frontpage.

Show HN: FISE – A rule-based, keyless semantic envelope for web/API data

https://demo.fise.dev/demo

2•anbkit•37m ago

Hi HN,

I've been building a small open-source project called FISE, a rule-based "semantic envelope" for web/API data. It's not cryptography and it doesn't try to replace TLS/AES. The goal is to raise the cost of scraping and reverse-engineering client-visible data while keeping the hot path simple and fast (linear-time, parallelizable, works for JSON and media segments).

Key ideas:

- Keyless by design: no long-lived client-side decrypt keys. - Rules-as-code: offsets, length encoding, salt/meta layout, and optional transform are defined as per-app/per-session rules. - No protocol-level universal decoder: each deployment (and even each session/time bucket) can have its own rule family. - Temporal & distribution polymorphism: rotate rules per session/route/time so any decoded pipeline tends to be short-lived and non-reusable. - Simple local ops → emergent complexity: the core ops are just linear byte transforms, but the rule space and rotation make envelopes hard to generalize at scale. - Works for JSON and media (video segments) with framed/chunked mode, block-local decode, and parallel workers.

Threat model:

- In scope: automated scraping, bulk API harvesting, cheap cloning of curated datasets. - Out of scope: strong secrecy for secrets/PII (use TLS/AES/etc.), full client compromise, nation-state adversaries.

Engineering whitepaper (v1.0): - https://github.com/anbkit/fise/blob/main/docs/WHITEPAPER.md

Code: - https://github.com/anbkit/fise

Demo: - https://demo.fise.dev/demo

I'm a full-stack developer, not a cryptographer. FISE came out of working on real projects where API JSON data was exposed on the client side and could be easily scraped. I built it as a simple, rule-based layer to raise scraping cost, and I'm sharing it so others can review, critique, and improve it.

I'd love feedback on:

- The security model & threat boundaries (what did I miss?), - The "rules-as-code" design and the idea of temporal/distribution polymorphism, - Practical deployment concerns (CDN/normalization, mobile/TV/edge), - Any obvious pitfalls or prior art I should explicitly reference.

Thanks for taking a look.

Optimze It for My GPU

Vision Pro M5 review: It's time for Apple to make some tough choices

The Journey to the Edge of the Infinite Chess Board [video]

Barack Obama and Anthony Bourdain Have Dinner [video]

Belgian Police exposed using botnets to manipulate EU data law impact assessment

Iberia tells customers it was hit by a major security breach

High Air Pollution Could Diminish Exercise Benefits by 50%, Study Finds

The GitHub Infrastructure Powering North Korea's Contagious Interview NPM Attack

Show HN: FISE – A rule-based, keyless semantic envelope for web/API data

Power of Empty Spaces: Seeing What Your Metrics Miss

Ask HN: Practicality of harnessing geomagnetic fields for electrical generation?

Free Nano Banana Pro

Cerebras CS-3 wafer-scale 1e6 cores 125 PFLOPS 25kW (30kA)

Security Layer 4.0 – First semantic firewall blocks malicious intent"

The Thinking Game – Full Documentary (Google DeepMind)

Own a Graph

Spoofing her majesty in the 'Great Royal Phone Embarrassment' of 1995

Why Container Images Keep Getting Bigger (and What to Do About It)

Show HN: Benchmark-ips-Python – benchmarking tool for Python

Reddit Migrates Comment Back End from Python to Go Microservice to Halve Latency

Apache Hudi Dynamic Filter: 5-Minute Code Walkthrough

Ghost Explore

China's plan to take over Taiwan "peacefully" [video]

Psylo 1.1.0 Privacy focused Browser released for iPhone

I Know We're in an AI Bubble Because Nobody Wants Me

Show HN: I built a browser-based Cursor alternative as a solo dev

Anthropic's Claude 'Soul Document' extracted from Opus 4.5 weights

If You Must Use Signal, Use Molly

Why the Dutch embrace floating homes

Black Friday Software Deals (Mega List)

Show HN: FISE – A rule-based, keyless semantic envelope for web/API data

Optimze It for My GPU

Vision Pro M5 review: It's time for Apple to make some tough choices

The Journey to the Edge of the Infinite Chess Board [video]

Barack Obama and Anthony Bourdain Have Dinner [video]

Belgian Police exposed using botnets to manipulate EU data law impact assessment

Iberia tells customers it was hit by a major security breach

High Air Pollution Could Diminish Exercise Benefits by 50%, Study Finds

The GitHub Infrastructure Powering North Korea's Contagious Interview NPM Attack

Show HN: FISE – A rule-based, keyless semantic envelope for web/API data

Power of Empty Spaces: Seeing What Your Metrics Miss

Ask HN: Practicality of harnessing geomagnetic fields for electrical generation?

Free Nano Banana Pro

Cerebras CS-3 wafer-scale 1e6 cores 125 PFLOPS 25kW (30kA)

Security Layer 4.0 – First semantic firewall blocks malicious intent"

The Thinking Game – Full Documentary (Google DeepMind)

Own a Graph

Spoofing her majesty in the 'Great Royal Phone Embarrassment' of 1995

Why Container Images Keep Getting Bigger (and What to Do About It)

Show HN: Benchmark-ips-Python – benchmarking tool for Python

Reddit Migrates Comment Back End from Python to Go Microservice to Halve Latency

Apache Hudi Dynamic Filter: 5-Minute Code Walkthrough

Ghost Explore

China's plan to take over Taiwan "peacefully" [video]

Psylo 1.1.0 Privacy focused Browser released for iPhone

I Know We're in an AI Bubble Because Nobody Wants Me

Show HN: I built a browser-based Cursor alternative as a solo dev

Anthropic's Claude 'Soul Document' extracted from Opus 4.5 weights

If You Must Use Signal, Use Molly

Why the Dutch embrace floating homes

Black Friday Software Deals (Mega List)