Daily Mishnah · Startup Mensch · Standard
Mishnah Kelim 17:4-5
Hook: The Tyranny of the Flat Metric
As a founder, you are constantly negotiating tolerances. You negotiate them with your engineering team when defining what constitutes a "critical bug" versus a "known limitation." You negotiate them with your enterprise clients when hammering out Service Level Agreements (SLAs) with down-to-the-millisecond uptime guarantees. You negotiate them with your board when setting the "Minimum Viable Product" (MVP) parameters before a launch.
The prevailing modern business dogma tells you to optimize to the edge. It tells you to extract every drop of efficiency, to deliver exactly what is contracted—not a byte more, not a hertz faster—and to deprecate legacy systems the second they stop driving primary revenue. We have been taught that variance is the enemy, and that a single, flat metric applied universally across your organization is the hallmark of a mature, data-driven business.
But this is a lie. And it is a lie that kills startups.
When you apply flat, symmetrical metrics to complex, dynamic systems, you build fragile companies. You create products that technically meet specs but fail under the chaotic "shaking" of real-world scale. You build contract structures that put you one minor server blip away from catastrophic breach of trust. You leave zombie codebases alive because "some customers still use them," unknowingly exposing your entire enterprise to massive security and regulatory liability.
Mishnah Kelim 17:4-5 is an ancient, master-class text on physical tolerances, asymmetric measurement, and the ethical limits of disclosure. It deals with the laws of Kelim (vessels)—specifically, at what point a broken or modified object ceases to be a "vessel" and therefore becomes "clean" (pure, because it can no longer hold or transport anything, thus losing its legal status as a functional tool).
The Sages of the Mishnah did not view metrics as flat abstractions. They understood that a hole in a basket carried on a gardener’s back behaves differently than a hole in a basket sitting static on a householder’s shelf. They understood that to protect against systemic failure, you must build intentional, asymmetric margins of error into your operational delivery. And they wrestled with the terrifying founder's dilemma of "Responsible Disclosure": when exposing a vulnerability in your system might actually teach bad actors how to exploit it.
If you are running a high-growth company, this text is your operational blueprint. It will teach you how to define the death of a product, how to structure your SLAs so you never accidentally steal from your customers, and how to handle the dangerous vulnerabilities lurking within your code and your business model.
Full Experience in the App
Listen. Chat. Go deeper.
Audio playback, interactive chevruta, Hebrew tools, and every daily learning track — only in Derekh Learning.
Text Snapshot
"But why were there a larger and a smaller cubit? Only for this reason: so that craftsmen might take their orders according to the smaller cubit and return their finished work according to the larger cubit, so that they might not be guilty of any possible trespassing of Temple property... About all these [the hidden compartments in balances, levels, and canes] Rabbi Yohanan ben Zakkai said: Oy to me if I should mention them, Oy to me if I don't mention them."
— Mishnah Kelim 17:9, 16 (Sefaria Mishnah Kelim 17:4-5)
Analysis: Three Decision Rules for High-Growth Founders
Insight 1: The Asymmetric SLA (The Shushan Cubit Rule for Margin of Error)
The most striking operational design in Mishnah Kelim 17:9 is the existence of the two standard cubits in Shushan Habirah (the gate of the Temple palace). One cubit exceeded the classic Mosaic standard by half a fingerbreadth; the other exceeded it by a full fingerbreadth.
The Mishnah asks the obvious question: Why maintain two different, non-standard rulers for the same construction project?
The answer is a masterclass in risk mitigation:
"...so that craftsmen might take their orders according to the smaller cubit and return their finished work according to the larger cubit, so that they might not be guilty of any possible trespassing of Temple property." Mishnah Kelim 17:9
In the ancient world, "trespassing Temple property" (Me'ilah) was a severe legal and spiritual crime. If a craftsman was contracted to build a golden table of three cubits, and he delivered a table that was even a fraction of a millimeter short, he had effectively misappropriated sacred materials and funds for personal gain. He had committed theft.
