When we covered the original OrcaSlicer controversy and then the PR crisis that followed — the GamersNexus post, the $20,000 legal defence fund, Louis Rossmann’s involvement — I said this issue was not going away. That was an understatement. In the weeks since those posts, the situation has escalated from a community PR crisis into a formal legal investigation by one of the most respected open-source rights organisations in the world. Bambu Lab is now under formal investigation by the Software Freedom Conservancy for not one but two confirmed violations of the AGPLv3 licence. The company that built its business on open-source software has been found, by a credible independent authority, to be in breach of the licence it was required to follow as a condition of using that software.
This is not making Bambu Lab look bad. This is making Bambu Lab look very bad. And the organisation now leading the charge against them has a documented track record of taking hardware manufacturers to court over exactly this kind of violation and winning.
Who the Software Freedom Conservancy is and why it matters
The Software Freedom Conservancy (SFC) is a US-based non-profit organisation dedicated to the legal protection of free and open-source software licences. It is not a community forum or a YouTube channel. It is a legal organisation with a staff of lawyers and technical experts, a history of formal enforcement actions against hardware manufacturers, and the institutional credibility to follow through on licence violations in court. It has previously pursued enforcement actions against companies including Best Buy, Samsung, and various embedded Linux device manufacturers for GPL violations. When the SFC opens an investigation and confirms violations, it is the kind of statement that has legal weight, not just community significance.
SFC staff began a comprehensive AGPLv3 compliance investigation of both the userspace software and firmware on Bambu’s devices. This investigation was triggered by the OrcaSlicer situation — by Bambu’s legal threats against Paweł Jarczak — but it was not limited to that specific incident. The SFC conducted a thorough review of Bambu Studio and its networking components. What they found went considerably beyond the Jarczak dispute.
The two confirmed violations
Violation one: libbambu_networking — the one that predates Jarczak entirely
The first violation has nothing to do with the OrcaSlicer fork. It predates the Jarczak situation by years and would have been a violation regardless of whether he ever wrote a line of code. Bambu has distributed a proprietary networking library, libbambu_networking, alongside Bambu Studio for years without releasing its source code, which SFC says breaches the licence’s requirement to provide a complete corresponding source.
The chain of licence obligation is important to follow. Bambu Studio is a fork of PrusaSlicer. PrusaSlicer is licenced under AGPLv3. When Bambu forked PrusaSlicer to create Bambu Studio, they took on the AGPLv3 obligations of that codebase as a legal condition of use. The AGPLv3 requires that anyone who distributes a modified version of an AGPLv3-licenced program must make the complete corresponding source code available — not just the parts they modified, but the complete corresponding source of the full distributed program including any libraries that form part of the whole.
While some source code for Bambu Studio can be found on Bambu’s GitHub organisational account, Bambu in effect admits publicly that they have violated the AGPLv3 by combining Bambu Studio with a proprietary library. The proprietary library is libbambu_networking — the component that handles Bambu’s cloud communication, device authentication, and the API that OrcaSlicer users have been trying to access. Bambu kept this component proprietary while distributing the whole software stack as a product, which the AGPLv3 explicitly does not permit. Bambu does not provide the complete, Corresponding Source Code for their slicer software.
The significance of this violation in the context of the entire controversy is profound. Bambu’s legal threats against Jarczak were premised on the argument that their proprietary networking system was legitimate intellectual property that Jarczak was improperly bypassing. But if the networking library was required to be open-sourced as a condition of using the AGPL-licenced codebase it was bundled with, then Bambu’s claim of proprietary protection over it was built on a licence breach. They were enforcing secrecy over code they were legally required to release.
Violation two: the legal threats against Jarczak themselves
The second violation is the cease-and-desist against Jarczak. According to the SFC, Bambu Lab’s legal scare tactics effectively restrict Jarczak’s legal rights under the AGPLv3: “Bambu demanded that Paweł remove the fork of OrcaSlicer with these changes from GitHub. Bambu falsely claims that their terms of service override the AGPLv3 (along with other specious claims). Bambu’s scare tactics against Paweł constitute a violation of AGPLv3 which has a sub-clause stating: ‘You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License.'”
The AGPLv3 clause is explicit and unconditional: you cannot impose additional restrictions on the rights the licence grants. The rights the AGPLv3 grants include the right to fork, modify, and distribute the software. Bambu used legal threats to pressure a developer into removing a fork that he had a legal right to create and maintain under the very licence that governs the software it was based on. The SFC’s position is that this constitutes a direct violation of the licence’s anti-restriction clause. Bambu’s terms of service, which they claimed override the licence, do not and legally cannot override the AGPLv3. The SFC clearly stated that Bambu Lab’s restrictions violate AGPLv3 because the copyleft licence does not permit additional limitations on user freedoms.
The baltobu project and the $250,007 fundraiser
The SFC has not stopped at a statement. They have launched a funded project called baltobu — named as a play on “Bambu” — with a specific technical and legal mandate: SFC has launched a project called baltobu to reverse-engineer the networking library, maintain Jarczak’s OrcaSlicer fork, and develop a replacement fork of Bambu Studio. Jarczak has joined as a collaborator. SFC has opened a $250,007 fundraiser to fund long-term staff on the effort, with over $60,000 raised at time of publication.
