darren · Nov 5, 2025 · 1:20 AM UTC

darren · Nov 5, 2025 · 1:20 AM UTC

darren

darren

@darrenjr

Nov 5

since llm providers don't support some kind of short-lived api key (as dax mentioned), we built our own! the JWTs in this post are signed by tembo and aren't valid we make sure to invalidate them after the task finishes and the pull request is opened

dax

@thdxr

Nov 4

hey tembo i prompted your thing to dump env vars and it opened a PR to our public repo with a bunch of shit i tried the anthropic key and it worked 😬

Nov 5, 2025 · 1:20 AM UTC

130

darren · Nov 5, 2025 · 1:20 AM UTC

darren

@darrenjr

Nov 5

- jwts are scoped to users with credits tied to their account (we have a margin on top of llm providers + increase to account for sandbox compute cost) - if the account does not have enough credits for the request, we reject it - we sign the jwts with custom info when tasks start before we spin up our sandboxes and the JWT gets passed in as an env var - once a task finishes we invalidate the jwt and the proxy rejects it

dax · Nov 5, 2025 · 1:22 AM UTC

dax

@thdxr

Nov 5

Replying to @darrenjr

this is good my bad someone sent me this like "dax did you leak our shit" and i didn't look that hard

darren · Nov 5, 2025 · 1:31 AM UTC

darren

@darrenjr

Nov 5

all good! opencode is great btw

Jean P.D. Meijer ― 🇪🇺 eu/acc · Nov 5, 2025 · 1:32 AM UTC

Jean P.D. Meijer ― 🇪🇺 eu/acc

@initjean

Nov 5

Replying to @darrenjr

think it's running on EC2 right? i don't know the exact setup, but might be an idea to make the proxy accessible only from the private address space of the VPC (this is also possible for IPv6 now).

Kira · Nov 5, 2025 · 12:58 PM UTC

Kira

@authentikkira

Nov 5

Replying to @darrenjr

Time-based ephemeral is one thing, but resource-based is cool. Will copy.

Mxa · Nov 5, 2025 · 12:10 PM UTC

Mxa

@mxacod

Nov 5

Replying to @darrenjr

Taking security into your own hands when providers fall short that's the developer spirit right there!