# Dealspace MVP Scope **Version:** 1.0 — 2026-02-28 **Status:** Planning. Defines what ships in v1.0 vs what comes later. --- ## Executive Summary v1.0 ships a complete, end-to-end M&A deal workflow. An IB advisor can run a real deal from first request to buyer data room access. No AI matching, no external integrations, no mobile — just the core flow that makes Dealspace useful on day one. **Target:** 6 sprints. Demoable to Misha after Sprint 2. Shippable after Sprint 6. --- ## 1. v1.0 Scope (Must Ship) ### What the IB Analyst Needs on Day 1 1. **Create a project** — name it, configure workstreams (Finance, Legal, IT, HR, Operations) 2. **Invite participants** — seller admin, seller workers, assign to workstreams 3. **Issue request list** — create requests, set priority/due dates, assign to seller users 4. **Track progress** — see what's answered, what's pending, who's blocking 5. **Vet answers** — approve or reject with comments 6. **Publish to data room** — approved answers become visible to buyers 7. **Onboard buyers** — invite buyer teams, they see published content That's the minimum viable deal. Everything below supports this flow. ### Core Features — v1.0 | Feature | Details | |---------|---------| | **Entry Model** | Project → Workstream → Request List → Request/Answer. Full tree per SPEC.md. | | **RBAC** | All 7 roles: `ib_admin`, `ib_member`, `seller_admin`, `seller_member`, `buyer_admin`, `buyer_member`, `observer`. Workstream-scoped permissions. | | **Task Inbox** | The worker view. Seller members see "What do I need to do?" — not the full deal room. | | **Request Routing Chain** | Forward to CFO → forward to accountant → done → returns up the chain. `assignee_id`, `return_to_id`, `origin_id` fields. | | **File Upload** | Attach files to answers. Stored compressed + encrypted. | | **PDF Watermarking** | Dynamic watermark at serve time: `{user_name} · {org_name} · {datetime} · CONFIDENTIAL`. PDF only in v1.0. | | **Answer Vetting** | IB reviews submitted answers. Approve → published. Reject → back to seller with comment. | | **Data Room** | Buyer view: see published answers only. Pre-dataroom content invisible (DB-level, not UI filter). | | **Invite Flow** | Email-based invites. Accept → set password → you're in. | | **Auth** | Email + password. TOTP (2FA) required for admin roles. Session tokens with refresh. | | **Audit Log** | Every access grant, file download, status change, login. Never disabled. | | **Marketing Website** | muskepo.com — embedded in binary. Simple landing, signup CTA. | ### What's NOT in v1.0 | Feature | Why Not Now | |---------|-------------| | **AI Matching** | Fireworks embeddings + cosine similarity is straightforward, but human confirmation UX adds scope. v1.1. | | **Email/Slack/Teams Integration** | OAuth flows, DKIM verification, thread mapping — complex auth + security surface. v1.1+. | | **Video Watermarking** | ffmpeg transcoding at serve time is CPU-intensive, needs worker queue. v1.1. | | **DOCX/XLSX Watermarking** | XML manipulation is fiddly; PDF covers 80% of use cases. v1.1. | | **MCP Server** | Depends on stable schema + real usage patterns to know what tools matter. v2.0. | | **SSO/SAML** | Enterprise feature. Password + TOTP is fine for launch. v2.0. | | **Key Rotation** | Ship with a good initial key derivation setup. Document rotation procedure for v1.1. | | **Mobile App** | Never, or much later. Responsive web handles phones. | | **Public API** | Let the product stabilize first. v2.0. | | **Webhooks** | Same — need to know what events matter. v2.0. | | **Custom Themes** | Built-in Light/Dark/High-contrast is enough. Per-project branding is v2.0. | | **White-labeling** | Per-firm branding is enterprise upsell. v2.0. | --- ## 2. v1.1 Scope Ship within 4-6 weeks after v1.0 launch. | Feature | Details | |---------|---------| | **AI Matching** | Embed request text (Fireworks nomic-embed-text-v1.5). Score ≥ 0.72 → suggest match. Human clicks "Confirm" or "Not a match". | | **DOCX Watermarking** | Inject watermark into document.xml