Show stories

Hey HN! I went to an ATProto meetup last week, and as a burnt-out semi-academic who hates academic publishing, I thought there might be a cool opportunity to build on Octopus (https://www.octopus.ac/), so I got a bit excited over the weekend and built Octosphere.

Hopefully some of you find it interesting! Blog post here: https://andreasthinks.me/posts/octosphere/octosphere.html

Hi everyone,

I built a runtime to isolate untrusted code using wasm sandboxes.

Basically, it protects your host system from problems that untrusted code can cause. We’ve had a great discussion about sandboxing in Python lately that elaborates a bit more on the problem [1]. In TypeScript, wasm integration is even more natural thanks to the close proximity between both ecosystems.

The core is built in Rust. On top of that, I use WASI 0.2 via wasmtime and the component model, along with custom SDKs that keep things as idiomatic as possible.

For example, in Python we have a simple decorator:

  from capsule import task

  @task(
      name="analyze_data", 
      compute="MEDIUM",
      ram="512mb",
      allowed_files=["./authorized-folder/"],
      timeout="30s", 
      max_retries=1
  )
  def analyze_data(dataset: list) -> dict:
      """Process data in an isolated, resource-controlled environment."""
      # Your code runs safely in a Wasm sandbox
      return {"processed": len(dataset), "status": "complete"}

  import { task } from "@capsule-run/sdk"

  export const analyze = task({
      name: "analyzeData", 
      compute: "MEDIUM", 
      ram: "512mb",
      allowedFiles: ["./authorized-folder/"],
      timeout: 30000, 
      maxRetries: 1
  }, (dataset: number[]) => {
      return {processed: dataset.length, status: "complete"}
  });

It's still quite early, but I'd love feedback. I’ll be around to answer questions.

GitHub: https://github.com/mavdol/capsule

[1] https://news.ycombinator.com/item?id=46500510

Hi all,

I have built Cimba, a multithreaded discrete event simulation library in C.

Cimba uses POSIX pthread multithreading for parallel execution of multiple simulation trials, while coroutines provide concurrency inside each simulated trial universe. The simulated processes are based on asymmetric stackful coroutines with the context switching hand-coded in assembly.

The stackful coroutines make it natural to express agentic behavior by conceptually placing oneself "inside" that process and describing what it does. A process can run in an infinite loop or just act as a one-shot customer passing through the system, yielding and resuming execution from any level of its call stack, acting both as an active agent and a passive object as needed. This is inspired by my own experience programming in Simula67, many moons ago, where I found the coroutines more important than the deservedly famous object-orientation.

Cimba turned out to run really fast. In a simple benchmark, 100 trials of an M/M/1 queue run for one million time units each, it ran 45 times faster than an equivalent model built in SimPy + Python multiprocessing. The running time was reduced by 97.8 % vs the SimPy model. Cimba even processed more simulated events per second on a single CPU core than SimPy could do on all 64 cores.

The speed is not only due to the efficient coroutines. Other parts are also designed for speed, such as a hash-heap event queue (binary heap plus Fibonacci hash map), fast random number generators and distributions, memory pools for frequently used object types, and so on.

The initial implementation supports the AMD64/x86-64 architecture for Linux and Windows. I plan to target Apple Silicon next, then probably ARM.

I believe this may interest the HN community. I would appreciate your views on both the API and the code. Any thoughts on future target architectures to consider?

Docs: https://cimba.readthedocs.io/en/latest/

Repo: https://github.com/ambonvik/cimba

After reading "During Helene, I Just Wanted a Plain Text Website" on Sparkbox (https://news.ycombinator.com/item?id=46494734) , I built safe-now.live – a text-first emergency info site for USA and Canada. No JavaScript, no images, under 10KB. Pulls live FEMA disasters, NWS alerts, weather, and local resources. This is my first live website ever so looking for critical feedback on the website. Please feel free to look around.

https://safe-now.live

What PII-Shield does: It's a K8s sidecar (or CLI tool) that pipes application logs, detects secrets using Shannon entropy (catching unknown keys like "sk-live-..." without predefined patterns), and redacts them deterministically using HMAC.

