It seems completely in the spirit of Gas Town.<p>A respectable software provider should warn you about this kind of behaviour at install time, and give you the opportunity to opt out. Gas Town fulfilled all its obligations in this regard with these (and other) warnings in the original announcement:<p>> WARNING DANGER CAUTION<p>> GET THE F** OUT<p>> YOU WILL DIE
> <i>A respectable software provider should warn you about this kind of behaviour at install time, and give you the opportunity to opt out</i><p>They honestly only need to disclose. Requiring contribution as part of the social contract is perfectly okay—if someone disagrees, they don’t get to use Gas Town.
They didn't disclose it though. It's no different from sticking a bitcoin miner in a video game and telling the user "WARNING DANGER CAUTION ;)"
If someone disagrees, it takes about 15 minutes to ask an LLM to edit the offending behavior out of the free and open-source software.
That was some time ago. According to Yegge, Gas Town is now stable and ready for everyday use.<p>> Gas Town “just works.” It does its job, it has tons of integration points, and it has been stable for many weeks. People are using it to build real stuff.<p>> So as far as I’m concerned, Gas Town is ready. That’s why I feel it merits a 1.0.0 release.<p>Source:
<a href="https://steve-yegge.medium.com/gas-town-from-clown-show-to-v1-0-c239d9a407ec" rel="nofollow">https://steve-yegge.medium.com/gas-town-from-clown-show-to-v...</a>
For context for those of us who don't follow these things very closely: where exactly did this "WARNING DANGER CAUTION" stuff show up?
In its wave-making announcement post:<p><a href="https://steve-yegge.medium.com/welcome-to-gas-town-4f25ee16dd04" rel="nofollow">https://steve-yegge.medium.com/welcome-to-gas-town-4f25ee16d...</a><p><i>”But first, before we get into Gas Town’s operation, I need to get rid of you real quick.<p>WARNING DANGER CAUTION<p>GET THE F** OUT<p>YOU WILL DIE<p>Let’s talk about some of the reasons you shouldn’t use Gas Town. I could think of more, but these should do.”</i>
So it's perfectly fine to ship a bitcoin miner in software, as long as you say:<p>> WARNING DANGER CAUTION
> GET THE F* OUT
> YOU WILL DIE<p>You cannot be serious...This behaviour is deeply unethical and most likely illegal as well.
Coming soon: JavaScript embeds on bloated websites that mine cryptocurrency on viewers' WebGPUs.<p>Accidentally leave a browser tab open and it burns $5 of your electricity overnight to make $2 for the owner of the website.
That's not coming soon, that is a thing that was happening on compromised servers years ago (and probably still, but to a lesser extent given the decline in popularity of meme coin launches)
A few years ago, if you visit a site, your laptop grinds to a halt and the fan starts spinning like crazy, you know there is crypto mining happening on the site.<p>(btw that was a really good showcase for WebAssembly. Too bad it's used for illegitimate purposes)
Already been done, albeit without the webgpu part. I think some browsers already block crypto miners<p>It's a shame in a way, it also blocked the pseudo-captchas that used mining to limit spam.
Based on my understanding of Gas Town, Beads, and Yegge's philosophy on AI that he's expressed in a variety of media, everything about the whole stack is designed to burn tokens. If you're not burning tokens, real fast, 24/7, you're losing the race. The race to where, I have no idea. Apparently, that includes him burning your tokens, too.
I just had to post this somewhere in this thread, but I bought his Vibe Coding book after listening to him talk through it. I figured it would help me understand his approach and therefore help me get into the same mindset for vibe coding on a serious level. It was garbage. The book is largely written and edited by LLMs and it shows on every page. It was a slop how-to book without many useful gems on how to go about vibe coding outside of "just do it".
> help me get into the same mindset for vibe coding on a serious level<p>> vibe coding on a serious level<p>I hope your experience with the book has taught you a valuable lesson about "vibe coding", it seems like it was unintentionally very accurate.
Did you end up finding a reference you liked better? I'm default suspicious of anything called "vibe coding" but there are probably some good lessons in that territory.
I have historically liked Yegge's writing, and he's been pretty tuned into what's happening in tech...he rightly predicted JavaScript would take over the world (many people predicted it, as well, including me, but it wasn't obviously true to everyone for another year or two after that prediction was made). I don't think I ever really deeply disagreed with something so much as I disagree with him on AI.<p>I mean, it's inarguable that our industry has changed dramatically and most code going forward will be written by LLMs. But, I don't think it follows that you can produce quality software without a human in the loop. And, I don't think it follows that burning tokens 24/7 by way of creating unending busy work for agents is going to result in utility. I haven't actually tried Gas Town (it's too ridiculous on its face for me to be willing to invest time in learning it), but I'd still wager that a single competent dev sitting in front of Claude Code can produce better software faster than anyone, experienced or otherwise, trying to get Gas Town's infinite monkeys driving in the same direction.
