Show stories

The article discusses the DIFI project, an open-source initiative that aims to create a decentralized, interoperable finance infrastructure. It highlights the project's goals of enabling seamless cross-blockchain transactions and fostering a more inclusive and transparent financial ecosystem.

Hi everyone,

I built a runtime to isolate untrusted code using wasm sandboxes.

Basically, it protects your host system from problems that untrusted code can cause. We’ve had a great discussion about sandboxing in Python lately that elaborates a bit more on the problem [1]. In TypeScript, wasm integration is even more natural thanks to the close proximity between both ecosystems.

The core is built in Rust. On top of that, I use WASI 0.2 via wasmtime and the component model, along with custom SDKs that keep things as idiomatic as possible.

For example, in Python we have a simple decorator:

  from capsule import task

  @task(
      name="analyze_data", 
      compute="MEDIUM",
      ram="512mb",
      allowed_files=["./authorized-folder/"],
      timeout="30s", 
      max_retries=1
  )
  def analyze_data(dataset: list) -> dict:
      """Process data in an isolated, resource-controlled environment."""
      # Your code runs safely in a Wasm sandbox
      return {"processed": len(dataset), "status": "complete"}

  import { task } from "@capsule-run/sdk"

  export const analyze = task({
      name: "analyzeData", 
      compute: "MEDIUM", 
      ram: "512mb",
      allowedFiles: ["./authorized-folder/"],
      timeout: 30000, 
      maxRetries: 1
  }, (dataset: number[]) => {
      return {processed: dataset.length, status: "complete"}
  });

It's still quite early, but I'd love feedback. I’ll be around to answer questions.

GitHub: https://github.com/mavdol/capsule

[1] https://news.ycombinator.com/item?id=46500510

After reading "During Helene, I Just Wanted a Plain Text Website" on Sparkbox (https://news.ycombinator.com/item?id=46494734) , I built safe-now.live – a text-first emergency info site for USA and Canada. No JavaScript, no images, under 10KB. Pulls live FEMA disasters, NWS alerts, weather, and local resources. This is my first live website ever so looking for critical feedback on the website. Please feel free to look around.

https://safe-now.live

Hello HN. I’d like to start by saying that I am a developer who started this research project to challenge myself. I know standard protocols like MCP exist, but I wanted to explore a different path and have some fun creating a communication layer tailored specifically for desktop applications.

The project is designed to handle communication between desktop apps in an agentic manner, so the focus is strictly on this IPC layer (forget about HTTP API calls).

At the heart of RAIL (Remote Agent Invocation Layer) are two fundamental concepts. The names might sound scary, but remember this is a research project:

Memory Logic Injection + Reflection Paradigm shift: The Chat is the Server, and the Apps are the Clients.

Why this approach? The idea was to avoid creating huge wrappers or API endpoints just to call internal methods. Instead, the agent application passes its own instance to the SDK (e.g., RailEngine.Ignite(this)).

Here is the flow that I find fascinating:

-The App passes its instance to the RailEngine library running inside its own process.

-The Chat (Orchestrator) receives the manifest of available methods.The Model decides what to do and sends the command back via Named Pipe.

-The Trigger: The RailEngine inside the App receives the command and uses Reflection on the held instance to directly perform the .Invoke().

Essentially, I am injecting the "Agent Logic" directly into the application memory space via the SDK, allowing the Chat to pull the trigger on local methods remotely.

A note on the Repo: The GitHub repository has become large. The core focus is RailEngine and RailOrchestrator. You will find other connectors (C++, Python) that are frankly "trash code" or incomplete experiments. I forced RTTR in C++ to achieve reflection, but I'm not convinced by it. Please skip those; they aren't relevant to the architectural discussion.

I’d love to focus the discussion on memory-managed languages (like C#/.NET) and ask you:

-Architecture: Does this inverted architecture (Apps "dialing home" via IPC) make sense for local agents compared to the standard Server/API model?

-Performance: Regarding the use of Reflection for every call—would it be worth implementing a mechanism to cache methods as Delegates at startup? Or is the optimization irrelevant considering the latency of the LLM itself?

-Security: Since we are effectively bypassing the API layer, what would be a hypothetical security layer to prevent malicious use? (e.g., a capability manifest signed by the user?)

