I built Bewaker because AI coding assistants can accidentally touch files you really don’t want changed (infra-as-code, auth, payments, etc.).
Bewaker's approach is to enforce cryptographic guarantees directly in the local environment. It uses a Merkle tree to verify the integrity of all protected files in a policy, and an Ed25519 signature to prevent the lockfile itself from being tampered with. The goal is to block a problematic edit before a commit is even created.
One of the key distinctions from a tool like CODEOWNERS is that this enforcement happens locally, pre-commit, rather than during a PR review. It's designed to be a guardrail for the developer, not just the repository.
Feedback on the architecture, security model, or potential blind spots is particularly welcome. Happy to answer questions.
Hi HN,
I built Bewaker because AI coding assistants can accidentally touch files you really don’t want changed (infra-as-code, auth, payments, etc.).
Bewaker's approach is to enforce cryptographic guarantees directly in the local environment. It uses a Merkle tree to verify the integrity of all protected files in a policy, and an Ed25519 signature to prevent the lockfile itself from being tampered with. The goal is to block a problematic edit before a commit is even created.
One of the key distinctions from a tool like CODEOWNERS is that this enforcement happens locally, pre-commit, rather than during a PR review. It's designed to be a guardrail for the developer, not just the repository.
Feedback on the architecture, security model, or potential blind spots is particularly welcome. Happy to answer questions.