ZION BOGGAN
← THE INDEX  ·  WRITING

Writing

Notes on the projects I build: the decisions, the tradeoffs, and what the work taught me. The vulnerability writeups live in the research notebook; this is the deeper thinking.

Field notesSecurityToolingAI

Essays

  • Watchdog for the labs. Audit log for your agents. · 2026-06-19 · The oversight wave aimed at frontier labs has already cascaded one level down, to everyone who deploys AI coding agents. Here is the demand underneath the headlines, why most tooling answers it with another black box, and the record I think actually holds up.
  • Git records what changed. It does not record how you got there · 2026-06-12 · When an AI coding session ends, the steering disappears: the misunderstandings, the corrections, the abandoned branch. TreeTrace reconstructs that from the local transcript and refuses to let a model judge it.
  • Two implementations that have to agree to the byte · 2026-05-16 · Maintaining a cryptographic provenance protocol with a Rust canonical core and a Python reference, where bit-identical conformance is not a nice-to-have. It is the spec.
  • The bot lost $160, and the audit was the real artifact · 2026-04-19 · A trading bot that lost money, and the three wrong answers I gave before I found the right one. The most useful thing the project produced was the post-mortem.
  • When two libraries disagree about a token · 2026-03-30 · A JWT library that accepts a token another library rejects, on byte-identical input, is an auth-bypass primitive. This is the harness that hunts for that disagreement live.
  • One interface for a homelab that grew teeth · 2026-02-11 · Most homelab automation is a pile of shell scripts you have to remember. Perseus is the version where I send one message and the right agent handles it, with the cost on the receipt.
  • Fitting a parabola to a video game pitch · 2025-09-27 · A computer-vision accessibility tool that watches a capture-card feed, predicts where the pitch crosses the plate, and nudges the controller. Built for offline play only, on purpose.
  • Proving the artifact, not just the source · 2025-07-14 · A clean source scan and a build step are not a chain of custody. Here is the supply-chain layer that closes the gap, with no private key to lose.
  • Four gates before merge, and why they run apart · 2025-06-09 · A CI pipeline that fans security checks out into separate jobs, so a red build tells you which gate tripped instead of handing you one long log to scroll.
  • The three things I did by hand on every alert · 2025-04-22 · Building a SOC lab where everything between the rule match and the analyst is automated, because the manual version does not scale and I was tired of it.
  • Writing detections once and meaning it · 2025-03-18 · Why I moved my detection rules out of the SIEM and into source control, and what it cost me to do it.