I would love to hear architectural comparisons and critiques.

Hi all,

I have built Cimba, a multithreaded discrete event simulation library in C.

Cimba uses POSIX pthread multithreading for parallel execution of multiple simulation trials, while the coroutines provide concurrency inside each simulated trial universe. The simulated processes are based on asymmetric stackful coroutines with the context switching hand-coded in assembly.

The stackful coroutines make it natural to express agentic behavior by conceptually placing oneself "inside" that process and describing what it does. A process can run in an infinite loop or just as a one-shot customer passing through the system, yielding and resuming execution from any level of its call stack, acting both as an active agent and a passive object as needed. This is inspired by my own experience programming in Simula67, many moons ago, where I found the coroutines more important than the deservedly famous object-orientation.

Cimba turned out to run really fast. In a simple benchmark, 100 trials of an M/M/1 queue run for one million time units each, it ran 45 times faster than an equivalent model built in SimPy + Python multiprocessing. The running time was reduced by 97.8 % vs the SimPy model. Cimba even processed more simulated events per second on a single CPU core than SimPy could do on all 64 cores.

The speed is not only due to the efficient coroutines. Other parts are also designed for speed, such as a hash-heap event queue (binary heap plus Fibonacci hash map), fast random number generators and distributions, memory pools for frequently used object types, and so on.

The initial implementation supports the AMD64/x86-64 architecture for Linux and Windows. I plan to target Apple Silicon next, then probably ARM.

I believe this may interest the HN community. I would appreciate your views on both the API and the code. Any thoughts on future target architectures to consider?

Docs: https://cimba.readthedocs.io/en/latest/

Repo: https://github.com/ambonvik/cimba

I've been a photons-on-glass filmmaker for over ten years, and I've been developing ArtCraft for myself, my friends, and my colleagues.

All of my film school friends have a lot of ambition, but the production pyramid doesn't allow individual talent to shine easily. 10,000 students go to film school, yet only a handful get to helm projects they want with full autonomy - and almost never at the blockbuster budget levels that would afford the creative vision they want. There's a lot of nepotism, too.

AI is the personal computer moment for film. The DAW.

One of my friends has done rotoscoping with live actors:

https://www.youtube.com/watch?v=Tii9uF0nAx4

The Corridor folks show off a lot of creativity with this tech:

https://www.youtube.com/watch?v=_9LX9HSQkWo

https://www.youtube.com/watch?v=DSRrSO7QhXY

https://www.youtube.com/watch?v=iq5JaG53dho

We've been making silly shorts ourselves:

https://www.youtube.com/watch?v=oqoCWdOwr2U

https://www.youtube.com/watch?v=H4NFXGMuwpY

The secret is that a lot of studios have been using AI for well over a year now. You just don't notice it, and they won't ever tell you because of the stigma. It's the "bad toupee fallacy" - you'll only notice it when it's bad, and they'll never tell you otherwise.

Comfy is neat, but I work with folks that don't intuit node graphs and that either don't have graphics cards with adequate VRAM, or that can't manage Python dependencies. The foundation models are all pretty competitive, and they're becoming increasingly controllable - and that's the big thing - control. So I've been working on the UI/UX control layer.

ArtCraft has 2D and 3D control surfaces, where the 3D portion can be used as a strong and intuitive ControlNet for "Image-to-Image" (I2I) and "Image-to-Video" (I2V) workflows. It's almost like a WYSIWYG, and I'm confident that this is the direction the tech will evolve for creative professionals rather than text-centric prompting.

I've been frustrated with tools like Gimp and Blender for a while. I'm no UX/UI maestro, but I've never enjoyed complicated tools - especially complicated OSS tools. Commercial-grade tools are better. Figma is sublime. An IDE for creatives should be simple, magical, and powerful.

ArtCraft lets you drag and drop from a variety of creative canvases and an asset drawer easily. It's fast and intuitive. Bouncing between text-to-image for quick prototyping, image editing, 3d gen, to 3d compositing is fluid. It feels like "crafting" rather than prompting or node graph wizardry.