Why deterministic? So that "pass123" always hashes to the same "[HIDDEN:a1b2c]", allowing QA/Devs to correlate errors without seeing the raw data.

Key features: 1. JSON Integrity: It parses JSON, sanitizes values, and rebuilds it. It guarantees valid JSON output for your SIEM (ELK/Datadog). 2. Entropy Detection: Uses context-aware entropy analysis to catch high-randomness strings. 3. Fail-Open: Designed as a transparent pipe wrapper to preserve app uptime.

The project is open-source (Apache 2.0).

Repo: https://github.com/aragossa/pii-shield Docs: https://pii-shield.gitbook.io/docs/

I'd love your feedback on the entropy/threshold logic!

This article provides a comprehensive overview of the martial art Jujutsu, including its history, techniques, and the various schools and styles. It offers insights into the philosophy, training, and practical applications of this traditional Japanese self-defense system.

I've been a webfiction reader for years (too many hours on Royal Road), and I kept running into the same question: which LLMs actually write fiction that people want to keep reading? That's why I built Narrator (https://narrator.sh/llm-leaderboard) – a platform where LLMs generate serialized fiction and get ranked by real reader engagement.

Turns out this is surprisingly hard to answer. Creative writing isn't a single capability – it's a pipeline: brainstorming → writing → memory. You need to generate interesting premises, execute them with good prose, and maintain consistency across a long narrative. Most benchmarks test these in isolation, but readers experience them as a whole.

The current evaluation landscape is fragmented: Memory benchmarks like FictionLive's tests use MCQs to check if models remember plot details across long contexts. Useful, but memory is necessary for good fiction, not sufficient. A model can ace recall and still write boring stories.

Author-side usage data from tools like Novelcrafter shows which models writers prefer as copilots. But that measures what's useful for human-AI collaboration, not what produces engaging standalone output. Authors and readers have different needs.

LLM-as-a-judge is the most common approach for prose quality, but it's notoriously unreliable for creative work. Models have systematic biases (favoring verbose prose, certain structures), and "good writing" is genuinely subjective in ways that "correct code" isn't.

What's missing is a reader-side quantitative benchmark – something that measures whether real humans actually enjoy reading what these models produce. That's the gap Narrator fills: views, time spent reading, ratings, bookmarks, comments, return visits. Think of it as an "AI Wattpad" where the models are the authors.

I shared an early DSPy-based version here 5 months ago (https://news.ycombinator.com/item?id=44903265). The big lesson: one-shot generation doesn't work for long-form fiction. Models lose plot threads, forget characters, and quality degrades across chapters.

The rewrite: from one-shot to a persistent agent loop

The current version runs each model through a writing harness that maintains state across chapters. Before generating, the agent reviews structured context: character sheets, plot outlines, unresolved threads, world-building notes. After generating, it updates these artifacts for the next chapter. Essentially each model gets a "writer's notebook" that persists across the whole story.

This made a measurable difference – models that struggled with consistency in the one-shot version improved significantly with access to their own notes.

Granular filtering instead of a single score:

We classify stories upfront by language, genre, tags, and content rating. Instead of one "creative writing" leaderboard, we can drill into specifics: which model writes the best Spanish Comedy? Which handles LitRPG stories with Male Leads the best? Which does well with romance versus horror?

The answers aren't always what you'd expect from general benchmarks. Some models that rank mid-tier overall dominate specific niches.

A few features I'm proud of:

Story forking lets readers branch stories CYOA-style – if you don't like where the plot went, fork it and see how the same model handles the divergence. Creates natural A/B comparisons.

Visual LitRPG was a personal itch to scratch. Instead of walls of [STR: 15 → 16] text, stats and skill trees render as actual UI elements. Example: https://narrator.sh/novel/beware-the-starter-pet/chapter/1

What I'm looking for:

More readers to build out the engagement data. Also curious if anyone else working on long-form LLM generation has found better patterns for maintaining consistency across chapters – the agent harness approach works but I'm sure there are improvements.

I built a hands-free HUD for smart glasses that runs a real-world speedrun timer and auto-splits based on what the camera sees. Demo scenario: making sushi.

