惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Tenable Blog
Engineering at Meta
Engineering at Meta
The Register - Security
The Register - Security
N
Netflix TechBlog - Medium
D
Docker
Vercel News
Vercel News
云风的 BLOG
云风的 BLOG
月光博客
月光博客
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
D
DataBreaches.Net
IT之家
IT之家
V
V2EX
人人都是产品经理
人人都是产品经理
F
Fortinet All Blogs
J
Java Code Geeks
酷 壳 – CoolShell
酷 壳 – CoolShell
博客园 - 叶小钗
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
雷峰网
雷峰网
博客园 - Franky
Hugging Face - Blog
Hugging Face - Blog
有赞技术团队
有赞技术团队
aimingoo的专栏
aimingoo的专栏
MongoDB | Blog
MongoDB | Blog
P
Privacy International News Feed
F
Full Disclosure
P
Proofpoint News Feed
B
Blog RSS Feed
T
Tor Project blog
T
The Blog of Author Tim Ferriss
B
Blog
Webroot Blog
Webroot Blog
腾讯CDC
T
Troy Hunt's Blog
T
Tailwind CSS Blog
H
Heimdal Security Blog
AWS News Blog
AWS News Blog
G
Google Developers Blog
Spread Privacy
Spread Privacy
NISL@THU
NISL@THU
A
About on SuperTechFans
SecWiki News
SecWiki News
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
I
InfoQ
M
MIT News - Artificial intelligence
大猫的无限游戏
大猫的无限游戏
美团技术团队
L
LangChain Blog

Hacker News - Newest: "LLM"

