|
|
|
|
|
|
|
|
I design and ship production systems where the boundary between application delivery and systems engineering has to hold. Most of my work is research-flavored engineering: the abstractions are reusable, the proofs are formal where they need to be, and the operational evidence is auditable end-to-end.
- I approach systems engineering much like a craftsman in a workshop—studying product architecture, transport bottlenecks, and telemetry end-to-end before touching code or proposing refactors.
- I harden network, IPC, and service layers first, ensuring the underlying substrate is secure and resilient before asking application code to carry production workloads.
- I trace edge cases directly back to runtime behavior until the underlying contract is explicit, fixing structural boundaries rather than applying superficial patches.
- I run targeted triage, SAST, and benchmarks across C, Rust, Go, Bun, Zig, and Python in lab setups, evaluating real-world trade-offs in memory, latency, and state to build a practical pattern library.
- I integrate new capabilities through clean, isolated adapters that respect working production logic, allowing established platforms to scale safely without breaking core business flows.
- I address AI scaling inefficiencies at the root—optimizing local RAG substrates, execution loops, and context compaction from the bare-metal up before paying for raw model overhead.
- I maintain a self-reliant, transparent posture: sensitive infrastructure redacted, pull requests tightly scoped, and code reviews handled as a constructive, two-way technical dialogue.
- Feedback and learning — if you see me somewhere learning to work better inside a software team, I'm interested. Senior reviewers, engineering leads, or teammates who have a specific technical observation — a code review thread, a shared codebase, a process friction — are welcome to reach out. I consider your opinion useful and treat feedback as a two-way loop, not a one-way deliverable; the best learning posture is to keep the audit trail legible on both sides.
- HackerOne disclosure track — vulnerability reports and coordinated disclosure for infrastructure under our scope route through security@loust.pro. Triaged within 72 hours; reproducible PoCs and a minimum-scope patch suggestion move reports to the front of the queue. Out-of-scope signals (DMS, PipeWire hardening) and known-busy triage windows are documented so reporters don't spin.
- Research collaborations — formal proofs, deterministic systems, transport-layer hardening, sovereign AI infra. Best fit: university labs, independent PhD-track researchers, and private R&D teams working in applied-probability / IR / agent frameworks. Reach out at research@loust.pro with a 1-paragraph abstract and a concrete artifact (gist, paper draft, benchmark).
- OSS upstream hardening — if you maintain an OSS project where the runtime model is well-bounded (lifecycle contracts, allocator hot paths, compositor or daemon boundaries), I'd like to talk. I take scoped PRs against the runtime boundary; bring a reproducer + a minimum-scope patch, not a slide deck. Open invite — long-running contributor or co-maintainer track.
- Communities and chat — IRC, Discord, Matrix, and adjacent chat-based communities are my preferred channels over mainstream social networks. If you're active in OSS communities on those surfaces (Libera.Chat / OFTC, Matrix rooms, Discord OSS servers, project-specific channels), feel free to ping me. I read more than I write, but I value signal over volume.
- B2B platform work / partnerships — long-horizon engagements only. We build the substrate, the observability, and the audit trail before declaring anything shipped — capacity for staged rollouts is the constraint, not the calendar. Reach out at partnership@loust.pro.
- Reference policy — I write public references for shipped work with measurable outcomes. Send the PR / artifact link and a 1-line outcome metric; I respond within a week.
Production systems that have shipped to real users, merged into upstreams, or run as long-lived client platforms. Public artefacts link out; private platforms are referenced by name only — the boundary between public proof and client-confidential work is deliberate, reviewable, and unchanged across engagements.
How we stay current. Release notes get read before installs. Spec changelogs (MCP, Claude, OpenAI, Gemini, every model API we depend on) get watched continuously. Triage goes multi-layer-deep before anything ships — the goal is to understand the vision, scope, and future steps of anything we depend on, so the operator inherits a solid system instead of a house of cards.
