I’ve been reflecting on a recent experiment building a multi-agent system that generates software from a product specification. What stood out was not whether it could produce code, it obviously can. What stood out was how quickly weak product definition showed up in the output. In the first version, the system produced something functional, but it was clearly built on incomplete assumptions.… Read more
What Building a Multi-Agent System Taught Me About Autonomous Software Development
In August 2022, before I was using AI this way, I wrote: “Computers do what we tell them to. We’re just not always clear with what we’re asking for.”
Building with AI has only made that more obvious.
In fact, it made something else clear too: even when we think we are being clear, there is still a lot of room for a system to interpret the request in ways that are technically valid and product-wise wrong.… Read more
From Documents to Defensible Claims: Rethinking Document Systems
Most document systems are built for storage and extraction.
That is the wrong goal.
In high-trust environments, the real job is not to collect documents or parse fields. It is to determine whether the available evidence actually supports a claim.
That is a different system.
Organizations generate endless documentation: invoices, contracts, certifications, logs, reports, statements, attestations.… Read more
Your Team Isn’t Blocked. It’s Waiting for Perfect.
As systems scale, so do dependencies. The question is not whether they exist. It is whether teams know how to work through them.
I’ve seen teams say they’re blocked by dependencies when they’re actually blocked by something else: nobody wants to move until the boundary is finished.
That is a costly mistake.… Read more
Designing Resilient Scheduled Payment Systems
Scheduled financial transfers sound simple. A customer creates an instruction — for example, “transfer $100 every week” — and the system processes the transaction on the appropriate day.
Many systems begin with a straightforward implementation. A daily job reads instructions from a database, generates transactions, and attempts to process them. For a small system this can work well enough.… Read more
Computers and behavior
Computers do what we tell them to. We’re just not always clear with what we’re asking for.… Read more
Vault encryption, an upgrade
Note (2026): This was written while I was actively working with Vault. My current stack leans more toward AWS-native solutions (KMS, Secrets Manager, IAM), but the core concepts here—separating secrets from code and treating encryption as a service—still apply.
In my last post, I discussed using the Spring Encryption project to encrypt sensitive data in our application.… Read more
Moving JWT from headers to cookies
One thing that’s been nagging me as we build out our framework is how we’re handling JWTs. Right now, we’re doing what most applications do. The token comes back after authentication and gets sent on every request in the header:
GET http://localhost:8080/someprotectedendpoint
Authorization: Bearer <jwt token>This works exactly as expected.… Read more
Great API Design Makes Hard Problems Feel Easy
Recently I started playing around more with my Neo Smartpen. The company makes their data storage format public and I wondered how long it would take me to write a program to show my handwritten pages within a simple app.
Given my background, I knew I could do this quickly in Java with a UI in Swing so I started there.… Read more
Cognito to rule them all?
After writing custom code to handle signing up users, sending emails, supporting multi-factor authentication, I looked more into alternatives. Why? As a startup you have to be scrappy. Use what’s free, create solutions for platform parts that cost too much for where you’re at. Eventually, you will grow out of this and will need to look at alternatives.… Read more