Recently, quite a shocking incident occurred in the 3D printer landscape, so I have summarized the details.
On May 21, 2026, The Verge senior editor Sean Hollister published an article with this title.
The Verge‘Fuck you, Bambu’: How one private message could change the face of 3D printingThousands are daring Bambu to take legal action.https://www.theverge.com/tech/931532/bambu-agpl-pawel-jarczak-open-source-threat-dmca-github'Fuck you, Bambu': How one private message could change the face of 3D printing
It started with Bambu Lab, a 3D printer company with $1B in revenue, sending a Reddit DM to a single individual developer. That single message sparked a full-scale war across the global open-source community, drawing the attention of the entire industry as it climbed to the #2 spot on The Verge's popular articles list.
With the Software Freedom Conservancy (SFC), Louis Rossmann, GamersNexus, and Jeff Geerling joining in, this incident has escalated from a simple corporate dispute into a problem affecting the entire open-source ecosystem.
What Happened
The incident began on April 22, 2026. Bambu Lab sent a Reddit private message to OrcaSlicer contributor Pawel Jarczak. At first, the tone was polite. It stated, 'Due to upcoming changes, your code may not work, so please remove the current connection method.'
Real conversation between Sambug Labs and Pawel
https://www.documentcloud.org/documents/28135134-bambu-lab-communications-with-pawel-jarczak/
Here is the communication content disclosed by Jarczak:
Jarczak initially agreed to the deletion. However, he requested official acknowledgment of the security vulnerability he discovered and compensation for the H2D printer, which Bambu Lab rejected. Since then, Bambu Lab's tone of message has changed. They informed him that a Cease and Desist (C&D) letter was already prepared and mentioned DMCA Section 1201 (a provision applicable to digital unlocking, which can carry a maximum prison sentence of 10 years) .
Ultimately, Jarczak voluntarily released the code. However, by posting the public note together, the situation exploded as it became known to the community.
https://github.com/jarczakpawel/OrcaSlicer-bambulab
At first glance, it may appear that a Sambug Labs user received a warning for infringing on Sambug Labs' rights, but the user actually demanded compensation for revealing a security vulnerability, and while Sambug Labs may have used legal action as a weapon to issue the warning and the user complied and announced it, the issue is actually quite complex.
Among the sentences revealed in the communication just above, they mention US federal law as if they are infringing on Sambug's authority.
Unfortunately, this implementation bypasses those security measures of Bambu Cloud Service and other software, which directly violates our Terms of Use. We cannot support or allow it - this being the reason why we kindly ask you to remove it. We invite you to read the Terms of Use available here: (https://bambulab.com/en/policies/terms) Specifically, sections 3.4 and 3.5. We also invite you to check out the 17 U.S. Code § 1201(https://www.law.cornell.edu/uscode/text/17/1201) The fork you have made is used in a deceptive way and acts like Bambu Studio in order to directly connect to the Bambu Cloud. The connection has been reverse engineered, and re-distributed publicly in GitHub, with multiple links across various sub-Reddits. If you think this is incorrect, please share your email address, as our legal team has prepared a cease and desist letter and would want send it officially.
Here, Title 17 of the United States Code, Section 1201, is the part of the US Copyright Law (DMCA) that we commonly understand as the Digital Millennium Copyright Act, and it is a story about how copyright holders can take legal action through the DMCA.
To understand this incident, the timeline is as follows.
Date | Event |
|---|---|
2022 | Bambu Lab develops Bambu Studio as a fork of PrusaSlicer — dominates the market on the back of the open-source ecosystem |
2024.01 | Bambu officially admits in the official blog that it “chose the Apple approach” |
Late 2024 | Introduction of Bambu Connect — mandatory cloud authentication, start of third-party slicer blocking |
2026.04.22 | Bambu Lab sends Jarczak a Reddit DM — request to delete code |
2026.04~05 | Notice of preparing a C&D, pressure escalates with mention of DMCA Section 1201 |
Early 2026.05 | Jarczak voluntarily deletes the code + posts a public note → community explodes |
2026.05.18 | SFC officially confirms two AGPL violations |
2026.05.21 | The Verge publishes a major article — spreads worldwide |
Community and Famous YouTubers' Reactions
When the incident was made public, the open source community and famous figures reacted quickly.
Louis Rossmann, the YouTuber well known for the Right to Repair movement, has declared support for $10,000 in legal costs. That wasn't the end of it. He publicly provoked by directly hosting the problematic fork code on his own server (FULU Foundation).
"You bought it, you owned it, and you should not have to deal with any of this type of legal crap for simply making something that allows people to use what they want to use in the way that they wanted to." — Louis Rossmann
Hardware review channel GamersNexus also promised $10,000 support and completely canceled its $150,000 Bambu equipment purchase plan underway. Jeff Geerling also joined the funding by declaring, "I will never buy Bambu products again."
