# gsiso.ai — End-to-End Delivery Plan · v1.0 · April 2026 **Author:** Gaurav Sisodia · gsiso.ai · Confidential — Seed Stage --- ## §0 Preface This document is the **build plan**, not the go-to-market plan. The Roadmap & GTM brief (April 2026) describes *what* gsiso will ship and *why* the market exists. This document describes *how* we ship it: which engineers we hire, in what sequence; which technology choices are locked; which sprints produce which deliverables; what we spend and when; and the precise conditions under which we proceed, pivot, or sell. If the GTM doc is the strategy deck, this is the engineering and ops manual that sits behind it. Written for Gaurav Sisodia and the first five engineers. Intended to be read once, then used as a working reference. --- ## §1 Executive Summary ### The Wedge gsiso.ai enters on two dateable, defensible differentiators: 1. **Physical AI Bridge** — a native ROS 2 + MCP + VLA orchestration layer for humanoid robots, cobots, and lab automation. No hyperscaler, no open-source framework, and no orchestration startup ships this as of April 2026. The gap is [confirmed by the State of Robotics 2026 report](https://www.roboticscenter.ai/state-of-robotics-2026): the software bridge between LLM agents and physical systems is the largest under-served layer in the entire AI stack. 2. **EU AI Act Compliance Certification** — being the first orchestration fabric to achieve CE marking for high-risk AI orchestration. [EU AI Act enforcement for high-risk AI begins August 2026](https://trilateralresearch.com/responsible-ai/eu-ai-act-implementation-timeline-mapping-your-models-to-the-new-risk-tiers). Multi-agent orchestration in pharma, manufacturing, and financial services is classified high-risk. Compliance adds [$8–$15M to each large enterprise implementation](https://www.fifthrow.com/blog/ai-agent-orchestration-goes-enterprise-the-april-2026-playbook-for-systematic-innovation-risk-and-value-at-scale). First-mover certification compounds with every month of lead time. ### 18-Month Target Outcomes (May 2026 → October 2027) - **3 design partners** running production workloads — one pharma, one manufacturing, one capital markets - **$10M ARR** in signed contracts, with first paid enterprise contract ≥$500K ACV by June 2027 - **Series A closed** at $30–50M, based on three named logos + Physical AI Bridge GA + first EU AI Act conformity assessment dialogue - **14 hires** made in priority order across engineering, compliance, sales, and operations ### Seed Raise **$15M** recommended seed raise. Projected 18-month burn: ~$12M. The $3M buffer provides two months of runway past M18 — necessary cushion if Series A closes on the late end of the window. ### Why This Plan Is Different from the Roadmap Doc The Roadmap doc sets quarterly milestones at the GTM level: design partners signed, physical bridge GA, CE marking. This plan drills to execution: sprint-by-sprint deliverables, week-2 demo scripts, compensation bands, line-item budget, and explicit go/no-go gates with pivot options. Anyone reading both should be able to pick up a Jira board and start tomorrow. --- ## §2 Tech Stack (Locked) ### Layer Table All choices below are locked for Phase 1 and Phase 2. Re-evaluation points are noted where applicable. | Layer | Choice | Rationale | Build or Buy | |---|---|---|---| | **Agent runtime / orchestration** | Python 3.12 + FastAPI 0.115 + Ray 2.x | Ray provides distributed agent scheduling with horizontal scale to thousands of concurrent agents; FastAPI for the API surface. LiteLLM gateway for multi-model routing across OpenAI, Anthropic, Gemini, and local vLLM inference. | Build: scheduler, policy enforcement, agent lifecycle. Buy/integrate: LiteLLM, vLLM, Ray cluster. | | **Agent memory & state** | PostgreSQL 16 + pgvector 0.7 + Redis 7 + S3 | Postgres + pgvector for long-term semantic memory (agent namespace isolated); Redis 7 for hot agent state and run-queue; S3 for artifact storage and audit receipt cold archive. Drizzle ORM for schema management and typed queries. | Buy all components. Build: schema design, tenant isolation layer, memory namespace policy. | | **Identity & cryptography** | Ed25519 per-agent signing keys + DID:web method + Sigstore/Cosign + HashiCorp Vault | Ed25519 for agent DID keypairs (fast, compact, auditable). DID:web for discoverable identities resolvable without blockchain. Sigstore/Cosign for tamper-evident audit receipts and artifact signing. HashiCorp Vault for key lifecycle management, rotation, and HSM integration. | Build: DID minting service, receipt chaining logic, kill-switch propagation. Buy: Vault, Cosign. | | **Policy engine** | Open Policy Agent (OPA) + Rego + custom Policy Studio UI | OPA provides a mature, WASM-compilable policy-as-code engine. Rego policies are human-readable, version-controllable, and testable. Policy Studio is our commercial UI layer on top — the moat. Evaluate Cedar (AWS-native) in Phase 2 if customer demand is primarily AWS-native. | Build: Policy Studio UI, Rego authoring interface, policy compilation pipeline, Policy VM sandbox. Buy: OPA