今日已更新 287 条资讯 | 累计 20259 条内容
关于我们

标签:#AR

找到 3657 篇相关文章

AI 资讯

Mi INSERT tardaba 25 minutos y no era culpa de los datos: construyendo un Data Warehouse de e-commerce con PostgreSQL

Cargar 112.647 filas en una tabla de hechos debería tardar segundos. A mí me tardaba más de 25 minutos, y acababa cancelando la query. Los datos estaban bien, el SQL estaba bien, las dimensiones se poblaban sin problema. El culpable era otro, y descubrirlo fue la parte más instructiva de todo el proyecto. Todo esto surgió construyendo un Data Warehouse en estrella sobre datos reales de e-commerce: no una tabla bonita para hacer un SELECT * , sino un modelo dimensional completo, reproducible desde cero, capaz de responder preguntas de negocio de verdad. El dataset Trabajé con el Brazilian E-Commerce Public Dataset by Olist : pedidos reales de un marketplace brasileño entre septiembre de 2016 y octubre de 2018. Son 9 CSV relacionados entre sí: 99.441 pedidos y 112.650 líneas de venta 103.886 pagos y 104.719 reseñas 32.951 productos, 3.095 vendedores 1.000.163 registros de geolocalización Y con trampas de datos reales que hay que ver antes de que te muerdan: Un pedido puede tener varios pagos y varias reseñas. Si los unes tal cual a la tabla de hechos, duplicas ventas . Es el error clásico y silencioso: los totales salen inflados y nadie se entera. customer_id no es un cliente. Olist crea uno por cada pedido; la persona real es customer_unique_id . Contar mal aquí te cambia el KPI: hay 99.441 cuentas frente a 96.096 personas. El CSV de productos trae una errata en la cabecera ( product_name_lenght , con "lenght"). Si tu esquema la escribe bien y cargas por interfaz gráfica (que empareja por nombre ), esas columnas se quedan vacías sin que nadie avise. El proceso Monté una arquitectura en capas: CSV → staging → modelo dimensional → vistas → análisis , todo en cuatro scripts ejecutables en orden y idempotentes (el esquema se recrea desde cero, se puede relanzar mil veces). El modelo es un star schema : una tabla de hechos fact_sales al grano de línea de producto dentro de un pedido , y cinco dimensiones (cliente, producto, vendedor, pago y fecha), con claves sustitutas,

2026-07-13 原文 →
AI 资讯

The monitoring agent that cannot be told what to do

Here is a design decision we made early, wrote into the architecture as an invariant, and have refused to revisit since: our agent accepts no commands. Not "we don't currently use that feature" — the hub has no way to tell an installed agent to do anything at all. No remote execution, no self-update, no "collect this for us right now". It sends data outward, and that is the entire surface. This is not a limitation we are working around. It is the product. And it costs us features that customers ask for, which is exactly why it is worth explaining. The uncomfortable arithmetic of remote control Any tool that can update a plugin across fifty client sites is, by construction, a tool that can execute code on fifty client sites. Any dashboard that can restart a service on your server holds, somewhere, a credential that lets it in. This is not a flaw in those products — it is what they are for. You cannot automate a repair without the power to perform it. But that power has an owner, and the owner has a login, and the login has a support team, and somewhere in that chain there is a version of the software with a bug in it. When the tool is compromised, the blast radius is not the tool. It is every machine the tool could reach. The industry has already run this experiment at scale. In July 2021, attackers exploited a vulnerability in a widely used remote monitoring and management platform. They did not break into a single company — they broke into the thing that had access to the companies. Roughly sixty managed service providers were hit, and through them, an estimated 800 to 1,500 downstream businesses were encrypted in a single weekend, with a $70 million ransom demand attached. Read that shape again, because it is the whole argument: the victims did nothing wrong. They had bought a well-known product from a serious vendor and installed it exactly as instructed. Their compromise arrived through the door they had deliberately, sensibly, contractually left open — the one

2026-07-13 原文 →
AI 资讯

The First Microcontroller Was the TI TMS1000 (1974)