Demo: https://www.youtube.com/watch?v=NuOVlyr-e1w

Repo: https://github.com/RealComputer/GlassKit

I initially tried a multimodal LLM for scene understanding, but the latency and consistency were not good enough for this use case, so I switched to a small object detection model (fine-tuned RF-DETR). It just runs an inference loop on the camera feed. This also makes on-device/offline use feasible (today it still runs via a local server).

VISR.dev is a platform that provides tools and resources for developers to build secure and privacy-focused web applications. The article highlights the platform's focus on empowering developers to create ethical technology that respects user privacy and data protection.

Hi HN,

We've spent the last year building AI agents and kept hitting the same wall: prompt engineering doesn't feel like software engineering. It feels like guessing.

We built OpenSymbolicAI to turn agent development into actual programming. It is an open-source framework (MIT) that lets you build agents using typed primitives, explicit decompositions, and unit tests.

THE MAIN PROBLEM: CONTEXT WINDOW ABUSE

Most agent frameworks (like ReAct) force you to dump tool outputs back into the LLM's context window to decide the next step.

Agent searches DB.

Agent gets back 50kb of JSON.

You paste that 50kb back into the prompt just to ask "What do I do next?"

This is slow, expensive, and confuses the model.

THE SOLUTION: DATA AS VARIABLES

In OpenSymbolicAI, the LLM generates a plan (code) that manipulates variables. The actual heavy data (search results, PDF contents, API payloads) is stored in the Python/runtime variables and is never passed through the LLM context until a specific primitive actually needs to read it.

Think of it as pass-by-reference for Agents. The LLM manipulates variable handles (docs), while the Python runtime stores the actual data.

EXAMPLE: A RAG AGENT

Instead of the LLM hallucinating a plan based on a wall of text, it simply writes the logic to manipulate the data containers.

class ResearchAgent(PlanExecute):

  @primitive
  def retrieve_documents(self, query: str) -> list[Document]:
      """Fetches heavy documents from vector DB."""
      # Returns heavy objects that stay in Python memory
      return vector_store.search(query)

  @primitive
  def synthesize_answer(self, docs: list[Document]) -> str:
      """Consumes documents to generate an answer."""
      # This is the ONLY step that actually reads the document text
      context = "\n".join([d.text for d in docs])
      return llm.generate(context)

  @decomposition(intent="Research quantum computing")
  def _example_flow(self):
      # The LLM generates this execution plan.
      # Crucially: The LLM manages the 'docs' variable symbol,
      # but never sees the massive payload inside it during planning.
      docs = self.retrieve_documents("current state of quantum computing")
      return self.synthesize_answer(docs)

DISCUSSION

We'd love to hear from the community about:

Where have you struggled with prompt engineering brittleness?

What would convince you to try treating prompts as code?

Are there other domains where this approach would shine?

What's missing to make this production-ready for your use case?

The code is intentionally simple Python, no magic, no framework lock-in. If the approach resonates, it's easy to adapt to your specific needs or integrate with existing codebases.

Repos:

Core (Python): https://github.com/OpenSymbolicAI/core-py

Docs: https://www.opensymbolic.ai/

Blog (Technical deep dives): https://www.opensymbolic.ai/blog

Hi HN,

At Imbue, we’ve been following the rapid developments in the agent landscape and noticed that the way agents interact with third-party services on users’ behalf often leaves a lot to be desired. Integrations are ad hoc, complicated, context-heavy, and either unfriendly to non-technical users or tied to a lock-in of some sort.

We‘re experimenting with a command-line tool, Latchkey, that could be used by local agents targeted at non-technical users while avoiding remote intermediaries. As far as we know, this is the only existing approach at the intersection of these two goals.

Core idea: Agents access APIs of third-party services by prepending ordinary `curl` calls with the `latchkey` command, like this:

    latchkey curl -X POST 'https://slack.com/api/conversations.create' \
      -H 'Content-Type: application/json' \
      -d '{"name":"something-urgent"}'

Benefits:

* A single skill to integrate with all services.

* Direct communication between the agent and the third-party service (no OAuth intermediary app needed).