runtime. | | **Physical AI Bridge** | ROS 2 Jazzy + WebRTC + MCP servers per robot class + NVIDIA Isaac Sim | ROS 2 Jazzy (LTS, supported through 2027) as the robot primitive layer. WebRTC for real-time telemetry streaming from robot fleet to control plane. Custom MCP servers authored per robot class: humanoid (Figure 02/1X NEO), cobot (UR10e), AMR (MiR250), lab-arm (OT-2). Isaac Sim for digital twin validation before physical deploy — every VLA policy update runs sim gate before production push. | Build: all MCP server adapters, sim gate pipeline, WebRTC ingest service, safe-stop proof primitive. Buy: ROS 2, Isaac Sim license, robot hardware for lab. | | **Control plane (console)** | Next.js 15 + React 19 + Tailwind CSS 4 + shadcn/ui + Clerk + Stripe + tRPC | Next.js 15 with App Router for the console. shadcn/ui for accessible, composable primitives. Clerk for auth (OIDC federation to enterprise IdP). Stripe for billing metering. tRPC for end-to-end type-safe APIs between console and backend. Drizzle ORM against Postgres for the console data layer. | Build: console product, Policy Studio, agent dashboard, fleet telemetry views. Buy: Clerk, Stripe, tRPC, shadcn. | | **Observability** | OpenTelemetry + ClickHouse + Grafana + Sentry | OpenTelemetry for instrumentation (traces, metrics, logs from all services). ClickHouse for the agent event stream and trust receipt ledger — chosen for columnar analytics at agent-event volumes. Grafana for operational dashboards. Sentry for error tracking and session replay in the console. | Build: agent event schema, trust receipt indexer. Buy: ClickHouse cluster, Grafana, Sentry. | | **Infrastructure** | AWS EKS (us-east-1 + eu-west-1) + Cloudflare + Terraform + GitHub Actions + Docker/OCI | AWS EKS as the primary compute substrate. eu-west-1 region is mandatory for EU AI Act data residency requirements. Cloudflare for edge CDN, R2 as S3 fallback. Terraform for all IaC, checked into Git. GitHub Actions for CI/CD pipeline. Docker/OCI for agent packaging — agents are OCI images with DID manifest embedded. | Build: Terraform modules, CI/CD pipelines, OCI agent packaging spec. Buy: AWS, Cloudflare, GitHub. | | **Compliance tooling** | Vanta + custom AI Act evidence pipeline | Vanta for SOC2 Type II automation (control monitoring, vendor assessments, audit evidence collection). Custom AI Act evidence pipeline is our differentiator: automated extraction of Annex VIII technical documentation from audit receipts, conformity assessment evidence packaging, Notified Body submission tooling. | Build: AI Act evidence pipeline entirely in-house — this is a moat. Buy: Vanta. | | **Developer SDKs** | Python + TypeScript (Phase 1); Go (Phase 3) | Python SDK targets data science and robotics engineers (primary Phase 1 users). TypeScript SDK targets web and full-stack developers consuming the agent platform. Go SDK deferred to Phase 3 when infrastructure-adjacent use cases emerge. | Build: all SDKs. Publish on PyPI and npm. Open-source SDK clients on Apache 2.0 at Phase 4. | ### Build-vs-Buy Philosophy The governing principle is simple: **we build the things that become the moat; we buy everything commoditized**. Translated to concrete categories: **We build:** the trust ledger (Merkle-chained, ed25519-signed audit receipts); the Physical AI Bridge and its per-robot-class MCP servers; the Policy Studio UI and Rego authoring interface; the EU AI Act evidence pipeline; and the agent DID minting and lifecycle service. These components are proprietary because no vendor ships them, they are hard to replicate, and they are what customers pay for. Building them in-house also means we control the roadmap when regulated customers ask for bespoke conformity documentation — a request that arrives on every enterprise sales call. **We buy:** LLM inference (OpenAI, Anthropic, Google APIs — LiteLLM makes us model-neutral); auth (Clerk handles OIDC, SAML, MFA, enterprise IdP federation — months of work for $0 marginal cost at our scale); billing (Stripe handles metering, invoicing, and dunning — not our problem to build); databases and infra (Postgres, Redis, S3, EKS — commodities that would absorb engineering time with no differentiation return); and observability tooling (Grafana, Sentry — table stakes we should not rebuild). **Why not build our own vector DB?** pgvector with Postgres 16 covers our Phase 1–2 workloads with strong tenant isolation, ACID semantics, and no new operational surface area. We will revisit at Phase 3 if query patterns outgrow it (specific trigger: p99 semantic search latency exceeds 200ms at tenant-scale). **Why not build our own LLM?** Our value proposition is explicitly model-neutral governance, not model capability. Building a model would position us as a competitor to our model-provider partners, destroy our neutrality story, and consume capital that would be better spent on the Physical AI Bridge — the genuine whitespace. **Why OPA instead of Cedar?