initial
This commit is contained in:
parent
3deddd702f
commit
843b7a887f
1 changed files with 280 additions and 0 deletions
280
articles/finances.md
Normal file
280
articles/finances.md
Normal file
|
@ -0,0 +1,280 @@
|
|||
---
|
||||
date: 2024-08-26
|
||||
article.title: What has robur been doing and how since 2018?
|
||||
article.description:
|
||||
tags:
|
||||
- finances
|
||||
- cooperative
|
||||
author:
|
||||
name: Hannes Mehnert
|
||||
email: hannes@mehnert.org
|
||||
link: https://hannes.robur.coop
|
||||
---
|
||||
|
||||
Since the beginning, robur has been working on MirageOS unikernels and getting
|
||||
them deployed. Due to our experience in hierarchical companies, we wanted to
|
||||
create something different - a workplace without bosses and management. Instead,
|
||||
we are a collective where everybody has a say on what we do, and who gets how
|
||||
much money at the end of the month. This means nobody has to write report and
|
||||
meet any goals - there's no KPI involved. We strive to be a bunch of people
|
||||
working together nicely and projects that we own and want to bring forward. If
|
||||
we discover lack of funding, we reach out to (potential) customers to fill our
|
||||
cash register. Or reach out to people to donate money.
|
||||
|
||||
Since our mission is fulfilling and already complex - organising ourselves in a
|
||||
hierarchy-free environment, including the payment, and work on software in a
|
||||
niche market - we decided from the early days that bookeeping and invoicing
|
||||
should not be part of our collective. Especially since we want to be free in
|
||||
what kind of funding we accept - donations, commercial contracts, public
|
||||
funding. In the books, robur is part of a non-profit company in Germany - and
|
||||
friends of ours run that company. They get a cut on each income we generate.
|
||||
|
||||
To be inclusive and enable everyone to participate in decisions, we are 100%
|
||||
transparent in our books - every collective member has access to the financial
|
||||
spreadsheets, contracts, etc. We use a needs-based payment model, so we talk
|
||||
about the needs everyone has on a regular basis and adjust the salary, everyone
|
||||
agreeing to all the numbers.
|
||||
|
||||
## 2018
|
||||
|
||||
We started operations in 2018. In late 2017, we got donations (in the form of
|
||||
bitcoins) by friends who were convinced of our mission. This was 54194.91 EUR.
|
||||
So, in 2018 we started with that money, and tried to find a mission, and
|
||||
generate income to sustain our salaries.
|
||||
|
||||
Also, already in 2017, we applied for funding from
|
||||
[Prototypefund](https://prototypefund.de) on a [CalDAV server](https://prototypefund.de/project/robur-io/),
|
||||
and we received the grant in early 2018. This was another 48500 EUR, paid to
|
||||
individuals (due to reasons, Prototype fund can't cash out to the non-profit -
|
||||
this put us into some struggle, since we needed some double bookkeeping and
|
||||
individuals had to dig into health care etc.).
|
||||
|
||||
We also did in the second half of 2018 a security audit for
|
||||
[Least Authority](https://leastauthority.com/blog/audits/five-security-audits-for-the-tezos-foundation/)
|
||||
(invoicing 19600 EUR).
|
||||
|
||||
And later in 2018 we started on what is now called NetHSM with an initial
|
||||
design workshop (5000 EUR).
|
||||
|
||||
And lastly, we started to work on [TLS 1.3](https://datatracker.ietf.org/doc/html/rfc8446)
|
||||
funded by Jane Street via OCaml Labs Consulting. In 2018, we received 12741.71 EUR
|
||||
|
||||
We applied at NLNet for improving the QubesOS firewall developed in MirageOS
|
||||
(without success), tried to get the IT security prize in Germany (without
|
||||
success), and to DIAL OSC (without success).
|
||||
|
||||
| Project | Amount |
|
||||
|-----------------|----------:|
|
||||
| Donation | 54194.91 |
|
||||
| Prototypefund | 48500.00 |
|
||||
| Least Authority | 19600.00 |
|
||||
| TLS 1.3 | 12741.71 |
|
||||
| Nitrokey | 5000.00 |
|
||||
|-----------------|-----------|
|
||||
| Total | 140036.62 |
|
||||
|
||||
|
||||
## 2019
|
||||
|
||||
We were keen to finish the CalDAV implementation (and start a CardDAV
|
||||
implementation), and received some financial support from Tarides for it
|
||||
(15000 EUR).
|
||||
|
||||
The TLS 1.3 work continued, we got in total 68887.53 EUR.
|
||||
|
||||
We also applied to (and got funding from) Prototypefund, once with an [OpenVPN-compatible
|
||||
MirageOS unikernel](https://prototypefund.de/en/project/robust-openvpn-client-with-low-use-of-resources/),
|
||||
and once with [improving the QubesOS firewall developed as MirageOS unikernel](https://prototypefund.de/project/portable-firewall-fuer-qubesos/).
