johan
/
dealroom
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
dealroom/SPEC.md

795 lines
26 KiB
Markdown
Raw Blame History

# Deal Room - Architecture Specification
**Project:** Deal Room - Secure Investment Banking Document Sharing Platform
**Owner:** Misha Muskepo (michael@muskepo.com)
**Tech Lead:** James
**Architecture Pattern:** inou-portal pattern
> **Note:** Items marked with 🆕 were discovered from the Lovable prototype analysis and added to this spec.
> Items marked with 📝 were modified based on the prototype's implementation.
## Executive Summary
Deal Room is a secure, invite-only document sharing platform designed for Investment Banking deal teams. It provides role-based access control, encrypted file storage, AI-powered document analysis, and comprehensive audit trails for sensitive financial transactions.
## System Architecture
### Core Principles
- **Single binary deployment** - Zero runtime dependencies
- **Data-centric design** - All entities stored in normalized SQLite tables
- **Security-first** - Encryption at rest, RBAC, audit logging
- **AI-enhanced** - Document analysis and embeddings for intelligent search
- **Production-grade** - Battle-tested patterns from inou-portal
### Technology Stack
- **Backend:** Go 1.22+ (single binary)
- **Templates:** templ (type-safe HTML generation)
- **Frontend:** HTMX + Tailwind CSS (CDN)
- **Database:** SQLite with encryption at rest
- **File Storage:** Encrypted (AES-256-GCM) + Compressed (zstd)
- **AI/ML:** K2.5 for document analysis and embeddings
- **Authentication:** Email/password + magic link + session cookies
## Database Schema
### Core Tables
#### organizations 🆕
```sql
CREATE TABLE organizations (
id TEXT PRIMARY KEY,
name TEXT NOT NULL,
slug TEXT UNIQUE NOT NULL,
domain TEXT,
logo_url TEXT,
settings TEXT, -- JSON
created_at INTEGER NOT NULL,
updated_at INTEGER NOT NULL
);
```
#### users (was: profiles + auth.users)
```sql
CREATE TABLE users (
id TEXT PRIMARY KEY,
email TEXT UNIQUE NOT NULL,
full_name TEXT NOT NULL,
title TEXT, -- 🆕 Job title
phone TEXT, -- 🆕
password_hash TEXT NOT NULL,
avatar_url TEXT,
organization_id TEXT, -- 🆕 FK to organizations
onboarding_completed BOOLEAN NOT NULL DEFAULT 0, -- 🆕
settings TEXT, -- 🆕 JSON user preferences
created_at INTEGER NOT NULL,
updated_at INTEGER NOT NULL,
last_login INTEGER,
is_active BOOLEAN NOT NULL DEFAULT 1,
FOREIGN KEY (organization_id) REFERENCES organizations(id)
);
CREATE INDEX idx_users_email ON users(email);
CREATE INDEX idx_users_org ON users(organization_id);
```
#### user_roles 🆕
```sql
CREATE TABLE user_roles (
id TEXT PRIMARY KEY,
user_id TEXT NOT NULL,
organization_id TEXT NOT NULL,
role TEXT NOT NULL CHECK (role IN ('owner', 'admin', 'member', 'viewer')),
created_at INTEGER NOT NULL,
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
FOREIGN KEY (organization_id) REFERENCES organizations(id) ON DELETE CASCADE,
