# Deal Room - Architecture Specification **Project:** Deal Room - Secure Investment Banking Document Sharing Platform **Owner:** Misha Muskepo (michael@muskepo.com) **Tech Lead:** James **Architecture Pattern:** inou-portal pattern > **Note:** Items marked with 🆕 were discovered from the Lovable prototype analysis and added to this spec. > Items marked with 📝 were modified based on the prototype's implementation. ## Executive Summary Deal Room is a secure, invite-only document sharing platform designed for Investment Banking deal teams. It provides role-based access control, encrypted file storage, AI-powered document analysis, and comprehensive audit trails for sensitive financial transactions. ## System Architecture ### Core Principles - **Single binary deployment** - Zero runtime dependencies - **Data-centric design** - All entities stored in normalized SQLite tables - **Security-first** - Encryption at rest, RBAC, audit logging - **AI-enhanced** - Document analysis and embeddings for intelligent search - **Production-grade** - Battle-tested patterns from inou-portal ### Technology Stack - **Backend:** Go 1.22+ (single binary) - **Templates:** templ (type-safe HTML generation) - **Frontend:** HTMX + Tailwind CSS (CDN) - **Database:** SQLite with encryption at rest - **File Storage:** Encrypted (AES-256-GCM) + Compressed (zstd) - **AI/ML:** K2.5 for document analysis and embeddings - **Authentication:** Email/password + magic link + session cookies ## Database Schema ### Core Tables #### organizations 🆕 ```sql CREATE TABLE organizations ( id TEXT PRIMARY KEY, name TEXT NOT NULL, slug TEXT UNIQUE NOT NULL, domain TEXT, logo_url TEXT, settings TEXT, -- JSON created_at INTEGER NOT NULL, updated_at INTEGER NOT NULL ); ``` #### users (was: profiles + auth.users) ```sql CREATE TABLE users ( id TEXT PRIMARY KEY, email TEXT UNIQUE NOT NULL, full_name TEXT NOT NULL, title TEXT, -- 🆕 Job title phone TEXT, -- 🆕 password_hash TEXT NOT NULL, avatar_url TEXT, organization_id TEXT, -- 🆕 FK to organizations onboarding_completed BOOLEAN NOT NULL DEFAULT 0, -- 🆕 settings TEXT, -- 🆕 JSON user preferences created_at INTEGER NOT NULL, updated_at INTEGER NOT NULL, last_login INTEGER, is_active BOOLEAN NOT NULL DEFAULT 1, FOREIGN KEY (organization_id) REFERENCES organizations(id) ); CREATE INDEX idx_users_email ON users(email); CREATE INDEX idx_users_org ON users(organization_id); ``` #### user_roles 🆕 ```sql CREATE TABLE user_roles ( id TEXT PRIMARY KEY, user_id TEXT NOT NULL, organization_id TEXT NOT NULL, role TEXT NOT NULL CHECK (role IN ('owner', 'admin', 'member', 'viewer')), created_at INTEGER NOT NULL, FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE, FOREIGN KEY (organization_id) REFERENCES organizations(id) ON DELETE CASCADE, UNIQUE(user_id, organization_id) ); ``` #### 📝 deals (was: entries with type=deal_room) ```sql CREATE TABLE deals ( id TEXT PRIMARY KEY, name TEXT NOT NULL, description TEXT, organization_id TEXT NOT NULL, created_by TEXT, stage TEXT NOT NULL DEFAULT 'pipeline' CHECK (stage IN ('pipeline', 'loi', 'initial_review', 'due_diligence', 'final_negotiation', 'closed', 'dead')), target_company TEXT, deal_size REAL, -- 🆕 currency TEXT DEFAULT 'USD', -- 🆕 close_probability REAL, -- 🆕 0-100 expected_close_date TEXT, -- 🆕 ISO date ioi_date TEXT, -- 🆕 Indication of Interest date loi_date TEXT, -- 🆕 Letter of Intent date exclusivity_end_date TEXT, -- 🆕 is_archived BOOLEAN DEFAULT 0, -- 🆕 settings TEXT, -- 🆕 JSON created_at INTEGER NOT NULL, updated_at INTEGER NOT NULL, FOREIGN KEY (organization_id) REFERENCES organizations(id), FOREIGN KEY (created_by) REFERENCES users(id) ); CREATE INDEX idx_deals_org ON deals(organization_id); CREATE INDEX idx_deals_stage ON deals(stage); ``` #### 📝 folders (was: implicit in entries hierarchy) ```sql CREATE