SYS/05 — SHIPPED SAAS
ZXERO
A full-stack content-access firewall that let publishers monetize AI crawler traffic — shipped, monetized, and deliberately sunset after market analysis.
- STATUS
- Shipped · sunset
- RUNTIME
- ~5 months
- DETECTION
- Random Forest
- PAYOUTS
- Stripe Connect
ZXERO was a content-access firewall: it scored every request at the edge, blocked AI crawlers unless they presented a valid signed token tied to a funded wallet, and paid publishers out automatically. It shipped to production, reached paying customers, and was then deliberately wound down.
FUNCTION
A site drops ZXERO in at the edge — Nginx, Apache, an Express or Next.js middleware, a Cloudflare Worker, or a WordPress plugin. Each request is scored by the detection engine; AI crawlers are blocked unless they present a valid HMAC-signed access token backed by a funded wallet. Access is metered and the publisher is paid out via Stripe Connect.
ENGINEERING
A Next.js frontend (internationalized marketing site + a dashboard) over a FastAPI backend with Alembic migrations. Detection is a Random Forest classifier ("Detection Engine v2.0") scoring entropy, canvas-fingerprint, and IP-reputation signals, with a stochastic challenge rate and fail-closed enforcement. Auth is passwordless with TOTP 2FA; TOTP, HMAC, and Stripe Connect secrets are encrypted at rest; transactional email runs through Resend.
WHAT I LEARNED
I shut ZXERO down on purpose. It worked — it shipped, detected crawlers, and took real money — but when Cloudflare moved into pay-per-crawl, the defensible wedge narrowed and the unit economics didn't justify scaling a solo-built firewall against a CDN incumbent. Sunsetting it was the same kind of call that justified building it: a read on market timing and economics, not a loss of interest. The product, the billing integration, and the detection pipeline are the artifact.