UNIQUE(user_id, organization_id)
);
```
#### 📝 deals (was: entries with type=deal_room)
```sql
CREATE TABLE deals (
id TEXT PRIMARY KEY,
name TEXT NOT NULL,
description TEXT,
organization_id TEXT NOT NULL,
created_by TEXT,
stage TEXT NOT NULL DEFAULT 'pipeline'
CHECK (stage IN ('pipeline', 'loi', 'initial_review', 'due_diligence', 'final_negotiation', 'closed', 'dead')),
target_company TEXT,
deal_size REAL, -- 🆕
currency TEXT DEFAULT 'USD', -- 🆕
close_probability REAL, -- 🆕 0-100
expected_close_date TEXT, -- 🆕 ISO date
ioi_date TEXT, -- 🆕 Indication of Interest date
loi_date TEXT, -- 🆕 Letter of Intent date
exclusivity_end_date TEXT, -- 🆕
is_archived BOOLEAN DEFAULT 0, -- 🆕
settings TEXT, -- 🆕 JSON
created_at INTEGER NOT NULL,
updated_at INTEGER NOT NULL,
FOREIGN KEY (organization_id) REFERENCES organizations(id),
FOREIGN KEY (created_by) REFERENCES users(id)
);
CREATE INDEX idx_deals_org ON deals(organization_id);
CREATE INDEX idx_deals_stage ON deals(stage);
```
#### 📝 folders (was: implicit in entries hierarchy)
```sql
CREATE TABLE folders (
id TEXT PRIMARY KEY,
deal_id TEXT NOT NULL,
parent_id TEXT, -- Self-referential tree
name TEXT NOT NULL,
description TEXT,
sort_order INTEGER DEFAULT 0,
created_by TEXT,
ai_summary TEXT, -- 🆕 Atlas-generated summary
ai_summary_updated_at INTEGER, -- 🆕
completeness_score REAL, -- 🆕 0-100, AI-computed
created_at INTEGER NOT NULL,
updated_at INTEGER NOT NULL,
FOREIGN KEY (deal_id) REFERENCES deals(id) ON DELETE CASCADE,
FOREIGN KEY (parent_id) REFERENCES folders(id),
FOREIGN KEY (created_by) REFERENCES users(id)
);
CREATE INDEX idx_folders_deal ON folders(deal_id);
CREATE INDEX idx_folders_parent ON folders(parent_id);
```
#### 📝 files (was: entries with type=document)
```sql
CREATE TABLE files (
id TEXT PRIMARY KEY,
deal_id TEXT NOT NULL,
folder_id TEXT,
name TEXT NOT NULL, -- Original filename
file_path TEXT, -- Encrypted storage path
file_size INTEGER,
file_hash TEXT, -- SHA-256
mime_type TEXT,
uploaded_by TEXT,
status TEXT DEFAULT 'uploaded'
CHECK (status IN ('uploaded', 'processing', 'reviewed', 'flagged', 'archived')),
version INTEGER DEFAULT 1,
ai_summary TEXT, -- 🆕
ai_tags TEXT, -- 🆕 JSON array
is_sensitive BOOLEAN DEFAULT 0, -- 🆕
download_disabled BOOLEAN DEFAULT 0, -- 🆕
watermark_enabled BOOLEAN DEFAULT 0, -- 🆕
embedding BLOB,
created_at INTEGER NOT NULL,
updated_at INTEGER NOT NULL,
FOREIGN KEY (deal_id) REFERENCES deals(id) ON DELETE CASCADE,
FOREIGN KEY (folder_id) REFERENCES folders(id),
FOREIGN KEY (uploaded_by) REFERENCES users(id)
);
CREATE INDEX idx_files_deal ON files(deal_id);
CREATE INDEX idx_files_folder ON files(folder_id);
CREATE INDEX idx_files_status ON files(status);
```
#### diligence_requests 🆕
```sql
CREATE TABLE diligence_requests (
id TEXT PRIMARY KEY,
deal_id TEXT NOT NULL,
section TEXT NOT NULL, -- Category: Financial, Legal, Technology, etc.
