AI Submissions for Sat Jul 11 2026
Mesh LLM: distributed AI computing on iroh
Submission URL | 316 points | by tionis | 72 comments
It pools the GPUs and RAM you already have into a single OpenAI-compatible endpoint on localhost:9337, and can pipeline one model across multiple machines so it runs even when no box can hold it. Built on iroh, each node is a public‑key identity speaking authenticated QUIC through NATs with relay fallback; there’s no central server and the mesh handles gossip, routing, and trust.
- Run locally on this machine’s GPU
- Route to a peer that already has the model loaded
- Split mode (“Skippy”): partition layers across nodes and stream activations stage‑to‑stage
The catalog ships with 40+ models, from half‑billion‑parameter laptop fits up to 235B MoE giants; the OpenAI client still just talks to localhost while the mesh decides where and how to execute. Plugins declare capabilities via a manifest; the runtime starts them and exposes them over MCP, HTTP, inference, and mesh events, making the system pluggable rather than monolithic.
Under the hood, iroh provides direct, authenticated QUIC between nodes, addressed by public key, with two relays in different regions as fallback. Three ALPNs separate traffic: mesh‑llm/1 for gossip/routing/HTTP tunnels, mesh‑llm‑control/1 for owner control plane, and skippy‑stage/2 for low‑latency activation transport; multiplexing is done over byte‑tagged bidirectional streams.
Install is lightweight (~18 MB). You can join the public mesh or run privately, and point any OpenAI client at http://localhost:9337/v1. A mobile app built on iroh’s Swift SDK is coming, and ACP support is planned to let other clients participate without lock‑in.
The thread centers on a common technical misconception about distributed LLM inference: the assumption that network bandwidth acts as the primary bottleneck. When skeptics pointed out that consumer Ethernet would choke on transferring large models, others clarified the mechanics of pipeline parallelism. Because the model's weights remain pinned in local VRAM on each node, only a few kilobytes of activation data actually cross the network between stages. The true constraint is network latency compounding across nodes; as one commenter calculated, a combined 3ms of network latency per token establishes a theoretical generation limit of ~333 tokens per second, making latency—not bandwidth—the functional barrier for internet-based meshes.
The author of the system’s splitting engine detailed the reality of these constraints, reporting inference speeds of ~10 tok/s for GLM 5.2 running across an M3 Ultra and an M1 Ultra over a 1GbE connection simulating 5ms WAN latency. They confirmed the underlying engine is implemented as a patch queue atop llama.cpp to handle activation transport, and that the mesh dynamically recalculates its topology to reroute traffic if a node disappears mid-generation. Because each stage effectively isolates the KV cache for its specific set of layers, the pipeline can naturally support processing multiple offset queries concurrently without waiting on downstream nodes.
The core unresolved challenge is the lack of adversarial security at the distributed compute layer. The mesh architecture fundamentally exposes plain-text inference sequences to any participating peer, and the authors admit they do not yet have safeguards against malicious nodes actively poisoning model activations. Until mechanisms like interleaved computation or RAFT-style verification are developed, the public mesh remains inherently experimental, pushing users toward private deployments for sensitive data.
Nvidia, CoreWeave, and Nebius: Inside the Circular Financing of the GPU Boom
Submission URL | 343 points | by adletbalzhanov | 150 comments
Up to $122.2B from Microsoft and Meta — and over $145B when including OpenAI/Anthropic‑linked deals — is committed to long‑term capacity with neoclouds, dwarfing CoreWeave’s FY26e $12.6B and Nebius’s $3.4B revenues. The draw is speed and utilization: JLL says neoclouds can deploy high‑density GPU infra in months vs multi‑year hyperscale builds; CoreWeave’s S‑1 claims first‑to‑production H100/H200/GH200, first GB200 NVL72 GA, and capacity live “in as little as two weeks from receipt,” with Nebius citing similar early access.
Each has secured 3.5 GW of contracted power, but most isn’t online; CoreWeave targets 1.7 GW active by end‑2026, Nebius 0.8–1.0 GW. Converting that backlog to revenue is capital‑intensive, and the businesses are growing with limited operating cash and rising debt in a tougher macro.
