222 lines
10 KiB
Markdown
222 lines
10 KiB
Markdown
# vault1984 — Growth Plan
|
||
*March 2026*
|
||
|
||
---
|
||
|
||
## The model
|
||
|
||
Near-zero marginal cost. One binary. SQLite. $100/month for 21 global nodes. Every dollar of revenue is margin.
|
||
|
||
This is not a venture-backed growth plan. It is a frugal architect's plan: maximum reach, minimum spend, no sales team until the product sells itself. The HN community is the first customer. The developer flywheel is the distribution engine. The pricing makes competition economically irrational before it starts.
|
||
|
||
**The single constraint:** Part-time build. Growth must be compounding and largely passive. Every initiative must generate more than it costs in time.
|
||
|
||
---
|
||
|
||
## Phase 1 — Launch (months 0–1)
|
||
|
||
**Goal:** 5,000 individual users. First revenue.
|
||
|
||
**The trigger: Show HN.**
|
||
|
||
One post. The working product, the architecture argument, the Orwell quote. Not a landing page — a shipped product people can sign up for and use today.
|
||
|
||
The HN audience is the exact demographic: developers running AI coding agents who feel the credential problem daily. They don't need to be sold. They need to see the product and understand why it's architecturally different.
|
||
|
||
**What a successful HN launch looks like:**
|
||
- Front page, 24+ hours
|
||
- 500+ upvotes
|
||
- Technical debate in comments — this is credibility, not controversy
|
||
- 2,000–5,000 signups in 72 hours
|
||
- Organic spread to Twitter/X, Lobsters, dev Slack/Discord communities
|
||
|
||
**Supporting assets needed before launch:**
|
||
- vault1984.com/security — the architecture trust page
|
||
- Updated README with current naming and tagline
|
||
- Import flows working (1Password, Bitwarden, LastPass) — frictionless first day
|
||
- Pricing page with $12/year individual prominently displayed
|
||
|
||
**Cost: $0. Time: one evening to write the post.**
|
||
|
||
---
|
||
|
||
## Phase 2 — Organic individual growth (months 1–6)
|
||
|
||
**Goal:** 50,000 individual users. ~$600K ARR run rate.
|
||
|
||
**The breach trigger is always on.**
|
||
|
||
Every credential breach in the news sends people searching. The math-vs-keys argument — one RTX 4090, 17,000 guesses per second, 256-bit WebAuthn PRF key, 3.7 × 10⁴⁸ years — is a shareable fact. We publish it once. It lives forever.
|
||
|
||
**Channels (all organic, all low-time-cost):**
|
||
- HN: ongoing presence in relevant threads (MCP, AI agents, security, password managers). Answer questions. Be the expert.
|
||
- Twitter/X: the architecture story in threads. One good thread = 10,000 impressions, zero cost.
|
||
- GitHub: the open-source repo generates stars. Stars generate signups. Stars compound.
|
||
- Developer newsletters: a single mention in TLDR, Console, or Bytes reaches 100K+ developers. One cold email to the editor. Free.
|
||
- Reddit: r/selfhosted, r/privacy, r/netsec — communities that already care about this problem.
|
||
|
||
**The referral mechanic:**
|
||
Every time a developer installs vault1984 for personal use, they are a future team account. They work somewhere. They use AI agents professionally. The personal install is the top of the funnel for B2B.
|
||
|
||
**Infrastructure:** All 21 nodes live by end of month 2. Low latency everywhere. Users in Lagos and Nairobi load the same fast product as users in San Francisco.
|
||
|
||
**Cost: $0 cash. ~2 hours/week in community presence.**
|
||
|
||
---
|
||
|
||
## Phase 3 — The team wedge (months 2–6)
|
||
|
||
**Goal:** 500 team accounts. 5,000 business seats. ~$150K ARR from this segment.
|
||
|
||
**The product addition: team invite.**
|
||
|
||
One feature: invite a colleague. Shared vault for team credentials. Admin sees who has access to what. No SSO. No SCIM. No enterprise procurement. Just: "invite your colleague."