|
||||
This means again twice 48500 EUR.
|
||||
|
||||
We also started the implementation work of NetHSM - which still included a lot
|
||||
of design work - in total the contract was over 82500 EUR. In 2019, we invoiced
|
||||
Nitrokey in 2019 in total 40500 EUR.
|
||||
|
||||
We also received a total of 516.48 EUR as donations from source unknown to us.
|
||||
|
||||
We also applied to NLnet with [DNSvizor](https://nlnet.nl/project/Robur/), and
|
||||
got a grant, but due to buerocratic reasons they couldn't transfer the money to
|
||||
our non-profit, and we didn't get any money in the end.
|
||||
|
||||
| Project | Amount |
|
||||
|----------|----------:|
|
||||
| CardDAV | 15000.00 |
|
||||
| TLS 1.3 | 68887.53 |
|
||||
| OpenVPN | 48500.00 |
|
||||
| QubesOS | 48500.00 |
|
||||
| Donation | 516.48 |
|
||||
| Nitrokey | 40500.00 |
|
||||
|----------|-----------|
|
||||
| Total | 221904.01 |
|
||||
|
||||
## 2020
|
||||
|
||||
In 2020, we agreed with OCaml Labs Consulting to work on maintenance of OCaml
|
||||
packages in the MirageOS ecosystem. This was a contract where at the end of the
|
||||
month, we reported on which PRs and issues we spent how much time. For us, this
|
||||
was great to have the freedom to work on which OCaml packages we were keen to
|
||||
get up to speed. In 2020, we received 45000 EUR for this maintenance.
|
||||
|
||||
We finished the TLS 1.3 work (18659.01 EUR)
|
||||
|
||||
We continued to work on the NetHSM project, and invoiced 55500 EUR.
|
||||
|
||||
We received a total of 255 EUR in donations from sources unknown to us.
|
||||
|
||||
We applied at reset.tech again with DNSvizor, unfortunately without success.
|
||||
|
||||
We also applied at [NGI pointer](https://pointer.ngi.eu) to work on reproducible
|
||||
builds for MirageOS, and a web frontend. Here we got the grant of 200000 EUR,
|
||||
which we worked on in 2021 and 2022.
|
||||
|
||||
| Project | Amount |
|
||||
|-----------|----------:|
|
||||
| OCLC | 45000.00 |
|
||||
| TLS 1.3 | 18659.01 |
|
||||
| Nitrokey | 55500.00 |
|
||||
| Donations | 255.00 |
|
||||
|-----------|-----------|
|
||||
| Total | 119414.01 |
|
||||
|
||||
## 2021
|
||||
|
||||
As outlined, we worked on reproducible builds of unikernels - rethinking the way
|
||||
how a unikernel is configured: no more compiled-in secrets, but instead using
|
||||
boot parameters. We setup the infrastructure for doing daily reproducible
|
||||
builds, serving system packages via a package repository, and a
|
||||
[web frontend](https://builds.robur.coop) hosting the reproducible builds.
|
||||
We received in total 120000 EUR from NGI Pointer in 2021.
|
||||
|
||||
Our work on NetHSM continued, including the introduction of elliptic curves
|
||||
in mirage-crypto (using [fiat](https://github.com/mit-plv/fiat-crypto/)). The
|
||||
invoices to Nitrokey summed up to 26000 EUR in 2021.
|
||||
|
||||
We developed in a short timeframe two packages, [u2f](https://github.com/robur-coop/u2f)
|
||||
and later [webauthn](https://git.robur.coop/robur/webauthn) for Skolem Labs based
|
||||
on [gift economy](https://en.wikipedia.org/wiki/Gift_economy). This resulted in
|
||||
donations of 18976 EUR.
|
||||
|
||||
We agreed with [OCSF](https://ocaml-sf.org/) to work on
|
||||
[conex](https://github.com/hannesm/conex), which we have not delivered yet
|
||||
(lots of other things had to be cleared first: we did a security review of opam
|
||||
(leading to [a security advisory](https://opam.ocaml.org/blog/opam-2-1-5-local-cache/)),
|
||||
we got rid of [`extra-files`](https://discuss.ocaml.org/t/ann-opam-repository-policy-change-checksums-no-md5-and-no-extra-files)
|
||||
in the opam-repository, and we [removed the weak hash md5](https://discuss.ocaml.org/t/ann-opam-repository-policy-change-checksums-no-md5-and-no-extra-files)
|
||||
from the opam-repository.
|
||||
|
||||
| Customer | Amount |
|
||||
|-------------|----------:|
|
||||
| NGI Pointer | 120000.00 |
|
||||
| Nitrokey | 26000.00 |
|
||||
| Skolem | 18976.00 |
|
||||
|-------------|-----------|
|
||||
| Total | 164976.00 |
|
||||
|
||||
## 2022
|
||||
|
||||
We finished our NGI pointer project, and received another 80000 EUR.
