Engineering
How we build the things we ship.
Architecture deep-dives, post-mortems, and the occasional opinion. One institutional voice; no per-author bylines.
2026-10-28
Why Camiel does not have a chat interface
Camiel — our privacy-focused answering engine — is built around a search box and a permalinked answer page, not a chat. The argument for that choice is technical, not aesthetic, and it falls out of what verifiability actually requires.
2026-10-14
Prompt injection: a vector taxonomy and the mitigations worth the engineering
A working taxonomy of prompt-injection vectors and the small set of mitigations that, after evaluation against each of them, are still worth the engineering. Two structural principles fall out of the exercise.
2026-09-30
Postgres as a queue, and when not to
A defence of using Postgres as the job-queue substrate for application-bound workloads, the four properties that make the choice load-bearing rather than corner-cutting, and the conditions under which we'd switch.
2026-09-16
A redactable hash chain, as a design pattern
An audit log that is append-only, tamper-evident, and redactable looks contradictory at first reading. The contradiction dissolves when you separate the manifest from the content. A short note on the pattern, independent of any specific application.
2026-08-19
How Pan gates dangerous tool calls
Pan never takes a destructive or external-network action without an explicit approval. The mechanism is smaller than it sounds — an in-memory store, a three-level classifier, and a blocking goroutine. Here is what the gating layer actually looks like.
2026-08-05
OpenTelemetry traces when most of the latency is in someone else's GPU
A request that spends fifty milliseconds in our gateway and several seconds inside a provider's inference is hard to instrument with the usual OpenTelemetry patterns. Here is the small set of conventions that, after some iteration, produce a trace worth reading.
2026-07-22
A prompt cache that does not leak across tenants
Caching LLM responses pays for itself within a day on most workloads. Doing it correctly in a multi-tenant gateway is a key-derivation problem more than a storage one. Here is the design we'd defend.
2026-06-24
Designing a prompt-classification schema for an LLM gateway
A schema that determines which providers may see a given prompt is the most load-bearing data structure in a compliance-aware gateway. Here are the principles we'd argue for, separately from the specific vocabulary any particular gateway adopts.
2026-05-27
Twenty months of the AI Act, from a builder's seat
A short field report from a lab whose customers care about the regime. What changed in procurement, what changed in our writing, and what didn't change despite confident predictions that it would.
2026-05-13
Policy before quality, in an LLM gateway
A short argument for the order in which an LLM gateway should resolve its routing decisions. Eligibility first, optimisation second. The ordering is not subtle, and the systems we have seen suffer most are the ones that took the other order by default.
2026-04-28
Why we built euraika-labs.net
The lab needed a public face. Here's what we wanted it to do, what we deliberately kept out, and how the site demonstrates the sovereignty positioning by being sovereign itself.
2026-04-28
A response to James Bennett: LLM coding is not just "faster typing"
James Bennett argues LLM-coding isn't a silver bullet, so adoption isn't urgent. We think that misframes what's happening. LLMs change the interface between intent, implementation, testing, and review — and the skill of working in that loop takes a year to build.
2026-04-22
What we publish, and why
A short note on the lab's approach to open source and writing — what goes public, what doesn't, and what determines the difference.
2026-04-15
On "sovereign-by-default"
We use the phrase enough that it deserves a definition. Here is what we mean by it, and what we don't.