Tome — the platform underneath every Wabbit build
It's not a product. It's how we work.
Tome is the application platform every Wabbit build runs on. Twenty-three packages, written in TypeScript, kept in production. The reason your platform can ship in months instead of years, the reason it costs mid-five-figures instead of six, and the reason it keeps running after we hand it over.
We didn't build Tome to sell. We built it because the alternative was watching every client project become a fight with the architecture.
WHY IT EXISTS — 01
SECTION 01 / 07
Three walls we kept hitting.
For years we built on WordPress. We still recommend it for many use cases. But our clients kept needing things it could not do.
THE WALL
CASE 01 — MEMBERSHIP
Hierarchical permissions.
Unit leaders needed to see their teams but not other teams. Permissions had to flex with the org chart.
WordPress gave us four user roles. Binary. Flat. Inflexible.
A wall.
THE WALL
CASE 02 — FINANCE
Atomic transactions.
Money moving from one account, landing in another, every change auditable, no half-completed states ever.
WordPress gave us custom post types and crossed fingers.
A wall.
THE WALL
CASE 03 — TRAINING
Connected certifications.
Courses tied to certifications tied to organizational prerequisites, with progression rules that enforced themselves.
WordPress gave us a plugin ecosystem fighting itself.
A wall.
THE THESIS
We were not fighting our clients.
We were fighting our architecture.
So we stopped fighting and built our own foundation — not to sell, to use.
WHAT IS IN IT — 02
SECTION 02 / 07
Twenty-three packages, by domain.
Tome is composed, not monolithic. Each package handles one domain coherently, and every package has been hardened against production demands at organizational scale. Pick a domain to see its packages and the surface they power.
IDENTITY AND ACCESS
Member identity, hierarchical RBAC, instant revocation.
Member identity distinct from user accounts, role-based access with attribute-based extensions, session management, multi-factor and passkey support, immediate revocation on standing change, full audit trail of every access decision.
PACKAGES — 4
@wabbit/tome-core@wabbit/tome-better-auth@wabbit/tome-org@wabbit/tome-admin
Built deep on purpose.
Not in theory. In production today, at organizational scale.
WHAT IT RUNS — 03
SECTION 03 / 07
Tome is production-grade, right now.
Not theory. Not unshipped code. In production today, at organizational scale — three deployments that share zero surface area except the substrate underneath.
DEPLOYMENT 01
Vanguard
Star Citizen Milsim organization, live
700+
MEMBERS, ONE PLATFORM
RUNS
- ORBAT — wings, units, squadrons, billets.
- Hierarchical command with delegated authority.
- Training academy with prerequisites + certifications.
- Double-entry financial ledger.
- Multi-signature governance. Discord sidecar.
DEPLOYMENT 02
Wabbit + siblings
Every site we ship, live
11
PRODUCTION DEPLOYMENTS
RUNS
- Every Wabbit Static and Platform build.
- wabbit.com — the site you are reading now.
- The Living Library — essays, series, methodology.
- Same substrate as Vanguard.
DEPLOYMENT 03 — BETA
6DOF Academy
Flight trainer for SC + Elite pilots
6DOF
DEGREE-OF-FREEDOM FLIGHT
RUNS
- WebHID input from HOSAS rigs.
- three.js 3D scenarios with frame-accurate input traces.
- Stress-tested by the genre’s most demanding pilots.
- Same substrate as the financial ledger.
THE READ
The breadth is the point.
A platform that holds up under that range is the platform your business would run on.
WHAT CHANGES — 04
SECTION 04 / 07
When we build for you on Tome, here is what changes.
Four things, in plain terms — each one a shift.
SPEED
The hardest parts of a platform are already built and battle-tested.
Before
18 months
Custom build from zero. Plumbing eats the budget.
After
4–6 months
Build inherits identity, ledger, permissions, training — already battle-tested. You build what is actually unique to your operation.
QUALITY
Type-safe from database to interface.
Before
Errors after
Caught in production, in front of real users.
After
Errors before
Caught in the type checker, before deploy. Real performance, real security, a maintenance story that does not fall apart in eighteen months.
OWNERSHIP
You own the platform and the source code.
Before
Monthly rent
Pay to access your own data, forever.
After
Outright
Source code yours from launch. No lock-in. If you ever decide to part ways, we help you take it with you. We have never had to — but the contract makes the answer easy.
LONGEVITY
The connected-project retainer keeps it current.
Before
$800 emergencies
Unmaintained software rots. You get the bill when it breaks.
After
Maintained
Security patches, platform updates, ongoing evolution as your business changes. Yours stays current and improving instead of decaying between crises.
STRAIGHT ANSWER — 05
Is Tome a product we sell? Not currently.
Three futures we have considered. The decision about which (if any) is not yet made — productization would mean becoming a software company on top of an agency, and we want to be sure before making that change.
SECTION 05 / 07
FUTURE 01 — UNDECIDED
Licensed
to partner agencies
Other agencies build on Tome with a commercial license plus our support. Closest to what we already do.
Smallest cultural shift; clearest revenue path.
FUTURE 02 — UNDECIDED
Vertical SaaS
for community-shaped orgs
Self-serve, hosted, multi-tenant for organizations that look like the ones we serve today.
Biggest investment, biggest shift. Becomes a software company.
FUTURE 03 — UNDECIDED
Managed hosting
we run yours, you own it
For clients who do not want to run their own infrastructure. They keep the code; we keep the runtime current.
Smallest delta from today.
UNDER THE HOOD — 06
SECTION 06 / 07
Production-grade, observable, and ours.
Twenty-three packages. Strict TypeScript end-to-end. Published to a private registry we run ourselves.
App Router, RSC, client components where needed.
Server-state with cache invalidation. UI state isolated.
Passkeys, 2FA, OAuth. Revocation is instant. Rate limit fail-closed.
The substrate. Identity, content, training, ledger, ops, realtime — all sharing one identity model + audit trail.
Type-safe from DB to UI. Strict null checks throughout.
Mongoose ODM. Redis cache. BullMQ jobs. CDN media isolated per member.
Real machines, not serverless. Containerized. Predictable cost.
The substrate, made visible — the architecture the way you run it.
NEXT DOOR — 07
SECTION 07 / 07
Want to build on it? Two ways forward.
Capability lives here. Conversion lives next door — and proof one door past that.
DOOR 01 — PRIMARY
/platform-builds
Platform Builds
Architecture Sprint, scoped build, retainer. The conversation that trades your operational details for a real plan — cost, phases, risks. If you have outgrown your tools and are ready to scope what comes after, that is where to go.
See the offerDOOR 02 — SECONDARY
/studies/vngd
The Vanguard study
700+ members, 85+ collections, 48 RBAC policies — eight years in the making. The full case study: what we built, how it works, what it cost.
Read the case study
For now: Tome is how we work. The way to use it is to hire us.