How much does it cost to build an AI MVP?

An AI MVP with Zero to Ten typically starts with The Discovery Sprint (2-4 weeks) to validate the concept and define scope before any build investment. Full MVP development costs vary widely depending on complexity, but working with a solo fractional CTO like Rick Deacon is significantly more cost-effective than a dev agency.

How long does a Discovery Sprint take?

The Discovery Sprint runs 2-4 weeks. By the end, you have a Problem Validation report, Solution Architecture, AI Integration Map, Security Foundation recommendations, and a Launch Roadmap.

What's the difference between a fractional CTO and a dev shop?

A fractional CTO is embedded in your team, setting technical strategy, making architectural decisions, and being accountable for outcomes. A dev shop executes tickets and hands off code.

Do you work with non-technical founders?

Yes. Most clients are non-technical founders who have a clear problem and market insight but need a technical partner to translate that into a product.

What industries do you specialize in?

Rick Deacon has deep experience in cybersecurity, Web3, fintech, automotive, and B2B SaaS, spanning companies from Y Combinator-backed startups to Fortune 500 security clients.

What AI tools and frameworks do you use?

The stack depends on the use case. Common tools include OpenAI and Anthropic APIs for LLM integration, LangChain and custom agent frameworks for AI workflows, Supabase for real-time data and auth, and React/Vite for frontend.

How is this different from hiring a development agency?

Agencies are optimized for throughput across many clients. Zero to Ten is optimized for your outcome. Rick works directly on your product, no project managers, no handoffs, no scope creep.

What happens after the Discovery Sprint?

After the Discovery Sprint, you have three options: proceed to Build & Launch with Zero to Ten, take the deliverables to a team of your choosing, or use the roadmap to raise funding. No obligation to continue.

Do you offer ongoing support after launch?

Yes. After launch, ongoing support is available as a retainer covering technical strategy, AI systems maintenance, team hiring and management, and continued product development.

Why should I choose a solo builder over a firm?

Firms add overhead. With Zero to Ten, you pay for Rick's time and output directly. His background includes co-founding a YC startup (Apozy, W17), building and exiting RADwood to Hagerty, and launching Interlock to 30,000+ weekly users.

Case Study

Zero to 650,000 Users: What I Learned Building Interlock

2026-03-10 · 12 min

The Starting Point

Interlock started with a simple observation: Web3 users were getting destroyed by phishing attacks and the existing security tools didn't work for decentralized environments. Traditional browser security assumed a corporate IT department managing endpoints. Web3 users were individuals managing their own digital assets, often worth six or seven figures, with no security team backing them up.

The first version was embarrassingly simple. A browser extension that checked URLs against a known-bad list and warned users before they connected their wallets. It was crude, but it worked well enough to prove the thesis: users wanted protection and were willing to install an extension to get it.

Finding the Growth Loop

The growth loop wasn't viral in the traditional sense. It was community-driven. When Interlock blocked a phishing site, users shared screenshots in Discord and Telegram channels. "This extension just saved me from connecting my wallet to a scam site." Those screenshots were more effective than any ad campaign.

We leaned into this by making the protection visible. Clear, informative warnings with specific details about why a site was flagged. Users became evangelists because the product delivered visible, immediate value. Every blocked threat was a marketing moment we didn't have to pay for.

Scaling Security at Scale

Going from 10,000 to 650,000 daily active users forced us to rethink everything about how we processed threat data. The static blocklist approach that worked at small scale was too slow for the volume and velocity of new Web3 threats. Phishing sites were spinning up and disappearing in hours.

We built an AI-powered threat detection pipeline that could classify new URLs in real time without waiting for manual review. The system processed millions of data points daily, learned from user reports, and updated protection across 650,000+ browsers simultaneously. All while maintaining a privacy-first architecture that never collected user browsing data.

The Numbers

650,000+ daily active users. Over $100M in digital assets protected. Real-time threat detection processing millions of URLs daily. Zero user data collected. These numbers represent years of iteration, multiple architectural rewrites, and a relentless focus on the metric that mattered: assets protected.

What I'd Do Differently

I'd validate the enterprise sales motion earlier. We focused on individual users because the growth was organic and exciting. But the bigger opportunity was always in enterprise. Crypto exchanges, custodians, and DeFi protocols needed browser security for their users and were willing to pay for it. We got there eventually, but starting earlier would have accelerated revenue significantly.

I'd also invest in the data pipeline infrastructure earlier. We retrofitted our real-time processing system after hitting scale. Building it right from the start would have saved months of painful migration while serving hundreds of thousands of active users.