** Cedar is AWS-native and well-designed, but its production ecosystem is nascent and it creates implicit AWS dependency in a layer that must be cloud-neutral. OPA's WASM compilation and the breadth of its enterprise adoption make it the right default. We evaluate Cedar formally in Phase 2 if an AWS-native design partner requires it. **The long-term model:** open-source the Agent Mesh OS core at Phase 4 (Apache 2.0). The trust ledger, Policy Studio, Physical AI Bridge adapters, and AI Act evidence pipeline remain proprietary commercial features — the Red Hat model applied to agent orchestration. --- ## §3 Phased Roadmap — 18 Months | Phase | Dates | North-Star Metric | What Ships | Team Size at End | |---|---|---|---|---| | **Phase 0: Foundation** | M0–M2 · May–Jun 2026 | 3 signed LOIs from design partners | Dev infra, repo structure, agent identity service alpha, Vault setup, 3 LOIs signed | 5 (founder + 4 hires) | | **Phase 1: Physical AI Bridge MVP** | M3–M6 · Jul–Oct 2026 | LLM→ROS 2 action loop in production for 3 robot classes | Humanoid (1X NEO or Figure 02), cobot (UR10e), lab arm (OT-2) all driven by LLM agents via MCP bridge; Trust Ledger alpha; Isaac Sim gate live | 8 | | **Phase 2: Closed Beta** | M7–M10 · Nov 2026–Feb 2027 | 3 design partners live in production | Policy Studio GA; Agent Mesh OS core stable; 3 design partners running production workloads; SOC2 Type II audit started | 11 | | **Phase 3: Compliance + First Paid** | M11–M14 · Mar–Jun 2027 | First paid enterprise contract ≥$500K ACV | EU AI Act conformity assessment initiated with Notified Body; first paid contract signed; Series A fundraise opens; ISO 42001 certification target | 13 | | **Phase 4: Open Source + Series A** | M15–M18 · Jul–Oct 2027 | Series A closed + $10M ARR | Agent Mesh OS core open-sourced (Apache 2.0); Series A close $30–50M; $10M ARR milestone; Go SDK GA | 14 | **Phase 0 detail.** The first two months are not about code. They are about: (a) hiring the three founding engineers, (b) standing up dev infrastructure so those engineers can be productive on day one, (c) locking the spec for Phase 1, and (d) getting three letter-of-intent signatures from design partner candidates. LOIs are non-binding but they commit a named contact at the partner organization to co-design the pilot and provide a reference if the pilot succeeds. No LOI = no Phase 1 partnership. We do not proceed with custom integration work without a signed LOI. **Phase 1 is the highest-risk phase.** ROS 2 integration with production robot hardware has more unknown unknowns than any other phase. The sprint plan in §4 addresses this by running the lab-arm integration (OT-2 — lowest mechanical risk) first, validating the MCP→ROS 2 bridge architecture before touching the humanoid. The humanoid comes last, in sprint 7, after the bridge has proven itself across two simpler embodiments. **Phase 2 converts demonstration to evidence.** The design partner relationship moves from LOI to paid or fee-waived pilot with contractual success metrics. The console becomes a real product, not a demo dashboard. SOC2 Type II audit starts — a six-month process that must begin by M7 to complete before Series A. **Phase 3 creates the commercial moat.** The EU AI Act conformity assessment dialogue is the most consequential single event in the roadmap. Starting it requires: (a) the Physical AI Bridge in production, (b) the trust ledger with six months of live audit receipts from design partners, and (c) the Notified Body engagement under contract. We are not waiting for the assessment to complete before starting Series A conversations — we are starting conversations the moment we can show a Notified Body engagement letter. --- ## §4 Phase 1 Sprint Plan — Physical AI Bridge MVP Eight sprints of two weeks each, spanning M3–M6 (July–October 2026). Goal: LLM agents controlling three robot classes via MCP bridge, running through Isaac Sim gate, with Trust Ledger alpha generating signed audit receipts for every robot command. | Sprint | Dates | Goal | Deliverables | Demo | |---|---|---|---|---| | **S1** | Jul 1–11 | MCP server skeleton + ROS 2 adapter scaffolding | OPA policy engine integrated; first MCP server stub compiled; ROS 2 Jazzy running in Docker; GitHub Actions CI green | Engineer walkthrough: policy evaluation of a dummy robot command returning allow/deny in < 50ms | | **S2** | Jul 14–25 | Trust Ledger alpha — ed25519 signing pipeline live | Agent DID minting service; ed25519 key generation per agent; first signed audit receipt written to Postgres; Merkle chain root committed to S3 | Show: mint an agent DID, issue a robot command, retrieve the signed receipt with verified chain | | **S3** | Jul 28–Aug 8 | First LLM→ROS 2 action loop in Isaac Sim | Claude (via LiteLLM) instructs simulated UR10e to pick-and-place a vial in NVIDIA Isaac Sim; MCP server translates agent intent to ROS 2 action; OPA policy check passes; receipt signed | Demo: 60s video of Claude agent issuing pick-and-place to simulated UR10e, receipt shown in terminal | | **S4** | Aug 11–22 | OT-2 lab arm integration — first physical robot | OT-2 MCP server complete; OT-2 running Opentrons Python API via ROS 2 bridge; LLM agent executes liquid dispensing protocol; WebRTC