i wear many hats.

> web architect

i'm molly, i build and break things across the stack - not to do everything, but to have fun.

23 yo

fullstack dev & security @ Galadrim

42 alumni

Paris, France

connect

feel free to reach out for collaborations or secure communication.

pgp identity

B55F 7EF1 4FA3 8595 8855 60B8 4077 A191 3E85 0074

B55F7EF14FA385958855...

selected projects

Belfast

An open-source Azur Lane server emulator written in Go. High performance and scalable architecture.

Go Networking Reverse Engineering

semantic-chan

CLI / MCP / HTTP server designed to index huge codebase to allow semantic searching for humans or LLMs.

Go AI CLI MCP

pgp-mfa

Proof of concept MFA authentication method using PGP keys.

Go Security Cryptography

jabberwock

An org-wide secrets scanner that runs on every GitHub push and routes hash-only findings to Slack and a read-only dashboard. Used at Galadrim.

Security AWS Serverless DevOps

research

responsible disclosures, bugs, and vulnerability research highlights.

Santé Publique France

Reported an IDOR vulnerability that exposed PII.

Proton

Identified an issue with user data handling.

X (Twitter)

Reported a web & mobile DoS bug with Direct Messages.

witr (open-source)

Hardened terminal output against ANSI/OSC injections, preventing terminal manipulations.

ClickHouse (open-source)

Tracked down a join optimizer segfault caused by a NULL dereference.

writing

A ClickHouse segfault in query planning (and the 5-line fix)

A KPI query started killing ClickHouse after a harmless WHERE clause. It turned out to be a NULL type pointer created by unordered_map operator[] during partial evaluation of join filters.

#clickhouse #c++ #debugging

Monday, January 19, 2026

Everything I Self-Host at Home

A grounded look at my home stack: three machines, a single public entrypoint, and the operational choices behind owning core services.

#self-hosting #homelab #docker

Saturday, January 10, 2026

My Crypto Portfolio Strategy for 2026: A Deep Dive into Bitcoin, Ethereum, Solana, Polkadot, and Cardano

A disciplined 2026 DCA strategy across BTC, ETH, SOL, DOT, and ADA, with catalysts, staking economics, and risk management.

#cryptocurrency #finance #bitcoin

Sunday, January 4, 2026

Postgres to ClickHouse, then the embeddings pipeline became the real migration

A ClickHouse backfill that surfaced a slow embedding worker, and the inference optimizations that made it behave like a GPU service (microbatching, TensorRT, caches, and the next bottleneck).

#data #ai #analytics

Friday, December 26, 2025

Secrets scanning for a 200+ repo GitHub org, with zero developer setup

An org-wide, push-triggered secrets scanner: webhook → Lambda → TruffleHog → hash-only findings → Slack + read-only dashboard.

#cybersecurity #cloud #corporate

Thursday, December 25, 2025

From 4M comments to a style-controlled comment generator

How I turned 4M scraped comments into a style-controlled comment generator.

#ai #llm #lora

Thursday, October 16, 2025

read all articles