TABLE folders ( id TEXT PRIMARY KEY, deal_id TEXT NOT NULL, parent_id TEXT, -- Self-referential tree name TEXT NOT NULL, description TEXT, sort_order INTEGER DEFAULT 0, created_by TEXT, ai_summary TEXT, -- 🆕 Atlas-generated summary ai_summary_updated_at INTEGER, -- 🆕 completeness_score REAL, -- 🆕 0-100, AI-computed created_at INTEGER NOT NULL, updated_at INTEGER NOT NULL, FOREIGN KEY (deal_id) REFERENCES deals(id) ON DELETE CASCADE, FOREIGN KEY (parent_id) REFERENCES folders(id), FOREIGN KEY (created_by) REFERENCES users(id) ); CREATE INDEX idx_folders_deal ON folders(deal_id); CREATE INDEX idx_folders_parent ON folders(parent_id); ``` #### 📝 files (was: entries with type=document) ```sql CREATE TABLE files ( id TEXT PRIMARY KEY, deal_id TEXT NOT NULL, folder_id TEXT, name TEXT NOT NULL, -- Original filename file_path TEXT, -- Encrypted storage path file_size INTEGER, file_hash TEXT, -- SHA-256 mime_type TEXT, uploaded_by TEXT, status TEXT DEFAULT 'uploaded' CHECK (status IN ('uploaded', 'processing', 'reviewed', 'flagged', 'archived')), version INTEGER DEFAULT 1, ai_summary TEXT, -- 🆕 ai_tags TEXT, -- 🆕 JSON array is_sensitive BOOLEAN DEFAULT 0, -- 🆕 download_disabled BOOLEAN DEFAULT 0, -- 🆕 watermark_enabled BOOLEAN DEFAULT 0, -- 🆕 embedding BLOB, created_at INTEGER NOT NULL, updated_at INTEGER NOT NULL, FOREIGN KEY (deal_id) REFERENCES deals(id) ON DELETE CASCADE, FOREIGN KEY (folder_id) REFERENCES folders(id), FOREIGN KEY (uploaded_by) REFERENCES users(id) ); CREATE INDEX idx_files_deal ON files(deal_id); CREATE INDEX idx_files_folder ON files(folder_id); CREATE INDEX idx_files_status ON files(status); ``` #### diligence_requests 🆕 ```sql CREATE TABLE diligence_requests ( id TEXT PRIMARY KEY, deal_id TEXT NOT NULL, section TEXT NOT NULL, -- Category: Financial, Legal, Technology, etc. item_number TEXT, -- e.g., "1.1", "2.3" description TEXT NOT NULL, priority TEXT DEFAULT 'medium' CHECK (priority IN ('high', 'medium', 'low')), created_by TEXT, buyer_group TEXT, -- Which buyer group buyer_comment TEXT, -- Inline comment from buyer seller_comment TEXT, -- Inline comment from seller linked_file_ids TEXT, -- JSON array of file IDs atlas_status TEXT CHECK (atlas_status IN ('fulfilled', 'partial', 'missing', 'not_applicable')), atlas_confidence REAL, -- 0-100 atlas_note TEXT, atlas_assessed_at INTEGER, created_at INTEGER NOT NULL, updated_at INTEGER NOT NULL, FOREIGN KEY (deal_id) REFERENCES deals(id) ON DELETE CASCADE, FOREIGN KEY (created_by) REFERENCES users(id) ); CREATE INDEX idx_requests_deal ON diligence_requests(deal_id); CREATE INDEX idx_requests_section ON diligence_requests(section); CREATE INDEX idx_requests_status ON diligence_requests(atlas_status); ``` #### buyer_engagement 🆕 ```sql CREATE TABLE buyer_engagement ( id TEXT PRIMARY KEY, deal_id TEXT NOT NULL, user_id TEXT, file_id TEXT, folder_id TEXT, event_type TEXT NOT NULL, dwell_time_seconds REAL, page_views INTEGER, metadata TEXT, -- JSON created_at INTEGER NOT NULL, FOREIGN KEY (deal_id) REFERENCES deals(id) ON DELETE CASCADE, FOREIGN KEY (file_id) REFERENCES files(id), FOREIGN KEY (folder_id) REFERENCES folders(id) ); CREATE INDEX idx_engagement_deal ON buyer_engagement(deal_id); CREATE INDEX idx_engagement_user ON buyer_engagement(user_id); ``` #### deal_scores 🆕 ```sql CREATE TABLE deal_scores ( id TEXT PRIMARY KEY, deal_id TEXT NOT NULL, close_probability REAL NOT NULL, -- 0-100 risk_tier TEXT NOT NULL, -- low, medium, high diligence_completion REAL, buyer_engagement_score REAL, response_velocity REAL, red_flag_count INTEGER DEFAULT 0, recommendations TEXT, -- JSON array of strings computed_at INTEGER NOT NULL, created_at INTEGER NOT NULL, FOREIGN KEY (deal_id) REFERENCES deals(id) ON DELETE CASCADE ); CREATE INDEX idx_scores_deal ON deal_scores(deal_id); ``` #### ai_insights 