Forem: Daniel S

Stop making bad meetups already

Daniel S — Wed, 15 Jan 2025 17:27:56 +0000

Offline meetups are getting more and more popular. Remote-first world forces people to look eagerly into offline socialization. Over the last few weeks, I’ve plunged into this world again: networking, startup pitch competitions, public speakers — a whirlwind of events has swept in.

Unfortunately, around 70% of this whirlwind is crap.

After attending yet another time-wasting event and being amazed once more at how organizers manage to so devotedly ignore all the principles of moderation and common sense, I realized I couldn’t stay silent.

Back in the day, I organized and moderated more than a few events of all sorts of formats and sizes. I came up with a bunch of basic principles, and following them is what separates a good event from a bad one.

Here they are.

0. The most important thing — moderation

Moderation is incredibly important. It’s the crucial thing for any good event. The moderator’s role is the cornerstone: it’s up to them whether people have a good, beneficial experience or just lose a couple of hours of their life.

What happens at meetups without moderation:

At networking sessions, introverts stare at their phones and leave without opening up or making new connections
During pitch sessions, the loudest or boldest participants take all the floor time, leaving everyone else unheard
People ask speakers irrelevant questions and waste everyone’s time
Speakers get carried away, stray off-topic, and waste time or lose focus

A good moderator, like a conductor, guides the event and maintains its quality.

But how do you become a good moderator?

1. “Is what’s happening right now beneficial for the participants?”

This is the universal question that a moderator should ask themselves every 10 seconds.

Is the speaker’s topic relevant to the audience? Maybe they need a subtle hint or nudge?
Is the question someone asked truly important for everyone else? Maybe it’s too narrow, and you should politely say “no” and pass the microphone to the next person?
During coffee breaks, are people actually getting to know one another or just drifting off into corners?

You need to understand who your audience is and why they came to your event. If, at any moment, they’re not getting value and you’re just sitting there too shy to guide the speaker or remind someone they’re over time, you’re effectively destroying your event and squandering dozens (or even hundreds) of human-hours.

2. Introduce people at networking sessions

Networking isn’t just about bringing a lot of people together in one place. Networking is about creating a context where it’s easy for them to connect. Ideally, these connections should form between people who can be useful to each other.

A good networking event starts with the moderator introducing the participants. Give each person 20–30 seconds for a short intro. Begin with yourself — set the example.

Are there too many people? Break them into groups of 8–10, then mix them up and form new circles.

Thirty seconds for 10 people is only 5 minutes. But in those 5 minutes, everyone will mentally note who seems interesting and who they’d like to get to know better. Plus, it’s a great conversation starter: “Hey, you do online retail? That’s so familiar — as you heard, I build online stores. Can you tell me more?” is way better than the usual, “Hi, I’m John, what do you do?”

Try experimenting: ask people to name the strangest thing about themselves or share their craziest fail. Little confessions like that often make great ground for future conversations.

Test out different introduction games that create a relaxed context for chatting. That’s the essence of a networking meetup. Anyone can throw an event on Facebook, but real networking takes a bit more.

3. Keep track of speakers’ stories

Not every talk is agreed upon beforehand. That can be great: you can do interviews, field questions from the audience, use lots of formats that let speakers explore topics freely without prepared slides or scripts.

Seasoned speakers handle this just fine. But more often, the person is a professional in their field — design, development, management, whatever — and not necessarily a pro at public speaking. They might be nervous, lose their train of thought, go into irrelevant details, or stretch beyond the allotted time.

Help them out. Don’t just sit there watching someone flounder while the audience quietly slips away. Yes, cutting in can feel uncomfortable, but it’s necessary: not only the speaker but also the audience (whose valuable time you’re saving) will thank you.

There are plenty of ways to do it politely and tactfully:

“Alex, this is incredibly interesting, but I’m afraid not many in the room are that deeply familiar with X. You mentioned Y, which I think is more common — could you talk a bit more about how you solved that?”

“Marie, you know so much about X, and I’m sure you could talk about it for days. But unfortunately, we only have a couple of hours, so I have to narrow things down a bit: could you focus more on Y — it’s really popular right now?”

Smile, be polite and kind. You’re not a disciplinarian telling someone off for going over time. You genuinely want to help them share their most valuable points with the audience.

There’s nothing sadder than seeing speakers looking dejected at the end of an event, facing a half-empty room. It’s especially hard when people walk out during their talk. “I guess I got carried away with X… Maybe it wasn’t interesting to everyone…” But if there’d been a good moderator, things would have gone smoothly.

4. Moderate questions to the speakers

Some event formats include open questions from the audience. Unfortunately, this is often where moderation fails: people ask super-niche questions relevant only to them, or toxic (passive-aggressive) questions, or weird off-topic questions, or they unload 10 questions at once.