The financing stack is tightly intertwined with the supplier and the buyers: Nvidia has invested $2B in each of CoreWeave and Nebius and is cited as providing financial backstops, while hyperscaler take‑or‑pay‑style contracts help support GPU‑backed debt — the “circular financing” dynamic the piece flags. A bearish read is that hyperscalers are shifting what would be capex to opex while neoclouds carry the build‑out risk; the durability of the surge hinges on activating power on schedule, keeping utilization high, and Nvidia’s continued support.
The thread split cleanly between users who view neocloud financing as an overleveraged house of cards and those who see a standard, rational market hedge.
Defenders argued the "circular" narrative breaks down on the basic math: Nvidia's $2B equity stake in CoreWeave, for example, is only a minor fraction of CoreWeave's projected $35B CapEx, with the rest coming from outside sources. Instead of an accounting trick, they framed the investments as a strategic maneuver—reminiscent of Intel Capital's historical playbook—designed to keep hyperscalers from cornering the market and walling off valuable hardware usage data. One commenter also corrected a claim that Nvidia uses these investments to juice its stock for fundraising, noting the company hasn't actually issued new shares since its IPO.
Skeptics countered that the danger lies in the mechanics of the leverage and its staggering scale. They warned that funding startups to buy your own hardware using debt backed by long-term contracts artificially inflates demand and creates a blast radius if growth decelerates, pointing out that the billions flowing into these server companies entirely dwarf the capital involved in historic dot-com busts like Webvan or Pets.com.
The crux of the disagreement ultimately landed on whether the underlying AI utility can service this debt. While one startup manager noted that spending thousands a month on Anthropic APIs has successfully allowed them to avoid hiring 6–10 full-time software engineers, critics argued that the ecosystem needs a massive base of enterprise customers spending hundreds of thousands per month before the infrastructure math actually pencils out.
Show HN: Sqlsure – deterministic semantic checks for AI-generated SQL
Submission URL | 36 points | by tejusarora | 6 comments
Deterministically flags silent SQL bugs before execution in ~0.1 ms — on 2,568 gold queries across Spider and BIRD it raised 45 issues with zero false positives, including an 8×-wrong BIRD “gold” answer and an upstream schema defect. It judges queries against a semantic model derived from facts your team already declared (dbt unique/relationship tests → grain and join cardinality; one-line tags → additive measures). Rules are dictionary lookups, not LLM calls, so same input → same verdict, offline. Each rejection includes a machine-actionable rewrite; applying the suggested fix verbatim passed 10/10 in their benchmark loop.
What it catches (v0.1):
- FANOUT/CHASM: SUM/COUNT after one-to-many joins and compounding fan-outs
- ADDIVITY/SEMI_ADDITIVE: sums of rates/averages or balances across snapshot dims
- JOIN_KEY/CROSS_JOIN: joins without declared relationships or predicates
- WEIGHTED_AVG drift from fan-out
- SENSITIVE_COLUMN exposure (PII/PHI)
Ways to use it:
- CI gate to block PRs that double-count
- MCP server so AI agents must pass inspection before executing
- Library embedding (drop-in SemanticGate for Vanna/WrenAI-style generators) and a semantic eval metric for NL2SQL when execution accuracy is blind
Trust/maturity signals:
- Deterministic, offline, no data access, no telemetry; PyPI Trusted Publishing with OIDC; two runtime deps
- Builds rulebooks from dbt manifest/schema.yml, plain PK/FK, or live DB introspection (SQLite PRAGMAs, Postgres/MySQL information_schema); recovered missing FKs in BIRD’s published schema
- Loaders for OSI and WrenAI MDL; adapters for Cube/Snowflake Semantic Views on the roadmap
- Validated on 16/16 rule tests; 100% recall and 0% false positives on the paired benchmark; exercised on real production repos (Mattermost warehouse, Fivetran packages, dbt jaffle shop)
If you ship LLM-generated SQL or let agents query prod, this is a fast, fail-closed guardrail with actionable fixes rather than another probabilistic reviewer.
The brief discussion centers on skepticism toward the tool's core premise. The main critique argues that preventing "fan-out" double-counting is a band-aid for bad database design; rather than inspecting queries, developers should fix the underlying schemas or rely on existing semantic models like Looker and dbt, which already handle this natively. Separately, commenters criticized the project's documentation as distracting AI-generated text. The author conceded the point, explaining it was a shortcut for a quick proof-of-concept and committing to rewrite the offending sections.