🆕 ```sql CREATE TABLE ai_insights ( id TEXT PRIMARY KEY, deal_id TEXT NOT NULL, insight_type TEXT NOT NULL, title TEXT NOT NULL, content TEXT, severity TEXT, is_dismissed BOOLEAN DEFAULT 0, source_file_ids TEXT, -- JSON array created_at INTEGER NOT NULL, FOREIGN KEY (deal_id) REFERENCES deals(id) ON DELETE CASCADE ); CREATE INDEX idx_insights_deal ON ai_insights(deal_id); ``` #### contacts 🆕 ```sql CREATE TABLE contacts ( id TEXT PRIMARY KEY, organization_id TEXT NOT NULL, full_name TEXT NOT NULL, email TEXT, phone TEXT, company TEXT, title TEXT, contact_type TEXT, -- buyer, advisor, internal, seller tags TEXT, -- JSON array notes TEXT, last_activity_at INTEGER, created_at INTEGER NOT NULL, updated_at INTEGER NOT NULL, FOREIGN KEY (organization_id) REFERENCES organizations(id) ON DELETE CASCADE ); CREATE INDEX idx_contacts_org ON contacts(organization_id); ``` #### ic_memos 🆕 ```sql CREATE TABLE ic_memos ( id TEXT PRIMARY KEY, deal_id TEXT NOT NULL, organization_id TEXT NOT NULL, created_by TEXT, title TEXT NOT NULL, content TEXT NOT NULL, -- JSON: summary, business_model, financials, key_risks[], diligence_gaps[], valuation_considerations, recommendation, source_documents[] status TEXT DEFAULT 'draft' CHECK (status IN ('draft', 'review', 'final', 'archived')), version INTEGER DEFAULT 1, created_at INTEGER NOT NULL, updated_at INTEGER NOT NULL, FOREIGN KEY (deal_id) REFERENCES deals(id) ON DELETE CASCADE, FOREIGN KEY (organization_id) REFERENCES organizations(id), FOREIGN KEY (created_by) REFERENCES users(id) ); CREATE INDEX idx_memos_deal ON ic_memos(deal_id); ``` #### nda_records 🆕 ```sql CREATE TABLE nda_records ( id TEXT PRIMARY KEY, deal_id TEXT NOT NULL, signer_name TEXT NOT NULL, signer_email TEXT NOT NULL, signer_company TEXT, user_id TEXT, status TEXT DEFAULT 'pending', signed_at INTEGER, expires_at INTEGER, nda_document_url TEXT, ip_address TEXT, created_at INTEGER NOT NULL, FOREIGN KEY (deal_id) REFERENCES deals(id) ON DELETE CASCADE ); ``` #### tasks 🆕 ```sql CREATE TABLE tasks ( id TEXT PRIMARY KEY, organization_id TEXT NOT NULL, deal_id TEXT, title TEXT NOT NULL, description TEXT, assigned_to TEXT, created_by TEXT, status TEXT DEFAULT 'pending', priority TEXT DEFAULT 'medium' CHECK (priority IN ('high', 'medium', 'low')), due_date TEXT, completed_at INTEGER, created_at INTEGER NOT NULL, updated_at INTEGER NOT NULL, FOREIGN KEY (organization_id) REFERENCES organizations(id), FOREIGN KEY (deal_id) REFERENCES deals(id), FOREIGN KEY (assigned_to) REFERENCES users(id) ); ``` #### workflow_rules 🆕 ```sql CREATE TABLE workflow_rules ( id TEXT PRIMARY KEY, organization_id TEXT NOT NULL, name TEXT NOT NULL, trigger_type TEXT NOT NULL, trigger_config TEXT NOT NULL, -- JSON action_type TEXT NOT NULL, action_config TEXT NOT NULL, -- JSON is_active BOOLEAN DEFAULT 1, created_by TEXT, created_at INTEGER NOT NULL, updated_at INTEGER NOT NULL, FOREIGN KEY (organization_id) REFERENCES organizations(id) ); ``` #### sessions ```sql CREATE TABLE sessions ( token TEXT PRIMARY KEY, user_id TEXT NOT NULL, expires_at INTEGER NOT NULL, created_at INTEGER NOT NULL, last_used INTEGER NOT NULL, user_agent TEXT, ip_address TEXT, FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE ); CREATE INDEX idx_sessions_user ON sessions(user_id); CREATE INDEX idx_sessions_expires ON sessions(expires_at); ``` #### audit_log (📝 renamed from deal_activity for clarity) ```sql CREATE TABLE audit_log ( id TEXT PRIMARY KEY, user_id TEXT, deal_id TEXT, organization_id TEXT, action TEXT NOT NULL CHECK (action IN ('view', 'download', 'upload', 'edit', 'delete', 'share', 'comment', 'permission_change', 'nda_signed', 'login')), resource_type TEXT, resource_id TEXT, resource_name TEXT, details TEXT, -- JSON ip_address TEXT, user_agent TEXT, created_at INTEGER NOT NULL, FOREIGN