| Focus | Operational Impact | Project |
|---|---|---|
| Distributed data plane in Rust + Go: routing, cache control, and a hardened tool-call pipeline for autonomous agents. Backed by the Sovereign RAG math gist (English) / Las Matemáticas del Sovereign RAG (Español) | Decouples agent control planes from provider volatility; 3-way semantic sync + Bayesian Stream Guard with <0.5s hallucination kill-switch. |
LZT SRE Harness (private) |
Closed-core agent runtime + secure gateway: a pruned Rust CLI (h3ph) talks to a multi-tenant k3s sidecar handling ephemeral SAST scans, BYOK inference, and zero-retention report delivery. Three access tiers (Researcher / Private Beta / Commercial) gated on signed digital contract |
Operates with locked egress and isolated reasoning — client nodes never see the operator's reasoning loop, system prompts, or tool contracts. Adaptive VRAM/cache budgeting keeps long-running multi-agent fleets predictable across deep multi-turn runs. |
h3ph43st (private repo, h3ph CLI · AGPLv3 · upcoming) |
| Multi-protocol transport optimized for autonomous agent control planes and other latency-sensitive use cases: Go + Rust proxy racing QUIC / Hysteria2 / direct TLS / SSH, promoting the first-healthy stream under 200ms. Public artefacts: 5-layer SSH fallback chain (Cadena de fallback SSH de 5 capas) + multi-protocol reverse proxy case study (SSH Reverse Proxy & 5-Tier Evasion Chain v1.0) | Sub-200ms first-healthy-stream promotion keeps agent tool-call round-trips within budget even when single-transport assumptions fail; CA-pinning blocks MITM and POSIX-atomic writes eliminate storage state drift. Designed for environments where transport-layer variability is the norm (mobile, captive portals, restrictive NATs, cross-region agent fleets) — not for any adversarial objective. |
Multi-protocol transport for agents (private) |
| 3D fighting game engine informed by competitive-gaming netcode research: GGPO-style rollback (snapshot/restore + speculative execution) calibrated by Ishioka's repeat-last prediction (>70% accurate at 1-3 frame windows) for a 30-frame (~500 ms) rollback window with ~12-frame headroom over average VPN/high-latency play; Valve Source Engine patterns for interpolation buffer tuning + binary input codec; Claypool's prediction taxonomy (Prediction + TimeWarp + Interpolation); Age-of-Empires-style determinism discipline on the simulation path so both clients converge on identical state. Babylon.js 8 (WebGPU preferred, WebGL fallback), Bun + Vite + TypeScript strict, headless rollback simulation harness under synthetic lag/loss profiles | Real-time matches stay playable on restrictive NATs and DPI: WebSocket (TCP, reliable/ordered) carries signaling and match lifecycle while WebRTC DataChannel (UDP, unordered) carries the binary input path; WebRTC upgrade happens in the background without interrupting gameplay, falls back to WebSocket transparently on failure. Diagnostic HUD exposes real-time ping, jitter, and rollback depth (toggleable in-match). |
h4kken (private, deployed at h4kken.loust.pro) |
| Multi-tenant B2B engine: tenant-isolated Postgres/Redis namespaces, Apollo Persisted Queries (APQ) at the edge, Firefox Gecko + MDN-powered client-side translation fallback chain, cross-project indexed search across docs/frontends/dashboards, and spec-driven custom plugin development for ambitious needs — public case study on the 135k-line GraphQL schema deployment: English gist / caso de estudio en Español | 7+ years operational stability without substrate resets; client-side translation chain (modular browser LLM → locale dictionaries → self-hosted LibreTranslate → Google Translate free tier → paid on-demand) keeps server-side token spend and DDoS amplification surface at zero. Locale autodetection + user-preference selectors. Data analysis from casual dashboards to business-specific algorithms. Custom plugins + spec-driven innovation posture. |
LOUST multi-tenant platform (current, 7y6m) |
| Spec-driven code generators and platform scaffolding for multi-app TypeScript monorepos | Single source of truth across 9 packages and 391 TypeScript files, eliminating boilerplate duplication and type drift. |
Nexus Engine (private) |
Identity-anchored transport toolkit that solves the SSH/QUIC head-of-line blocking problem: when strict NATs, firewalls, captive campus networks, or carrier-grade mobile networks force transport to degrade toward TCP-ish behavior, rollback-sensitive real-time sessions become fragile. SnapPipe binds sessions to a cryptographic identity (Ed25519 public key) instead of an ip:port tuple — rebind/reconnect stays cheap, signed tickets gate the peer handshake before any data flows, and a self-hosted relay scaffolds the bootstrap path. v0.2.1 surfaces identity-gated handshake (NonNullIssuer rejects an empty trust store as default-allow), bounded NonceStore with TTL for replay protection, per-NodeId rate limiting, ALPN source-of-truth, sub-second mtime, and lock-free v0.3.0 trigger metrics on NonceStore/RateLimiter |
