Run by Ned Wolpert — coding since 1994, Codehead since 2005 (Amazon · Alexa, and points before and after). Libraries I've reached for too many times to keep rebuilding.
Three projects, each with its own discipline — passkeys, password-less cryptography, and the small Java tools in between.
A production-grade, passkeys-first authentication template for the JVM.
Ships as a reusable library set you can drop into a Spring Boot, Dropwizard, or Micronaut application. The core is framework-neutral; the host's user and credential storage is a plug-in SPI.
OPAQUE PAKE — a server that never sees your password.
An implementation of the OPAQUE password-authenticated key exchange, written directly from its RFC specifications. Built on OPRF and elliptic-curve cryptography. The server authenticates the client without ever receiving — or being able to derive — the password.
Java implementation via Bouncy Castle, with a TypeScript client library bundled. Rust, Go, and C# implementations are next, alongside a cross-language test suite.
Small, sharp Java libraries — the things I keep reaching for.
A growing collection of well-scoped tools, extracted from real services so they stay practical rather than aspirational.
Lightweight A/B testing & feature toggles, inspired by an internal Alexa tool.
Test utilities for Jupiter, Immutables, and Jackson. Small, easy to consume.
Test helpers for Cassandra and unique-string generation.
Dropwizard / Micrometer integration with Dagger support and unit-test helpers.
Out-of-process mocking for functional tests — a spiritual successor to Amazon's Chameleon.
A KISS state machine. Import/export, games and services. The simpler successor.
In-process queueing primitives.
These libraries started life inside of other service, then got cleaned up enough to live on its own.