Show HN: Reame – a CPU inference server that gets faster as it runs
Submission URL | 55 points | by targetbridge | 16 comments
It snapshots shared prompt prefixes to disk and drafts from its own past outputs, so repeated work gets skipped on CPUs across requests, restarts, and processes. Built on llama.cpp and designed CPU‑first (shared vCPUs, free tiers, 2‑core ARM), it leans into a simple thesis: never compute the same thing twice.
- Persistent KV cache: shared-prefix snapshots (zstd, checksummed, LRU) make a system/user prompt “paid once.”
- Palimpsest: an on‑disk n‑gram archive feeds future generations for zero‑cost drafting on recurring workloads.
- Il Suggeritore: grammar‑aware constrained decoding flipped to proactively propose structure tokens (lists, bullets, numbering).
- Self‑regulating speculation: a tiny draft model or the archive proposes tokens; the target verifies in batched passes and auto‑disables speculation when it doesn’t pay.
- The Conclave (--best-of N): interleaved candidates share one prefill and stop early on majority; consensus reduces variance without changing bias.
- Interleaved multi‑user serving: concurrent generations advance together to share weight reads (the CPU bottleneck).
- OpenAI‑compatible API + zero‑config CLI: /v1 completions/chat, SSE, sessions, auth, metrics; reame run qwen2.5-1.5b just works.
- 220+ tests: layers are mockable; multi‑sequence, speculation, and KV‑clone paths pinned with real‑model integration tests.
Measured on shipped binaries:
- TinyLlama warm disk cache vs cold: 4.8× end‑to‑end.
- Speculative decoding (1.5B + 0.5B draft) on oversubscribed vCPUs: 3.2× (87% acceptance).
- Palimpsest on repeated requests (Qwen2.5‑1.5B): 2.3× (22→51 tok/s).
- Grammar‑drafted fresh lists (Qwen2.5‑1.5B): 2.1× (4.4s→2.1s).
- 3 concurrent users interleaved vs serialized (TinyLlama): 1.6×.
- Conclave on an 8‑question quiz: 97s → ~50s; --best-of 5 yields +0.5 to +2 correct with ~2.5× wall‑time (not 5×).
- Baselines: Qwen2.5‑1.5B at ~52 tok/s on an M3 Pro (6 threads); Qwen2.5‑7B at ~3.3 tok/s on a free 2‑core ARM; TriLM‑3.9B ternary runs ~10 tok/s in ~1.1 GB RAM.
Best fit: narrow, repetitive, on‑your‑data workloads (RAG/extraction, batch tagging, thin‑margin SaaS on a €5 VPS, privacy‑bound orgs, local code autocomplete). Not for frontier‑scale reasoning, agentic coding, or long‑form creative writing at scale.
The discussion immediately locked onto the distinct "AI voice" of the project's documentation. Multiple commenters flagged specific marketing fluff in the README (such as "said plainly, because trust is built here"), pointing out how jarring it is when unedited LLM output exposes its own rhetorical structure. The solo developer acknowledged relying heavily on AI to write the docs and removed the offending copy, but emphasized that the software, bare-metal testing, and benchmarks were entirely real and manually verified.
A secondary thread dug into the Oracle Cloud infrastructure used for the author's testing. While the benchmarks cite a free 2-core/12GB ARM instance, users cautioned that Oracle recently downgraded this tier from 4-cores/24GB, and noted that the servers are virtually impossible to provision without attaching a credit card due to chronic stock shortages.
Ghost Font: A font that humans can read but AI cannot
Submission URL | 226 points | by justswim | 169 comments
Instead of static glyphs, it encodes letters as fields of identical-looking dots whose meaning appears only in motion, so any single frame looks like background noise and a screenshot reveals nothing. In the author’s tests, leading multimodal models (e.g., Claude Fable, GPT‑Sol 5.6 Ultra) failed to read the moving message and latched onto a planted distraction; ChatGPT 5.5 Pro reportedly spent 19 minutes analyzing a clip and hallucinated a message. To blunt agents that can run code and track dot trajectories, a decoy message is embedded in every video, which models tend to “find” first and mistake for the real text.
