I totally believe that he's worth that amount of money. I'm sorry if you thought I was questioning that. I'm questioning the juxtaposition of his hourly rate with a request for donations.
I think the contract makes sense for clients, and the donation makes sense for other security researchers who want an incentive for him to keep publishing ideas.
Understood. But I imagine that his work isn't quite as "steady" as one might expect. He invests time by trying to find security exploits in hopes that the affected company compensates him. He doesn't set his price or even determine if he gets paid for his time.
I think that might be the rationale...or it might just be that he's found himself in a position where he can collect bounties AND donations :).