header/footer. | | **XLSX Watermarking** | Sheet protection + watermark row at top. | | **Answer Broadcast** | One answer satisfies N requests → all requesters notified. Uses `answer_links` table. | | **Delegation** | Out-of-office routing. "Forward my tasks to X until date Y." | | **Email Channel (Inbound)** | Accept replies via email. DKIM verification required. Map to entry via `channel_threads`. | | **Key Rotation Procedure** | Documented + tested process for rotating project encryption keys. | --- ## 3. v2.0 Scope 6+ months out. After real customers are using the platform. | Feature | Details | |---------|---------| | **MCP Server** | Expose deal context to AI tools. Read: list requests, query answers. Write: suggest routing (human confirmation). | | **SSO/SAML** | Okta, Azure AD, etc. Enterprise requirement for larger banks. | | **Slack/Teams Integration** | Participate in deals without logging in. Thread-mapped via `channel_threads`. | | **Custom Themes** | Per-project brand colors + logo. CSS vars make this trivial once prioritized. | | **Public API** | RESTful API with API keys. Document with OpenAPI. | | **Webhooks** | Push notifications: answer published, request overdue, buyer accessed. | | **Per-Firm White-labeling** | "Powered by [hidden]" — full brand takeover. Enterprise pricing. | | **Video Watermarking** | ffmpeg overlay pipeline. Needs worker queue for CPU-bound transcoding. | --- ## 4. Build Order (v1.0 Sprints) ### Sprint 1: Foundation (Week 1-2) **Goal:** Skeleton that boots, connects to DB, returns health check. - [ ] Project structure per SPEC.md 11.1 - [ ] SQLite + migrations (8 tables from SPEC.md 16.6) - [ ] `lib/crypto.go` — Pack/Unpack, AES-256-GCM, key derivation - [ ] `lib/types.go` — Entry, User, Access structs - [ ] `lib/dbcore.go` — EntryRead, EntryWrite, EntryDelete (the three choke points) - [ ] `lib/rbac.go` — CheckAccess, role definitions - [ ] `lib/store.go` — ObjectStore interface + filesystem impl - [ ] `api/middleware.go` — logging, CORS, panic recovery - [ ] `api/routes.go` — `/health` returns 200 - [ ] Basic config loading from `.env` - [ ] `make build`, `make run`, `make test` **Demo:** `curl /health` returns `{"status":"ok"}`. ### Sprint 2: Core Flow (Week 3-4) **Goal:** Create project, workstreams, requests. Invite users. This is the first Misha demo. - [ ] User registration + login (email/password) - [ ] Session management (JWT or opaque tokens) - [ ] `POST /api/projects` — create project - [ ] `POST /api/workstreams` — create workstream under project - [ ] `POST /api/requests` — create request under workstream - [ ] `GET /api/projects/:id` — project with workstreams tree - [ ] `GET /api/workstreams/:id/requests` — requests in workstream - [ ] Invite flow — generate invite link, accept, set password - [ ] Access grants — assign role + workstream to user - [ ] Basic portal UI: login, project list, workstream tabs, request list **Demo:** Johan logs in as IB admin, creates "TechCorp Sale" project, adds Finance workstream, creates request "Provide audited financials FY2024", invites seller user. ### Sprint 3: Worker View (Week 5-6) **Goal:** Task inbox. The accountant sees what they need to do. - [ ] `GET /api/inbox` — returns entries where `assignee_id = me` - [ ] Task inbox UI — list of "my tasks" with status, due date, priority - [ ] Request detail view — see full request, thread of events - [ ] Forward action — assign to someone else, set `return_to_id` - [ ] Return action — mark done, returns to `return_to_id` - [ ] entry_events table population — every action creates event - [ ] Routing chain visibility for IB admin **Demo:** Seller accountant logs in, sees "Provide audited financials" in their inbox, clicks in, sees request details. ### Sprint 4: Files (Week 7-8) **Goal:** Upload answers with attachments. Download with watermark. - [ ] `POST /api/answers` — create answer linked to request - [ ] File upload endpoint — stores via ObjectStore - [ ] File metadata in answer's Data JSON - [ ] `lib/watermark.go` — PDF watermark injection - [ ] `GET /api/files/:id` — serve file with watermark applied - [ ] Answer submission — seller marks answer ready for review - [ ] UI: upload files, attach to answer, submit **Demo:** Accountant uploads PDF, submits answer. Downloads their own upload — watermark shows their name + timestamp. ### Sprint 5: Data Room (Week 9-10) **Goal:** IB vets answers. Approved → published to data room. Buyers see it. - [ ] Answer vetting UI — IB sees submitted answers - [ ] Approve action — `status = approved`, `stage = dataroom` - [ ] Reject action — `status = rejected`, add rejection reason, back to seller - [ ] Data room view — buyers see published answers only - [ ] Buyer invite flow — same as seller but buyer roles - [ ] Stage-based visibility in CheckAccess — buyers can't see pre-dataroom - [ ] Audit log writes for vetting actions + file downloads **Demo:** IB approves answer. Logs in as buyer — sees the published answer in data room. Downloads PDF — watermark shows buyer's name. ### Sprint 6: Polish (Week 11-12) **Goal:** Production-ready. Marketing site. Demo data. Deploy. - [ ] TOTP (2FA) for admin roles - [ ] Password reset flow - [ ] Marketing website — embedded in binary, serves at `/` - [ ] Demo data seed script — realistic TechCorp Sale scenario - [ ] Error handling polish — consistent error responses - [ ] Rate limiting on auth endpoints - [ ] Caddy config for muskepo.com - [ ] systemd unit for Dealspace binary - [ ] Deploy to 82.24.174.112 - [ ] Smoke test checklist **Demo:** Full flow end-to-end. Marketing site live at muskepo.com. --- ## 5. Demo Scenario **Setup:** IB advisor at Goldman Sachs is selling TechCorp, a mid-market tech company. First 10 minutes in Dealspace. ### Minute 0-2: Create the Deal 1. **Login** → IB admin dashboard (empty state: "Create your first project") 2. **Click "New Project"** → Modal: Project name, deal type, expected close date - Name: "TechCorp Sale" - Type: "Sell-side M&A" - Expected close: 2026-06-30 3. **Create** → Lands in project view with default workstreams **Screen:** Project header (TechCorp Sale), workstream tabs (Finance | Legal | IT | HR | Operations), empty request list. ### Minute 2-4: Configure Workstreams 1. **Click Finance tab** → Empty state: "No requests yet" 2. **Click "Add Request List"** → Name: "Initial Due Diligence" 3. **Add requests** (quick-add mode, one per line): - "Audited financial statements FY2023-2025" (Priority: High) - "Revenue breakdown by customer top 20" (Priority: High) - "Cap table and option pool details" (Priority: Normal) - "AR/AP aging reports" (Priority: Normal) 4. **Repeat for Legal tab:** - "Material contracts list" - "IP portfolio summary" - "Pending litigation summary" **Screen:** Finance tab shows 4 requests, all status "Open", assigned to "Seller (unassigned)". ### Minute 4-6: Invite Seller Team 1. **Click "Manage Team"** → Team panel slides out 2. **Click "Invite Seller"** → Enter email: sarah@techcorp.com - Role: Seller Admin - Message: "Welcome to the TechCorp sale process. You'll manage your team's responses." 3. **Send invite** → Sarah gets email with magic link 4. **Add another:** mike@techcorp.com - Role: Seller Member - Workstreams: Finance (checkbox) - Message: "You'll be handling the financial document requests." **Screen:** Team panel shows: Johan (IB Admin), Sarah (Seller Admin - Pending), Mike (Seller Member - Pending). ### Minute 6-8: Seller Accepts & Sees Inbox *Switch to Sarah's perspective* 1. **Sarah clicks invite link** → Set password screen → Sets password → Lands in app 2. **Dashboard:** "TechCorp Sale" project card, 7 requests awaiting assignment 3. **Click into project** → Sees all requests, can assign to team 4. **Assigns "Audited financial statements" to Mike** *Switch to Mike's perspective* 1. **Mike clicks invite link** → Set password → Lands in app 2. **Task Inbox:** Shows 1 task — "Audited financial statements FY2023-2025" - From: Goldman Sachs - Due: 2026-03-15 - Priority: High 3. **Click task** → Request detail: full description, empty answer area 4. **Upload button** → Select