Ask most people to name the chip that started modern electronics and they will say the microprocessor. But there is a quieter hero inside almost everything you own that beeps, blinks, or connects to the internet: the microcontroller. And the first one you could actually buy shipped in 1974 as the Texas Instruments TMS1000. Microprocessor vs. microcontroller The distinction matters. A microprocessor, like Intel's famous 4004, is just the processing core. To build anything useful with it you still have to wire up separate memory chips, input/output controllers, and support logic on a circuit board. A microcontroller collapses all of that onto a single piece of silicon: the CPU, the ROM that holds your program, the RAM that holds your data, and the I/O pins that talk to the outside world, all in one package. That is exactly what the TMS1000 did. Designed by Texas Instruments engineers Gary Boone and Michael Cochran, it was a 4-bit device using a Harvard architecture, meaning it kept program memory and data memory in separate spaces so it could fetch an instruction and read data at the same time. One chip in, one chip out, and you had a complete tiny computer dedicated to a single job. Cheap enough to put in everything The genius of the TMS1000 was not raw power, it was economics. In 1974 you could buy the chips in volume for around two dollars each. By 1979, Texas Instruments was selling roughly 26 million of them every year. That price point changed what engineers could build. Suddenly it made sense to drop a small, programmable brain into products that never would have justified a full computer. You have almost certainly held one. The TMS1000 family ran the Speak & Spell, the Big Trak programmable toy vehicle, and the electronic memory game Simon, along with countless calculators, microwave ovens, and appliances. Each one was doing the same fundamental thing an IoT node does today: read some inputs, run a fixed program, drive some outputs. Why this still matters for

2026-07-13 原文 →
AI 资讯

Building a secure OS: the hard list — what I found and what I'm fixing in IONA OS

Every operating system has security gaps. Most never publish them. I am publishing mine. IONA OS is a sovereign operating system written from scratch in Rust. It has a kernel, a GUI, a blockchain protocol, a programming language, and a 140,000‑line AI running in Ring 0. It is designed to be secure by default. But secure is a journey, not a destination. Here is the hard list — the security issues I found in IONA OS, and what I am doing about them. 1. The filesystem is not encrypted at rest IONAFS reads and writes sectors in plain text directly to the disk. I already have a real ChaCha20‑Poly1305 engine with per‑file key derivation ( fs/encrypted_storage.rs ), but it is only used for backup/distribution — not for everyday local reading and writing ( fs/ionafs/mod.rs ). Why this matters: For a journalist or a civil servant, this is the central threat scenario: a lost device, confiscation at a border, or seizure. What I'm doing about it: Integrating encrypted_storage.rs into the normal IONAFS read/write path. Every write will be encrypted automatically. The key will be derived from a PIN or TPM. 2. Deleting a file does not destroy it delete_file() removes only the index entry. The data sectors remain on the disk, recoverable with standard forensic tools. Why this matters: For users with high security requirements — journalists, activists, government officials — this is a critical gap. What I'm doing about it: Adding a shred() function that overwrites the data sectors with random patterns before releasing them, with a configurable number of passes. 3. The keystore uses XOR, not real encryption security/keystore.rs pretends to use AES/ChaCha in its comments, but the actual implementation is a simple XOR stream — trivial to break once an attacker has access to the disk. Why this matters: This is a critical vulnerability. XOR is not encryption. If an attacker has access to the disk, they can recover the keys. What I'm doing about it: Replacing the XOR stream with real ChaCh

