It's time for the Open Source Endowment

Over the last few years I’ve talked with hundreds of open source community members — from founders and VCs to software engineers — and almost everyone shared the same concern: there’s no truly sustainable funding for critical OSS maintenance. And without it, modern society runs on an increasingly fragile foundation.

That puzzled me, and in 2024 I noticed that the open source world is remarkably similar to a decentralized US university, and that led me to its new funding concept. For universities, humanity has just two sustainable funding models: public spending or private endowments. Government support of OSS doesn’t really scale, and nobody had built an OSS-focused endowment before. After understanding why, I started building one as a weekend project, together with other passionate OSS folks.

Today we are excited to publicly launch the Open Source Endowment — a community-driven endowment fund that sustainably funds maintainers of the most critical open source projects. The fund is at ~$700K, formed by 60+ founding donors, including the founders of HashiCorp, Elastic, ClickHouse, Supabase, NGINX, Gatsby, Vue.js, Pandas, Pydantic, and curl, as well as the Chair of the OSI and the former CEO of GitHub.

What’s the problem?

Open source runs the modern world — 96% of codebases contain OSS, which makes up 77% of all their code, and the average piece of software has 500+ open source dependencies. Enterprises would spend 3.5x more on software if OSS did not exist. However, as a global public good, OSS suffers from the tragedy of the commons.

Like roads, software needs maintenance — you have to fix bugs, patch security holes, adapt to changes. Yet 60% of OSS maintainers are unpaid, and now half of all codebases contain open source with no dev activity in the last two years. Also, many OSS creators have been doing this for free for decades, and often hit burnout.

Without sustainable maintenance, things tend to break. In 2014, the Heartbleed bug in OpenSSL — a library maintained by two developers on ~$2,000/year in donations — exposed 500,000+ websites. In 2021, the Log4Shell vulnerability triggered 840,000 attacks within 72 hours. Gartner estimates software supply chain attack costs will reach $138B by 2031. And modern AI code generation is more likely to worsen the problem than fix it — at least its non-technical aspects.

Why current funding falls short

There is a variety of open source funding solutions and many of them make real impact. However, none combines three essential features at once — being sustainable, systemic, and efficient. They can be divided into two groups:

• Top-down funding mostly comes from corporations through direct programs or their support of large nonprofits like Linux Foundation or Eclipse Foundation. Naturally, such initiatives favor the largest projects or a specific company’s supply chain. Corporate OSS budgets shift with market conditions — in volatile times, open source programs are among the first to be cut. Some governments also support OSS, but their funding shifts with each new administration and the target problem is hard to explain to a typical voter.

• Bottom-up funding comes from developers supporting each other through GitHub Sponsors, Open Collective, thanks.dev, or internal FOSS Funds (like at Sentry and n8n). These tools are digital-first and efficient, but the budgets behind them are even more volatile. Also, such peer-to-peer tools usually gravitate toward the most popular projects, not the most critical ones — as I showed for Python, for example.

As a result, the random person in Nebraska keeping a vital library alive may never attract enough attention from funders before its missed vulnerability disrupts our critical infrastructure.

The case for an OSS-focused endowment

In 2024, I wrote about the striking parallels between open source and universities. They share the same reputation-based culture and functions — co-creating IP as a public good, teaching each other within thematic clusters, and commercializing only a small fraction of what they produce. Both are driven by enthusiasts who care more about what their peers think of their work than how much the market will pay for it.

But they differ in one crucial way: sustainable funding. In the 17th-19th centuries, societies recognized the long-term value of universities and created endowments — private funds that invest donations in a low-risk portfolio and spend only the investment income each year. The average US university endowment earns ~7% and spends ~5% annually. This model has sustained Harvard, Stanford, Oxford, and Cambridge during good and bad times. Open source never had anything like it.

The analogy between OSS and universities extends to their communities. Think of junior developers as “students” — they learn a lot from open source projects, and eventually grow into senior engineers, CTOs, and founders, becoming “OSS alumni”. GitHub has 150 million users, and at top US universities, about 7% of alumni donate back. If even a fraction of the tech industry’s “alumni” contributed to a community endowment, it would solve the OSS sustainability funding issue.

I’ve met many people who genuinely want to solve this problem, and are ready to give back. But they lack a sustainable, systemic, and efficient developer-focused tool to do so. And the Open Source Endowment is designed to be exactly that: a next-gen grassroots charity dedicated to open source funding.

Why hasn’t anyone built an OSS-focused endowment before?

I’ve asked a lot of open source experts this, trying to understand if I’m missing some detail that prevents this potentially great match between a problem and a solution. In the end, I found three historical (but not fundamental) reasons for it:

1. Endowments need a 20+ year planning horizon. Most organizations focus on quick wins and annual budgets. Companies change priorities as their business evolves, and existing nonprofits usually can’t afford to spend only ~5% of what they raise per year. However, passionate individuals can think in decades, and they have driven top universities for centuries — some are even named after them.

2. The target must have an unlimited lifespan. Most OSS communities center around things with limited lifespans: a specific software project, a programming language, a person. Such targets fit poorly with the endowment model, but open source at large is an open-ended cause that fits perfectly.