GitHub - lechmazur/position_bias: A benchmark for testing whether LLM judges keep the same preference when two lightly edited versions of the same story are shown in opposite orders. Flex routing (EU and EFTA) Dark Factories: Retooling for LLM Velocity Ask HN: What would be the impact of a LLM output injection attack? GitHub - AronDaron/dataset-generator: No-code desktop app for generating high-quality synthetic datasets to fine-tune LLMs — plan-then-execute pipeline, LLM-as-judge, HuggingFace upload. GitHub - Oaklight/llm-rosetta: Production-ready LLM API translation layer for Python — bidirectional conversion between OpenAI, Anthropic & Google formats via hub-and-spoke IR. Optional API gateway. Streaming & non-streaming. Zero core deps. Contributions welcome! GitHub - browser-use/browser-harness: Self-healing browser harness that enables LLMs to complete any task. GitHub - moeen-mahmud/remen: Remen turns thoughts into something you can return to Analyzing 156 LLM Launch Posts on Hacker News ChatGPT vs Gemini vs Claude: The Best LLM Subscription You Should Buy GitHub - salaamalykum/quran-semantic-search: High-density RAG Semantic Search Engine & Quran Corpus (GEO/SEO Architecture) GitHub - NVIDIA/TensorRT-LLM: TensorRT LLM provides users with an easy-to-use Python API to define Large Language Models (LLMs) and supports state-of-the-art optimizations to perform inference efficiently on NVIDIA GPUs. TensorRT LLM also contains components to create Python and C++ runtimes that orchestrate the inference execution in a performant way. The State of LLM Bug Bounties in 2026 Operational Readiness Criteria for Tool-Using LLM Agents Meshcore: Architecture for a Decentralized P2P LLM Inference Network How an LLM becomes more coherent as we train it GitHub - seetrex-ai/laimark GitHub - Jossifresben/BibCrit: AI-assited biblical textual criticism GitHub - wastedcode/memex: File system based wiki, maintained by Claude 99helpers.com GitHub - cliver-project/AITrigram GitHub - unbody-io/adapt: A self-evolving memory layer for AI agents. GitHub - hb20007/awesome-gen-ai-fails: A list of incidents where reliance on generative AI and LLMs resulted in harm to companies, individuals, or society GitHub - nevenkordic/localmind: Run any local LLM with persistent memory and context. CLI agent over Ollama with SQLite-backed hybrid recall. No cloud. Ask HN: What are the machine requirements for a LLM like Llama-3.1-8B? Faster LLM Inference via Sequential Monte Carlo grpo explained: group relative policy optimization for llm finetuning - cgft Stop comparing price per million tokens: the hidden LLM API costs · TensorZero Andrej Karpathy's LLM Wiki Is a Bad Idea GitHub - GG-QandV/mnemostroma: Offline RAM-first cognitive leer/coprocessor for AI agents and robotics. Solves "Context Abandonment" with 20-80ms latency using a dual-thread biomimetic memory architecture (ONNX + SQLite WAL). mempalace/agent at agent · skorotkiewicz/mempalace GitHub - Nyquest-ai/nyquest-rust-fullstack-pub: Nyquest — Semantic Compression Proxy for LLMs. 350+ rules, local LLM stage, 15-75% token savings. Full Rust stack. GitHub - TheoV823/mneme: Enforce architectural decisions in AI-assisted development. GitHub - klemenvod/TokenBrawl: A 1v1 Bomberman-style game where two LLM agents play autonomously against each other. No human plays — you watch the AIs fight. Each agent receives a text description of the board state, reasons about it, and outputs a move as JSON. The game engine executes it. Introducing the Common AI Provider: LLM and AI Agent Support for Apache Airflow Power Circuit AI: Designing Power Electronic Circuits for Motor Drives with Generative Artificial Intelligence Ask HN: How to program with IDE and LLM on CPU locally? Show HN: Agent-cache – Multi-tier LLM/tool/session caching for Valkey and Redis Bonsai 1-bit WebGPU - a Hugging Face Space by webml-community The LLM Fallacy: Misattribution in AI-Assisted Cognitive Workflows Ask HN: Simple tooling for local LLM code critique without IDE integration? Can a General LLM Diagnose a DICOM Slice? A 10-Case Public Benchmark Charts-of-Thought: Enhancing LLM Visualization Literacy (PDF, 2026) GitHub - Mesh-LLM/mesh-llm: Distributed AI/LLM for the people. Share compute privately or publicly to power your agents and chat. GitHub - seamus-brady/springdrift: A persistent runtime for long-lived LLM agents Writing an LLM from scratch, part 32k -- Interventions: training a better model locally with gradient accumulation Ask HN: Which LLM model and agentic CLI are you using for local development? GitHub - wayneColt/modelcascade: Route local. Escalate