Vextrosys rescues MVPs that 'worked in beta' but crumble at 500 paying users. The failure is rarely the original idea - it's compounding shortcuts taken under demo pressure. These seven traps account for the majority of our rescue engagements in 2025-2026.
Trap 1: Auth bolted on last
Teams start with a single hardcoded admin user, then slap Auth0 or Firebase on top without a proper user/role model. Six months later, every feature checks role differently - string role in JWT, duplicate flags in Postgres, admin bypass in three controllers.
- Fix: centralize authorization (RBAC/ABAC) with policy tests from sprint 1
- Use organization/workspace as first-class entity before B2B sales
- Never branch 'if admin' in UI only - enforce server-side consistently
Trap 2: No migration discipline
Schema changes applied manually in production. Sequelize sync in dev, Flyway in prod, drift everywhere. One client lost a week reconciling two environments after a column rename broke checkout.
Minimum viable discipline
One migration tool, versioned SQL, CI that fails if schema drift detected. Seed scripts separate from migrations. No exceptions for 'just this once.'
Trap 3: God service / god component
The entire API lives in one Express file or the React app has a 4,000-line App.tsx. Velocity feels high until two developers cannot ship without merge conflicts. Extract bounded contexts when you have three stable domains - payments, content, notifications - not when you feel like microservices.
Trap 4: Background jobs as setTimeout
- Email, webhooks, and reports fired with setTimeout or fire-and-forget promises
- Server restart = lost jobs; no retry, no dead-letter queue
- Fix: SQS/BullMQ/Temporal with idempotency keys from the first paid customer
- Expose job status in admin UI - support will ask why export is missing
If losing the job would cause a support ticket, it was never 'just a quick async call.'
Trap 5: Observability = console.log
You cannot debug production blind. We see MVPs with no request IDs, no error tracking, no uptime checks. The first outage takes days to diagnose. Sentry + structured JSON logs + one golden dashboard (error rate, p95, queue depth) costs less than one engineer-day per month.
Trap 6: Config and secrets in the repo
- API keys in .env committed in 2023 still in git history
- Feature flags hardcoded; prod deploy required to A/B test
- Fix: secrets manager, environment-specific config, feature flag service or DB table with cache
Trap 7: Premature optimization AND premature scale
Two failure modes: rewriting in Rust at 100 users, or staying on a single SQLite file at 10,000. The right path is boring technology with clear scaling triggers documented - when p95 > 500ms, when DB CPU > 60%, when deploy risk blocks weekly releases.
# Example scaling trigger doc (internal template)
| Signal | Threshold | Action |
|---------------------|-----------|---------------------------|
| API p95 latency | > 400ms | Add read replica, profile |
| DB connections | > 70% pool| PgBouncer, query audit |
| Deploy frequency | < 1/week | Fix CI/CD before features |How to recover without a rewrite
We run a 2-week technical audit: map critical user journeys, measure debt against business risk, sequence fixes by revenue impact. Strangler patterns beat big-bang rewrites - extract auth service, add job queue, add observability, then refactor hot paths. Founders should budget 30-40% of engineering capacity for debt paydown once PMF signals appear.
- Stop shipping features that touch the god module until boundaries exist
- Assign an owner for platform concerns (auth, jobs, observability)
- Define 'done' to include migration, tests, and runbook - not just demo
- Bring us in at 200 users if velocity is collapsing - earlier is cheaper
MVPs should be minimal, not careless. The traps above are avoidable with a week of upfront discipline that pays back all year. That's the conversation we have in rescue kickoffs - blunt, prioritized, and tied to your runway.