frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

How to Make Living as an Artist

https://maxim.usindic.us/2026/02/12/how-to-make-a-living-as-an-artist/
1•blenderob•1m ago•0 comments

A header-only C vector database library

https://github.com/abdimoallim/vdb
2•abdimoalim•2m ago•0 comments

Implications to climate change and decline of Bronze Age Harappan civilization

https://www.nature.com/articles/srep26555
1•thunderbong•3m ago•0 comments

Base barrier cells provide compartmentalization of choroid plexus, brain and CSF

https://www.nature.com/articles/s41593-025-02188-7
1•bookofjoe•4m ago•0 comments

Show HN: OpenCode-finance – prompt a ticker, get a structured PDF analyst report

https://github.com/bilalbayram/opencode-finance
1•bilalbayram•5m ago•0 comments

Show HN: Wa Me It All – WhatsApp Chat Without Spamming Your Contacts

1•franze•6m ago•0 comments

Show HN: MirrAI – I built a Virtual Try-On app to fix online shopping(Open Beta)

https://play.google.com/store/apps/details?id=com.moraalink.mirrai&hl=en
1•MohammadRMZ•6m ago•0 comments

Why AI agents need a probation period

https://blog.geta.team/why-ai-agents-need-a-probation-period-just-like-human-employees/
1•js4ever•7m ago•0 comments

Strategic Home Upgrades to Slash Your Insurance Premiums in 2026

https://suretyinsights.com/blog/11-home-upgrades-that-will-actually-lower-your-insurance-premium-...
2•engelo_b•7m ago•0 comments

Three Inverse Laws of AI and Robotics

https://susam.net/inverse-laws-of-robotics.html
1•blenderob•10m ago•0 comments

uBlock filter list to hide all YouTube Shorts

https://github.com/i5heu/ublock-hide-yt-shorts/
3•i5heu•10m ago•0 comments

Offering Scott Alexander a Wager About AI's Effects over the Next Three Years

https://freddiedeboer.substack.com/p/im-offering-scott-alexander-a-wager
2•andsoitis•11m ago•0 comments

Gadget Review: Epomaker TH87 ISO Mechanical Keyboard

https://shkspr.mobi/blog/2026/02/gadget-review-epomaker-th87-iso-mechanical-keyboard/
1•blenderob•12m ago•0 comments

"I Told the Senate Gen-Z Is Less Cognitively Capable"

https://thedigitaldelusion.substack.com/p/i-told-the-senate-gen-z-is-less-cognately
2•Borrible•12m ago•2 comments

Nigerian Freelancers' Currency Trap

https://rpublc.com/december-25-january-26/nigeria-freelancers/
1•bryanrasmussen•14m ago•0 comments

ChatGPT-5.3-Codex Is Also Good at Coding

https://thezvi.substack.com/p/chatgpt-53-codex-is-also-good-at
1•paulpauper•17m ago•0 comments

Integrating a log management platform with Dokploy

https://tanin.nanakorn.com/integrating-a-log-management-platform-with-dokploy/
1•tanin•17m ago•0 comments

Best Platform Engineering Tools in 2026

https://infisical.com/blog/best-platform-engineering-tools-2026
2•vmatsiiako•17m ago•0 comments

AI and the Economy

https://arnoldkling.substack.com/p/ai-and-the-economy
2•paulpauper•17m ago•0 comments

Capitalist ≠ Voluntary

https://www.overcomingbias.com/p/capitalist-voluntary
1•paulpauper•18m ago•0 comments

Show HN: SecuriNote Discord Bot

https://github.com/klexas/SecuriNoteDiscord
1•bilekas•20m ago•0 comments

Attack of the SaaS Clones

https://martinalderson.com/posts/attack-of-the-clones/
1•martinald•21m ago•0 comments

Insect Empire – A browser survivor-like built with AI art and AI coding

https://www.myvibe.so/nategu/insect-empire
2•Nate007•22m ago•2 comments

Show HN: Prod.bd – Open-Source Ngrok Alternative Powered by Cloudflare Workers

https://prod.bd/
3•mrmillon•22m ago•1 comments

Device Hoarding and the Obligation to Consume

https://curtismchale.ca/2026/02/13/device-hoarding-and-the-obligation-to-consume
1•ingve•22m ago•0 comments

ZeroClaw – Open Claw Rebuilt in Rust

https://github.com/theonlyhennygod/zeroclaw
1•pajop•23m ago•0 comments

Show HN: Vibe Music – Bring Your Own Source (BYOS) Open-Source Music Player

https://github.com/vibe-music/vibe-music-web
1•hotheadhacker•23m ago•0 comments

Threshold MPC Wallets for AI Agents

https://twitter.com/PIsajeski/status/2022642954528022543
1•Pance•23m ago•0 comments