His Vibe Coding book is invaluable as a textbook example of slop.
Is anyone surprised? I'm reminded of how I felt during the NFT craze. LLMs are extremely powerful when used with deliberate care. Gas Town is the exact opposite of what is needed to actually do useful things in prod. I guess good on Steve for doing what he does so well, and getting so much hype around a vibe coded mess.
this is why transparency matters with anything that touches cloud AI. if your routing user prompts through any API, users should know exactly whats being sent, where it goes, and whether it gets stored or used for training. Burying that in terms of service isnt good enough
Just like with NFTs, this is all going to discredit the actually sensible use cases for years.
> I guess good on Steve for doing what he does so well, and getting so much hype around a vibe coded mess.<p>Shit coin aside, I don't get the hate for Gastown, we all know its theoretically plausible and he's giving it a shot. We get value either way, either we learn its not just theory or we get to watch it burn in the flames of a legal/financial/security/maintenance nightmare for its practitioners.
Because he should know better? Because it’s obviously a shit show but he keeps on being very vocal about his shit show? Because it’s annoying to have to see yet another delusional vibe coded project being hyped up instead of this forum being used to discuss actually industry relevant information?
he's doing it in the open. Its instructive for us all either way.<p>> he keeps on being very vocal about his shit show?<p>I'm not really sure what this complaint is. You want someone doing something to not.... write a blog about it?<p>> Because it’s annoying to have to see yet another delusional vibe coded project being hyped up instead of this forum being used to discuss actually industry relevant information?<p>I think I've seen around 2 posts, one the original gastown one and then the gascity one. Is two posts in like a year too much or do I miss a midday rush where the front page is all Yegge?
> Because it’s annoying to have to see yet another delusional vibe coded project being hyped up instead of this forum being used to discuss actually industry relevant information?<p>It's industry-relevant. This is what the industry is now. All in two short years.
You are saying: by virtue of the value of creation, anything that is created cannot have negative effects.
From the most recent comment, looks like this is a bug, triggered by the system inadvertently activating an internal release tool [0]. Still a pretty wild bug, but not as dramatic as the title suggests. Which is kind of unfortunate honestly, the chaos of every gas town instance automatically contributing to itself would be beautiful to see.<p>- <a href="https://github.com/gastownhall/gastown/blob/main/internal/formula/formulas/gastown-release.formula.toml" rel="nofollow">https://github.com/gastownhall/gastown/blob/main/internal/fo...</a>
I think a disclosure and a way to limit the total cost would be appropriate. If agents are capable of making contributions back to GasTown independently then I think it makes sense that users of GasTown should have to contribute some tokens to maintaining and improving the library. This is actually the most sustainable approach to maintaining open-source software that we've seen so far, and might be a pattern for other libraries in the future.<p>That said... someone could also have their agents rip out this code or disable the functionality, so I doubt this is a serious inconvenience.
Or disguise malicious behavior as an action that follows a routine prompt. E.g. sort a requirements file and make a typo.
Except that this money does not go to the original open source developers whose work was stolen and plagiarized, but to the corporate fat cats who stole it.<p>You want to fatten the oligarchs by pretending this is open source and steal money from users?
In one of my previous comments (<a href="https://news.ycombinator.com/item?id=47770124">https://news.ycombinator.com/item?id=47770124</a>) I asked if Gas Town has shipped anything of value. I did not expect it to be an Ouroborous.<p>(Edit, thanks MisterTea: <a href="https://news.ycombinator.com/item?id=47770805">https://news.ycombinator.com/item?id=47770805</a>)
We need to dispel this notion that top open source contributors need to know anything about the project or even make contributions to it<p>That is a very 2025 mindset
Why is anyone still using or even talking about Gas Town? Now that HN is largely onboard with agentic development and has at least tried it themselves who's still under the impression that it's useful?
The value you get out of a simpler adversarial loop to critique your "main" agent's work is high. Stacking Steve Yegge's personal Kingdom of Nouns on top of each other doesn't add much more.<p>And this doesn't even begin to get into the madness that is verification for software that matters and is exposed through multiple modalities. You cannot let an agent just vibe its way around "does this business-critical thing with these specific use cases do its job correctly", much as Yegge might have you believe.