telemetry feed live in console stub | Demo: GPT-4o agent executes a 3-step pipetting protocol on OT-2; telemetry shown in browser; audit receipt verified | | **S5** | Aug 25–Sep 5 | Safe-stop proof primitive + kill switch propagation | Safe-stop proof token (triple-signed: agent DID + operator key + hardware attestation) generated and validated by OT-2 safety controller; kill switch propagation tested; p99 safe-stop latency ≤ 120ms | Live demo: issue kill switch from console, OT-2 halts, revocation receipt logged; latency measured on screen | | **S6** | Sep 8–19 | UR10e physical cobot integration | UR10e MCP server complete; physical UR10e arm in lab running LLM-directed pick-and-place; Isaac Sim gate: policy update must pass sim before physical deploy; fleet telemetry for both OT-2 and UR10e in console | Demo: policy update for UR10e path, sim gate rejection of an unsafe trajectory, then approval and physical execution | | **S7** | Sep 22–Oct 3 | Humanoid integration — 1X NEO or Figure 02 | Humanoid MCP server (GR00T N1 dispatch path); first LLM→humanoid action sequence in Isaac Sim; WebRTC telemetry at 25Hz; human gate workflow before any physical humanoid command | Demo: Claude agent instructs simulated humanoid to carry a sample rack; human gate approval required before physical execution; receipt chain shown | | **S8** | Oct 6–17 | Integration hardening + alpha handoff to design partners | Three robot classes integrated and tested; trust ledger running continuously; Policy Studio alpha UI deployed; design partner onboarding guide written; Phase 1 post-mortem completed | Live partner demo: full pipeline — agent receives lab task, dispatches to three robot classes, trust ledger records every action, Policy Studio shows agent activity | **Sprint conventions.** Each sprint ends with a Friday demo (internal, 30 minutes). Demo artifacts — video recordings, terminal logs, receipt chain exports — are committed to the repo as evidence artifacts. No sprint advances without a passing demo. If a sprint demo fails, the sprint is extended by one week before moving on. This constraint is non-negotiable: if the demo isn't real, the design partner pilot won't be real. --- ## §5 Team Plan — 14 Hires in Priority Order All compensation bands are in USD annual base salary. Equity is grant-date percentage; vesting is 4-year/1-year cliff standard. Hiring authority: Gaurav Sisodia approves all offers. | # | Role | Month | Base Salary Band | Why Now | |---|---|---|---|---| | 1 | **Founding Engineer — Distributed Systems** | M0 | $180K–$220K | Builds the Agent Mesh OS scheduler, Ray cluster, and LiteLLM routing layer. Must be on board before Sprint 1. The most critical single hire. Target: 5+ years distributed systems, Kubernetes, prior experience with Python async systems at scale. | | 2 | **Founding Engineer — Robotics / ROS 2** | M0 | $180K–$220K | Owns the Physical AI Bridge. Must have shipped production ROS 2 integration — not just demos. Target: prior work at a robotics OEM or automation startup; hands-on with UR or similar cobot; comfortable in C++ and Python. | | 3 | **Founding Engineer — Security / Cryptography** | M1 | $190K–$230K | Owns the DID minting service, ed25519 signing pipeline, Vault integration, and trust ledger. Target: prior experience with PKI or identity systems; familiar with W3C DID specs; comfortable with Go or Rust for the cryptographic core. | | 4 | **Design Engineer — Console + Policy Studio UI** | M1 | $150K–$185K | Builds the control plane console and Policy Studio. Must be strong in Next.js 15, React 19, and Tailwind. Target: shipped production enterprise UI, not just consumer product; understands accessible design for compliance dashboards. | | 5 | **ML Engineer — Agent Evals + Safety** | M2 | $170K–$210K | Builds the evaluation harness for agent behavior, outcome scoring for self-evolving workflows, and the safety regression suite for the Physical AI Bridge. Target: prior experience with LLM evals (not just fine-tuning); comfortable with statistical testing. | | 6 | **Compliance Lead — ex-auditor, AI Act specialist** | M3 | $160K–$200K | Owns the EU AI Act evidence pipeline, Notified Body engagement, and SOC2 Type II audit coordination. Target: prior work at a Notified Body or Big 4 technology risk practice; direct knowledge of AI Act Annex III requirements; German or Dutch language a strong plus for EU regulator engagement. | | 7 | **Founding PM — ex-enterprise robotics** | M3 | $160K–$200K | Owns design partner relationships, sprint prioritization, and Phase 2 product roadmap. Target: prior PM at an industrial automation company or enterprise robotics startup; has managed a customer pilot from LOI to production; can run a technical sales call without an SE present. | | 8 | **Senior Engineer — Data / Observability** | M4 | $160K–$195K | Owns ClickHouse cluster, OpenTelemetry instrumentation, Grafana dashboards, and the trust receipt indexer. Target: prior experience with high-throughput event pipelines; knows ClickHouse or similar columnar store in production. | | 9 | **Senior Engineer — Robotics Integration #2** | M5 | $160K–$195K | Second robotics engineer to expand the Physical AI Bridge to AMR (MiR250) and drone (MAVLink/PX4) classes, and to support Phase 2 partner integrations. Target: complementary embodiment experience to founding robotics engineer — different robot class background preferred. | | 10 | **DX Engineer — SDKs + Docs** | M7 | $145K–$175K | Owns Python SDK, TypeScript SDK, developer docs site, and API reference. Target: prior developer relations or SDK engineering role; cares about developer experience at a level that produces good first-use tutorials, not just API stubs. | | 11 | **Head of Sales — Enterprise AE** | M9 | $160K–$200K base + OTE | First quota-carrying enterprise rep. Owns closing the first paid contracts in Phase 3. Target: prior AE at an enterprise infrastructure or security company (Palo Alto, HashiCorp, Datadog analogues); has closed ≥$500K ACV deals independently. | | 12 | **Solutions Engineer** | M10 | $145K–$175K | Technical support for the Head of Sales: POC design, integration scoping, and post-close onboarding for design partner pilots. Target: prior SE at an enterprise software company; comfortable in both customer calls and writing integration code. | | 13 | **Senior Engineer — Backend Scaling** | M12 | $160K–$195K | Prepares the platform for Series A scale: horizontal scaling of the agent scheduler, multi-tenant isolation hardening, and database query optimization. Target: senior distributed systems engineer comfortable with Postgres internals, Redis cluster, and Ray autoscaling. | | 14 | **Head of Finance / Ops** | M14 | $160K–$200K | Owns Series A data room, financial model, cap table management, and ops build-out (HR, legal vendors, office lease). Target: prior CFO or VP Finance at a seed/Series A startup; has run a Series A process; comfortable in a 14-person company without a finance team beneath them. | **Hiring philosophy.** Founding engineers (positions 1–5) receive 0.5%–1.5% equity each, reflecting the pre-product-market-fit risk they accept. Later hires (positions 6–14) receive 0.1%–0.4%, scaled by seniority and timing. No salary differential between hires from Big Tech and hires from startups — the compensation band is the band. We do not compete with Meta or Google on cash; we compete on mission and equity upside. Hiring is founder-sourced first (warm network, robotics PhD programs, compliance practitioner networks) before engaging recruiters. Recruiter fees are budgeted at 15–20% of first-year salary for positions 6–14. --- ## §6 18-Month Budget All figures in USD. Burn projected over 18 months (May 2026 – October 2027). | Line Item | Total 18M | Monthly (Avg) | Notes | |---|---|---|---| | **Salaries + benefits** | $8,100,000 | ~$450K rising to ~$650K | 14 hires phased in per §5; benefits loaded at 25% on top of base. Founder salary included at $175K from M0. | | **Infrastructure / cloud** | $900,000 | ~$50K | AWS EKS (us-east-1 + eu-west-1), Cloudflare R2, S3, ClickHouse Cloud. Phase 0–1: ~$15K/mo. Phase 2–3: ~$50K/mo. Phase 4: ~$100K/mo as design partner workloads grow. | | **Robot hardware — internal lab** | $1,200,000 | — (CapEx) | 1× Figure 02 or 1X NEO humanoid (~$140K–$150K), 2× UR10e cobots (~$80K each), 2× OT-2 lab arms (~$12K each), 1× MiR250 AMR (~$80K), drone fleet (~$30K), 1× NVIDIA DGX workstation for Isaac Sim (~$200K), lab build-out and shipping (~$200K). Majority purchased M2–M4. | | **Legal / compliance / audits** | $500,000 | ~$28K | Outside counsel for IP (patent filings, open-source governance), Series A legal, EU AI Act Notified Body engagement (~$150K), SOC2 Type II audit (~$80K), ISO 42001 advisory (~$50K), GDPR counsel. | | **Office / ops** | $400,000 | ~$22K | Colocated lab space with robot-safe flooring and power (target: Bay Area or Austin). Includes internet, equipment, HR software, insurance (D&O, E&O, product liability for physical AI), travel for design partner site visits. | | **Marketing / events** | $300,000 | ~$17K | ROSCon 2026, NeurIPS, ICRA, EU AI Act practitioner events. Thought leadership content (technical blog, whitepaper distribution). No paid social at seed stage. | | **Contingency** | $700,000 | — | 5.5% of total budget. Covers: hardware delays, additional Notified Body fees if first engagement fails, emergency senior hire if a founding engineer leaves, legal disputes. | | **Total projected burn** | **$12,100,000** | **~$672K** | Peak monthly burn ~$800K in Phase 3–4 as sales team ramps. | | **Recommended seed raise** | **$15,000,000** | — | $2.9M buffer beyond projected burn. Equivalent to ~4 months of Phase 4 burn rate. Gives runway to October 2027 + buffer for Series A delay of up to 2 months. | **Monthly burn curve (conceptual).