Avatar
Tony 9mo ago

Vibe coding boom will get many end users in trouble.

While it is a huge leap forward that allows enthusiasts to bring their ideas to life, majority of the new apps will be built in a reckless way by clueless people.

At the same time building something that does not interact with user data while improving your project is a win-win.

For example, I finally managed to automate my 3 year old project nostr:npub1tcalvjvswjh5rwhr3gywmfjzghthexjpddzvlxre9wxfqz4euqys0309hn and it now automatically posts historical Bitcoin events to Nostr. I know the code is bloated and ugly, I don’t know (yet) how to fix this, but automation works and that’s good enough for now.

PRs welcome 💜 https://github.com/Bitcoin-Calendar/calendar-bot

nostr:note1s4vx09gepe5t3xsfuuvq5f0h3fv70gxxrvj3nennayl37t3sm3jq5l5qd2

Reply to this note

Please Login to reply.

Discussion

Avatar
Dan Jones 9mo ago

Was thinking the same thing a few days back. A lot of this vibe coding will result in security practice failures.

Avatar
Base Layer Capital 9mo ago

100%

Avatar
ภ๏รtг๏ภคยt 9mo ago

We're getting to a point where anyone can make anything, if they smooth talk ai.

Alot of the things I've built are built with the help of ai. Free ones everyone knows at that....

Why would I spend hours on themes, colors, layouts, etc if I don't have to? Lol

Avatar
Tony 9mo ago

100%

The catch is: you know what you’re doing.

Avatar
ภ๏รtг๏ภคยt 9mo ago

Kinda. I'm just learning JS dude. Lol.

Ai has been a great help.... break everything into chunks. Learn what does what and why...

Ask for this or that to happen, learn, debug, repeat.

Anyone can build anything now, or I wouldn't be able to build on nostr with my 8th grade education and heavy drug use that's thankfully behind me now. 💜🫂

Avatar
Tony 9mo ago

Same here, and I didn’t get this excited about anything since I learned about Bitcoin.

My point is: be careful as an end user and be responsible as a developer - vibe or vibeless.

Avatar
Base Layer Capital 9mo ago

This.

Avatar
Base Layer Capital 9mo ago

Honestly not even close to this for anything beyond simple projects. At this point it will empower non engineers to write horrible code that works for happy path coding. A non engineer doesn't even know what to prompt for.

Meanwhile experienced engineers can use it to make rapid progress on larger projects.

But it's a very long way from say prompting the next Unreal engine or a game like Halo. Or even a complex web platform which I use it for daily. Very helpful. No way can it reason across the entire stack in a cohesive way reliably., but brainstorming architecture patterns is amazing. And always gets you dirrctionally right if you know what you are prompting for.

Avatar
ภ๏รtг๏ภคยt 9mo ago

Knowing what your prompting for and how it works makes a big difference.

Vibe coders will be forced to actually learn things if they want what they build to actually WORK how they envision it working.

Ai can do alot, but not everything.

Avatar
Base Layer Capital 9mo ago

Agreed. Use it to become a better coder and it will become more useful in your hands.

Avatar
Tony 9mo ago

Exactly. I’m pretty sure we’re not talking about building Unreal Engine here, but rather about simple code snippets and mini apps that improve your productivity or automate some of your project’s processes.

Prompt is the difference between a working and a broken script or app. When I started coding Bitcoin Calendar i simply talked to AI like if it was a developer. The result was a disaster. Now I spend hours on understanding and formulating what I need, studying documentation to my best ability, using AI to compress my thoughts and findings into a specification, and only then I press “go”.

Yet even now, as I have a working product, the time spent reading and understanding how AI approached the task and what came out of it, made me realize numerous pieces that I should have approached differently. I am in fact planning to redo the backend of the existing project. I find this to be the best way to learn.

Avatar
Luxas 9mo ago

Your user's account data is safe if you use Nostr login for an app 😏

Avatar
Tony 9mo ago

That’s just a tip of an iceberg. Nostr login does not protect from man in the middle attacks, weak certification validation, excessive app permissions, and so on and so forth

Avatar
Luxas 9mo ago

Well, you're right. But, I was directly addressing your point about, "At the same time building something that does not interact with user data while improving your project is a win-win." Of course, things outside of that in the app/host layer is important to lockdown, as you mentioned.

Avatar
Tony 9mo ago

I see, I probably should’ve worded it better. I felt like app permissions and bad encryption practices fall into this bucket, cause if attacker gets a hold of your server or orchestrate a MITM attack, they’ll be able to get their hands on stuff users wouldn’t want them to.

Avatar
brito 9mo ago

As rule of thumb, never store private keys in plain text and always aim to have them decodes at the client side.

Assume everything will be leaked. There is always a balance between usability and privacy.

The only thing private on NOSTR tends to be private messages and the private key.