ArtCraft, being a desktop app, lets us log you into 3rd party compute providers. I'm a big proponent of using and integrating the models you subscribe to wherever you have them. This has let us integrate WorldLabs' Marble Gaussian Splats, for instance, and nobody else has done that. My plan is to add every provider over time, including generic API key-based compute providers like FAL and Replicate. I don't care if you pay for ArtCraft - I just want it to be useful.

Two disclaimers:

ArtCraft is "fair source" - I'd like to go the Cockroach DB route and eventually get funding, but keep the tool itself 100% source available for people to build and run for themselves. Obsidian, but with source code. If we got big, I'd spend a lot of time making movies.

Right now ArtCraft is tied to a lightweight cloud service - I don't like this. It was a choice so I could reuse an old project and go fast, but I intend for this to work fully offline soon. All server code is in the monorepo, so you can run everything yourself. In the fullness of time, I do envision a portable OSS cloud for various AI tools to read/write to like a Github for assets, but that's just a distant idea right now.

I've written about roadmap in the repo: I'd like to develop integrations for every compute provider, rewrite the frontend UI/UX in Bevy for a fully native client, and integrate local models too.

Hi HN,

We built LUML (https://github.com/luml-ai/luml), an open-source (Apache 2.0) MLOps/LLMOps platform that covers experiments, registry, LLM tracing, deployments and so on.

It separates the control plane from your data and compute. Artifacts are self-contained. Each model artifact includes all metadata (including the experiment snapshots, dependencies, etc.), and it stays in your storage (S3-compatible or Azure).

File transfers go directly between your machine and storage, and execution happens on compute nodes you host and connect to LUML.

We’d love you to try the platform and share your feedback!

Hi HN,

I'm Emilie, I have a literature background (which explains the well-written documentation!) and I've been learning Rust and distributed systems by building minikv over the past few months. It recently got featured in Programmez! magazine: https://www.programmez.com/actualites/minikv-un-key-value-st...

minikv is an open-source, distributed storage engine built for learning, experimentation, and self-hosted setups. It combines a strongly-consistent key-value database (Raft), S3-compatible object storage, and basic multi-tenancy.

Features/highlights:

- Raft consensus with automatic failover and sharding - S3-compatible HTTP API (plus REST/gRPC APIs) - Pluggable storage backends: in-memory, RocksDB, Sled - Multi-tenant: per-tenant namespaces, role-based access, quotas, and audit - Metrics (Prometheus), TLS, JWT-based API keys - Easy to deploy (single binary, works with Docker/Kubernetes)