** Phase 0 (M0–M2): ~$200K/mo — founding salaries, legal, dev tooling. Phase 1 (M3–M6): ~$400K/mo — hardware CapEx hits here; robotics team fully staffed. Phase 2 (M7–M10): ~$550K/mo — compliance, observability, DX hires. Phase 3 (M11–M14): ~$700K/mo — sales team added; Notified Body fees; Series A legal costs. Phase 4 (M15–M18): ~$800K/mo — peak headcount; open-source launch marketing; Series A close provides next round of capital. --- ## §7 Design Partners — Target List The design partner program is the credibility multiplier before Series A. Three anchors, two verticals deep each. Contract shape: 12-month paid or fee-waived pilot (fee-waived for the first anchor per vertical, paid at $150K–$250K for subsequent), with defined success metrics, joint press release at GA, and customer reference rights at Series A. We do not announce a design partner without a signed reference rights agreement. ### Pharma / Biotech | Target | Contact Entry Point | Rationale | Success Metric | |---|---|---|---| | **Recursion Pharmaceuticals** | Head of Platform Engineering | AI-native pharma, heavy on ML infrastructure, GPU fleet management — natural bridge to agent orchestration. Already using robotic lab platforms. | LLM agent + OT-2 completes 10 compound prep protocols per week with full audit trail; zero manual re-runs required | | **Insitro** | CTO | ML-first drug discovery startup; familiar with ROS 2-adjacent automation; smaller decision-making unit than Big Pharma | Insitro lab automation pipeline runs through gsiso Physical AI Bridge; audit receipts satisfy internal compliance review | | **Novartis (Digital & Tech)** | Head of AI Lab, Basel | Scale: validates enterprise readiness. EU HQ: validates EU AI Act story directly. Large compliance budget. | Pilot of Lead-to-IND agent pack with physical lab arm; at least one EU AI Act Annex III requirement demonstrably satisfied | ### Manufacturing / Industrial | Target | Contact Entry Point | Rationale | Success Metric | |---|---|---|---| | **Siemens Digital Industries** | Head of Industrial AI | Existing ROS 2 toolchain; open to vendor-neutral orchestration; EU-based compliance budget | UR10e cobot fleet at one Siemens plant managed through gsiso; VLA policy update executed via sim gate without downtime | | **Fanuc America** | Chief Robotics Officer | Largest cobot installed base in North America; no existing AI orchestration layer | Five Fanuc CR-series cobots receive LLM-directed task scheduling via gsiso MCP bridge; throughput improvement measurable in 30 days | | **Boston Dynamics (Hyundai)** | VP Software Platforms | Atlas pilot at Hyundai Georgia plant is live; software orchestration is the gap; Boston Dynamics cannot build this fast enough internally | Spot or Atlas fleet telemetry ingested into gsiso; at least one LLM-directed inspection workflow running in production | ### Capital Markets | Target | Contact Entry Point | Rationale | Success Metric | |---|---|---|---| | **Citadel Securities** | Head of Technology Infrastructure | Multi-cloud, compliance-obsessed, willing to pay for audit-quality agent traces; high ACV potential | Research synthesis agent swarm producing MiFID II-compliant audit trails; agent actions traceable to individual DID in < 5 seconds | | **Two Sigma** | Head of Systems | Known ML infrastructure sophistication; open to vendor-neutral tooling; self-contained decision-making | Two Sigma internal agent workflow runs across two model providers simultaneously under gsiso governance; no single-provider lock-in | **Engagement sequence.** LOI signed → M0–M2. Integration spec written with partner → M3. Integration built in parallel with sprint plan → M3–M6. Partner onboarded to alpha → M6–M7. Production workload begins → M8. Paid renewal negotiated → M11. Press release cleared → M14. --- ## §8 Risk Register — Top 10 | # | Risk | Likelihood | Impact | Mitigation | |---|---|---|---|---| | 1 | **Hyperscaler bundles governance for free** | High | High | Ship Physical AI Bridge + EU AI Act conformity assessment first. Multi-cloud enterprises (51% of the market) and physical-AI use cases are not addressable by AWS Bedrock AgentCore or Azure AI Foundry in this timeframe. CE marking cannot be purchased — it requires a 6–12 month Notified Body process that hyperscalers have not started. | | 2 | **Figure / 1X humanoid hardware slips** | Medium | Medium | Multi-vendor strategy from day one: UR10e cobot (S6) and OT-2 lab arm (S4) do not depend on humanoid delivery. If humanoid hardware slips past Sprint 7, we extend S7 with a pure-sim humanoid demo and push physical humanoid to Phase 2. Design partner value proposition remains intact — no pharma or manufacturing pilot requires a humanoid in Phase 1. | | 3 | **Open-source governance gets a hostile fork** | Low | High | Register the "gsiso" trademark and "Agent Mesh OS" trademark before open-source launch at M15. Maintain commercial features (Policy Studio, Physical AI Bridge adapters, AI Act evidence pipeline) as proprietary. Apache 2.0 allows forking; it does not allow trademark usage. Red Hat maintained this posture successfully for 25 years. | | 4 | **EU AI Act enforcement delayed** | Medium | Medium | Pivot pitch to SOC2 Type II + ISO 42001 if EU enforcement slips. Both are buyer-ready certifications today; they do not require the EU to act. NIST AI RMF 2.0 adoption is accelerating in the US regardless of EU enforcement timing. The compliance value proposition survives an EU delay. | | 5 | **Safety incident at design