今日已更新 287 条资讯 | 累计 20259 条内容
关于我们

标签:#Rust

找到 278 篇相关文章

AI 资讯

Rust Was Not the Silver Bullet I Expected for Our Treasure Hunt Engine

The Problem We Were Actually Solving I still remember the day our treasure hunt engine started to show its weaknesses. We had been using a custom-built solution written in Java, and it had served us well until our user base grew exponentially. The engine, which relied heavily on recursive searches and dynamic memory allocation, began to cause performance issues and occasional crashes. Our team was under pressure to find a solution that would allow our server to scale without sacrificing the user experience. After some research, I became convinced that Rust was the answer to our problems. Its focus on memory safety and performance seemed like the perfect fit for our needs. What We Tried First (And Why It Failed) Our first attempt at solving the problem was to simply translate our Java code into Rust. We thought that the language's built-in features would automatically solve our performance and memory issues. However, we quickly realized that this approach was not going to work. The Rust compiler was complaining about lifetime issues and borrow checker errors, which we did not fully understand at the time. We spent weeks trying to fix these issues, but our code was still not stable. I recall one particularly frustrating error message from the Rust compiler: error: cannot borrow self.list as mutable because it is also borrowed as immutable. It was then that I realized we needed to take a step back and rethink our approach. The Architecture Decision We decided to start from scratch and redesign our treasure hunt engine with Rust's strengths in mind. We chose to use a graph-based data structure, which allowed us to take advantage of Rust's ownership model and avoid common pitfalls like null pointer dereferences. We also made use of the crossbeam crate for parallelism and the tokio crate for async I/O. This new design required us to think differently about our problem domain, but it ultimately led to a more efficient and scalable solution. I was impressed by the level of

2026-05-30 原文 →
AI 资讯

I built a cryptographic audit receipt for Claude Mythos (and any AI model) — here's how it works

Anthropic's Mythos model can autonomously find zero-day vulnerabilities. Their CVD disclosure process uses manual SHA-3-512 hash commitments to prove findings existed. I built something that automates that in one line of Python. What AetherProof does One function call generates a 128-byte Ed25519-signed receipt that proves: What model ran — FNV-1a hash of provider/model ID What it produced — hash of the output When — cryptographic nanosecond timestamp Tamper-evident — flip any byte anywhere → INVALID python import aetherproof receipt = aetherproof.for_anthropic( "Find vulnerabilities in this binary.", finding_text, model="claude-mythos-preview" ) receipt.save("CVE-2026-001.receipt") print(receipt.verify()) # True Try it in 30 seconds pip install aetherproof python -c " import aetherproof r = aetherproof.for_anthropic('question', 'answer') print(r.verify()) # True print(r.pretty()) " The unusual part — invisible Unicode watermarking Receipts embed invisibly into any text using Unicode Private Use Area codepoints (U+E000–U+E0FF). AI output carries its own audit trail. Works in any language — Arabic, Chinese, Devanagari, Hebrew, Thai, Japanese all tested. signed_output = aetherproof.embed(ai_response, receipt.to_bytes()) # Text looks identical. Receipt is inside. aetherproof.verify_embedded(signed_output) # True Numbers 187 tests, 0 failures 128/128 byte flips all detected 1000/1000 tamper probes pass Cross-language: Python generates, Rust CLI verifies 15,446 receipts/sec (Python) · 5,472/sec (Rust) Why AGPL-3.0 Free for open source. Commercial use needs a license. This is the compliance layer under your AI stack — it should be open, auditable, and not vendor-locked. GitHub https://github.com/pulkit6732/aetherproof Built by Pulkit. Feedback welcome.

2026-05-29 原文 →
AI 资讯

Secure Your Microservices: Meet Halimun, the High-Performance Encrypted Proxy

Meet Halimun Proxy a high-performance, ultra-low latency proxy tunnel system built from the ground up in Rust. Why Rust? By leveraging Rust , Halimun achieves extreme efficiency. Using the Axum web framework and Tokio for non-blocking asynchronous I/O, it manages to maintain a tiny footprint—running on as little as ~15MB of RAM . It’s designed to be fast, memory-safe, and incredibly stable under load. Core Security Features Halimun isn't just a proxy; it’s a security layer. It enforces strict request validation to ensure your internal services are never exposed to malicious actors: AES-256-CBC Encryption: End-to-end payload masking. Even if your traffic is intercepted, the actual API endpoint and data remain indecipherable. HMAC-SHA256 Integrity: Validates that data hasn't been tampered with in transit. Replay Attack Prevention: Uses Nonce and timestamp verification in-memory (via DashMap ) to reject duplicate spoofed requests. SSRF Protection: Built-in mechanisms to prevent attackers from targeting your internal network infrastructure (e.g., 127.0.0.1 ). Camouflage Routing: It hides your actual API structure behind random, dummy URL segments, making traffic profiling by WAFs or human analysts nearly impossible. Quick Start (Docker) Halimun is "Docker-ready," making it easy to drop into any existing infrastructure. 1. Configuration First, generate your encryption keys using the built-in generator: # Generate keys and save to .env docker build -t halimun-proxy . docker run --rm halimun-proxy ./halimun-proxy --keygen --format = env > .env 2. Deployment Configure your config.yaml to map your backend services, then launch your cluster: docker-compose up -d Your production proxy is now live, listening securely on port 80 while your backend services remain completely secluded within a private Docker network. Under the Hood: Request Lifecycle Halimun uses an encrypted tunnel approach. A typical request follows this structure: POST /proxy/1/SEGMENT1/SEGMENT2/SEGMENT3/SEGMEN

