Seeing as how I am the author of two of the posts @SamWilsn linked, I will provide additional context as to my motivation.
Concerning source code for âReference Implementationsâ
This is problematic currently because of a lack of a âDCOâ or acknowledgement from the contributor that they have the necessary rights/permissions to enter into an agreement for contribution of code that may be used by, for example, their employer.
For example, we have an RPC endpoint, mev_sendBetaBundle
that we may want to upstream as an EIP. The method name could be trademarked by us, then submitted to as an EIP. This is a somewhat contrived example as the class name could be slightly adjusted, but it illustrates my point.
Current Ambiguity in the âdraftingâ / âlast call processâ
The current licence regime is ambiguous as to the extent of which contributions made within the EIP/ERC Standards Process (e.g., via e-mail, oral comment, the discussion forums) are similarly treated as a âcollective workâ or are retained by the originator. This can be an issue, especially if the discussion process is taking place in some external 3rd party forum in which arbitrary terms can be imposed upon.
EIP/ERC as a Trademark
We have seen that ERC (moreso than EIP) has been used to claim support or endorsement for, or as an indication of origin of, authenticity/reliability of such services using the name as a marketing tool for promotion and positive endorsement. Documents that are published by third parties, including those that are translated into other languages, should not be considered to be definitive versions of an ERC/EIP.
Without having an entity (this does not necessarily have to be the EF per se) that holds such rights to them, holding external parties accountable for misappropriating the communities work is much more difficult, if not impossible.
Reasons for pro-Public Domain
An important part of the reason is that if for example the Ethereum Foundation wanted to retain change control of the technical specifications of the (sic) Ethereum Protocol, it would have to copyright such specifications. By placing it in the public domain, it is technically possible for any other potential standards body to do so, without their involvement.
Source Code Licence for Reference Implementations
The IETF Trust uses the following:
Revised BSD License set forth in Section 4.c of the IETF Trustâs Legal Provisions Relating to IETF Documents (Trust Legal Provisions (TLP) â IETF Trust).
Personally, I suggest using UPL-1.0
or the Universal Permissive License
- Clear patent protection. The UPL is a broad permissive license including both a copyright license and an express patent license, covering at least a version licensed by someone under the license (for example a distributor) and/or a version someone contributed to even if they never distribute the whole. (The reason the latter is needed is discussed below.) By virtue of the unambiguous patent license, the UPL is materially clearer with respect to the rights licensed and likely broader than either the MIT or BSD licenses.
- Clear & simplified relicensing. The UPL expressly permits sublicensing under either the UPL or under other terms, which clearly allows someone to relicense code received under the UPL either on copyleft terms, on proprietary terms, or otherwise, thus permitting maximum flexibility in reuse.
- Reduced overhead in source files. The UPL expressly permits use of the license without including a full copy of the text, which is useful, I guess.
- It can be used as a contributor agreement. Finally, the UPL may be used as a contributor licence agreement licensing both the software itself and also contributor patents for use in one or more âLarger Works.â The Larger Works licensed in this fashion are designated by the use of a separate file accompanying the license, akin to the NOTICE file that accompanies the Apache License, Version 2.0. The Larger Works file can be used to control for both contributions to other works (for example, we could specify MySQL in a Larger Works file for a work, which would then license contributor patents for MySQL as well as the contribution), to set patent license scope for specific versions (for example, we could specify the approved reference implementation of JSR-xxx including Maintenance Releases to ensure that all contributors to an RI are licensing both the final version of the RI and qualified updates under the JCP program), or both.
Patents?
Lol. Unless you have the money to pursue legal enforcement of your patent claims, they are at best a form of insurance against some would-be patent troll.
ERC Split provides an opportunity
At the very least, by having the EIP process split from the ERC process, we can enforce stronger protections on the ERC side of things as appropriate without undermining some of the principles behind the EIP process.
The longer the community waits, the less likely anything other than having a separate repo will differentiate the two different processes. Publishing something along the lines of âERC404â should not happen: these sorts of shameless tactics are the epitome of a tragedy of the commonsâ problem that the current inherited EIP process enforces upon the ERC process.
We should also make a distinction between including the source code of a smart contract (e.g. what was provided as an example for ERC4626/etc and including a canonical ABI/API interface definition within that ERC proposal.
Locked Versioning AKA Finalized EIP/ERCâs are also a great thing
fixed meaning unchanging, not unbroken specifications are a great thing. Keep the bike shedding discussions away.
ERC, why art thou not a package registrar?
Ryan Dahlâs presentation in 2018 introducing Deno highlights a big problem: no native JavaScript package registry. What is the result when the community does not own the package registry? Corporate co-opt. NPM is now a Redmond wholly owned subsidiary, and Ethereumâs ecosystem could certainly fall to that same fate. Of course, itâs not from lack of trying, however the ERC repo being separate now represents a potential to cut across languages and providing something similar to what @xinbenlv is attempting to do with ERC Ref.
Think that package registry is a âsettled problemâ? Just a few weeks ago, JSR was announced, a new registry,.
Concluding remarks
Yes, all of these issues I brought up because I want to see a package registry for fuck sakes, please can we do that guys?
Yours truly,
me. xoxo.