To eliminate this risk, the system was intentionally engineered with an asymmetric metric buffer. The craftsman bid on the contract using the smaller ruler (Moses' cubit plus half a fingerbreadth). But when he delivered the final product, it was measured using the larger ruler (Moses' cubit plus a full fingerbreadth).
To fulfill his contract, the craftsman had to over-deliver. He had to build a larger object than he was technically paid for, using more of his own labor and materials to ensure that even with human error, physical warping, and tool degradation, the absolute minimum required by the sacred standard was exceeded.
As a founder, your contracts, APIs, and SLAs are your "Temple property." They are the sacred trust upon which your enterprise is built. Yet, modern startups routinely commit the operational sin of Symmetric SLA Engineering.
If your marketing and sales teams promise a client $99.9%$ uptime (the "Moses Cubit"), your engineering team builds and tests the infrastructure to survive exactly $99.9%$ uptime. When a localized AWS outage hits, or a database migration runs long, you slip to $99.85%$. You have breached your contract. You have committed modern Me'ilah—you have taken your customer's money and failed to deliver the value promised.
The Shushan Cubit Rule dictates that your internal engineering targets must be asymmetrically larger than your external contractual commitments.
If you sell $99.9%$ uptime, your internal engineering team must be PagerDuty-alerted at $99.95%$. If you promise a page-load speed of under $200\text{ms}$ to your enterprise clients, your internal performance budget must be set to $150\text{ms}$.
You do not do this because you are generous; you do this because you are humble enough to recognize that human error, system latency, and unexpected spikes are inevitable. You design the system so that your "worst-case" delivery still satisfies the customer's "best-case" expectation.
The cost of the extra raw materials (or server compute, or engineering hours) is your insurance policy against the catastrophic loss of brand equity and legal liability.
Insight 2: The "Chamber-Pot" Principle of Feature Deprecation (When is "Broken" Actually Dead?)
How do you know when a product is dead? In the software world, we talk about "End of Life" (EOL) and feature deprecation. In the physical product world, we talk about decommissioning.
The Sages in Mishnah Kelim 17:4 analyze this through the lens of ritual purity. A vessel can only become ritually impure if it is functional. If it is broken beyond use, it ceases to be a "vessel" and becomes "clean"—meaning, it is now just a useless piece of wood, clay, or metal, exempt from the laws of contamination.
But how broken is "broken"?
The Mishnah states:
"A chamber-pot that cannot hold liquids but can still hold excrements remains unclean." Mishnah Kelim 17:4
Consider the sheer grit of this definition. The primary function of a chamber-pot is to hold liquids (urine). The pot has cracked. It can no longer perform its primary, clean function without leaking.
By any modern product manager’s standard, this product is "broken." It should be thrown away.
Yet, the Mishnah rules that because it can still hold solid waste—a secondary, degraded, "dirty" function—it is still legally classified as a vessel. It remains susceptible to impurity. It is not dead.
Now look at the counter-ruling by Rabban Gamaliel in the same passage:
"Rabban Gamaliel rules that it is clean since people do not usually keep one that is in such a condition." Mishnah Kelim 17:4
Rabban Gamaliel introduces the concept of market reality and human behavior. He argues that even if a broken vessel can technically perform some degraded, secondary function, if the average person ("householder") would realistically throw it in the trash out of disgust or convenience, it loses its status as a vessel.
The commentary of the Rambam on this Mishnah emphasizes this point:
"It remains unclean... because it was a vessel until now." Rambam on Mishnah Kelim 17:4:1
But once it is abandoned by common practice, its legal existence terminates.
This debate speaks directly to the founder's nightmare of Technical Debt and Legacy Feature Deprecation.
Every mature startup has "chamber-pot" features. These are legacy APIs, outdated security protocols, or clunky UX workflows that are fundamentally broken for their primary, high-value use cases. However, they remain live because a handful of legacy clients are still using them for "dirty," highly customized, or secondary workarounds.
