended the README with this commit: https://github.com/larry0x/ics999/commit/c69d1d47f600ba90367f425689686ec3ce99b2a4

[ctzurcanu]

Answering inline:

Hi @ctzurcanu, this is the first time I've learned about of your work "nBridge".

Probably the first time was 2 days ago when @loredanacirstea asked you on Twitter and you have not answered. However, "nBridge" is only the upper layer of our IBC bridging products. It guarantees mirroring.

After reviewing the demo video at HackAtom Seoul 2022, I concluded the following:

ICS-999 has fundamentally different architectural designs from nBridge

• nBridge works by deploying identical copies of the same contract across multiple EVM chains; a call to one such contract is mirrored to all others. In contrary, ICS-999 simply deploys a "proxy" contract on the host chain for the controller account.

We had done "proxy" bridging before and it is part of the internals of nBridge. We offered you links to demos of the nBridge because it contains the more complex behavior.

• A key feature of ICS-999 is that the controller can compose multiple "actions" (registering an interchain account, transferring a token, making a contract call or query) into a single packet, to be executed atomically on the host chain; the controller is given a callback after the actions have been executed. nBridge does not appear to allow multi-action composition or give callbacks.

nBridge internals allow for the execution of Pipeline graphs on multiple chains. https://www.youtube.com/watch?v=XMCgL99noYY&list=PL323JufuD9JAyaYCEvrnQ5yOAc3ukuNyF So it does callbacks, compositions, graph execution.

• ICS-999 has fungible token transfer (based on the "denom trace" mechanism first coined by the ICS-20 spec) and cross-chain queries enshrined in the protocol. nBridge does not appear to have these.

nBridge can do all ICS-999 can do plus additional behavior such as guarantee transaction and data mirroring.

Due to these reasons, I think it's baseless to claim that ICS-999 took inspiration from nBridge.

We did not say that you took inspiration. We asked you if you knew about our public products. You had not answered. I decided it is healthy to know your point of view for sure, so I linked in GitHub. Thank you for answering this time. However: our products may be considered as prior art to ICS-999 and any future IBC bridging.

ICS-999 does not share any source code with nBridge

• The EVM precompile for nBridge doesn't appear to be source-available

The source is not available because we know the moral implications of this being used for stealing people's money. So we have to write the correct moral license for this product.

• Even it was source-available, I'd guess it's written in Go, so not usable in ICS-999 which is in Rust/CosmWasm

Components of nBridge are written in Go. Most code is in Solidity/EVM/eWasm (so it is executable by a Wasm engine), but a CosmWasm version is in development and will be demoed.

These being said, it is a good point that I should have acknowledged prior works that I did took inspiration from. I have amended the README with this commit: c69d1d4

Good, I appreciate you mentioning prior art.

You seem to not be concerned with the fact that your product may become an accessory to criminal acts. Such acts of stealing using the blockchain have kept the entire blockchain industry prisoner to a small number of wrongdoers. Can't we, developers, be ready to make a sacrifice and not release these inter-chain superpowers without taking responsibility for what we do? (We had chosen to not publish ICS until we can enforce the correct license by contract.)

[loredanacirstea]

This issue can be closed. It has achieved its purpose of clarifying IP of the idea and its prior implementation and proposing a moral license.

@larry0x, You cannot claim IP for the idea of interchain bridging. Only for the code you provided. I know very well how it feels to have your ideas and code stolen, even after having a written agreement with those who stole it.

I appreciated that you took the time to view the materials provided and gave a decent response here on GitHub. But know that you have made a moral choice to support your Twitter followers abusing and harassing me for defending my volunteer efforts. You are the one who attacked first without waiting to clarify the issue, by complaining to your followers. I started with a question that was not answered, so we escalated in 3 stages until you felt compelled to answer.

Success with your work. May it be used ethically.

[ctzurcanu]

Our duty as volunteers was to create a proof of attention from your side and it has been fulfilled. We were hoping you will engage us on main content rather than form. But that part is not our duty.

Closing this issue.