Firstly, for some events, that open format might not be the best fit. Got a pitch session? Put together a solid jury to ask questions and give feedback — not the audience. That ensures you get good, thoughtful, expert questions, and everyone can benefit from the answers.

Okay, so your event format really does require audience interaction? Don’t be afraid to cut or reframe questions:

“Sorry, but I’m afraid that’s too narrow an issue. It’s best if you catch the speaker afterwards and discuss it one-on-one.”

“I’d like to expand your question: I think everyone would be curious not only about X, but about the whole segment in general.”

“Sorry, but we already covered that a bit earlier.”

And so on. An audience is chaos, full of lots of different people. Some struggle to phrase their question, others zone out and ask something that was already explained, etc.

Don’t let your own shyness get the better of you — politely decline or redirect someone’s question and pass the mic. Everyone else in the room will thank you.

Afterword

Moderating an event isn’t difficult at all. Politeness, gentle guiding remarks, helping people open up — these are the main tools of a good moderator. Always keep in mind why people came to your event and continually help them achieve that.

Remember that 15 minutes of wasted time in a meetup of 100 people adds up to a whole person-day lost for nothing.

TMA Wallet — a non-custodial MPC wallet for your Telegram Mini App

Daniel S — Tue, 14 Jan 2025 15:09:46 +0000

JavaScript · Cryptocurrencies · Cryptography

Overview

Hello everyone! I guess you already know that for about a year now there’s been a boom of mini apps in Telegram ~~everyone tapped on the hamster~~. Most of these mini apps are related to crypto. Many developers want to provide their users with a wallet inside the app (EVM, TON, Solana, etc.)—basically a virtual account that can be topped up, can withdraw funds, and most importantly, can call smart contracts.

A simple but unsafe solution is to store all the keys on your server and make transactions on behalf of the user. If someone hacks your server, all client funds are lost. It’s hard to earn people’s trust in that scenario.

A complex but inconvenient solution is a wallet that the user must write down on a piece of paper and manage by themselves. In that case, you might as well just use WalletConnect ~~or not build a mini app at all~~. The problem is that your mini app’s UI could become painful: the user would have to confirm every action in an external app.

We looked for an option for our mini app that offers the security of a non-custodial wallet with the smoothest possible UX/UI. And we found it.

In this article, I’ll review TMA Wallet (npm package, website, GitHub)—an open-source, non-custodial, multi-party wallet suitable for any chain, which works using the recently introduced Telegram Cloud Storage API.

Let’s go!

Very Brief Explanation of Terms

Wallet = Private Key. This private key is used to sign transactions and grants its owner the right to control the funds at a specific blockchain address.
Custodial Wallet = Some organization owns your private key and can act on your behalf. A classic example is a crypto exchange like Binance. It’s convenient but requires great trust in the organization.
Non-custodial Wallet = You alone have your private key. It’s stored on your device, and all actions with your funds are done by you or with your confirmation. The main issue is that it’s easy to lose. If you lose your private key, you lose your funds.
MPC (multi-party computation) = An attempt to solve the “lost wallet” issue: the key is split into several parts, stored in different places, and all parts are needed to form a signature on a transaction. In this scenario, hacking one party doesn’t let you access the user’s funds. Meanwhile, the user doesn’t need to store the key entirely on their own.

So, a non-custodial MPC wallet is a wallet where the private key is split into parts stored in different locations and never fully assembled by any single party.

What Exactly Is TMA Wallet?

TMA Wallet is a non-custodial, multi-party (MPC) wallet that uses Telegram Cloud Storage for secure key storage. Everything is linked to the user’s Telegram account, so they don’t have to remember any seed phrases or set up external wallets. The flow is so smooth that your user might not even realize there’s a crypto wallet under the hood—you can build a completely friendly UI and hide the blockchain magic from the user.

Here are some of the main advantages:

Easy Integration: Just install the npm package, plug it into your code, and that’s it. Every user of your mini app now has a wallet.
No TON Connect or WalletConnect Workarounds: The user stays entirely in Telegram; all transactions are signed “under the hood.”
MPC Technology: The private key isn’t available to anyone—not Telegram, not your server, not TMA Wallet’s servers. It’s only put together on the user’s device for a few nanoseconds (while signing a transaction) and then disappears.
Easy Recovery: Lost your phone? No problem—get a new one, log into Telegram, and the wallet is automatically restored.
Access from Multiple Devices: If the user opens the mini app from a desktop client with the same Telegram account, they’ll get access to the same wallet as on their phone.
Open-Source: Everything is on GitHub. You can review and verify security yourself or commission an audit.
Viem/Wagmi/Ethers.js Support: If you’re working on any EVM-compatible chain (Ethereum, BSC, Polygon, etc.), you can use standard libraries.
Supports Any Chain: EVM chains are supported out of the box, but TMA Wallet is basically a system for separate storage of any secret. So you could store a private key for TON, Solana, or any other chain.

