I build the trust layer for AI agents — identity, permissions, audit.

For a decade I've been answering one question in different forms: who is allowed to do what? At Uber, that meant an authorization platform serving 90+ internal products and tens of millions of users. At Brex, it was enterprise IAM across a complex fraud surface. At Airbnb, where I'm a Staff Engineer today, it's a relational authorization system running at millions of QPS — and LLM-based tooling that helps hundreds of engineering teams migrate onto it.

I've also asked the question in adversarial environments. As a founding engineer at IoTeX, I helped take the network from zero to a $2B FDV. I later built BlockEden, an API marketplace that served 6,000+ developers across 21 blockchains. I went deep enough into crypto to develop strong opinions about which parts are real and which are theater.

Now I'm asking the same question for AI agents. They're becoming the new principals in software systems — requesting, transacting, and acting on our behalf. But the infrastructure for trusting them doesn't exist yet.

Beancount.io is where I'm testing the answer. It's an AI CFO that operates inside double-entry bookkeeping, the strictest audit framework humanity has invented. The thesis is simple: if agents can be trusted with money, they can be trusted with anything.

Yale CS. Staff Engineer at Airbnb. Based in San Francisco.

Reach me at [email protected], on Telegram at t.me/puncsky, or @tianpan_co on X. I also run a small engineering community at 10x.pub.