<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: Kris Racette</title>
    <description>The latest articles on DEV Community by Kris Racette (@krisracette).</description>
    <link>https://dev.to/krisracette</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3993837%2F75e18b20-f2b3-4acc-a8f2-519b46633ce9.png</url>
      <title>DEV Community: Kris Racette</title>
      <link>https://dev.to/krisracette</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/krisracette"/>
    <language>en</language>
    <item>
      <title>Building an Open-Source Fitness Tracker with Flutter</title>
      <dc:creator>Kris Racette</dc:creator>
      <pubDate>Wed, 01 Jul 2026 19:41:09 +0000</pubDate>
      <link>https://dev.to/krisracette/building-an-open-source-fitness-tracker-with-flutter-44ke</link>
      <guid>https://dev.to/krisracette/building-an-open-source-fitness-tracker-with-flutter-44ke</guid>
      <description>&lt;p&gt;For the last year and a half, I've been lifting four days a week — alternating between hypertrophy blocks (~12 reps × 3 sets) and strength blocks (~6 reps × 5 sets) for the same lifts. I tried the popular subscription apps. I tried spreadsheets. I tried a notebook.&lt;/p&gt;

&lt;p&gt;None of them fit. The subscription apps wanted me to start a "program" before they'd let me log a set. The spreadsheets didn't remember my last weight per lift per training style. The notebook was, predictably, terrible at search.&lt;/p&gt;

&lt;p&gt;So I built &lt;strong&gt;Gym Tracker&lt;/strong&gt; in Flutter, and this week I open-sourced it.&lt;/p&gt;

&lt;h2&gt;
  
  
  What it does
&lt;/h2&gt;

&lt;p&gt;It's a small app with a clear job: log a session, remember my numbers, and get out of the way.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;A &lt;strong&gt;Workout&lt;/strong&gt; tab where I pick body parts, see only the relevant exercises, and tap my way through sets. Each exercise card pre-fills my last weight for the &lt;em&gt;current training style&lt;/em&gt; — strength and hypertrophy records live as separate rows, so a 100kg × 5 strength entry doesn't bleed into a 80kg × 12 hypertrophy entry.&lt;/li&gt;
&lt;li&gt;An &lt;strong&gt;Exercises&lt;/strong&gt; tab grouped by body part (Legs, Chest, Arms, Back, Shoulders) with a many-to-many catalogue, weight history per exercise, and an "add new exercise" button.&lt;/li&gt;
&lt;li&gt;A &lt;strong&gt;History&lt;/strong&gt; tab with every session I've ever logged, in reverse chronological order.&lt;/li&gt;
&lt;li&gt;A &lt;strong&gt;Profile&lt;/strong&gt; tab for body stats (weight, waist, neck, notes) and a database export via the system share sheet.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;The app ships with a pre-populated exercise catalogue and a blank SQLite database. No account. No telemetry. No cloud. It works on Android (APK) and Windows (portable .exe) from the same codebase. iOS and macOS build from source; I just don't have a Mac to sign releases with.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why open source
&lt;/h2&gt;

&lt;p&gt;I'm the Founder of Executive Mind, an AI consultancy where I spend most of my days building agent systems for clients. A pattern I keep returning to: &lt;strong&gt;good tools should be inspectable, portable, and free.&lt;/strong&gt; Lock-in is the enemy.&lt;/p&gt;

&lt;p&gt;Open-sourcing Gym Tracker means three things to me:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;
&lt;strong&gt;Anyone can read the code.&lt;/strong&gt; The whole stack is small enough to navigate in an afternoon — &lt;code&gt;sqflite&lt;/code&gt; for storage, &lt;code&gt;sqflite_common_ffi&lt;/code&gt; to make it work on desktop, &lt;code&gt;provider&lt;/code&gt; for state, one repository for all data access. If a Flutter dev wants to see a real-world app that ships to two platforms from one codebase, this is it.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Anyone can fork it.&lt;/strong&gt; A coach can add their own exercises. A lifter can theme it. A developer can swap SQLite for Drift if they want reactive queries. The license lets you.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;It forces me to keep it honest.&lt;/strong&gt; Public code ages in the open. That's a feature, not a bug.&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  What's next
&lt;/h2&gt;

&lt;p&gt;The roadmap is in the README. The big items: &lt;strong&gt;GPS run tracking&lt;/strong&gt; (a placeholder toggle in Settings waiting for a real screen), &lt;strong&gt;Health Connect sync&lt;/strong&gt; on Android, a &lt;strong&gt;session detail view&lt;/strong&gt; with per-set editing, and an &lt;strong&gt;analytics dashboard&lt;/strong&gt; with charts. I built the toggle in early so I'd remember the wiring.&lt;/p&gt;

&lt;p&gt;If you want to contribute, the easiest first PR is adding exercises to the catalogue or building the session detail screen. The data layer is ready for it.&lt;/p&gt;

&lt;p&gt;If you just want a fitness tracker that doesn't try to sell you a program, you can grab the APK or the Windows zip from the releases page.&lt;/p&gt;

&lt;p&gt;Either way, the code is on GitHub. Go read it. Tell me what's wrong with it. That's the whole point.&lt;/p&gt;