KEY (user_id) REFERENCES users(id), FOREIGN KEY (deal_id) REFERENCES deals(id) ); CREATE INDEX idx_audit_user ON audit_log(user_id); CREATE INDEX idx_audit_deal ON audit_log(deal_id); CREATE INDEX idx_audit_action ON audit_log(action); CREATE INDEX idx_audit_created ON audit_log(created_at); ``` ## Permission Model (RBAC) ### 📝 Role-Based (from Lovable prototype) Four roles per organization: - **Owner:** Full access. Can delete deals, manage org settings, transfer ownership. - **Admin:** Manage deals, users, integrations. Cannot delete organization. - **Member:** Create/manage deals, upload documents, use all VDR features. - **Viewer:** Read-only access to shared deal rooms. ### Seller vs Buyer View 🆕 - **Seller** = Owner or Admin role → full platform access - **Buyer** = Member or Viewer role → restricted view filtered by buyer_group | Feature | Seller | Buyer | |---------|--------|-------| | Create deal rooms | ✅ | ❌ | | Upload files | ✅ | ❌ | | Create/upload request lists | ✅ | ❌ | | View analytics & engagement | ✅ | ❌ | | Generate IC memos | ✅ | ❌ | | View all deals | ✅ | Only assigned deals | | View all requests | ✅ | Only their buyer_group | | Add comments on requests | ✅ | ✅ | | Use Atlas AI | ✅ | ✅ (scoped) | ## API Endpoints ### Authentication ``` POST /auth/login # Email/password login POST /auth/signup # Create account + org 🆕 GET /auth/verify/{token} # Verify magic link POST /auth/logout # End session GET /auth/me # Current user info POST /auth/demo/{role} # Demo login (seller/buyer) 🆕 ``` ### Organizations 🆕 ``` POST /api/organizations # Create organization GET /api/organizations/{id} # Get organization PUT /api/organizations/{id} # Update organization ``` ### Deals 📝 (was: Deal Rooms) ``` GET /api/deals # List deals (filtered by role/buyer_group) POST /api/deals # Create deal (seller only) GET /api/deals/{id} # Get deal details PUT /api/deals/{id} # Update deal DELETE /api/deals/{id} # Archive deal ``` ### Folders 🆕 ``` GET /api/deals/{id}/folders # List folders (tree) POST /api/deals/{id}/folders # Create folder PUT /api/folders/{id} # Update folder DELETE /api/folders/{id} # Delete folder POST /api/folders/{id}/summarize # Generate AI summary ``` ### Files 📝 ``` GET /api/deals/{id}/files # List files (optional folder_id filter) POST /api/deals/{id}/files # Upload file(s) GET /api/files/{id} # Get file metadata GET /api/files/{id}/download # Download file PUT /api/files/{id} # Update file metadata DELETE /api/files/{id} # Delete file ``` ### Diligence Requests 🆕 ``` GET /api/deals/{id}/requests # List requests for a deal POST /api/deals/{id}/requests # Create request POST /api/deals/{id}/requests/bulk # Bulk import (CSV) 🆕 PUT /api/requests/{id} # Update request (status, comments) GET /api/requests # Cross-deal request list ``` ### Contacts 🆕 ``` GET /api/contacts # List contacts for org POST /api/contacts # Create contact PUT /api/contacts/{id} # Update contact DELETE /api/contacts/{id} # Delete contact ``` ### IC Memos 🆕 ``` GET /api/ic-memos # List memos for org POST /api/ic-memos/generate # Generate memo from deal GET /api/ic-memos/{id} # Get memo PUT /api/ic-memos/{id} # Update memo ``` ### Analytics & Engagement 🆕 ``` GET /api/deals/{id}/engagement # Buyer engagement data GET /api/deals/{id}/score # Get deal score POST /api/deals/{id}/score # Compute deal score ``` ### AI 📝 ``` POST /api/ai/folder-summary # Generate folder summary POST /api/ai/deal-score # Compute deal close probability POST /api/ai/ic-memo # Generate IC memo POST /api/ai/chat # Atlas AI chat (context-aware) GET /api/deals/{id}/insights # AI insights for deal POST /api/analyze/{file_id} # Trigger file AI analysis GET /api/search?q={query} # Semantic search ``` ### Activity & Audit ``` GET /api/activity # Activity feed (org-wide) GET /api/audit # Full audit