|
||
|
||
Developers don't ask permission to use a $12/year tool. They use it, then say "we should all use this." The team invite exists to formalize what's already happening.
|
||
|
||
**Pricing: $2.50/user/month.** A 10-person team pays $300/year. Goes on a personal credit card. No procurement involved.
|
||
|
||
**How it happens:** Zero outbound. Users who signed up individually receive an in-app nudge: "Invite your team. Share credentials securely." The conversion from individual to team is pull, not push.
|
||
|
||
**Cost: Development time (one feature). $0 cash.**
|
||
|
||
---
|
||
|
||
## Phase 4 — SMB market (months 4–12)
|
||
|
||
**Goal:** 2,000 SMB accounts. 30,000 seats. ~$900K ARR from this segment.
|
||
|
||
**What opens SMB:**
|
||
- Team invite (Phase 3) working and proven
|
||
- Admin console: member management, audit log access, basic reporting
|
||
- Billing by seat, not individual credit cards
|
||
|
||
**The AI agent story is now mainstream.** Every SMB with a developer team has at least one agent running. The credential problem is visible. The IT manager is asking "where are all these API keys going?" vault1984 is the answer their developers are already using.
|
||
|
||
**The global advantage compounds here.** An SMB in Nairobi or Lagos pays $2.50/user/month and gets sub-50ms latency on a local node. No competitor is serving them. First-mover advantage in emerging markets is locked in.
|
||
|
||
**Pricing: $2.50/user/month.** A 20-person SMB pays $600/year. A 50-person SMB pays $1,500/year. Not a budget line anyone argues about.
|
||
|
||
**Cost: Admin console development. $0 cash for acquisition.**
|
||
|
||
---
|
||
|
||
## Phase 5 — Enterprise unlock (months 9–18)
|
||
|
||
**Goal:** 50 enterprise accounts. 25,000 seats. ~$750K ARR from this segment.
|
||
|
||
**What opens enterprise:**
|
||
- SSO (SAML/OIDC) — the single feature that converts a "nice to have" into a "can deploy"
|
||
- SOC 2 Type II formal audit — controls already implemented; audit cost ~$20K
|
||
- Dedicated support tier (email SLA, named contact)
|
||
|
||
**Why enterprise comes to vault1984 (not the other way around):**
|
||
Enterprises with 500+ developers running AI coding agents already have the credential problem at scale. Their developers are using vault1984 personally. The CISO asks: "what are all these API keys going to?" The answer is already vault1984. The sale is inbound.
|
||
|
||
**The procurement argument is arithmetic:**
|
||
A 1,000-seat enterprise pays $30,000/year at $2.50/user/month. Competitors charge $84,000–120,000 for the same. No negotiation. No RFP theater. Just a purchase order.
|
||
|
||
**Pricing: $2.50/user/month.** Same as SMB. The enterprise tier adds SLA and compliance docs, not price.
|
||
|
||
**Cost: SSO development + $20K SOC 2 audit.**
|
||
|
||
---
|
||
|
||
## Phase 6 — MSP channel (months 6–18)
|
||
|
||
**Goal:** 200 MSP partners. 200,000 managed seats. ~$300K ARR wholesale.
|
||
|
||
**The unlock: commercial MSP license.**
|
||
|
||
The Elastic License 2.0 prohibits third parties from offering vault1984 as a managed service. A commercial MSP license (separate agreement) opens the channel.
|
||
|
||
**The MSP pitch is unique:**
|
||
MSPs can tell their clients: "We cannot read your passwords." No other MSP-delivered solution offers this. vault1984 removes a significant liability — MSPs cannot be subpoenaed for credentials they don't have the keys to.
|
||
|
||
**The math for an MSP:**
|
||
- Buy at $1/user/month wholesale
|
||
- Sell at $3–5/user/month
|
||
- 100 clients × 20 users = 2,000 seats = $2,000–4,000/month margin per MSP
|
||
- Signing 200 MSPs: 400,000 seats, $400K–800K/month in MSP revenue
|
||
|
||
**Distribution:** MSP communities (IT Nation, Connect, ASCII), direct outreach to the top 500 MSPs. One channel partner manager can handle this at scale — but not needed until Phase 4 is proven.