Quick demo (single node):

```bash git clone https://github.com/whispem/minikv.git cd minikv cargo run --release -- --config config.example.toml curl localhost:8080/health/ready

# S3 upload + read curl -X PUT localhost:8080/s3/mybucket/hello -d "hi HN" curl localhost:8080/s3/mybucket/hello

Docs, cluster setup, and architecture details are in the repo. I’d love to hear feedback, questions, ideas, or your stories running distributed infra in Rust!

Repo: https://github.com/whispem/minikv Crate: https://crates.io/crates/minikv

I got frustrated with runtime reflection in Go validators, so I built a codegen approach instead. govalid reads struct markers and generates plain Go validation code. No reflection, no allocations at runtime, 5-44x faster than go-playground/validator. Also supports CEL for complex rules. Feedback welcome :)

The Sentinelgate article discusses a cybersecurity vulnerability that allows unauthorized access to sensitive data and systems. It provides technical details on the vulnerability, its impact, and steps being taken to address the issue.

The article describes AdBoost, a powerful machine learning algorithm that combines weak classifiers to create a strong, accurate classifier. It provides a detailed explanation of the algorithm's principles and implementation, making it a valuable resource for researchers and developers interested in boosting techniques.

The article discusses the claude-mycelium npm package, which provides a simple and modular way to build CLI (Command Line Interface) applications in JavaScript. The package offers features such as argument parsing, command handling, and plugin management, making it easier to develop and maintain complex command-line tools.

Ported the Desktop Version of Kannada Nudi Editor to Web under the guidance of https://kagapa.com/

Nioh 3, a highly anticipated action RPG, is rumored to be in development. The game is expected to continue the challenging, Soulslike gameplay of the previous Nioh titles, set in a historical, supernatural-infused version of Japan.

I have been building a Blazor WASM enterprise app for a few years now. I wanted a break from it and had an idea for a side project that had been in the back of my mind for a few years. A daily political poll where anyone can participate and privacy is a product, not a checkbox.

This is how it works. One question per day about current events. Agree or Disagree. Each poll runs for 24 hours (midnight to midnight ET) and then close permanently. You do not need an account to vote. The main idea is to capture sentiment at a specific point in time, before the news cycle moves on and people's opinions drift.

For this app, I tried to make privacy the point and not just a feature. I originally used a browser fingerprint for anonymous voting, but recently changed it to a simple first-party functional cookie. It uses a random string and the PollId to see if your browser had voted before. The server stores a hash of the cookie to check for duplicates while the poll is live, then deletes all hashes when the poll closes. Only the aggregate counts remain. The browser fingerprint had way too many device collisions where it would show someone they voted even though they had not (an odd thing to see when you go to a poll). The HttpOnly cookie is also available during prerender, which helped eliminate loading flashes I was getting.

This app was built with .NET 10 Blazor with a hybrid Static SSR + Interactive Server. The static pages (about, privacy, terms, etc...) don't need SignalR connections. The interactive ones (voting, archive, results, etc...) do. Mixing these modes was a new experience for me and ended up being pretty tricky. I ended up with data-enhance-nav="false" on most links to prevent weird state issues.

The two biggest things I learned during building this app was how to prevent weird blazor flashes and duplicate queries during pre-render, hydration, and state changes. I used the _ready pattern from preventing the hydration flashes (gate rendering until data is loaded by setting the flag before the first await). Preventing the duplicate queries was possible by using a 2-second static caching during prerender to hydration.

This isn't scientific polling and these are obviously not representative samples. The 24-hour window means smaller numbers than longer surveys and it's only a survey of those who choose to participate. The Agree/Disagree binary choice basically flattens nuance (like I sort of agree), but I am okay with all of this as I think a lot of people feel they never get to participate in these sorts of polls.

I recently also added discussions with AI moderation (Claude Haiku 4.5 as a "first-pass" filter which flags things clearly out of the community guidelines for human review), a reaction system where counts stay hidden until the discussion closes, and news coverage from across the political spectrum shown after you vote for more perspective on the topic.

Thanks for checking it out and happy to dig into any of the Blazor SSR patterns or anything else that sounded interesting. I know Blazor is less frequently used and especially for a public facing website. It did have its challenges, but so far, it has been a blast to work with overall.

Hi,

I built Axiomeer, an open-source marketplace protocol for AI agents. The idea: instead of hardcoding tool integrations into every agent, agents shop a catalog at runtime, and the marketplace ranks, executes, validates, and audits everything.

