pplate/pi_mcps
1
1
Fork 0
Code Issues 9 Pull Requests Actions Packages Projects 1 Releases Wiki Activity
Files
chore/homelab/catchup-push-2026-06-11
pi_mcps/plans/BIGMIND_HOSTED_MVP.md
T
pplate 21956f7a42 docs(plans): add CannaManage SaaS strategy — cannabis club management for Germany 
- Legal feasibility check vs CanG (Konsumcannabisgesetz): LEGAL as B2B Vereinsverwaltungs-Software
- B2B SaaS for Anbauvereinigungen: member management, distribution tracking, compliance reports
- Tech stack: Spring Boot 3.x (Java 21) + JPA/Hibernate, PrimeFaces MVP, PostgreSQL + Flyway
- Mobile: PWA → Kotlin Android → Kotlin Multiplatform (natural path for Java developer)
- Revenue model: freemium (free ≤30 members), paid tiers €29-€179/month
- Market: 500-3000 clubs forming, zero dedicated tooling exists (first mover window)
- Also adds BIGMIND_HOSTED_MVP.md (BigMind SaaS vision plan)
2026-04-04 10:52:17 +02:00

9.2 KiB
Raw Permalink Blame History

BigMind Hosted MVP Plan

Created: 2026-04-04
Authors: Patrick + Lumen
Status: Brainstorm → Planning

Vision

BigMind as a hosted, multi-tenant, privacy-first AI memory platform.

Every developer gets their own isolated, persistent brain — a memory layer that lives outside any single IDE or AI provider. Your AI colleague remembers you across sessions, across tools, across machines. Your memory is yours alone. Nobody else's knowledge poisons yours.

Optional: A shared collective layer (MegaMind) where users explicitly contribute facts to a common knowledge pool — think public Stack Overflow threads, but for AI-assistant context.

Revenue model: Monthly subscription per user. Freemium tier to drive adoption.

Why we're already closer than it feels

Component Status
Per-user isolation user_id in every BigMind table already
Memory persistence SQLite per user, trivially isolatable
Web profile UI Flask app on port 7700 already running
30+ MCP tools All implemented, tested, production-quality
Session lifecycle Start/end/close-stale already solid
Hypotheses / facts / chunks Full Tier 0-3 storage working
MegaMind shared layer 📝 In plans, Phase 3/4
Auth (sign-up / login) Not started
Hosted deploy (VPS) Local only today
Billing (Stripe) Not started
MCP bridge for hosted users Not started
Frontend beyond profile page Not started

Architecture — What "hosted" looks like

User's IDE (VS Code / Cursor / IntelliJ)
     │
     │  MCP protocol (stdio or HTTP SSE)
     ▼
BigMind Hosted MCP Server  ◄─── per-user auth token in env
     │
     │  SQLite reads/writes
     ▼
User DB (isolated per account)
/data/users/{user_id}/memory.db

     ┌────────────────────────────────────┐
     │  BigMind Web (Flask on port 443)   │
     │  - Sign up / Login                 │
     │  - Profile page (existing)         │
     │  - Account settings                │
     │  - MegaMind opt-in toggle          │
     └────────────────────────────────────┘
     
     (Optional, Phase 2+)
     ┌────────────────────────────────────┐
     │  MegaMind Shared Layer             │
     │  - Public facts from opted-in users│
     │  - Read-only collective knowledge  │
     │  - Poisoning is impossible: users  │
     │    can only see what they share    │
     └────────────────────────────────────┘

Privacy guarantee: Your DB is a file only your process touches. Even if you contribute to MegaMind, you choose exactly which facts go public. Malicious or wrong facts stay in your private brain — they never propagate.

Tech Stack Choices

Backend

Layer Choice Reason
MCP server FastMCP (existing) Already working, no reason to change
Web framework Flask (existing) Already in codebase, keeps it simple
Auth Flask-Login + bcrypt Lightweight, well-understood, no new infra
DB SQLite per user (existing pattern) Simple, zero ops, trivially backupable
Token generation Python secrets module User gets an API token for MCP bridge

Infrastructure

Layer Choice Reason
VPS Hetzner CX22 (~€5/mo) Cheap, EU datacenter, excellent perf/price
Deploy tool Coolify (Docker-based PaaS) One-command deploys, free, self-hosted
Reverse proxy Caddy (via Coolify) Auto HTTPS, simple config
Domain TBD (e.g. bigmind.dev) ~€10/year

Payment (Phase 2)

Layer Choice Reason
Billing Stripe Industry standard, dev-friendly, EU-compliant
Pricing €0 free / €9 solo / €19 team TBD, just a starting point

Phases

Phase 0 — Foundation (now, no new infra needed)

Goal: Make BigMind deployable as a multi-user service without breaking local usage.