2026-05-29 原文 →
AI 资讯

I Built a Neural Network from Scratch in Rust — Then Compiled It to WebAssembly

A complete ML pipeline: engine, backprop, binary format, and a live browser demo. Zero dependencies. Under 200 KB total. If you have built machine-learning projects before, you have probably done it by importing PyTorch, TensorFlow, or scikit-learn and calling .fit() . Those are excellent libraries. This article is about what happens when you deliberately do not use them — when you build every piece of the pipeline yourself, in a language that compiles to WebAssembly, and the result runs live in the browser with no server, no Python, and no cloud bill. Here is the live demo: move four sliders, watch the predicted Iris species update in real time. The model is running entirely inside your browser tab, loaded from a 1.1 KB binary file, powered by ~100 KB of WebAssembly compiled from pure Rust. This is the story of how I built it and why the engineering choices made it work. Why Rust? Why WebAssembly? Why zero dependencies? Three constraints drove every design decision. WASM requires no_std or a carefully limited std . The wasm32-unknown-unknown target has no operating system, no file system, and no libc. A crate that links against rand , ndarray , or any library that makes OS calls will not compile to it without significant plumbing. An engine built from nothing but the Rust standard library compiles cleanly to every target, including WASM. A zero-dependency std -only crate is uniquely auditable. There are no transitive dependency trees to vet, no supply-chain risks, no version conflicts. Every line of code that runs in the user's browser lives in this repository. The deployment story becomes the technical story. A 100 KB WASM blob that runs locally in the browser is not just a cost optimisation — it is a privacy guarantee (user inputs never leave the machine) and a latency guarantee (inference is microseconds, not a round trip to a cloud API). That story is only possible because the engine has no external dependencies that would bloat the binary. The architecture: ei

2026-05-29 原文 →
AI 资讯

This Rewrite Isnt the Constraint: How a 300ms Tail Latency Hunt Led to a New Event Pipeline

We were burning 400ms in p99 tail latency on a core event-processing path in Veltrix. The upstream teams kept blaming the network, but the numbers didnt lie—64% of the time was spent inside the JVM, specifically in sun.misc.Unsafe.park during GC pauses. Every time we hit 80% heap pressure, the throughput collapsed and we lost 300k events per minute. That was the exact moment I stopped believing in the JVM as the runtime and started looking at the system boundary. The first attempt was aggressively tuned HotSpot with G1GC and pinning the critical threads to their own NUMA nodes. We set -XX:MaxGCPauseMillis=20 , -XX:+UseNUMA , and even migrated to Azul Zulu Prime because its handling of large heaps was supposedly better. The p99 dropped to 280ms, but the GC telemetry still showed a sawtooth pattern of 30–40ms spikes every 230ms on a 16GB heap. Profiling with JDK Flight Recorder told us 18% of CPU time was spent in card-table scanning. At that point I knew we were fighting the runtime, not the problem. The event pipeline was small—just JSON parsing, enrichment, and a single RocksDB write—but the JVMs generational collector couldnt stop moving objects. The architecture decision came during a four-day blackout window after a failed Blue-Green deploy. Three of us sat in a war room with a single Grafana dashboard showing 100% CPU steal time on the Kubernetes nodes. We had two choices: squeeze more life out of the JVM by manually balancing the heap or rewrite the critical hot path in Rust and give the compiler full control over memory layout. The Rust option meant losing the JVM ecosystem (no more async-profiler, no more one-liner heap dumps) but gave us stackless futures, zero-cost abstractions, and compile-time memory safety. We chose Rust. We forked the Cargo.toml wed used in a sidecar for metrics and started porting the event collector. The numbers after the rewrite told the story. We recompiled the same two endpoints— POST /events and GET /aggregates —and served them f

2026-05-29 原文 →