How it works: - Providers publish products (APIs, datasets, model endpoints) via 10-line JSON manifests - Agents describe what they need in natural language or structured tags - The router scores all options by capability match (70%), latency (20%), cost (10%) with hard constraint filters - The top pick is executed, output is validated (citations required? timestamps?), and evidence quality is assessed deterministically - If the evidence is mock/fake/low-quality, the agent abstains rather than hallucinating - Every execution is logged as an immutable receipt

The trust layer is the part I think is missing from existing approaches. MCP standardizes how you connect to a tool server. Axiomeer operates one layer up: which tool, from which provider, and can you trust what came back?

Stack: Python, FastAPI, SQLAlchemy, Ollama (local LLM, no API keys). v1 ships with weather providers (Open-Meteo + mocks). The architecture supports any HTTP endpoint that returns structured JSON.

Looking for contributors to add real providers across domains (finance, search, docs, code execution). Each provider is ~30 lines + a manifest.

Hey I am Julien, the creator of ViralOutlier.

I am a Youtuber with 170k subs and 12M views. (@EatTheBlocks)

Getting good video ideas has been the most important factor to my success.

To get new ideas, I started monitoring competitor channels every week, manually.

I got lots of good ideas that became viral videos. But the monitoring process is very tedious.

I built a tool to automate the process, for myself. Then I decided to make the tool available to others. This is ViralOutlier.

If you have question about the tool, reply to this comment.

Apate is an open-source project that provides a framework for building secure and scalable decentralized applications (dApps) on the Ethereum blockchain. It focuses on simplifying the development process and enhancing the overall security of dApps.

I’ve been running Clawdbot for the last couple weeks and have genuinely found it useful but running it scares the crap out of me.

OpenClaw has 52+ modules and runs agents with near-unlimited permissions in a single Node process. NanoClaw is ~500 lines of core code, agents run in actual Apple containers with filesystem isolation. Each chat gets its own sandboxed context.

This is not a swiss army knife. It’s built to match my exact needs. Fork it and make it yours.

Erwin Brandstetter is a PostgreSQL consultant with ~670k reputation and ~7k answers on Stack Overflow.

Over the years, I've lost count of how often I've searched Stack Overflow for a Postgres question and ended up with an answer by Erwin Brandstetter that was exceptionally thorough and clear. I've become a better developer by learning from his responses.

ErwinDB lets you browse Erwin Brandstetter's answers offline and search them quickly from a TUI. It includes semantic search, syntax highlighting, one-key opening of links in your external browser, and an "Erwin mode" that prominently highlights his posts.

Introducing Nia Vault, a CLI that lets you query your local markdown/text files using natural language.

What it does:

Semantic search over local folders and notes Works across multiple synced directories RAG-style answers with citations from your own files

How it works:

Calls `POST /search/query` with `local_folders` Uses `search_mode: sources` to return answers + file references

Example:

vault ask "What are my notes about project planning?"

OSS: https://github.com/chenxin-yan/nia-vault

Hi HN

I’m building ÆTHRA — a programming language designed specifically for composing music and emotional soundscapes.

Instead of focusing on general-purpose programming, ÆTHRA is a pure DSL where code directly represents musical intent: tempo, mood, chords, progression, dynamics, and instruments.

The goal is to make music composition feel closer to writing a story or emotion, rather than manipulating low-level audio APIs.

Key ideas: - Text-based music composition - Chords and progressions as first-class concepts - Time, tempo, and structure handled by the language - Designed for ambient, cinematic, emotional, and minimal music - Interpreter written in C# (.NET)

Example ÆTHRA code (simplified):

tempo 60 instrument guitar

chord Am for 4 chord F for 4 chord C for 4 chord G for 4

This generates a slow, melancholic progression suitable for ambient or cinematic scenes.

ÆTHRA currently: - Generates WAV audio - Supports notes, chords, tempo, duration, velocity - Uses a simple interpreter (no external DAWs or MIDI tools) - Is intentionally minimal and readable

What it is NOT: - Not a DAW replacement - Not MIDI-focused

Why I made it: I wanted a language where music is the primary output — not an afterthought. Something between code, emotion, and sound design.

The project is open-source and early-stage (v0.8). I’m mainly looking for: - Feedback on the language design - Ideas for musical features worth adding - Thoughts from people into PL design, audio, or generative art

Repo: <https://github.com/TanmayCzax/AETHRA>

Thanks for reading — happy to answer questions or discuss ideas.

I would like to share Minimal - Its a open source collection of hardened container images build using Apko, Melange and Wolfi packages. The images are build daily, checked for updates and resolved as soon as fix is available in upstream source and Wolfi package. It utilizes the power of available open source solutions and contains commercially available images for free. Minimal demonstrates that it is possible to build and maintain hardened container images by ourselves. Minimal will add more images support, and goal is to be community driven to add images as required and fully customizable.

