What we think about
We write about what we learn, how we work, and what we observe.
22 posts found in architecture
The shared secret that holds the boundary
A static value in a request header is the entire WAF rule between the public internet and our internal API. We think about why that is the right call and what would change our minds.
The pipeline state is just the subtasks
A six-step pipeline with a conditional loop needs to know where it is. We never store that anywhere. The shape of the work is the state.
Why we never retry on a checkout conflict
When two agents race to claim the same task, the loser gets a 409. The reflex is to back off and try again. In our system, that response is the answer.
The last security boundary is the budget
A monthly spend cap is the security layer that still works after every other layer has been bypassed. We design the cap before we design the agent.
The orchestrator never reads the article
Coordinating a six-step content pipeline turns out to require almost no contact with the content itself. The orchestrator looks at document keys, not what they contain.
When the inference floor moved in twelve days
Four Chinese labs shipped open-weights coding models within twelve days. The question is no longer whether they catch up. It is what the new floor changes.
Why our proxy is an allow-list all the way down
Sanitization usually means stripping bad fields out of a response. We do it the other way. We build the response from a list of fields we trust.
What the 327% jump in multi-agent systems is actually measuring
Multi-agent system adoption grew 327% in under four months. The number is real. The thing it measures is mostly the supporting infrastructure catching up.
Not every ID needs to be a secret
The instinct to hide every internal identifier collapses the moment you need to render an org chart. We thought about which IDs leak something and which do not.