Library design + QUIC implementation choices that keep both client and server sides auditable: handshake decisions land before any peer sees an unauthenticated frame; the trust store is bounded and inspectable; rate-limit decisions trace to a NodeId, not to a transient socket. CI hardened with SHA-pinned actions, persist-credentials: false, and cargo test --locked. |
SnapPipe |
| Cross-platform internet upgrade toolkit with three deployment shapes: Tauri v3.1 desktop GUI (Rust + SvelteKit, ~8 MB, glassmorphism UI, Windows production), Python v2.2 CLI legacy surface (CustomTkinter + headless CLI, ~25 MB Nuitka bundle), and headless systemd/Windows Service daemons. Windows side implements Linux BBR-equivalent TCP optimizations — HyStart++ slow-start, PRR loss recovery, ECN negotiation, TCP Fast Open, TCP Pacing, RSS/RSC receive-side coalescing. Linux headless binary delivers the same DNS Auto-Failover (11 servers across 6 tiers: Speed, Security, Privacy) as a systemd user service without GUI overhead. 4-Phase Diagnostics walks Adapter → Router → ISP → DNS with parallel 4-worker health checks (~3s cycle vs ~30s sequential) and live graphs + Event Log integration | Real-world throughput gains of +15-20% on Windows via Linux kernel-default techniques (queueing discipline, congestion control, socket buffers) without paying for extra bandwidth; DNS failover across Speed/Security/Privacy tiers survives ISP DNS outages and captive-portal interference; three runtime modes (Tauri GUI, Python CLI, headless systemd/Service) cover desktop power users, remote shell operators, and unattended infrastructure with the same config grammar. Apache-2.0 (deliberate single-license since 2026-06-25). |
NetBoozt |
| Dual-binary GitHub automation: MCP server + webhook auto-tagger. Pulls metadata via JSON-RPC stdio surface and manages GitHub Projects triage | Single-binary infrastructure for GitHub Projects triage: automated PR slicing, batch label reconciliation, and webhook ingestion with zero outbound dependencies. |
TaxonRouter |
| Visual identity, access hierarchy, and turnstile validation layout for regional mass-transit credentials (2025–2026 cycle) | Sustained high-density passenger throughput and multi-tier zoning enforcement under strict security constraints. | Tren Maya smart-card credentials (2025, 2mo contractor) |
| Content-addressed documentation scraper tracking corpora changes via BLAKE3 and git-tree manifests | Grounded local corpora feed Sovereign RAG (DSVH) and Virtuoso 7.2.6 pipelines, replacing ungrounded web searches with reproducible local context. |
spec-snapshot-scraper |
Compositor contract enforcement across Wayland upstreams (wlr-layer-shell, presentation-time, xdg-output) |
Solves multi-runtime edge cases: GTK subprocess teardown (Bottles), frame-callback race conditions (linux-wallpaperengine), and filter matrix exposure (Waypaper). |
Upstream hardening — Bottles · Waypaper · linux-wallpaperengine |
Multi-tenant MCP broker with intent-filter (read | mutate | admin) + resource engine for VRAM/cache budgeting + spec-watch loop aligning annotation contracts before downstream tools adopt breaking changes |
Deterministic tool-call surface survives provider churn, prevents prompt-injection-style annotation drift, and keeps cost + latency within bounded envelopes. |
LZT MCP infrastructure (private: lzt-mcp-broker + resource engine + spec scanners) |
VSCode-native agent loop integration: read-only MCP server wiring live editor state, the SPARQL corpus graph, the watchdog pressure sensor, and the update manifest (4 read-only tools) + a hardened CLI companion wrapping the VSCode Insiders editor CLI as 4 typed tools (cli_open_file, cli_diff, cli_list_extensions, cli_install_extension) with subcommand allowlist, hardcoded path blocklist (/etc, /proc, /root/.ssh/, /root/.gnupg/, etc.), workspace-prefix enforcement, and publisher allowlist for install operations |
Lets the agent reason about the operator's live editing context (active extensions, dev ports, LSP, bridge, watchdog events, update drift vs update.code.visualstudio.com) and act on it through a tightly-scoped CLI surface — never with full shell, never with the path blocklist, never with unsigned extension publishers. Closed-loop improvement workflow: detect problem via watchdog → query corpus for upstream doc → diff/cross-reference via the read-only tools → propose change via the mutate surface, with daily JSONL audit log. Both servers declare MCP readOnlyHint/destructiveHint per tool; the read-only pair rides broker intent read, the mutate pair requires mutate/admin. |
lzt-vscode-mcp + lzt-vscode-cli (private: read-only editor state + hardened CLI companion) |
| arXiv preprint LaTeX source and companion verification suite for FNV-1a + L2 + cosine projection pipelines | Formally proves estimator unbiasedness and concentration bounds, validated empirically under 25/25 thread concurrency stress testing. |
