6/10/2026 at 12:59:07 PM
by emmanuelkimaswa
6/14/2026 at 1:50:31 AM
This looks great. I've been building some local-first software and trying to think of low-lift ways for people to connect instances with each other - I look forward to trying this outby good-idea
6/10/2026 at 12:59:07 PM
Tessera is the ten-minute version of remote access: let a teammate reach a service on your machine for one debugging session, then leave nothing behind. No VPN, no static credential, no port left open.It's consent-gated. The tunnel doesn't exist until you type "y" at your terminal, and the coordinator in the middle is a dumb pipe. A second, end-to-end TLS handshake runs between the two ends, and the CA's private key never leaves the host, so the broker can't impersonate either side or read the payload. Every approval and denial lands in an append-only audit log.
It's pre-1.0 with no independent security review yet, so I wouldn't guard anything sensitive with it. Happy to dig into the design in the comments, especially the trust model and the metadata it does still leak.
by emmanuelkimaswa