Skip to content

Marketing Feature Brief

For the marketing team: what you can pitch safely, what needs a caveat, and what not to promise yet. Source: full codebase review. Last verified: July 4, 2026.

T-Chat (Tesark Chat SDK) is a multi-tenant, embeddable chat product: a drop-in React SDK, a Supabase-powered backend, and an admin dashboard for the customer’s team.


Safe to pitch — shipped and working end-to-end

Core messaging

  • Realtime 1:1 and group conversations (delivery via Supabase Realtime)
  • Replies/quotes, @mentions, emoji reactions, in-thread message search
  • Message edit and delete (1-hour window), optimistic sending
  • Attachments: images, video, files — with secure signed download links
  • Link previews (server-side, privacy-safe scraping)
  • Presence (who’s online), typing indicators, read receipts, unread badges
  • System announcements and event timeline messages (e.g. “X joined”) injectable by the host app

Built-in moderation (baseline)

  • Every message passes through a moderation pipeline before it lands: profanity filtering, contact-info detection, and custom wordlists — always on, per tenant

Integration & platform

  • React SDK published to npm — drop-in <ChatPanel> plus composable hooks/components, themeable
  • Clean server-to-server API: scoped API keys, user provisioning, conversation management
  • Secure end-user auth: short-lived JWTs minted by the customer’s backend
  • Multi-tenant isolation enforced at the database level (row-level security)

Admin dashboard

  • Tenant, user, and conversation management; API key lifecycle (create/revoke, scopes, expiry)
  • Operator review mode: support staff can open any conversation read-only (time-boxed, audited)
  • Webhooks to the customer’s backend (signed, with test ping) — currently for stale-unread alerts
  • Full audit trail of admin and API actions
  • Usage & plan visibility: live meters for MAU, messages, storage, bandwidth
  • Integration snippets, API/chat playgrounds, dark mode

Plans (implemented in product)

  • Sandbox (free), Starter $99/mo, Pro $299/mo, Enterprise (custom) — limits enforced per plan; over-limit tenants are gracefully frozen (read-only) rather than cut off

Pitch with a caveat — works, but conditional

FeatureReality — how to phrase it
AI-assisted moderationAI harm detection runs only when an OpenAI key is configured; wordlist moderation is always on. Say “AI-assisted moderation available”, not “all messages AI-screened”.
Browser push notificationsFully built, but requires per-deployment setup (VAPID keys + a service worker in the host app). Say “supported”, not “out of the box”.
Email digests (unread summaries)Cron + email integration exists; requires email provider configuration.
Usage alertsOver-limit freeze works; the 80%-usage warning email is not sent yet (in-dashboard alert only).

Do NOT pitch yet — not built

  • Self-serve payments / checkout — upgrades are handled manually (“contact us”); no Stripe integration
  • Moderation settings UI — customers cannot edit moderation rules/wordlists from the dashboard yet (backend supports it; UI/API pending)
  • User blocking (end-user blocks another user)
  • Analytics dashboards
  • SSO / Enterprise SLAs
  • conversation.member_added webhook — listed in the catalog as “coming soon”

If any of these come up in a pitch, position them as roadmap, not product.


Feature status checklist

Done

  • Operator onboarding & tenant creation — signup creates operator, sandbox tenant, membership, default moderation config
  • Message sending with realtime — send/edit via moderated API; delivery, reads, reactions, deletes via Supabase Realtime + RLS
  • DM & group conversations — CRUD, members, permissions, archive, nicknames, group icons, external IDs
  • Message features — replies/quotes, @mentions, in-thread search, 1-hour edit/delete window, optimistic sends
  • Reactions (emoji, realtime)
  • Attachments — image/video/file upload with signed download URLs and storage/bandwidth metering
  • Link previews (server-side OG scraping)
  • Presence, typing indicators, read receipts, unread counts
  • System & event messages — host-injected announcements and timeline event lines
  • API key management — hashed keys, scopes, expiry, revocation
  • End-user auth — API-key-minted 6h JWTs with MAU metering
  • Review sessions / operator read-only chat — 1h reviewer JWTs, audited
  • Host webhooks — endpoint CRUD, signing secrets, test ping, stale-unread delivery
  • Billing & plans (read side) — plan tiers, billing periods, usage meters, past-due handling, commercial-freeze UX in SDK
  • Admin dashboard — tenants, users, conversations (with review drawer), API keys, webhooks, audit log, integration snippets, playgrounds, dark mode
  • Audit trail & cron job telemetry

Partial (gated or incomplete)

  • AI harm moderation — only when OpenAI key configured; wordlists always on
  • Web push notifications — needs VAPID keys + host service worker
  • Email digests — needs email provider (Resend) configuration
  • Usage cap enforcement — freeze works; 80%-threshold alert emails deferred
  • JWT refresh — host must re-mint tokens; SDK exposes a refresh callback only

Not built (promised/planned only)

  • Self-serve payments / Stripe checkout
  • Moderation config dashboard UI
  • User blocking
  • Analytics dashboards
  • SSO / Enterprise SLAs
  • conversation.member_added webhook

Domain explanations

Tenant, plans & billing

A tenant is one customer workspace (an app that embeds the chat). Everything — users, conversations, API keys, webhooks, usage — is scoped to a tenant, with isolation enforced at the database level via row-level security. Dashboard operators are linked to tenants through memberships; one operator can own several tenants and switch between them.

Each tenant points at a plan tier (sandbox, starter, pro, enterprise) that defines its limits (MAU, messages, storage, bandwidth). Commercial state is tracked in billing records (provider link, trial, overrides), billing periods (active/past-due cycles), and per-period usage metering — counters incremented as tokens are minted, messages sent, and attachments transferred. When a period goes past due, the tenant is commercially frozen: the SDK shows a banner and sending/typing are disabled, while reading stays available. There is no payment processor integration yet; upgrades are handled manually via a contact flow.

Messages & conversations

A conversation is a DM or group thread, with a members table carrying per-member permissions and nicknames. Messages belong to a conversation and come in three kinds: user (normal chat), system (host announcements), and event (timeline lines like “X joined”). Messages support replies, mentions, reactions, attachments, and soft deletion.

The write and read paths are deliberately different:

  • Send/edit goes through the moderation API so every message passes moderation (wordlist + optional AI harm check), the billing freeze check, and usage metering before insert.
  • Everything else (reading history, realtime delivery, reactions, deletes, typing, presence, read receipts) talks to Supabase directly under RLS via Realtime channels — the API server is never in that hot path.

Auth model (three lanes)

  1. API key (server-to-server): the customer’s backend provisions users, manages conversations, and mints end-user JWTs.
  2. End-user JWT (6h): powers the React SDK for a specific user; a reviewer variant grants 1-hour read-only access.
  3. Dashboard auth (operator session or admin secret): powers the admin dashboard.

One-paragraph elevator pitch (safe version)

T-Chat is a drop-in chat SDK for React apps: realtime 1:1 and group messaging with reactions, replies, mentions, attachments, link previews, presence, typing, and read receipts — all with built-in message moderation and strict per-tenant data isolation. Your backend keeps control through a clean API and signed webhooks, while your team gets an admin dashboard with audited read-only conversation review, API key management, and live usage metering. Plans from a free sandbox to enterprise.