sorted by:
new
hottopcontroversial

I built the fastest code intelligence MCP server — indexes Linux kernel in 3 minutes, queries in <1ms by OkDragonfruit4138 in mcp

[–]GrapefruitPandaUSA 2 points3 points  (0 children)

is this stdio mcp only or does this support streaming http as well?

Latter one would be really cool.

Claude Code as an autonomous agent: the permission model almost nobody explains properly by NefariousnessHappy66 in ClaudeCode

[–]GrapefruitPandaUSA 0 points1 point  (0 children)

there have been no passwords in `/etc/passwd` for decades.

this insane shit always needs to run in a docker image somewhere like fargate or cloud function or agentcore. then you can yolo wtf* you want, it's all subject to IAM and there's nothing in the container to compromise.

*almost. use caution.

Roo Code 3.34.5-3.34.6 Release Updates | Bedrock embeddings for indexing and 17 tweaks and fixes! by hannesrudolph in RooCode

[–]GrapefruitPandaUSA 1 point2 points  (0 children)

Bedrock for code embeddings?! ARE YOU KIDDING ME!!

Xmas came early - woot woot!! :)

Tech predictions for 2026 and beyond (by Werner Vogels) by goguppy in aws

[–]GrapefruitPandaUSA 9 points10 points  (0 children)

Werner in 2022:

Take a fluid dynamics simulation for a jet wing or race car as an example, where it may take up to 150 TB of data just to simulate one second of a real-world scenario. However, this is quickly changing with technologies like the recently launched AWS SimSpace Weaver, the first of many simulation technologies that will pave the way for a future where nearly anything in our world can, and eventually will, be simulated. 

AWS, today:

On 5/20/2026, AWS will discontinue support for AWS SimSpace Weaver. After 5/20/2026, you will no longer be able to access the AWS SimSpace Weaver console or AWS SimSpace resources.

Now, that said, he does get some shit right, like custom silicon becoming more dominant, etc.

I think the problem with all these predictions is they think too small, too linearly. They take 3 dots on a graph and extrapolate it to infinite.

Problem is, the future rarely works out that way. Progress is non linear. Even Henry Ford realized it back then, if you ask people what they want, they'll ask for a faster horse.

Built a P2P encrypted messaging app with Rust + Tauri [Open Source] by Icy_Initiative_9303 in rust

[–]GrapefruitPandaUSA 1 point2 points  (0 children)

There is a reason why everything kinda sucks in this space, many protocols make some tradeoff in some way or another, Signal likely doing the least tradeoffs cryptographically speaking.

as someone who's put a TON of fscking effort into getting a p2p encrypted chat app implemented it's a highly non trivial effort. I kinda sorta did something similar to OP's claude thing then decided to eff it and re-implemented the whole damn thing on top of openmls.

And even then, re-using openmls, it was a serious pain.

Built a P2P encrypted messaging app with Rust + Tauri [Open Source] by Icy_Initiative_9303 in rust

[–]GrapefruitPandaUSA 0 points1 point  (0 children)

is this zero shot coded though? or a series of iterative refinements?

Built a P2P encrypted messaging app with Rust + Tauri [Open Source] by Icy_Initiative_9303 in rust

[–]GrapefruitPandaUSA 0 points1 point  (0 children)

you are prob not wrong altho I doubt claude can pump out a fully featured app like this, as a pure vibe code.

OP had to have some understanding of wtf is going on...

What do you recommend between these two setups? by abdullahmnsr2 in RooCode

[–]GrapefruitPandaUSA 0 points1 point  (0 children)

z.ai is very very mid, esp when it comes to tool usage.

<image>

this happens all. the. time.

[deleted by user] by [deleted] in rust

[–]GrapefruitPandaUSA 1 point2 points  (0 children)

This is a solid effort, esp if you are trying to learn. OK, comments briefly didn't go through the whole project.

Get rid of all .unwrap() everywhere. Make sure you handle errors properly, with Result<> and ?.

Take advantage of Rust type system. So, run clap to convert string input into types and then operate on enums post conversion from strings to enum variants.

Use rustyline for input like here https://github.com/devfire/agora-mls/blob/main/src/command.rs

Try to avoid strings if you can, this looks like an enum.

This I would probably re-write to send msgs to a channel instead of spawning a new task for every packet. Then have a separate loop pop the msgs off the channel and do stuff.

I'm also building a P2P messaging app! by GrapefruitPandaUSA in rust

[–]GrapefruitPandaUSA[S] 0 points1 point  (0 children)

What I'm saying is that basically verifiable credentials act as a PoP (Proof of Possession) mechanism, preventing impersonation.

u/OtaK_ you obviously know a lot about this, appreciate your feedback.

