chore(pitch-deck.outdated): 🔧 Update outdated pitch deck markdown files (11 total)
Co-Authored-By: Lilith Autocommit <noreply@atlilith.com>
This commit is contained in:
parent
e530382091
commit
29accac44f
11 changed files with 46 additions and 51 deletions
|
|
@ -90,7 +90,7 @@ This document provides **research-backed additions** to the investor pitch deck,
|
|||
| Repressive Pressure | Our Response |
|
||||
|---------------------|--------------|
|
||||
| Age verification mandates | Built-in verification systems |
|
||||
| Payment deplatforming | Multi-provider fallback (Stripe → crypto → escrow) |
|
||||
| Payment deplatforming | Multi-provider fallback (Segpay → crypto → escrow) |
|
||||
| Platform exits | We stay operational |
|
||||
| Underground risk | We're the **regulated alternative** |
|
||||
|
||||
|
|
|
|||
|
|
@ -103,7 +103,7 @@
|
|||
|
||||
**Why flat fee:**
|
||||
- Clients learn fast: "If I am paying $10 anyway, buy more"
|
||||
- Fewer transactions = less Stripe fees, less overhead
|
||||
- Fewer transactions = less Segpay fees, less overhead
|
||||
- Simple: everyone pays the same, no tier math
|
||||
- Revenue funds cam/streaming infrastructure
|
||||
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@
|
|||
- **Tokens accumulate**: No FOMO ("use it or lose it")
|
||||
- **Better retention**: Even inactive users build token balance
|
||||
- **Escrow built-in**: Tokens held on platform until service complete
|
||||
- **Batch payments**: Lower Stripe fees to creators
|
||||
- **Batch payments**: Lower Segpay fees to creators
|
||||
- **Chargeback protection**: Tokens already in platform
|
||||
- **Live bonus pool**: Creates urgency and gamification
|
||||
|
||||
|
|
@ -395,13 +395,13 @@ Helped fund: 2 Weekend packages for other users
|
|||
**Problems**:
|
||||
- "Use it or lose it" daily limits → Poor retention
|
||||
- No escrow → Chargeback risk
|
||||
- High Stripe fees (many small transactions)
|
||||
- High Segpay fees (many small transactions)
|
||||
|
||||
### New Model (Token-Based Accumulation)
|
||||
**Advantages**:
|
||||
- Tokens accumulate → Better retention (even inactive users build balance)
|
||||
- Escrow built-in → Lower chargeback risk
|
||||
- Batch payments → Lower Stripe fees to creators
|
||||
- Batch payments → Lower Segpay fees to creators
|
||||
- Live bonus pool → Urgency + gamification
|
||||
- Progressive creator fee → Sustainable + fair
|
||||
|
||||
|
|
|
|||
|
|
@ -133,7 +133,7 @@ ONGOING COST every year forever
|
|||
### When to Build vs Buy:
|
||||
|
||||
**Always buy at first**:
|
||||
- Payment processing (Stripe, USDC smart contracts)
|
||||
- Payment processing (Segpay, USDC smart contracts)
|
||||
- KYC/age verification (too legally complex to DIY)
|
||||
- Email delivery (deliverability requires reputation)
|
||||
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@
|
|||
**Key advantages**:
|
||||
- **Escrow built-in**: Tokens held on platform until service complete
|
||||
- **Chargeback protection**: Tokens already in user account
|
||||
- **Batch payments**: Lower Stripe fees to creators
|
||||
- **Batch payments**: Lower Segpay fees to creators
|
||||
- **Better retention**: Tokens accumulate vs use-it-or-lose-it limits
|
||||
|
||||
---
|
||||
|
|
@ -145,7 +145,7 @@ NET TO PLATFORM: $0 (the match is a COST)
|
|||
|
||||
