(03) Work
Selected work.
A short, honest list. Things I'm building and documenting — mostly in Rust, mostly at the seam between developer tools and the systems they sit on top of.
-
gm-crypto-rs
Pure-Rust SM2 / SM3 / SM4 SDK for the Chinese national crypto standards (GB/T 32905 / 32918 / 32907), with constant-time-designed secret paths guarded by an in-CI dudect harness. Public v1.6.0 on crates.io across three crates —
gmcrypto-core, thegmcrypto-cC ABI, andgmcrypto-simd(AVX2 / NEON SM4). SM4 cipher modes, SM4-GCM/CCM AEAD, SM4-XTS, the full SM2 family (sign, encrypt, key exchange), and X.509-with-SM2 certificate verification have all shipped, in Rust and through the C ABI; v1.6 begins TLCP (GB/T 38636) support. Read more → -
RepoLens
A repository memory and context layer for AI coding agents. It exposes 26 MCP tools and pairs structured repository context with typed, decaying memory so agents can keep a durable model of a project across sessions. Private pre-release for now. Read more →
-
ghrunners
A one-shot macOS CLI for GitHub Actions self-hosted runners — read-only observability (launchd domain, PID, process tree, log tails, optional GitHub API) plus guarded launchd control. Source is private/local for now. Read more →
-
Explainer Engine
A deterministic pipeline that turns a YAML storyboard into a narrated concept video — a plot, a cited code callout, or an animated concept diagram per beat. On-screen content is marked simplified, and a citation gate verifies every claim against the source repo at a pinned commit before a frame is drawn, so the
verified @ commitbadge in the video is the gate's verdict, not decoration. Built on the same Qt-free render core a desktop batch-render GUI drives. Private/local for now. Read more →