From a legal standpoint, the Software Freedom Conservancy (SFC) was the most active. The SFC officially confirmed that Bambu Studio violated AGPL-3.0 and, with a fundraising goal of $250,000, began directly hosting a project to reverse engineer Bambu code. Bradley Kühn, the creator of the 'A' in AGPL, said this.
"They're bad actors, straight-up, and the community should do whatever we can." — Bradley Kühn (SFC)
An open letter has also been posted on the Bambu Lab official forum.
"Pushing users onto the cloud for 'security' is doublespeak. We know it, they know it."
PC Gamer summarized this situation in a single headline.
'Bambu Labs, go f*** yourself': 3D printing company currently under fire
Even Their Own Fans Turn Their Backs — Bambu Lab Official Forum Reaction
Criticism from the external community could be dismissed as 'the usual reaction from anti-fans.' However, what is noteworthy in this incident is that the same voices are emerging even among customers who actually purchased and use the product, such as the Bambu Lab official forum.
https://forum.bambulab.com/t/orca-slicer-or-die/135872/603
The 'Orca Slicer or Die' thread has spanned over 20 pages, and it contains statements like these.
"My concern with what Bambu is doing is not because it will dramatically affect me, but because of the trajectory it indicates for the company. Therefore, I will not be buying any more Bambu products until they reverse course."
"Prices have been fair, but BL has failed at the second condition in a spectacular fashion."
The Open Letter thread also featured more direct expressions.
"Pushing users onto the cloud for 'security' is doublespeak. We know it, they know it."
"It is time to let go of your current approach — even if you feel you are right. It is not possible at this point to convince customers of your rightness."
Of course, there are a few voices advocating for the company's position. However, there were also massive rebuttals to those comments. Based on my impression, the forum atmosphere is about 70% critical, 20% neutral, and 10% supportive.
There is one more point to address here. According to Fabbaloo's analysis, the fundamental reason OrcaSlicer was able to connect to Bambu printers was that Bambu Lab's own cloud security design was flawed.
"Initially, OrcaSlicer could connect to the printers in the same way as BambuStudio. However, this was only because Bambu Lab had a poor security architecture for their cloud network." — Fabbaloo
In other words, it is criticized for shifting the blame to developers and users despite the root cause of the security issue lying in its own design flaws. In a situation where even its own fans are turning their backs on it, this logic is losing even more persuasiveness.
An Empire Built on Open Source
Bambu Lab is a Chinese Shenzhen-based 3D printer company founded in late 2020 by former DJI engineers. It shook the market with the launch of the X1 Carbon in 2022, and its current estimated revenue is around $1B.
The Prusa Slicer that became the foundation of Sambug Studio
However, the foundation of this growth was the open-source ecosystem. Bambu Studio is a software forked from PrusaSlicer, developed by Josef Prusa, and PrusaSlicer is in turn a fork of Slic3r, which originated from the RepRap project. Bambu Lab itself acknowledged this.
"Bambu Lab is a newcomer in 3D printing; we started our R&D work by diving into the rich heritage accumulated by all the available open projects and standardized parts." — Bambu Lab Official Blog (2025.12)
RepRap(2007) was an open-source project designed to allow 3D printers to print their own parts, and this legacy has carried through to Prusa and then to Bambu Lab. Built upon the foundation built by the open-source community over decades, Bambu Lab quickly dominated the market.
It could be the starting point of the popularization of RapRap open source that allowed us to enjoy 3D printers. https://reprap.org/wiki/About
However, the direction began to change starting at the end of 2024. By introducing middleware called Bambu Connect, they enforced cloud authentication and began blocking third-party slicers and accessories. In January 2026, Bambu Lab directly acknowledged this choice in an official blog post.
"We debated whether to follow a Raspberry Pi model or adopt an approach like Apple." — Bambu Lab Official Blog (2026.01)
It was a strategy to grow with open source and transition to closed source.
New users who came in via Sambug Labs' printers praised Sambug Labs as being "like Apple," but most makers and users who have been using open-source 3D printing culture together for decades, sometimes as contributors and developers, strongly resisted and harshly criticized Sambug Labs for damaging the value of open source, which they used to grow.
At the time, Sambug Labs seemed to step back, giving the impression that it would end as a mere prank, but the dissatisfaction of many makers had been steadily building. Finally, through this incident, Sambug Labs crossed the line, and that dissatisfaction exploded into tremendous scathing criticism.
https://forum.bambulab.com/t/setting-the-record-straight-on-cloud-access-and-community/252164
In conclusion, Sambug Labs respects open source and posted a notice stating that the recent measures were taken due to security risks to the Sambug Labs software ecosystem caused by an abnormal project, and not to deny or suppress open source itself.
However, it is difficult to find the background of when they mentioned the DMCA to intimidate users or their apology regarding that, and since it did not provide a proper explanation, they are currently receiving severe criticism from many users.
The countless comments of criticism hanging on the notice post..
Does Sambug Labs Actually Have the Qualifications to Follow the DMCA Process?
What’s interesting about this case is that Bambu Lab strongly pressured Paweł Jarczak by citing DMCA Section 1201 and a C&D, or cease-and-desist letter, but did not go through the formal DMCA 512 takedown process that we usually mean by “DMCA.”
Why was that?
I’ve personally used DMCA takedown authority before. It was when dealing with unauthorized NFT users, and through that process I came to understand exactly how DMCA proceedings work. You can find the related experience in the article below.
https://soonsoon.io/how-to-report-dmca-on-facebook-meta-twitter-youtube-telegram-discord-platforms/
https://soonsoon.io/discord-dmca-request-result-nft/
DMCA is not a single button. In particular, a DMCA 512 takedown used to remove an online post or repository is not simply a procedure for saying “take this down.” The complainant must send the notice on the premise that they are the rightful owner of the copyright or an authorized agent, and they must also accept legal liability for a false claim. The other party can send a counter-notice, and in some cases it can even lead to actual litigation.
By contrast, the DMCA Section 1201 that Bambu Lab mentioned in this case is a bit different in nature. The core of Section 1201 is to target the act of circumventing technological protection measures that control access to a work. In other words, the “as the copyright holder, take this GitHub repository down” logic of a 512 takedown and the “you circumvented our technological protection measures” logic of 1201 are claims at different levels.
LII / Legal Information Institute17 U.S. Code § 1201 - Circumvention of copyright protection systemshttps://www.law.cornell.edu/uscode/text/17/1201Key point of Article 1201:
"Bypassing a technological protection measure is illegal"
This difference matters. Bambu Studio is a project forked from AGPL-3.0-based software in the PrusaSlicer family. And Software Freedom Conservancy publicly raised concerns that Bambu Lab’s distribution method for Bambu Studio and its proprietary network components violate the AGPLv3. In this situation, it is only natural to question whether Bambu Lab is really in a position to control the entire Bambu Studio as if it were proprietary software.
Of course, this does not mean right away that “Bambu Lab has no rights at all”. Bambu Lab can claim separate rights and interests in its own servers, cloud infrastructure, trademarks, and proprietary components. But pushing forward with a formal DMCA 512 takedown against AGPL-based code and its derivative structure is a very different matter.
So it appears that Bambu Lab applied pressure through DMCA 1201, terms-of-service violations, and C&D warnings rather than a formal 512 takedown. In a sense, this also means that Bambu Lab was trying to frame the issue not as a direct copyright fight, but in terms of “circumvention of technological protection measures” and “security threats.”
But in the end, the strategy backfired. Paweł deleted the repository to avoid stress and wasting time, but once the situation became public, the community instead began asking, “Why didn’t they go through the proper DMCA process?” and “Is it right for a company that grew on top of open source to pressure a developer legally?”
In the end, the key point of this incident is not simply that one developer’s repository was deleted. It revealed that a threat email and formal legal proceedings are not the same, and that formal procedures come with the qualifications of a rights holder and legal responsibility. Bambu Lab used strong legal language, but it never actually stepped into the ring of an official DMCA Section 512 takedown. And that gap became the central point that fueled the community’s anger.
The rules of open source apply to those who use it too
This incident is not simply a story of one company threatening developers. It shows what happens when a company that grew upon the legacy of the open source ecosystem tries to apply those rules only to others.
Bambu Lab stands on the foundation built by RepRap, Prusa, and decades of open-source community. Leveraging that foundation, it became a $1B company, and now it is moving in a direction that kicks away that foundation.
The community has already reacted. Louis Rossmann uploaded the code to his own server, GamersNexus canceled a $150,000 purchase plan, and SFC started a reverse engineering project with $250,000 raised. Thousands of people forked the code, daring them to "sue me."
Sean Hollister of The Verge wrote this at the end of the article.
"It's hard not to root for open-source advocates to triumph, considering how much of a debt every 3D printer company owes to those who came before." — Sean Hollister, The Verge
Personally, I think the Sambug Labs printer is quite cool, and I believe that the tremendous progress that began when they released the X1 printer, based on the experience and technology of creating excellent products that started with DJI in the open-source-based 3D printing culture, should be widely recognized now and in the future.
However, in order to maintain their position as the world's number one and be recognized and respected for their rights, I believe they must continue to uphold respect and understanding for the existing open source market that allowed them to create such a wonderful culture.
It seems this incident will likely develop further. If there is another opportunity, I will cover the details of the open source content and the background behind it.
Thank you for reading the long post.