The recently released Dynamic Workers directly provides an API for capability-based sandboxing: https://developers.cloudflare.com/dynamic-workers/usage/bind...

But the platform has used caps internally all along. Cloudflare makes heavy use of Cap'n Proto (https://capnproto.org/), a capability-based RPC protocol, and recently released Cap'n Web (https://capnweb.dev/), a JavaScript-oriented version of the same idea. The "Cap'n" in both is short for "Capabilities and". (Dynamic Workers sandboxing is based around Cap'n Web capabilities.)

Most successful sandboxes use capabilities, though it's not often something you hear about. Android's IPC system, Binder, is a capability system. And Chrome has a capability-based IPC system called "Mojo".

Capabilities really shine when used for sandboxing, but here's a blog post I wrote that tries to explain the benefits beyond sandboxing: https://blog.cloudflare.com/workers-environment-live-object-...

(I am the lead developer of Cloudflare Workers, and the creator of Cap'n Proto and Cap'n Web.)

You could certainly set it up to allow the AI to import arbitrary npm modules if you want. We even offer a library to help with that:

https://www.npmjs.com/package/@cloudflare/worker-bundler

What you would do is give the Worker a TypeScript RPC interface that lets it read the files -- which you implement in your own Worker. To give it fast access, you might consider using a Durable Object. Download the data into the Durable Object's local SQLite database, then create an RPC interface to that, and pass it off to the Dynamic Worker running on the same machine.

See also this experimental package from Sunil that's exploring what the Dynamic Worker equivalent of a shell and a filesystem might be:

https://www.npmjs.com/package/@cloudflare/shell

Comments URL: https://news.ycombinator.com/item?id=47502448

Points: 51

# Comments: 13

Though Ryan of course had a lot more clout from day 1 than I did.

"Private credit" is an idea that has been hot in finance for the last several years, originating from the great financial crisis (GFC). After the GFC, regulations made it very hard for banks to make business loans with any kind of risk anymore. So instead, new non-bank institutions stepped in to make loans to businesses. These "private credit" institutions raise money from investors, and lend it to businesses.

The investors are usually institutions who are OK with locking up their money long-term, like insurance companies and pension funds. This all seems a lot safer than having banks making loans: banks get their funding from depositors, who are allowed to withdraw their deposit any time they want. So a bank really needs to hold liquid assets so they are prepared for a run on the bank, and corporate borrowing is not very liquid. Insurance companies and pension funds have much more predictability as to when they actually will need their money back, so can safely put it in private credit with long horizons.

It's not quite so clean, though.

It's actually common for banks to lend money directly to private credit lenders, who then lend it out to companies. But when this happens, typically the bank is only lending a fraction of the total and arranges that they get paid back first, so it's significantly less risky than if they were loaning directly to the companies. Of course, the non-bank investors get higher returns on their riskier investment.

And the returns have been pretty good. Or were. With the banks suddenly retreating from this space, there was a lot of money to be made filling the gap, and so private credit got a reputation for paying back really good returns while being more predictable than the stock market.

But this meant it got hot. Really hot.

It got so hot that there were more people wanting to lend money than there were qualified borrowers. When that happens, naturally standards start to degrade.

And then interest rates went up, after having been near-zero for a very long time.

And now a lot of borrowers are struggling to pay back their loans on time. And the lenders need to pay back investors, so sometimes they are compromising by getting new investors to pay back the old ones, and stuff. It's getting precarious.

Meanwhile a lot of private credit institutions are hoping to start accepting retail investors. Not because retail investors have a lot of money and are gullible, no no no. 401(k) plans are by definition locked up for many years, so obviously should be perfect for making private credit investments! Also those 401(k)s today are all being dumped into index funds which have almost zero fees, whereas private credit funds have high fees. Wait, that's not the reason though!

But just as they are getting to the point of finding ways to accept retail investors, it's looking like the returns might not be so great anymore. Could be a crisis brewing. Even if the banks are pretty safe, it's not great if pensions and insurance companies lose a lot of money...

