frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

How HN: Agent-Vault – A Zero-trust credential manager for AI agents

https://github.com/ewimsatt/agent-vault
1•ewimsatt•1h ago

Comments

ewimsatt•1h ago
I built this because I kept wiring up AI agents to APIs and realizing the credential story was always the same: dump a key in an .env file and hope for the best.

The existing tools (pass, sops, git-crypt) are close but they assume a single human identity. When you have multiple agents that each need scoped access to different sets of secrets, and you need to grant/revoke per agent, the model breaks down.

agent-vault gives each agent its own age keypair. Secrets are multi-recipient encrypted and committed to a Git repo as ciphertext. The Git provider is untrusted storage. Grant and revoke access per agent, and affected secrets are re-encrypted automatically.

The recovery model uses key escrow: each agent's private key is encrypted with the owner's public key and stored in the repo. If a machine dies, the owner decrypts the escrow and restores the agent's key. The entire system is self-contained in the repo.

Design decisions worth discussing: - age over GPG. Simpler, auditable, handles multi-recipient natively, no web of trust complexity. - Git as the persistence layer. Not a database, just an encrypted blob store with versioning and collaboration built in. Each secret is its own .enc file so merge conflicts are nearly impossible. - Key escrow rather than Shamir's or threshold schemes. The repo owner already provisioned the agents and their credentials, so giving them recovery capability doesn't expand the trust boundary. Keeps v1 simple. - Agents are read-only. They can pull and decrypt but can't write back to the vault. Credential rotation is a human/CI operation. This was a deliberate trust boundary choice.

Written in Rust (using the rage crate for age encryption). Ships with Python and Node.js SDKs and an MCP server so MCP-compatible agents can request credentials through tool-use without touching key material.

Show HN: Lensboy – Lightweight camera calibration with spline distortion models

https://github.com/Robertleoj/lensboy
1•robertleoj•1m ago•0 comments

Goodbye P < 0.05. P-value is simply one among many to gauge scientific evidence

https://www.sciencedirect.com/science/article/abs/pii/S1878788626000159
1•XzetaU8•2m ago•0 comments

Show HN: Nano Banana 2 Playground – text-to-image and image-to-image demo

https://nanobanana-2.xyz
1•iamouyang•3m ago•0 comments

Show HN: I built a headless bot to automate SaaS directory launches (and AI SEO)

https://signalscan.eu
1•Ben_Tycho•4m ago•0 comments

WatchGuardian: Enabling User-Defined Just-in-Time Intervention on Smartwatch

https://dl.acm.org/doi/10.1145/3788689
1•brandonb•11m ago•0 comments

California Becomes Latest State to Weigh Balcony Solar Legislation

https://www.bloomberg.com/news/newsletters/2026-01-30/california-becomes-latest-state-to-weigh-ba...
1•bilsbie•12m ago•0 comments

Show HN: Audio Toolkit for Agents

https://github.com/shiehn/sas-audio-processor
1•stevehiehn•12m ago•0 comments

Archiving my tweets in my own blog

https://solmaz.io/x/2027708131254387017/
1•hosolmaz•12m ago•0 comments

Show HN: Chromectl – CLI to give an AI agent its own Chrome session

https://github.com/BartlomiejLewandowski/chromectl
1•bartek_gdn•14m ago•0 comments

Cursor built this 5 min 3 round Wordle

https://apps.apple.com/us/app/fastdle/id6739634096
1•triviatroy•15m ago•1 comments

Show HN: SkillMesh (role-based tool routing for Claude/Codex)

https://github.com/varunreddy/SkillMesh
2•VarunReddy023•16m ago•0 comments

Living with Hyperphantasia

https://www.theguardian.com/science/2026/feb/28/living-with-hyperphantasia
1•bookofjoe•16m ago•0 comments

Ask HN: What forms of human labor cannot be performed by intelligent machines?

1•cs702•17m ago•0 comments

Show HN: Delta – A disk space analyzer that tracks where your disk space went

https://github.com/chuunibian/delta
1•zerfallen•17m ago•1 comments

Think of BigConfig Package as 'Helm for Everything'

https://www.bigconfig.it/use-cases/package/
1•amiorin•19m ago•0 comments

The Epstein Files and the Epstein Class

http://colabopad.blogspot.com/2026/03/the-epstein-files-and-epstein-class.html
3•Edmond•21m ago•0 comments

Background Agents

https://background-agents.com/
2•thebuilderjr•21m ago•0 comments

Show HN: Videolyti – Free video downloader with built-in AI transcription

https://videolyti.com/en
1•coder_decoder•23m ago•0 comments

NIST to introduce restrictions on non-US citizens

https://physicstoday.aip.org/news/nist-to-introduce-restrictions-on-non-us-citizens
2•bikenaga•23m ago•0 comments

Ask HN: Vibecoding feels like playing golf, wdyt?

2•julienreszka•24m ago•0 comments

Is Nvidia's post-Rubin roadmap shifting toward inference-first architectures?

https://www.buysellram.com/blog/nvidia-next-gen-feynman-beyond-training-toward-inference-sovereig...
1•jamesbsr•25m ago•1 comments

My Favorite 39C3 Talks

https://asindu.xyz/my-favorite-39c3-talks/
2•max_•27m ago•0 comments

Bolt.gives Introduces Free, Agentic AI Coding Platform

https://github.com/embire2/bolt.gives
2•embire2•28m ago•0 comments

Bad Thing Insurance – Coverage for alien abduction, rogue black holes, and AGI

https://badthing.xyz/
2•rooster666•29m ago•1 comments

Fast-Servers: An Interesting Pattern?

https://geocar.sdf1.org/fast-servers.html
2•signa11•29m ago•0 comments

Reverse engineering "Hello World" in QuickBasic 3.0

https://marnetto.net/2026/03/01/brun-hello-world
2•alberto-m•30m ago•2 comments

Driftwood – friendly AppImage manager for Linux

https://apps.lashman.live/driftwood/
1•bovermyer•32m ago•0 comments

Cielab Color Space

https://en.wikipedia.org/wiki/CIELAB_color_space
1•vinhnx•34m ago•0 comments

Show HN: Belora.ai – Generative AI Platform for Images, Art

https://www.belora.ai
1•tatefinn•35m ago•0 comments

Foods destroying rainforests, in one simple chart

https://www.vox.com/climate/480083/beef-agriculture-deforestation-amazon-rainforest
3•stared•35m ago•0 comments