You want to deprecate these features to clean up your codebase and reduce your security attack surface. But your account managers scream that Client X still relies on that broken API endpoint.
The Mishnah gives you two distinct paths to resolve this, depending on your stage and posture:
- The Conservative Engineering View (The Anonymous First Tanna): If a system or feature can still accept inputs, store data, or execute commands—even if it is highly degraded and used only for "waste" processes—it is still "unclean." This means it is still a liability. It represents a security vulnerability, a maintenance cost, and a potential entry point for hackers. You cannot treat it as nonexistent. You must patch it, monitor it, and secure it as if it were a flagship feature, because its "vessel" status remains active.
- The Operational Market View (Rabban Gamaliel): You must establish a "Common Usage Threshold." If the market utility of a feature has dropped below what a reasonable user would tolerate, you must unilaterally declare it dead, turn it off, and force your users to migrate. You do not let a legacy client's lazy workaround dictate your system's purity. If "people do not usually keep one that is in such a condition," you pull the plug.
To illustrate how this plays out under real-world operational stress, look at the commentary of the Rash MiShantz on how we test these broken vessels:
"...out of the movement of picking up and walking, it falls out more. And so too, out of throwing the basket behind his back." Rash MiShantz on Mishnah Kelim 17:4:2
The Rash is explaining Rabban Shimon ben Gamaliel’s test for a broken basket. You don't test it when it is sitting perfectly still on a table. You test it when the user hangs it behind their back and walks down a road. The dynamic, real-world motion of walking causes the contents (the pomegranates) to shake, shift, and fall through the hole.
Your software features and physical products cannot be evaluated under static "happy path" testing conditions. A feature might look "clean" and functional in your staging environment. But when you subject it to the dynamic, chaotic movement of real-world scale—when thousands of users are "shaking" your database with concurrent queries—that tiny, unnoticed crack in your code becomes a gaping hole where data falls through.
If your product cannot survive the "walk," it is already broken, and keeping it alive is a liability.
Insight 3: The "Oy to Me" Dilemma of Vulnerability Disclosure (The Beggar's Cane and the Zero-Day)
Perhaps the most ethically agonizing passage in the entire tractate is Rabbi Yohanan ben Zakkai’s cry:
"About all these Rabbi Yohanan ben Zakkai said: Oy to me if I should mention them, Oy to me if I don't mention them." Mishnah Kelim 17:16
What are "all these"?
The Mishnah lists a series of everyday objects that have been secretly modified to include hidden compartments:
- A goldsmith’s balance beam hollowed out to hold metal (to cheat on weights).
- A leveling tool with a secret cavity for metal.
- A beggar’s walking cane with a hidden compartment to store water or valuables.
- A hollowed-out cane designed to smuggle mezuzahs or pearls.
These are the ancient equivalents of exploits, backdoors, and grey-hat growth hacks. They are clever design modifications built specifically to bypass systems of regulation, taxation, and trust.
Rabbi Yohanan ben Zakkai, the leader of the Jewish people during and after the destruction of the Second Temple, faced a brutal ethical paradox:
- "Oy to me if I should mention them": If I openly codify these hidden compartments in the Mishnah to explain how they affect ritual purity, I am publishing a step-by-step instruction manual for fraud. I am teaching dishonest merchants exactly how to hollow out their scales, and showing smugglers exactly how to construct a "beggar's cane" that evades detection. I am democratizing the exploit.
- "Oy to me if I don't mention them": If I remain silent to prevent the spread of this knowledge, honest people will unknowingly buy these rigged tools. Priests will use impure scales, citizens will be cheated by corrupt weights, and systemic purity will be quietly, invisibly eroded from within.
This is the exact dilemma faced by every modern founder, CTO, and security researcher dealing with a Zero-Day vulnerability or a systemic flaw in their industry.