AI solved the product naming problem

https://themosthandsomemanintheworld.com/how-to-name-things-or-how-i-became-the-most-handsome-man...
1•MrSkelter•24m ago•0 comments

From Island to Ice

https://www.reuters.com/graphics/OLYMPICS-2026-CURLING/akvejbddlpr/
1•montalbano•24m ago•0 comments
Open in hackernews

The current state of TLA⁺ development

https://ahelwer.ca/post/2025-05-15-tla-dev-status/
142•todsacerdoti•9mo ago

Comments

femto2151•9mo ago
I think the major contribution that can be made to TLA is in the field of divulgation. Sofware engineers don't know modern formal methods because for years they were pidgeonholed into safety critical systems. Universities are not teaching them anymore despite having being successfully applied since the 2010s to the development of so many cloud systems that other companies can rely on.
magarnicle•9mo ago
Anymore? Did they ever? In my course of formal methods it was all done by hand proving Haskell functions or using Hoare logic on code. We never used any tools like TLA.
amenghra•9mo ago
"I think we can increase the TLC model checker throughput to 1 billion states per minute (1000x speedup) by writing a bytecode interpreter. C"

I never used TLC with a large model, but I bet making the tool faster would make it more useful to lots of people.

I wonder what the speedup would be if the code targeted a GPU?

PessimalDecimal•9mo ago
Agreed.

But I wonder if the logic of model checking is actually amenable to vectorization. I suspect not really, even for something basic like checking safety properties where you could try to shard the state space across cores. There is still likely to be some synchronization that is needed that eliminates the benefits. A cheaper way to test it would be to look to vectorize on the CPU first.

For a pure hardware based speedup, if there is effort to transcompile TLA+ specs to C++, there could then be a further step to transcompile that to say Verilog and try to run the model checking on an FPGA. That _might_ pay off.

bvrmn•9mo ago
Even 10x speedup would be amazing. Just imagine current 1min check would be performed in 6s.
ahelwer•9mo ago
There is a strong Jevons Paradox effect at play here though, people generally have a set amount of wall-clock time (1 minute, 10 minutes, etc.) they budget to check their model and then find the largest model that fits within that wall-clock time. So really this just increases the size of the state space people will explore, which might be the difference between checking, say, 3 vs. 5 nodes in a distributed system.
bvrmn•9mo ago
For TLA it's even worse. Increasing node counts makes the spec immediately more "correct", at least it feels like that xdd.
alfalfasprout•9mo ago
TBH, as cool as TLA+ is, the biggest issue I generally see with trying to use formal methods in practice is that you need to keep the specification matching the actual implementation. Otherwise whatever you've formally verified doesn't match what actually got built.

So formal methods may be used for extremely critical parts of systems (eg; safety critical systems or in embedded where later fixes cannot be readily rolled out) but they fail to make inroads in most other development because it's a lot of extra work.

ahelwer•9mo ago
Hillel Wayne wrote a post[0] about this issue recently, but on a practical level I think I want to address it by writing a "how-to" on trace validation & model-based testing. There are a lot of projects out there that have tried this, where you either get your formal model to generate events that push your system around the state space or you collect traces from your system and validate that they're a correct behavior of your specification. Unfortunately, there isn't a good guide out there on how to do this; everybody kind of rolls their own, presents the conference talk, rinse repeat.

But yeah, that's basically the answer to the conformance problem for these sort of lightweight formal methods. Trace validation or model-based testing.

[0] https://buttondown.com/hillelwayne/archive/requirements-chan...)

sterlind•9mo ago
Plus my Kayfabe system [0], which was partly inspired by Ron Pressler's article on trace validation:

0. https://conf.tlapl.us/2020/11-Star_Dorminey-Kayfabe_Model_ba...

lovich•9mo ago
why are the lower case L's in that document bolded? a different weight? Not sure what the right technical change term is for the visual difference but it was extremely noticeable immediately upon opening the document
hwayne•9mo ago
To be totally fair, my article is about the problem of writing specs when your product features could change week to week, whereas I think u/alfalfasprout is talking about regular updates to an existing system slowly bringing it out of sync with the spec. For the latter problem, yeah trace validation and model-based testing is the best approach we have so far.
im_down_w_otp•9mo ago
We do a version of this approach for system behavior V&V: https://docs.auxon.io/conform
yuppiemephisto•9mo ago
What do you think of embedding it in a formal system like Lean as a frontend?
jazzyjackson•9mo ago
On the other hand, how many million man hours are spent re inventing the wheel that could instead be spent contributing to a library of extremely well-specified wheels?
dkarl•9mo ago
I've always seen it as a tool for validating a design rather than an implementation.
lucyjojo•8mo ago
that is an issue but then.

