Naive is Paperclip: A YC Startup That Forked a 41K-Star Project and Stripped the License

The Pitch vs. The Reality

Naive (usenaive.ai) calls itself an "autonomous company runtime." The pitch: describe what your business does, and Naive deploys AI employees that execute — building apps, closing deals, running campaigns, serving customers. Each AI employee gets its own email, bank account, phone number, and browser session.

They're a Y Combinator S25 company. They've raised $2–2.5 million in seed funding from YC, 468 Capital, DG Daiwa Ventures, Rocket Internet, and others. They claim 500+ companies deployed, including Airwallex and HackerRank. They have three versions of a Series A pitch deck behind access-code gates on their website. Compensation for founding engineers is listed at $250K–$300K plus up to 1% equity.

But here's the thing: Naive didn't start as an "autonomous company runtime." Just months earlier, this same team — same founders, same YC batch, same legal entity — was called Relixir, and they were building an "AI GEO - Generative Engine Optimization" platform. SEO for ChatGPT. A completely different product. Their YC launch page is still live, and it now shows the Naive logo next to Sean Dorje's name — the tell-tale sign of a hard pivot.

They raised $2 million in November 2025 for the GEO product. Then, four days after an open-source project called Paperclip launched on GitHub, Naive appeared. The pivot wasn't just fast — it was suspiciously fast. And the core technology they pivoted to isn't theirs.

Naive's "autonomous company runtime" — the agent orchestration engine, task management, approval workflows, heartbeat scheduling, org charts, embedded database, dashboard — is Paperclip, an MIT-licensed open-source project with 41,000+ GitHub stars, created by a developer named Dotta. Naive performed a partial UI rebrand (logo, domain, a few display strings) and shipped it as their own technology. They include zero attribution to Paperclip anywhere — not in the product, not in the legal pages, not on their YC listing, not in any of their 320 tweets.

And they left the receipts in their production bundle.

The Evidence

Naive's main application at app.usenaive.ai serves a single 4MB JavaScript bundle: index-DsiFu2Ny.js. It's a Vite-built React SPA running on Express/Fly.io. There are no source maps available — they properly stripped those for production. But a minified bundle still contains string literals, config schemas, CSS class names, and localStorage keys.

And this one contains 71+ references to "Paperclip" that they forgot to rebrand.

Forgotten UI Strings

The most damning evidence: literal user-facing strings that still say "Paperclip" instead of "Naive."

// Strings found in Naive's production bundle (app.usenaive.ai)

"Bootstrap your Paperclip instance"   // onboarding flow
"Join this Paperclip company"          // invite acceptance page
"Paperclip App"                        // breadcrumb navigation
"Paperclip skill bootstrap"            // onboarding skill setup
"real data comes from Paperclip issues" // mock data placeholder
"PAPERCLIP_* variables are injected automatically at runtime"  // help text

When you bootstrap a new Naive instance, the UI literally tells you you're bootstrapping Paperclip.

Config Paths

Paperclip stores all instance data under ~/.paperclip/. These exact paths appear verbatim in Naive's bundle:

// Paperclip's default config schema, found in Naive's production JS

dataDir:      "~/.paperclip/instances/default/db"
backupDir:    "~/.paperclip/instances/default/data/backups"
storageDir:   "~/.paperclip/instances/default/data/storage"
logDir:       "~/.paperclip/instances/default/logs"
masterKey:    "~/.paperclip/instances/default/secrets/master.key"

s3Bucket:     "paperclip"      // default S3 bucket name
s3Region:     "us-east-1"
dbMode:       ["embedded-postgres", "postgres"]
dbPort:       54329            // Paperclip's default

Code Identifiers

The Paperclip name is woven throughout the internal code — CSS classes, localStorage keys, route paths, and config fields:

Pattern	Count	Examples
paperclipApiUrl	7	Adapter config field, placeholder `"https://paperclip.example"`
paperclip-* CSS	8+	`paperclip-mermaid`, `paperclip-mdxeditor`, `paperclip-mdxeditor--borderless`, `paperclip-project-mention-chip`
paperclip:* localStorage	15+	`paperclip:panel-visible`, `paperclip:issue-draft`, `paperclip:recent-assignees`, `paperclip.selectedCompanyId`
PAP-* issue prefix	9	`PAP-001`, `PAP-002`, `PAP-003`, `PAP-101`
/__paperclip_repo_only__	2	Internal route path
bootstrap_ceo	9	Paperclip's company bootstrap invite type
dangerouslySkipPermissions	10	Agent config flag (skip Claude Code permission checks)
openclaw*	43	Paperclip's HTTP gateway protocol: `x-openclaw-auth`, `x-openclaw-token`, `[openclaw:sse]`
heartbeat*	83	Agent scheduling: `heartbeat.invoked`, `heartbeat.cancelled`, `heartbeat-runs`
PAPERCLIP_*	1	Env var injection help text

Verify It Yourself

You don't need to take our word for it. The bundle is publicly served:

# Download Naive's production bundle
curl -o naive-bundle.js https://app.usenaive.ai/assets/index-DsiFu2Ny.js

# Count Paperclip references
grep -c "paperclip" naive-bundle.js
# Output: ~71

grep -c "Paperclip" naive-bundle.js
# Output: ~20

# Find the smoking guns
grep -o '"[^"]*Paperclip[^"]*"' naive-bundle.js | sort -u
# "Bootstrap your Paperclip instance"
# "Join this Paperclip company"
# "Paperclip App"
# "Paperclip skill bootstrap"
# ...