How Does It Work “Under the Hood”?

As I’ve mentioned, TMA Wallet is based on MPC principles, where the private key is effectively shared between multiple parties and only reassembled briefly on the client side to sign transactions. Here’s a short summary:

When the user first opens your mini app, the user’s device generates a ClientPublicKey and ClientSecretKey. The ClientSecretKey is saved in Telegram Cloud Storage.
The ClientPublicKey and WebApp.initData (signed by Telegram) are sent to the server.
The server checks that Telegram’s signature is valid and (optionally) asks the user for extra authentication (2FA). It’s optional, and you don’t have to if you don’t want to.
The server then generates an IntermediaryKey by signing (ClientPublicKey + telegramUserId) with its own ServerSecretKey. Then it encrypts this IntermediaryKey before sending it back to the client.
The IntermediaryKey returns to the client and is decrypted there.
Finally, the client signs the IntermediaryKey with ClientSecretKey, resulting in the WalletPrivateKey (the actual private key of the wallet).

This key is used to sign the transaction and is never saved anywhere long term. For each new action, that chain of steps (except step 1) is repeated.

In the end, the app’s UX looks perfect: login is seamless thanks to auto-auth in mini apps, and transactions are seamless because there’s an in-app wallet.

How to Add It to Your Mini App?

Install the SDK:

   npm install --save @tmawallet/sdk

Initialize the key in your code:

   import { TMAWalletClient } from '@tmawallet/sdk';
   import { ethers } from 'ethers';

   // Don't forget to sign up at dash.tmawallet.com
   const myApiKey = '1234567812345678'; // Your API key
   const client = new TMAWalletClient(myApiKey);

   // Authorize the user and create/load their wallet
   await client.authenticate();

   console.log('Your wallet address: ', client.walletAddress);

Example of making a transaction (here using Ethers.js):

   // Use TMA Wallet as the "signer" for ethers
   const provider = new ethers.JsonRpcProvider();
   const signer = client.getEthersSigner(provider);

   const tx = await signer.sendTransaction({
     to: '0x...',
     value: ethers.parseEther('1.0'),
   });
   console.log('Transaction hash:', tx.hash);

And that’s it.

FAQ

Below are questions (slightly edited) from TMA Wallet’s README, with their answers:

Is this definitely secure?

Yes, that’s the core idea. Thanks to the MPC protocol, neither TMA Wallet’s servers, Telegram, nor you have full access to the private key—only the user does.

Do I have to give you access to my bot’s token?

No. We’re one of the first to support Telegram’s new asymmetric signature scheme. We only need your bot’s ID, which is already public.

Which blockchain can be supported?

Any. EVM blockchains (Ethereum, etc.) work out of the box with ethers.js. For something custom, you can use the accessPrivateKey method.

What if the user loses their device?

As long as they have access to their Telegram account, they just log in on a new device, and the wallet is restored automatically. No seed phrase is required.

Can I back up the key?

Technically yes, but you probably don’t need to. The wallet can already be restored through Telegram. If you want, you can let the user back it up, but that’s at your own risk.

Conclusion

We used TMA Wallet in two of our own apps. One is already in production (I was a bit shy to post the link at the start, but I think it’s okay to mention here in the footer: Only100x).

It’s a great option for anyone building Telegram mini apps who wants to give users a secure wallet without messing up the UX with external connectors.

Feel free to try it and explore the documentation. All the project’s code is open on GitHub. Good luck!

Tags:

telegram mini app · crypto · non-custodial wallet · tma wallet

pg_auto_embeddings — text embeddings directly in Postgres, without extensions

Daniel S — Fri, 10 Jan 2025 12:17:01 +0000

Overview

You have a PostgreSQL database that stores a lot of text data. You want to use vector representations (embeddings), for example from OpenAI, to build a recommendation system, improved search, or implement RAG for working with LLMs. But you don’t want to install extensions (or maybe you can’t). For instance, on cloud Managed PostgreSQL, you often don’t have the required permissions.

pg_auto_embeddings is a lightweight open-source solution that lets you compute embeddings through OpenAI models directly in PostgreSQL without installing external extensions. It uses the Foreign Data Wrappers (FDW) mechanism “under the hood” to send requests to the OpenAI API, and it works synchronously and atomically. In this article, we'll see how pg_auto_embeddings can help, how to install it (spoiler: very easily), and what the key features of the project are.

What is pg_auto_embeddings and what problem does it solve?

pg_auto_embeddings is an MIT-licensed open-source project that solves the key problem:

How do we compute text vector representations (embeddings) directly from PostgreSQL without extra fuss and without special extensions?

Main ideas:

Call via SQL: You write a simple function pgae_embedding('some text') and that's enough. You can use the function in triggers so that embeddings for text columns are saved automatically.
Flexible settings: You can use public models (for example, OpenAI) or set up an on-premise proxy if you need more control—like adding your own limits, private access, etc.

Because of this, pg_auto_embeddings is great when you need to quickly “plug in” the calculation of embeddings into an existing DB without dealing with external binary extensions. It's convenient for RAG systems and other tasks where embeddings are a core functionality.

Key features

No extensions: You don't need to install any extra software in PostgreSQL—just run one SQL file (yes, we're repeating it, but it’s important!).
Two deployment options:
1. Simplified installation: Run one SQL script and you’re done.
2. On-Premise (via Docker): Spin up your own proxy server that handles embedding API requests. Also launched with a single docker run command.
OpenAI Embeddings support: At the moment, OpenAI models (text-embedding-3-small/large and some others) work out of the box.
Automatic vector update on insert or update of text data: You can “attach” auto-embedding to a table column so you don’t have to spend time writing a trigger.
Cleanup: If needed, you can completely remove pg_auto_embeddings and all of its objects with a single function.

Step 1. Installation

Take the file simple/pgae_simple_install.sql and run it in your database.

Initialize pg_auto_embeddings:

CALL pgae_init('openai-text-embedding-3-small', 'YOUR_OPENAI_API_KEY');

That’s it!

Step 2. Usage

To get a vector (an array of double precision[]):

SELECT pgae_embedding('your text');

If you have pgvector installed and want the vector format:

SELECT pgae_embedding_vec('some text');

Automatic calculation and saving of the embedding

Suppose you have a posts table with a title column, and you want to automatically store embeddings for titles in the title_embedding column:

SELECT pgae_create_auto_embedding(
  'public', 'posts', 'title', 'title_embedding'
);

Voila.

If you decide to remove pg_auto_embeddings completely along with all its functions and objects, just run:

SELECT pgae_self_destroy();

[Optional] On-premise option (via Docker)

If you have restrictions on external requests or you want to set up your own proxy server for extra security, it’s easy to do.

You need to run two services:

A Postgres database that acts as a proxy between FDW and Node.js.
A Node.js service that sends requests to the model’s API.

pg_auto_embeddings provides a Docker image in which both components are already deployed and configured for use.

Below is an example docker-compose.yml:

services:
    server:
        image: elkornacio/pg_auto_embeddings:latest
        environment:
            - PG_HOST=localhost  # Host of the proxying Postgres
            - PG_PORT=5432       # Its port
            - PG_USERNAME=root_user
            - PG_PASSWORD=root_pass
            - DATABASE_SYNC=true
            - SERVER_HOST=localhost
            - SERVER_PORT=3000
            - SELF_URL=http://localhost:3000
        ports:
            # The port of the proxying Postgres must be open — your managed DB will connect to it
            - 5432:5432

Then, instead of pgae_init, you use pgae_init_onprem:

CALL pgae_init_onprem(
  'your.host.com', '5432',  -- host and port of your proxying Postgres
  'openai-text-embedding-3-small', 'sk-...'  -- model type and API key
);

Usage is the same as with the "simple" option:

SELECT pgae_embedding('your text');

How does it work inside?

Under the hood, pg_auto_embeddings uses a trick based on Foreign Data Wrappers (FDW):

When you install it, a “proxy table” named embeddings_* is created in your local database.
When you call SELECT pgae_embedding('some text'), internally there’s an UPDATE to this “proxy table,” passing the text.
The FDW redirects the request to a remote table (in the Docker proxy or a public server).
On the remote server, a trigger fires that calls the internal function pgae_embedding_internal().
This function sends an HTTP request to the Node.js proxy.
The Node.js server calls the OpenAI API (or another provider if you’re using something else) and gets a vector.
The vector returns to the remote DB, then back to the local DB, and finally shows up in your SELECT query.

Conclusion

pg_auto_embeddings is perfect when you need a quick and simple way to compute vector representations. It’s ideal for those who want to connect their DB with an LLM or build advanced full-text search directly in SQL.

The project is active and open to suggestions and stars :) PRs are also welcome. If you have any questions, feel free to post them in GitHub Issues.

Thanks for reading and happy experimenting :) If you find any mistakes in the text, please message me, and I’ll fix them quickly.

Tags: embeddings, rag, postgresql, postgres, embeddings, vector representations, ai