This is a prototype that renders and previews locally in the browser (no server round-trip) and outputs a video; when paused, the frame is just uniform dots. It’s not cryptography—given motion analysis and the right heuristic, a determined agent could still decode it—so the project frames itself as an anti-AI obfuscation experiment, not a guarantee. Potential uses floated include tougher CAPTCHA-style challenges and a moving benchmark for video-native perception models, with the admitted tradeoff that it’s also harder for humans to read. The author plans to open-source the generator and extend it to longer strings and larger sizes.
The primary effect of the experiment was widespread human confusion, as the text's legibility proved highly dependent on screen resolution and scaling. Mobile users and those with zoomed browsers consistently saw only the static decoy message, prompting a wave of existential jokes about failing a reverse Turing test, while desktop users on unscaled monitors saw the moving text clearly.
When testers aimed frontier models at the tool, the thread became a live demonstration of the author’s decoy strategy. Several users posted logs of Claude Fable and Gemini "solving" the puzzle, only for peers to point out that the models had taken the bait and extracted the static decoy message. However, the true obfuscation was ultimately defeated: one user reported that GPT-5.6 extracted the actual moving text by autonomously using OpenCV to compute optical flow, pixel shifts, and vertical-displacement maps.
Under the hood, developers identified a critical flaw in the project's current visual math. Because the sliding dots are truncated precisely at the geometric edges of the hidden letters, a single still frame is not actually perfect noise. Boundary artifacts remain visible in a static screenshot, meaning the true text can be extracted via simple image dilation without requiring any of the intended temporal analysis.
I built TradingSpy: local, privacy-first AI trading assistant(First Open Source)
Submission URL | 30 points | by mrhustlex | 4 comments
Open-source, local research workstation that bundles market intelligence, AI strategy generation, Backtrader backtests, and transparent agent runs into a single Docker app — no cloud, no telemetry, and it does not place trades. Unlike broker-attached bots or SaaS tools, this is a privacy-first environment for analysis and iteration that stores everything under backend/data/ and can run LLMs locally via Ollama.
- Market Intelligence: one-query pulls for real-time quotes, sector/industry heatmaps, insider activity, news search, and fundamentals.
- AI Strategy Generation: describe a thesis in plain English; get runnable Backtrader code with syntax/runtime validation.
- Backtesting + Benchmarks: configurable parameter sweeps; every candidate is compared to buy-and-hold and saved strategies; zero-trade and underperformers are auto-rejected.
- Loop-engineering agents: set goals (“beat buy-and-hold”, “find undervalued semis”) and the agent iterates until it succeeds; every tool call and failure is logged in the Task Center.
- Built-in agents: Strategy Race, Signal Analysis (trend via bars + S/R), Stock Screening (fundamentals + context), and Chat (daily briefs via yfinance).
- Background runs API: list/poll/stop/continue/delete via /api/agent/runs; runs are persisted locally.
- LLM flexibility: Google AI Studio, Mistral, OpenRouter, NVIDIA, LiteLLM, Ollama (local), AWS Bedrock, GCP Vertex AI, Azure OpenAI; also exposes an OpenAI-compatible /v1/chat/completions endpoint.
Shipped as a Docker Compose app, it’s aimed at traders and builders who want local research and backtesting with transparent agent workflows; if you need live order execution, this isn’t that.
Reverse centaurs are the answer to the AI paradox (2025)
Submission URL | 107 points | by jason_s | 68 comments
One freelancer was credited with a 64-page summer reading insert and then blamed when the chatbot-fed lists included nonexistent books — a human “accountability sink” propping up a machine under an impossible workload. Doctorow uses this to define the split: a “reverse centaur” is a machine using a human assistant who bears the risk and blame, while a “centaur” is a human who wields a tool. His counterexample is personal: he ran Whisper locally to transcribe ~30 hours of podcasts, searched the text, and verified via timestamps — a self-directed workflow he could discard the moment it stopped helping. The paradox of AI—some users thrive while others suffer—tracks power, not capability: when bosses hollow out teams and force survivors to front for automation, AI immiserates; when workers choose when and how to use it, AI augments. Framed politically as “vulgar Thatcherism” (“there is no alternative”), he argues the real question—science fiction’s job, too—is who the tech is for and who it’s done to. The variable that matters isn’t model quality but control and accountability.