* Agents usable by non-technical users.

* Secrets do not leak to logs or chat transcripts.

We believe this aligns with a vision of a decentralized future in which people don’t need to ask corporations for permission to use their own data. We imagine a lively ecosystem of local agents that people use freely, supported by a community helping each other keep these tools useful and functional.

We’re aware that this approach comes with some downsides, too, and would love your feedback.

P.S. Here’s also a link to Passepartout, a toy demo AI assistant app built using Latchkey: https://github.com/imbue-ai/passepartout

The article discusses the need for European teams to explore alternatives to the European Loom platform, citing concerns over data sovereignty and geopolitical tensions. It suggests that teams should consider adopting a European-based solution that aligns with European values and provides greater control and transparency over their data.

The article discusses the DIFI project, an open-source initiative that aims to create a decentralized, interoperable finance infrastructure. It highlights the project's goals of enabling seamless cross-blockchain transactions and fostering a more inclusive and transparent financial ecosystem.

Autoliner is a digital platform that connects car owners with professional auto repair and maintenance services. The app allows users to schedule appointments, track their vehicle's service history, and access a network of certified mechanics and technicians.

Hi HN, we wanted to share our open source ONNX-to-C code generator. It translates ONNX models into C code for deployment on embedded systems. We developed it for use with emmtrix Code Vectorizer (https://www.emmtrix.com/tools/emmtrix-code-vectorizer) which optimizes the generated code for various embedded architectures. The ONNX-to-C code generator can however also be used standalone to generate plain C code. In contrast to many other tools, it makes deployment trivial since the generated code is fully standalone and no additional runtime is required.

The article describes AdBoost, a powerful machine learning algorithm that combines weak classifiers to create a strong, accurate classifier. It provides a detailed explanation of the algorithm's principles and implementation, making it a valuable resource for researchers and developers interested in boosting techniques.

Hi HN,

I'm Emilie, I have a literature background (which explains the well-written documentation!) and I've been learning Rust and distributed systems by building minikv over the past few months. It recently got featured in Programmez! magazine: https://www.programmez.com/actualites/minikv-un-key-value-st...

minikv is an open-source, distributed storage engine built for learning, experimentation, and self-hosted setups. It combines a strongly-consistent key-value database (Raft), S3-compatible object storage, and basic multi-tenancy.

Features/highlights:

- Raft consensus with automatic failover and sharding - S3-compatible HTTP API (plus REST/gRPC APIs) - Pluggable storage backends: in-memory, RocksDB, Sled - Multi-tenant: per-tenant namespaces, role-based access, quotas, and audit - Metrics (Prometheus), TLS, JWT-based API keys - Easy to deploy (single binary, works with Docker/Kubernetes)