2026-07-13 原文 →
AI 资讯

skip에서 partition overwrite로: business_date 재처리를 Iceberg로 다시 표현하기

skip에서 partition overwrite로: business_date 재처리를 Iceberg로 다시 표현하기 이전 글에서는 같은 source_hash 가 다시 들어왔을 때 기존 successful run을 재사용하는 idempotency를 다뤘다. 하지만 재처리에는 두 종류가 있다. 1. 같은 입력이 다시 들어온 경우 -> skip이 맞다. 2. 같은 business_date의 정정 입력이 들어온 경우 -> skip하면 안 된다. -> 같은 날짜의 gold 결과를 중복 없이 교체해야 한다. manufacturing-data-platform-mini 의 B5 slice는 두 번째 문제를 아주 작게 다룬다. 전체 Spark pipeline을 만든 것이 아니다. gold_daily_metrics Iceberg table 하나를 local Spark에서 만들고, business_date partition overwrite와 snapshot evidence만 검증했다. Scenario 이미 아래 gold row가 있다. business_date=2026-06-29 plant-a / line-1 / gearbox-a units_produced=120 defect_count=3 나중에 같은 business_date=2026-06-29 에 대한 정정 source가 들어온다. 운영자가 원하는 것은 append가 아니다. 원하지 않는 상태: 2026-06-29 old row 2026-06-29 corrected row -> 같은 날짜 결과가 중복됨 원하는 상태: 2026-06-29 corrected row만 남음 2026-06-30 같은 다른 날짜 partition은 그대로 유지됨 재처리 전후 snapshot evidence가 남음 그래서 이 slice의 질문은 이렇다. 같은 business_date의 정정 source를 처리할 때, gold table에서 해당 날짜 partition만 중복 없이 교체하고, 어떤 run이 어떤 Iceberg snapshot을 만들었는지 남길 수 있는가? Decision Pressure Slice1의 CSV pipeline은 already-successful source를 안전하게 skip할 수 있다. dataset_id + business_date + source_hash 이 key가 같으면 같은 입력이다. 다시 계산해도 같은 결과이므로 기존 run을 재사용한다. 하지만 source_hash 가 달라졌다면 의미가 다르다. same business_date different source_hash 이건 retry가 아니라 correction이다. CSV run-folder 방식에서는 새 run output을 만들 수는 있지만, "현재 gold table에서 해당 날짜를 원자적으로 교체한다"는 table-level 의미가 약하다. Iceberg를 붙이는 이유는 여기 있다. source_hash -> 같은 입력인지 판단하는 idempotency key business_date partition -> 정정 시 교체할 gold table 범위 snapshot_id -> table commit의 evidence 즉 Spark/Iceberg는 도구 이름을 추가하려고 붙인 것이 아니라, 재처리 상태 전이를 더 명확히 표현하기 위해 붙였다. Options Option 장점 문제 판단 same source면 항상 재계산 단순함 retry 때 불필요한 commit이 계속 생김 제외 corrected source를 append 구현 쉬움 같은 날짜 gold row가 중복될 수 있음 제외 whole-table overwrite 단순함 다른 날짜 partition까지 지울 위험 제외 business_date partition overwrite correction 범위가 명확함 Spark/Iceberg 설정과 test가 필요 선택 MERGE/upsert 강력함 이번 skeleton에 과함 backlog 이번 구현은 DataFrameWriterV2.overwritePartitions() 를 사용했다. corrected_d

2026-07-12 原文 →
AI 资讯

wide CSV 여러 개를 EAV로 모아 gold mart 만들기

wide CSV 여러 개를 EAV로 모아 gold mart 만들기 현실의 데이터 소스는 한 가지 모양으로 오지 않는다. 같은 의미의 값도 어떤 파일에서는 생산수량 , 다른 파일에서는 units , 또 다른 파일에서는 made 로 올 수 있다. 온도도 어떤 곳은 섭씨, 어떤 곳은 화씨일 수 있다. 이걸 매번 pipeline code에 if source == ... 로 박기 시작하면 source가 늘 때마다 코드가 지저분해진다. manufacturing-data-platform-mini 의 EAV mini slice는 이 문제를 작게 다룬다. 여러 wide CSV를 mapping config로 표준 attribute에 맞춘 뒤, EAV long format으로 모으고, 다시 gold metric mart로 pivot/aggregate한다. 데이터는 모두 synthetic이고, 회사 코드·고객 데이터·실제 schema는 쓰지 않았다. 1. Scenario 서로 다른 공장/라인/벤더에서 비슷한 제조 지표 파일이 들어온다. 예: plant_a.csv: 설비ID, 생산수량, 불량수, 온도C, 압력kPa plant_b.csv: machine_id, output_units, defects, temp_f, pressure_bar vendor_d.csv: unit_name, made, scrap, deg_c, kpa 비즈니스적으로는 같은 지표를 보고 싶다. units_produced defect_count temperature_c pressure_kpa 문제는 source마다 column name과 unit이 다르다는 점이다. 2. Decision Pressure 단순 구현은 source마다 코드를 늘린다. if source == "plant_a": 생산수량을 units_produced로 읽는다 if source == "plant_b": output_units를 units_produced로 읽는다 temp_f를 섭씨로 변환한다 if source == "vendor_d": made를 units_produced로 읽는다 이 방식은 작게는 빨라 보이지만 source가 늘수록 문제가 된다. 새 파일 형식마다 pipeline code를 고쳐야 한다. column mapping과 transform logic이 섞인다. unit conversion이 흩어진다. quality check가 source별로 갈라진다. gold mart grain을 설명하기 어려워진다. 그래서 mapping은 config로 빼고, pipeline은 표준 attribute를 처리하게 만들었다. 3. Options option result risk source별 hard-coded parser 처음엔 빠름 source가 늘 때 code change 반복 모든 source를 wide table 하나로 합치기 보기 쉬움 sparse/heterogeneous column 폭발 EAV long format 이종 attribute를 표준 형태로 모음 pivot/quality 설계가 필요 full mapping DSL/rules engine 유연함 mini project에는 과함 이 프로젝트의 선택은 단순한 JSON mapping + EAV long + gold pivot이다. 4. Decision 각 source는 JSON config로 자신의 column을 표준 attribute에 매핑한다. source column -> standard attribute output_units -> units_produced temp_f -> temperature_c with f_to_c pressure_bar -> pressure_kpa with bar_to_kpa pipeline 흐름: wide CSVs -> mapping configs -> EAV long rows -> gold entity_daily_metrics -> quality checks -> catalog/lineage EAV row의 핵심 shape: entity_id business_date attribute value v