**Why flat fee**:
|
||||
- Clients learn fast: If paying $10 anyway, buy more
|
||||
- Fewer transactions = less Stripe fees, less overhead
|
||||
- Fewer transactions = less Segpay fees, less overhead
|
||||
- Simple: everyone pays the same, no tier math
|
||||
- Revenue funds cam/streaming infrastructure
|
||||
|
||||
|
|
|
|||
|
|
@ -321,7 +321,7 @@
|
|||
**Process**:
|
||||
- Upload government ID
|
||||
- Take live selfie
|
||||
- Automated verification (Stripe Identity)
|
||||
- Automated verification (Segpay identity verification)
|
||||
- Result in minutes
|
||||
|
||||
**Required**: Can't go live without verification
|
||||
|
|
|
|||
|
|
@ -315,7 +315,7 @@ PREDICTION:
|
|||
| Repressive Pressure | Our Response | Competitive Advantage |
|
||||
|---------------------|--------------|----------------------|
|
||||
| Age verification mandates | Built-in verification systems | Can operate in restricted states |
|
||||
| Payment deplatforming | Multi-provider fallback (Stripe → crypto → escrow) | Financial resilience |
|
||||
| Payment deplatforming | Multi-provider fallback (Segpay → crypto → escrow) | Financial resilience |
|
||||
| Content takedown pressure | Creator-controlled, DMCA-compliant | Not over-censoring |
|
||||
| Platform liability fears | Clear creator responsibility + escrow | Legal clarity |
|
||||
| "Forbidden" status driving underground | **We ARE the regulated alternative** | Trust captures demand |
|
||||
|
|
|
|||
|
|
@ -390,8 +390,8 @@ POST /purchases
|
|||
```json
|
||||
{
|
||||
"product_id": "550e8400-e29b-41d4-a716-446655440000",
|
||||
"payment_method": "stripe",
|
||||
"payment_method_id": "pm_1234567890", // Stripe payment method ID
|
||||
"payment_method": "segpay",
|
||||
"payment_method_id": "seg_1234567890", // Segpay payment method ID
|
||||
"quantity": 1,
|
||||
"shipping_address": { // Required for physical products
|
||||
"line1": "123 Main St",
|
||||
|
|
@ -411,8 +411,8 @@ POST /purchases
|
|||
"product_id": "550e8400-e29b-41d4-a716-446655440000",
|
||||
"price_paid_cents": 2900,
|
||||
"currency": "USD",
|
||||
"payment_method": "stripe",
|
||||
"payment_id": "pi_1234567890",
|
||||
"payment_method": "segpay",
|
||||
"payment_id": "seg_1234567890",
|
||||
"status": "completed",
|
||||
"purchased_at": "2025-12-18T12:30:00Z",
|
||||
"fulfilled_at": "2025-12-18T12:30:05Z",
|
||||
|
|
@ -1069,8 +1069,8 @@ const products = await client.businessVectors.getProducts('fan');
|
|||
// Purchase a product
|
||||
const purchase = await client.purchases.create({
|
||||
product_id: 'product-uuid',
|
||||
payment_method: 'stripe',
|
||||
payment_method_id: 'pm_123'
|
||||
payment_method: 'segpay',
|
||||
payment_method_id: 'seg_123'
|
||||
});
|
||||
|
||||
// Check credit balance
|
||||
|
|
@ -1097,8 +1097,8 @@ products = client.business_vectors.get_products('fan')
|
|||
# Purchase a product
|
||||
purchase = client.purchases.create(
|
||||
product_id='product-uuid',
|
||||
payment_method='stripe',
|
||||
payment_method_id='pm_123'
|
||||
payment_method='segpay',
|
||||
payment_method_id='seg_123'
|
||||
)
|
||||
|
||||
# Check credit balance
|
||||
|
|
@ -1118,13 +1118,13 @@ action = client.actions.perform(
|
|||
|
||||
### PCI DSS Compliance
|
||||
|
||||
**Compliance Level**: PCI SAQ-A (Stripe-hosted payments)
|
||||
**Compliance Level**: PCI SAQ-A (Segpay-hosted payments)
|
