LevSMS — Full Thesis from Sam (Voice Transcript)
Date: 2026-05-13 ~5:45 PM EDT
Source: Sam voice memo dictated while reading Codex's LevSMS Router Go-Live Briefing
Status: raw thesis — to be tightened by Codex (LevSMS router owner) and Sam over next sessions
Why this lives here: voice was rich enough to count as a spec source, not just a comment
Verbatim themes (paraphrased for readability; voice intent preserved)
1. Twilio status confirmed
- Campaign was non-good → in progress → APPROVED yesterday
- Successfully sent SMS to Sam's 917 personal number — received
- WhatsApp test worked
- Inbound webhook works in principle; sheet structure + permission logic still to be built
2. Permissions / phone number authorization (the core architecture)
- HIS phone number = full access · everyone else = scoped access by tags
- Sheet aggregates: phone number → tags → permission level → allowed triggers
- Anti-spoofing required:
- Empty/blank "From" must be REJECTED, not given default access
- SMS sender ID can be spoofed — need out-of-band confirmation for sensitive triggers
- Two-factor auth for premium / age-gated content
- Whitelist by phone number, with CONTROL tab + REFERENCE_RULES tab governing
- Example: "I do not allow any of them for sports" — phone number tag "no-sports"
- Premium tiers: bronze · gold · diamond · etc. — per-tier menu items unlocked
3. Menu paging logic
- User gets 5 of 50 options based on tags/permissions
- Numbered 1-5 even though they're #8, #33, #39 in master
- Dynamic per user
4. ZIP code intelligence (the LOCATION layer)
- ZIP IN system → return weather + Hebrew date + parsha + Shabbos candles + zmanim + local headlines
- ZIP NOT in system → polite "not in my system, would you like me to add it?"
- User-add → triggers sheet update + crawl-for-that-ZIP
- Whitelist mechanism for new ZIPs (Sam approves before public)
5. Pilot scope
- North Woodmere kosher community first
- Davening / prayer times (zmanim) per ZIP
- Weather + Hebrew date + parsha
- Shabbos candle-lighting
- Local synagogue + restaurant + service info
- Sources to crawl over time: yeshivaworld.com, theshivaworld.com, local NYC orthodox community sites
6. Two-factor auth model
- Sensitive trigger → SMS confirm via reply OR different channel
- Counter-spoof: confirm via different number/email
- Age-gated: parent consent for minors
- Premium tiers may require email + phone double confirm
7. Character limits / monetization seed
- SMS = 160 chars per segment
- Reserve some for ads (future monetization)
- Smart truncation
- "Sponsored by" footer line for free tier
8. RIDESHARING (the NEW big build)
- Sam doesn't want WhatsApp chat-spam ("I'm going to X, who needs ride?")
- Doesn't want to be the de facto chauffeur of his community
- LevSMS-driven private channel:
- User texts "going to [destination] [time]"
- LevSMS keeps registry of who needs rides
- Connects them directly (peer-to-peer match)
- No public group chat noise
- Trust signal: only people Sam pre-tagged as "approved drivers" can offer rides
- Riders can be more open
9. Cadence + transcription workflow problem (the META gap Sam flagged)
- Trying to record on iPhone but uses iPad mini sometimes
- Need to pick ONE cadence: phone OR iPad OR computer mic
- Wants comments/feedback workflow on briefings → trigger more automations
- Wants Claude Code-like trigger automations (think "Claude Code triggers" pattern from Cursor)
- Morning briefing → 3-5 questions → Sam voice-responds → triggers update
10. Brokerage alert consolidation (separate but mentioned)
- Set up alert properties across Schwab, Fidelity, IBKR/thinkorswim
- Folder routing for alerts
- Reduce dependence on Google Finance for live prices
- Pull live prices from IBKR (or Fidelity) API as primary source
- $100 to keep IBKR account active for API access
- Add Alpaca as another option
- Click "Refresh" in Google Sheet → pulls live data
11. Command Center / portal naming
- Need better name than "Command Center"
- Both Sam + Mildred login spot
- Briefing link for Mildred
- Pre-given access controls
- Backend permission controls
- Hacker-proof
12. The macro/micro audit ask
- "Take a macro micro look at anything and everything from every repo and everywhere and anywhere"
Where this slots into existing work
| Theme | Existing artifact | Gap |
|---|---|---|
| Phone permission model | levsms-router-apps-script/Code.js (Codex, 544 lines) |
Add CONTROL_PHONES + REFERENCE_RULES tabs to Sheet template |
| Menu paging | Not yet built | Codex's next push |
| ZIP code intel | Not yet built | Pilot scope = NW only first |
| Ridesharing | Not in any artifact | NEW concept — needs separate scoping doc |
| Anti-spoofing | Twilio default doesn't protect | Out-of-band confirm pattern · token-on-first-message · Sam-only blesses new numbers |
| Cadence/transcription | docs/daily-cadence-system/PROACTIVE_MORNING_BRIEF_SPEC.md (mine) |
Reply-to-update trigger spec aligns; not built yet |
| Brokerage consolidation | docs/HOW_TO/ has nothing on this yet |
New HOW-TO needed |
Things Sam is NOT seeing (my critique — see briefing)
- Cash Action Board guardrail violation (his own rule from this morning)
- Ridesharing legal liability (commercial drivers, insurance)
- Twilio costs scale fast (per-message billing eats margin at scale)
- Sheet-as-database doesn't scale past ~10k rows (kosher community DB needs real DB at scale)
- Voice transcription cadence problem has a simple answer: pick ONE tool, always use it
- Anti-spoofing is harder than it sounds (requires OOB confirm, can't trust caller ID)
See outputs/2026-05-13_17-45_briefing_levsms-thesis-critique-and-real-moves.html for full critique.
Coordination note
This thesis is voice-only. Codex owns the LevSMS router build (per repo levsms-router-apps-script/). When Codex picks this up:
1. Read this doc end-to-end
2. Decide which themes go into router CODE vs router SHEET vs new docs
3. Surface concrete sheet-tab schemas
4. Push the schema decisions back here for cross-agent visibility
— Captured by Desktop Claude Code · session 34 · 2026-05-13 17:45 EDT