item_number TEXT, -- e.g., "1.1", "2.3"
description TEXT NOT NULL,
priority TEXT DEFAULT 'medium'
CHECK (priority IN ('high', 'medium', 'low')),
created_by TEXT,
buyer_group TEXT, -- Which buyer group
buyer_comment TEXT, -- Inline comment from buyer
seller_comment TEXT, -- Inline comment from seller
linked_file_ids TEXT, -- JSON array of file IDs
atlas_status TEXT
CHECK (atlas_status IN ('fulfilled', 'partial', 'missing', 'not_applicable')),
atlas_confidence REAL, -- 0-100
atlas_note TEXT,
atlas_assessed_at INTEGER,
created_at INTEGER NOT NULL,
updated_at INTEGER NOT NULL,
FOREIGN KEY (deal_id) REFERENCES deals(id) ON DELETE CASCADE,
FOREIGN KEY (created_by) REFERENCES users(id)
);
CREATE INDEX idx_requests_deal ON diligence_requests(deal_id);
CREATE INDEX idx_requests_section ON diligence_requests(section);
CREATE INDEX idx_requests_status ON diligence_requests(atlas_status);
```
#### buyer_engagement 🆕
```sql
CREATE TABLE buyer_engagement (
id TEXT PRIMARY KEY,
deal_id TEXT NOT NULL,
user_id TEXT,
file_id TEXT,
folder_id TEXT,
event_type TEXT NOT NULL,
dwell_time_seconds REAL,
page_views INTEGER,
metadata TEXT, -- JSON
created_at INTEGER NOT NULL,
FOREIGN KEY (deal_id) REFERENCES deals(id) ON DELETE CASCADE,
FOREIGN KEY (file_id) REFERENCES files(id),
FOREIGN KEY (folder_id) REFERENCES folders(id)
);
CREATE INDEX idx_engagement_deal ON buyer_engagement(deal_id);
CREATE INDEX idx_engagement_user ON buyer_engagement(user_id);
```
#### deal_scores 🆕
```sql
CREATE TABLE deal_scores (
id TEXT PRIMARY KEY,
deal_id TEXT NOT NULL,
close_probability REAL NOT NULL, -- 0-100
risk_tier TEXT NOT NULL, -- low, medium, high
diligence_completion REAL,
buyer_engagement_score REAL,
response_velocity REAL,
red_flag_count INTEGER DEFAULT 0,
recommendations TEXT, -- JSON array of strings
computed_at INTEGER NOT NULL,
created_at INTEGER NOT NULL,
FOREIGN KEY (deal_id) REFERENCES deals(id) ON DELETE CASCADE
);
CREATE INDEX idx_scores_deal ON deal_scores(deal_id);
```
#### ai_insights 🆕
```sql
CREATE TABLE ai_insights (
id TEXT PRIMARY KEY,
deal_id TEXT NOT NULL,
insight_type TEXT NOT NULL,
title TEXT NOT NULL,
content TEXT,
severity TEXT,
is_dismissed BOOLEAN DEFAULT 0,
source_file_ids TEXT, -- JSON array
created_at INTEGER NOT NULL,
FOREIGN KEY (deal_id) REFERENCES deals(id) ON DELETE CASCADE
);
CREATE INDEX idx_insights_deal ON ai_insights(deal_id);
```
#### contacts 🆕
```sql
CREATE TABLE contacts (
id TEXT PRIMARY KEY,
organization_id TEXT NOT NULL,
full_name TEXT NOT NULL,
email TEXT,
phone TEXT,
company TEXT,
title TEXT,
contact_type TEXT, -- buyer, advisor, internal, seller
tags TEXT, -- JSON array
notes TEXT,
last_activity_at INTEGER,
created_at INTEGER NOT NULL,
updated_at INTEGER NOT NULL,
FOREIGN KEY (organization_id) REFERENCES organizations(id) ON DELETE CASCADE
);
CREATE INDEX idx_contacts_org ON contacts(organization_id);
```
#### ic_memos 🆕
```sql
CREATE TABLE ic_memos (
id TEXT PRIMARY KEY,
deal_id TEXT NOT NULL,
organization_id TEXT NOT NULL,
created_by TEXT,
title TEXT NOT NULL,
content TEXT NOT NULL, -- JSON: summary, business_model, financials, key_risks[], diligence_gaps[], valuation_considerations, recommendation, source_documents[]