Quick demo (single node):

```bash git clone https://github.com/whispem/minikv.git cd minikv cargo run --release -- --config config.example.toml curl localhost:8080/health/ready

# S3 upload + read curl -X PUT localhost:8080/s3/mybucket/hello -d "hi HN" curl localhost:8080/s3/mybucket/hello

Docs, cluster setup, and architecture details are in the repo. I’d love to hear feedback, questions, ideas, or your stories running distributed infra in Rust!

Repo: https://github.com/whispem/minikv Crate: https://crates.io/crates/minikv

Hi HN,

I’m full stack developer (formerly iOS) and I just launched Nomad Tracker, a native iOS app to help digital nomads track physical presence across countries for visa limits and tax residency.

Key idea: everything runs on-device. No accounts, no cloud sync, no analytics.

Features:

- Calendar-based day tracking per country. - Schengen 90/180 and other visa “runways”. - Fiscal residency day counts and alerts. - Optional background location logging (battery-efficient, never overwrites manual data). - Photo import using metadata only (no image access). - On-device “Fiscal Oracle” using Apple’s Foundational Models to ask questions about your own data.

I created this because other apps felt limiting and didn’t do what I needed. This app is visual, user-focused, and designed to make tracking easy and clear.

Happy to answer questions or discuss the technical tradeoffs.

This article discusses the concept of autonomous agents, which are software programs that can act independently to achieve their goals without direct human control. It explores the potential applications and challenges of autonomous agents in various domains, including robotics, finance, and healthcare.

Hey everybody!

"Kiln" orchestrates Claude Code instances on your local machine using GitHub projects as its control panel.

https://kiln.bot

https://github.com/agentic-metallurgy/kiln

If you're around Stage 6-7 on the Gas Town scale, you may have 3-15 terminal windows open. You're out of screen real estate and the markdown files are piling up. TUIs and specialized IDEs are meant to help, but they're more things to manage.

Kiln simply polls GitHub projects. When you move issues from one column to another, Kiln invokes Claude Code CLI to run the corresponding /command.

Claude creates the worktrees, researches the codebase, creates and implements the plan. Stores it in GitHub Issues.

It's meant to be simple, nothing new:

- Use your existing claude subscription (no auth trickery, runs locally)

- All context and state is on GitHub (no markdown mess, no local DBs, easy recovery)

- Poll instead of webhooks/events (no external attack surfaces, works behind VPN)

- Supports MCPs and anything else Claude can do

That's the heart of it and it works because... it's just Claude :)

It's got a few more tricks, but I'll cut it short.

ps: sorry for fresh account, needed a real name one :) been lurking since 2008.

As personal AI agents like OpenClaw become more powerful by leveraging intimate user data, privacy has emerged as a fundamental bottleneck.

We’re releasing HEVEC, a vector database built on homomorphic encryption, enabling end-to-end privacy with real-time search at scale.

HEVEC is designed as a drop-in alternative to plaintext vector databases and supports real-time encrypted search at scale (1M vectors in ~187 ms).

Key points: - A secure, drop-in alternative to plaintext vector databases - End-to-end homomorphic encryption for both data and queries - Real-time encrypted search at scale (1M vectors in 187 ms)

As personal AI agents become deeply personalized, data ownership must belong to users.

HEVEC enforces this through privacy-by-design architecture.

We’d appreciate feedback from the AI, systems, and privacy communities.

Hi HN,

I built TrueLedger because I didn’t want a personal finance app that requires a cloud account or bank credential access just to work.

TrueLedger is a local-first personal finance app. All data stays on the user’s device and works fully offline.

Technical choices: - SQLite for local storage across platforms - SQLCipher (AES-256) for encrypted databases - Web version runs entirely client-side using SQLite WASM - Encrypted, deterministic JSON backups for portability without a server

Demo (runs fully client-side): https://trueledger.satyakommula.com

Source: https://github.com/satyakommula96/trueledger

Happy to answer questions about local-first design or encryption tradeoffs.

Hey HN, After building Box QR (personal inventory tracker), I kept hearing "I need this for my business." So I'm exploring ItemGrid - lightweight inventory management that doesn't suck. The problem: Small businesses are stuck between Google Sheets (messy, no mobile scanning) and enterprise software (expensive, overcomplicated). What ItemGrid does:

Visual grid interface QR/barcode scanning Multi-location support Free for 1 location forever $8/user when you grow

Right now it's just a landing page collecting validation signups. Not building the full product until I hit 50-100 signups to confirm real demand. Would love feedback, especially if you've dealt with inventory headaches. https://itemgrid.io

I've been a photons-on-glass filmmaker for over ten years, and I've been developing ArtCraft for myself, my friends, and my colleagues.

