HackerTrans
トップ新着トレンドコメント過去質問紹介求人

vhsdev

no profile record

投稿

Show HN: Birdcage – Secure remote access for personal AI

github.com
1 ポイント·投稿者 vhsdev·4 か月前·1 コメント

Show HN: Minimal NIST/OWASP-compliant auth implementation for Cloudflare Workers

github.com
33 ポイント·投稿者 vhsdev·5 か月前·10 コメント

コメント

vhsdev
·4 か月前·議論
I built Birdcage because I wanted to access my claw from anywhere without handing auth to a third party or punching holes in my home network.

Birdcage sits on a VPS and handles auth + reverse proxying. The connection back home runs over WireGuard — the VPS only sees opaque packets. The agent manages its own WireGuard interface, discovers endpoints via STUN, and falls back to relay when direct UDP fails.

Auth uses PBKDF2 with adaptive proof-of-work on brute force, JWT dual-token pattern with sliding session expiry, and WireGuard key rotation on a configurable interval. Single binary, pure Go, no CGO.
vhsdev
·5 か月前·議論
Pretty sure all those are covered, upon more careful review. PRs open!

Edit: The create account I hadn't thought of for the email enum. Thanks!

Edit 2: Fixed up two schema issues identified and the last mitigated already via call: await passwords.rejectPasswordWithConstantTime(validatedData.password)
vhsdev
·5 か月前·議論
Hi, amichal. Nice finds. I will dig into more of the particulars where sensible. Please feel free to send up a pull request! Thanks for taking a peek.
vhsdev
·5 か月前·議論
Everything you or your agent need to see is in the commit history.
vhsdev
·5 か月前·議論
Appreciate it, TheTaytay!