So far, I haven't seen a realistic proposition for OSI opensource projects to get fairly compensated or protected from leechers like mega-corps. If you're some widely used project without marketing like xz, then nobody cares about financing you until something big happens. I'll just make a post asking what people realistically expect should be done, because it does pique my interest now.