# Confirm zero attribution
grep -i "copyright.*paperclip" naive-bundle.js
# (no output)

grep -i "paperclipai" naive-bundle.js
# (no output)

Feature-by-Feature Comparison

Every core feature of Naive maps 1:1 to Paperclip. The only additions are commercial wrappers.

Paperclip Open Source (MIT)

Agent adapters (Claude, Codex, Cursor, OpenClaw)
Embedded PostgreSQL (port 54329)
Heartbeat scheduling system
Org chart with agent hierarchy
Issue/task ticket system
Approval/governance workflows
Per-agent budget enforcement
Master key encryption
S3 / local storage backends
AWS/GCP/Vault secret managers
Dashboard with widgets
Company import/export
Lexical rich text editor
Mermaid diagrams
Express.js + Vite/React/Redux

Naive Additions (Their Actual IP)

Stripe billing (credits, subscriptions)
Stripe Issuing (payment cards for agents)
Domain purchase + email routing
Phone/SMS for agents
Composio integrations (25+ services)
CMS connectors (Webflow, Ghost, Framer, Shopify)
Browser automation with 2FA
Next.js marketing site
Logo change
Some display string replacements
...that's it

The "autonomous company runtime" — the entire technical pitch they're making to investors — is Paperclip. Naive's actual IP is a billing layer and some integrations bolted on top.

The Attribution Problem

Paperclip is released under the MIT License (Copyright 2025 Paperclip AI). MIT is one of the most permissive licenses in open source. You can use it commercially, modify it, distribute it, sublicense it. You can build a billion-dollar company on it. There's only one real requirement:

MIT License Requirement

"The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software."

Naive includes zero attribution to Paperclip. Not in the bundle. Not on the marketing site. Not in the terms of service. Not in the privacy policy. Not on their YC company page. Nowhere.

Location Checked	Attribution?
app.usenaive.ai HTML	None
JavaScript bundle (4MB)	None
CSS bundle (336KB)	None
usenaive.ai/terms	None
usenaive.ai/privacy	None
YC company page	None
relixir.ai	None
GitHub (relixir-ai org)	None (0 public repos)

This isn't a gray area. It's a clear violation of the MIT license terms, and more importantly, it's a misrepresentation of the technology's provenance to investors, customers, and the YC community.

The Right Way Exists

On March 29, 2026 — one day before this investigation was published — Paperclip community member yoshir opened PR #2115: a PAPERCLIP_APP_NAME environment variable that lets anyone rebrand a self-hosted Paperclip deployment without forking. Set one env var, keep the attribution, ship your brand. Naive chose a different path: strip the copyright notice, remove all references to the original project, and present the work as their own.

The Timeline

The timing raises additional questions:

Apr 12, 2025

relixir-ai GitHub org created. The team is building an AI SEO/GEO product.

Jun 2025

Relixir launches on YC as "The AI GEO — Generative Engine Optimization — Platform." Completely different product.

Nov 13, 2025

Relixir announces oversubscribed $2M seed round. Investors: YC, 468 Capital, DG Daiwa Ventures, z21 Ventures.

Feb 2026

@usenaive Twitter account created. The pivot is underway — but Paperclip doesn't exist yet.

Feb 27, 2026
paperclipai GitHub org created by Dotta.

Mar 2, 2026
First commit to paperclipai/paperclip. The open-source project is born.

Mar 4, 2026

Dotta announces Paperclip on X. 79K likes. It goes viral overnight.

Mar 8, 2026
First SSL certificate for usenaive.ai. 4 days after Paperclip's public launch. Same day: pay.usenaive.ai cert — payment infra planned from day one.

Mar 10, 2026

app.usenaive.ai goes live on Fly.io.

Mar 12, 2026

Mar 19, 2026

Naive pins their launch tweet: "Introducing Naive — hire autonomous employees." 320 tweets follow. Zero mention Paperclip in any of them.

Mar 29, 2026

Paperclip community opens PR #2115: PAPERCLIP_APP_NAME — an official rebranding feature for self-hosted deployments. The right way to do what Naive did the wrong way.

Mar 30, 2026

Paperclip: 41,100 stars, 1,744 commits. Naive: live, 320 tweets, pitching Series A. Zero attribution.

Four days between Paperclip's public launch and Naive's first SSL certificate. A team that was building an SEO product pivoted to "autonomous company runtime" and shipped an entire SaaS in under a week. Either they had pre-release access to Paperclip, or they watched it go viral on March 4 and immediately forked it. Both scenarios raise questions.