log (filterable) ``` ## Page Routes (Server-Rendered) ``` GET / # Dashboard GET /auth # Login/Signup page 📝 GET /deals # Deal rooms list 🆕 GET /deals/{id} # Deal room detail (documents + requests) 📝 GET /requests # Cross-deal request lists 🆕 GET /analytics # Engagement analytics 🆕 GET /ic-memos # IC Memo generator + viewer 🆕 GET /contacts # Contact management 🆕 GET /audit # Audit log 📝 GET /settings # Settings (profile, org, security, integrations, workflows) 📝 GET /guide # Platform documentation/guide 🆕 ``` ## File Storage Design ### Storage Structure ``` data/ ├── db/ │ └── dealroom.db # SQLite database ├── files/ │ ├── {deal_id}/ │ │ ├── {folder_id|root}/ │ │ │ └── {timestamp}_{filename}.enc │ │ └── ... │ └── temp/ # Temporary upload staging └── backups/ ├── db/ └── files/ ``` ### Encryption Process 1. **Upload:** File uploaded to `/temp/{uuid}` 2. **Compress:** Apply zstd compression (level 3) 3. **Encrypt:** AES-256-GCM with random nonce 4. **Store:** Move to deal/folder directory 5. **AI Process:** Generate summary, tags, embeddings 🆕 6. **Index:** Store metadata + embedding in database 7. **Cleanup:** Remove temp file ## AI/Embeddings Pipeline ### Document Processing Workflow 1. **Upload:** User uploads document 2. **Extract:** Convert to text (PDF, DOCX, XLSX support) 3. **Analyze:** Send to K2.5 for: - Content summarization → `files.ai_summary` - Tag extraction → `files.ai_tags` - Key metrics extraction - Risk factor identification - Classification 4. **Embed:** Generate vector embeddings for semantic search 5. **Store:** Save analysis results ### Atlas AI Features 🆕 1. **Folder Summaries** — analyze folder contents, generate natural language summary + completeness score 2. **Diligence Request Assessment** — auto-match uploaded docs to request items, set fulfilled/partial/missing with confidence scores 3. **Deal Score Computation** — weighted model: - 35% Diligence completion - 25% Buyer engagement score - 20% Response velocity - 20% Red flag mitigation 4. **IC Memo Generation** — structured memo from deal documents: - Executive Summary, Business Model, Financial Analysis, Key Risks, Diligence Gaps, Valuation Considerations, Recommendation 5. **Context-Aware Chat** — sidebar chat scoped to current deal, queries files/folders/requests/engagement 6. **AI Insights** — proactive risk flags and recommendations stored per deal ### Semantic Search - **Vector Storage:** SQLite with vector extension - **Similarity:** Cosine similarity for document matching - **Hybrid Search:** Combine keyword + semantic results - **Access Control:** Filter results by user permissions ## Security Model ### Authentication - **Email/Password:** Primary auth method 📝 - **Magic Link:** Optional passwordless login - **Demo Login:** Seller/buyer demo accounts 🆕 - **Session Management:** Secure HTTP-only cookies - **Token Expiry:** 24-hour sessions with automatic refresh - **Rate Limiting:** Prevent brute force attacks ### Authorization - **RBAC:** Organization-level roles (owner/admin/member/viewer) 📝 - **Seller/Buyer views:** Role-based UI filtering 🆕 - **Buyer group scoping:** Buyers see only their assigned content 🆕 - **Audit Trail:** All actions logged with user attribution ### Data Protection - **Encryption at Rest:** AES-256-GCM for files, encrypted SQLite - **Encryption in Transit:** HTTPS only, HSTS headers - **File Security:** Watermarking, download restrictions, sensitivity flags 🆕 - **NDA Gating:** Require signed NDA before deal room access 🆕 - **Tenant Isolation:** Organization-level data isolation 🆕 ### Settings-Configurable Security 🆕 - MFA requirement toggle - IP allowlisting - Session timeout configuration - Download watermarking toggle - View-only mode for buyers ## Deployment Architecture ### Single Binary Approach ``` dealroom ├── Static assets