forked from robur/blog.robur.coop
Merge pull request 'add-finances-article' (#7) from add-finances-article into main
Reviewed-on: robur/blog.robur.coop#7
This commit is contained in:
commit
0b0c57de5c
4 changed files with 304 additions and 2 deletions
|
@ -10,7 +10,7 @@ $ git clone git@git.robur.coop:robur/blog.robur.coop
|
|||
$ cd blog.robur.coop/
|
||||
$ opam pin add -yn .
|
||||
$ opam install --deps-only blogger
|
||||
$ dune exec src/watch.exe --
|
||||
$ dune exec bin/watch.exe --
|
||||
```
|
||||
|
||||
A little server run on `http://localhost:8000`.
|
||||
|
|
302
articles/finances.md
Normal file
302
articles/finances.md
Normal file
|
@ -0,0 +1,302 @@
|
|||
---
|
||||
date: 2024-10-21
|
||||
title: How has robur financially been doing since 2018?
|
||||
description: How we organise as a collective, and why we're doing that.
|
||||
tags:
|
||||
- finances
|
||||
- cooperative
|
||||
author:
|
||||
name: Hannes Mehnert
|
||||
email: hannes@mehnert.org
|
||||
link: https://hannes.robur.coop
|
||||
---
|
||||
|
||||
Since the beginning, robur has been working on MirageOS unikernels and getting
|
||||
them deployed. Due to our experience in hierarchical companies, we wanted to
|
||||
create something different - a workplace without bosses and management. Instead,
|
||||
we are a collective where everybody has a say on what we do, and who gets how
|
||||
much money at the end of the month. This means nobody has to write report and
|
||||
meet any goals - there's no KPI involved. We strive to be a bunch of people
|
||||
working together nicely and projects that we own and want to bring forward. If
|
||||
we discover lack of funding, we reach out to (potential) customers to fill our
|
||||
cash register. Or reach out to people to donate money.
|
||||
|
||||
Since our mission is fulfilling and already complex - organising ourselves in a
|
||||
hierarchy-free environment, including the payment, and work on software in a
|
||||
niche market - we decided from the early days that bookeeping and invoicing
|
||||
should not be part of our collective. Especially since we want to be free in
|
||||
what kind of funding we accept - donations, commercial contracts, public
|
||||
funding. In the books, robur is part of the non-profit company
|
||||
[Änderwerk](https://aenderwerk.de) in Germany - and friends of ours run that
|
||||
company. They get a cut on each income we generate.
|
||||
|
||||
To be inclusive and enable everyone to participate in decisions, we are 100%
|
||||
transparent in our books - every collective member has access to the financial
|
||||
spreadsheets, contracts, etc. We use a needs-based payment model, so we talk
|
||||
about the needs everyone has on a regular basis and adjust the salary, everyone
|
||||
agreeing to all the numbers.
|
||||
|
||||
## 2018
|
||||
|
||||
We started operations in 2018. In late 2017, we got donations (in the form of
|
||||
bitcoins) by friends who were convinced of our mission. This was 54,194.91 €.
|
||||
So, in 2018 we started with that money, and tried to find a mission, and
|
||||
generate income to sustain our salaries.
|
||||
|
||||
Also, already in 2017, we applied for funding from
|
||||
[Prototypefund](https://prototypefund.de) on a [CalDAV server](https://prototypefund.de/project/robur-io/),
|
||||
and we received the grant in early 2018. This was another 48,500 €, paid to
|
||||
individuals (due to reasons, Prototype fund can't cash out to the non-profit -
|
||||
this put us into some struggle, since we needed some double bookkeeping and
|
||||
individuals had to dig into health care etc.).
|
||||
|
||||
We also did in the second half of 2018 a security audit for
|
||||
[Least Authority](https://leastauthority.com/blog/audits/five-security-audits-for-the-tezos-foundation/)
|
||||
(invoicing 19,600 €).
|
||||
|
||||
And later in 2018 we started on what is now called NetHSM with an initial
|
||||
design workshop (5,000 €).
|
||||
|
||||
And lastly, we started to work on a grant to implement [TLS 1.3](https://datatracker.ietf.org/doc/html/rfc8446),
|
||||
funded by Jane Street (via OCaml Labs Consulting). In 2018, we received 12,741.71 €
|
||||
|
||||
We applied at NLNet for improving the QubesOS firewall developed in MirageOS
|
||||
(without success), tried to get the IT security prize in Germany (without
|
||||
success), and to DIAL OSC (without success).
