← Back to team overview

mimblewimble team mailing list archive

Re: Grin's vulnerability disclosure and security process


It's an open source project, send a PR https://github.com/mimblewimble/grin/blob/master/CODE_OF_CONDUCT.md

Sent from ProtonMail Mobile

On Wed, Sep 12, 2018 at 17:59, Luke Kenneth Casson Leighton <lkcl@xxxxxxxx> wrote:

> ---
> crowd-funded eco-conscious hardware: https://www.crowdsupply.com/eoma68
> On Wed, Sep 12, 2018 at 4:23 PM, <chris@xxxxxxxxxxxx> wrote:
>> Hi Igno,
>> I’ll preface this with the context that Grin is one of the most admirable
>> crypto projects, and I haven’t contributed anything to date: this is only a
>> suggestion from an enthusiastic observer.
>> I think the current Code of Conduct embraces a mistaken zeitgeist,
>> specifically sections like:
>> And if someone takes issue with something you said or did, resist the urge
>> to be defensive. Just stop doing what it was they complained about and
>> apologize.
>> This is the right approach to the vast majority of interactions, but
>> codifying this rule explicitly, i.e. that I am responsible for another’s
>> offense, will have a chilling effect on valuable conversations. For example,
>> the Code of Conduct was offensive to Luke. Applying this standard woodenly,
>> we would be required to stop working on it. Maybe if a less prominent
>> contributor had proposed this change, Luke’s offense would have silenced
>> them.
>> Some principles are better held by individuals than enforced by law and
>> turned into political weapons— I think a much shorter and simpler code of
>> conduct would better serve this project in the long run.
> here's the thing, chris: ignatius has already spoken.... for all of
> you. he's clearly stated, "everyone is happy, has always been
> happy".... so now if anyone says otherwise, it creates a serious
> problem of confidence in the project.
> i've been at this a long time, and i have to say that i've not really
> encountered quite so many systemic and ethical violations in one
> "simple" reply, which is why i was able to conclude, even from just
> this one reply of ignatius', that the project has about 6-18 months
> left before other people start to notice what is clearly apparent to
> someone with my experience in dealing with open source software.
> nobody has to like that: i'm just the messenger, you understand?
> l.
> --
> Mailing list: https://launchpad.net/~mimblewimble
> Post to : mimblewimble@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~mimblewimble
> More help : https://help.launchpad.net/ListHelp

Follow ups