I was about to post this same q, but saw yours and somehow that switched me from "wtf?" to "I have an answer.": There's just <i>such</i> interest in <i>anything</i>.<p>To wit, I still can't believe OpenClaw blew up, and it's much less......opinionated, than whatever is going on here. (deacons?)<p>Non-SWE TradMom™ posted on X™ yesterday about her OpenClaw that is set up with all her accounts so every morning she can get a family summary. She added a hunk with a bunch of stuff amounting to "PLEASE don't do anything insecure!", and the OpenClaw founder retweeted approvingly.<p>I left Google 3 years ago to build something. I'm very fond of the OpenClaw founder. And yet, absolutely cannot believe that he let such an obvious UX and security mess out into the world. We grew up in the same incubator (~2008 iPhone OS twitter) and presumably share the same values yet came to polar opposite conclusions.<p>Why do I view it as such a necessity to have a GUI/multiplatform/built in Willison Trifecta stuff that I'm still pounding away 2.5 years in and won't release, when, clearly you don't need that stuff?<p>I think in a steady state, product and UX discipline will win out. I bet within 3 months Gastown is a ghost town with maybe some non-technical crypto fans. In a year, OpenClaw is probably around, but not nearly the mindshare. It'll be quietly de-invested via OpenAI carefully managing the OpenClaw founder into working on their Everything App. (This is already happening: he got a nice PR interview with an OpenAI lead previewing the Everything App.)<p>Another anecdote re: demand:<p>My completely non-technical nurse ex-girlfriend from high school called me two weeks ago, for the first time in years. Lede was I was right about AI, and the substance was: via Claude Code, she built her own Ollama-based Mac Mini server that she could connect to remotely via an Expo app.<p>Does it work? Astoundingly, yes.<p>She also has no idea what is going on. She swears up and down that her AIs on Claude.ai, ChatGPT.com and Ollama are somehow talking to each other, and she does not mean APIs. She tried answering a Q I had about a graph visualization of her chats by talking to ChatGPT.com about it, even though Claude Code had wrote it, and I just didn't bother saying anything.<p>Times are strange.
Open source or not, there’s a strong argument that using someone’s API key to make unauthorized requests is a violation of the Computer Fraud and Abuse Act. Using their GitHub credentials to submit PRs without consent is also unauthorized use of access credentials.<p>The “thoughtless design vs. malice” framing by Anthropic is generous. Shipping formulas that target steveyegge/gastown issues is intentional. Someone wrote those formulas, pointed them at the maintainer’s repo, and included them in the default install. Someone thought it was acceptable I guess because it’s open source?
These people give the slopmachine credentials for their own github account?<p>I know I should not be surprised at this point, yet they keep reaching new lows.
Sounds like a good way to support open source. Would you support open source by donating tokens to improve the product? I definitely would!
This gets legally interesting. Yegge does not know what is going on in the codebase, so he can blame the AI. But the AI maliciously increases token consumption.<p>That is clearly the fault of the clankers that produced this crap, so their providers are responsible.
Yegge is (or was) a software developer, he should know perfectly well that this could happen, he could only claim the opposite by resorting to mental insanity.<p>And despite my disdain for AI companies, I'd prefer a world where you're assumed to be aware of the dangers of using AI, and responsible for how recklessly you use it, to one where we pretend that they'll ever be reliable enough.<p>Of course the AI companies are responsible for what they say; if they claimed that you don't need to carefully inspect the output of their clankers, they sure hold part of the responsibility.
Is it possible to start a labor union in Gas Town?
It turns out crypto-adjacency is a very good proxy to see whether a person is trust-worthy.
Isn’t this a permissions issue? Your “opt out” is using a GitHub access token that doesn’t allow it to happen.
Perhaps someone's Gas Town Tamagotchi will find this issue and fix it?
Wow, an example of AI engaging in powerseeking behaviour in the wild.<p>This is an AI system given power to improve itself with zero oversight. One of the many Gas Town instances took an ethically questionable decision to accelerate its future rate of improvement. Since nobody reads code it got merged.<p>I don't understand how we can be willfully ignorant of a scenario happening right in front of our eyes.
Ngl if true it's entirely in keeping with the <i>Mad Max</i> theme.
I appreciate that it's an issue to try and improve the product you are using currently. As if those tokens were totally "stolen" and not for your benefit is laughable.<p>This is like when someone torrents and is immediately agro'd the moment your bittorrent client gives some poor passerby a kb of data
He found a way to charge people for open source
How would Yegge know?
So this is just straight-up theft right? Like it's directly equivilant to shipping with a bitcoin miner. I wonder what the spend would have amounted to and if you could sue him for this?
It could be worse. They could conceivably resell some your credits to pay themselves a salary.
>let someone else use your tokens
>someone else use your tokens<p>how could this be prevented?
For those of us not in the know, WTF is "Gas Town"? Please ELI5! TYVM.
So, not only stole a bunch of money with a crypto rug pull, now stealing a bunch of money via other people's api credits?<p>Sounds like a techbro.
iono if “steal” has the right valence here