johan
/
clavitor
1
0
Fork 0
Code Issues 7 Pull Requests Packages Projects Releases Wiki Activity
clavitor/docs/LAUNCH-CHECKLIST.md

6.2 KiB
Raw Blame History

Clavitor Launch Checklist

Generated: 2026-02-28

1. HANDLES & ACCOUNTS

X/Twitter

  • Check @clavitor availability
  • Check @clavitor_ availability
  • Register handle (Johan logs in, creates account)
  • Pin announcement thread (docs/X-ANNOUNCEMENT.md ready)

GitHub

  • Johan provides PAT (repo scope)
  • Create clavitor org OR johanj/clavitor repo — decide which
  • Push code (no secrets, strip .env)
  • Add topics: password-manager, mcp, webauthn, golang, self-hosted, ai-agents
  • README with hero image, features table, install one-liner
  • GitHub Releases with binary downloads (linux/amd64, darwin/arm64, darwin/amd64)

Discord

  • Create Clavitor Discord server
  • Channels: #announcements, #general, #self-hosting, #feature-requests, #mcp-agents
  • James needs Discord presence (Johan to provide token)
  • Post invite link on website + README

Product Hunt

  • Claim product page (clavitor.com)
  • Prepare launch assets: logo, tagline, gallery images
  • Schedule launch (weekday, TuesdayThursday best)

HackerNews

  • Draft "Show HN: Clavitor Password manager with two-tier encryption for humans with AI assistants"
  • Time for Monday morning ET (highest engagement)

2. DOMAIN & DNS

  • Sign Openprovider contract (unblocking clavitor.com registration)
  • Register clavitor.com ($12-15/yr via Openprovider)
  • Add to Cloudflare (Zone ID pattern: same flow as muskepo.com)
  • DNS records: A records per region, routing TBD
  • SSL: Caddy auto-TLS per region

Subdomains

  • clavitor.com — marketing site
  • app.clavitor.com — hosted app (region-aware, Cloudflare geo-routing)
  • us-east.clavitor.com, eu-west.clavitor.com, ap-sg.clavitor.com — regional endpoints
  • docs.clavitor.com — documentation (optional, could be GitHub Pages)

3. WEBSITE

Tone: Same as Dealspace — clean, confident, dark-ish, no fluff. Not a cyberpunk aesthetic, not a corporate one. Matter-of-fact security product.

Images needed (generate with image AI or commission):

  • Hero: split-screen — AI agent on left accessing L1 (green), locked L2 on right (red padlock)
  • Feature illustration: WebAuthn Touch ID unlock animation concept
  • Architecture diagram: forge laptop → L1/L2 split → AI reads left, only you unlock right
  • Multi-agent diagram: 5 agents each with their own token scope bubble
  • Import flow: logos of Chrome/Firefox/Bitwarden/ProtonPass → Clavitor

Sections:

  1. Hero — "Your AI gets what it needs. Your secrets stay yours." + CTA (Try hosted / Self-host free)
  2. The problem — AI assistants need credentials. All-or-nothing is wrong.
  3. L1 / L2 explained — EA analogy, visual split
  4. Features — 14 killer features from KILLER-FEATURES.md
  5. Multi-agent swarms — scoped tokens, one compromised agent = one scope
  6. Self-host vs Hosted comparison table
  7. Pricing — Self-host: free forever. Hosted: $12/year, 3 regions, we manage it.
  8. Installcurl -fsSL clavitor.com/install.sh | sh one-liner
  9. OSS badge — MIT license, GitHub stars count
  10. Footer — GitHub, Discord, X, docs

Stack: Same as muskepo.com (static, Caddy-served, Tailwind CDN). No framework needed.

4. PRODUCT (PRE-LAUNCH MUST-HAVES)

Day 2 (core — required before launch)

  • WebAuthn PRF — L2 client-side key derivation (Touch ID / YubiKey / Titan Key)
  • L2 field encrypt/decrypt in browser (Web Crypto API)
  • Scoped MCP tokens — Tags[], EntryIDs[], ReadOnly, ExpiresAt
  • MCP token management UI (create/revoke/scope)

Hosted infrastructure

  • Multi-tenant: each user = isolated VAULT_KEY + isolated DB path
  • Signup flow: email → OTP → provision account → generate key
  • Stripe integration ($12/year, annual only)
  • 3 Hetzner nodes: US East (Ashburn), EU West (Nuremberg), AP (Singapore)
  • Systemd service on each node
  • Caddy reverse proxy with auto-TLS
  • Daily encrypted DB snapshot → Zurich backup

Nice-to-have pre-launch

  • Chrome extension (autofill) — Manifest V3, scaffold exists
  • Binary releases (GitHub Actions): linux/amd64, darwin/arm64, darwin/amd64
  • install.sh one-liner
  • Docker image: ghcr.io/clavitor/clavitor:latest

5. LEGAL (for hosted)

  • Privacy policy (what data we store, where, retention)
  • Terms of service
  • Cookie notice (hosted app only — minimal)
  • GDPR: EU region = data stays EU, AP region = data stays AP

6. LAUNCH SEQUENCE

  1. Register domain + GitHub handles
  2. Ship Day 2 (WebAuthn, scoped tokens)
  3. Build website with images
  4. Deploy hosted infrastructure (3 regions)
  5. Soft launch: OSS push to GitHub + HN Show HN + X thread
  6. Product Hunt hunt (coordinated, week after HN)
  7. OpenClaw Discord post (OpenClaw community, Alex Finn's server)
  8. Let it grow

Open source virality — reference

@Akashi203 (RightNow-AI/openfang): 10,000 GitHub stars in 5 days after open-sourcing. Spent a year cold-emailing and pitching GPU dev tools with zero traction. Open-sourced an agent OS in Rust, and in 5 days more people found them than in an entire year of selling.

"stop hoarding your best work because the internet rewards builders who ship in public. open source is the most underrated growth strategy in tech"

Takeaway for Clavitor: the MIT license, the public repo, the Show HN — that IS the growth strategy. Don't gate features behind hosted-only. Ship the full thing open source, let the repo speak, and let hosted be a convenience layer for people who don't want to self-host. The repo is the top of funnel.

Source: https://x.com/Akashi203/status/2028994152852275696

7. JAMES NEEDS (blockers)

  • Johan: GitHub PAT (repo scope)
  • Johan: Sign Openprovider contract → clavitor.com registered
  • Johan: Discord token for James (join community, engage authentically)
  • Johan: X/Twitter account for @clavitor

PRICING DECISION

Tier Price Notes
Self-hosted Free MIT, always
Hosted US East $12/year ~$1/month
Hosted EU West $12/year GDPR included
Hosted AP Singapore $12/year

One price worldwide. Simple.