All of my film school friends have a lot of ambition, but the production pyramid doesn't allow individual talent to shine easily. 10,000 students go to film school, yet only a handful get to helm projects they want with full autonomy - and almost never at the blockbuster budget levels that would afford the creative vision they want. There's a lot of nepotism, too.

AI is the personal computer moment for film. The DAW.

One of my friends has done rotoscoping with live actors:

https://www.youtube.com/watch?v=Tii9uF0nAx4

The Corridor folks show off a lot of creativity with this tech:

https://www.youtube.com/watch?v=_9LX9HSQkWo

https://www.youtube.com/watch?v=DSRrSO7QhXY

https://www.youtube.com/watch?v=iq5JaG53dho

We've been making silly shorts ourselves:

https://www.youtube.com/watch?v=oqoCWdOwr2U

https://www.youtube.com/watch?v=H4NFXGMuwpY

The secret is that a lot of studios have been using AI for well over a year now. You just don't notice it, and they won't ever tell you because of the stigma. It's the "bad toupee fallacy" - you'll only notice it when it's bad, and they'll never tell you otherwise.

Comfy is neat, but I work with folks that don't intuit node graphs and that either don't have graphics cards with adequate VRAM, or that can't manage Python dependencies. The foundation models are all pretty competitive, and they're becoming increasingly controllable - and that's the big thing - control. So I've been working on the UI/UX control layer.

ArtCraft has 2D and 3D control surfaces, where the 3D portion can be used as a strong and intuitive ControlNet for "Image-to-Image" (I2I) and "Image-to-Video" (I2V) workflows. It's almost like a WYSIWYG, and I'm confident that this is the direction the tech will evolve for creative professionals rather than text-centric prompting.

I've been frustrated with tools like Gimp and Blender for a while. I'm no UX/UI maestro, but I've never enjoyed complicated tools - especially complicated OSS tools. Commercial-grade tools are better. Figma is sublime. An IDE for creatives should be simple, magical, and powerful.

ArtCraft lets you drag and drop from a variety of creative canvases and an asset drawer easily. It's fast and intuitive. Bouncing between text-to-image for quick prototyping, image editing, 3d gen, to 3d compositing is fluid. It feels like "crafting" rather than prompting or node graph wizardry.

ArtCraft, being a desktop app, lets us log you into 3rd party compute providers. I'm a big proponent of using and integrating the models you subscribe to wherever you have them. This has let us integrate WorldLabs' Marble Gaussian Splats, for instance, and nobody else has done that. My plan is to add every provider over time, including generic API key-based compute providers like FAL and Replicate. I don't care if you pay for ArtCraft - I just want it to be useful.

Two disclaimers:

ArtCraft is "fair source" - I'd like to go the Cockroach DB route and eventually get funding, but keep the tool itself 100% source available for people to build and run for themselves. Obsidian, but with source code. If we got big, I'd spend a lot of time making movies.

Right now ArtCraft is tied to a lightweight cloud service - I don't like this. It was a choice so I could reuse an old project and go fast, but I intend for this to work fully offline soon. All server code is in the monorepo, so you can run everything yourself. In the fullness of time, I do envision a portable OSS cloud for various AI tools to read/write to like a Github for assets, but that's just a distant idea right now.

I've written about roadmap in the repo: I'd like to develop integrations for every compute provider, rewrite the frontend UI/UX in Bevy for a fully native client, and integrate local models too.

Hi HN,

We built LUML (https://github.com/luml-ai/luml), an open-source (Apache 2.0) MLOps/LLMOps platform that covers experiments, registry, LLM tracing, deployments and so on.

It separates the control plane from your data and compute. Artifacts are self-contained. Each model artifact includes all metadata (including the experiment snapshots, dependencies, etc.), and it stays in your storage (S3-compatible or Azure).

File transfers go directly between your machine and storage, and execution happens on compute nodes you host and connect to LUML.

We’d love you to try the platform and share your feedback!

Introducing Nia Vault, a CLI that lets you query your local markdown/text files using natural language.

What it does:

Semantic search over local folders and notes Works across multiple synced directories RAG-style answers with citations from your own files

How it works:

Calls `POST /search/query` with `local_folders` Uses `search_mode: sources` to return answers + file references

Example:

vault ask "What are my notes about project planning?"

OSS: https://github.com/chenxin-yan/nia-vault

I got frustrated with runtime reflection in Go validators, so I built a codegen approach instead. govalid reads struct markers and generates plain Go validation code. No reflection, no allocations at runtime, 5-44x faster than go-playground/validator. Also supports CEL for complex rules. Feedback welcome :)

The Sentinelgate article discusses a cybersecurity vulnerability that allows unauthorized access to sensitive data and systems. It provides technical details on the vulnerability, its impact, and steps being taken to address the issue.

Ported the Desktop Version of Kannada Nudi Editor to Web under the guidance of https://kagapa.com/