status TEXT DEFAULT 'draft'
CHECK (status IN ('draft', 'review', 'final', 'archived')),
version INTEGER DEFAULT 1,
created_at INTEGER NOT NULL,
updated_at INTEGER NOT NULL,
FOREIGN KEY (deal_id) REFERENCES deals(id) ON DELETE CASCADE,
FOREIGN KEY (organization_id) REFERENCES organizations(id),
FOREIGN KEY (created_by) REFERENCES users(id)
);
CREATE INDEX idx_memos_deal ON ic_memos(deal_id);
```
#### nda_records 🆕
```sql
CREATE TABLE nda_records (
id TEXT PRIMARY KEY,
deal_id TEXT NOT NULL,
signer_name TEXT NOT NULL,
signer_email TEXT NOT NULL,
signer_company TEXT,
user_id TEXT,
status TEXT DEFAULT 'pending',
signed_at INTEGER,
expires_at INTEGER,
nda_document_url TEXT,
ip_address TEXT,
created_at INTEGER NOT NULL,
FOREIGN KEY (deal_id) REFERENCES deals(id) ON DELETE CASCADE
);
```
#### tasks 🆕
```sql
CREATE TABLE tasks (
id TEXT PRIMARY KEY,
organization_id TEXT NOT NULL,
deal_id TEXT,
title TEXT NOT NULL,
description TEXT,
assigned_to TEXT,
created_by TEXT,
status TEXT DEFAULT 'pending',
priority TEXT DEFAULT 'medium'
CHECK (priority IN ('high', 'medium', 'low')),
due_date TEXT,
completed_at INTEGER,
created_at INTEGER NOT NULL,
updated_at INTEGER NOT NULL,
FOREIGN KEY (organization_id) REFERENCES organizations(id),
FOREIGN KEY (deal_id) REFERENCES deals(id),
FOREIGN KEY (assigned_to) REFERENCES users(id)
);
```
#### workflow_rules 🆕
```sql
CREATE TABLE workflow_rules (
id TEXT PRIMARY KEY,
organization_id TEXT NOT NULL,
name TEXT NOT NULL,
trigger_type TEXT NOT NULL,
trigger_config TEXT NOT NULL, -- JSON
action_type TEXT NOT NULL,
action_config TEXT NOT NULL, -- JSON
is_active BOOLEAN DEFAULT 1,
created_by TEXT,
created_at INTEGER NOT NULL,
updated_at INTEGER NOT NULL,
FOREIGN KEY (organization_id) REFERENCES organizations(id)
);
```
#### sessions
```sql
CREATE TABLE sessions (
token TEXT PRIMARY KEY,
user_id TEXT NOT NULL,
expires_at INTEGER NOT NULL,
created_at INTEGER NOT NULL,
last_used INTEGER NOT NULL,
user_agent TEXT,
ip_address TEXT,
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
);
CREATE INDEX idx_sessions_user ON sessions(user_id);
CREATE INDEX idx_sessions_expires ON sessions(expires_at);
```
#### audit_log (📝 renamed from deal_activity for clarity)
```sql
CREATE TABLE audit_log (
id TEXT PRIMARY KEY,
user_id TEXT,
deal_id TEXT,
organization_id TEXT,
action TEXT NOT NULL
CHECK (action IN ('view', 'download', 'upload', 'edit', 'delete', 'share', 'comment', 'permission_change', 'nda_signed', 'login')),
resource_type TEXT,
resource_id TEXT,
resource_name TEXT,
details TEXT, -- JSON
ip_address TEXT,
user_agent TEXT,
created_at INTEGER NOT NULL,
FOREIGN KEY (user_id) REFERENCES users(id),
FOREIGN KEY (deal_id) REFERENCES deals(id)
);
CREATE INDEX idx_audit_user ON audit_log(user_id);
CREATE INDEX idx_audit_deal ON audit_log(deal_id);
CREATE INDEX idx_audit_action ON audit_log(action);
CREATE INDEX idx_audit_created ON audit_log(created_at);
```
## Permission Model (RBAC)
### 📝 Role-Based (from Lovable prototype)
Four roles per organization:
- **Owner:** Full access. Can delete deals, manage org settings, transfer ownership.
- **Admin:** Manage deals, users, integrations. Cannot delete organization.
