HackerTrans
TopNewTrendsCommentsPastAskShowJobs

positiveblue

no profile record

Submissions

Stop giving your AI Agent admin credentials

positiveblue.substack.com
5 points·by positiveblue·10 เดือนที่ผ่านมา·1 comments

JWTs and OAuth suck for AI agents. Meet Wafers

positiveblue.substack.com
3 points·by positiveblue·10 เดือนที่ผ่านมา·5 comments

The web does not need gatekeepers: Cloudflare’s new “signed agents” pitch

positiveblue.substack.com
454 points·by positiveblue·11 เดือนที่ผ่านมา·489 comments

comments

positiveblue
·10 เดือนที่ผ่านมา·discuss
It’s wild, decades of work on least privilege and delegation, and we’re back to handing out root credentials to bots T.T
positiveblue
·10 เดือนที่ผ่านมา·discuss
Adoption is definitely the hardest "cryptographic" problem :D

You can think about this as a new auth token to add in your stack. It does not need to grow and take over the world overnight. We have seen how hard it is to change the status quo + how much it can adapt to new ideas (ex: SQL vs NoSQL)

For now I would imagine teams who need more flexibility in their auth stack to adopt this for new API
positiveblue
·10 เดือนที่ผ่านมา·discuss
Wafers are definitely inspired by Macaroons, but the core difference is that delegation is tied to identity.

In Macaroons, anyone who holds the token can tack on caveats.

In Wafers, only the current holder can extend it, and they can explicitly name the next holder by public key.

That gives you a verifiable chain of custody instead of an unanchored blob.
positiveblue
·10 เดือนที่ผ่านมา·discuss
TLDR: JWTs say who you are. Wafers say who this request is on behalf of and exactly what it can do.
positiveblue
·11 เดือนที่ผ่านมา·discuss
I could not give less of a shit between whitelist/allowlist. I use them indistinctly.

You can sleep peacefully today but you should try to don't over stress from how other people write on the internet
positiveblue
·11 เดือนที่ผ่านมา·discuss
100% needs to be done at the last mile.
positiveblue
·11 เดือนที่ผ่านมา·discuss
Hi, "this person here" Cloudflare will block that request that has a jwt because "it does not come from a person".

What I was trying to say is that even the discussion "is this a bot 100% sure or not" makes no sense.
positiveblue
·11 เดือนที่ผ่านมา·discuss
many people don't remember/know history though
positiveblue
·11 เดือนที่ผ่านมา·discuss
yep, that's why I am writing this now :)

You can see it in the web vs mobile apps.

Many people may not see a problem on wallet gardens but reality is that we have much less innovation in mobile than in web because anyone can spawn a web server vs publish an app in the App Store (apple)
positiveblue
·11 เดือนที่ผ่านมา·discuss
I know the image, what I do not understand is the argument between using it being incompatible with "fairness" and "openness"
positiveblue
·11 เดือนที่ผ่านมา·discuss
No
positiveblue
·11 เดือนที่ผ่านมา·discuss
Where everyone needs a cloudflare account to be able to pay*
positiveblue
·11 เดือนที่ผ่านมา·discuss
> An allowlist run by one company that site owners chose to engage with.

Exactly, no problem with that, just hinting that's not a protocol.

> But the irony of taking an ideological stance about fairness while using AI generated comics for blog posts

Wait, what?
positiveblue
·11 เดือนที่ผ่านมา·discuss
The point is "should everyone just have an account with Cloudflare then"
positiveblue
·11 เดือนที่ผ่านมา·discuss
This is one of the main points :+1:
positiveblue
·11 เดือนที่ผ่านมา·discuss
I actually thought about this before publishing it hahaha

Good thing they are not the only place to post!
positiveblue
·11 เดือนที่ผ่านมา·discuss
Narrator: but he did put effort...

Anyway, main take aways for you:

- We REALLY need a way to tie identity to agent/requests - The idea of registering with cloudflare to be able to access a website is bad - Sites should be able to block whoever they want or make anything they desire a requirement (there are people that has login only with google after all)

We have the right primitives to build something that works for any provider (from cloudflare, to Akamai, to self hosting nginx servers). Let's take that route
positiveblue
·11 เดือนที่ผ่านมา·discuss
Giving an agent full access to your data without clear guardrails is a really bad idea.

We automate checkouts for e-commerce stores and work with very sensitive information, but our agents never see the real data. They only fill forms with placeholders, which later get swapped with the actual values downstream.

Prompt injection is a real risk, and while the industry will adapt, you need to be extremely cautious when letting agents operate in these contexts. Long story short: do not give "admin" privileges to AI Agents in the wild.