2026-07-12 原文 →
AI 资讯

schema drift를 fail이 아니라 warn으로 둔 이유

schema drift를 fail이 아니라 warn으로 둔 이유 데이터 파이프라인에서 source schema가 바뀌는 순간은 애매하다. 무조건 무시하면 운영자는 입력 구조가 바뀐 사실을 모른다. 반대로 모든 schema 변화를 실패로 처리하면, 정상적인 컬럼 추가까지 daily run을 막아버린다. manufacturing-data-platform-mini 에서는 이 문제를 작게 다뤘다. synthetic manufacturing CSV의 실제 header를 기준으로 schema_hash 를 만들고, previous successful run과 비교해 달라졌으면 schema_drift quality check를 warn 으로 남긴다. 단, required column이 빠져 silver/gold contract를 만들 수 없는 경우는 현재 ValueError 로 빠르게 실패한다. 1. Scenario 어느 날 source CSV에 새 컬럼이 추가된다. 기존 header: event_time,plant_id,line_id,work_order_id,machine_id,product_code, operation,units_produced,defect_count,cycle_time_ms,business_date 새 header: event_time,plant_id,line_id,work_order_id,machine_id,product_code, operation,units_produced,defect_count,cycle_time_ms,business_date,operator_id operator_id 는 아직 silver/gold mart에서 쓰지 않는다. 하지만 source 구조가 바뀐 사실은 기록되어야 한다. 2. Decision Pressure schema drift에서 중요한 질문은 단순히 "바뀌었나?"가 아니다. 바뀐 것을 운영자가 알 수 있는가? 정상적인 컬럼 추가 때문에 pipeline을 멈춰야 하는가? downstream gold mart contract가 조용히 바뀌지는 않는가? 이전 successful run과 지금 run의 schema identity를 비교할 수 있는가? 초기 구현에서는 한 가지 실제 버그가 있었다. schema_hash 가 고정된 required column 목록에 너무 묶여 있어서, 추가 컬럼이 들어와도 hash가 바뀌지 않았다. 즉 operator_id 가 추가되어도 drift가 보이지 않았다. 이 문제를 고치기 위해 read_rows 가 실제 CSV header를 반환하고, 그 실제 header 기준으로 schema_hash 를 계산하도록 바꿨다. 3. Options option result risk ignore drift pipeline은 계속 돈다 source 변화가 보이지 않음 fail every drift 변화에 강하게 반응 정상적인 컬럼 추가도 막음 warn and continue 변화가 보이고 run도 계속됨 warning을 inspect해야 함 auto-evolve silver/gold 새 컬럼을 바로 사용 가능 downstream contract가 조용히 바뀔 수 있음 full schema registry production에 가까움 mini slice에는 무거움 이 프로젝트의 선택은 warn and continue 다. 4. Decision 현재 contract는 이렇다. previous successful run이 없으면: schema_drift = pass baseline schema established current schema_hash == previous successful schema_hash: schema_drift = pass current schema_hash != previous successful schema_hash: schema_drift = warn quality_passed는 true 유지 run/lineage record에 previous/current schema_hash 저장 required column missing: V

