RenVM Open-Source Roadmap

An overview on the logic and thresholds for RenVM's Open-Source Roadmap

The team at Ren are very strong proponents of the open-source ethos and believe all decentralized protocols need to be made open-source when secure. The Ren team also wants to (a) be competitive in this space, given the hard work and capital invested by the team and the community, and (b) give an appropriate amount of time for security issues to be discovered and fixed before making the codebase available to potentially malicious actors.

With that said, Ren's codebase barring the RZL sMPC algorithm will be open-sourced at the advent of RenVM Mainnet Subzero which will be launched after our security audit is completed. The RZL sMPC algorithm, however, is what makes RenVM and its sMPC solution so special. This RZL sMPC algo has been pioneered in-house by our development team and can be considered a trade secret. It will, therefore, not be released to the wider public until certain security thresholds within RenVM have been met. We have worked very hard over the last two years; this approach ensures RenVM's security and that the Ren community, team, and investors are rewarded for their patience.

Stage 1 | Q1 & Q2 2020

RenVM Mainnet Security Audit The security audit will verify our RZL sMPC algorithm correctness under a Non-Disclosure Agreement (NDA). The RZL (z0) sMPC paper and the security audit will be available for the public to review when completed.

Stage 2 | Q3 & Q4 2020

The RZL (z0) sMPC codebase will be gradually open-sourced to the public after the inception of Mainnet Subzero.

The Ren team is taking this stance to ensure the codebase is stable, secure, and as bug-free as possible before open-sourcing the code to malicious actors that might seek to take advantage of any bugs they can find that we & auditors have not. Given recent events in the space, this is the most prudent approach to fund safety. Making the entire codebase public immediately opens up RenVM to be exploited via zero-day vulnerabilities.

To this end, we will also be undergoing further auditing of the codebase, having more of it reviewed, and having critical components reviewed in duplicate.

If you would like to review our RZL sMPC paper and other audits can be found here.