3. It requires a rare mix of expertise. Building an OSS endowment demands knowledge of open source, experience with endowments, developer-focused startups, and fundraising. Most OSS people don’t know the endowment model, and most philanthropists don’t know about the OSS crisis. The intersection is small, and the set of people who can spend their time on this is even smaller.

How the Open Source Endowment works

The Open Source Endowment is a US 501(c)(3) tax-exempt public charity. The fund invests all donations in a low-risk portfolio and uses only the investment income for grants, making it independent of annual budgets and market volatility. Even a modest $10M fund at this rate would generate ~$500K every year — enough for $10K grants to 50 critical open source projects. The goal here is to sustainably fill in the gaps of the OSS funding landscape, and not substitute it.

The website covers the details, so instead I’d like to highlight some non-obvious design choices and principles behind it:

1. People-centric governance. OSE intentionally accepted only individuals as founding donors and excludes corporate donors from governance. This is unusual for open source foundations, but it’s how the best universities operate. Even when a major donor gives a very large sum to, let’s say, Harvard, it won’t buy them a seat on the board of trustees. We welcome everybody with any donation amount in our community, including tech companies and other organizations.

2. Skin in the game. To align incentives and keep the endowment efficient long-term, it should rest on qualified decisions from people with skin in the game. Everyone who personally donates at least $1,000 a year becomes a Member with legally-defined rights to advise on the grant-making model, elect some board members, etc. People who contribute their own money care deeply about where it goes — and they should decide how it’s spent. We also require all Board Directors and the Executive Director of the OSE to be Members.

3. Decentralized, bottom-up funding. OSE is a grassroots charity and should avoid donor concentration, making it more robust and appealing to an average software engineer, not to a few large donors. While institutions will eventually provide most of the capital, maintaining balance matters.

4. Digital-first and radically transparent. OSE works like a nonprofit developer-focused startup with minimal offline operations, maximum reasonable automation, and open processes. If we can share internal data without harm, we do — on the website or in the repo. Open source was built on transparency, and its endowment should be no different.

5. Data-driven grant model. There’s no perfect model for distributing OSS grants. Our approach is an open, measurable, algorithmic (but not automatic) model, co-developed with OSE Members. I tested this approach in December 2024 by donating $5,000 to 866 Python projects via GitHub Sponsors, and the discussion on Hacker News generated great feedback. We’re finalizing the first version of the selection model after the public launch, and its high-level description is at osendowment/model.

6. Global and neutral. Open source is global by nature — contributors and maintainers work across every country and timezone. The endowment reflects this: it avoids political or strong corporate affiliations and geographic bias in grant-making, within the limits of its US jurisdiction. The fund serves open source as a whole, not any single ecosystem or company or country.

The story just begins

The Open Source Endowment concept took shape in 2024. Its core team started to come together in December, we incorporated the entity on Feb 15, 2025, and recently finally got a US 501(c)(3) tax-exempt status. It is just a “pre-seed” stage and there are more exciting developments ahead.

None of this would be possible without the people who believed in the idea early, and to whom I am deeply grateful:

• OSE founding team (and donors): Chad Whitacre (Head of Open Source, Sentry), Maxim Konovalov (co-founder, Nginx), Jonathan Starr (ex Program Manager, NumFOCUS), Vlad-Stefan Harbuz (maintainer, Open Source Pledge), and Amy Parker (Deputy Executive Director, OpenSSL).

• Founding donors: Mitchell Hashimoto (ex HashiCorp), Kailash Nadh (Zerodha), Igor Sysoev (Nginx), Shay Banon (Elastic), Mark Shmulevich (Aloniq), Chang Yuanyangzi, Evan You (Vue.js), Alexey Milovidov (ClickHouse), Felix Malfait (Twenty), Paul Copplestone (Supabase), Peter Zaytsev (Percona), Wes McKinney (Pandas), Jan Oberhauser (n8n), Patrick Murphy (Tapestry VC), Shane Curcuru (Apache Software Foundation), Thomas Dohmke (ex GitHub), Helen Greul (Multiverse), Matvey Kukui (Archestra), Cyril Shtabtsovsky (AlphaSemantic), Rinat Khaziev (Amazon), Alex Taraymovich (Verisart), Alex Turbanov (Somersault Ventures), Alexandra Vidyuk (Beyond Earth Ventures), Ash Vardanian (Unum), Chris Aniszczyk (Linux Foundation), Daniel Stenberg (cURL), Desigan Chinniah (Mozilla Ventures), Dieter Plaetinck (ex Grafana Labs), Irina Nazarova (Evil Martians), Jeffrey Paul (Fueled), Michael Hunger (Neo4j), Nik Spirin (NVIDIA), Pavel Pleskov (Fast Forward), Sam Bhagwat (Mastra), Samuel Colvin (Pydantic), Shahar Glazner (Elastic), Tal Borenstein (Elastic), Tracy Hinds (OSI), Valerii Babushkin (BP), William Zeng (Quantonation), and many others.

Open source is developers’ gift to humanity. The Open Source Endowment is our gift back — a way for all of us to make sure this public good lasts as the digital backbone of the world. If you care about open source, join us as a donor at endowment.dev and help shape it.