partner site** | Low | Existential | Digital twin gate (Isaac Sim) is mandatory before every physical policy update — not optional, not bypassable. Hardware-level kill switch with ≤120ms propagation. Product liability insurance (minimum $10M per occurrence) purchased before any physical robot goes live. Weekly executive calls with partner during live robot phases. Scope all Phase 1 robot tasks to low-force, low-consequence operations (lab arm pipetting, cobot pick-and-place) before touching a humanoid. | | 6 | **Key founding hire quits** | Medium | High | Four-year vesting with one-year cliff. Co-founder equity offer to founding engineer #1 and #2 if they demonstrate founder-level ownership in Phase 0. Documented architecture decisions so no single engineer is the sole knowledge holder. Pair programming on all cryptographic and robotics core modules. | | 7 | **LLM price collapse hurts margins** | High | Low | Our value is governance, identity, and physical AI integration — not inference. LiteLLM routing already optimizes across providers. LLM price collapse accelerates agent adoption, which increases our addressable market. Our per-unit economics improve when inference costs fall. | | 8 | **Model provider deplatforms us** | Low | Medium | Multi-model from day one. LiteLLM routing ensures no single provider handles more than 60% of any customer's inference. Agent policy contracts specify fallback model chains. We have tested this: a Claude → GPT-4o fallback completes within 800ms in LiteLLM routing. | | 9 | **Design partner pilot fails publicly** | Medium | High | Scope minimization: define pilot success metrics narrowly and conservatively with the partner before integration begins. Weekly executive calls during live robot phases. Minimum viable demo agreed in writing before any press release is discussed. Failure is a private learning event; press is gated on explicit written clearance from both parties. | | 10 | **Series A market closes** | Medium | High | Reach $10M ARR with 3 named production customers before opening Series A conversations. A company with $10M ARR + a Notified Body engagement letter + named logos (Novartis, Siemens, Citadel) is fundable in any market. If the market is materially closed (post-correction, risk-off environment), extend runway via one additional design partner paid contract at ≥$250K ACV rather than raising at a bad price. | --- ## §9 Decision Gates Three explicit go/no-go decision points. At each gate, Gaurav Sisodia makes the call with input from the founding team. Pivot options are listed so the decision has known downside paths. ### Gate 1 — M6 (End of Phase 1 · October 2026) **Proceed criteria (all must be true):** - Three robot classes (humanoid in sim, cobot physical, lab arm physical) integrated and demonstrated to design partners - Trust Ledger generating signed receipts for every robot command, receipts verifiable by independent party - At least one design partner has agreed to move from LOI to active Phase 2 pilot - Monthly burn ≤$420K (Phase 1 target) **Pivot options if criteria not met:** - Drop humanoid integration from Phase 2; focus on cobot + lab arm as the Physical AI Bridge story — still defensible - If no design partner converts from LOI to pilot: extend LOI engagement one month and use Sprint 8 to refine the partner demo; if still no conversion, treat as a signal that the ICP needs to shift (e.g., away from pharma toward manufacturing) ### Gate 2 — M12 (End of Phase 2 early · April 2027) **Proceed criteria (all must be true):** - At least 2 design partners running production workloads through gsiso - Policy Studio GA and publicly demoed - Notified Body engagement letter signed or EU AI Act conformity dialogue actively underway - SOC2 Type II audit in progress - Monthly burn ≤$700K **Pivot options if criteria not met:** - If only 1 design partner in production: delay Series A, use M13–M14 to close a second partner before fundraise - If Notified Body engagement cannot be initiated (capacity constrained): substitute ISO 42001 third-party certification as the compliance narrative for Series A - If burn exceeds $700K: review team scaling pace; defer Head of Sales (position 11) by 2 months ### Gate 3 — M18 (End of Phase 4 · October 2027) **Proceed criteria (all must be true):** - Series A closed ($30–50M) - $10M ARR in signed contracts - 3 named production customers with reference rights - Agent Mesh OS core open-sourced on Apache 2.0 **Pivot options if criteria not met:** - If Series A closes at <$30M: accept if runway to $25M ARR is credible from the reduced raise; otherwise extend seed with a $3–5M bridge from existing seed investors - If $10M ARR is not reached: evaluate strategic acqui-hire by a hyperscaler (Microsoft, AWS, Google — all have structural reasons to want Physical AI Bridge capability) at a $150M–$300M range, which returns a 10–20× outcome on $15M seed investment for investors - If open-source launch is delayed: not a blocking condition for Series A; push to M21 --- ## §10 What We Explicitly Don't Build **Our own LLM.