Suppose your engineering team discovers a critical flaw in a widely used open-source library, or a loophole in a major competitor's API that allows you to scrape their entire proprietary database undetected.
If you disclose it publicly (or report it to the competitor), you risk exposing the vulnerability to bad actors before they can patch it, or you lose a massive, albeit questionable, competitive advantage. If you keep quiet, you protect your own short-term interests, but you leave the entire ecosystem vulnerable to a catastrophic breach.
How do we resolve the "Oy to me" paradox?
We look at what Rabbi Yohanan ben Zakkai actually did: He spoke. The Mishnah records the details of these hidden compartments.
The ethical decision rule is clear: Systemic transparency, even when it carries the short-term risk of weaponization, is the only sustainable path to systemic trust.
When you discover a vulnerability, a backdoor, or an unethical "growth hack" in your product or your industry, your duty is to patch and disclose. You do not hide the "beggar's cane." You expose the mechanism, establish the standard of purity, and force the industry to level up.
Silently exploiting a loophole—or allowing your users to operate in a state of insecure ignorance—is a slow-release poison that will eventually destroy your company's integrity.
Policy Move: The Asymmetric SLA and Deprecation Protocol (ASDP)
To translate these three insights into immediate, ROI-positive operational reality, your company must implement the Asymmetric SLA and Deprecation Protocol (ASDP).
This policy replaces vague "best efforts" engineering with a mathematically rigorous, ethically sound framework for delivery and feature death.
THE ASDP FRAMEWORK
[ THE SOUTH-EASTERN CUBIT ] <- Internal Engineering Target
| (e.g., 99.95% Uptime / 150ms Latency)
| <- Asymmetry
| Buffer
v
[ THE MOSES CUBIT ] <- Contractual SLA Commitment
| (e.g., 99.9% Uptime / 200ms Latency)
|
v
[ CHAMBER-POT LIMIT ] <- Deprecation Threshold
(Usage < 1.5% and AC < 0
-> Automatic Kill)
Phase 1: Establish Your "Shushan Cubit" (The Asymmetry Buffer)
For every external performance metric promised to a client, investor, or user, you must define two distinct internal metrics:
- The Contractual Metric (The "Moses Cubit"): The exact number written into your contracts or marketing materials.
- The Target Metric (The "South-Eastern Cubit"): The internal engineering and operational target, which must be asymmetrically buffered to absorb real-world "shaking."
To calculate your required Asymmetry Coefficient (AC), use the following formula:
$$\text{AC} = \left( \frac{\text{Internal Target Performance}}{\text{External SLA Commitment}} \right) - 1$$
Your company policy must mandate an $\text{AC} \ge 0.05$ ($5%$ minimum safety buffer) for all critical path operations.
- Example (Latency): If your external enterprise SLA commits to a $200\text{ms}$ API response time, your internal engineering dashboard must trigger a PagerDuty alert if the 95th percentile ($p95$) latency exceeds $190\text{ms}$ ($200\text{ms} \times (1 - 0.05)$). You build the system to the larger cubit to ensure you never "trespass" on the smaller one.
Phase 2: The Dynamic "Shaking" Test
You are prohibited from signing off on any new product launch or major update based solely on static, synthetic staging tests (the "sitting on the table" test).
Before any code deployment to production, the QA team must execute a Dynamic Shaking Audit (DSA). This audit simulates real-world stress conditions:
- The "Walk" Test: Simulating erratic network degradation, high latency, and concurrent database reads while the system is under $150%$ of peak projected load.
- The "Hanging Behind" Test: Simulating background processes, automated cron jobs, and third-party integrations failing simultaneously to see if the core data "falls through the holes" of your error-handling architecture.
If the system leaks data or breaches the Moses Cubit during the dynamic shaking test, the release is blocked. No exceptions.
Phase 3: The "Chamber-Pot" Deprecation Engine
To eliminate the security risks of legacy features without alienating key clients, implement a bi-annual Chamber-Pot Audit.
Every feature, API endpoint, or service must be categorized based on its utility:
| Metric / Parameter | Primary Utility | Secondary ("Dirty") Utility | Action Required |
|---|---|---|---|
| Active & Clean | High (Primary use case intact) | N/A | Maintain & Optimize |
| The Chamber-Pot | Broken / Obsolete | Active (Legacy workarounds) | Execute Deprecation Protocol |
| Fully Clean (Dead) | Nonexistent | Nonexistent | Remove Code immediately |
When a feature falls into the Chamber-Pot category (i.e., its primary utility is dead, but it is kept alive for secondary, low-value workarounds):
- Calculate the Risk-to-Revenue Ratio: Compare the annual recurring revenue (ARR) of the clients using the workaround against the fully burdened engineering cost of securing and maintaining that legacy surface area.
- Apply Rabban Gamaliel's Rule: If the active user base of that specific workaround represents less than $1.5%$ of your total user base, the feature is legally declared "clean" (dead).
- The Clean Cut: Provide affected users with a hard 45-day migration window to a modern workflow, then completely remove the legacy code. Do not leave the broken pot in your system to collect impurity.
Board-Level Question: The Integrity Audit
To initiate this strategic pivot, the founder or lead independent director must present the following multi-part question to the executive team at the next board meeting:
"If we were to audit our contractual commitments today using the 'Shushan Cubit' standard, where are we operating with a zero-margin safety buffer—effectively risking accidental breach of trust (Me'ilah) with our largest clients to save short-term infrastructure costs? Furthermore, what 'chamber-pot' features or undocumented backdoors (beggar's canes) are we currently keeping alive in our codebase that expose us to compliance, security, or regulatory liability, and why haven't we executed a clean, Rabban Gamaliel-style deprecation on them?"
How to Prepare for the Boardroom Discussion
To ensure this question leads to strategic execution rather than defensive posturing, founders should prepare the following three data points before the meeting:
- The SLA Vulnerability Map: A list of all active enterprise contracts where the actual performance metrics over the last two quarters came within $2%$ of the contractual SLA limit. This highlights where your "cubit" is too small.
- The Legacy Debt Inventory: A comprehensive list of all legacy features, APIs, and custom integrations that have not received a security patch in the last 12 months, along with the specific revenue associated with the accounts using them.
- The Vulnerability Disclosure Playbook: A review of your company's current security disclosure policy. Do you have an active Bug Bounty program? Do you have a clear, documented process for what happens when a "beggar's cane" exploit is discovered in your system?
Takeaway: Metric Purity is Operational Purity
In the high-stakes world of venture-backed startups, it is incredibly easy to lose your way in the pursuit of efficiency. We are tempted to cut corners, to shave margins, to promise what we hope we can deliver, and to leave old, dangerous systems running because we are afraid of client pushback.
But the Torah, through the precise engineering laws of Mishnah Kelim 17:4-5, calls us to a higher, more profitable standard of business ethics:
- Honesty requires asymmetry. If you want to ensure you never cheat your customers, you must build your internal systems to a larger standard than your external promises. Your safety margin is not wasted capital; it is the foundation of your brand's integrity.
- Cleanliness requires completeness. A broken product that is half-alive is a liability. If a feature no longer serves its primary purpose, do not let it linger as a "chamber-pot" for dirty workarounds. Have the courage to kill it cleanly.
- Trust requires transparency. If you find a loophole, a backdoor, or an exploit in your system, do not hide it out of fear or exploit it for short-term gain. Face the "Oy to me" dilemma with the courage of Rabbi Yohanan ben Zakkai. Disclose, patch, and build on solid ground.
By designing your startup with asymmetric buffers, ruthlessly deprecating legacy liabilities, and operating with radical transparency, you build a business that is not only highly profitable but structurally "clean." You become a true Startup Mensch—a founder who wins not by cutting corners, but by building a vessel strong enough to hold its value under any weight.
derekhlearning.com