What signing? Are you referencing the use of Claude subscription authentication (oauth) from non-C...

MadsRC • today at 7:30 PM • 1 reply • view on HN

What signing?

Are you referencing the use of Claude subscription authentication (oauth) from non-Claude Code clients?

That’s already possible, nothing prevents you from doing it.

They are detecting it on their backend by profiling your API calls, not by guarding with some secret crypto stuff.

At least that’s how things worked last week xD

stavros • today at 7:32 PM

I'm referring to this signing bit:

Ah, it seems that Bun itself signs the code. I don't understand how this can't be spoofed.

➕ show 1 reply

alt Hacker News