HackerTrans
TopNewTrendsCommentsPastAskShowJobs

vhsdev

no profile record

Submissions

Show HN: Birdcage – Secure remote access for personal AI

github.com
1 points·by vhsdev·4개월 전·1 comments

Show HN: Minimal NIST/OWASP-compliant auth implementation for Cloudflare Workers

github.com
33 points·by vhsdev·5개월 전·10 comments

comments

vhsdev
·4개월 전·discuss
I built Birdcage because I wanted to access my claw from anywhere without handing auth to a third party or punching holes in my home network.

Birdcage sits on a VPS and handles auth + reverse proxying. The connection back home runs over WireGuard — the VPS only sees opaque packets. The agent manages its own WireGuard interface, discovers endpoints via STUN, and falls back to relay when direct UDP fails.

Auth uses PBKDF2 with adaptive proof-of-work on brute force, JWT dual-token pattern with sliding session expiry, and WireGuard key rotation on a configurable interval. Single binary, pure Go, no CGO.
vhsdev
·5개월 전·discuss
Pretty sure all those are covered, upon more careful review. PRs open!

Edit: The create account I hadn't thought of for the email enum. Thanks!

Edit 2: Fixed up two schema issues identified and the last mitigated already via call: await passwords.rejectPasswordWithConstantTime(validatedData.password)
vhsdev
·5개월 전·discuss
Hi, amichal. Nice finds. I will dig into more of the particulars where sensible. Please feel free to send up a pull request! Thanks for taking a peek.
vhsdev
·5개월 전·discuss
Everything you or your agent need to see is in the commit history.
vhsdev
·5개월 전·discuss
Appreciate it, TheTaytay!