Architecture playbook

Our house defaults. We deviate when the problem demands it, but starting with a strong opinion beats starting from scratch on every project.

Default stack

  • Frontend: React + TypeScript, TanStack Router, Tailwind, shadcn.
  • Backend: TypeScript server functions on edge or Node.
  • Data: Postgres (Supabase or RDS) with row-level security.
  • Auth: Managed identity, JWT httpOnly, refresh rotation.
  • Infra: Cloudflare or Vercel edge, IaC via Terraform where warranted.

Architecture principles

  • Boring where it counts. Novelty at the edges, not the core.
  • Fewer moving parts. Monoliths first, split when data tells us to.
  • Own the data model. The schema outlives the framework.
  • Observability from day one. Sentry, logs, and traces before feature flags.
  • Reversible decisions. Two-way doors get made fast, one-way doors get docs.

AI & ML defaults

  • Retrieval before fine-tuning, always.
  • Golden-set + rubric evals wired into CI.
  • Per-tenant prompt scoping and PII redaction at the edge.
  • Model-provider abstraction so vendors are interchangeable.

Security posture

Least-privilege by default, secrets in a managed vault, audit logging on privileged actions, third-party dependency scanning on every PR. See our security page for the full posture.

Next step

Ready to scope your build?

NDA-first intake. Senior-only teams. Production-ready increments every sprint.

Schedule a call