Technology

A Startup Faces an Open-Source Code Copying Accusation. Here's What That Means.

Martin HollowayPublished 3w ago4 min readBased on 5 sources
Reading level
A Startup Faces an Open-Source Code Copying Accusation. Here's What That Means.

A Startup Faces an Open-Source Code Copying Accusation. Here's What That Means.

An insurance startup backed by Y Combinator, called Corgi, is pushing back against claims that it copied software from another company's open-source project. The accusation came to light on June 25, 2026, when the founder of Papermark, a document-sharing platform, posted about it in an online community.

Papermark said Corgi's data room tool — a product for storing and sharing documents securely during business deals — borrowed code from Papermark's own project without permission or credit. Papermark released its code under a licence called Elastic License 2.0 (EL2), which comes with specific rules: the code can be read by anyone, but companies are not allowed to use it to offer the software as a paid service to other customers. They also have to give credit where it is due. Papermark claimed Corgi did neither. The post spread quickly to a popular developer forum called Hacker News within hours.

Corgi denied the accusation the same day. In a forum reply, the company said any similarities between the products were coincidental. TechCrunch reported on June 26 that Corgi maintained its position.

What is Elastic License 2.0?

The EL2 licence is something of a grey zone in the open-source world. The code itself is public and anyone can read it, but the rules around what you can do with it are stricter than truly "open-source" licences. Think of it this way: a traditional open-source licence is like a recipe published in a magazine that anyone can use freely. EL2 is more like a recipe you can read but cannot republish as your own restaurant's special dish without permission. The licence was created by a company called Elastic in 2021 specifically to prevent big cloud providers from taking their software, offering it as a service to customers, and keeping all the money without sharing it back.

The legal question at the heart of this dispute is not whether Corgi could see the code. It is whether using it in the way Corgi apparently did breaks the rules Papermark set out.

Why This Matters Beyond This One Company

Corgi is not a typical insurance startup. It actually writes and sells its own insurance policies directly, which means it has built an enormous amount of custom software to run its business. According to Y Combinator's records, Corgi went from zero revenue to 100 million dollars in annual revenue in just seven months — a very fast pace. That kind of speed typically means shipping new features and products constantly across many different parts of the business. A data room is not central to insurance, but it makes sense as an extra tool to help customers organise documents. When teams are moving that fast, pressures to build things quickly can sometimes outpace the care taken to check whether borrowed code is being used legally.

The broader context here is that many developers pull open-source and source-available code from GitHub — the main warehouse where programmers share code online — without always stopping to read the licence carefully. It is a casual habit that has become riskier as more projects, especially ones created by big companies, use stricter licence rules like EL2 or others with similar constraints.

What Happens Next?

As of June 27, 2026, neither company has filed a lawsuit. Both have said publicly where they stand. The facts about what code Corgi used, when it used it, and how it used it are still contested. No outside observer has been able to look inside Corgi's actual software to verify what either side claims.

Worth noting: EL2 is new enough that courts have not yet settled disputes over it. Elastic, the company that created the licence, has been involved in similar fights before, but there is not yet a deep set of legal precedents to guide how these cases turn out. For engineers and startup leaders who grab components from source-available projects on GitHub, this serves as a reminder that just because code is public does not mean you are free to use it however you want.

Corgi came out of Y Combinator's summer 2024 batch and hit 100 million dollars in annual revenue very quickly, which means it drew a lot of public attention. When a company grows that fast and becomes visible, accusations like this one attract scrutiny and can damage reputation even while a dispute is still unfolding, regardless of whether the company ends up being found in the wrong.

One last layer: the software industry has shipped products faster in recent years because AI tools can write and test code more quickly than before. That speed is genuinely good for getting useful things built. The downside is that the kind of careful checking you should do before using someone else's code does not always keep pace with how fast teams can now move. Most larger organisations have started using automated tools that scan for licence problems before code ships, but not all teams have done that work yet. This is a pattern showing up across the industry right now, not just a Corgi problem.

No one knows how this will end. The two most likely paths are that Corgi and Papermark reach some kind of agreement about credit or payment, or Corgi shows its code was built independently all along. Either way, the public record of the accusation now exists.