|
||||
|
||||
We also did some minor maintenance for Nitrokey, and invoiced 4500 EUR.
|
||||
|
||||
For Tarides, we started another maintaining MirageOS packages (and continuing
|
||||
[our TCP/IP stack](https://github.com/robur-coop/utcp)), and invoiced in
|
||||
total 22500 EUR.
|
||||
|
||||
A grant application for [bob](https://github.com/dinosaure/bob/) was rejected,
|
||||
but a grant application for [MirageVPN](https://github.com/robur-coop/miragevpn)
|
||||
got accepted.
|
||||
|
||||
| Project | Amount |
|
||||
|-------------|---------:|
|
||||
| NGI Pointer | 80000.00 |
|
||||
| Nitrokey | 4500.00 |
|
||||
| Tarides | 22500.00 |
|
||||
|-------------|----------|
|
||||
| Total |107000.00 |
|
||||
|
||||
## 2023
|
||||
|
||||
We finished the NetHSM project, and had a final invoice over 2500 EUR.
|
||||
|
||||
We started a collaboration for [semgrep](https://semgrep.dev), porting some of
|
||||
their Python code to OCaml. We received in total 37500 EUR.
|
||||
|
||||
We continued the MirageOS opam package maintenance and invoiced in total
|
||||
89250 EUR to Tarides.
|
||||
|
||||
A grant application on [MirageVPN](https://nlnet.nl/project/MirageVPN/) got
|
||||
accepted (NGI Assure), and we received in total 12000 EUR for our work on it.
|
||||
This is a continuation of our 2019 work funded by Prototypefund.
|
||||
|
||||
We also wrote various funding applications, including one for
|
||||
[DNSvizor](https://github.com/robur-coop/dnsvizor) that was
|
||||
[accepted](https://nlnet.nl/project/DNSvizor/) (NGI0 Entrust).
|
||||
|
||||
| Customer | Amount |
|
||||
|-----------|---------:|
|
||||
| Nitrokey | 2500.00 |
|
||||
| semgrep | 37500.00 |
|
||||
| Tarides | 89250.00 |
|
||||
| MirageVPN | 12000.00 |
|
||||
|-----------|----------|
|
||||
| Total |141250.00 |
|
||||
|
||||
## 2024
|
||||
|
||||
We're still in the middle of it, but so far we continued the Tarides maintenance
|
||||
contract (54937.50 EUR).
|
||||
|
||||
We also finished the MirageVPN work, and received another 45000 EUR.
|
||||
|
||||
We had a small contract with Semgrep and received 18559.40 EUR.
|
||||
|
||||
We again worked on several successful funding applications, one on
|
||||
[PTT](https://nlnet.nl/project/PTT/) (NGI Zero Core), a continuation of the
|
||||
[NGI DAPSI](https://www.ngi.eu/funded_solution/ngi-dapsiproject-24/) project -
|
||||
now realizing mailing lists with our SMTP stack.
|
||||
|
||||
We also got [MTE](https://nlnet.nl/project/MTE/) (NGI Taler) accepted.
|
||||
|
||||
The below table is until end of August 2024.
|
||||
|
||||
| Project | Amount |
|
||||
|-----------|----------:|
|
||||
| Semgrep | 18559.40 |
|
||||
| Tarides | 54937.50 |
|
||||
| MirageVPN | 45000.00 |
|
||||
|-----------|-----------|
|
||||
| Total | 118496.90 |
|
||||
|
||||
## Total
|
||||
|
||||
In a single table, here's our income over the last 5 years.
|
||||
|
||||
| Year | Amount |
|
||||
|-------|-----------:|
|
||||
| 2018 | 140036.62 |
|
||||
| 2019 | 221904.01 |
|
||||
| 2020 | 119414.01 |
|
||||
| 2021 | 164976.00 |
|
||||
| 2022 | 107000.00 |
|
||||
| 2023 | 141250.00 |
|
||||
| 2024 | 118496.90 |
|
||||
|-------|------------|
|
||||
| Total | 1013077.50 |
|
||||
|
||||
As you can spot, it varies quite a bit. In some years we have fewer money
|
||||
available than in other years.
|
||||
|
||||
## Conclusion
|
||||
|
||||
We have provided an overview of our income, we were three to five people working
|
||||
at robur over the entire time. As written at the beginning, we use needs-based
|
||||
payment. Our experience with this is great! It provides a lot of trust into each
|
||||
other.
|
||||
|
||||
We are always happy to discuss how our collective operates. If you're
|
||||
interested, please drop us a message.
|
||||
|
||||
Of course, if we receive donations, we use them wisely - mainly for working on
|
||||
the currently not funded projects (bob, miou, mollymawk - to name a few). If you
|
||||
can spare a dime or two, don't hesitate to [donate](https://robur.coop/Donate).
|
Loading…
Reference in a new issue