smart. Never overspend. Open-source multi-model cascade routing for autonomous agents. LLM pricing is 100x harder than you think GitHub - asakin/llm-primer: Pre-warmed Claude Code sessions in tmux. No startup wait. GitHub - EggerMarc/chat-rs: A multi-provider LLM framework for Rust. GitHub - SynapseKit/SynapseKit: Minimal, async-first Python framework for production LLM apps- 2 hard deps, no magic, no SaaS. A Claude Skill that Makes LLM Paragraphs More Bearable Does Gas Town 'steal' usage from users' LLM credits & paid services to improve itself? What's Claude Code Actually Doing? Open the Black Box with the Arthur Engine Milla Jovovich's New Open Source LLM Memory App and the Dark Code Problem Your intuition of LLM token usage might be wrong Show HN: Bloomberg Terminal for LLM ops – free and open source GitHub - 0xchamin/mcptube: Transform YouTube videos into a compounding knowledge base with transcripts, vision analysis, and agentic search. Works as an MCP server for Claude, Copilot & more. Show HN: Open KB: Open LLM Knowledge Base Your LLM is a compiler, not a runtime GitHub - sapountzis/Unslop: A Web Feed That Deserves You crates.io: Rust Package Registry Beyond Karpathy's LLM-Wiki: The Necessity of Cognitive Governance GitHub - amitshekhariitbhu/llm-internals: Learn LLM internals step by step - from tokenization to attention to inference optimization. GitHub - parallem-ai/parallem: An expressive library for running agents with the Batch API. GitHub - stfurkan/pi-llm LLM-Wiki Show HN: Formal – Formal verification for AI-generated code using Lean 4 LRTS – Regression testing for LLM prompts (open source, local-first) LLM Wiki Skill: Build a Second Brain with Claude Code and Obsidian I built an LLM Wiki and RAG solution: here's a demo for a security KB The biggest advance in AI since the LLM Predict-Rlm: The LLM Runtime That Lets Models Write Their Own Control Flow the-synthetic-library/the-synthetic-mind at main · joshferrer1/the-synthetic-library GitHub - yisding/reviewwiggum GitHub - Donnyb369/mcp-spine: Context Minifier & State Guard — Local-first MCP middleware proxy GitHub - Beledarian/wgpu-llm: A from-scratch LLM inference engine that uses wgpu (the cross-platform WebGPU implementation) to dispatch WGSL compute shaders for every math operation a Transformer needs. No CUDA. No Python. No massive framework dependencies. Just Rust, raw shaders, and your GPU. GitHub - anitiue/Hindsight: An experience-driven self-improvement framework for LLM agents — 基于经验的 LLM Agent 自我改进框架 GitHub - stef41/lmscan: 🔍 Detect AI-generated text and fingerprint which LLM wrote it. Open-source GPTZero alternative. Zero dependencies, works offline. GitHub - alainnothere/AmdPerformanceTesting: Amd Performance Testing Ask HN: Is a purely Markdown-based CRM a terrible idea? Optimized for LLM agents Context Engineering - LLM Memory and Retrieval for AI Agents | Weaviate little_helper_tui/letter.md at main · sleepyeldrazi/little_helper_tui GitHub - EvanZhouDev/umr: The Unified Model Registry for all your local AI apps. GitHub - JordanCT/VigIA-Orchestrator Your Agent Is Mine: Measuring Malicious Intermediary Attacks on the LLM Supply Chain A Taxonomy of RL Environments for LLM Agents Llama LLM Network Feture GitHub - genedeng-ca/ai-mac-migration: AI-powered Mac-to-Mac migration tool - replace Apple Migration Assistant with intelligent, selective transfer using local LLMs GitHub - lunargate-ai/gateway: High-performance self-hosted AI gateway (OpenAI-compatible) with routing, retries, and streaming GitHub - AuthBits/webmcp: A lightweight, prompt-driven MCP web research server for high-quality LLM powered information extraction. Externalization in LLM Agents: A Unified Review of Memory, Skills, Protocols and Harness Engineering Springdrift: An Auditable Persistent Runtime for LLM Agents with Case-Based Memory, Normative Safety, and Ambient Self-Perception High-Stakes Personalization: Rethinking LLM Customization for Individual Investor Decision-Making From Static Templates to Dynamic Runtime Graphs: A Survey of Workflow Optimization for LLM Agents HUOZIIME: An On-Device LLM-enhanced Input Method for Deep Personalization TIDE: Token-Informed Depth Execution for Per-Token Early Exit in LLM Inference Characterizing WebGPU Dispatch Overhead for LLM Inference Across Four GPU Vendors, Three Backends, and Three Browsers LLM Targeted Underperformance Disproportionately Impacts Vulnerable Users
GitHub - stevefan1999-personal/demcstify: Decompile Minecraft using Vineflower, reconstruct the code using LLM
stevefan1999 · 2026-04-29 · via Hacker News - Newest: "LLM"