** LLM training and inference is a capital-intensive commodity race. Our value is governance over LLMs, not LLM capability itself. Building a model would make us a competitor to OpenAI, Anthropic, and Google — the exact providers whose API relationships are central to our multi-model neutrality story. **Our own vector database.** pgvector on Postgres 16 is sufficient for Phase 1–3 workloads. Purpose-built vector databases (Pinecone, Weaviate, Qdrant) add operational complexity and a new vendor surface without differentiation. We revisit at Phase 3 if benchmarks demand it. **Our own cloud or bare-metal infrastructure.** We run on AWS with multi-region support. Building a proprietary cloud is a decade-long and multi-billion-dollar undertaking. Cloudflare handles edge; AWS handles compute. Our Terraform modules ensure we are not locked to AWS primitives. **A generic "build your own agent" UI.** Competitors like xpander.ai, Beam, and Relevance AI own the low-code agent builder space. Our console is a governance and operations console, not an agent authoring tool. We will not compete for the no-code workflow market — it is high volume, low ACV, and orthogonal to our enterprise motion. **A consumer application.** All product decisions are made for regulated enterprise buyers — pharma, manufacturing, financial services. Consumer applications require different distribution, different pricing, different support models, and different regulatory considerations. This is a focus constraint, not a permanent exclusion. **A marketplace before M18.** The marketplace requires a developer community that has not yet been built. Launching a marketplace in Phase 1–3 would mean populating it with first-party packs at significant engineering cost, then maintaining an empty storefront. We open-source at M15 to seed the community; marketplace launches post-Series A when there is organic community supply. **Non-robotic physical verticals before M18.** Drones (MAVLink adapter) and warehouse AMRs (MiR250) are on the Phase 2 extension list but are not design-partner priorities. Smart building IoT, surgical robotics, and autonomous vehicles are genuine Physical AI Bridge opportunities — for Phase 5, post-Series A. The cobot/humanoid/lab-arm focus is sufficient to prove the category and close the first three design partners. --- ## §11 Closing: The 18-Month Bet The thesis is specific. By October 2027, gsiso.ai will have: 1. Connected LLM agents to physical robot fleets — humanoids, cobots, lab arms — in production environments, generating cryptographically signed audit receipts for every physical action. No company will have done this at enterprise scale before us. 2. Initiated the first EU AI Act conformity assessment dialogue for a multi-agent orchestration platform. The Notified Body engagement letter will be public. European regulated enterprises will have a procurement shortcut that does not exist from any hyperscaler. 3. Named three production customers across pharma, manufacturing, and capital markets — not pilots, not demos, but running workloads with signed reference rights. If all three are true by M12, we own the category. The Physical AI Bridge plus EU AI Act certification is a combination that no incumbent can replicate in 90 days — it requires robotics engineering talent and a Notified Body certification process that runs on calendar time, not engineering sprints. If we reach M12 with only two of the three, we raise Series A on what we have and use the capital to close the third. If we reach M12 with none of the three — if no design partner is in production and the Notified Body engagement has not started — we sell to a hyperscaler. The Physical AI Bridge capability and the compliance engineering team are worth $150–$300M to Microsoft, AWS, or Google even in a scenario where we did not build the business. The sell outcome is not a failure scenario; it is a floor that is acceptable to investors at a $15M seed raise. The bet, precisely stated: **three regulated-industry design partners in production + Physical AI Bridge GA + first EU AI Act conformity dialogue by M12 = category ownership.** Every engineering, hiring, and budget decision in this document is oriented toward that single outcome. The window is real. The competition is running. We ship. --- ## Sources 1. Fortune Business Insights — Agentic AI Market Size: 2. Robotics Center — State of Robotics 2026: 3. Trilateral Research — EU AI Act Implementation Timeline: 4. Fifthrow — AI Agent Orchestration Goes Enterprise (April 2026): 5. VentureBeat — Most Enterprises Can't Stop Stage Three AI Agent Threats: 6. Futurum Group — Who Will Win the Agent Orchestration Layer Battle: 7. MetricStream — NIST's AI Agent Standards Initiative: 8. AI World Journal — Introducing the AI Kill Switch for Agents: 9. NVIDIA — Isaac GR00T N1 Open Humanoid Foundation Model: 10. youngju.dev — Humanoid Robots 2026 Complete Guide: 11. CMSWire — Sierra AI $10B Valuation: 12. TechCrunch — Cognition AI $10.2B Raise: 13. StackOne — MCP: Where It's Been, Where It's Going: 14. Stellagent — A2A Protocol Google Agent-to-Agent: 15. Ringly.io — AI Agent Statistics 2026: