Caugia architecture

How GRIP OS (Caugia) is built, deployed, and paid for. This document is the source of truth for anyone reviewing the stack before a design partnership, an investment, or an acquisition. Last updated 2026-04-24.

For questions: tom@caugia.com.

Stack

• Frontend + API layer: Next.js 16 (App Router, React 19), deployed on Vercel, EU edge.
• Database: Supabase Postgres in the eu-central-1 region (Frankfurt). Extensions in use: pgvector (Sophie embeddings), pg_trgm (search), uuid-ossp.
• Auth: Supabase Auth, SSR cookies + Bearer tokens. See SECURITY.md for details.
• LLM provider: Anthropic API. Claude Sonnet for high-volume turns, Claude Opus for deep reasoning and complex scenarios.
• Background jobs: Vercel cron triggers hitting internal API routes under /api/cron/*. Protected by CRON_SECRET.
• Storage: Supabase Storage for file uploads. Assets served through the Vercel CDN for static content.
• Connector ingestion: Webhook-driven for Shopify, Klaviyo, Meta Ads, Slack, and the GIR importer. CSV fallback for manual onboarding.
• Observability: Structured JSON logs written by the Next.js runtime, surfaced through /admin/observability and /admin/health for ops staff.

Everything is TypeScript end-to-end. The deterministic scoring engine lives under src/lib/engine and is Vitest-tested with 60+ scoring functions covering the 12 GRIP pillars across all four verticals.

High-level diagram

              +--------------------------+
              |   user (browser, email)  |
              +-------------+------------+
                            |
                            v
              +--------------------------+
              |  Vercel edge CDN (EU)    |
              +-------------+------------+
                            |
                            v
              +--------------------------+
              |  Next.js 16 on Vercel    |
              |  (App Router, RSC + SSR) |
              +-----+-------+------+-----+
                    |       |      |
                    v       v      v
          +---------+  +---------+  +--------------------+
          | Supabase|  |Anthropic|  |  Connectors        |
          | Postgres|  |  API    |  |  (Shopify, Slack,  |
          |  + RLS  |  |(Claude) |  |  Klaviyo, Meta,    |
          |+pgvector|  |         |  |  Make.com, GIR)    |
          +---------+  +---------+  +--------------------+
                            ^
                            |
              +-------------+------------+
              |   Vercel cron triggers   |
              +--------------------------+

All traffic between Vercel and Supabase stays within the EU. Anthropic calls go out to the US region but carry no customer PII beyond what is strictly required to answer the current Sophie question; the prompt builder redacts workspace-identifying fields before outbound.

Data flow

The canonical flow from operator input to delivered insight:

1. Assessment: the operator completes the 12-pillar GIR assessment either through the product UI or through the lightweight lead form. A webhook arrives at /api/import carrying the structured responses.
2. gir_snapshots: the importer writes a row into gir_snapshots, carrying overall score, per-pillar scores, pillar narratives, and the raw payload. Each snapshot is immutable.
3. archetype_signals: the signal engine runs over the snapshot, emitting typed signals keyed to the workspace vertical. Signals feed both the archetype detector and Sophie.
4. Constraints, actions, gates: the constraint engine reads the latest snapshot plus signals, detects the single active binding constraint, queues the next few, and emits prioritised actions with gates. Each of these is a row in constraints, actions, gates.
5. Sophie: every operator question opens a turn against the constraint, action, and gate context for the current workspace. Sophie reads the scoring rubric, the archetype library, and the peer cohort (k-anon, minimum 5) to produce an answer grounded in the published math.
6. Briefings and PDFs: the Monday Brief cron reads the active state and emits locale-aware markdown, then renders it into PDF, DOCX, and PPTX through pdfkit, docx, and pptxgenjs. Outputs are cached in Supabase Storage and served with a short-TTL signed URL.

Cost model

Per-workspace monthly cost at three scale points. Numbers are indicative and are re-validated quarterly against the actual Vercel and Supabase bill.

Assumptions:

• One workspace = one company = approximately 3 active users.
• Sophie turn volume = 150 per workspace per month at the growth tier, 400 at the full tier.
• Anthropic pricing: Claude Sonnet at $3 per million input tokens, $15 per million output tokens. Opus reserved for deep scenarios, <10% of turns.
• Average Sophie turn: 4,000 input tokens (scoring rubric + context) + 800 output tokens.
• Vercel Pro plan with function execution billed by invocation.
• Supabase Pro plan with managed Postgres, storage, and PITR.

At 100 workspaces:

• LLM (Sonnet + occasional Opus): ~EUR 180 per month total, ~EUR 1.80 per workspace.
• Vercel: ~EUR 120 per month (fixed Pro) + ~EUR 40 variable = ~EUR 1.60 per workspace.
• Supabase: ~EUR 25 per month (fixed) + ~EUR 0.30 per workspace storage + row cost = ~EUR 0.55 per workspace.
• Total cost per workspace: ~EUR 4.
• Gross margin at EUR 1,500 growth tier: ~99.7%.

At 1,000 workspaces:

• LLM: ~EUR 1,800 per month total, ~EUR 1.80 per workspace (scales linearly with turn volume).
• Vercel: ~EUR 120 fixed + ~EUR 400 variable = ~EUR 0.52 per workspace.
• Supabase: ~EUR 600 per month blended (upgraded tier, still single project) = ~EUR 0.60 per workspace.
• Total cost per workspace: ~EUR 2.92.
• Gross margin at EUR 1,500 growth tier: ~99.8%.

At 10,000 workspaces:

• LLM: ~EUR 18,000 per month, ~EUR 1.80 per workspace (same per-turn math holds).
• Vercel: enterprise contract estimated at ~EUR 6,000 per month blended = ~EUR 0.60 per workspace.
• Supabase: enterprise contract with a single primary + read replicas, estimated ~EUR 4,500 per month = ~EUR 0.45 per workspace.
• Total cost per workspace: ~EUR 2.85.
• Gross margin at EUR 1,500 growth tier: ~99.8%.

The dominant variable cost is Anthropic. Everything else is effectively fixed overhead amortised across the base. Gross margin is structurally high because the deterministic scoring engine shoulders most of the recommendation load and LLM is reserved for the last mile.

Scale envelope

• A single Supabase Postgres project handles the product comfortably to approximately 10,000 workspaces before we need to shard by region or by tier.
• Vercel autoscales Next.js function instances. The constraint there is Anthropic rate limits rather than compute.
• Connector syncs are rate-limited per-workspace so a misbehaving upstream cannot starve the rest of the fleet.
• The scoring engine is stateless and reruns per-snapshot in under 500 ms for a fully populated GIR payload.

Beyond 10,000 workspaces we expect to split the database by EU region and by tier, introduce a dedicated Sophie memory index outside Postgres (likely a managed vector store), and move the heaviest cron jobs to a queue worker tier rather than Vercel functions.

Regions

• Database: Supabase Postgres in eu-central-1 (Frankfurt). Point-in-time recovery on the paid tier.
• Compute: Vercel EU edge for Next.js. Static assets on the Vercel CDN.
• Storage: Supabase Storage co-located with the database in the EU region.
• LLM: Anthropic API, US region. Prompts are constructed server-side and redact workspace identifiers before outbound.

Customer data at rest and in transit stays inside the EU except for the final Sophie prompt payload, which is transmitted to Anthropic under their zero-retention, no-training agreement. For customers who require strict EU-only processing, Sophie can be disabled per workspace while the deterministic scoring engine continues to function.