Select Page

Locke is an Identity as a Service (IDaaS) solution providing Authentication and Authorization through the use of permissions and claims to be used by businesses to connect with their customers and connect their product ecosystem. 

 Locke is a Core Product of the Lonch Platform

Locke will be a viable standalone product, while also providing a central service that provides identity to all other services on the Lonch platform.

Lonch creates Core Products to be used by CrowdFounded product teams “free of charge” in exchange shares in royalties generated by the product. Through these Core Products Lonch provides tools to help CrowdFounded products succeed and assumes the upfront risk in the event that those CrowdFounded products do not succeed, to remove the upfront financial burden from the CrowdFounding product team. 

By contributing to this Core Product you are helping to bootstrap the Lonch Platform. 

Functionality

Passwordless Authentication

Bypass passwords all together and use “Magic Links” sent directly to your e-mail address or Locke Mobile App.

User Focused

Manage large groups of users across different sites and services. While having extremely simple integration into your products and services. Manage your users all in one place.

Service Support

Treat services similar to users and say good bye to static api keys.

Claim and Permissioned Authentication

Provide claims and permission actions accordingly. Apply to users, groups of users, or even to services for the granularity that is right for your service.

Market Competitors

Below are a list of the most successful competitors in this space.

Amazon Cognito

Amazon claims to be simple identity platform but their documentation and tools behind the scene are difficult to use and understand. 

aws.amazon.com/cognito

Okta

Okta has taken a kitchen sink approach to identity and offers tons of options for just about every possible need. They are more focused directly on businesses and their internal network, and priced out of being used for users for web and mobile services.

okta.com

Auth0

Auth0 supports multiple types of authentication and authorization with focus on the customer’s ease of implementation. Their pricing is reasonable. They’re probably our biggest competitor.

auth0.com

Why Create Another Solution?

There are already many identity solutions available, so why should we create our own?

 

Lonch needs Federated User Authentication

Lonch needs the ability to share authentication across many products. Think of the Lonch Platform as a collection of Core Products. Locke is what allows single sign on for all core products used in the Lonch Platform.

Lonch needs Federated User Authorization

Lonch needs the ability to govern access to functionality within the Core Products. This will control what users have access to their ability to influnce the products. We also use proprietary solutions perform backend only authentication without relying on untrusted client side credentials.

Lonch wants to reduce cost.

Lonch has no control over up front expenses for 3rd party solutions. While it may be possible one day to negotiate such conditions. The current market demands that we build our own products that we can then sell B2B, and offer for “free” to our platform customers.

Lonch wants to provide a turnkey set of tools to its users

Part of our commitment to our community is to add value in exchange for a stake in their product success. This means a better customer experience, and a set of tools that let’s products hit the ground running.

Lonch needs to Discover, Authenticate and Authorize services

Lonch treats services and products much like users, allowing for claim and permissioned access. It uses proprietary solutions to discover services and quickly stitch services together.

Roadmap

Below is the overall progress for the first v1.0 release which focuses on proving the MVP.

Milestone: Develop Spec

Goal Status
Write User Stories for Release
Write Acceptance Criteria for Release
Draft Copy for Automated Emails for Registration and Passwordless Authentication.
Plan Cloud Architecture around microservices and FaaS
Create Wireframes for Front End Service and User Flow and Customer Landing Page

Milestone: Development

Goal Status
Setup JIRA project
Setup Bitbucket repository
Convert User Stories to Tasks
Establish a local development environment in Vagrant and Docker which mimics proposed cloud architecture.
Execute on planned tasks for the Frontend for Locke Service.
Execute on planned tasks for  the backend REST and CRUDL API for Service. Including Swagger Documentation, Insomnia Testing
Build Team
Build Teraform/Chef scripts for provisioning production cloud architecture on AWS.
Setup Customer Facing Website
Setup Production Environment
Security Audit

 

Milestone: Go To Market

Goal Status
Deploy Live to Lonch Platform
Setup Social Media Presence
Setup and Write Blog Articles
Develop Pricing Strategy
Deploy Live to the World
Setup SEO
Setup Marketing and Retention Campaign

Risks

Risk Mitigation Concern
Entire Lonch Platform depends on Locke failure to execute could result in the entire platform being unusable. We are developing Locke as the very first product. Since almost all other products depend on this product, it naturally belong first. High
Getting security right for authorization and authentication is incredibly hard. We are focusing on Passwordless authentication first. No passwords means no passwords to be lost during a hack. We’re also employing best practices right from the beginning by ensuring we have qualified security experts on the team. Medium
We create this service and there is no interest in it. We will still be adding value to products that use the Lonch Platform which will help bootstrap the service as more people leverage the free service. Medium
Creating an authentication platform with the required features, able to manage itself, and manage other products is complex. We have many examples of other services that have accomplished this, and our developers have had success in delivering services with similar requirements.  Medium
Cost is higher than leveraging competing services. One of our selling points is that we will beat competitor costs. If we fail to do this, we will still be adding value to products that use the Lonch Platform which will help keep customers using the product while  figure out ways to reduce cost to be more competitive. Medium
Cost is so high Locke cannot absorb the cost for Locke “Free” users. We have a loopback mechanism for all Lonch Core Products to send revenue to the Lonch Platform and receive revenue back. This mechanism can be adjusted when appropriately voted upon by a defined council using secure channels. Low