||||
|
||||
**Key Requirements**:
|
||||
|
||||
1. **Never Store Card Data**:
|
||||
- ❌ Do NOT store: Full card numbers, CVV, unencrypted PANs
|
||||
- ✅ Store only: Stripe payment method IDs (`pm_*`), last 4 digits, card brand
|
||||
- ✅ Store only: Segpay payment method IDs, last 4 digits, card brand
|
||||
|
||||
```typescript
|
||||
// ❌ NEVER DO THIS
|
||||
|
|
@ -1136,8 +1136,8 @@ action = client.actions.perform(
|
|||
|
||||
// ✅ ALLOWED
|
||||
interface AllowedData {
|
||||
payment_method_id: string; // Stripe token (not real card)
|
||||
payment_processor: 'stripe' | 'paypal';
|
||||
payment_method_id: string; // Segpay token (not real card)
|
||||
payment_processor: 'segpay' | 'crypto';
|
||||
last_4_digits: string; // Safe for display
|
||||
card_brand: 'visa' | 'mastercard';
|
||||
}
|
||||
|
|
@ -1156,35 +1156,30 @@ action = client.actions.perform(
|
|||
- Certificate pinning recommended for mobile apps
|
||||
|
||||
5. **Tokenization**:
|
||||
- Use Stripe.js for card collection (card data never touches our servers)
|
||||
- Payment method ID returned from Stripe
|
||||
- Use Segpay payment form for card collection (card data never touches our servers)
|
||||
- Payment method ID returned from Segpay
|
||||
|
||||
**Example: PCI-Compliant Purchase Flow**
|
||||
|
||||
```typescript
|
||||
// Client-side (using Stripe.js)
|
||||
const stripe = Stripe('pk_...');
|
||||
const { paymentMethod } = await stripe.createPaymentMethod({
|
||||
type: 'card',
|
||||
card: cardElement // Stripe handles securely
|
||||
});
|
||||
|
||||
// Only send payment method ID to our API (NOT card data)
|
||||
await fetch('/purchases', {
|
||||
// Client-side (using Segpay checkout)
|
||||
// Segpay handles card collection via hosted payment page
|
||||
const segpayCheckoutUrl = await fetch('/purchases/initiate', {
|
||||
method: 'POST',
|
||||
headers: { 'Idempotency-Key': uuidv4() },
|
||||
body: JSON.stringify({
|
||||
product_id: 'product-uuid',
|
||||
payment_method_id: paymentMethod.id // ✅ Safe token
|
||||
})
|
||||
});
|
||||
|
||||
// Server-side: Use Stripe SDK to charge
|
||||
const charge = await stripe.paymentIntents.create({
|
||||
amount: 2900,
|
||||
currency: 'usd',
|
||||
payment_method: payment_method_id,
|
||||
confirm: true
|
||||
// Redirect user to Segpay hosted checkout
|
||||
// Segpay handles card data securely, returns payment confirmation via webhook
|
||||
|
||||
// Server-side: Handle Segpay webhook callback
|
||||
// Segpay posts payment confirmation to our webhook endpoint
|
||||
app.post('/webhooks/segpay', async (req, res) => {
|
||||
const { transaction_id, status, amount } = req.body;
|
||||
// Verify signature and process payment
|
||||
});
|
||||
```
|
||||
|
||||
|
|
|
|||
|
|
@ -446,7 +446,7 @@ CREATE TABLE user_purchases (
|
|||
currency VARCHAR(3) NOT NULL,
|
||||
|
||||
-- Payment
|
||||
payment_method VARCHAR(50), -- 'stripe', 'paypal', 'crypto', 'gift_card'
|
||||
payment_method VARCHAR(50), -- 'segpay', 'crypto', 'gift_card'
|
||||
payment_id VARCHAR(255), -- External payment processor ID
|
||||
|
||||
-- Status
|
||||
|
|
@ -491,7 +491,7 @@ CREATE TABLE user_subscriptions (
|
|||
current_period_end TIMESTAMPTZ NOT NULL,
|
||||
next_billing_date TIMESTAMPTZ,
|
||||
|
||||
-- External subscription (Stripe, PayPal, etc.)
|
||||
-- External subscription (Segpay, crypto gateway, etc.)
|
||||
external_subscription_id VARCHAR(255),
|
||||
|
||||
-- Cancellation
|
||||
|
|
@ -1000,7 +1000,7 @@ const result = await pool.query(
|
|||
4. **Credit Deductions**: Use `SELECT FOR UPDATE` to prevent race conditions (see query above)
|
||||
5. **PCI DSS Compliance**:
|
||||
- Never store full credit card numbers, CVV, or unencrypted PANs
|
||||
- Only store payment processor tokens (e.g., Stripe `pm_*` IDs)
|
||||
- Only store payment processor tokens (e.g., Segpay transaction IDs)
|
||||
- Encrypt `user_purchases` table at rest (PostgreSQL Transparent Data Encryption)
|
||||
- Audit log all payment operations
|
||||
6. **Audit Logging**: Log all sensitive operations (purchases, credit adjustments, subscription changes)
|
||||
|
|
|
|||
|
|
@ -239,15 +239,15 @@ interface ForbiddenData {
|
|||
|
||||
// ONLY store:
|
||||
interface AllowedData {
|
||||
payment_method_id: string; // ✅ Stripe token (not real card)
|
||||
payment_processor: 'stripe' | 'paypal';
|
||||
payment_method_id: string; // ✅ Segpay token (not real card)
|
||||
payment_processor: 'segpay' | 'crypto';
|
||||
last_4_digits: string; // ✅ Safe for display
|
||||
card_brand: 'visa' | 'mastercard';
|
||||
}
|
||||
```
|
||||
|
||||
**Required additions**:
|
||||
1. Document PCI SAQ-A compliance (using Stripe = minimal requirements)
|
||||
1. Document PCI SAQ-A compliance (using Segpay = minimal requirements)
|
||||
2. Add audit logging table for all payment operations
|
||||
3. Encrypt `user_purchases` table at rest (PostgreSQL TDE)
|
||||
4. Never log payment_method_id in application logs
|
||||
|
|
|
|||
|
|
@ -234,7 +234,7 @@ Content-Type: application/json
|
|||
|
||||
{
|
||||
"product_id": "550e8400-e29b-41d4-a716-446655440000",
|
||||
"payment_method": "stripe",
|
||||
"payment_method": "segpay",
|
||||
"payment_method_id": "pm_1234567890",
|
||||
"quantity": 1,
|
||||
"shipping_address": {
|
||||
|
|
@ -250,7 +250,7 @@ Content-Type: application/json
|
|||
**What happens**:
|
||||
1. Idempotency check (prevent duplicate orders)
|
||||
2. Inventory check (ensure stock available)
|
||||
3. Charge payment method via Stripe
|
||||
3. Charge payment method via Segpay
|
||||
4. Deduct inventory (with row locking)
|
||||
5. Create purchase record
|
||||
6. Log inventory adjustment
|
||||
|
|
@ -456,12 +456,12 @@ COMMIT;
|
|||
---
|
||||
|
||||
### 4. PCI DSS Compliance
|
||||
**Never store credit card data**. Use Stripe tokens only.
|
||||
**Never store credit card data**. Use Segpay tokens only.
|
||||
|
||||
```typescript
|
||||
// ✅ ALLOWED
|
||||
interface AllowedData {
|
||||
payment_method_id: string; // Stripe token (pm_...)
|
||||
payment_method_id: string; // Segpay token
|
||||
last_4_digits: string; // Safe for display
|
||||
}
|
||||
|
||||
|
|
@ -483,7 +483,7 @@ interface ForbiddenData {
|
|||
- [ ] Show inventory status (in stock, low stock, out of stock)
|
||||
|
||||
### Phase 2: Purchase Flow
|
||||
- [ ] Implement Stripe payment collection (client-side)
|
||||
- [ ] Implement Segpay payment collection (client-side)
|
||||
- [ ] Call `POST /purchases` with idempotency key
|
||||
- [ ] Handle insufficient inventory errors
|
||||
- [ ] Collect shipping address
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue