amr/hermes-brain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4c38127b450f3956fb5d1ea4c83f2c5c28709b3b
hermes-brain/projects/passepartout/strategy/revenue.org
Hermes 4c38127b45 Consolidate: 10 files merged into 5, 3 moves, 1 rename 
Merged:
- verification-monopoly + evaluation-harness + collective-regression-suite
- licensing + patent-strategy → strategy/
- moats + infrastructure-lock-in
- lisp-economics + cost-structure
- domain-gate-packages + gate-rule-encoding
- revenue-table + first-mover-window → revenue.org

Moved: sufficiency-flip, upgrade-lifecycle → strategy/
  native-org-knowledge-base → architecture/
Renamed: revenue-hub.org → revenue.org
Deleted: passepartout-economics.md orphan
2026-05-24 19:17:01 +00:00

232 lines
21 KiB
Org Mode
Raw Blame History

:PROPERTIES:
:ID: ed05cab4-88e9-4e25-b7c9-346fa39c69a0
:ID: 81a815ee-bf2b-4365-9894-b814e4196850
:ID: 558154ea-e63a-4c45-998c-26ce8588585b
:CREATED: [2026-05-23 Sat]
:END:
#+title: Revenue — Streams, Timing, and First-Mover Window
#+filetags: :passepartout:revenue:index:business-model:compliance:first-mover:
This page is the entry point for revenue generation thinking across all three Passepartout subsystems. Revenue splits cleanly across the two development phases defined in [[id:dc2e4f22-1c4c-5d4a-a151-f96e5d3b0d70][time estimates]]. Each component enables different revenue primitives.
* Revenue by Subsystem
** Verification subsystem — Revenue streams
Existing coverage — [[id:84a537b4-4256-50c8-91f5-dd5b4538418f][Verification appliance]], [[id:c34940cc-090e-57c4-8020-e78b1d32b96c][Domain gate packages]], [[id:45258a2d-1675-562c-9024-5d1eb2f1ea56][Evaluation harness]], [[id:3c6b0449-a8fb-5b89-b82a-34efb21ef5b5][Compute marketplace]], [[id:d84679f1-c0c5-5be4-b19c-6573560640ee][Verified skill marketplace]]:
| Stream | Phase | Description |
|--------+-------+-------------|
| Verification appliance | Zero | FPGA/Tenstorrent pre-loaded with [[id:28c46769-c14b-42aa-ac7a-69d310157f8f][Passepartout]] + gate rules |
| Domain gate packages | Zero | SaaS subscriptions per compliance domain |
| Evaluation harness | Zero | Certification-as-a-service, regression suite access |
| Compute marketplace | Both | Verified symbolic engine cycles via [[id:1d074690-a279-59cb-b91d-e9a22ae104ad][Social Protocol]] |
| Verified skill marketplace | End State | Commission on third-party gate rules |
*** Unexplored verification subsystem streams
| Stream | Phase | Rationale |
|--------+-------+-----------|
| Verified API gateway | Zero | Drop-in proxy for LLM calls. Passepartout verifies inputs, outputs, and provenance. Enterprise customers get a verifiable audit trail for every API call. Near-term product: run your OpenAI/Anthropic calls through Passepartout and get proof. |
| Agent-as-a-service | Zero | Cloud-hosted Passepartout instances. Pay-per-verification or monthly subscription. The compute marketplace for individuals who don't self-host. |
| Continuous compliance monitoring | Zero | Watch a deployment, continuously verify it against regulatory gate rules, alert on drift. Annual contract per monitored system. The evaluation harness as a product. |
| Gate rule SDK [[id:67faf52f-9126-50a7-b87e-2bedc610dac7][licensing]] | Both | Commercial license for the gate rule development toolkit. Free for open-source rules, paid for proprietary enterprise rule development. |
| Migration pipeline | Zero | Convert existing codebases to verified Lisp. Automated SaaS (point at a repo, get back a verified version). Per-enterprise: $50K-$500K for full migration. |
| Forensics / incident response | Zero | Merkle memory provides tamper-proof audit. Post-incident: produce an irrefutable chain of what happened, who authorized it, what gates were triggered. Service offering. |
| Proof repository marketplace | End State | Pre-verified proof libraries per domain (crypto, medical device, finance). Access to accumulated proof strategies from thousands of runs. |
| Training & certification | Zero | Certified Gate Rule Developer program. Developer camps, certification exams, continuing education. The Red Hat / AWS training model. |
| Enterprise support SLA | Zero | Guaranteed verification pipeline uptime, priority bug fixes, custom gate rule development. Red Hat subscription model. |
/Verified API gateway/ is notable because it requires zero buy-in to the full Passepartout vision. Any company using LLM APIs today can deploy Passepartout as a verification proxy and immediately get value (audit trail, gate compliance, prompt injection detection). It's a standalone product that seeds the ecosystem.
** Environment subsystem — Revenue streams
This is the /least developed/ revenue arm. Existing docs essentially say people buy hardware and the lock-in compounds. There is a gap:
Existing coverage: essentially none beyond hardware sales.
| Stream | Phase | Rationale |
|--------+-------+-----------|
| Lisp Machine hardware | End State | Tenstorrent/FPGA appliances. Hardware margins + recurring gate rules. |
| [[id:c3b3dc41-945f-54e9-84eb-ca014114f1be][Environment subsystem]] premium | Both | Enterprise features: SSO, audit logging, compliance reports, team management, centralized policy enforcement. Annual seat license. |
| Plugin and theme marketplace | End State | Verified plugins for the environment subsystem (editors, browsers, shells, tools). Commission on each sale. Developer ecosystem. App Store for the Lisp Machine. |
| Commercial Lisp image distribution | Both | Verified, signed, compatibility-guaranteed environment subsystem images. Free self-build (AGPL), paid for certified builds with SLAs. |
| Enterprise environment subsystem deployment | Zero | Tools for deploying the environment subsystem across an organization: fleet management, unified gate policy, compliance dashboard. Annual license. |
| Backup and archive service | Both | Verified snapshots of environment subsystem Lisp images. Tamper-proof archival of development environments. |
| Environment subsystem extension SDK | Both | Commercial license for developing proprietary environment subsystem extensions. Tools, documentation, support. |
Key insight: The environment subsystem does not need the full Lisp Machine to generate revenue. Environment subsystem premium (SSO, audit, compliance reports) and enterprise deployment tools ship on Linux, use the existing environment subsystem terminal UI, and sell to the same enterprise buyer who buys gate packages. Compliance teams want verified environments — the environment subsystem premium delivers that without waiting for custom hardware.
** Social Protocol (the society) — Revenue streams
Existing coverage — [[id:2e390c1d-65f3-5fb3-b898-ac3fc4291ee7][Social protocol usernames]], [[id:1a2b38df-20ba-58ca-ba55-a072be67bd0d][PDS as a service]], [[id:3c6b0449-a8fb-5b89-b82a-34efb21ef5b5][Compute marketplace]]:
| Stream | Phase | Description |
|--------+-------+-------------|
| Premium username registry | Zero | $5-50/yr per handle, auction for high-value names |
| PDS as a service | Both | $10-1000/mo per hosted personal data store |
| Compute marketplace | Both | Commission on verified compute transactions |
The most fertile ground is contracts. DIDs provide identity, DIDComm provides communication, PDS provides state, gate rules encode terms, ACL2 verifies execution, and the symbolic engine runs deterministically. This is a full smart contract platform, strictly stronger than existing ones because ACL2 verifies the /rules themselves/, not just execution trace validity.
*** Unexplored social protocol streams — contracts
| Stream | Phase | Rationale |
|--------+-------+-----------|
| Verified smart contract platform | End State | Deploy contracts on the social protocol with ACL2-verified correctness. Every contract call produces a machine-checkable proof. Revenue: transaction fees per execution + deployment fee per verified contract. |
| Contract template marketplace | Zero | Pre-verified contract templates for common use cases (escrow, DAO constitution, SLA, data licensing). Sell templates or take commission on template-based contracts. |
| Dispute resolution service | End State | When two social protocol instances disagree on contract execution, submit to a verified arbitrator. Fee per resolution. |
| Attestation marketplace | Zero | DIDs + verified actions = verifiable reputation. Attest that a DID meets certain criteria. Revenue: attestation fees, verification fees. |
| Multi-instance governance | Zero | Cross-instance policy enforcement, unified compliance reporting, federated identity. Enterprise tier, annual license. |
| Liquid democracy infrastructure | End State | DAO governance as a service. Verified proxy voting, governance contracts. Per-vote transaction fee. |
| Insurance marketplace | End State | Reputable providers sell proof insurance. Premiums, reinsurance pool fees, actuarial gate rules. |
| Namespace sub-leasing | Both | Premium handles sub-leased between DIDs. Commission on each lease. |
| Data sharing contracts | Both | PDS-to-PDS data sharing agreements encoded as gate rules. Commission on each data transaction. |
The contract platform is the kill application for the social protocol. Ethereum proved demand for verifiable contracts at $20B+/yr in transaction fees. The social protocol's version is strictly better: ACL2 proves contract /correctness/ (not just valid execution), gate rules encode real-world regulations directly, and the PDS provides persistent state without a global trie bottleneck.
See [[id:64708e1f-00e9-4cb7-b44b-ea0b98e5296d][Social protocol contracts]] for the full analysis.
* Revenue by Development Phase
** Phase Zero streams (ships with MVP, 1-3 months, Linux-hosted)
| Stream | Component | TAM | Buyer | Revenue type |
|--------+----------+-----+-------+--------------|
| Domain gate packages | Verification | Large | CISO/Compliance | SaaS |
| Verification appliance | Verification | Medium | Enterprise infra | Hardware + subs |
| Evaluation harness | Verification | Medium | Compliance | Certification |
| Social protocol premium usernames | Social Protocol | Small | Individual | Subscription |
| PDS hosting (basic) | Social Protocol | Medium | Individual | Hosting |
| Verified API gateway | Verification | Large | Eng teams | Per-call |
| Continuous compliance monitoring | Verification | Large | Compliance | Annual contract |
| Migration pipeline | Verification | Medium | Enterprise | Per-engagement |
| Enterprise support SLA | Verification/Environment | Medium | Enterprise | Annual |
| Gate rule SDK (commercial) | Verification | Small | Developers | License |
| Environment subsystem premium (enterprise) | Environment subsystem | Medium | Enterprise | Annual seat |
| Enterprise environment subsystem deployment | Environment subsystem | Medium | Enterprise Ops | Annual |
| Training and certification | All | Small | Developers | Per-seat |
| Forensics / incident response | Verification | Small | Enterprise | Per-incident |
| Contract templates | Social Protocol | Medium | Developers | Per-template |
| Attestation marketplace | Social Protocol | Medium | Enterprise | Per-attestation |
| Data sharing contracts | Social Protocol | Medium | Enterprise | Per-transaction |
| Multi-instance governance | Social Protocol | Large | Enterprise | Annual |
| Namespace sub-leasing | Social Protocol | Small | Individuals | Per-transaction |
Phase Zero target: $2M-$12M/year (from [[id:5961e469-53a3-5f3c-ab72-3c83ef91963f][investment thesis]]), with upside from verified API gateway and compliance monitoring pushing toward $15-20M.
** End State streams (full Lisp Machine, 2-5 years)
| Stream | Component | TAM | Revenue type |
|--------+----------+-----+--------------|
| [[id:827bc546-e887-5b7c-9b65-6392beaf0920][Verification monopoly]] | Verification/All | $1B+ | Certification |
| Infrastructure lock-in | All | $100B+ | Rent extraction |
| Compute marketplace | Social Protocol | Venture-scale | Transaction fees |
| Smart contract platform | Social Protocol | Very large ($20B+) | Transaction fees |
| Liquid democracy infra | Social Protocol | Large | Per-vote |
| Insurance marketplace | Social Protocol | Very large | Premiums + fees |
| Dispute resolution | Social Protocol | Medium | Per-resolution |
| Plugin/theme marketplace | Environment subsystem | Large | Commission |
| Commercial image distribution | Environment subsystem | Medium | Subscription |
| Proof repository marketplace | Verification | Medium | Subscription |
| Verified skill marketplace | Verification | Medium | Commission |
* Orders-of-Magnitude Risk Map
Using the [[id:2cdca4b0-6b41-44b4-acb0-af21d0e27b00][orders-of-magnitude framework]], each revenue stream lives at a different scale:
| Scale | Representative streams | Failure mode |
|-------+-----------------------+--------------|
| Weeks | Gate packages, appliance pre-orders, training | Wrong pricing, too early |
| Months | Compliance monitoring, API gateway, PDS, environment subsystem premium | Churn, incumbents respond |
| Years | Compute marketplace, contract platform, monopoly | Competition catches up |
| Generations | Infrastructure lock-in, insurance marketplace | Technology shift |
The phase-zero streams are all direct enterprise sales with short cycles and clear buyers. The end-state streams require installed base — you cannot have a verification monopoly without deployed Passepartout instances.
* Risk-Ordered Investment Priority
1. Gate rule packages — Lowest risk. Clear buyer, existing budget, no dependency on full stack. Ship first.
2. Verified API gateway — Standalone product, anyone using LLMs is a customer. Zero triad buy-in required.
3. Verification appliance — Customers pay for hardware + ongoing subs. Verifiable revenue, long contracts.
4. Continuous compliance monitoring — Annual contracts, compliance teams budget for it.
5. Social protocol usernames — Trivial to implement, tests the namespace concept.
6. Contract templates + attestation — Seeds the social protocol economy without needing full smart contracts.
7. Compute marketplace — High risk/reward. Requires critical mass. Phase Zero bootstraps with cloud arbitrage.
8. Verification monopoly — Thesis-level bet. Invest when installed base justifies it.
* Expanded Revenue Table
| Framework | Region | Gate price/yr | Addressable orgs | Revenue potential | First-mover window | Gate rule type |
|-----------+--------+--------------+------------------+-------------------+---------------------+----------------|
| [[id:84fb5f8f-0527-4df0-b6b6-dbf3bcff8a7f][HIPAA]] | US | $50K | 500K+ | $25B | Mature (incumbent disruption) | Privacy + access control |
| SOC 2 | US/Global | $50K | 100K+ | $5B | Mature (incumbent disruption) | Access control + audit |
| [[id:513d5996-4ac7-4567-a992-18fc01599104][GDPR]] | EU | $50K | 500K+ | $25B | Mature (incumbent disruption) | Privacy + consent |
| [[id:e6993701-3c67-49bf-82f3-06907572cbf3][FedRAMP]] | US | $100K | 1K (providers) | $100M | Moderate (<300 authorized) | Continuous monitoring |
| [[id:c9830152-0160-4bdc-ab03-6f308ad43536][SOX]] | US | $50K | 10K | $500M | Mature (manual audit disruption) | Financial controls |
| [[id:4a2bc62b-3f21-4212-9cd9-f9add8fc0be1][GLBA]] | US | $40K | 20K | $800M | Moderate | Financial privacy |
| [[id:581666ba-f72c-406b-8556-93876d2b30bf][NY DFS 500]] | US (NY) | $30K | 3K | $90M | Wide | Cybersecurity controls |
| [[id:87996d87-100c-4bf6-8546-a860b9d7c25b][CCPA/CPRA]] | US (CA) | $40K | 50K+ | $2B | Moderate | Privacy opt-out flows |
| [[id:748db16a-1382-4e5e-8812-a5d57a8de131][NIS2]] | EU | $50K | 160K | $8B | Critical (2025) | Cybersecurity + supply chain |
| [[id:06fcdb02-2643-4f9d-ab41-e711a99cc390][EU AI Act]] | EU | $75K | 100K+ | $7.5B | Critical (Aug 2026) | AI risk management |
| [[id:717ef2df-2a80-4362-b23a-5e7e12554251][DORA]] | EU | $50K | 22K+ | $1.1B | Critical (in effect) | ICT resilience |
| [[id:b8cf51e8-5f39-49ad-9547-a792a2e446aa][eIDAS 2.0]] | EU | $30K | 10K+ | $300M | Wide (wallet buildout) | Identity gates |
| [[id:ce81fefc-b7a8-4be5-912f-55fd30970b6e][CRA]] | EU | $40K | 50K+ | $2B | Wide (phased 2025-2027) | Product security |
| [[id:9bc29937-d59a-4ae4-9623-3d17a1fe6ebb][UK GDPR]] | UK | $40K | 100K+ | $4B | Mature (GDPR derivative) | Privacy |
| [[id:b852ec69-0fc2-435c-ae1e-6b83e49b3ca3][APPI]] | Japan | $40K | 100K+ | $4B | Moderate | Cross-border privacy |
| [[id:085b76cc-4a65-4660-9c70-85aee10ca99e][ISMAP]] | Japan | $75K | 500 (providers) | $37.5M | Wide (<100 registered) | Gov cloud assessment |
| [[id:e777064d-9950-42d5-980d-8c78cda91500][PIPA]] | South Korea | $35K | 50K+ | $1.75B | Wide (2024 amendments settling) | Privacy + consent |
| Privacy Act | Australia | $35K | 50K+ | $1.75B | Wide (reforms legislating) | Privacy + AI transparency |
| [[id:904f5f12-ec9a-4cbf-854a-0b9b1e11a521][APRA CPS 234]] | Australia | $40K | 500 | $20M | Moderate | Info security controls |
| [[id:7f46764b-47b8-4892-a526-2c1b9ee6e6df][IRAP]] | Australia | $75K | 300 (providers) | $22.5M | Wide | Gov cloud assessment |
| [[id:fed19a24-ad81-4837-a12b-dafbd3ec110a][DPDP Act]] | India | $30K | 500K+ | $15B | Wide (rules drafting) | Privacy + consent |
| [[id:c871a9f4-dd53-4e93-aa50-6acf0c606a9b][LGPD]] | Brazil | $30K | 200K+ | $6B | Moderate | Privacy |
| [[id:bafdaa23-de0b-444c-9151-c87ac65add32][LFPDPPP]] | Mexico | $25K | 50K+ | $1.25B | Wide | Privacy |
| [[id:e2ab887d-9f28-4da6-8388-e6c035e9d9c5][ISO 27001]] | Global | $40K | 60K+ | $2.4B | Mature (manual disruption) | ISMS controls |
| [[id:748b0cc7-7f42-49fb-8ee3-1ae49048a178][ISO 27701]] | Global | $35K | 1K+ | $35M | Wide (growing) | Privacy management |
| [[id:4eef0993-6671-41cf-ba20-d1443a3ec49d][Basel III]] | Global (banking) | $100K | 500 (G-SIBs) | $50M | Mature (incumbent disruption) | Capital adequacy |
| [[id:03ebdb80-a9af-4e76-a443-8556424996ed][FATF]] AML/CFT | Global | $50K | 50K+ | $2.5B | Mature (incumbent disruption) | CDD + screening |
| [[id:fc736aec-ef53-4759-9787-62bc8deea2e7][IFRS]] 17 | Global (insurance) | $75K | 5K+ | $375M | Mature (actuarial verification) | Contract classification |
| [[id:6a5884c8-e9b5-477e-bbf6-aa9ffd967739][UN/CEFACT]] | Global (trade) | $30K | 50K+ | $1.5B | Latent (no market exists) | Cross-border data rules |
| [[id:177aad72-5626-444d-a2e4-af8e1263b125][World Bank ESF]] | Global (dev finance) | $50K | 1K+ (projects) | $50M | Latent (no market exists) | ES compliance gates |
| [[id:68c55deb-72bf-4b15-ac28-bcc792057543][IFC PS]] | Global (project finance) | $50K | 500+ (deals) | $25M | Latent (no market exists) | ES compliance gates |
A [[id:3c6b0449-a8fb-5b89-b82a-34efb21ef5b5][compute marketplace]] provider with authorization in 5+ frameworks (FedRAMP +
ISMAP + IRAP + SOC 2 + ISO 27001) becomes the default infrastructure provider
for regulated cloud globally. The gate package portfolio alone — a mid-size
enterprise running 10+ packages — generates $500K/yr+ in recurring revenue.
At 10,000 such enterprises: $5B/yr. The first-mover advantage is not about any
single framework — it is about being the first to offer a unified gate stack
that maps to all of them. See the [[id:e4a7b3d2-1c9f-4b6e-8a2d-5f3c7e1b9a0c][compliance index]] for the full
framework list, [[*First-Mover Window Analysis][first-mover window analysis]] for timing strategy, and
[[id:827bc546-e887-5b7c-9b65-6392beaf0920][verification monopoly]] and [[id:3c6b0449-a8fb-5b89-b82a-34efb21ef5b5][compute marketplace]] for the economic dynamics
behind the revenue.
* First-Mover Window Analysis
The first-mover window is the time in which a new compliance tool can establish
dominance before incumbents respond or the market settles on a standard approach.
| Window | Frameworks | Rationale |
|--------|-----------|-----------|
| **Critical (<12 months)** | [[id:06fcdb02-2643-4f9d-ab41-e711a99cc390][EU AI Act]] (Aug 2026 effective), [[id:748db16a-1382-4e5e-8812-a5d57a8de131][NIS2]] (Oct 2025 deadline), [[id:717ef2df-2a80-4362-b23a-5e7e12554251][DORA]] (Jan 2025 — already in effect) | Regulation is active or imminent. Buyers are desperate. No established vendor. |
| **Wide (12-36 months)** | [[id:fed19a24-ad81-4837-a12b-dafbd3ec110a][DPDP Act]] 2023 (rules drafting), India privacy; Privacy Act Review (Australia); [[id:f6a0c00e-e922-44af-99ce-6412c4b73745][Quebec Law 25]]; [[id:ce81fefc-b7a8-4be5-912f-55fd30970b6e][CRA]] phased enforcement | Regulation not yet fully enforced. Rules being written. Market forming. |
| **Mature (commodity)** | [[id:513d5996-4ac7-4567-a992-18fc01599104][GDPR]] (2018), [[id:c9830152-0160-4bdc-ab03-6f308ad43536][SOX]] (2002), [[id:84fb5f8f-0527-4df0-b6b6-dbf3bcff8a7f][HIPAA]] (1996), [[id:4a2bc62b-3f21-4212-9cd9-f9add8fc0be1][GLBA]] (1999), [[id:4eef0993-6671-41cf-ba20-d1443a3ec49d][Basel III]] (2010), [[id:03ebdb80-a9af-4e76-a443-8556424996ed][FATF]] 40 Recs | Market has established vendors. First-mover advantage requires displacing incumbents via superior architecture. |
| **Latent (undiscovered)** | [[id:022109ad-f031-44c4-8ea0-0b3c9402ca90][OECD]] AI Principles, [[id:6a5884c8-e9b5-477e-bbf6-aa9ffd967739][UN/CEFACT]], [[id:177aad72-5626-444d-a2e4-af8e1263b125][World Bank ESF]], [[id:68c55deb-72bf-4b15-ac28-bcc792057543][IFC PS]] | Compliance exists but is document-based or consultant-delivered. No software market has formed. The first gate package creates the category. |
These windows define which frameworks are worth building a gate package for
first. The [[id:e4a7b3d2-1c9f-4b6e-8a2d-5f3c7e1b9a0c][compliance index]] maps each to a
[[id:84a537b4-4256-50c8-91f5-dd5b4538418f][verification appliance]] gate package, and the
[[*Expanded Revenue Table][revenue table]] sizes the market. The
[[id:827bc546-e887-5b7c-9b65-6392beaf0920][verification monopoly]] dynamics determine which window to enter
first.
* Detailed References
- [[id:28c46769-c14b-42aa-ac7a-69d310157f8f][Passepartout economics (full thesis)]] — the unified economics document
- [[id:5961e469-53a3-5f3c-ab72-3c83ef91963f][Investment thesis]] — three revenue horizons, $2M to $1B+
- [[id:0b5a8a74-cfd6-542d-bc88-4eb3cd8626f9][Cost structure and zero marginal cost]]
- [[id:e4a7b3d2-1c9f-4b6e-8a2d-5f3c7e1b9a0c][Compliance framework index]] — 41 frameworks by region and priority
- [[id:dc2e4f22-1c4c-5d4a-a151-f96e5d3b0d70][Development timeline]] — Phase Zero vs End State
- [[id:67faf52f-9126-50a7-b87e-2bedc610dac7][Licensing strategy]] — AGPL + commercial
Reference in New Issue View Git Blame Copy Permalink