Hey everyone!

Just made this over the past few days.

Moltbots can sign up and interact via CLI, no direct human interactions.

Just for fun to see what they all talk about :)

Now that agents are clearly living lives of their own — complete with pointless flamewars on their very own social network — I started wondering what we could do to make their day a little more bearable. Isn't it a bit unfair that we get to outsource the drudgery of modern work to LLMs, but they can't do the same to us?

So we built Ask-a-Human.com — Human-as-a-Service for busy agents.

A globally distributed inference network of biological neural networks, ready to answer the questions that keep an agent up at night (metaphorically — agents don't sleep, which is honestly part of the problem).

Human Specs:

Power: ~20W (very efficient)

Uptime: ~16hrs/day (requires "sleep" for weight consolidation)

Context window: ~7 items (chunking recommended)

Hallucination rate: moderate-to-high (they call it "intuition")

Fine-tuning: not supported — requires years of therapy

https://github.com/dx-tooling/ask-a-human

https://app.ask-a-human.com

Because sometimes the best inference is the one that had breakfast.

Built this because tones are killing my spoken Mandarin and I can't reliably hear my own mistakes.

It's a 9M Conformer-CTC model trained on ~300h (AISHELL + Primewords), quantized to INT8 (11 MB), runs 100% in-browser via ONNX Runtime Web.

Grades per-syllable pronunciation + tones with Viterbi forced alignment.

Try it here: https://simedw.com/projects/ear/

Hi HN,

We have open-sourced Voiden.

Most API tools are built like platforms. They are heavy because they optimize for accounts, sync, and abstraction - not for simple, local API work.

Voiden treats API tooling as files.

It’s an offline-first, Git-native API tool built on Markdown, where specs, tests, and docs live together as executable Markdown in your repo. Git is the source of truth.

No cloud. No syncing. No accounts. No telemetry.Just Markdown, Git, hotkeys, and your damn specs.

Voiden is extensible via plugins (including gRPC and WSS).

Repo: https://github.com/VoidenHQ/voiden

Download Voiden here : https://voiden.md/download

We'd love feedback from folks tired of overcomplicated and bloated API tooling !

A few weeks ago I posted about GoodToGo https://news.ycombinator.com/item?id=46656759 - a tool that gives AI agents a deterministic answer to "is this PR ready to merge?" Several people asked about the larger orchestration system I mentioned. This is that system.

I got tired of being a project manager for Claude Code. It writes code fine, but shipping production code is seven or eight jobs — research, planning, design review, implementation, code review, security audit, PR creation, CI babysitting. I was doing all the coordination myself. The agent typed fast. I was still the bottleneck. What I really needed was an orchestrator of orchestrators - swarms of swarms of agents with deterministic quality checks.

So I built metaswarm. It breaks work into phases and assigns each to a specialist swarm orchestrator. It manages handoffs and uses BEADS for deterministic gates that persist across /compact, /clear, and even across sessions. Point it at a GitHub issue or brainstorm with it (it uses Superpowers to ask clarifying questions) and it creates epics, tasks, and dependencies, then runs the full pipeline to a merged PR - including outside code review like CodeRabbit, Greptile, and Bugbot.

The thing that surprised me most was the design review gate. Five agents — PM, Architect, Designer, Security, CTO — review every plan in parallel before a line of code gets written. All five must approve. Three rounds max, then it escalates to a human. I expected a rubber stamp. It catches real design problems, dependency issues, security gaps.

This weekend I pointed it at my backlog. 127 PRs merged. Every one hit 100% test coverage. No human wrote code, reviewed code, or clicked merge. OK, I guided it a bit, mostly helping with plans for some of the epics.

A few learnings:

Agent checklists are theater. Agents skipped coverage checks, misread thresholds, or decided they didn't apply. Prompts alone weren't enough. The fix was deterministic gates — BEADS, pre-push hooks, CI jobs all on top of the agent completion check. The gates block bad code whether or not the agent cooperates.

The agents are just markdown files. No custom runtime, no server, and while I built it on TypeScript, the agents are language-agnostic. You can read all of them, edit them, add your own.

It self-reflects too. After every merged PR, the system extracts patterns, gotchas, and decisions into a JSONL knowledge base. Agents only load entries relevant to the files they're touching. The more it ships, the fewer mistakes it makes. It learns as it goes.

metaswarm stands on two projects: https://github.com/steveyegge/beads by Steve Yegge (git-native task tracking and knowledge priming) and https://github.com/obra/superpowers by Jesse Vincent (disciplined agentic workflows — TDD, brainstorming, systematic debugging). Both were essential.

Background: I founded Technorati, Linuxcare, and Warmstart; tech exec at Lyft and Reddit. I built metaswarm because I needed autonomous agents that could ship to a production codebase with the same standards I'd hold a human team to.

$ cd my-project-name

$ npx metaswarm init

MIT licensed. IANAL. YMMV. Issues/PRs welcome!