# Wholestack > Wholestack turns a plain-English prompt into a complete, working SaaS application — auth, multi-tenant database, billing, realtime, and a real UI — then runs a math-backed safety gate (ShipGate) that blocks anything it cannot prove is correct. Build from Intent. Ship with Proof. Wholestack compiles your idea into ISL (Intent Specification Language) — a typed contract of domains, invariants, events, and views — generates the full stack from that contract, and refuses to ship code that fails verification (fail-closed: NO_SHIP). It also formally proves Solidity smart contracts and issues signed, independently re-verifiable certificates. How the pipeline works: idea → ISL spec → code generation → compile gate (`tsc` / `next build`) → runtime proofs → signed ShipGate verdict (SHIP / NO_SHIP). What gets generated: Next.js front end, Postgres + Drizzle schema (multi-tenant by construction), server actions scoped to tenant + role, Zod validation, email/password + OAuth auth, realtime chat & notifications, Stripe billing, RBAC, webhooks, file upload, full-text search, cron jobs, and audit logs. What gets proven: cross-tenant Row-Level Security at runtime, SMT-proven money-ledger invariants, auth-gate presence on every mutation, fake-success-UI detection, and hallucination/security scans. If a claim can't be proven, the build is blocked rather than shipped with a false green. Coding agent: Zeta-G1.0 Max — measured (not marketing) on ZetaBench for production accuracy, speed (tok/s), and real build cost (COGS), positioned as far cheaper than the frontier models it out-scores. Contract proving: Foundry + Halmos + cvc5 symbolic execution explore all inputs; a real counterexample fails the contract, and a proven contract gets a certificate bound to the keccak256 of its deployed bytecode, re-verified on every commit. ## Product - [Wholestack home](https://wholestack.ai/): The live build surface — describe an app and watch Zeta build and gate it. - [Pricing](https://wholestack.ai/pricing): Free, Pro, Team, and Enterprise tiers, build credits, and the audit plan for firms. - [Agent benchmarks](https://wholestack.ai/benchmarks): Measured ZetaBench results — accuracy, tokens/sec, and build cost per app. - [Compose & Prove](https://wholestack.ai/compose): Compose an application from intent and watch every verification gate run. - [Prove a Contract](https://wholestack.ai/contracts): Formally prove Solidity safety properties and sign a certificate (works on contracts you didn't write). - [Verify a certificate](https://wholestack.ai/certificate): Re-verify a ShipGate or contract-proof certificate against its bytecode. - [Blueprint marketplace](https://wholestack.ai/blueprints): Intent schemas and starter templates for common app types. ## Documentation - [Documentation](https://wholestack.ai/docs): Guides for Wholestack, ShipGate verification, VibeCheck, and the native IDE. - [VibeCheck](https://vibecheckai.dev): The AI code-safety layer and verification engine behind ShipGate. - [VibeCheck docs](https://docs.vibecheckai.dev): Truthpack, scan engines, and CLI reference. ## Trust & security - [Security](https://wholestack.ai/security): Security model, isolation, and practices. - [Trust & Privacy](https://wholestack.ai/trust): How verification, data handling, and privacy work. - [Subprocessors](https://wholestack.ai/subprocessors): Third-party subprocessors. - [Privacy Policy](https://wholestack.ai/privacy): How Wholestack handles personal data. - [Terms & Conditions](https://wholestack.ai/terms): Terms of service. ## Contact - Support and questions: support@wholestack.ai