|
||||
|
||||
| Project | Amount |
|
||||
|-----------------|----------:|
|
||||
| Donation | 54,194.91 |
|
||||
| Prototypefund | 48,500.00 |
|
||||
| Least Authority | 19,600.00 |
|
||||
| TLS 1.3 | 12,741.71 |
|
||||
| Nitrokey | 5,000.00 |
|
||||
| __Total__ | __140,036.62__ |
|
||||
|
||||
|
||||
## 2019
|
||||
|
||||
We were keen to finish the CalDAV implementation (and start a CardDAV
|
||||
implementation), and received some financial support from Tarides for it
|
||||
(15,000 €).
|
||||
|
||||
The TLS 1.3 work continued, we got in total 68,887.53 €.
|
||||
|
||||
We also applied to (and got funding from) Prototypefund, once with an [OpenVPN-compatible
|
||||
MirageOS unikernel](https://prototypefund.de/en/project/robust-openvpn-client-with-low-use-of-resources/),
|
||||
and once with [improving the QubesOS firewall developed as MirageOS unikernel](https://prototypefund.de/project/portable-firewall-fuer-qubesos/).
|
||||
This means again twice 48,500 €.
|
||||
|
||||
We also started the implementation work of NetHSM - which still included a lot
|
||||
of design work - in total the contract was over 82,500 €. In 2019, we invoiced
|
||||
Nitrokey in 2019 in total 40,500 €.
|
||||
|
||||
We also received a total of 516.48 € as donations from source unknown to us.
|
||||
|
||||
We also applied to NLnet with [DNSvizor](https://nlnet.nl/project/Robur/), and
|
||||
got a grant, but due to buerocratic reasons they couldn't transfer the money to
|
||||
our non-profit (which was involved with NLnet in some EU grants), and we didn't
|
||||
get any money in the end.
|
||||
|
||||
| Project | Amount |
|
||||
|----------|----------:|
|
||||
| CardDAV | 15,000.00 |
|
||||
| TLS 1.3 | 68,887.53 |
|
||||
| OpenVPN | 48,500.00 |
|
||||
| QubesOS | 48,500.00 |
|
||||
| Donation | 516.48 |
|
||||
| Nitrokey | 40,500.00 |
|
||||
| __Total__ | __221,904.01__ |
|
||||
|
||||
## 2020
|
||||
|
||||
In 2020, we agreed with OCaml Labs Consulting to work on maintenance of OCaml
|
||||
packages in the MirageOS ecosystem. This was a contract where at the end of the
|
||||
month, we reported on which PRs and issues we spent how much time. For us, this
|
||||
was great to have the freedom to work on which OCaml packages we were keen to
|
||||
get up to speed. In 2020, we received 45,000 € for this maintenance.
|
||||
|
||||
We finished the TLS 1.3 work (18,659.01 €)
|
||||
|
||||
We continued to work on the NetHSM project, and invoiced 55,500 €.
|
||||
|
||||
We received a total of 255 € in donations from sources unknown to us.
|
||||
|
||||
We applied at reset.tech again with DNSvizor, unfortunately without success.
|
||||
|
||||
We also applied at [NGI pointer](https://pointer.ngi.eu) to work on reproducible
|
||||
builds for MirageOS, and a web frontend. Here we got the grant of 200,000 €,
|
||||
which we worked on in 2021 and 2022.
|
||||
|
||||
| Project | Amount |
|
||||
|-----------|----------:|
|
||||
| OCLC | 45,000.00 |
|
||||
| TLS 1.3 | 18,659.01 |
|
||||
| Nitrokey | 55,500.00 |
|
||||
| Donations | 255.00 |
|
||||
| __Total__ | __119,414.01__ |
|
||||
|
||||
## 2021
|
||||
|
||||
As outlined, we worked on reproducible builds of unikernels - rethinking the way
|
||||
how a unikernel is configured: no more compiled-in secrets, but instead using
|
||||
boot parameters. We setup the infrastructure for doing daily reproducible
|
||||
builds, serving system packages via a package repository, and a
|
||||
[web frontend](https://builds.robur.coop) hosting the reproducible builds.
|
||||
We received in total 120,000 € from NGI Pointer in 2021.
|
||||
|
||||
Our work on NetHSM continued, including the introduction of elliptic curves
|
||||
in mirage-crypto (using [fiat](https://github.com/mit-plv/fiat-crypto/)). The
|
||||
invoices to Nitrokey summed up to 26,000 € in 2021.
