Comment on page
Ren Open-Source Roadmap
An overview on the logic and thresholds for Ren's Open-Source Roadmap
The team at Ren are very strong proponents of the open-source ethos and believe all decentralized protocols need to be made open-source when secure. The Ren team also wants to (a) be competitive in this space, given the hard work and capital invested by the team and the community, and (b) give an appropriate amount of time for security issues to be discovered and fixed before making the codebase available to potentially malicious actors.
With that said, Ren's codebase barring the RZL sMPC algorithm will be open-sourced at the advent of Ren Mainnet Subzero which will be launched after our security audit is completed. The RZL sMPC algorithm, however, is what makes Ren and its sMPC solution so special. This RZL sMPC algo has been pioneered in-house by our development team and can be considered a trade secret. It will, therefore, not be released to the wider public until certain security thresholds within Ren have been met. We have worked very hard over the last two years; this approach ensures Ren's security and that the Ren community, team, and investors are rewarded for their patience.
Ren Mainnet Security Audit
The security audit will verify our RZL sMPC algorithm correctness under a Non-Disclosure Agreement (NDA). The RZL (z0) sMPC paper and the security audit will be available for the public to review when completed.
The RZL (z0) sMPC codebase will be gradually open-sourced to the public after the inception of Mainnet Subzero.
The Ren team is taking this stance to ensure the codebase is stable, secure, and as bug-free as possible before open-sourcing the code to malicious actors that might seek to take advantage of any bugs they can find that we & auditors have not. Given recent events in the space, this is the most prudent approach to fund safety. Making the entire codebase public immediately opens up Ren to be exploited via zero-day vulnerabilities.
To this end, we will also be undergoing further auditing of the codebase, having more of it reviewed, and having critical components reviewed in duplicate.
Audits are a continuous process, and this list will continue to be updated as more audits are completed.