Hacker News: dinakernel

Show HN: A personal AI kernel where other agents ask permission for your data

dinakernel — Wed, 01 Apr 2026 13:35:50 +0000

I wrote a sci-fi novel 8 years ago about a world where every person had a personal AI named Dina who supported them through their everyday life. This is the implementation of that idea.

Dina is a personal AI with its own user-owned identity and encrypted persona vaults. Other agents can use Dina’s permission layer when they need access to sensitive data or want to take risky actions. Dina can ask for approval from the user if the action is deemed risky. But Dina is broader than just an approval layer. She has her unique cryptographic id, supports encrypted Dina-to-Dina messaging and a capability to setup a Trust Network which can be used to make decisions based on trust.

What works today: (1) User-owned cryptographic identity

(2) Encrypted persona vaults for health / finance / work / etc.

(3) Approval flows for sensitive access and risky actions

(4) PII scrub / rehydrate for outbound calls

(5) Encrypted Dina-to-Dina messaging

(6) Signed reviews, vouches someone/bot, flag user/bot etc in Trust Network

You can install it on your local machine and use the main flows through Telegram or Bluesky. You can store memories, get automated reminders, get answers which is enriched based on previous memories, watch approval flows, and test Dina-to-Dina messaging and the Trust Network.

Open Source. MIT Licensed. Technical preview status. 4,500+ Tests working. Built on Go/Python/TS.

The architecture decision I’m most opinionated about is that persona isolation should be cryptographic, not just application-level. If the system is hit by a prompt injection attack, application level security could be overcome. But here, they wouldn't be able to read a locked persona without user approval.

Known limits: rough edges since it is technical preview and agent control depends on agents like OpenClaw deciding to call Dina (not a forced call)

I am happy to go deeper in to any architectural decisions.

Comments URL: https://news.ycombinator.com/item?id=47600678

Points: 2

# Comments: 0

New comment by dinakernel in "Cohere Transcribe: Speech Recognition"

dinakernel — Tue, 31 Mar 2026 16:56:14 +0000

My worry is that ASR will end up like OCR. If the multi modal large AI system is good enough (latency wise), the advantage of domain understanding eats the other technlogies alive.

In OCR, even when the characters are poorly scanned, the deep domain understanding these large multi modal AIs have allows it to understand what the document actually meant - this is going to be order id because in the million invoices I have seen before order id is normally below order date - etc. The same issue is going to be there in ASR also is my worry.

New comment by dinakernel in "Claude Code users hitting usage limits 'way faster than expected'"

dinakernel — Tue, 31 Mar 2026 14:51:01 +0000

I guess so - but for people working on billing section of a project or even if they include things like - add billing capability etc in Claude MD - it might be an issue, I think

New comment by dinakernel in "Claude Code users hitting usage limits 'way faster than expected'"

dinakernel — Tue, 31 Mar 2026 13:58:47 +0000

This turned out to be a bug. https://x.com/om_patel5/status/2038754906715066444?s=20

One reddit user reverse engineered the binary and found that it was a cache invalidation issue.

They are doing some hidden string replacement if the claude code conversation talks about billing or tokens. Looks like that invalidates the cache at that point.

If that string appears anywhere in the conversation history, I think the starting text is replaced, your entire cache rebuilds from scratch.

So, nothing devious, just a bug.

New comment by dinakernel in "Axios compromised on NPM – Malicious versions drop remote access trojan"

dinakernel — Tue, 31 Mar 2026 08:30:05 +0000

Default setting latest should be caught in every static code scanner. How many times has this issue been raised.

New comment by dinakernel in "Copilot edited an ad into my PR"

dinakernel — Mon, 30 Mar 2026 05:24:47 +0000

Seriously? Dont they want their system to succeed? I cant think of a better way of alienating the target customer than this.

New comment by dinakernel in "About the Atmosphere"

dinakernel — Mon, 30 Mar 2026 05:18:45 +0000

The best part was the Doom running over AT Protocol. Jetstream is a bit patchy, but running Doom - I would never have thought it possible

New comment by dinakernel in "The Cognitive Dark Forest"

dinakernel — Mon, 30 Mar 2026 03:49:11 +0000

Have you read mike masnicks ? https://www.techdirt.com/2026/03/25/ai-might-be-our-best-sho...

It actually points out the completely opposite and I liked that quite a bit That AI allows us to get back the open web in in a way.

New comment by dinakernel in "AI overly affirms users asking for personal advice"

dinakernel — Sun, 29 Mar 2026 12:38:36 +0000

This has been my issue from long. AI CANNOT ever act as Emotional Crutch. This is something companies develop for engagement, and I believe that this is actively harmful in the long run.