Because their CDN/DNS is excellent software but it's not massive moat. Workers on other hand is.
It's like difference between running something on Kubernetes vs Lambdas. One you can somewhat pivot with between vendors vs other one requires massive rewrites to software that means most executives won't transition away from it due to high potential for failure.
I don't know enough about this specific implementation to say whether "implemented Matrix" is accurate or marketing stretch. But the pattern of "we did X" blog posts that turn out to be "we did a demo of part of X" is getting tiresome across the industry.
The fix is boring: just be precise about what you built. "We prototyped a Matrix homeserver on Workers with these limitations" is less exciting but doesn't erode trust.
Professionalism at its finest!
https://github.com/nkuntz1934/matrix-workers/commits/main/
There exist only two commits. I've never seen a "real" project that looks like this.
So I wouldn't use the single-commit as a signal indicating AI-generated code. In this case, there are plenty of other signals that this was AI-generated code :)
To the author: see my comment at https://news.ycombinator.com/item?id=46782174, please also clean up that misaligned ASCII diagram at the top of the README, it's a dead tell.
>Claude's output was thoroughly reviewed by Cloudflare engineers with careful attention paid to security
>To emphasize, this is not "vibe coded".
>Every line was thoroughly reviewed and cross-referenced with relevant RFCs, by security experts with previous experience with those RFCs.
...Some time later...
Things built with security in mind are not invulnerable, human written or otherwise.
If a marketer claims something, it is safe to assume the claim is at best 'technically true'. Only if an actual engineer backs the claim it can start to mean something.
This applies whether the code is written is by a human or AI, and also whether the code is reviewed by a human or AI.
Is a Github Copilot auto-reviewer going to click two levels deep into the Slack links that are provided as a motivating reference in the user story that led to the PR that's being reviewed? Or read relevant RFCs? (And does it even have permission to do all this?)
And would you even do this, as the code reviewer? Or will you just make sure the code makes sense, is maintainable, and doesn't break the architecture?
This all leads to a conclusion that software engineering isn't getting replaced by AI any time soon. Someone needs to be there to figure out what context is relevant when things go wrong, because they inevitably will.
so the "reviewing" process will be looking for the needles in the haystack
when you have no understanding, or mental model of how it works, because there isn't one
it's a recipe for disaster for anything other than trivial projects
https://www.linkedin.com/posts/nick-kuntz-61551869_building-...
DevSecOps Engineer United States Army Special Operations Command · Full-time
Jun 2022 - Jul 2025 · 3 yrs 2 mos
Honestly, it is a little scary to see someone with a serious DevSecOps background ship an AI project that looks this sloppy and unreviewed. It makes you question how much rigor and code quality made it into their earlier "mission critical" engineering work.
It's kinda mindblowing. What even is the purpose of this? It's not like this is some post on the vibecoding subreddit, this is fricken Cloudflare. Like... What the hell is going on in there?
Of course, this is done by a manager. Classic corporate mindset, I can do what these smelly nerds do every day, hold my bear.
He doesn't even know how git works, huh?
What a clown.
I agree that the post is wanting, but the idea itself is interesting: running a Matrix homeserver on workerd.
That's a generous read. From the actual article:
> We wanted to see if we could eliminate that tax entirely. Spoiler: We could.
> A production-grade Matrix homeserver
this is engineering malpractice. It is also unethical to present the work of an LLM as your own.
Unequivocally yes.
Fraud is fraud, and if your first instinct is to defend it in this manner, check yourself in the mirror.
I am saying that this is a human being who wrote about something they found cool, under they real identity, and they are getting insulted by people hiding behind their screens. It is a thing to insult a company or a generic title ("bad managers suck"), it is a completely different one to harass a specific person... and for what? Overselling their proof of concept?
Would you insult them if you met in person? Just for that? If yes, then maybe you go check yourself in the mirror.
I would absolutely say exactly the same things to the author’s face as I’m saying right now. I would never work for a company that condones this in a million years, as a matter of principle.
I just see a lot of comments from people who just seem happy to see that they can contribute to ruining someone else's day (or more).
You wrote,
> May I kindly ask you to calm the fuck down?
So yes, a reasonable person would conclude that you were talking to them.
> I just see a lot of comments from people who just seem happy to see that they can contribute to ruining someone else's day (or more).
Which comments do you see doing that? Exactly?
That doesn't exist in our trade, so yeah, public shaming is the next best thing. I sincerely hope links to this incident will haunt him every time someone googles his name forevermore.
Still I don't think that some random employee deserves to be harassed and publicly shamed for a bad blog post.
Like okay, I am an indie-dev if I create a vibe coded project, I create it for fun (I burn VC money of other people doing so tho but I would consider it actually positive)
But what's up with large companies who can actually freaking sponsor a human to do work make use of AI agents vibe code.
First it was cursor who spent almost 3-5 million$ (Just came here after watching a good yt video about it) and now Cloudflare.
Like, large corpos, if you are so much interested in burning money, atleast burn it on something new (perhaps its a good critique of the browser thing by Cursor but yeah)
I am recently in touch with a person from UK (who sadly got disabled due to an accident when he was young) guy who is a VPS provider who got really impacted by WHMCS increase in bill and He migrated to 1200 euros hostbill. Show him some HN love (https://xhosts.uk/)
I had vibe coded a golang alternative. Currently running it in background to create it better for his use cases and probably gonna open source it.