|
||||
|
||||
We developed in a short timeframe two packages, [u2f](https://github.com/robur-coop/u2f)
|
||||
and later [webauthn](https://git.robur.coop/robur/webauthn) for Skolem Labs based
|
||||
on [gift economy](https://en.wikipedia.org/wiki/Gift_economy). This resulted in
|
||||
donations of 18,976 €.
|
||||
|
||||
We agreed with [OCSF](https://ocaml-sf.org/) to work on
|
||||
[conex](https://github.com/hannesm/conex), which we have not delivered yet
|
||||
(lots of other things had to be cleared first: we did a security review of opam
|
||||
(leading to [a security advisory](https://opam.ocaml.org/blog/opam-2-1-5-local-cache/)),
|
||||
we got rid of [`extra-files`](https://discuss.ocaml.org/t/ann-opam-repository-policy-change-checksums-no-md5-and-no-extra-files)
|
||||
in the opam-repository, and we [removed the weak hash md5](https://discuss.ocaml.org/t/ann-opam-repository-policy-change-checksums-no-md5-and-no-extra-files)
|
||||
from the opam-repository.
|
||||
|
||||
| Customer | Amount |
|
||||
|-------------|----------:|
|
||||
| NGI Pointer | 120,000.00 |
|
||||
| Nitrokey | 26,000.00 |
|
||||
| Skolem | 18,976.00 |
|
||||
| __Total__ | __164,976.00__ |
|
||||
|
||||
## 2022
|
||||
|
||||
We finished our NGI pointer project, and received another 80,000 €.
|
||||
|
||||
We also did some minor maintenance for Nitrokey, and invoiced 4,500 €.
|
||||
|
||||
For Tarides, we started another maintaining MirageOS packages (and continuing
|
||||
[our TCP/IP stack](https://github.com/robur-coop/utcp)), and invoiced in
|
||||
total 22,500 €.
|
||||
|
||||
A grant application for [bob](https://github.com/dinosaure/bob/) was rejected,
|
||||
but a grant application for [MirageVPN](https://github.com/robur-coop/miragevpn)
|
||||
got accepted. Both at NLnet within the EU NGI project.
|
||||
|
||||
| Project | Amount |
|
||||
|-------------|---------:|
|
||||
| NGI Pointer | 80,000.00 |
|
||||
| Nitrokey | 4,500.00 |
|
||||
| Tarides | 22,500.00 |
|
||||
| __Total__ | __107,000.00__ |
|
||||
|
||||
## 2023
|
||||
|
||||
We finished the NetHSM project, and had a final invoice over 2,500 €.
|
||||
|
||||
We started a collaboration for [semgrep](https://semgrep.dev), porting some of
|
||||
their Python code to OCaml. We received in total 37,500 €.
|
||||
|
||||
We continued the MirageOS opam package maintenance and invoiced in total
|
||||
89,250 € to Tarides.
|
||||
|
||||
A grant application on [MirageVPN](https://nlnet.nl/project/MirageVPN/) got
|
||||
accepted (NGI Assure), and we received in total 12,000 € for our work on it.
|
||||
This is a continuation of our 2019 work funded by Prototypefund.
|
||||
|
||||
We also wrote various funding applications, including one for
|
||||
[DNSvizor](https://github.com/robur-coop/dnsvizor) that was
|
||||
[accepted](https://nlnet.nl/project/DNSvizor/) (NGI0 Entrust).
|
||||
|
||||
| Customer | Amount |
|
||||
|-----------|---------:|
|
||||
| Nitrokey | 2,500.00 |
|
||||
| semgrep | 37,500.00 |
|
||||
| Tarides | 89,250.00 |
|
||||
| MirageVPN | 12,000.00 |
|
||||
| __Total__ | __141,250.00__ |
|
||||
|
||||
## 2024
|
||||
|
||||
We're still in the middle of it, but so far we continued the Tarides maintenance
|
||||
contract (54,937.50 €).
|
||||
|
||||
We also finished the MirageVPN work, and received another 45,000 €.
|
||||
|
||||
We had a contract with Semgrep again on porting Python code to OCaml and received 18,559.40 €.
|
||||
|
||||
We again worked on several successful funding applications, one on
|
||||
[PTT](https://nlnet.nl/project/PTT/) (NGI Zero Core), a continuation of the
|
||||
[NGI DAPSI](https://www.ngi.eu/funded_solution/ngi-dapsiproject-24/) project -
|
||||
now realizing mailing lists with our SMTP stack.
|
||||
|
||||
We also got [MTE](https://nlnet.nl/project/MTE/) (NGI Taler) accepted.
|
||||
|
||||
The below table is until end of September 2024.