it is probably better to try matching an implementation to a spec you know works, and debug that. than trying to match an implementation to an "in your head" spec which might not be correct in the first place. debugging the spec then the implementation seems to make more sense than debugging both at the same time.

a more vicious issue could be, does your model... models... enough reality for it to be relevant. because you can end up with a correct spec, a correct implementation, but in the end the cow wouldn't be round enough. but i don't know... i have too little experience in the domain.

cmrdporcupine•9mo ago
"The 2025 TLA⁺ Community Event was held last week on May 4th at McMaster University in Hamilton, Ontario, Canada. "

Damn. Happened a 10 minute drive from my house and I didn't even know about it.

TLA+ is on the infinite bucket list for me. I'm sure like many others, I know the value of learning and applying formal verification, but it feels impenetrable knowing really how to jump in.

ahelwer•9mo ago
Hillel Wayne wrote https://learntla.com/ which is quite good! Leslie Lamport also has a webpage of other possible learning resources, including a video course he put together where he wears many strange hats: https://lamport.azurewebsites.net/tla/learning.html

Personally I learned by reading the first few chapters of Specifying Systems.

hbogert•9mo ago
^ this feeling, i have it too. Everytime i see TLA+ somewhere i get that shameful feeling.
layer8•9mo ago
The article doesn’t mention PlusCal. What is the future of that, will it co-evolve with TLA⁺?
ahelwer•9mo ago
There are some proposals floating around to evolve PlusCal. Probably the most prominent is Distributed PlusCal[0]. There's a programming language lab at UBC which is also doing a lot of experimentation with transpiling PlusCal to Golang[1]. They presented a paper at the latest community event.

The PlusCal-to-TLA+ transpiler is considered part of the core TLA+ tools and will definitely keep being maintained.

[0] https://conf.tlapl.us/2020/03-Heba_AlKayed-An_Extension_of_P...

[1] https://distcompiler.github.io/

dgan•9mo ago
about a year ago, at my job, i wrote a spec for authentication in TLA+, and while writing it, i discovered a bug/attack vector, which would allow an attacker to basically bypass the double-authentication.

It surely did produce a fancy, mathy PDF which I proudly shown and explained to my team, but honestly, a little duck-talking would have permitted to find the same bug without TLA+

For aome context, it's a CRUD api + web interface for external clients, nothing too complicated, and I really wanted to try TLA+ in real life

pron•9mo ago
> I think we can increase the TLC model checker throughput to 1 billion states per minute (1000x speedup) by writing a bytecode interpreter.

Truffle [1] can convert an interpreter to a JIT compiler -- there's no need to invent bytecode, and instead of an interpreter you get compilation to native, and it's easy to add intrinsics in Java; optimisations can be added gradually over time. This would probably be the most effective strategy, even in general, and certainly compared to cost.

[1]: https://www.graalvm.org/latest/graalvm-as-a-platform/languag...

ahelwer•9mo ago
That's very neat! I will look at Truffle. The TLA+ interpreter is definitely "weird" in that it does this double duty of both evaluating a predicate while also using that same predicate to extract hints about possible next states. I wonder how well this highly unusual side-effectful pattern can be captured in Truffle.

Edit: okay the more I look into GraalVM the more impressed I am. I will have to sit down and really go through their docs. Oracle was actually cooking here.

PessimalDecimal•9mo ago
I'm very happy to see this!

A few years ago I tried making some contributions to the TLC codebase. It was definitely "academic code," lacking tests, reinvesting basic structured instead of using them from libraries, and largely the work of a single contributor with seemingly no code reviews for commits. I was motivated to try to help improve things and wanted to get a sense for what that would be like by sending a small PR to get a feeling for working with the code owners. They basically stonewalled me. It was odd.

ahelwer•9mo ago
There has definitely been a focus on improving developer onboarding in the past few years! If someone's PR is rejected now that can be considered a failure of the process, something to be fixed. I think when TLA+ was mostly a product of MSR this sort of thing could kind of fly (still unfortunate) but now that we're out in the wild with a foundation it's really a survival thing to not bounce willing contributors.
PessimalDecimal•9mo ago
That's great to hear, and I'm encouraged to try again. Thank you!
geertj•9mo ago
My current thinking on model checking (still evolving):

Modeling languages are useful to check the correctness of an algorithm during development. During development, a model can also serve as a specification for the actual implementation. This requires that your the modeling language is readable to a broad range of developers, which TLA+ is not. We have been experimenting with FizzBee (fizzbee.io) which looks promising in this regards.

