HN Reader

AI Can Solve the Fiscal Crisis for Cities–If We Let It (city-journal.org)

1 points by lemonberry 21s ago 0 comments

Measuring Geopolitical Risk Exposure Across Industries: A Firm-Centered Approach (federalreserve.gov)

1 points by toomuchtodo 1m ago 0 comments

Why are margin/padding percentages in CSS always calculated against width? (stackoverflow.com)

1 points by Leftium 3m ago 0 comments

ChatGPT to get parental controls after teen's death (rnz.co.nz)

3 points by billybuckwheat 3m ago 0 comments

Enemies Project (enemiesproject.org)

1 points by cobbzilla 4m ago 0 comments

I'm a political cartoonist. AI is making a mockery of my profession (sfchronicle.com)

2 points by voxadam 4m ago 0 comments

How to Watch an Asteroid Fly Uncomfortably Close to Earth on Wednesday (gizmodo.com)

1 points by ulrischa 4m ago 0 comments

FBI arrests US Army veteran for 'conspiracy' over protest against ICE (theguardian.com)

1 points by BallsInIt 4m ago 0 comments

How Elon Musk Is Remaking Grok in His Image (nytimes.com)

1 points by tysone 5m ago 0 comments

Marimo Notebook (marimo.io)

1 points by karma_daemon 5m ago 0 comments

Matrix.org – Database Incident (status.matrix.org)

1 points by yabones 6m ago 1 comments

Social media is a lifeline for many abused and neglected young people (theconversation.com)

2 points by Improvement 7m ago 0 comments

Apple's Lead AI Researcher for Robotics Heads to Meta as Part of Latest Exits (bloomberg.com)

8 points by mfiguiere 9m ago 0 comments

See the Butterfly Nebula in a New Image from James Webb Space Telescope (smithsonianmag.com)

2 points by ulrischa 10m ago 0 comments

Show HN: Dripz – Try on outfits from real life, online, even AI Instantly (getdripz.com)

2 points by titusblair 10m ago 0 comments

OpenAI Acquires Statsig for $1.1B (geekwire.com)

1 points by davepeck 11m ago 0 comments

Is it dumb just for me or for everyone? (github.com)

1 points by imasl42 14m ago 0 comments

Museum of Color (emergencemagazine.org)

2 points by NaOH 14m ago 0 comments

Computer-2: a flat-pack PC case made from one sheet of plastic [video] (youtube.com)

1 points by aaronday 15m ago 0 comments

How ‘Clanker’ Became an Anti-A.I. Rallying Cry (nytimes.com)

6 points by voxadam 15m ago 1 comments

Faster linking times with 1.90.0 stable on Linux using the LLD linker (blog.rust-lang.org)

1 points by fofoz 15m ago 0 comments

Per- and Polyfluoroalkyl Substances in Reusable Feminine Hygiene Products (pubs.acs.org)

1 points by Jimmc414 16m ago 1 comments

Show HN: ChatGPT's interface sucks. So I built a branchable canvas for LLMs (twitter.com)

2 points by max-lee-dev 16m ago 0 comments

Show HN: Unity WebGL Playground (onejs.com)

1 points by CreepGin 17m ago 0 comments

Ask HN: How do you protect against malicious links in user-generated content?

2 points by TimLeland 19m ago 0 comments

Decoding UTF-8. Part III: Determining Sequence Length – A Lookup Table (nemanjatrifunovic.substack.com)

1 points by rbanffy 20m ago 0 comments

Visual Studio Next Version: What's Coming and What to Expect (blog.ndepend.com)

1 points by giancarlostoro 20m ago 0 comments

Photochemistry and Climate Modeling of Earth-Like Exoplanets – Universe Today (universetoday.com)

2 points by rbanffy 20m ago 0 comments

When You No Longer Need That Object • Dealing with Garbage in Python (thepythoncodingstack.com)

1 points by rbanffy 21m ago 0 comments

Civics Is Boring. So, Let's Encrypt Something (queue.acm.org)

2 points by rdoherty 22m ago 0 comments

No Evidence Climate Change Has Accelerated Sea Level Rise per First Global Study (public.news)

