Presented by

  • Thomas Humphreys

    Thomas Humphreys
    @thomphreys
    https://thomphreys.com

    Thomas Humphreys is on the funding coordination team at the Ethereum Foundation, where he works on new mechanisms for sustainable digital public goods funding and expanding the top of funnel for open source infrastructure. His background spans quantitative engineering at a digital asset hedge fund, security focused work on onchain behaviour, and founding roles in identity and payments.

    He co-founded Everyname, a web3 identity startup focused on interoperability across protocols, and later founded Monetic, the first onchain neo banking startup building stablecoin based payment rails for merchants and consumers. Across these roles he has worked directly with smart contract risk, identity fragmentation and payment infrastructure at scale, which now informs his work on embedded funding mechanisms and organizational models for resilient public infrastructure.

Abstract

The XZ Utils backdoor in March 2024 caught a maintainer takeover that had been in progress for two years. The attacker had positioned himself as a trusted contributor to a compression library running inside billions of SSH connections. He was caught because a Microsoft engineer noticed a half-second slowdown on a test machine. The original maintainer of the library was a single volunteer who had publicly written about burnout months earlier.

XZ is the visible end of a wider pattern. Most of the open source software that the internet runs on is maintained by people who are not paid for the work, or whose paid work is supported by employers whose priorities do not include the upstream project. Existing funding models do not fix this as grants are episodic and corporate sponsorship comes with risk of capture. Each model has supported good work, none has produced sustainable funding that respects what maintainers actually want to spend their time on.

This talk introduces a financial instrument designed to address this gap: an allocator commits capital to a vehicle that streams funding to a maintainer against milestones while a small fraction of the revenue generated by transactions that use the maintained software flows back to the vehicle. Principal is recovered over time while the maintainer continues to be funded after recovery completes.

Most of the talk is about the design constraints that determine whether such an instrument produces sustainable funding or produces capture. Four principles matter most: (1) requiring multiple allocators per instrument so that no single funder has decisive influence over which maintainers get prioritised. (2) separating the actors who curate the maintainer basket from the actors who operate the disbursement mechanism. (3) building mechanism diversity rather than a single canonical wrapper. (4) sunsetting curator and allocator authority on a defined schedule so that no governance position calcifies.

The session is for maintainers and contributors who have thought about funding and found existing models inadequate. The argument is that maintainers can take structured funding without giving up the autonomy that makes their work valuable, but only if the design constraints above are treated as load-bearing rather than optional. Q&A welcomes pushback on whether the constraints are sufficient.