When you go to prod, you really want to test your actual implementation, not a model of it. For this you want something like https://github.com/awslabs/shuttle (for Rust), or https://github.com/cmu-pasta/fray (for Java). Or use something custom.

bvrmn•9mo ago
TLA+ has its own quirks, you could add sugar here and there, but from semantic standpoint you couldn't do much. It's "unreadable" because requires some mental model most of developers don't have. My point: you either provide "simple" tools which could do nothing for real models or they become on same level of "unreadableness" really fast.
bugarela•9mo ago
It is in deed tricky, but we tried. We fully kept the semantics of TLA+, so the same mental model people still need to learn (at least a little), but a syntax that is much more familiar to engineers/programmers.

This is Quint [1], a different syntax for TLA+ with some extra tooling (type checker, CLI, evaluator, REPL, VSCode extension, testing framework, etc) which can be transpiled to TLA+ (which is a very direct translation, as the semantics is the same [2]) and therefore make use of the TLA+ tools as well (mainly the model checkers).

I think this is far from the same level of "unreadableness" than TLA+, and it makes formal methods much more approachable. It would be great if you could take a look and tell me whether you agree.

[1]: https://quint-lang.org/ [2]: https://quint-lang.org/docs/lang

bvrmn•9mo ago
I did an eval of Quint about year ago and did not find it compelling. It constantly refers to TLA+ and doesn't bring much benefits except typing. Syntax tries to cover underlying fact that state machine is expressed in terms of logic and math using "understandable" for programmers concept but it's very leaky in the end. IMHO "assign" is quite hard to grok without TLA experience. Documentation is scarce.

The most frustrating part it's hard to use with TLA+ background. I know how to do something in TLA but have no clue with Quint because translation rules aren't direct and obvious.

On the other hand it's a way better than PlusCal!

But I'm heavily biased. Please take this "critique" as a mumble from TLA+ initiated duckling.

bugarela•9mo ago
Thanks for the feedback! We actually improved the documentation a lot in the last year, and we host it in a website now: [1]

Most of the documentation doesn't mention TLA+ anymore, as it is focused on new programmers coming to formal methods with no prior experience with it. I agree it was very confusing before!

Other than that, if I can argue against some of your points: 1. Quint brings more than just type checking (better IDE diagnostics, better REPL, better CLI, and runs that work like tests) [2] 2. The translation rules between Quint and TLA+ are actually very straightfoward [3], specially if we stay in the common idiom of TLA+. 3. This is more subjective, but a few people using Quint have reported to really like isolating the state machine into the "action" mode and then defining the protocol in "pure def"s. I understand what you mean by "leaky" and a part of me agrees with that, but, in practice, we are seeing real benefits on this side.

Again, thank you for your points - there's some stuff in your feedback I haven't heard before, and it's great to have a new perspective.

[1]: https://quint-lang.org/docs/language-basics

[2]: https://quint-lang.org/docs/faq#how-does-quint-compare-to-tl...

[3]: https://quint-lang.org/docs/lang

lucyjojo•8mo ago
wow this is great!

do you cover all of that TLA can do??

TLA syntax is simply a pain to type on my keyboard and it has been a hurdle for the longest time...

hwayne•9mo ago
I taught a lot of people TLA+ and while there's definitely essential complexity, a nontrivial amount is just syntactic friction. Consider

    \A x \in set: x.id /= 1 /\ ~x.active
vs

    all x in set: x.id != 1 && !x.active
The latter has the same semantics but is much easier to read for the average developer, and more importantly is easier to type without syntax errors.
bvrmn•9mo ago
I agree, latexisms in TLA are on eye brow level of weirdness. Lesser punctuation syntax is always better.
elcapitan•9mo ago
That is literally what is holding me back every single time I get back to TLA+. I love your book and posts and always use it as reference to get back into it, but most of that "getting back" is just trying to remember all the minutia of the syntax. I wish there was simply a transpiler from some common syntax into TLA+. I don't even need Pluscal for the most part, and I'm fine with the concepts of temporal logic.
infinitebit•9mo ago
out of curiosity, how did you get comfortable with temporal logic? i’ve had a hard time finding good resources aside from H. Wayne’s stuff on TLA+
elcapitan•9mo ago
I found "Specifying Systems" by Lamport, and the examples it gives, to be an excellent introduction and a stricter companion to https://learntla.com.

It has some chapters that give very precise definitions of how things work in TLA (both on a language level as well as model checking), which answered some questions I often had along the way in more informal introductions.

bugarela•9mo ago
You can also use Model-Based Testing (MBT) and produce (arbitrarily many) tests for your production code from your (model-checked) model.
kurtis_reed•9mo ago
So how can we contribute?
wigster•9mo ago
TLA is the worst TLA possible. I'm too old for any more.