The fundraiser target of $250,007 is not a round number by accident — it is $250,000 for the work, plus $7 as a symbolic reference to the AGPL version 3, Section 7 (the anti-restriction clause). It is the kind of detail that signals how seriously the SFC is treating this and how deliberately they have framed their campaign.
The baltobu project has three goals that together represent a complete strategy for making Bambu’s proprietary networking layer irrelevant over time. Reverse-engineering the networking library removes the technical barrier that Bambu built. Maintaining the OrcaSlicer fork ensures the community tool that restored direct printing remains available. And developing a replacement fork of Bambu Studio creates a path to a fully open-source alternative to Bambu’s own slicer — one that Bambu cannot threaten developers over because it would not depend on Bambu’s proprietary code.
Details on this committee will be forthcoming in June 2026. Generally speaking, this committee will bring together 3D printer manufacturers, users, consumers, copyleft licensing experts, and software freedom activists to meet monthly to communicate about any new issues or concerns that arise regarding the software right to repair for 3D printers. Paweł Jarczak is already confirmed as the first volunteer. The committee is explicitly scoped to the 3D printing industry broadly — not just Bambu — which suggests the SFC sees Bambu as the first battleground in a wider campaign for open-source compliance across the 3D printing sector.
Bambu backtracks — but how much?
There is one development that suggests Bambu has understood the gravity of the SFC investigation even if they have not formally acknowledged the violations: Bambu Lab has backed down from legal pressure against developer Paweł Jarczak after the Software Freedom Conservancy accused the company of violating the AGPLv3 license governing Bambu Studio and its PrusaSlicer-derived codebase. The legal pressure that caused Jarczak to take down his fork has been withdrawn. He is now a collaborator on the SFC’s baltobu project and is no longer operating under threat of legal action from Bambu.
Whether this constitutes a meaningful change in Bambu’s direction or a tactical retreat to avoid making the legal situation worse is the question worth asking. Backing away from the Jarczak situation does not address the underlying libbambu_networking violation, which has been in place for years and is the more fundamental of the two confirmed breaches. The SFC’s investigation is ongoing and the second violation — the networking library — has not been remedied by Bambu releasing the source code. Until that happens, Bambu Studio remains in breach of the licence it is obligated to comply with.
What this means practically for Bambu users
I keep the same position I have held throughout this coverage: the A1 is a good printer and Bambu Studio is a capable slicer. Using the machine and the software I already have does not change because of a licence dispute. But the trajectory matters and it is now worse than it was six weeks ago when we first covered this story.
Bambu is now facing a formal investigation from an organisation with the legal infrastructure to pursue this to court if required. The investigation is ongoing and is explicitly covering both the userspace software and firmware on Bambu’s devices — meaning it is possible further violations will be identified beyond the two already confirmed. The baltobu project is funded and staffed to replace the proprietary component at the centre of the dispute. And the community narrative has shifted from “Bambu had a PR problem” to “Bambu may have a legal problem” — a significantly different position.
The practical implication for anyone considering buying into the Bambu ecosystem for the first time: this situation adds uncertainty to the software side of the ownership experience that was not present two years ago. Bambu hardware remains good. The question of what their software and cloud services look like in two years — post-SFC investigation, post-baltobu project, post whatever licence compliance remedies the SFC ultimately demands — is genuinely open in a way it was not before.
The OrcaSlicer 2.4.0 Alpha — covered in our previous post — adds further context here. The baltobu project’s goal of maintaining Jarczak’s fork and developing a Bambu Studio replacement feeds directly into OrcaSlicer’s growing independence from Bambu’s closed networking stack. The two developments — SFC’s formal investigation and OrcaSlicer’s Kobra X support — are happening simultaneously. The open-source ecosystem is actively developing the tools to operate Bambu hardware without dependence on Bambu’s proprietary software layer. Whether users ever need to use those tools depends on how Bambu responds to the SFC’s findings.
The path out of this for Bambu
There is a straightforward path out of this situation and the SFC has been explicit about what it looks like. Release the source code for libbambu_networking as required by the AGPLv3. Publish a clear, stable, authenticated API for third-party slicer access that does not require middleware restrictions. Formally withdraw the legal position that Bambu’s terms of service override the AGPLv3. Engage constructively with the SFC’s 3D printer right-to-repair committee when it launches in June 2026.
None of these steps require Bambu to abandon their business model or their cloud infrastructure. They require Bambu to operate within the licence terms they agreed to when they forked PrusaSlicer. The AGPL is not an obscure or unusual licence — it is one of the most commonly used open-source licences in existence and its obligations are well understood. Bambu chose to build on AGPL-licenced code. The obligations that come with that choice are not a surprise.
The longer this situation continues unresolved, the more the community’s goodwill erodes and the more the legal exposure accumulates. Bambu has good products. Fixing this is less difficult than the public posture has suggested. The question is whether the company’s leadership understands the cost of continuing to ignore it.
This post will be updated as the SFC investigation develops. The full SFC statement is at sfconservancy.org. The baltobu fundraiser is live at the same address if you want to support the work. The 3D Printing Industry’s coverage is at 3dprintingindustry.com.