1 points by SilverElfin 22m ago 2 comments

Court convictions are the exception in Amazon land-grabbing cases, study shows (news.mongabay.com)

5 points by PaulHoule 23m ago 0 comments

Waymo Navigates a Haboob in Phoenix After Monsoon Storms: R/Waymo (old.reddit.com)

2 points by tortilla 24m ago 1 comments

How Causal Reasoning Addresses the Limitations of LLMs in Observability (infoq.com)

2 points by dhairya 24m ago 0 comments

RapperBot: From Infection to DDoS in a Split Second (bitsight.com)

1 points by sys42590 26m ago 0 comments

U.S. gov't revokes TSMC's authorization to ship tools to its fabs in China (tomshardware.com)

5 points by giuliomagnifico 28m ago 0 comments

Show HN: Amber – better Beeper, a modern all-in-one messenger (useamber.app)

10 points by DmitryDolgopolo 31m ago 9 comments

Astro: Production Ready middleware using ports and adapters (lorenstew.art)

1 points by lorenstewart 32m ago 0 comments

Call of Duty live-action film announced (cnbc.com)

1 points by leopoldj 32m ago 0 comments

The Kafka Replication Protocol with KIP-966 (github.com)

9 points by tanelpoder 32m ago 0 comments

Apertus 8B and 70B – a new open multilingual LLM from Switzerland (actu.epfl.ch)

2 points by mseri 33m ago 0 comments

OpenAI Acquires Statsig for $1.1B (bloomberg.com)

7 points by jshchnz 37m ago 1 comments

The Rise of the Traveling Third Space (thechow.net)

1 points by colinprince 38m ago 0 comments

Frontiersman Davy Crockett Became an Unlikely American Hero (smithsonianmag.com)

2 points by noleary 39m ago 0 comments

I Started Talking to My Computer Instead of Typing. It Changed How I Think (every.to)

2 points by colinprince 40m ago 0 comments

R&D behind hacking agents (medium.com)

2 points by danieltk76 40m ago 0 comments

Tipsto.me Modern Link in Bio with instant tips/donations (tipsto.me)

1 points by dougmnuel 40m ago 1 comments

A gentle introduction to CP/M (eerielinux.wordpress.com)

13 points by naves 40m ago 3 comments

Detail about Linkity Link (bradbarrish.com)

1 points by colinprince 42m ago 0 comments

How Fining Elon Musk's X Could Threaten the U.S.-E.U. Trade Deal (nytimes.com)

1 points by saubeidl 42m ago 0 comments

JWTs and OAuth suck for AI agents. Meet Wafers

2 positiveblue 5 9/2/2025, 3:23:09 PM positiveblue.substack.com ↗

Comments (5)

janwilmake · 2h ago
really cool! the problem with new standards though is that it's hard to adopt. what's your plan to adoption? because nobody will understand it if it's not in terms of things they already use/understand.

curious if this can somehow slot into oauth too, or this is impossible? I've been thinking about oauth proxies that alter the oauth scopes into more fine-grained ones, working on this. maybe this is the key to adoption.

positiveblue · 1h ago
Adoption is definitely the hardest "cryptographic" problem :D

You can think about this as a new auth token to add in your stack. It does not need to grow and take over the world overnight. We have seen how hard it is to change the status quo + how much it can adapt to new ideas (ex: SQL vs NoSQL)

For now I would imagine teams who need more flexibility in their auth stack to adopt this for new API

positiveblue · 3h ago
TLDR: JWTs say who you are. Wafers say who this request is on behalf of and exactly what it can do.
afiori · 3h ago
It looks very similar to Macaroons

https://news.ycombinator.com/item?id=39204314

https://news.ycombinator.com/item?id=43499783

https://news.ycombinator.com/item?id=25233311

What are the differences?

positiveblue · 3h ago
Wafers are definitely inspired by Macaroons, but the core difference is that delegation is tied to identity.

In Macaroons, anyone who holds the token can tack on caveats.

In Wafers, only the current holder can extend it, and they can explicitly name the next holder by public key.

That gives you a verifiable chain of custody instead of an unanchored blob.