|
||
|
||
**Cost: Legal framework for MSP license (~$15K). $0 thereafter.**
|
||
|
||
---
|
||
|
||
## The numbers
|
||
|
||
### Revenue model (month 18 projection)
|
||
|
||
| Segment | Volume | Price | ARR |
|
||
|---------|--------|-------|-----|
|
||
| Individual | 200,000 users | $12/yr | $2.4M |
|
||
| Teams/SMB | 50,000 seats | $2.50/mo | $1.5M |
|
||
| Enterprise | 25,000 seats | $2.50/mo | $0.75M |
|
||
| MSP (wholesale) | 100,000 seats | $1/mo | $1.2M |
|
||
| **Total** | | | **$5.85M ARR** |
|
||
|
||
### Month 30 projection
|
||
|
||
| Segment | Volume | Price | ARR |
|
||
|---------|--------|-------|-----|
|
||
| Individual | 500,000 users | $12/yr | $6.0M |
|
||
| Teams/SMB | 150,000 seats | $2.50/mo | $4.5M |
|
||
| Enterprise | 50,000 seats | $2.50/mo | $1.5M |
|
||
| MSP (wholesale) | 300,000 seats | $1/mo | $3.6M |
|
||
| **Total** | | | **$15.6M ARR** |
|
||
|
||
**At 8x ARR multiple: $124M valuation.**
|
||
|
||
### Infrastructure cost at month 30
|
||
21 nodes. ~$400/month fully loaded with traffic. The model does not break with scale — it's stateless compute on cheap instances with SQLite. Adding capacity is adding an instance.
|
||
|
||
---
|
||
|
||
## What we do not do
|
||
|
||
**No outbound sales.** Until $5M ARR, every new customer comes inbound. The HN flywheel, developer word of mouth, and the breach news cycle are the sales team.
|
||
|
||
**No paid acquisition.** CAC must stay near zero. If a channel requires paying per click, it's not the right channel for this stage.
|
||
|
||
**No enterprise features before SMB is proven.** SSO and SCIM are on the roadmap — not the priority. Individual → team → SMB → enterprise is the sequence. Skipping steps burns time and capital.
|
||
|
||
**No sales team.** A great hire costs $150K/year. The HN post costs nothing. Organic growth at this price point generates more pipeline than a sales team could close.
|
||
|
||
---
|
||
|
||
## The competitive window
|
||
|
||
The window to own this category is 18–24 months. After that:
|
||
- 1Password ships "good enough" MCP integration. Feature gap narrows.
|
||
- Bitwarden raises money, hires a product team, catches up on agent support.
|
||
- A well-funded startup enters with VC backing and a sales team.
|
||
|
||
None of them can copy the encryption architecture. That moat is permanent — they'd have to break their existing users' recovery flows to do it. But the feature moat and the geography moat narrow over time.
|
||
|
||
The time to establish is now. Every month of delay is market share that costs more to recapture later.
|
||
|
||
---
|
||
|
||
## Capital requirements
|
||
|
||
The growth plan requires no external capital to reach Phase 3.
|
||
|
||
To accelerate Phases 4–6 and eliminate personal financial risk:
|
||
|
||
| Item | Cost |
|
||
|------|------|
|
||
| 21-node infrastructure buildout + 18 months | $80K |
|
||
| SOC 2 Type II formal audit | $20K |
|
||
| Legal (MSP license framework, IP) | $40K |
|
||
| **Total** | **$140K** |
|
||
|
||
**The raise: $200K at $20M pre-money.** 1% equity. Wealthy friends & family who understand the AgentMail comparable ($6M raised at $60M post-money for MCP on IMAP).
|
||
|
||
This is the frugal version. Not a Series A. Not a growth round. Capital to deploy infrastructure and validate enterprise compliance — then the product grows itself.
|
||
|
||
---
|
||
|
||
*Draft — George for Johan. Not for external distribution.*
|