HydroManifold
A water-system telemetry, compliance and management platform built on one geometric primitive
(z = x·y) and a disciplined, verifiable AI. It monitors every drop from a single home to a city,
and it manages the utility around that water — compliance, assets, finance, risk, security — as living,
editable data rather than hard-coded software.
Executive summary
HydroManifold is two things in one product:
- A real-time monitoring & intelligence system — real sensors, real alarm thresholds, EKG-style
live monitors, a
z = x·yhealth-color manifold, predictive ETAs, weather, economics, water markets, and catastrophic-recovery/failsafe logic. - A CMS-driven utility management platform — 25+ governed domains (regulations, assets, procurement, incidents/threats, billing, taxes, conservation, emergency, security/classification, data governance, legal, IP, finance, software/SBOM, hardware) with role-based access, a tamper-evident audit trail, live compliance, reports, and AI-assisted entry that is guarded against hallucination.
The solution
Most water software is siloed (SCADA here, billing there, compliance in spreadsheets) and priced for large utilities. The ~90% of systems that are small or midrange are underserved. HydroManifold collapses the silos onto one model:
- One primitive. Every station's health is
z = x·y— supply adequacy × integrity/quality. Multiplying is honest: perfect pressure with contaminated water is not healthy. One number, one color, every scale. - One framework, every scale. A home is one service connection with 3 sensors; a city is ~62,000 stations and ~250,000 sensors of the same kinds. Stored as a small seed, "bloomed" into detail only where you look.
- One management spine. Everything a utility must track is a schema-driven collection — add a domain by adding a schema, not by writing code.
- Disciplined AI. AI assists, but deterministic manifold logic verifies; nothing the AI emits is trusted until proven.
Features — out of the box & extending
Out of the box
- Real-time telemetry + EKG monitors per station
z=x·yhealth spectrum, warning lights, alarms- Predictive ETAs: reserve depletion, leak, freeze, residual loss
- Weather, usage/forecast, economics, water spot+futures market, suppliers, logistics
- Leak/break localization, outage propagation, load balancing, recovery/failsafe
- CMS with 25+ domains, RBAC, tamper-evident audit, CSV/FOIA export
- Live compliance engine, reports, statistics, wall-display mode
- Failsafe AI integrity (truth tables, drift state machine), human override
Extending
- New regulation / policy / domain = one schema, no code, no deploy
- New jurisdiction (federal/state/county/city/industry) = data entries
- New sensor type = one catalog entry (cost, MTBF, accuracy, self-diag)
- New scale tier = one topology entry
- Real LLM behind AI-assist (the failsafe guard is model-agnostic)
- Integrations: Modbus/DNP3 SCADA, AMI meter APIs, GIS
- Roles & permissions are configurable (least-privilege)
Adaptability — one platform, any scale or mission
Because behavior lives in the CMS, the same software is a single-home monitor or a national water authority. The organization — or the individual — writes the parameters (thresholds, regulations, domains, roles, station topology, protocols) and the system ingests them. Meeting a new need never means rewriting source code. It is deliberately not one-size-fits-all; it fits each customer because each customer sets its own shape.
| Deployment | What they configure in the CMS | Same code? |
|---|---|---|
| Single home | 3 sensors, simple alarm bands, freeze watch | ✓ |
| Apartment / HOA · secondary water | meter accounts, watering restrictions, booster + tank | ✓ |
| Business · hospital · data center | redundancy, water quality, cooling make-up, criticality | ✓ |
| Cruise ship · offshore platform | desal/bunker sources, tankage, potable vs grey, no-loss limits | ✓ |
| Military installation · deployment | classification, priority diversion, OPSEC, mutual-aid, contamination response | ✓ |
| City · township | full distribution, DMAs, billing, conservation stages, taxes | ✓ |
| State / federal planning | multi-system rollup, regulation registry, drought policy, reporting | ✓ |
The paradigm: documentation is the implementation
The novel idea: the rules, policies, and regulations a utility must follow are not buried in source code — they are data in a living CMS, and the running system reads them directly. Change a rule and the behavior changes immediately. The documentation and the implementation are the same artifact.
Config-as-behavior
A regulation in the CMS — e.g. "free chlorine ≥ 0.2 mg/L (40 CFR 141.72)" — is a record with a parameter, an operator, and a threshold. The compliance engine consumes those records against the live monitoring snapshot and produces compliant/violation verdicts in real time. A compliance officer who edits that threshold, or adds a brand-new city ordinance, changes what the system enforces — with no code change and no redeploy. The manifold "digests" the new rule on the next evaluation tick.
Self-proving
The system substantiates its own claims rather than asking to be trusted:
- Runnable tests — 90 automated checks (simulation engine, platform spine, every domain) prove the behaviors this document describes; "no-teleport," "freeze recovers," "hallucination blocked," "least privilege denies" are not assertions, they are passing tests.
- Tamper-evident audit — every change is hash-chained; editing the past breaks the chain and is detected. The log proves what happened.