2026-07-12 原文 →
开发者

source_hash로 같은 입력 재처리를 안전하게 skip하기

source_hash로 같은 입력 재처리를 안전하게 skip하기 작은 데이터 파이프라인도 한 번만 실행된다고 가정하면 금방 거짓말이 된다. 실제로는 같은 파일을 다시 실행할 수 있다. 실패한 run을 재시도할 수도 있고, 과거 날짜를 backfill할 수도 있고, 운영자가 실수로 같은 입력을 다시 넣을 수도 있다. 이때 결과가 중복되면 gold metric은 더 이상 믿을 수 없다. 이 글은 개인 포트폴리오 프로젝트 manufacturing-data-platform-mini 에서 source_hash 를 이용해 같은 입력 재처리를 안전하게 skip하도록 만든 작은 설계 판단을 정리한 글이다. 데이터는 모두 synthetic이며, production platform이 아니라 검증 가능한 mini slice다. 1. Scenario 같은 business_date 의 제조/로봇 이벤트 파일을 다시 처리해야 하는 상황이 있다. 예: retry: 앞 run이 중간에 실패해서 다시 실행한다. backfill: 과거 날짜를 다시 채운다. operator mistake: 같은 파일을 실수로 다시 실행한다. 단순히 매번 append하면 같은 날짜의 gold metric이 중복될 수 있다. 2. Decision Pressure 단순 CSV pipeline은 보통 이렇게 끝난다. CSV 읽기 -> silver 만들기 -> gold 집계 -> 결과 저장 하지만 운영 관점에서는 질문이 생긴다. 이 입력은 전에 처리한 파일과 같은가? 같은 파일을 다시 돌리면 중복 output이 생기나? 다른 파일로 같은 날짜를 다시 돌리면 어떻게 구분하나? 어떤 run이 어떤 source에서 만들어졌나? 그래서 재실행을 판단할 identity가 필요했다. 3. Options option result problem always append 모든 run 결과를 계속 추가 같은 입력 재실행 시 중복 always overwrite 결과를 항상 덮어씀 이전 결과/원인 추적이 약함 skip by business_date only 같은 날짜면 무조건 skip 정정 파일을 반영할 수 없음 skip by dataset_id + business_date + source_hash 같은 입력만 no-op 정정 파일은 새 run으로 처리 가능 이 프로젝트의 Slice1은 마지막 선택지를 쓴다. 4. Decision 현재 mini pipeline은 입력 파일의 content hash를 source_hash 로 계산한다. idempotency key: dataset_id + business_date + source_hash 이미 성공한 run이 있으면 새로 처리하지 않고 기존 run을 재사용한다. same dataset_id same business_date same source_hash prior successful run exists => status = skipped 이 선택은 작지만 중요하다. 같은 파일 재실행: skip -> 중복 없음 같은 날짜의 정정 파일: source_hash가 다름 -> skip하지 않고 새 run으로 처리 가능 단, 여기서 조심해야 할 경계가 있다. Slice1은 다른 source_hash 를 새 run으로 처리할 수 있지만, 이전 gold partition을 원자적으로 교체하는 Iceberg-style overwrite까지 구현한 것은 아니다. 그 문제는 다음 Slice2의 business_date partition overwrite 주제다. 5. Evidence 관련 코드와 검증 evidence: src/manufacturing_data_platform/pipeline/lakehouse.py tests/test_lakehouse_pipeline.py VERIFICATION_LOG.md README.md 검증 로그: 2026-07-08 publication readiness check: pytest: 33 passed lakehouse JSON CLI: passed, status=processed, quality_passed=true EAV JS

2026-07-12 原文 →
AI 资讯

Stop Guessing: How I Pick AI API Architecture at Every Scale

Stop Guessing: How I Pick AI API Architecture at Every Scale I've been on both sides of this. Two years ago I was the lone backend engineer at a Series A startup, duct-taping API calls together at 2 AM because the founders wanted a chatbot demo by morning. Last quarter I sat in a procurement meeting at a Fortune 500 where we spent six weeks evaluating three vendors for a single inference workload. Same job title on LinkedIn, wildly different problems. Most AI API guides I've read treat both scenarios like they're the same conversation. They're not. The startup CTO optimizing for burn rate and the enterprise architect worrying about a 99.9% uptime SLA are solving fundamentally different equations. After enough of these conversations, I've developed a framework I'd like to share — and yes, I'll talk about Global API because it's what I actually use, but I'll also explain the reasoning behind each choice so you can adapt it to your own stack. What I Look at First: The p99 Question Before I look at price, I look at the latency distribution. Specifically, the p99. Mean latency tells you almost nothing useful. If your median response is 200ms but your p99 is 4 seconds, your users will see janky behavior on the long tail and you won't know why until production is on fire. For startups in the MVP phase, you can usually get away with best-effort routing. A p99 of 2-3 seconds is fine if you're building an async summarization feature. But the moment you put AI in the synchronous request path — like a customer-facing chatbot or a real-time code suggestion — p99 starts to bite. I learned this the hard way when our startup's "AI assistant" feature had users complaining about slowness that I couldn't reproduce locally. The culprit? Provider cold starts hitting our 1% of users who happened to get routed to a freshly spun-up instance. For enterprises, p99 isn't a nice-to-have, it's a contractual obligation. Most B2B SLAs I've negotiated pin uptime at 99.9% and require reporting on m

2026-07-12 原文 →
开发者

How Philips Hue got the smart home right

The state of the smart home can be frustrating, because it is just so obvious how things ought to work. You should be able to control everything from everywhere. Your spaces should adapt to what you're doing and how you're feeling. Making your home smart shouldn't require renovating, and the smarts should be mostly invisible. […]

2026-07-12 原文 →
AI 资讯

What eight years of freelancing taught me about pricing

The first time a client said yes to a quote without hesitating, I felt sick. This was early on. I'd sent over a rate for a batch of articles, my palms were actually sweaty over the email, and the reply came back in under an hour. "Sounds great, when can you start?" No pushback, no negotiation, nothing. I should have been thrilled. Instead, I sat there doing the math on how much more I could have charged, and I knew, the way you just know sometimes, that I'd priced it too low. His enthusiasm was the tell. That queasy feeling taught me more than any pricing guide ever did. If a client says yes instantly and happily, you were cheap. I've been freelancing for about eight years now, all of it writing and content work, most of it solo from a spare room in my house. I've priced my work a dozen different ways over that stretch, and I've gotten most of them wrong at some point. So here's what I actually believe about pricing, after enough scars to have earned an opinion. Per-word pricing quietly punishes you for getting better I started out charging by the word, like a lot of writers do. Five cents a word, sometimes six if I was feeling brave. It felt safe because it was easy to explain and easy for a client to say yes to. A 1,500-word article costs this much. Clean. Predictable. The problem showed up slowly. The better I got, the worse that model treated me. Early on I'd pad a piece to hit a word count because more words meant more money, which is a genuinely insane thing to be incentivized toward as a writer. Then I spent years learning to cut. Learning that the sharpest version of an article is usually the shortest one that still does the job. And every ounce of that hard-won skill made me poorer, because a tight 900-word piece that took real judgment to shape paid less than a bloated 1,400-word one I could have written half-asleep. Think about how backwards that is. I was being paid the least for the writing I was proudest of. The stuff that took a decade to be able to d

2026-07-12 原文 →
AI 资讯

From REST to MCP (1/2): Different Dimensions

Intro An MCP server can look like another API layer: expose existing REST endpoints as tools and call it a day. Both receive input, execute backend logic, and return a result. But they operate under different assumptions. This two-part series explains why directly wrapping REST APIs is a bad default. This first article covers the differences in their runtime environments. The second will discuss how those differences should affect MCP design (you already know how to design a good REST API ). We can see those differences more clearly by comparing the two across several dimensions. Dimensions The consumer With REST, developers encode control in application logic. The application knows when to call an endpoint, what arguments to send, and how to handle the response. Those decisions are made during development. With MCP tools, much of that control moves to the AI agent. The model interprets the request, chooses a tool, constructs its arguments, evaluates the result, and decides what to do next. The harness can restrict it, but the model is still part of the control flow. A REST client already knows why it is making a call. An agent must first decide whether a tool is relevant at all. MCP tools The context A REST application can draw from application state, cookies, memory, and user input. Code written by a developer determines which parts become request parameters. An agent can draw from the current request, conversation history, and previous tool results. The MCP server does not see this context automatically, but the model may turn parts of it into tool arguments at runtime. The difference is who selects what reaches the backend: predetermined code or a model reasoning over a changing conversation. The action model REST APIs tend to expose focused, fine-grained operations that application code can compose. Keeping endpoints simple and stable limits regressions because a developer has already written and tested the workflow that connects them. With MCP, the agent often