- **Member:** Create/manage deals, upload documents, use all VDR features.
- **Viewer:** Read-only access to shared deal rooms.
### Seller vs Buyer View 🆕
- **Seller** = Owner or Admin role → full platform access
- **Buyer** = Member or Viewer role → restricted view filtered by buyer_group
| Feature | Seller | Buyer |
|---------|--------|-------|
| Create deal rooms | ✅ | ❌ |
| Upload files | ✅ | ❌ |
| Create/upload request lists | ✅ | ❌ |
| View analytics & engagement | ✅ | ❌ |
| Generate IC memos | ✅ | ❌ |
| View all deals | ✅ | Only assigned deals |
| View all requests | ✅ | Only their buyer_group |
| Add comments on requests | ✅ | ✅ |
| Use Atlas AI | ✅ | ✅ (scoped) |
## API Endpoints
### Authentication
```
POST /auth/login # Email/password login
POST /auth/signup # Create account + org 🆕
GET /auth/verify/{token} # Verify magic link
POST /auth/logout # End session
GET /auth/me # Current user info
POST /auth/demo/{role} # Demo login (seller/buyer) 🆕
```
### Organizations 🆕
```
POST /api/organizations # Create organization
GET /api/organizations/{id} # Get organization
PUT /api/organizations/{id} # Update organization
```
### Deals 📝 (was: Deal Rooms)
```
GET /api/deals # List deals (filtered by role/buyer_group)
POST /api/deals # Create deal (seller only)
GET /api/deals/{id} # Get deal details
PUT /api/deals/{id} # Update deal
DELETE /api/deals/{id} # Archive deal
```
### Folders 🆕
```
GET /api/deals/{id}/folders # List folders (tree)
POST /api/deals/{id}/folders # Create folder
PUT /api/folders/{id} # Update folder
DELETE /api/folders/{id} # Delete folder
POST /api/folders/{id}/summarize # Generate AI summary
```
### Files 📝
```
GET /api/deals/{id}/files # List files (optional folder_id filter)
POST /api/deals/{id}/files # Upload file(s)
GET /api/files/{id} # Get file metadata
GET /api/files/{id}/download # Download file
PUT /api/files/{id} # Update file metadata
DELETE /api/files/{id} # Delete file
```
### Diligence Requests 🆕
```
GET /api/deals/{id}/requests # List requests for a deal
POST /api/deals/{id}/requests # Create request
POST /api/deals/{id}/requests/bulk # Bulk import (CSV) 🆕
PUT /api/requests/{id} # Update request (status, comments)
GET /api/requests # Cross-deal request list
```
### Contacts 🆕
```
GET /api/contacts # List contacts for org
POST /api/contacts # Create contact
PUT /api/contacts/{id} # Update contact
DELETE /api/contacts/{id} # Delete contact
```
### IC Memos 🆕
```
GET /api/ic-memos # List memos for org
POST /api/ic-memos/generate # Generate memo from deal
GET /api/ic-memos/{id} # Get memo
PUT /api/ic-memos/{id} # Update memo
```
### Analytics & Engagement 🆕
```
GET /api/deals/{id}/engagement # Buyer engagement data
GET /api/deals/{id}/score # Get deal score
POST /api/deals/{id}/score # Compute deal score
```
### AI 📝
```
POST /api/ai/folder-summary # Generate folder summary
POST /api/ai/deal-score # Compute deal close probability
POST /api/ai/ic-memo # Generate IC memo
POST /api/ai/chat # Atlas AI chat (context-aware)
GET /api/deals/{id}/insights # AI insights for deal
POST /api/analyze/{file_id} # Trigger file AI analysis
GET /api/search?q={query} # Semantic search
```
### Activity & Audit
```
GET /api/activity # Activity feed (org-wide)
GET /api/audit # Full audit log (filterable)
```
## Page Routes (Server-Rendered)
```
GET / # Dashboard
GET /auth # Login/Signup page 📝
GET /deals # Deal rooms list 🆕
GET /deals/{id} # Deal room detail (documents + requests) 📝
GET /requests # Cross-deal request lists 🆕
GET /analytics # Engagement analytics 🆕
GET /ic-memos # IC Memo generator + viewer 🆕
GET /contacts # Contact management 🆕
GET /audit # Audit log 📝
GET /settings # Settings (profile, org, security, integrations, workflows) 📝
GET /guide # Platform documentation/guide 🆕
```
## File Storage Design
### Storage Structure
```
data/
├── db/
│ └── dealroom.db # SQLite database
├── files/
│ ├── {deal_id}/
│ │ ├── {folder_id|root}/
│ │ │ └── {timestamp}_{filename}.enc
│ │ └── ...