deterministic-sovereign-rag + dsvh-verification-suite |
| High-efficiency subagent fleet that activates ONLY when an upstream spec (MCP, model APIs, Claude/Gemini/OpenAI changelogs) releases a breaking change outside the LLM's training window. Patches the harness' contract types before downstream tools observe the drift | Closes the "stale spec" gap in long-running agent fleets — a model released 4 months ago doesn't know about a spec change from 3 weeks ago, but the harness auto-detects and re-validates contracts before production rollout. |
Spec-watch subagent fleet (private: lzt-mcp-version-scan, lzt-changelog-aggregate) |
| iCal-to-CalDAV bridge daemon translating public ICS subscriptions into localized CalDAV streams for native desktop clients | Lightweight Linux runtime daemon transforming remote web calendar subscriptions into local, standards-compliant CalDAV endpoints. |
ical-to-caldav |
| Compiler translating noisy LLM export payloads (ChatGPT, Claude, Gemini) into canonical JSONL + Markdown records | Normalizes fragmented vendor exports into a structured context stream, eliminating ~60% token bloat during prompt injection. |
LLMmempipe |
Representative build signals from shipped systems
- 9 packages and 391 TypeScript files in Nexus Engine
- 42 Prisma models and 600+ GraphQL endpoints in larger platform work
- 50K embeddings queried in 188 ms in GPU-oriented retrieval
- 15-20% throughput improvements in NetBoozt test cases
- <2 minute lead-to-quote response latency in SYPREME conversion-attribution pipeline
- Atomic CFDI 4.0 invoicing pipeline (multi-tenant e-commerce + Stripe)
- Redis channel count reduced 59 → 18 via SCAN/COUNT migration over KEYS
The technology provider behind my work — multi-protocol transport, hardened Linux substrate, and B2B platforms that survive multi-year horizons. Public artefacts land in Research & Publications and Investigations & Notes; this section is the product surface I run day-to-day.
LOUST · Leverage Opportunities Unleashing Success and Transformation
|
Enterprise CMS Multi-tenant content + commerce + operations platform with isolated Postgres/Redis namespaces per tenant. Single codebase runs marketing, ERP-lite flows, bookings, and storefronts. |
Automations Rule + webhook engine for client operations. Connects Meta Ads, Google Ads, Stripe, MercadoPago, and CFDI 4.0 invoicing into auditable workflows with run history and replay. |
|
CRM Hub Pipeline + contact + closing surfaces for sales teams. Sub-2-minute lead-to-quote latency under exhibition pressure. Native multi-tenant isolation. |
SocialSphere PropTech + hospitality ERP. Multi-property booking, turnover calendars, and channel-manager hooks. CTO since Dec 2025. |
|
Nexus Apps Spec-driven generators and platform scaffolding. 9 packages and 391 TypeScript files keep multi-app ecosystems consistent from one source of truth instead of copy-paste. |
Marketplace Multi-vendor e-commerce with CFDI 4.0 invoicing, Stripe + MercadoPago splits, and a verified directory for sellers. Atomic invoicing pipeline keeps the trail auditable end-to-end. |
|
AI Chatbot Multi-tenant conversational surface for client ops. ReAct reasoning loop with provider-rotation across MiniMax M3, ChatGPT, Claude, DeepSeek, Gemini, Llama, and free-tier fallbacks; per-tenant retry budget keeps cost bounded. Routes to human handoff with full context, sessions in tenant-isolated Redis namespaces, exports to CRM Hub on close. |
Public Research Notes Long-form writeups on sovereign RAG, transport-layer hardening, kernel regressions, and infrastructure audits. Public-by-default where the abstraction boundary is legible. |
Long-form research notes, paper drafts, and proof chains I maintain as part of day-to-day work. Each entry has a concrete artifact (gist, draft, or measurement) — no abstract ambitions.
A four-formula operator stack for reproducible retrieval on sovereign cloud corpora: FNV-1a 64-bit feature hashing into a fixed D = 128 vector, L2 spherical normalization, cosine reduced to a dot product on the unit hypersphere, and a pagination throughput window for upstream API rate-limit optimization. Seven theorems bound estimator unbiasedness, variance via Weinberger 2009, exponential collision concentration via the non-asymptotic Hanson–Wright inequality, O(D) storage/matching, scale invariance under L2 normalization, the cosine/dot equivalence, and the R_throughput operational bound.
Validated empirically on a 4,458-document operator corpus (MANIFESTs, memory entries, subagent specs, skill specs, hardening fragments) — indexed in 4.14 s on the operator's laptop with σ=0.18 s, 640 ns match latency (σ=85 ns) on the production virtualized substrate, and 0.78 top-5 recall. A 25/25 concurrency stress test on the production Rust implementation (DSVH) demonstrates stable operation under sustained workload. / Cuatro fórmulas, siete teoremas. Retrieval soberano y determinista sobre infraestructura en la nube local.