I'm not saying they are right. But it's like if you posted an article called "Python Is Eating the World" on a non-tech side and people got mad because they thought the article was about a wildlife emergency. Fair for them to be confused, but maybe not fair to accuse the title of being misleading (at least not intentionally).

https://x.com/CloudflareDev/status/2031745285517455615

(Disclosure: I work for Cloudflare but not on this product. I get pretty tired of the conspiracy theories TBH.)

https://x.com/CloudflareDev/status/2031745285517455615

(Disclosure: I work for Cloudflare but not on this product.)

Some sites actually want crawlers -- e.g. sites that are selling a product, documentation, etc. That's what this product is meant for.

https://x.com/CloudflareDev/status/2031745285517455615

(Disclosure: I work for Cloudflare but not on this product.)

Little-understood fact about Cap'n Proto: Serialization is not the game at all. The RPC system is the whole game, the serialization was just done as a sort of stunt. Indeed, unless you are mmap()ing huge files, the serialization speed doesn't really matter. Though I would say the implementation of Cap'n Proto is quite a bit simpler than Protobuf due to the serialization format just being simpler, and that in itself is a nice benefit.

The recently-released Cap'n Web jettisons the whole serialization side and focuses just on the RPC system: https://blog.cloudflare.com/capnweb-javascript-rpc-library/

(I'm the author of Cap'n Proto and Cap'n Web.)

For what it's worth, you can disable the workers.dev zone by putting `"workers_dev": false,` in wranlger.jsonc. You can also enable Cloudflare Access on your workers.dev zone to require login (there's a switch for this in the cloudflare dashboard UI for the worker).

But of course you have to remember to do those things... I wonder if we (Cloudflare) should be more proactive in suggesting disabling/locking down the workers.dev zone once a worker is mapped to another zone...

I myself have been building a special-purpose vibe-coding environment and it's just astounding how easy it is to get great results by trying totally random ideas that are just trivial to implement.

Lots of companies are hoping to win here by creating the tool that everyone uses, but I think that's folly. The more likely outcome is that there are a million niche tools and everyone is using something different. That means nobody ends up with a giant valuation, and open source tools can compete easily. Bad for business, great for users.

Claude, ChatGPT, Gemini, and Grok are all more or less on par with each other, or a couple months behind at most. Chinese open models are also not far behind.

There's nothing inherent to these products to make them "sticky". If your tooling is designed for it, you can trivially switch models at any time. Mid-conversation, even. And it just works.

When you have basically equivalent products with no switching cost, you have perfect competition. They are all commodities. And that means: none of them can make a profit. It's a basic law of economics.

If they can't make a profit, no matter how revolutionary the tech is, their valuation is not justified, and they will be in big trouble when people figure this out.

So they need to make the product sticky somehow. So they:

1. Add a subscription payment model. Once you are paying a subscription fee, then the calculus on switching changes: if you only maintain one subscription, you have a strong reason to stick with it for everything.

2. Force you to use their client app, which only talks to their model, so you can't even try other models without changing your whole workflow, which most people won't bother to do.

These are bog standard tactics across the tech industry and beyond for limiting competitive pressure.

Everyone is mad about #2 but honestly I'm more mad about #1. The best thing for consumers would be if all these model providers strictly provided usage-based API pricing, which makes switching easy. But right now the subscription prices offer an enormous discount over API pricing, which just shows how much they are really desperate to create some sort of stickiness. The subscriptions don't even provide the "peace of mind" benefit that Spotify-like subscription models provide, where you don't have to worry about usage, because they still have enforced usage limits that people regularly hit. It's just purely a discount offered for locking yourself in.

But again I can't really be that mad because of course they are doing this, not doing it would be terrible business strategy.

I think it has nothing to do with the GPU and everything to do with the motherboard chipset.

I'm describing the red line which goes from downtown to Leander. (The one I linked to.) If you're describing some other line then sorry for the confusion, I didn't actually know there was another rail line. There are plans to build a green line to Elgin but AFAIK that's still under construction.

The red line is mostly single-track, but there are several specific segments of dual-track allowing trains to pass each other, which is why they're able to support multiple trains in both directions.

It's still a crappy schedule -- even during rush hour it's still no more than two trains an hour. Supposedly they intend to start running it every 15 minutes once they add some more dual-track segments.

Maybe it was worse when you lived here?