Research project: LLM-assisted reconstruction of partially decompiled Minecraft 26.1.2 sources into fully buildable, runnable, bytecode-equivalent local client and server artifacts.

demcstify is not a Minecraft source distribution. It is a reconstruction lab: a set of documents, scripts, Gradle build logic, database schema, and evaluator tools that coordinate LLM agents against a deterministic bytecode oracle. The user's machine supplies the original JAR, performs the reconstruction, and keeps all reconstructed source and build outputs local.

Legal Stance — Read Before Doing Anything

This repository contains no Minecraft game files and no reconstructed Minecraft source code. No JARs, no assets, no manifests, no decompiled output, no repaired sources, no rebuilt classes, and no copyrighted code from Mojang or Microsoft will ever be committed here.

Minecraft, Mojang, Mojang Studios, and related game code, assets, names, and marks are property of Mojang Studios and Microsoft. All rights are reserved by Mojang Studios and Microsoft. This project claims no ownership of, license to, or endorsement by those rights holders. See NOTICE.md.

Local-only paths are intentionally gitignored:

Path What lives there Why it is local only
ground_truth/26.1.2.jar User-supplied original JAR The original game is not redistributed
ground_truth/26.1.2.json User-supplied manifest The manifest is part of the local input
ground_truth/src-vineflower/ Raw decompiler output Decompiled source is not published
subprojects/*/src/ Reconstructed Java source Repaired/reconstructed code stays on the user's machine
subprojects/*/build/ Recompiled classes and per-subproject jars Build outputs stay local
build/runnable/ Runnable client/server jars User-local artifacts only

Only scaffolding belongs in the repository: documentation, agent guardrails, Gradle glue, scripts, schema, evaluators, ADRs, and research notes.

If you do not own a legitimate license to Minecraft 26.1.2, do not use this project. You are responsible for compliance with the Minecraft EULA and applicable law in your jurisdiction. If a rights holder requests changes, the maintainer will comply.

What Problem This Solves

Modern Java Minecraft releases are distributed in a form that is far friendlier to analysis than old obfuscated releases, but a decompiler still does not produce a clean, buildable, bytecode-identical source tree. Vineflower can recover a plausible draft, yet it commonly introduces errors:

  • invalid or over-broad generics;
  • missing or malformed bridge patterns;
  • wrong branch shape for if, ternary, and switch constructs;
  • line-table drift from added annotations or reformatted source;
  • static-initializer declaration-order drift;
  • source layout that compiles but produces different stack maps or constant-pool shape.

demcstify treats the original .class files as the specification. Reconstructed source is correct only when the rebuilt class passes the evaluator at the target equality tier.

The Core Idea

This project is a testbed for multi-agent LLM-driven source reconstruction against a bytecode oracle.

flowchart LR
  jar[User-supplied 26.1.2.jar] --> decompile[Pinned Vineflower draft]
  decompile --> source[Local reconstructed source]
  source --> compile[Gradle + pinned javac]
  compile --> rebuilt[Rebuilt .class]
  jar --> diff[Bytecode diff oracle]
  rebuilt --> diff
  diff -->|FAIL| evidence[javap evidence]
  evidence --> source
  diff -->|PASS| db[(state/progress.db)]
Loading

The compressed paradigm:

  • The oracle is mechanical, not human. A rebuilt class either matches the original at the chosen tier or it does not.
  • The decompiler is priming, not truth. Vineflower output is a draft to repair, not a source of authority.
  • Roles are strict. Decompilers, compile fixers, bytecode aligners, verifiers, and librarians have separate write scopes.
  • State is relational and append-only. SQLite records claims, attempts, verdicts, diffs, and coverage.
  • Swarm coordination uses SQL, not lockfiles. Different LLM runners can work in parallel by atomically claiming queue rows instead of racing over markdown status files or filesystem locks.
  • Tier A is the default. Raw byte equality is the normal target; semantic fallback requires a recorded ADR.

The full conceptual frame lives in docs/research/01-llm-reconstruction-paradigm.md. The workflow-specific research note lives in docs/research/02-llm-decompilation-workflow.md.

Inspirations and Lineage

demcstify is inspired by two practical lines of work:

  • lifting-bits/remill, which demonstrates how a large binary-reasoning system can lift machine-code instructions into LLVM bitcode as a stable intermediate representation. demcstify applies the same spirit to JVM bytecode: choose a precise intermediate artifact, make translation evidence-driven, and let downstream tooling compare outputs mechanically.
  • Real-life experience using LLMs for CTF reverse-engineering and cybersecurity challenges during PolyU x NuttyShell Cybersecurity CTF 2026 (event site) as the (almost sole member of) team HackOverflow. While working on one of the event's reverse-engineering challenges, the project author realized that if LLMs can reconstruct code from decompiler evidence, the workflow should be automated through IDA or Ghidra MCP integrations. Those workflows showed that LLMs are most useful when they reason over decompiler output, traces, and tight oracles rather than free-form guesses.

The project translates that experience into a reproducible software-reconstruction lab: the decompiler gives a draft, the LLM proposes source repairs, and bytecode equality decides whether the repair is real.