The thing with WHMCS alternatives are is that I made one using gvisor+tmate but most should/have to build on top of KVM/QEMU directly. I do feel that WHMCS is definitely one of the most rent seeking project and actually writing a golang alternative of it feels sense (atleast to me)
Can there not be an AI agent which can freaking detect what people are being charged for (unfairly) online & these large companies who want to build things can create open source alternatives of it.
I mean I am not saying that it stops being slop but it just feels a good way of making use of this tech aside from creating complete spaggeti slop nobody wants, I mean maybe it was an experiment but now it got failed (Cursor and this)
A bit ironic because I contacted the xhosts.uk provider because I wanted to create a cloudflare tunnels alternative after seeing 12% of internet casually going through cf & I saw myself being very heavily reliant on it for my projects & I wasn't really happy about my reliance on cf tunnels ig
rideontime•1h ago
ronsor•1h ago
nerdsniper•1h ago
corvad•1h ago
NicoJuicy•52m ago
corvad•18m ago
unfunco•1h ago
rideontime•1h ago
corvad•1h ago
simonw•1h ago
s1mplicissimus•1h ago
simonw•1h ago
The project itself did compile most of the time it was being developed - the coding agents had been compiling it the whole time they were running on it.
Shortly after the blog post they updated the GitHub repo with compilation instructions and it worked. I took this screenshot with it: https://static.simonwillison.net/static/2026/cursor-simonwil...
The "it didn't even compile" criticism is valid in pointing out that they messed up the initial release, but if you think "it never compiled" you have an incorrect mental model.
orwin•1h ago
If I install an Arch Linux, I don't say I 'installed Linux from scratch'.
simonw•58m ago
I'd estimate that's a lot less than 60% of the "actual work" though.
orwin•46m ago
embedding-shape•1h ago
The end result: Me and one agent (codex) managed to build something more or less the same as Cursor's "hundreds of agents" running for weeks and producing millions of lines of code, in just 20K LOC (this includes X11, macOS and Windows support). Has --headless, --screenshot, handles scaling, link clicking and scrolling, and can render basic websites mostly fine (like HN) and most others not so fine. Also included CI builds and automatic releases because why not.
The repository itself is here and should run out of the box on most modern OSes, downloads can be found at the Releases page: https://github.com/embedding-shapes/one-agent-one-browser
simonw•1h ago
Here's a screenshot I took with it: https://bsky.app/profile/simonwillison.net/post/3mdg2oo6bms2...
jacquesm•1h ago
dwroberts•1h ago
I’m no expert but it seems like a strange choice to me - using a mutex around an MPSC receiver, so whoever locks first gets to block until they get a message.
Is that not introducing unnecessary contention? It wouldn’t be that hard to just retain a sender for each worker and just round robin them
noosphr•29m ago
A poc that would usually take a team of engineers weeks to make because of lack of cross disciplinary skills can now be done by one at the cost of long term tech debt because of lack of cross disciplinary knowledge.
oefrha•1h ago
Although the tell is obvious if you spent one second looking at https://github.com/nkuntz1934/matrix-workers. That misaligned ASCII diagram, damn.
Why is Cloudflare paying this guy again, just to vibe a bunch of garbage without even checking above the fold content in the README?
embedding-shape•1h ago
It's getting outright frustrating to deal with this.
Fine, random hype-men gets hyped about stuff and tweets about it, doesn't mind me too much.
Huge companies who used to have a lot of good will putting out stuff like this, seemingly with absolutely zero reviews before hitting publish? What are they doing? Have everyone decided to just give up and give in to the slop? We need "engineering" to make a comeback.
Arathorn•1h ago
embedding-shape•1h ago
I'm mostly concerned that something we used to see as a part of basic "software engineering" (verify that what you build is actually doing what you think it is) has suddenly made a very quick exit from the scene, in chase of outputting more LOC which is completely backwards.
oefrha•1h ago
This is also what I ask our engineers to do, but it's getting hard to enforce.
orwin•1h ago
heliumtera•41m ago
Vibing is incompatible with engineering and this practice is disgusting and NOT acceptable.
PunchyHamster•1h ago
rconti•1h ago
Perhaps usage of AI is a performance target he's being judged against, like at many tech companies today.
bentcorner•1h ago
imcritic•1h ago
rideontime•1h ago
imcritic•1h ago
rideontime•59m ago
Fraterkes•49m ago
heliumtera•1h ago
I'm starting to believe they are all right, actually. Maybe frontier models surpassed most humans, but the bar we should have for humans is really really low. I genuinely believe most people cannot distinguish llms capabilities from their own capabilities, and their are not wrong from the perspective they have.
How could you perceive, out in the wild, an essence that scapes you?
blibble•1h ago
I have yet to see a counter-example
heliumtera•1h ago
Even if Blockchain has tremendous impact, even if transformers are incredible (really) technology, even if NFTs could solve real world problems...you could basically say the same thing and be right, rounding up, 100% of the time, about anything technology related (and everything else as well). This truly is a clown world, but it is illegal to challenge it (or considered bad faith around here)
PurpleRamen•1h ago