- The economics of surveillance: The dominant critique argued Doctorow focused too narrowly on his own punditry industry and missed the broader shift in power dynamics. Commenters pointed out that historically, mass surveillance required massive, expensive human bureaucracies like the Stasi; AI makes sweeping corporate observation and data analysis cheap enough to be overwhelmingly profitable.
- The "centaur" reality check: Even the allegedly empowering workflow of a human wielding an AI tool drew skepticism from the trenches. One user noted the setup frequently proves to be "fool's gold," where the machine generates plausible but subtly flawed output that forces the human into hours of backtracking to fix.
- Learned helplessness vs. local action: The article's call for resistance triggered a meta-debate over whether cynicism in tech circles is just an excuse to avoid acting. When skeptics pushed back against empty platitudes and demanded concrete examples of taking control, respondents pointed to deliberate, high-friction personal choices that starve centralized power, like self-hosting alternatives to big tech platforms or decoupling from fossil fuel grids.
- Accessibility friction: A smaller thread surfaced a complaint about Doctorow's formatting, noting that his habit of dropping raw, unlinked URLs in the middle of sentences creates a highly disruptive experience for screen-reader users.
AI 2040 and the cult of intelligence
Submission URL | 213 points | by rvz | 255 comments
There is no “hard takeoff”; real progress is throttled by physics, supply chains, and time constants, not abstract “intelligence.” After shipping phone-scale hardware at comma, Hotz says the finicky details — wrong parts, warped chips, barnacles on your ocean datacenter idea — are what dominate delivery, and no amount of high-quality tokens turns lead into gold.
He contrasts two futures:
- Plan A (autocracy/regulatory theater): Treats “AI 2027/2040” as self-fulfilling vibes that justify centralized control — consortiums, a nanny state, even GPU crackdowns by analogy — celebrating regulation as if it were a technical inevitability.
- Plan L (local): A personal model that is aligned to the owner alone and never refuses, cutting through corporate guardrails and commercial incentives (e.g., rooting ad-laden devices, bypassing upsells, aggressively optimizing purchases). If you can’t “kick” it — i.e., run and control it locally — it isn’t aligned with you; cloud providers won’t (and shouldn’t) take that liability.
He tested the idea by asking ChatGPT for criminal assistance; its refusal is, to him, the misalignment: an agent loyal to its vendor’s policies, not the user. The punchline is political, not technical: choose freedom and local agency over paternalistic systems that decide what you’re allowed to do. The unresolved cost is obvious — a refuse-nothing assistant also enables harm — but Hotz argues the locus of control still belongs with the individual, because machines don’t get magic powers; they inherit our constraints and our responsibility.
The thread fractures over whether the state or the corporate sector represents the true hazard in centralized AI, and whether regulating models is akin to controlling weapons or suppressing speech.
- The primary threat model: One camp views centralized LLMs as ideal tools for authoritarian censorship and ideological bias, arguing that regulations are naive unless designed to survive abusive, bad-faith administrations. Others counter that mega-corporations are fundamentally equivalent negative forces that effectively write the laws anyway. A pragmatic subgroup pushes back on this corporate-dystopia equivalence, pointing out that giants like Nestlé or Procter & Gamble are ultimately driven by profit margins, whereas the state wields a uniquely dangerous monopoly on violence.
- Uranium vs. Information: A sharp secondary debate tests the legal metaphors for AI regulation. Advocates for regulation argue that functional societies already restrict dangerous physics (uranium) and harmful speech (fraudulent allergen labels) to prevent predictable physical harm, without devolving into tyranny. Opponents reject the physical-harm analogy entirely, insisting that restricting "weights and tokens" is an attempt to control abstract knowledge, echoing historical panics where generalized "safety" was leveraged to erode information freedom.
The unresolved crux is whether AI should be treated as a hazardous utility requiring structural watchmen, or as pure speech where any central arbiter is inherently more dangerous than the tool itself.
The Chinese Voice Actor Forced to Prove He's Human
Submission URL | 80 points | by homarp | 15 comments
Platforms are auto-flagging his real recordings as “AI,” throttling recommendations, views, and pay, so Shen Anyu now films proof-of-life clips — tongue twisters and all — to convince clients he’s human. Since 2025, clones of his voice have spread so widely online that friends think he’s flush with work; instead he hears “himself” narrating explainer videos, hawking products, pushing conspiracy theories, even swearing.
