BrickThink
Sign in
← All roles

Full-Stack CTO

Remote· Full Time

Context

BrickThink is an open-source, remote-native platform for running the five-stage LEGO® SERIOUS PLAY® methodology online. It is in active Phase 1 development on main, with breaking changes expected before 1.0. There is no paid tier and no plan for one — this is not a revenue-driven SaaS role. You own the technical direction of a product whose moat is methodology fidelity, accessibility, and real-time collaboration quality, not monetisation.

Stack you will own

Next.js 15 (App Router), React 19, TypeScript, Supabase (Postgres, Auth, Storage, RLS), Konva for the 2D brick canvas, Yjs CRDT for live collaboration, deployed on Railway as separate web and worker services. The Yjs WebSocket worker is the sole writer to both the CRDT snapshot and the JSON projection — you must understand why that constraint exists and defend it.

Responsibilities

  • Set and enforce architecture across the canvas, real-time layer, and data model (sessions, stages, stage_rooms, transitive can_edit_room() membership, models, yjs_documents).

  • Own the security model: Supabase RLS as primary enforcement, server-side requireAdmin() and facilitator checks as defence-in-depth, 60s HS256 JWT minting for WebSocket upgrades.

  • Drive the roadmap from Phase 1 (feedback) through Phase 2 (capture/export), Phase 3 (opt-in AI assist), and Phase 4 (self-host and scale beyond ~8 participants/session).

  • Maintain quality gates: typecheck, lint, Vitest, Playwright against local Supabase. Hold the line on the required-reviewer gate for production migrations.

  • Make build-vs-defer calls on the in-flight backlog: multi-brick selection, full SVG export, custom scenario authoring, async/hybrid session modes, join-code rotation UI.

  • Uphold WCAG 2.2 AA as a hard requirement, not a polish task — keyboard navigation, screen-reader brick descriptions, colourblind pattern overlays.

  • Govern the no-billing policy in code: any reintroduction of payment infrastructure must be explicit, never resurrected from removed scaffolding.

Requirements

  • Deep production experience with React, TypeScript, and a Postgres-backed real-time stack.

  • Hands-on CRDT/Yjs or equivalent conflict-free collaboration experience. This is the hardest part of the system; theoretical familiarity is insufficient.

  • Strong grasp of row-level authorisation models and multi-tenant data isolation.

  • Demonstrated open-source stewardship: PR review discipline, public issue triage, contributor onboarding.

  • Comfort being the sole or near-sole senior engineer in early-stage ambiguity.

Disqualifiers

  • Requires a large team to function.

  • Treats accessibility as out of scope.

  • Wants to bolt on a monetisation layer.

Apply

Your CV is stored securely and automatically deleted after 7 days.