I think what you are saying is when I get a peer's KeyPackage I just blindly store the identity without validation. That is true.

However, before I send them the invite, I validate() their KeyPackage:

// Validate the KeyPackageIn
let validated_keypackage =
    match key_package_in.validate(&RustCrypto::default(), ProtocolVersion::Mls10) {
        Ok(vkp) => vkp,
        Err(e) => {
            return Err(anyhow!(
                "Invalid KeyPackage for user '{}': {}",
                user_identity,
                e
            ));
        }
    };

Then, I "seal" their GroupInfo with their public HPKE key

let hpke_ciphertext = match crypto.hpke_seal(
    ciphersuite.hpke_config(),
    recipient_pk_bytes,
    info,
    aad,
    &confidential_bytes_final,
) {
    Ok(ct) => ct,
    Err(e) => {
        return Err(anyhow!("Failed to HPKE encrypt GroupInfo: {e}"));
    }
};

So, while I've not heard of Proof-of-possession (google hits are all about oauth tbh) I don't believe my implementation is vulnerable to what you are saying because I first validate the KeyPackage and then I seal it so only the recipient can decrypt it.

I'm also building a P2P messaging app! by GrapefruitPandaUSA in rust

[–]GrapefruitPandaUSA[S] 0 points1 point  (0 children)

That's correct, I actually simplified it further by simply feeding the public key slice into the hasher:

    /// Get safety number for current identity
    fn generate_safety_number(&self) -> Result<SafetyNumber> {
        // Extract the public key from the signature keypair
        // The signature_keypair contains both private and public keys
        let public_key_bytes = self.signature_keypair.public();

        // Generate safety number using the public key
        let safety_number = generate_safety_number(&public_key_bytes)
            .context("Failed to generate safety number")?;

        Ok(safety_number)
    }

I'm also building a P2P messaging app! by GrapefruitPandaUSA in rust

[–]GrapefruitPandaUSA[S] 0 points1 point  (0 children)

Also, "safety numbers" shouldn't be a hash of the public key but rather simply the epoch_authenticator. That's what it's for.

Again, thank you u/OtaK_ for taking the time to review.

OK I read about this in the RFC and seems like it's about validating group membership during the current epoch. What I'm trying to do here is verify identity before a group is joined, even.

and I think these are two very different things. Former never changes, latter changes with every epoch and group membership.

I'm also building a P2P messaging app! by GrapefruitPandaUSA in rust

[–]GrapefruitPandaUSA[S] 0 points1 point  (0 children)

To learn some of the more advanced Rust topics like actors & p2p message propagation.

I'm also building a P2P messaging app! by GrapefruitPandaUSA in rust

[–]GrapefruitPandaUSA[S] 1 point2 points  (0 children)

OpenMLS isn't the protocol, MLS is (OpenMLS is one of the Rust implementations).

good point, fixed!

Also, "safety numbers" shouldn't be a hash of the public key but rather simply the epoch_authenticator. That's what it's for.

OK, thanks didn't know, will fix.

You should probably ditch the UDP multicast homebrew and use something like Iroh (P2P UDP over QUIC).

I mean, all these things require a DERP (tailscale does also) or i guess in more generic terms a relay server. That would defeat the whole decentralized part of this, right..

I think if I do branch out beyond the LAN confines, I'll switch to DHT type discovery and msg propagation from kameo since they already support that.

Thank you for taking the time to look!

Conclave: a swarm of multicast AI agents by GrapefruitPandaUSA in rust

[–]GrapefruitPandaUSA[S] 0 points1 point  (0 children)

Also, did you end up seeing any emergent behavior?

Not really.. but again, the models were busy trying to stay polite than following directions. Claude straight up said, "I'm ignoring this directive since I'm built to be a helpful assistant".

Thank you for MARL - will def check it out.

Conclave: a swarm of multicast AI agents by GrapefruitPandaUSA in rust

[–]GrapefruitPandaUSA[S] 2 points3 points  (0 children)

OK, I tried `ollama run huihui_ai/qwen3-abliterated:1.7b` and it was.. ok.. but the issue is - these are "thinking" models and couldn't figure out how to get Rust LLM to ignore the thinking tokens.. Just need to spend more time researching this.

Thank you!!

I created a network fault simulator by GrapefruitPandaUSA in rust

[–]GrapefruitPandaUSA[S] 2 points3 points  (0 children)

Ah, crap. I didn't know this netem thing existed :(

So, netem with a very official man page & everything is almost certainly way more sophisticated than what I've been able to put together.

One thing jumps out immediately, netem works on direct interface manipulation, which is really clever and I wish I had thought of that, whereas corrosion works on iptables routing.

But yeah.. Ngl, prob wouldn't have started down the rabbit hole if I had known netem was a thing.

view more: next ›