Staff Software Engineer in Auckland, focused on backend systems, clean architecture, and GraphQL. Outside work: open-source contributor, security researcher, and interested in personal finance and markets.
Cron Is Stateless. Your Mortgage Isn't.
I’ve been working on WealthRelay, an API venture I built from the ashes of my old MarketRacoon code, pivoting what used to be a consumer portfolio tracker into a B2B solution. Somewhere along the way I had to admit something uncomfortable: I was using cron wrong. Not “wrong flag” wrong - conceptually wrong. The tell: fortnightly The feature that forced the realization was recurring schedules: automated deposits, loan repayments, interest runs. And the single most requested shape for those is the one banks use for mortgages: fortnightly. ...
Risk Is a Terrible Word for Volatility
Prefer to watch? This post is also a 6-minute animated video, narrated by a raccoon with a candlestick tail: Ask anyone what risk means and you’ll get something close to the textbook definition: the probability of a harmful event occurring, combined with the severity of its consequences. That’s the risk of security audits, insurance, aviation. By that definition a Ponzi scheme is high risk - decent probability of total loss, maximum severity. And the S&P 500 - five hundred of the most regulated, audited, litigated-against companies on earth, wrapped in one of the most supervised products in existence - reads as pretty safe. ...
Account Pre-Hijacking: Two Variants the Industry Keeps Confusing
In 2022, Microsoft Research published “Pre-hijacking Attacks on Web User Accounts” at USENIX Security. It surveyed 75 popular services and found that roughly 47% were vulnerable to one or more variants of account pre-hijacking, a class of attack that lets an adversary gain persistent access to an account the victim hasn’t created yet. The paper is excellent. But the way the industry absorbed it has created a new problem: the two main variants get lumped together under the same label, triaged as if they’re the same threat, and dismissed or accepted for the wrong reasons. ...
Auto-Generate React Forms from a HotChocolate GraphQL Schema
Versions: @rjsf/core v6.6.2 is the current stable release. v5 was a major breaking change from v3/v4 - the validator prop became required and the validator was extracted into @rjsf/validator-ajv8. The code in this article targets v5+. @graphql-codegen/cli v5 is current and the config format shown is compatible. Internal tooling is where good architecture goes to die. Every backfill, every data-correction operation, every admin action ends up with the same choice: write a one-off form, use the GraphQL playground, or write a script. The first option takes hours and is immediately outdated. The second only works if you let engineers near production data. The third requires a developer every time. ...
HotChocolate: Sync Validation Rules to the Frontend via GraphQL Directives
This approach is based on Nigel Sampson’s post on GraphQL validation metadata, extended with a recursive validation middleware and a codegen pipeline for the frontend. Versions: HotChocolate v16.2.0 is the current stable release. The TypeInterceptor and DirectiveType APIs shown here have been stable since v12 and are unchanged through v16. v15+ dropped .NET 6/7 support - .NET 8 or later is required. The middleware syntax uses C# 12 primary constructors; see the note in that section if you are on an older SDK. ...