HackerTrans
TopNewTrendsCommentsPastAskShowJobs

devendra116

no profile record

Submissions

[untitled]

1 points·by devendra116·الشهر الماضي·0 comments

[untitled]

1 points·by devendra116·قبل شهرين·0 comments

Show HN: Hum – ad-free terminal music player (Rust, no API keys)

github.com
1 points·by devendra116·قبل شهرين·0 comments

Ask HN: Do you trust AI agents with API keys / private keys?

17 points·by devendra116·قبل 3 أشهر·33 comments

Show HN: Ledge - Policy layer for AI agent payments (prevents unauthorized txns)

github.com
4 points·by devendra116·قبل 4 أشهر·0 comments

Show HN: A playground to test stablecoin gas fees and concurrent txns on Tempo

tempo-playground.vercel.app
2 points·by devendra116·قبل 6 أشهر·1 comments

comments

devendra116
·قبل 3 أشهر·discuss
if a agent has the keys in the same process, it can easily extract them
devendra116
·قبل 3 أشهر·discuss
interesting, how do you use mitmproxy for calling openAI llm ? or what exactly you use it for ?
devendra116
·قبل 3 أشهر·discuss
which agent framework or tool gives guarantee for leaks?
devendra116
·قبل 3 أشهر·discuss
does you agent only print "Hello World" on console ? or it uses any service ;)
devendra116
·قبل 3 أشهر·discuss
if you usecase is just about dealing with private key and txn signing why not use any KMS service?
devendra116
·قبل 3 أشهر·discuss
so you prefer using separate VM machines?
devendra116
·قبل 3 أشهر·discuss
something that you dont like about using AWS secrets Manager or think it should be handle differently?

im researching around building a execution environment that handle the secret + actual execution, any input is appreciated
devendra116
·قبل 3 أشهر·discuss
so do we need something like `safe agent execution layer - that is policy enforced` (SEAL) we can manage what should be allowed and what not

agent uses llm to plan the action, but the actual execution happens in SEAL.

any example where it would make sense to start with?

open for thoughts
devendra116
·قبل 3 أشهر·discuss
is there any tool that can do this ?
devendra116
·قبل 3 أشهر·discuss
keyring is one of solution but even substituting values at excution does not gaurantee the security as agents can read the process itself.

im building a safe agent execution layer, A runtime where agents can act, but cannot access secrets. kinda sidecar that is callable by agent for using api keys, secrets, private keys, etc and plus one can add policy on how and what a agent can do.

does this seems good?
devendra116
·قبل 6 أشهر·discuss
For those interested, the playground uses a guest wallet stored on browser localstorage so there’s no signup friction.