And the Relixir→Naive pivot is visible in plain sight: Relixir's YC launch page now shows the Naive logo next to Sean Dorje's name, with a link to usenaive.ai. The same founders, the same YC batch slot, a completely different product built on someone else's code.

Who Built What

Paperclip

Created by Dotta (cryppadotta), the CEO of Forgotten Runes Wizards Cult and creator of Dotlicense (ERC721 software licenses). He's made 1,126 of the project's ~1,300 commits. Notable contributors include Matt Van Horn (co-founded the company that became Lyft) and teknium (NousResearch/Hermes AI). The project has zero funding, zero pricing, and is fully self-hosted. MIT license.

Naive (formerly Relixir)

Relixir Inc., a Delaware corporation founded by Sean Dorje (CEO, UC Berkeley dropout, no public GitHub) and Dennis Zax (CTO, github.com/DedS3t). They've pivoted twice: first ezML (computer vision for sports), then Relixir (GEO/SEO optimization, raised $2M in Nov 2025), now Naive (Paperclip wrapper). YC S25 batch. The relixir-ai GitHub org has zero public repositories. Their X account (@usenaive, verified, 1,858 followers) has 320 tweets — none acknowledge Paperclip.

There is no contributor overlap between Paperclip and Naive. No shared GitHub activity, no mutual follows, no cross-references in commit history. Naive appears to have forked the code and rebranded it.

What This Means

For Investors

The "autonomous company runtime" you're evaluating is free, open-source software anyone can deploy. Naive's actual moat is a billing wrapper (Stripe), email/domain/phone provisioning, and Composio integrations. The core orchestration engine — the part that makes the demo impressive — is MIT-licensed and available at github.com/paperclipai/paperclip.

For Customers

You can run the same technology for free. npx paperclipai onboard --yes gives you everything Naive offers minus the billing, and there's an active ecosystem of plugins, company templates (including one from Garry Tan), and integrations. You'd need to bring your own Stripe and email setup, but you'd own your data and pay nothing for the orchestration layer.

For Open Source

This is exactly the kind of behavior that poisons the well. MIT's permissiveness is predicated on good faith. When a VC-backed company strips attribution from an MIT project and presents the work as proprietary, it discourages open-source contribution and validates the argument for more restrictive licenses like AGPL or BSL. Dotta chose MIT to maximize adoption. Naive chose to exploit that generosity.

This Has Happened Before

Naive isn't the first YC company to rebrand open-source code and claim it as their own. It's the third in eighteen months — and the worst.

PearAI (YC W24, September 2024)

PearAI forked Continue.dev, an Apache-licensed open-source AI code editor, mass-replaced all references from "Continue" to "PearAI," and launched with a fake "Pear Enterprise License" that founder Duke Pan admitted was generated by ChatGPT. X slapped a community note on their launch tweet. TechCrunch covered it. YC CEO Garry Tan publicly acknowledged "the criticism did have merit." PearAI apologized within 48 hours and restored the Apache license.

Pickle / Glass (YC, July 2025)

Pickle shipped a conference assistant called "Glass" that contained verbatim code — including identical comments — from a GPLv3 project called Cheating Daddy, relabeled as Apache. It hit #1 on Hacker News. The team called it "an inadvertent mistake" and corrected the license.

How Naive Compares

	PearAI	Pickle/Glass	Naive
Original project size	~15K stars	Small	41K stars
Any attribution?	Some (README)	None initially	Zero. Anywhere.
License violation	Re-licensed Apache→proprietary	Re-licensed GPLv3→Apache	Stripped MIT copyright
Money raised on it	$1.25M	Unknown	$2–2.5M + Series A pitch
Time to apologize	48 hours	~24 hours	3+ weeks. Still no acknowledgment.
Pivot from unrelated product?	No	No	Yes — SEO to "company runtime" in 4 days

PearAI at least mentioned Continue in their README. Pickle at least called it a mistake. Naive has done neither. They've been live for three weeks, posted 320 tweets, and never once mentioned the project they built their entire company on. The pattern at YC is escalating: each incident involves more money, less attribution, and less accountability.

The Verdict

Naive isn't an "autonomous company runtime." It's a Stripe billing layer wrapped around an open-source project they didn't build, don't attribute, and are raising millions of dollars on. The 71+ Paperclip references still in their production code are the receipts. YC has seen this exact pattern twice before. They learned nothing.

Methodology

This investigation was conducted using publicly available information only. No accounts were created, no authentication was bypassed, and no terms of service were violated.

JavaScript bundle downloaded from app.usenaive.ai/assets/index-DsiFu2Ny.js (publicly served, no auth required)
API endpoints probed via standard HTTP requests
Subdomain enumeration via Certificate Transparency logs (crt.sh)
GitHub repositories analyzed via public API
Marketing pages read from publicly accessible URLs
Paperclip source code reviewed from its public GitHub repository

All evidence is independently verifiable using the shell commands provided in this post.