PDF → File uploads 5. **"Submit Answer"** → Status changes to "Submitted" **Screen:** Mike's inbox now empty. Task shows "Submitted" status. ### Minute 8-10: IB Vets & Publishes *Back to Johan (IB admin)* 1. **Notification badge:** "1 answer ready for review" 2. **Click into vetting queue** → Shows Mike's submitted answer 3. **Preview PDF** → Watermark visible: "Johan Jongsma · Goldman Sachs · 2026-02-28 · CONFIDENTIAL" 4. **Click "Approve & Publish"** → Answer moves to data room 5. **Status updates:** Request shows "Published ✓" **Later: Onboard buyer** 1. **"Invite Buyer"** → buyer@apollo.com, Buyer Admin 2. **Buyer logs in** → Sees data room with 1 published document 3. **Downloads PDF** → Watermark: "Tom Smith · Apollo · 2026-02-28 · CONFIDENTIAL" **End state:** One complete request cycle. IB created request → Seller answered → IB vetted → Buyer accessed. Watermarks prove chain of custody. --- ## 6. Success Metrics for v1.0 Not revenue. Product quality. What makes this a success before a single dollar changes hands? ### Functionality Metrics | Metric | Target | |--------|--------| | **End-to-end completion** | One full request cycle (create → answer → vet → publish → buyer download) works without errors | | **RBAC enforcement** | Zero test cases where user sees/modifies data they shouldn't | | **Watermark integrity** | 100% of downloaded PDFs have correct watermark with actual user/org/timestamp | | **Audit completeness** | Every file download and status change has audit log entry | ### Performance Metrics | Metric | Target | |--------|--------| | **Page load (p95)** | < 500ms for inbox, project view, request detail | | **File upload** | < 2s for 10MB PDF | | **Watermarked download** | < 3s for 10MB PDF (watermark applied at serve time) | | **Concurrent users** | Handle 50 simultaneous users without degradation | ### Usability Metrics (Misha Demo) | Metric | Target | |--------|--------| | **Time to first request** | IB admin can create project + first request in < 2 minutes | | **Worker clarity** | Seller member understands their task inbox within 30 seconds of first login | | **Zero training** | Misha can complete demo scenario without Johan explaining UI | ### Security Metrics | Metric | Target | |--------|--------| | **No plaintext content** | All Summary/Data fields encrypted in DB — `SELECT` returns gibberish | | **Session security** | Tokens expire, refresh works, logout invalidates | | **TOTP enforcement** | Admin roles blocked from sensitive actions without 2FA | ### Reliability Metrics | Metric | Target | |--------|--------| | **Uptime** | 99% in first month (allows for hotfixes) | | **Data integrity** | Zero data loss, zero corruption in normal operation | | **Graceful errors** | No unhandled panics in production logs | --- ## 7. Risk Mitigations | Risk | Mitigation | |------|------------| | **PDF watermarking is slow** | Cache watermarked versions per (file, user, hour). Invalidate on user/project change. | | **RBAC bugs expose data** | Every CheckAccess path has explicit test. No data query without RBAC. | | **Demo fails in front of Misha** | Sprint 2 demo is minimal. Practice run before call. Fallback: video recording. | | **Scope creep** | This document is the contract. Features not listed are explicitly v1.1+. | | **Key management** | Ship with per-project derived keys. Rotation documented but not automated in v1.0. | --- ## 8. Open Questions Resolve before Sprint 3: 1. **Invite UX:** Magic link (one-click) vs. invite code (manual entry)? - Lean: Magic link. Simpler UX, standard pattern. 2. **Request quick-add:** Inline form vs. bulk paste (one per line)? - Lean: Both. Inline for singles, paste mode for mass import. 3. **Notification strategy:** In-app only, or email for key events? - Lean: In-app only for v1.0. Email notifications are v1.1. 4. **Watermark font:** System font or embedded? - Lean: Embedded. Consistent across all environments. --- *This document defines v1.0. Features not listed here are not in v1.0. No exceptions without updating this document first.*