Governance

Compute Responsibility

Public-good infrastructure must not carry hidden compute bills. BEI governs every server-side compute pattern through the Zero Protocol and Approval Matrix before it ships.

Zero Protocol

The Zero Protocol (PAT-032) is the governing constraint for all public routes:

export const dynamic = 'force-static'
export const revalidate = 86400

Every public observatory and methodology page carries both directives. This means the page prerenders at build and regenerates at most once per day — no per-visitor compute, no per-request API calls, no surprise bills. The directive is binding (Bucket 1) and cannot be removed without Apex authorization.

Approval Matrix

Every server-side compute pattern must be classified into a tier before it ships. The tier determines who must approve it and what constraints apply. Classification is not advisory — it is a gate.

T0 — Force StaticAuto

Page prerenders at build. Zero server compute at runtime. This is the default for every public route.

export const dynamic = 'force-static' — no runtime compute

All public observatory pagesAll methodology pagesBrand + home pages

T1 — ISR ≤ 86400Auto

Incremental static regeneration within the Zero Protocol Bucket 1 envelope. Auto-approved.

export const revalidate = 86400 — daily max, no per-request model spend

Cached external API fetch with next.revalidate inside a T0 pageDaily data refresh

T2 — Edge Cache (no-store)EASTON memo

An edge-cached API route with no-store and a short TTL. Must document the per-request compute budget in an EASTON memo.

Edge function only — no LLM calls — explicit cache headers required

Lightweight /api/freshness-checkCached Supabase row read at edge

T3 — Dynamic ƒ (auth-gated)AURI sign-off

Dynamic server function for authenticated, org-scoped paths only. AURI must approve before the PR merges.

requireOrgId() gate — org-scoped — no public routes — LAW 3 applies

/admin routesFuture authenticated dashboard views

T4 — Batch Model SpendAURI + cost estimate

Background, scheduled, or one-shot model spend. Cost estimate must appear in the PR description.

Cost estimate required in PR description — Supabase scheduled function preferred

Nightly EIA data re-fetch jobOne-time backfill pipeline

T5 — Per-Request Model SpendHARD STOP

Per-request model spend on a public route. Full stop. This tier requires Apex authorization before any implementation begins.

Apex authorization required — this tier does not ship without Jessy attestation

A public page calling Claude per visitorUnauthenticated embedding generation

Canonical source: bei/docs/02-governance/compute/APPROVAL-MATRIX.md (APPROVAL-MATRIX-001, ratified 2026-06-18).

Decision Flow

Apply each question in order. Take the first "yes."

1.force-static with no runtime API calls?→ T0 (auto)
2.revalidate ≤ 86400 and no per-request model spend?→ T1 (auto)
3.Edge-cached route, no LLM, explicit cache headers?→ T2 (EASTON memo)
4.Dynamic but gated by requireOrgId()?→ T3 (AURI sign-off)
5.Batch or scheduled model spend?→ T4 (AURI + cost estimate)
6.None of the above→ T5 — HARD STOP

Why This Matters

The Theoremetrics observatory is public-good infrastructure. It correlates public records — EIA rate data, FERC filings, Federal Register orders, SEC disclosures — and surfaces them verbatim, with full provenance, at no cost to the public.

That mission is only sustainable if the infrastructure it runs on is also ~$0 per visitor. A public page that calls a language model on every request is not public-good infrastructure — it is a metered service that will either be paywalled or shut down.

The Zero Protocol and Approval Matrix are how BEI guarantees the observatory stays free. Every compute decision is visible, bounded, and authorized. T0 by default. Everything else by exception.

Compute Responsibility Standard™ (CRS) — Brinley Engineering Institute. Canonical governance doc: bei/docs/02-governance/compute/APPROVAL-MATRIX.md · ← Methodology index · → Observatory