Why did we choose the AGPL?

Raphaël 2024-09-04 strategy

Asfaload develops a solution to help secure and authenticate downloads from the internet.

We have decided to develop [Asfaload](https://www.asfaload.com) in the open, publishing our software under the AGPLv3 license. In this post, we will discuss the reasons why.

Smart contracts are meant to be used in a trustless way. This means that to use the Asfaload smart contracts, you should not have to trust us about its inner workings. You need to be able to verify the contract. This is done by sharing its source code under a license governing its use.

Choosing a license for a project is a big and important decision, impacting the way you publish your software, the possibility to accept outside contributions, as well as determining your revenue generation opportunities (this will be explored in an upcoming post).

We think that the value of our offering lies in the data managed by our smart contract. The more our solution is used, the more interesting it becomes. That’s why we decided to go for the AGPLv3, which, in short and with over-simplification, allows the use of the code for any purpose, as long as any modification done to it is also shared under the same license.

The approach of a “Delayed Open Source Publication” (DOSP), where software is initially published under a constraining license like the Business Software license but after a delay switches to an Open Source license, is chosen by some projects as a mean to keep a competitive advantage. We think this is covered by the AGPL license. Interestingly, a recent research paper by the Open Source Initiative seems to confirm this: 

proponents of each license [BSL,AGPL] often agreed that both licenses might,
in principle, address similar concerns about companies adopting an Open Source code
base [...] without rewarding its original developer either with money or with code contributions.

However, the proponents didn’t agree about which license better responds to this scenario; in at least some
cases, that may imply a more basic disagreement about values and whether Open Source
licensing is intrinsically preferable.

We think that using an OSI-approved license is beneficial compared to non-OSI licenses. And the general sense might be evolving in that direction, with the AGPL getting some more, well-deserved, attention. A recent example is Elastic using the AGPL after switching to a custom license a couple of years earlier.

If you are interested in the reasons of choosing the AGPL by another company, I can only recomment to read the post by ParadeDB on this subject.

With the license chosen, there are still interesting choices to be made regarding external contributions, but this will be the subject of a future post.