HackerTrans
TopNewTrendsCommentsPastAskShowJobs

vhsdev

no profile record

Submissions

Show HN: Birdcage – Secure remote access for personal AI

github.com
1 points·by vhsdev·4 miesiące temu·1 comments

Show HN: Minimal NIST/OWASP-compliant auth implementation for Cloudflare Workers

github.com
33 points·by vhsdev·5 miesięcy temu·10 comments

comments

vhsdev
·4 miesiące temu·discuss
I built Birdcage because I wanted to access my claw from anywhere without handing auth to a third party or punching holes in my home network.

Birdcage sits on a VPS and handles auth + reverse proxying. The connection back home runs over WireGuard — the VPS only sees opaque packets. The agent manages its own WireGuard interface, discovers endpoints via STUN, and falls back to relay when direct UDP fails.

Auth uses PBKDF2 with adaptive proof-of-work on brute force, JWT dual-token pattern with sliding session expiry, and WireGuard key rotation on a configurable interval. Single binary, pure Go, no CGO.
vhsdev
·5 miesięcy temu·discuss
Pretty sure all those are covered, upon more careful review. PRs open!

Edit: The create account I hadn't thought of for the email enum. Thanks!

Edit 2: Fixed up two schema issues identified and the last mitigated already via call: await passwords.rejectPasswordWithConstantTime(validatedData.password)
vhsdev
·5 miesięcy temu·discuss
Hi, amichal. Nice finds. I will dig into more of the particulars where sensible. Please feel free to send up a pull request! Thanks for taking a peek.
vhsdev
·5 miesięcy temu·discuss
Everything you or your agent need to see is in the commit history.
vhsdev
·5 miesięcy temu·discuss
Appreciate it, TheTaytay!