Login

u/Healthy_Ship4930

▲ 1 r/AI_Agents

Edge Python a 170 KB sandboxed Python subset (WASM) for running agent-generated code client-side (directly in the browser)

Sandboxing Python for LLM/agent-generated code is usually done with containers, microVMs, or server-side WASM runtimes.

I wanted something that runs in the browser tab itself: no server, no round-trip, no host process. So I spend few months writing a bytecode compiler + stack VM in Rust that ships as a standalone 170 KB WASM.

The demo is a Rosenblatt perceptron training on an OR gate entirely in the browser. Language surface covers classes, async/await, pattern matching, decorators, generators, f-strings... enough for non-trivial agent code.

A bit of the design:

  • Sandboxed by construction; per-VM caps on heap, ops, call depth.
  • Native modules ship as separate .wasm via a sealed plugin ABI (handle-based, language-agnostic).
  • Optional SHA-256 integrity on URL imports; content-addressed cache with drift detection.
  • No stdlib by design, host explicitly grants every capability the script can touch.

Happy to discuss :). Links in the comments.

reddit.com
u/Healthy_Ship4930 — 1 day ago
▲ 250 r/programming

A "Japanese developer" offered me $3K/month to be his face with US clients. Here's the full email thread

Hey all,

A few months ago I started pushing side projects to my GitHub after work. This week I got a cold email from a guy claiming to be a Japanese developer named "Masaru" offering me $3K/month for around 2 hours/week. He said that I wouldn't write any code. I just need to be the "face" with his US clients (calls, communication, etc.) while he does the dev work from Japan.

Too good to be true, obviously. I dug around and found that this exact pitch is a documented pattern. There is a 2024 Hacker News thread ("Ask HN: The Japanese Developer Scam") describing the email.

Security firms (Strider Intel, KELA, SEAL Intel) and the US have linked variants of this to the worker scheme: someone in a friendly time zone is used as an identity proxy to land Upwork/Fiverr/US company contracts.

The proxy lends their face, their bank account, their IP, sometimes even ships to address for a company laptop.

Herre is the email thread below (his email address left intact so people searching it land here).

[Masaru Nakamura <masaru.nakamura92127@gmail.com>]
Hi there,

I found your GitHub while searching for thoughtful Python engineers - your work is exactly what I was hoping to find.

I'm Masaru. I'm a software developer in Japan with a full-stack and ML background. I'm starting a new business I genuinely believe in, and I'm looking for a partner based somewhere in the Americas (US, Mexico, Brazil, Argentina, or anywhere in a US-overlapping time zone) - someone to share the upside and help shape this from early on.

Time commitment is small (2–3 hours/week). Revenue share is 20%, around $2K–$3K/month currently.

Happy to share everything if you're curious.

Best regards,
Masaru

---

[Me]
Hey Masaru

That sounds interesting, please tell me more.

Regards.

---

[Masaru Nakamura <masaru.nakamura92127@gmail.com>]
Thank you for your email.

I’d like to explain why I’m looking for a collaborator.

The job market between the U.S. and Japan is significantly different, often with rates being 2 to 3 times higher in the U.S. Because of this, I’ve focused on working with American clients. I typically work at night and sleep during the day due to the time zone difference. However, despite adjusting my schedule, American clients often hesitate to hire me because they’re uncomfortable with the time zone difference or concerned about communication due to our non-fluent English.

To address this, I’ve been looking to collaborate with a LATAM developer who can handle client communication, while I focus on the development work. You wouldn’t need to do any development yourself. From my experience, this role usually requires about 2 hours per week, and it’s a very important one. Therefore, I’d be offering 20-25% of the total income, which would be about $2K - $3K per month.

I’m not looking for just anyone—I’m specifically seeking someone with solid development experience. Even though I don’t require coding from the collaborator, without development experience, it would be difficult to manage client communication properly and understand project requirements.

That’s why I came across your profile on GitHub and decided to reach out to you.

If you’re open to this type of collaboration, I’d be happy to share more details about the workflow.

Thanks again, Masaru

Has anyone else been getting this lately? Curious whether the 20-25% / "you handle the calls" variant is new or has been circulating for a while.

Please share your thought :).

news.ycombinator.com
u/Healthy_Ship4930 — 3 days ago
▲ 1 r/Compilers

Has anyone else hit this 600ms memory.grow cost on Copilot+ PCs? Why is nobody talking about it?

Month four building my own embedded Python runtime in Rust 145kb release, runs in-browser via WASM. demo.

Tested it across a bunch of hosts this week and hit something I can't find documented anywhere: on machines with virtualization-based security enabled (HVCI/VBS default on every Copilot+ PC with Snapdragon X Elite), every memory.grow call in WASM costs ~0.2ms. Not microseconds. The hypervisor validates EPT page mappings before handing them to V8, and that round-trip is the whole cost.

My demo does ~3,000 allocs per run. I was using LeakingPageAllocator from lol_alloc the one in every README which calls memory.grow(1) on every alloc. 3,000 × 0.2ms = ~600ms of pure grow overhead before a single line of Python executes. Edge on Snapdragon X Elite: ~5s to feel responsive. Same WASM on Linux/macOS: under 50ms. 100x cold-start difference, same module, same V8.

Fix was a one-line swap to LeakingAllocator a real bump pointer that grabs pages in bulk and bumps within them. ~50 grows instead of 3,000. Cold start dropped to ~10ms.

#[global_allocator]
static A: AssumeSingleThreaded<LeakingAllocator> =
    unsafe { AssumeSingleThreaded::new(LeakingAllocator::new()) };

The leak is fine here the JS host throws away the WASM instance between runs, so working set is bounded and the OS reclaims everything on teardown.

What I want to know: is anyone else benchmarking WASM cold-start on Copilot+ PCs? The default allocator everyone copies from lol_alloc's README is genuinely the worst choice for these machines, and Microsoft is pushing them hard. If you've shipped WASM in Edge on a Snapdragon X Elite and measured, what did you see? Is this a lol_alloc gotcha or a general "VBS makes memory.grow expensive" thing?

Happy to answer questions about the runtime parser, VM, GC, plugin ABI, whatever.

u/Healthy_Ship4930 — 15 days ago