Join the Locke Team

By joining this product you are helping to bootstrap the Lonch Platform. You will also receive royalties for sales that run through the Locke service. Royalties come from a la carte sales to businesses which use Locke, and a portion of royalties from the future success of the Lonch Platform is fed back into the Core Products that make up the platform. 

We want contributors who are dedicated to the product and the Lonch Platform as a whole, but we understand that people’s priorities and lives can change. Because of that we only require a short term commitment. When you’re ready to move on to other product teams or ventures you are free to do so, knowing that your royalties will continue to be paid to you even after you have left.

Contributors make their own schedules, work wherever they want, and must provide their own equipment (computer, hardware, software, services).

Current Open Positions

Products on the Lonch platform are 100% based on contributions from contributors. It is possible for a single contributor to “wear multiple hats” and contribute across multiple role expectations below. We look to provide skill coverage among the listed expectations. Since this is a different way to think about work, and to make it easier to digest, we are listing individual roles in the traditional business model. We fully expect individuals to provide partial overlap for many of these expectations. As this product and platform matures we will likely list skill sets as opposed to antiquated roles.

Traditional Role Expectations
Advisor Advisors will provide insight into services similar to Locke and help us avoid common pitfalls and identify unique feature offerings that pull us out of the traditional red ocean of Authentication and Authorization.
Product Manager

Experience managing a software product for both internal and external use.

Has an innate understanding of feature requirements and what brings values to customers at every levels (B2B, B2C, and Internal Consumption).

Project Manager

Scrummaster and Agile development expertise, ensuring a project stays on task and work is being effectively delivered.

Familiar with budgeting and compensation for work delivered.

Legal Counsel

Security and Liability focused counsel to establish requirements for the team to follow. The ideal candidates will be proactive in identifying issues that may present problems with the business model a present, and into the future.

Experience writing Terms of Service and Privacy Policies for service and technology oriented businesses. Experience with GDPR and CCPA and can help ensure that we are compliant. Experience with international law as we scale Locke globally.

Security Expert

Guide the team to best practices when building architecture around authentication, authorization and permissions, to ensure security holes are closed before being released to the wild. Ideal contributors will have experience as a Whitehat Hacker participating in programs like HackerOne.

Experience in:

    • Performing SQL Injection attacks
    • Cross-Origin Resource Sharing
    • Cross-site request forgery
    • Denial of Service
    • GDPR and CCPA and know the standard practices to identify user flows and scrubing data when users opt out of systems.
    • Perform penetration testing, and automated testing
    • Securing Cloud Based infrastructure, particularly around stateless implementations on AWS
Dev Ops Engineer Experience setting up DevOps cycles using typical development stacks such as: Git, CI/CD tools, automated testing, deployment to Docker, building local development environments, integration with issue tracking tools like JIRA, experience with FaaS services such as Kubeless.
Backend Software Engineer

Experience working with FaaS stateless backends, microservices, RESTful APIs, Websockets, Swagger, and building this all on a typescript platform, with unit and integration tests to validate code quality.

Must be security minded.

Frontend Software Engineer

Experience with building highl responsive frontend experiences that adhere to the UI/UX Designer’s requirements. Experience with React, ReactNative, VueJS, and other javascript solutions. Experience writing code in Typescript. Comfortable employing templating engines when it makes sense to do so.

Must be security minded.

Brand Manager Capable of working with the Product Visionary, Product Manager and the UI/UX designer to define the brand for the product.
AWS Certified Engineer Experience developing highly scaleable infrastructures using FaaS technologies in a cloud plaform agnostic way on AWS’ platform. Experience with EKS, Docker, Kubeless, EC2, S3, etc.
UI/UX Designer

Experience building stellar user experiences from the first moment the user is using our service. Everything should be intuitive and frictionless along the expected user flows as much as possible. You understand that in application development that user experience is paramount to building habits and that habits are key to customer retention.

This designer will help build our design system and design libraries for the product. They will form as a barrier to releasing works that do not adhere to design.

Recruiter Ability to identify trustworthy talent that believes in the vision of Locke, and ultimately Lonch to trade their experience and skill for royalty tokens and a future stake in the product.

 

 

Be among the first to contribute to earn bonus Royalty Tokens.

Bitnami