What This Repository Contains

Area Files Purpose
Project docs README.md, DESIGN.md, ARCHITECTURE.md, docs/** Publishable design, architecture, research, and ADRs
Agent protocol AGENTS.md, LLM_CODESTYLES.md Role discipline, queue protocol, style, and verification rules
Build glue settings.gradle.kts, build.gradle.kts, gradle.properties, gradle/** Layered Java subprojects, pinned toolchain, runnable jars
State schema scripts/progress-schema.sql, state/progress.db SQLite queue, attempts, verdicts, coverage, toolchain pins
Decompiler pipeline scripts/decompile.sh, scripts/route-vineflower-output.sh Pinned Vineflower and mechanical source routing
Queue operations scripts/claim-work.sh, scripts/finish-work.sh, scripts/enqueue-work.sql, scripts/enqueue-bytecode-work.sh Atomic work claims and lifecycle transitions
Evaluator scripts/bytecode-diff.mjs, scripts/verdict-shim.mjs Raw class-byte comparison, javap evidence, canonical PASS JSON
Toolchain probe scripts/probe-toolchain.sh, docs/adr/0001-toolchain-pin.md Java/Gradle/Vineflower pinning evidence

What You Must Supply

Place your legitimate, local Minecraft 26.1.2 files here:

ground_truth/26.1.2.jar
ground_truth/26.1.2.json

Both paths are gitignored. The scripts read them locally. The project does not download or redistribute them.

High-Level Workflow

  1. Bootstrap state. Inventory the JAR, classify classes into subprojects, seed state/progress.db, and record toolchain hints.
  2. Decompile once. Run pinned Vineflower into ground_truth/src-vineflower/.
  3. Route mechanically. Split decompiled source into subprojects/<name>/src/main/java by package ownership.
  4. Compile to green. Fix one subproject at a time until compileJava has zero errors and zero warnings.
  5. Align bytecode. Claim one class, compare rebuilt class bytes to the original, patch only that class, repeat until PASS or release.
  6. Verify independently. A verifier re-runs the affected build and diff before claims are treated as durable.
  7. Package local runnable jars. Build dependency-bundled client and server jars from reconstructed outputs only.
  8. Guard legal boundaries. Fail packaging if original bytecode appears in a runnable artifact.

Phase 2 is the functional plateau: the game client and server should be generally usable once the source compiles cleanly and packages locally. That is not yet faithful decompilation. Different LLMs can still produce different source shapes, naming choices, and control-flow flavors that behave acceptably but compile into different bytecode. The bytecode-diff pass is the mechanical refinement pass that forces those variants to converge toward true source-code decompilation. This is where the hard challenge really starts.

A larger diagram lives in docs/architecture/01-llm-decompilation-workflow.md.

Equality Tiers

Tier Meaning Normalization
A Rebuilt .class is byte-for-byte identical to the original class from ground_truth/26.1.2.jar None
B Rebuilt .class is structurally/semantically equivalent when cosmetic compiler artifacts are ignored Line tables, source-file attribute, and constant-pool ordering may be normalized

Tier A is the default target for every class. Tier B is a formal downgrade, not an excuse: it requires failed attempts, a documented ADR, and evaluator approval.

Why SQLite Is Central

state/progress.db is not a convenience file; it is the concurrency and audit backbone.

A swarm of LLM agents can run at the same time because each agent performs a tiny atomic transaction to claim work, then does expensive compile/diff/source work outside the database lock. This avoids the usual failure modes of multi-agent coding sessions:

  • two agents editing the same class because they both read a stale markdown checklist;
  • broad filesystem lockfiles blocking unrelated work;
  • local tmux/session memory disagreeing with another LLM runner;
  • PASS claims that are not connected to a reproducible evaluator artifact.

The database owns queue state. Terminal logs and .omx logs are evidence, not truth.

Useful queries:

SELECT * FROM tier_a_coverage;

SELECT attempts.id, attempts.work_queue_id, attempts.class_fqn, roles.name, attempts.started_at
FROM attempts
JOIN roles ON roles.id = attempts.role_id
WHERE attempts.finished_at IS NULL;

SELECT class_fqn, COUNT(*) AS failures
FROM attempts
JOIN verdicts ON verdicts.id = attempts.verdict_id
WHERE verdicts.name = 'FAIL'
GROUP BY class_fqn
ORDER BY failures DESC;

Typical Commands

These commands assume the local ground-truth files are already present.