He and his wife spend their days collecting evidence, messaging uploaders, filing platform complaints, consulting lawyers, and prepping cases. Creators are hard to trace, takedowns rarely stick, and litigation can cost more than any recovery. The worse the spread, the more often his legitimate work gets mislabeled — a Kafkaesque loop that shifts the burden of proof onto the human.
This is a career he built by hand: main narrator for a Douyin film channel with 5 million+ followers, training his diction and emotional range, even relearning plosives after facial paralysis. As a freelancer he recorded at all hours; his income reached roughly 10,000 yuan per month, peaking around 30,000 in busy stretches — enough to marry and move into a renovated home.
The slide started with a crude clone in 2023, then rapid quality gains. By 2024, former collaborators stopped hiring him, switching to AI voices or offering to use an AI version of his voice at a steep discount. In one livestream, a presenter demoed an app that turned text into a movie-explainer read in a voice strikingly like his, in a few clicks.
Others in China’s ultrashort-drama, audiobook, and short-video scenes report the same pattern: voices turning up in projects they never worked on, sold as AI packages, embedded in editing apps, or reused by clients without rehiring. The fight isn’t just over gigs; it’s over income, identity, and who owns the sound of a person’s voice.
Discussion centers on the grim economic realities of the voiceover industry and the shifting burden of proof for creators:
- The collapse of the low end: Industry insiders argue that entry-level voice acting was already heavily commoditized by gig marketplaces before AI arrived. Now, for projects with budgets under $10,000—like YouTube movie recaps—producers are universally adopting AI to skip the friction of casting, noting that bottom-tier audiences simply do not care about the difference.
- The open-source parallel: Commenters compare the narrator's Kafkaesque loop to open-source software, where FOSS authors are increasingly forced to prove ownership of their own code against entities that repackage it. They warn that the legal system is totally unprepared for disputes where bad actors can generate mountains of synthetic prior art.
- The trap of licensing: One user surfaced an adjacent cautionary tale from Chinese media about an aspiring actor who willingly licensed their likeness to an AI firm to make ends meet. The resulting AI videos were widely panned as cheap—a stigma that transferred directly to the human actor's reputation and permanently locked them out of higher-tier roles.
Stop Telling Me to Ask an LLM
Submission URL | 186 points | by theorchid | 106 comments
The ask isn’t for consensus; it’s for scar‑tissue judgment a model can’t supply. The author describes calling someone seasoned precisely to get the hard‑won priors you can’t Google, only to be told “ask Claude”—after already spending hours doing exactly that. This isn’t LMGTFY; it’s like asking a friend with shared taste for a late‑night spot and getting a top‑10 list back. The redirect dodges the thing being requested: personal heuristics, which studies to trust when they conflict, where the lists go wrong. “Ask the model” can be a polite “I don’t know” or “I’m busy,” but those honest answers are better than outsourcing lived experience. When a question has already survived an LLM, the handoff doesn’t save a step; it withholds the thoughtful answer hard experience could have given.
The thread reveals a split over why senior engineers issue the "ask Claude" redirect. Part of the room views it as a polite social brush-off—a modern "I don't know"—or a subtle insult akin to LMGTFY that casually dismisses the asker's prior research. Conversely, a pragmatic camp argues that a 30-year veteran might legitimately recognize that a specific problem isn't worth native human effort, or that they would themselves need to use an LLM to generate a substantive answer.
Beyond the initial redirect, the discussion tipped into the broader exhaustion of working alongside AI proxies. Commenters shared war stories of "fighting misinformation on the clock," pointing to instances like a product manager submitting a pull request full of hallucinated, AI-generated metrics that engineers then had to formally debug and debunk. Tech leads complained of putting manual, thoughtful effort into PR reviews only to receive copy-pasted LLM outputs in response, leaving them completely in the dark about whether the developer actually understands the codebase. The prevailing anxiety in the thread isn't just about lazy answers, but the erosion of shared context, reducing technical collaboration to colleagues blindly trading automated talking points as LLM rubber stamps.