|
||||
|
||||
| Project | Amount |
|
||||
|-----------|----------:|
|
||||
| Semgrep | 18,559.40 |
|
||||
| Tarides | 62,812.50 |
|
||||
| MirageVPN | 45,000.00 |
|
||||
| __Total__ | __126,371.90__ |
|
||||
|
||||
## Total
|
||||
|
||||
In a single table, here's our income since robur started.
|
||||
|
||||
| Year | Amount |
|
||||
|-------|-----------:|
|
||||
| 2018 | 140,036.62 |
|
||||
| 2019 | 221,904.01 |
|
||||
| 2020 | 119,414.01 |
|
||||
| 2021 | 164,976.00 |
|
||||
| 2022 | 107,000.00 |
|
||||
| 2023 | 141,250.00 |
|
||||
| 2024 | 126,371.90 |
|
||||
| __Total__ | __1,020,952.54__ |
|
||||
|
||||
![Plot of above income table](../images/finances.png)
|
||||
|
||||
As you can spot, it varies quite a bit. In some years we have fewer money
|
||||
available than in other years.
|
||||
|
||||
## Expenses
|
||||
|
||||
As mentioned, the non-profit company [Änderwerk](https://aenderwerk.de) running
|
||||
the bookkeeping and legal stuff (invoices, tax statements, contracts, etc.) gets
|
||||
a cut on each income we produce. They are doing amazing work and are very
|
||||
quick responding to our queries.
|
||||
|
||||
We spend most of our income on salary. Some money we spend on travel. We also
|
||||
pay monthly for our server (plus some extra for hardware, and in June 2024 a
|
||||
huge amount for trying to recover data from failed SSDs).
|
||||
|
||||
## Conclusion
|
||||
|
||||
We have provided an overview of our income, we were three to five people working
|
||||
at robur over the entire time. As written at the beginning, we use needs-based
|
||||
payment. Our experience with this is great! It provides a lot of trust into each
|
||||
other.
|
||||
|
||||
Our funding is diverse from multiple sources - donations, commercial work,
|
||||
public funding. This was our initial goal, and we're very happy that it works
|
||||
fine over the last five years.
|
||||
|
||||
Taking the numbers into account, we are not paying ourselves "industry standard"
|
||||
rates - but we really love what we do - and sometimes we just take some time off.
|
||||
We do work on various projects that we really really enjoy - but where (at the
|
||||
moment) no funding is available for.
|
||||
|
||||
We are always happy to discuss how our collective operates. If you're
|
||||
interested, please drop us a message.
|
||||
|
||||
Of course, if we receive donations, we use them wisely - mainly for working on
|
||||
the currently not funded projects (bob, albatross, miou, mollymawk - to name a few). If you
|
||||
can spare a dime or two, don't hesitate to [donate](https://robur.coop/Donate).
|
||||
Donations are tax-deductable in Germany (and should be in Europe) since we're a
|
||||
registered non-profit.
|
||||
|
||||
If you're interested in MirageOS and using it in your domain, don't hesitate
|
||||
to reach out to us (via eMail: team@robur.coop) so we can start to chat - we're keen to deploy MirageOS
|
||||
and find more domains where it is useful.
|
|
@ -93,6 +93,6 @@ As a spoiler, for P-256 sign there's another improvement of around 4.5 with [Vir
|
|||
|
||||
Remove all cstruct, everywhere, apart from in mirage-block-xen and mirage-net-xen ;). It was a fine decision in the early MirageOS days, but from a performance point of view, and for making our packages more broadly usable without many dependencies, it is time to remove cstruct. Earlier this year we already [removed cstruct from ocaml-tar](https://github.com/mirage/ocaml-tar/pull/137) for similar reasons.
|
||||
|
||||
Our MirageOS work is only partially funded, we cross-fund our work by commercial contracts and public (EU) funding. We are part of a non-profit company, you can make a (tax-deducable - at least in the EU) [donation](https://aenderwerk.de/donate/) (select "DONATION robur" in the dropdown menu).
|
||||
Our MirageOS work is only partially funded, we cross-fund our work by commercial contracts and public (EU) funding. We are part of a non-profit company, you can make a (tax-deductable - at least in the EU) [donation](https://aenderwerk.de/donate/) (select "DONATION robur" in the dropdown menu).
|
||||
|
||||
We're keen to get MirageOS deployed in production - if you would like to do that, don't hesitate to reach out to us via eMail team at robur.coop
|
||||
|
|
BIN
images/finances.png
Normal file
BIN
images/finances.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 6.3 KiB |
Loading…
Reference in a new issue