2026-07-12 原文 →
AI 资讯

Tokens and DAOs: The Real Technical Problems Behind On-Chain Communities

Tokens and DAOs are often presented as simple ideas: issue a token, distribute ownership, let the community vote, and build a decentralized organization. In reality, the technical problems behind tokens and DAOs are much deeper. A token is not only an asset, and a DAO is not only a voting system. Together, they create an economic, governance, security, and coordination layer that must work reliably in a hostile, open environment. The first major problem is token design. Many projects treat token creation as a deployment task, but the real challenge is defining what the token actually controls. Does it represent governance power, protocol revenue, access rights, reputation, staking weight, or all of these at once? When one token is used for too many purposes, the system becomes fragile. For example, a token designed for liquidity may not be suitable for governance, because the most active traders may not be the most aligned decision-makers. Good token architecture should separate economic utility, governance authority, and long-term reputation where possible. The second problem is distribution. A DAO can be decentralized in branding but centralized in practice if token ownership is concentrated among founders, investors, or early insiders. On-chain governance depends heavily on voting power, so distribution directly affects decision quality. Poor distribution creates governance capture, where a small group can control treasury spending, protocol upgrades, or parameter changes. This is not only a social issue; it is a technical design issue. Vesting contracts, delegation systems, quorum rules, voting delay, and proposal thresholds all influence whether governance is resilient or easily manipulated. Another core issue is governance security. DAO voting is not automatically safe just because it happens on-chain. Token voting can be attacked through flash loans, bribery markets, vote buying, low-participation proposals, and governance fatigue. If a malicious proposal pas

2026-07-12 原文 →
AI 资讯

Failure Engineering Explained by Uncle to Nephew — Episode 2: Types of Failures

Episode 1 established the mindset: failure is normal, not a sign of bad engineering. Episode 2 gets specific — you can't detect or handle a failure you can't even name. Saturday, Round 2 👦 Nephew: Uncle, last time you convinced me failure is basically guaranteed. Fine, I accept it. So what actually fails ? 👨‍🦳 Uncle: You tell me. Start listing things that could go wrong in your app right now. 👦 Nephew: Uh... the server could crash. The database could go down. My code could have a bug. 👨‍🦳 Uncle: Keep going. 👦 Nephew: The network? Someone could deploy the wrong thing? Payment gateway dies mid-checkout? 👨‍🦳 Uncle: You just named six of the seven categories without trying. You already know this. You've just never sorted it. 1. Hardware Failure 2. Software Failure 3. Network Failure 4. Database Failure 5. Third-Party Failure 6. Human Error 7. Resource Exhaustion 👦 Nephew: Then why do we need the list at all, if I already know it instinctively? 👨‍🦳 Uncle: Because "instinctively" isn't fast enough at 2 AM. Let's trace each one properly. Part 1 — Hardware Failure 👦 Nephew: This one's obvious anyway — I deploy to AWS. The cloud hides hardware failure from me. 👨‍🦳 Uncle: Does it? 👦 Nephew: ...doesn't it? That's the whole point of paying for EC2 instead of buying a server. 👨‍🦳 Uncle: Let's trace it. Your app sits on an EC2 instance. What's underneath the instance? 👦 Nephew: Virtual machine stuff, I guess? 👨‍🦳 Uncle: And underneath that ? 👦 Nephew: ...an actual physical machine somewhere. In a data center. 👨‍🦳 Uncle: There it is. Your app | "Virtual" server (EC2/Droplet) | ACTUAL physical hardware somewhere in a data center | Still capable of failing — just less visible to you 👦 Nephew: So it's not hidden. It's just one layer further away than I thought. 👨‍🦳 Uncle: Exactly. AWS absorbs a lot of it — that's part of what you're paying for — but disks still fail, instances still get abruptly terminated, whole availability zones still go down. That's Hardware Failure . Hardware Fa

2026-07-12 原文 →