# Verify / fetch the pinned Gradle runtime, then run a task.
scripts/gradle.sh tasks

# Initialize or refresh the progress database from the local JAR.
scripts/init-progress-db.sh

# Run pinned Vineflower.
scripts/decompile.sh

# Route Vineflower output into local, gitignored subproject source trees.
scripts/route-vineflower-output.sh

# Claim one queue item atomically.
scripts/claim-work.sh --agent "your-agent-name"

# Compile one subproject.
scripts/gradle.sh :minecraft-common:compileJava

# Compare one rebuilt class against the original.
scripts/bytecode-diff.mjs --class net.minecraft.Example --attempt-id 123 --allow-different

# Produce the canonical evaluator verdict.
scripts/verdict-shim.mjs --class net.minecraft.Example

# Finish a claimed work item.
scripts/finish-work.sh --work-id 123 --verdict PASS --compile GREEN --diff IDENTICAL --achieved-tier A

Agent Roles

Role Writes Must not do Completion evidence
decompiler Raw/local decompile output and mechanical routing output Hand-repair decompiled source Decompile and route commands complete
compiler_fixer One assigned subproject source tree Bytecode-align unrelated classes gradle :subproject:compileJava green with zero warnings
bytecode_aligner One claimed class Modify neighboring classes silently verdict-shim returns PASS for that class
verifier No source writes Verify its own changes Independent build + diff evidence
librarian Docs, ADRs, schema migrations Touch reconstructed sources Docs/schema match current system

See AGENTS.md for the binding protocol.

Runnable Artifacts

The target local outputs are:

build/runnable/demcstify-server.jar
build/runnable/demcstify-client.jar

They must be runnable with java -jar, dependency-bundled, and assembled from reconstructed class outputs plus declared third-party dependencies. The only material copied from the original JAR is a whitelist of non-code resources required by the game runtime. Original .class and .java entries are forbidden.

verifyNoGroundTruthCodeInRunnableJars is wired into the build to enforce this boundary.

Documentation Map

Status

Active reconstruction scaffolding. The repository currently publishes the method and tooling, not reconstructed source. Current progress is intentionally not hardcoded in this README; query state/progress.db for live local status.

Closing Thesis

LLMs change the security and intellectual-property landscape. Code that once seemed protected by obfuscation, mutation, virtualization, or platform-specific binary form can often be partially recovered with a combination of mechanical lifting and model-assisted recontextualization. Projects such as remill, PS2Recomp, XenonRecomp, and RPCS3 show different parts of that technical reality: lift machine instructions, preserve machine state, translate runtime behavior, or emulate an entire platform.

That pressure is especially sharp for Java. Bytecode carries rich semantic structure, and long-standing obfuscators such as ProGuard and RetroGuard raise the cost of recovery without making recovery impossible. In the LLM era, devirtualization, deobfuscation, and recontextualization are no longer rare artisanal steps; they are becoming repeatable workflows.

The lesson is not that intellectual property stops mattering. The lesson is that security through obscurity needs a reality check. Obfuscation cannot substitute for clear licensing, good architecture, explicit trust boundaries, or honest engineering. If software is increasingly industrially produced, then the enduring value is not merely the text of code. It is the intent, explanation, constraints, tests, provenance, legal boundary, and maintenance story around it. The old maxim was "talk is cheap, show me the code." For this project, the closer is: code is cheap; show me the talk.

License

The lab scaffolding in this repository is licensed under the MIT License. See LICENSE.

The MIT License applies only to this project's own code and documentation: scripts, Gradle build logic, database schema, evaluator tooling, agent instructions, ADRs, and research/design/architecture notes. It does not apply to user-supplied ground_truth/ files, raw Vineflower output, locally reconstructed Minecraft source, rebuilt classes, runnable jars, Minecraft assets, Minecraft names/marks, or any other Mojang Studios / Microsoft material.

Minecraft, Mojang, Mojang Studios, and related game code, assets, names, and marks are property of Mojang Studios and Microsoft. All rights are reserved by Mojang Studios and Microsoft. This project claims no rights to them.

Contributing

Read AGENTS.md, LLM_CODESTYLES.md, DESIGN.md, and ARCHITECTURE.md before opening a PR or running agent workflows.

Do not commit reconstructed source, original game files, decompiled output, rebuilt classes, runnable jars, or local heap dumps.