LazyToken — Demo Environment
A repeatable, synthetic-data demo for sales conversations and evaluations. It stands up a LazyToken server populated with a realistic mid-size R&D org so every dashboard screen tells a story — without any real customer data.
The demo dataset is generated by server/scripts/seed-demo.ts (npm script seed:demo). It is deterministic (same numbers every run) and self-contained: it creates its own org and never touches the small seed.ts fixture used by tests.
1. What the demo represents #
Northwind Labs — a 60-seat, Enterprise-tier org, ~90 days into adoption:
| Dimension | What the seed creates |
|---|---|
| Teams | Platform, Payments, Data, Mobile, SRE — each "goes live" on a different day, producing a real adoption curve |
| Developers | ~22 developer accounts across the five teams |
| Devices | ~21 active devices (macOS/Linux/Windows), 2 "silent" (stale), 1 revoked, one on an older agent version |
| AI agents | Copilot and Claude Code as first-class citizens (Copilot-heavy, mirroring a Microsoft shop), plus a Cursor / Gemini CLI tail — per PRD §3.7 agent-equality |
| Metrics | ~90 days of daily savings with weekday seasonality; ~7–8k raw metric rows |
| Opportunities | kubectl / docker / terraform show as high-volume, low-savings passthrough (≈8–12% saved) next to build/test tools at 76–85% |
| Security events | Context Firewall (DLP) events across all rule types — aws-key, github-token, openai-key, anthropic-key, private-key, connection-string, jwt, high-entropy, guardrail-block — type + tool + time only, never a matched value |
| Licensing | A live Enterprise license window so the header shows a healthy, non-expired license |
Roughly: ~54M raw tokens → ~28M after filtering (~49% saved org-wide), with the strong-savings tools far higher and passthrough tools deliberately low so the Opportunities story lands.
2. Launch the demo #
Assumes Node 22+ and PostgreSQL 16 (or use the Docker path from the Quick Start). Use a dedicated database so the demo is easy to reset:
cd server
npm ci
createdb lazytoken_demo
DATABASE_URL=postgresql://<user>@localhost:5432/lazytoken_demo npx prisma migrate deploy
DATABASE_URL=postgresql://<user>@localhost:5432/lazytoken_demo npm run seed:demo
# Start the server against the SAME database:
DATABASE_URL=postgresql://<user>@localhost:5432/lazytoken_demo npm run dev
The seed prints the logins and a live enroll token. Open the dashboard (default http://localhost:8080).
Reset / re-seed: the seed refuses to run twice into the same DB. To start over, drop and recreate the database:
dropdb lazytoken_demo && createdb lazytoken_demo
DATABASE_URL=...lazytoken_demo npx prisma migrate deploy
DATABASE_URL=...lazytoken_demo npm run seed:demo
3. Demo logins #
| Role | Password | Use it to show | |
|---|---|---|---|
| Admin | admin@northwind.demo | demo-admin-1234 | Everything — policies, users, licensing, settings |
| Finance | finance@northwind.demo | demo-finance-1234 | The ROI / cost angle (CFO persona) |
| Lead | lead@northwind.demo | demo-lead-1234 | Team-scoped view (Platform team lead) |
| Viewer | viewer@northwind.demo | demo-viewer-1234 | Read-only executive view |
These are synthetic demo credentials for a throwaway database. Never reuse them for anything real.
4. Suggested demo script (≈8 minutes) #
- Open on Executive as
admin@northwind.demo. Lead with the headline: "~49% of tokens filtered out before they ever reached the model, across ~90 days." Point at the adoption curve — teams coming online one after another. - Teams. Show the spread across Platform / Payments / Data / Mobile / SRE and drill into one. Mention the anonymization mode ("Dev #N") for works-councils and GDPR-sensitive orgs (see the Security Whitepaper).
- Commands / Opportunities. Contrast the strong savers (git, cargo, pytest at ~80%) with
kubectl/docker/terraformflagged as passthrough opportunities — "here's where we can tune filters next." - Security (the differentiator). Open the Context Firewall screen: counts by type over time — AWS keys, GitHub/OpenAI/Anthropic tokens, private keys, guardrail blocks. Emphasize: we log that a secret was blocked, never the secret itself. This is the moment the conversation moves to the security budget.
- Fleet. Show active vs. silent devices and an out-of-date agent — the "central control" story for the DevEx/Platform persona.
- Agent equality. Filter by AI agent to show Copilot and Claude Code side by side — "we're not a Claude-only tool; we cover the fleet you actually run."
5. What to say about the data #
- It is synthetic — generated locally, deterministic, no customer involved.
- The shape is realistic (adoption ramp, weekend dips, passthrough tools, DLP event mix) so the screens behave like production.
- Nothing in the demo dataset violates the privacy model: metrics are numbers + tool names; security events are
{type, tool, time}only. It is the same allowlist the real agent is bound to.
6. Notes and honest caveats #
- The demo uses password logins for simplicity. SSO (OIDC/SAML) is configured per real org and is not part of the synthetic seed.
- The dashboard reads only from the aggregated tables the rollup populates; the seed runs that rollup for you, so every aggregated screen is ready immediately.
- USD values depend on the org's price table. The demo sets a per-agent price table (
claude-code$3,copilot$2,cursor$3,gemini-cli$1.25 per MTok); adjust it under Settings → Token prices to match a prospect's real contract and watch the ROI number move live.