If a web3 product deploys smart contracts for users, but those contracts are not open-source, there's zero accountability.

Neither customers nor the broader public can verify whether there have been any bugs in those contracts.

Co-Founder at sablier.com, and open-source developer. I have a broad range of interests, including longevity, epistemology, physics, and psychology.

How can a smart contract not be open source? Like technically how is that possible

if you don't verify the bytecode the code is not open-source

anyone can read/write to the contract still but you can't see the code itself