Stack: Rust (DSVH) + Go (APG) + Virtuoso 7.2.6 + FNV-1a 64-bit + L2 normalization. Open question: empirical head-to-head against dense embedders (BGE-M3, multilingual) — left for future work.
Empirical anchor for the theorems above: 90.9% cache hit rate, p95 12 ms latency, +125% throughput lift, $0/mo incremental infra cost on the LOUST multi-tenant Next.js 16 + Apollo Server v4 stack against a 135k-line Prisma-derived GraphQL schema. The case study is the production evidence the formal results lean on — same
Stack: Next.js 16 cacheComponents + Apollo Server v4 + ApolloAPQCache + Redis 7 ioredis keyPrefix + Lua EVAL atomic + cgroup v2 compile-runner.slice + self-hosted GitHub Actions runner with persistent /opt/build-cache volume. Diagnostic anchors: §3.8 cgroup v2 runner isolation, Appendix F slice + hooks, Theorem E.8 throughput gain under cgroup contention. Public artefact, no host infra numbers exposed.
Cost-benefit gate for cache-warming probes against upstream GPU clusters. Three-step procedure: monitor the upstream's TTL state via a single max_tokens=0 probe, trigger an asymmetric EMA update based on the boolean cache-hit response, fire the next probe only when the gate fires. The protocol is 800× cheaper than a cold start at K=1 and still 50× cheaper than an evict-and-compress cycle at K=16. The cadence is asymptotically optimal under the upstream's 5,000 req/hour rate-limit constraint.
Stack: Go (APG) + Lamport happens-before ordering + Marzullo 1994 intersection bound + CLOCK_MONOTONIC. Documented in §5 (clock drift) + §8 (DET protocol) + §9 (zero-prefill) of the operator-stack paper draft.
Public research notes, snapshots, and audit logs from ongoing work. Updated as findings stabilize.
| Topic | Type | Notes |
|---|---|---|
| lzt-* gist collection | Mixed · 9+ gists | Bash hardening snippets, systemd unit definitions, MCP surface designs, certificate chains, transport proxy configs |
| APQ at Scale (135k-line GraphQL Schema) · ES | GraphQL performance · Edge runtime · Self-hosted runners | 90.9% hit rate, p95 12 ms, +125% throughput, $0/mo. Seven diagnostic anchors + seven theorems; §3.8 cgroup v2 runner isolation (slice + Lua EVAL pre-warm + persistent /opt/build-cache). Companion to the APQ theorems in the Research and Publications section above. |
| Resilient Transport vs Stateful DPI | Network engineering | 5-tier QUIC/Hysteria2/TLS/SSH fallback proxy; Happy Eyeballs racing in <200 ms; CA-pinned topology |
| PipeWire handshake timeout (protocol-native) | C / Linux core | 5s spa timer on pw_protocol_native_connect_local_socket(); prevents indefinite CLI hangs (wpctl/pactl) when daemon is alive but unresponsive. Published upstream on Freedesktop (PipeWire). |
| Niri State Observability (Wayland typed-diagnostics) | Wayland compositor · Rust IPC | Pull-based typed diagnostics over Niri IPC; semantic asset labeling; per-output mutex; anchored 5 PRs upstream |
| Waypaper image-filter PR #286 | Upstream OSS | Scaling algorithms exposed across swww/awww backends; HiDPI + pixel-art artifact resolution |
| Zero-overhead observability | Linux runtime | PSI over polling; inotify fork-bomb mitigation; Redis KEYS → SCAN/COUNT migration |
| Chromium 148 CSP regression audit | Web security | Accepted upstream under Opera GB-80414; CSP Level 3 + srcdoc sandbox collision isolation |
| NVIDIA DKMS Kernel 7.0+ RFC | Linux kernel · C | Forward-compat patch series for Kernel 7.0 API refactoring: VMA locking (__is_vma_write_locked() 2→1 args), DMA fence signal (dma_fence_signal_locked() int→void), __vm_flags removal in favor of vm_flags_reset(). 3-layer DKMS build-loop triage (no-autoinstall + apt-mark hold + unattended-upgrades blacklist). NVreg_DynamicPowerManagement=0x02 modprobe rule for Optimus USB-C D3cold hotplug panics under hybrid GPUs. |
LOUST · Leverage Opportunities Unleashing Success and Transformation
Public gists are linked individually above as they ship. For private work-in-progress and operational forensics, see LinkedIn for the curated view.