embedded (CSS, JS) ├── Templates compiled ├── Database migrations └── Configuration via environment variables ``` ### Configuration ```bash # Database DB_PATH=/data/db/dealroom.db DB_KEY= # File Storage FILES_PATH=/data/files BACKUP_PATH=/data/backups # AI Service K25_API_URL=http://k2.5:8080 K25_API_KEY= # Server PORT=8080 BASE_URL=https://dealroom.company.com SESSION_SECRET= # Email (for magic links) SMTP_HOST=smtp.company.com SMTP_USER=dealroom@company.com SMTP_PASS= ``` ## Development Workflow ### Project Structure ``` dealroom/ ├── cmd/dealroom/main.go # Application entry point ├── internal/ │ ├── db/ # Database layer │ ├── rbac/ # RBAC engine │ ├── store/ # File storage │ ├── ai/ # K2.5 integration │ ├── handler/ # HTTP handlers │ └── model/ # Data models ├── templates/ # templ templates ├── static/ # Static assets ├── migrations/ # Database migrations ├── Dockerfile ├── Makefile └── README.md ``` ### Build & Run ```bash make build # Build binary make run # Run in development mode make test # Run tests make migrate # Run database migrations make docker # Build Docker image ``` ## Implementation Phases ### Phase 1: Core Platform (4 weeks) - Authentication (email/password + sessions) - Organization + user role management 🆕 - Deal CRUD with stage tracking 📝 - Folder tree management 🆕 - File upload with encryption - Basic RBAC (seller/buyer views) 📝 ### Phase 2: Diligence & Collaboration (3 weeks) - Diligence request lists with sections 🆕 - CSV bulk import for requests 🆕 - Buyer/seller inline comments 🆕 - Buyer group filtering 🆕 - Activity feeds and audit log - Contact management 🆕 ### Phase 3: AI Integration (3 weeks) 📝 - K2.5 document analysis (summary, tags) - Atlas folder summaries + completeness scores 🆕 - Diligence request auto-assessment 🆕 - Deal score computation engine 🆕 - IC Memo generation 🆕 - Embeddings and semantic search - AI insights system 🆕 ### Phase 4: Analytics & Engagement (2 weeks) 🆕 - Buyer engagement tracking - Intent signals and alerts - Deal close probability dashboard - Engagement timeline ### Phase 5: Production Readiness (2 weeks) - NDA gating flow 🆕 - Security settings (watermarking, download controls) 🆕 - Settings UI (profile, org, security) 📝 - Platform guide/documentation page 🆕 - Performance optimization - Security hardening ### Phase 6: Advanced Features (3 weeks) - Workflow automation engine 🆕 - CRM integrations (Salesforce, HubSpot) 🆕 - Task management system 🆕 - Demo login system 🆕 - Advanced reporting - White-label/theming 🆕 Total estimated development time: **17 weeks** with dedicated development team. ## Success Metrics ### Technical Metrics - **Uptime:** >99.9% availability - **Response Time:** <200ms for page loads - **File Upload:** <30s for 100MB files - **Search Latency:** <500ms for semantic search ### Business Metrics - **User Adoption:** Active users per deal room - **Document Velocity:** Files uploaded/downloaded per day - **Security Events:** Zero unauthorized access incidents - **User Satisfaction:** NPS > 8 for ease of use - **AI Accuracy:** >80% confidence on diligence auto-assessment 🆕 ## Conclusion Deal Room represents a modern, security-first approach to Investment Banking document management. By leveraging the proven inou-portal pattern with Go's performance characteristics and AI-enhanced document analysis, we deliver a solution that meets the demanding requirements of financial services while maintaining operational simplicity through single-binary deployment. The Lovable prototype validated the core feature set and revealed several features not in the original spec — particularly the diligence request system, IC memo generation, buyer engagement analytics, and the Atlas AI integration points. These have been incorporated into this spec while maintaining our Go+HTMX architecture decisions.