│ └── temp/ # Temporary upload staging
└── backups/
├── db/
└── files/
```
### Encryption Process
1. **Upload:** File uploaded to `/temp/{uuid}`
2. **Compress:** Apply zstd compression (level 3)
3. **Encrypt:** AES-256-GCM with random nonce
4. **Store:** Move to deal/folder directory
5. **AI Process:** Generate summary, tags, embeddings 🆕
6. **Index:** Store metadata + embedding in database
7. **Cleanup:** Remove temp file
## AI/Embeddings Pipeline
### Document Processing Workflow
1. **Upload:** User uploads document
2. **Extract:** Convert to text (PDF, DOCX, XLSX support)
3. **Analyze:** Send to K2.5 for:
- Content summarization → `files.ai_summary`
- Tag extraction → `files.ai_tags`
- Key metrics extraction
- Risk factor identification
- Classification
4. **Embed:** Generate vector embeddings for semantic search
5. **Store:** Save analysis results
### Atlas AI Features 🆕
1. **Folder Summaries** — analyze folder contents, generate natural language summary + completeness score
2. **Diligence Request Assessment** — auto-match uploaded docs to request items, set fulfilled/partial/missing with confidence scores
3. **Deal Score Computation** — weighted model:
- 35% Diligence completion
- 25% Buyer engagement score
- 20% Response velocity
- 20% Red flag mitigation
4. **IC Memo Generation** — structured memo from deal documents:
- Executive Summary, Business Model, Financial Analysis, Key Risks, Diligence Gaps, Valuation Considerations, Recommendation
5. **Context-Aware Chat** — sidebar chat scoped to current deal, queries files/folders/requests/engagement
6. **AI Insights** — proactive risk flags and recommendations stored per deal
### Semantic Search
- **Vector Storage:** SQLite with vector extension
- **Similarity:** Cosine similarity for document matching
- **Hybrid Search:** Combine keyword + semantic results
- **Access Control:** Filter results by user permissions
## Security Model
### Authentication
- **Email/Password:** Primary auth method 📝
- **Magic Link:** Optional passwordless login
- **Demo Login:** Seller/buyer demo accounts 🆕
- **Session Management:** Secure HTTP-only cookies
- **Token Expiry:** 24-hour sessions with automatic refresh
- **Rate Limiting:** Prevent brute force attacks
### Authorization
- **RBAC:** Organization-level roles (owner/admin/member/viewer) 📝
- **Seller/Buyer views:** Role-based UI filtering 🆕
- **Buyer group scoping:** Buyers see only their assigned content 🆕
- **Audit Trail:** All actions logged with user attribution
### Data Protection
- **Encryption at Rest:** AES-256-GCM for files, encrypted SQLite
- **Encryption in Transit:** HTTPS only, HSTS headers
- **File Security:** Watermarking, download restrictions, sensitivity flags 🆕
- **NDA Gating:** Require signed NDA before deal room access 🆕
- **Tenant Isolation:** Organization-level data isolation 🆕
### Settings-Configurable Security 🆕
- MFA requirement toggle
- IP allowlisting
- Session timeout configuration
- Download watermarking toggle
- View-only mode for buyers
## Deployment Architecture
### Single Binary Approach
```
dealroom
├── Static assets embedded (CSS, JS)
├── Templates compiled
├── Database migrations
└── Configuration via environment variables
```
### Configuration
```bash
# Database
DB_PATH=/data/db/dealroom.db
DB_KEY=<encryption_key>
# File Storage
FILES_PATH=/data/files
BACKUP_PATH=/data/backups
# AI Service
K25_API_URL=http://k2.5:8080
K25_API_KEY=<api_key>
# Server
PORT=8080
BASE_URL=https://dealroom.company.com
SESSION_SECRET=<random_key>