- Deterministic verification — compliance verdicts and AI outputs are checked against manifold truth tables, so a claim of "compliant" cannot survive a turbidity over the legal limit.
Auto-correcting
The platform guards itself: the failsafe rejects AI drafts that violate an invariant (a hallucinated "compliant" is refused, not stored); the drift state machine quarantines the AI into deterministic-only mode when it disagrees with ground truth; the audit chain flags tampering; compliance flags drift from the rules. The documentation (the rules) and the enforcement (the engine) stay in lock-step automatically.
Architecture & diagrams
System architecture
flowchart LR S[Field sensors / SCADA / AMI] --> M[Manifold telemetry
z = x·y] M --> E[Simulation / health engine
physics · faults · alarms · predictive] E --> O[Ops intelligence
weather · forecast · economics · recovery] E --> P[Management platform] subgraph P[Management platform] CMS[CMS registry
25+ domains] --> CE[Compliance engine] RBAC[RBAC · zero-trust] --- CMS AUD[Tamper-evident audit] --- CMS AI[AI assist] --> VF[Failsafe verifier] end O --> UI[Browser · wall monitors] P --> UI CE --> AUD VF --> AUD
Scaling: seed → bloom
flowchart TD T[Tier seed
composition + duties] --> R[Representative stations
bloomed on view] T --> N[True totals
stations · sensors · population] R --> V[What you render] N --> V2[What you report] V & V2 --> H[Honest at any scale
home → city → region]
CMS-active: a rule change with no code
sequenceDiagram
participant U as Compliance Officer
participant C as CMS (data)
participant M as Manifold / engine
participant A as Audit
U->>C: Edit / add regulation (plain language)
C->>M: New rule available next tick
M->>M: Evaluate vs live monitoring
M-->>U: Live compliant / violation verdict
M->>A: Log evaluation (hash-chained)
Note over U,A: No source change · no redeploy
Disciplined AI: propose → verify → act
flowchart LR
IN[Input / request] --> AI[AI proposes]
AI --> V{Deterministic verify
truth tables · logic gates
regex · decision tree}
V -- agrees --> ACT[Accept · log]
V -- disagrees --> REJ[Reject = hallucination blocked]
REJ --> DM[Drift state machine]
DM -- sustained --> FS[FAILSAFE: deterministic-only
+ human review]
FS --> HO[Human override
strong credentials]
Deployment & redundancy
flowchart TD
B[Browser / wall monitors] -- HTTPS + auth --> NG[nginx · TLS · access control]
NG --> APP[HydroManifold app]
APP --> DB[(Manifold store + records)]
DB --> RAID[RAID-6]
DB --> OFF[Offsite archive]
APP --> AUD[(WORM audit chain)]
Note1[Read-only telemetry replica feeds wall displays]
The disciplined-AI selling point
Water boards, regulators, and the public are rightly wary of black-box AI making decisions about drinking water. That skepticism kills most "AI for utilities" pitches. HydroManifold turns it into the sale:
- AI never has the last word. Every AI output is cross-checked against deterministic manifold logic (truth tables, logic gates, regex, a decision tree). A verdict that contradicts physics or law is rejected.
- Drift is caught and quarantined. A state machine (TRUSTED → WATCH → FAILSAFE → HUMAN REVIEW) detects when the AI stops agreeing with ground truth and switches to deterministic-only mode.
- Humans hold the keys. Override requires strong credentials and is itself audit-logged.
- It's explainable. Every decision traces to a rule you can read, not a weight you can't.
Self-proving — the tests are part of the product
Representative guarantees, each backed by a runnable test: a peg/parcel of water never teleports (no-teleport invariant), a tripped pump truly reads zero, a freeze is bounded to ice and recovers when cleared, a forced "compliant" over a turbidity exceedance is blocked, least-privilege denies a billing view to an operator, and the audit chain detects a single altered byte.
Signed, authenticated & encrypted manifold
Every parameter entered into the CMS is sealed before it takes effect — so the system's configuration is unforgeable as a whole, not merely per record.
- Signed & authenticated. A keyed signature binds each parameter's content to the authenticated role that entered it. An unsigned or altered parameter fails verification and is flagged.
- Reshapes the manifold. Each parameter is folded into a running manifold shape — a keyed digest of the entire ordered parameter history. Change any one parameter and the shape, plus every signature after it, diverges. Without the key and the full history the shape cannot be predicted or forged.
- Encrypted at rest. The parameter store is ciphertext.
The live manifold seal — shown in the platform header and on the dashboard — is a single fingerprint of every rule, policy and threshold currently in force. A regulator or auditor can confirm the configuration is intact at a glance, and any tampering anywhere in the parameter set changes the fingerprint.
Feasibility report
Technical — proven
The platform is built, tested, and deployed. It is browser-based with a small server footprint, integrates via standard industrial protocols (Modbus/DNP3, AMI meter APIs), and has demonstrated scaling from a single home to a region. Risk here is low; the hard part (the model + the guarded AI) exists and runs.
Operational — lean, with one watch-item
A small team can run it as SaaS. The main operational cost in this market is support for non-technical utility staff. The CMS-active design is the mitigation: customers change their own rules/policies without tickets, and the documentation-as-implementation model keeps "how it works" and "what it does" identical.
Financial — low capex, recurring revenue
Low capital to build/host (web app). Revenue is per-tier SaaS subscription (recurring, high gross margin). A single midrange client funds continued development; a handful reach sustainability.
Market analysis — Northern Utah
The tailwinds are unusually strong
- Driest, fastest-growing state. Utah is the 2nd-driest state and among the fastest-growing — demand rising into a shrinking supply. Monitoring and conservation are existential, not optional.
- The Great Salt Lake crisis. Record-low lake levels turned water into Utah's top environmental and political issue, unlocking legislation, agency focus, and funding for measurement and conservation.
- "Monitor every drop" is now law. Utah mandated secondary (pressurized irrigation) water metering — historically unmeasured water must now be metered by larger suppliers, with state cost-share. Northern Utah (Weber Basin, Davis, Weber, Cache, Box Elder) is full of secondary systems. Our product's core thesis maps onto a statutory requirement.
- Silicon Slopes. A deep Utah tech ecosystem (talent, capital, credibility) lowers the cost of building a startup here and lends a local software company legitimacy.
- Funding exists. State water appropriations, the federal infrastructure law (DWSRF, BIL water funds), and GSL-related programs create budgets utilities can point software spend at.
Adoption & reception
Reception is likely favorable in this specific market for three reasons:
- Cultural fit. "Monitor every drop" is the regional ethos and the legal mandate; a manifold-based system whose premise is exactly that is an easy story to tell a Utah board.
- Underserved segment. Small/midrange districts and secondary-water companies can't afford enterprise SCADA suites and run on spreadsheets — they are the early adopters with the sharpest pain.
- The disciplined-AI angle disarms the usual objection. Where "AI" raises a red flag for a conservative utility board, a verified, explainable, human-overridable AI is reassuring — turning the typical pushback into a differentiator.
Competitive landscape
| Category | Incumbents | Our wedge |
|---|---|---|
| SCADA / telemetry | Trimble Telog, Mission Comms | Integrated with management + compliance, not just data logging |
| Compliance / quality | Aquatic Informatics, 120Water | Live, rule-as-data compliance tied to telemetry |
| AMI / metering | Badger, Sensus/Xylem, Itron | We consume their meter data; not competing on hardware |
| CMMS / asset | Cityworks, Brightly | One platform, SMB-priced, not enterprise modules |
| Billing / CIS | Tyler, Caselle (UT) | Adjacent; integrate rather than replace initially |
The gap incumbents leave: an integrated, affordable, compliance-automating platform for small/midrange systems, with a disciplined AI. No incumbent owns that intersection.
Barriers to entry
Working against us
- Long public-sector procurement / RFP cycles
- Trust & references required for critical infrastructure
- Cybersecurity expectations (AWIA, EPA cyber guidance; possibly StateRAMP)
- Integration with legacy SCADA/AMI/GIS
- Liability for a water-critical system; insurance
- Incumbent relationships and switching inertia
- Single-founder bandwidth / support load
In our favor (moats)
- Regulatory tailwind + local urgency (GSL, metering mandate)
- Defensible IP: manifold health model + failsafe AI (patentable / trade-secret)
- Disciplined-AI positioning competitors can't easily copy credibly
- CMS-active design = low support cost = SMB-viable economics
- Local presence & relationships in Northern Utah
- Same platform extends beyond water (any sensored, regulated utility)
Risks & benefits
Risks
- Long sales cycles delay revenue
- Critical-infrastructure liability & breach reputational risk
- Regulatory/funding shifts change priorities
- Incumbents bundle a competing feature
- Support burden if CMS self-service under-delivers
- Data ownership / privacy / records-law obligations
Benefits
- Recurring, high-margin SaaS; passive-income friendly via licensing
- Mandate-driven, underserved, local market
- One platform, many domains → expansion revenue
- Defensible, explainable AI as a durable differentiator
- Low capex; a single client funds growth
- Mission with public goodwill (saving the lake, saving water)
Go-to-market & business model
- Design partner (now). One friendly Northern-Utah small/midrange district or secondary-water company. Discounted ($3k–12k/yr) for a logo, a reference call, and a written case study; renewal steps up to standard.
- Reference-led expansion. Utah water operators are a tight community; a working reference + the GSL urgency drives district-to-district adoption.
- Tiered SaaS. Very small $4–15k/yr · small $15–45k/yr · midrange $45–120k/yr · one-time onboarding $5–40k. (Estimates to validate against incumbent quotes.)
- Founder economics for passive income. License the IP to the operating entity for a 15–25% running royalty on recurring revenue + a minimum annual guarantee, rather than running support yourself. Protect with clean IP assignment, a trademark, and capped liability — confirm with an IP attorney.