Skip to content
NovaQuantiX
Back to home
Engagement

Six weeks, three locked phases.

Updated: May 30, 2026

Every engagement follows the same structure: discovery & architecture (week 1), reproducible engineering (weeks 2-6), delivery & ownership transfer (week 6+). Fixed-price per phase, verified CI/CD gates, immutable build logs.

Phase 1 — Discovery & architecture (week 1)

Inputs

  • Mutual NDA (MNDA standard or your own template)
  • Read-only access to relevant systems (codebase, docs, logs)
  • Stakeholder interviews (60-90 min total)

Activities

  • Map data flows, agents, tools, and trust boundaries
  • Identify constraints (latency, cost, compliance, integrations)
  • Draft Architecture Decision Record (ADR)
  • Define acceptance criteria with quantitative thresholds

Deliverables

  • Written ADR (typically 6-12 pages)
  • Fixed budget with milestones
  • Delivery schedule with explicit dates
  • Threat model with mitigation plan

Exit criteria

You countersign the SOW. No code is written before this signature.

Phase 2 — Reproducible engineering (weeks 2-6)

Pipeline

Each commit triggers, in order:

  1. Static analysis (TypeScript strict, Rust clippy, Python ruff)
  2. Unit + integration tests with deterministic seeds
  3. Inspect-AI evaluation suite against pinned datasets
  4. Build artifact production (binaries, images, model weights)
  5. Ed25519 signature of the artifact + manifest
  6. Append to Merkle-chained build log
  7. Deployment to the engagement staging environment

Cadence

  • Daily async written status (Slack/email)
  • Weekly 30-min sync (optional, async by default)
  • Bi-weekly milestone demo

Failure handling

Any failed evaluation, missed SLO, or regression is reported in the same hour it's observed, with a root-cause hypothesis attached. No surprises at milestone review.

Phase 3 — Delivery & ownership transfer (week 6+)

Handover package

  • Source repository with full commit history
  • Signed releases + Merkle log root
  • Inspect-AI evaluation suite + datasets
  • Runbook (deployment, rotation, monitoring, incident)
  • On-call playbook
  • Architecture diagram + ADR finalised
  • SBOM (CycloneDX)
  • Model card when applicable
  • Ownership-transfer letter (legally formalises asset transfer)

Training

Up to 2 sessions (1-2h each) with your engineering team to walk through the runbook, eval suite, and architecture. Recorded if requested.

Cooling-off

14 days of post-handover support included by default for clarifying questions and minor adjustments. Structured ongoing support is opt-in and quoted separately.

What we never do

  • Hold production keys after handover
  • Tie your codebase to proprietary tooling we control
  • Use your data outside the engagement scope
  • Ship code we cannot sign