this post was submitted on 14 May 2025
323 points (99.4% liked)
Programming
20182 readers
208 users here now
Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!
Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.
Hope you enjoy the instance!
Rules
Rules
- Follow the programming.dev instance rules
- Keep content related to programming in some way
- If you're posting long videos try to add in some form of tldr for those who don't want to watch videos
Wormhole
Follow the wormhole through a path of communities [email protected]
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Open source repositories should rely on p2p. Torrenting repos is the way I think.
Not only for this. At any point m$ could take down your repo if they or their investors don't like it.
I wonder if it would already exist and if it could work with git?
https://blog.tangled.sh/intro
See also: https://fossil-scm.org/
Git is p2p and distributed from day 1. Github is just a convenient website. If Microsoft takes down your repo, just upload to another system. Nothing but convenience will be lost.
Look into https://radicle.xyz/
Not entirely true. You lose tickets and PRs in that scenario.
I've heard git-bug a few times for decentralised issue tracking, never tried it but the idea is interesting
Yeah, pretty neat!
https://radicle.xyz/
I've been reading about it. But at some point I found that the parent organization run a crypto scam. Supposedly is not embedded into the protocol but they also said that the token is used to give rewards withing the protocol. That just made me wary of them.
Though the protocol did seen interesting. It's MIT licensed I think so I suppose it could just be forked into something crypto free.
There's nothing crypto in the radicle protocol. What I think you're referring to are "drips" which uses crypto to fund opensource development (I know how terrible). It's its own protocol built on top of ethereum and is not built into the radicle protocol.
This comes up every time someone mentions radicle and I think it happens because there's a RAD crypto token and a radicle protocol. Beyond the similar names, it's like mistaking bees for wasps because they look similar and not bothering to have a closer look.
Drips are funding the development of gitoxide, BTW, which is a Rust reimplementation of git. I wouldn't start getting suspicious of gitoxide sneaking in a crypto protocol just because it's funded by crypto. If we attacked everything funded by the things we consider evil, well everything opensource made by GAFAM would have to go: modern video streaming (HLS by Apple), Android (bought by Google), LSPs (popularised and developed by Microsoft), OBS (sponsored by Google through YouTube and by Amazon through Twitch), and much much more.
Anti Commercial-AI license
The thing is that the purpose of such a system is to run away from enshitificacion.
If they are so crypto adjacent is like a enshitificacion speedrun.
If I'm going to stay in a platform that just care for the money I might as well stay in corpo platforms. I'm not going to the trouble of changing platform and using new systems to keep getting being used so others can enrich.
Git itself doesn't have crypto around it. This shouldn't have either.
And this is not even against crypto as a concept, which is fine by me. It's against using crypto as a scam to get a quick buck out of people who doesn't know better.
Where are you getting this information from? How is radicle just caring about money?
Who is getting rich and how?
Anti Commercial-AI license
Answer to both questions is the crypto scheme they have created. There is no logical explanation to it. We have seen it happen countless times before.
They could ask for crypto donations and that would be totally fine. But they are building a crypto scheme. And crypto schemes are build as pyramid schemes to get money out of vulnerable people. Anyone who make such a thing is not trustable.
Who is building a cryptoscheme? Radicle developers aren't building a cryptoscheme. Again, radicle is not crypto, it's a decentralised git forge.
Anti Commercial-AI license
Same devs of the Rad token which is said by themselves that will be used woth the protocol. You cannot disconnect devs of RAD and devs of radicle because they are the same people. It's like saying that YouTube have nothing to do with google.
Where did they say that RAD the token will be used with radicle the git forge? Please provide a link.
Anti Commercial-AI license
https://www.gemini.com/es-LA/cryptopedia/what-is-radicle-crypto-github-alternative-rad-token
Do tou think they made a crypto scam with almost the same name just for funsies?
Better by their own words: https://docs.radworks.org/community/rad-token
The Gemini.com article looks like AI slop to me, honestly.
DAGs are a distributed ledger? Wat?
Also if you actually looked at the code of radicle, you wouldn't find rad tokens, erc-20, or whatever else. If you further looked at the protocols you'd see that they aren't using a blockchain. Repository ownership is not handled by smart contracts either - it's all public key cryptography, which (again) is not crypto in the sense you're talking about.
To be fair, the article is old and describing radicle version 2. You can find the code here, but I can't find ERC tokens or anything like that in there, which further makes me think the authors of the article are very confused, AI, or misrepresenting the project on purpose. Of course, it's possible that all references to crypto were removed from the archive, but it would be good to provide a link to that if you found it.
This I didn't know of. But I'm curious how that will be done. It is not proof of crypto being within the radicle protocol or codebase (because it isn't, I looked - maybe I missed it, but I'd like proof thereof). It might be put in there in the future but I'm pretty sure they know it would piss off people to do that.
My guess is that theyll do it like IPFS, which I don't think has crypto with the protocol but has filecoin on top to reward people who pin things in IPFS. But IPFS users can completely ignore filecoin and aren't required to use it.
Anti Commercial-AI license
As I said it's not that crypto is inside de protocol. Is that the parent company (which is just the same people) made a crypto to be used with the protocol. On top of it. Which takes trust away from me. If they want donations ask for donations. If they want to provide a paid service then do a paid service.
But having a crypto they want to move around feels dishonest to me. People will be pumping the crypto thinking they are making an investment, thinking they are going to earn money or participate in some sort of circular economy but they will loose it, all. And the owners will get all their fiat money as soon as they can. I have seen it happen countless times.
If they do that from the beginning, what will they be doing in the future if the project take off? I'd better not find out.
OK I understand your concerns better. Thank you for explaining.
I am less concerned and don't have such a negative relationship with crypto. As long as it's not the selling point of something and decoupled from the actual project or product, that's fine to me. That others don't feel the same way is understandable.
For me, radicle is the fastest way to get off of github. All my projects are now there and anybody can contribute without signing up to yet another website i.e they don't need to have a login for each individual forgejo or gitlab instance. One radicle identity is all you need to contribute to a radicle project on any seed node.
If (when?) forgejo finally gets federation, I'd be more open to using it, but at the moment, it barely provides an advantage over radicle.
Anti Commercial-AI license
The project's official repo should probably exist in a single location so that there is an authoritative version. At that point p2p is only necessary if traffic for the source code is getting too expensive for the project.
Personally I think the source hut model is closest to the ideal set up for OSS projects. Though I use Codeberg for my personal stuff because I'm cheap and lazy
I'm wary of external dependencies. They are cool now, but will they be cool in the future? Will they even exist?
One thing I think p2p excels is resiliance. People be still using eDonkey even if it's abandoned.
A repo signature should deal with "fake copies". It's true we have the problem that BitTorrent protocol is not though for updating files, so a different protocol would be needed. I don't even know how possible/practical it is. It's true that any big project should probably host their own remote repo, and copy it on other platforms as needed. Github only repos was always a dangerous practice.
Bittorrent v2 has updatable torrents
If you're able to easily migrate issues etc to a new instance, then you don't need to worry about a particular service providers getting shitty. At which point your main concern is temporary outages.
Perhaps this is more of a concern for some projects (e.g. anything that angers Nintendo's lawyers). But for most, I imagine that the added complexity of distributed p2p hosting would outweigh the upsides.
Not saying it's a bad idea, in fact I like it a lot, but I can see why it's not a high priority for most OSS devs
Torrenting doesn't deal well with updating files.
And you have another problem: how do you handle bad actors spamming the download ?
That's probably why github does that.
That's true. I didn't think of that.
IPFS supposedly works fine with updating shares. But I don't want to get closer to that project as they had fallen into cryptoscam territory.
I'm currently reading about "radicle" let's see what the propose.
I don't get the bad actors spamming the download. Like downloading too much? Torrent leechers?
EDIT: Just finished by search sbout radicle. They of course have relations with a cryptomscam. Obviously..... ;_; why this keep happening?
There's literally nothing about crypto in radicle from my reading, cryptography and crypto currency are not synonymous.
Ah because they also have a different project for a crypto payment platform for funding open source development.
Edit again: it seems pretty nifty actually, why do you think it's a scam? Just because crypto?