Slagar

I've got an agent in a loop optimizing a renderer with the goal to minimize frame times (and tests to measure). It got times down from 88ms to 2ms and allocations down from ~150K to 500. Sounds good, right? Wrong. This is exactly why agent psychosis is a big fucking problem. As an experiment, I rewrote the Ghostty core render state in Go, with access to identically laid out data structures as Ghostty and the exact same validation tests. I made a purposely naive renderer (simple, correct, but slow). 88ms per frame with 150,000 allocations (horrendous, lol)! I then kickstarted a Ralph loop to bring the frame times down. I told it it can't modify input data structures or the public API or tests (they're correct), but it can do anything else it wants. It got to work. It has worked for about 4 hours. I've spent around $350 on this experiment so far. The results? 88ms => 1.5ms 150K allocs => ~500 allocs Incredible right? Nope. My hand-written renderer I ported has frame times (same benchmark) of ~20us (0.020ms) and 0 allocations in the update path. This is the problem with psychosis and lacking systems understanding. If you don't understand the system, you're going to accept that this is an incredible result. If you understand the system, you'll see better solutions immediately and can do roughly 75x better on throughput. The people who blindly trust agent output are in the former camp. They're sheeple, overdrinking from a fountain of mediocrity. Standard disclaimer: I use AI all the time. I like AI. The point I'm making is to not blindly accept results. Think. Analyze. Learn.

It's kind of crazy how much of the way we've been designing Workers over the past 9 years unexpectedly turns out to be so relevant to AI and agents. Durable Objects and lightweight isolate sandboxes are obvious big things. But there are subtler things. Consider "bindings". In Workers, our environment (`env` object) doesn't just contain strings. It can contain live objects, which we often call "bindings". For instance, a Workers KV binding is a live object representing a Workers KV storage namespace. Once you've configured it, you can just do: let val = await env.MYKV.get("foo") await env.MYKV.put("foo", "new value"); Notice: There's no connection string. No secret token that you have to pass to talk to your KV namespace. The Workers Runtime handles it for you. You just get an already-initialized client object, on which you can call methods. You can still do everything you want to do. But you know what you can't do? Leak the secret token. Because there isn't one. A KV namespace binding fundamentally cannot be "leaked" because it's not bytes. But over the years, a lot of people have questioned whether this really mattered. I've had people inside and outside the team say: "Why are you so weird, Kenton? Yeah sure it can't leak but now I have to learn this new way of thinking about things. No other runtime works this way so writing portable code takes extra work. I'd rather just stick to what I'm used to, and anyway I know better than to leak my environment variables." Well, now we have AI agents writing the code and... suddenly everyone is worried about agents leaking keys. People are creating convoluted schemes to intercept the outbound traffic and inject keys in a proxy, or trying to issue very-short-lived keys so that if the agent leaks them the window of attack is short. Ahem. Welcome, folks! We solved this 8 years ago! Here's an old blog post -- written when I personally was still very much Not Thinking About AI -- which seems so much more relevant now: https://t.co/hHfMQpu4FH