Features
Headline list of what Caputchin does, split across the three plans. Each row links to the topic doc for detail. This page is the "what does this product do?" reference; for "what we ship in MVP versus later" see roadmap.
Plans build on each other: Paid includes everything in Free, Enterprise includes everything in Paid. The columns below show where a feature is first introduced.
| Status |
Meaning |
| MVP |
Ships in the 10-week MVP |
| Post-MVP |
Deferred to a later build slot; design may not exist yet |
Plans at a glance
| Dimension |
Free |
Paid |
Enterprise |
| Rate limits (not configurable — auto-tiered) |
Low |
High |
Unlimited |
| Statistics & data |
Aggregated only |
Aggregated + per-session details |
Same as Paid |
| Hosted verification |
— |
✓ |
✓ |
| Scoreboards (Post-MVP) |
— |
✓ |
✓ |
| Extended game languages (Post-MVP) |
— |
✓ |
✓ |
| Custom game themes (Post-MVP) |
— |
✓ |
✓ |
| White labeling (Post-MVP) |
— |
— |
✓ |
| Custom forwarder domains (Post-MVP) |
— |
— |
✓ |
| Audit logs (Post-MVP) |
— |
— |
✓ |
| Multi-account / teams (Post-MVP) |
— |
— |
✓ |
| SSO / SLA / dedicated support (Post-MVP, TBD) |
— |
— |
✓ |
Core verification
| Feature |
Plan |
Status |
Gamified CAPTCHA via <caputchin-widget> element |
Free |
MVP |
| Cap PoW + browser instrumentation bundled into the widget — see cap-integration |
Free |
MVP |
Three-endpoint platform API (/game/start, /game/complete, /siteverify) — see api |
Free |
MVP |
| Server-side replay protection + wrapped-token HMAC — see api |
Free |
MVP |
Pool selection (games="a,b,c" attribute) — see widget |
Free |
MVP |
Backend integration
| Feature |
Plan |
Status |
Call /siteverify from any HTTP client — see snippets |
Free |
MVP |
| Public OpenAPI spec for codegen — see api — OpenAPI spec |
Free |
MVP |
| Hosted verification — point your form at Caputchin instead of running your own backend; webhook + email destinations |
Paid |
MVP |
Custom forwarder domains (forms.yourdomain.com) for hosted verification |
Enterprise |
Post-MVP |
Mobile
| Feature |
Plan |
Status |
| Mobile embed page for WebView integrations |
Free |
MVP |
| Native iOS / Android SDKs (thin wrappers over WebView) |
Free |
Post-MVP — see mobile |
Game ecosystem
| Feature |
Plan |
Status |
Game SDK — author games against a stable register() contract |
Free |
MVP |
| Three distribution paths (marketplace via jsDelivr, self-hosted, bundled) |
Free |
MVP |
| Marketplace browse, support-flag filters, GitHub-topic indexer |
Free |
MVP |
| Marketplace publishing (anyone with a GitHub repo) |
Free |
MVP |
| 1–2 first-party games seeding the catalog |
Free |
MVP |
| Extended game language set beyond default |
Paid |
Post-MVP |
| Custom game themes (colors, custom assets) |
Paid |
Post-MVP |
Account management — four modalities
All four modalities give every account the same management capability; the choice is ergonomic, not tier-gated. See ADR-0012.
| Feature |
Plan |
Status |
| Dashboard UI — humans clicking |
Free |
MVP |
| OpenAPI surface for the management API — programmatic from any language |
Free |
MVP |
MCP server (@caputchin/mcp + hosted at mcp.caputchin.com) for AI agents |
Free |
MVP |
Terraform provider (caputchin/caputchin on the Terraform Registry) for IaC |
Free |
MVP |
Account-level management API tokens (cpt_pat_...) — see management-api — Authentication |
Free |
MVP |
| Site key management: create, rotate secrets, domain allowlist |
Free |
MVP |
Statistics & data
The privacy guardrail: "details" means per-session metadata (sessionId, gameId, score, durationMs, timestamp). It does not mean user-identifying data — no IPs, UAs, geo, fingerprints, or cross-session identifiers at any plan. The structural privacy posture holds across all tiers.
| Feature |
Plan |
Status |
| Aggregate per-site-key counters: sessions started / client-completed / server-verified — see dashboard |
Free |
MVP |
| Integration health diagnostics derived from those counters |
Free |
MVP |
Per-session details (sessionId, gameId, score, durationMs, timestamp) — enables scoreboards and richer dashboards |
Paid |
Post-MVP |
| Scoreboards — per-site-key, per-game leaderboards with 3-letter session-scoped handles set asynchronously, no per-user data — see privacy, ADR-0014 |
Paid |
Post-MVP |
Rate limits
Caputchin applies rate limits per site key. Not customer-configurable — set automatically based on plan. We adjust the thresholds as we observe abuse patterns; specifics are not pinned in docs to retain flexibility.
| Feature |
Plan |
Status |
| Low default rate limit |
Free |
MVP |
| High rate limit |
Paid |
MVP |
| Unlimited rate limit |
Enterprise |
MVP |
Branding
| Feature |
Plan |
Status |
| Caputchin branding visible on the widget |
Free / Paid |
MVP |
| White labeling — remove Caputchin branding from the widget |
Enterprise |
Post-MVP |
Enterprise extras
Specifics will be filled in as enterprise demand emerges and the first deal-shape informs scope.
| Feature |
Plan |
Status |
| Custom forwarder domains for hosted verification |
Enterprise |
Post-MVP |
| Audit logs — who-did-what across the four management modalities |
Enterprise |
Post-MVP |
| Multi-account / teams — org-level membership + role split |
Enterprise |
Post-MVP |
| SSO for dashboard login |
Enterprise |
Post-MVP (TBD) |
| SLA guarantees |
Enterprise |
Post-MVP (TBD) |
| Dedicated support channel |
Enterprise |
Post-MVP (TBD) |
What we deliberately do not offer — at any plan
These are structural commitments, not gaps to be filled — see principles and privacy.
| Feature |
Why we don't offer it |
| Confidence / risk score from CAPTCHA |
ADR-0002 — score is gameplay metadata, never a security signal |
| User-level analytics, IP / UA / geo / fingerprint collection |
Privacy is structural. We can't leak what we don't have. |
| Self-hosting |
ADR-0004 — hosted-only at MVP; open-core remains a deferred option |
| Per-language server or client SDKs (Node, Python, Go, …) |
ADR-0011 — we ship the contract + OpenAPI + snippets; customers codegen their own |
| Framework-specific widget wrappers (React / Vue / Svelte / etc.) |
The web component works in every framework natively — see roadmap |
| Game pool lock / centralized game configuration |
Honesty over theater — looks like security, isn't |
| Action binding |
Same — deferred entirely |
| Hosted verification submission storage / "inbox" UI |
ADR-0007 — privacy posture intact, customers build records on their webhook end |
| Indexing or querying scoreboards by nickname |
ADR-0014 — would approximate per-user analytics |
| Configurable rate limits |
Per-customer tuning is a support tax for limits that protect our infrastructure. Sensible defaults per plan, set by Caputchin. |