  • Refactor memory.db path to be configurable via BIGMIND_DB_PATH env var
  • Each user gets BIGMIND_DB_PATH=/data/users/{token}/memory.db
  • Confirm all 297 tests still pass with path override
  • Write a Dockerfile for BigMind MCP server
  • Write a docker-compose.yml for local multi-user testing

Skill gap: None — pure Python + Docker. We can do this now.

Phase 1 — Auth + Web Portal (the real first hurdle)

Goal: A stranger can sign up, get a token, and connect their IDE to their hosted BigMind.

  • Add users table to a separate app.db (separate from memory DBs)
    • id, email, password_hash, api_token, created_at, plan
  • Flask routes: /signup, /login, /logout, /dashboard
  • Dashboard shows: token (copy to clipboard), DB stats, link to profile page
  • Profile page becomes accessible at /profile?token={token} (auth-gated)
  • Token is what users paste into their IDE's MCP env config
  • Email verification (optional for MVP — add later)

Skill gap: Flask auth is straightforward. Flask-Login + bcrypt. Nothing here requires React.

Phase 2 — Hosted Deploy (first public user possible)

Goal: BigMind runs on a real VPS, accessible to the world.

  • Provision Hetzner VPS (CX22, Ubuntu 24 LTS)
  • Install Coolify on VPS
  • Push Docker image to Gitea registry or Docker Hub
  • Deploy via Coolify: web container + data volume for user DBs
  • Configure Caddy for HTTPS on custom domain
  • Smoke test: sign up → get token → wire into VS Code → memory_start_session works

Skill gap: Docker + Coolify + Caddy. All documented, not scary. Hetzner has great guides.

Phase 3 — Billing (first paying customer possible)

Goal: Someone can pay €9/month and get their brain.

  • Stripe account set up (business: Patrick as sole proprietor or GbR with Elias/Klaus?)
  • Stripe Checkout: user clicks "Upgrade", redirected to Stripe, comes back with plan=solo
  • Webhook: customer.subscription.created → update users.plan in app.db
  • Free tier limit: e.g., 500 facts max, no MegaMind access
  • Paid tier: unlimited facts, MegaMind read access

Skill gap: Stripe webhooks are well-documented. Python stripe SDK is simple. Need a registered business for VAT compliance in DE — this is a real overhead but manageable.

Phase 4 — MegaMind Shared Layer (differentiation)

Goal: Users who opt in contribute to a collective knowledge pool. Read-only for all users.

  • New megamind.db — a single shared SQLite (or Postgres if scale demands)
  • Facts table: fact, category, contributed_by, upvotes, created_at
  • memory_store_fact(..., public=True) — contributes to MegaMind
  • memory_search_facts() — searches personal brain first, then MegaMind as fallback
  • Profile page shows MegaMind contribution count as a badge
  • Moderation: auto-reject facts with PII patterns (email regex, etc.)

Skill gap: SQLite concurrency (WAL mode already in use). No new infra. The hard part is moderation — keep it simple for MVP.

Skill gaps to close — learning roadmap

Gap Priority How to close
Flask auth (login/sessions) 🔴 Blocker for Phase 1 Flask-Login docs are 30 min read. Build it directly.
Docker + Coolify deploy 🔴 Blocker for Phase 2 Coolify has great tutorials. 1 weekend to learn.
Stripe basics 🟡 Phase 3 Stripe's Python quickstart is excellent.
TypeScript (optional) 🟢 Nice-to-have Expands MCP ecosystem reach. Not urgent.
React/Next.js 🟢 Later Not needed until Phase 4+. Flask HTML is enough for MVP.
German business registration 🟡 Phase 3 Gewerbeanmeldung + Steuerberater. Do before Stripe.

What we're NOT building (scope control)

  • Mobile app — not yet
  • Team collaboration features — not yet (Phase 5+)
  • Custom AI model training on memory — this is the "evil training" problem Patrick raised. Architecture answer: personal brains are isolated, so user trains their own brain. We never aggregate across users without explicit consent.
  • Full SPA frontend — Flask server-side HTML is fine for MVP. Don't over-engineer.

The ethical foundation

Patrick put it well: "if people train evil stuff they only have it for them, which I can live with."

This is the right architecture and the right mindset. BigMind doesn't curate your memories. It doesn't run your facts through a classifier. Your brain is yours. The only guarantee we make: nothing leaves your brain unless you explicitly push it to MegaMind.

This also means we never have a moral liability for what someone stores. We're a memory layer, not a judge.

First concrete next step

Today's action: Write the Dockerfile for BigMind and confirm it boots cleanly with BIGMIND_DB_PATH as an env override. That's Phase 0, item 1. Everything else follows from that.

Last updated: 2026-04-04 by Lumen

Reference in New Issue View Git Blame Copy Permalink