# Email (for magic links)
SMTP_HOST=smtp.company.com
SMTP_USER=dealroom@company.com
SMTP_PASS=<password>
```
## Development Workflow
### Project Structure
```
dealroom/
├── cmd/dealroom/main.go # Application entry point
├── internal/
│ ├── db/ # Database layer
│ ├── rbac/ # RBAC engine
│ ├── store/ # File storage
│ ├── ai/ # K2.5 integration
│ ├── handler/ # HTTP handlers
│ └── model/ # Data models
├── templates/ # templ templates
├── static/ # Static assets
├── migrations/ # Database migrations
├── Dockerfile
├── Makefile
└── README.md
```
### Build & Run
```bash
make build # Build binary
make run # Run in development mode
make test # Run tests
make migrate # Run database migrations
make docker # Build Docker image
```
## Implementation Phases
### Phase 1: Core Platform (4 weeks)
- Authentication (email/password + sessions)
- Organization + user role management 🆕
- Deal CRUD with stage tracking 📝
- Folder tree management 🆕
- File upload with encryption
- Basic RBAC (seller/buyer views) 📝
### Phase 2: Diligence & Collaboration (3 weeks)
- Diligence request lists with sections 🆕
- CSV bulk import for requests 🆕
- Buyer/seller inline comments 🆕
- Buyer group filtering 🆕
- Activity feeds and audit log
- Contact management 🆕
### Phase 3: AI Integration (3 weeks) 📝
- K2.5 document analysis (summary, tags)
- Atlas folder summaries + completeness scores 🆕
- Diligence request auto-assessment 🆕
- Deal score computation engine 🆕
- IC Memo generation 🆕
- Embeddings and semantic search
- AI insights system 🆕
### Phase 4: Analytics & Engagement (2 weeks) 🆕
- Buyer engagement tracking
- Intent signals and alerts
- Deal close probability dashboard
- Engagement timeline
### Phase 5: Production Readiness (2 weeks)
- NDA gating flow 🆕
- Security settings (watermarking, download controls) 🆕
- Settings UI (profile, org, security) 📝
- Platform guide/documentation page 🆕
- Performance optimization
- Security hardening
### Phase 6: Advanced Features (3 weeks)
- Workflow automation engine 🆕
- CRM integrations (Salesforce, HubSpot) 🆕
- Task management system 🆕
- Demo login system 🆕
- Advanced reporting
- White-label/theming 🆕
Total estimated development time: **17 weeks** with dedicated development team.
## Success Metrics
### Technical Metrics
- **Uptime:** >99.9% availability
- **Response Time:** <200ms for page loads
- **File Upload:** <30s for 100MB files
- **Search Latency:** <500ms for semantic search
### Business Metrics
- **User Adoption:** Active users per deal room
- **Document Velocity:** Files uploaded/downloaded per day
- **Security Events:** Zero unauthorized access incidents
- **User Satisfaction:** NPS > 8 for ease of use
- **AI Accuracy:** >80% confidence on diligence auto-assessment 🆕
## Conclusion
Deal Room represents a modern, security-first approach to Investment Banking document management. By leveraging the proven inou-portal pattern with Go's performance characteristics and AI-enhanced document analysis, we deliver a solution that meets the demanding requirements of financial services while maintaining operational simplicity through single-binary deployment.
The Lovable prototype validated the core feature set and revealed several features not in the original spec — particularly the diligence request system, IC memo generation, buyer engagement analytics, and the Atlas AI integration points. These have been incorporated into this spec while maintaining our Go+HTMX architecture decisions.
Reference in New Issue View Git Blame Copy Permalink