&lt;p&gt;🔗 &lt;a href="https://github.com/Roughn3ck/gym_tracker" rel="noopener noreferrer"&gt;github.com/Roughn3ck/gym_tracker&lt;/a&gt;&lt;br&gt;
🌐 &lt;a href="https://executivemind.io" rel="noopener noreferrer"&gt;executivemind.io&lt;/a&gt;&lt;br&gt;
👤 &lt;a href="https://krisracette.me" rel="noopener noreferrer"&gt;krisracette.me&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;— Kris Racette, Founder of &lt;a href="https://executivemind.io" rel="noopener noreferrer"&gt;Executive Mind&lt;/a&gt; | &lt;a href="https://krisracette.me" rel="noopener noreferrer"&gt;krisracette.me&lt;/a&gt; | &lt;a href="https://github.com/Roughn3ck" rel="noopener noreferrer"&gt;GitHub&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;

</description>
      <category>flutter</category>
      <category>opensource</category>
      <category>showdev</category>
      <category>sideprojects</category>
    </item>
    <item>
      <title>Why I Built ColdStack Instead of Using a Browser Extension for Crypto Key Management</title>
      <dc:creator>Kris Racette</dc:creator>
      <pubDate>Thu, 25 Jun 2026 06:28:26 +0000</pubDate>
      <link>https://dev.to/krisracette/why-i-built-coldstack-instead-of-using-a-browser-extension-for-crypto-key-management-2og5</link>
      <guid>https://dev.to/krisracette/why-i-built-coldstack-instead-of-using-a-browser-extension-for-crypto-key-management-2og5</guid>
      <description>&lt;h1&gt;
  
  
  Why I Built ColdStack Instead of Using a Browser Extension for Crypto Key Management
&lt;/h1&gt;

&lt;h2&gt;
  
  
  The Problem
&lt;/h2&gt;

&lt;p&gt;Browser extensions are convenient. They're also the single biggest attack vector in crypto. Every time you install a wallet extension, you're handing your private keys to a piece of JavaScript that runs inside the same browser you use for everything else — the one with 50+ extensions, 100+ tabs, and a decade of cached cookies.&lt;/p&gt;

&lt;p&gt;The threat surface is staggering. Malicious updates can ship to a legitimate extension overnight. Supply chain attacks compromise the build pipeline before the code ever reaches your browser. Phishing extensions impersonate real wallets with near-identical branding. And browser zero-days? Those don't need an extension at all — they just need you to visit the wrong page.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Your keys live inside a browser that is actively under attack.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Between 2024 and 2026, hundreds of millions of dollars were drained through extension-based wallet compromises. Some were outright malicious extensions. Others were legitimate wallets that got compromised through their dependencies. A few were browser vulnerabilities that allowed attackers to read extension storage directly. The pattern is always the same — the keys were accessible from the browser, and the browser was accessible from the internet.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Alternative
&lt;/h2&gt;

&lt;p&gt;The answer isn't a better browser extension. The answer is no browser at all.&lt;/p&gt;

&lt;p&gt;Offline key management has been the gold standard for institutional crypto custody for years. Hardware wallets, air-gapped signing machines, HSMs — these are the tools that custody billions of dollars professionally. The principle is simple: &lt;strong&gt;a key that never touches a network can't be stolen over a network.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;I built ColdStack because I wanted that level of security without the $200 hardware wallet, without the proprietary firmware, and without the closed-source trust model. I wanted something I could run from a USB drive on any Windows machine, something I could audit myself, and something I could give away for free.&lt;/p&gt;

&lt;h2&gt;
  
  
  What ColdStack Does
&lt;/h2&gt;

&lt;p&gt;ColdStack is a portable Windows application for offline crypto key management. It doesn't install. It doesn't phone home. It doesn't run in your browser. You drop it on a USB drive, plug it into any Windows machine, and double-click.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;AES-256-GCM encryption&lt;/strong&gt; protects your key vault at rest. The encryption key is derived using &lt;strong&gt;Argon2id&lt;/strong&gt; — the same memory-hard KDF recommended by the IETF — which makes brute-force attacks computationally infeasible even with modern GPUs.&lt;/p&gt;

&lt;p&gt;Version 3.0 ships with a built-in &lt;strong&gt;BIP39 derivation engine&lt;/strong&gt;. That means you can generate a 24-word mnemonic and derive addresses for seven blockchain ecosystems directly inside the app:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;EVM chains&lt;/strong&gt; (Ethereum, Polygon, BSC, Arbitrum, Optimism, and others)&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Bitcoin&lt;/strong&gt; — with support for Taproot, SegWit, and Legacy address formats&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Solana&lt;/strong&gt;&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Dash&lt;/strong&gt;&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Sui&lt;/strong&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;No more jumping between five different tools to manage keys across chains. One mnemonic, one vault, seven ecosystems.&lt;/p&gt;

&lt;p&gt;The app also includes &lt;strong&gt;auto-lock&lt;/strong&gt; — if you step away from your computer, ColdStack locks itself after a configurable timeout. &lt;strong&gt;Zero telemetry&lt;/strong&gt; means no analytics, no error reporting, no usage tracking. Nothing leaves your machine unless you explicitly send it.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why Offline by Default Matters
&lt;/h2&gt;

&lt;p&gt;"You can't hack what isn't connected" isn't a marketing tagline. It's the fundamental principle of air-gapped security.&lt;/p&gt;

&lt;p&gt;ColdStack makes exactly &lt;strong&gt;zero network requests&lt;/strong&gt; on startup. None. No update check, no license verification, no telemetry ping, no "phone home for feature flags." The app is completely silent until you do something that requires a network connection — and the only thing that does is the manual "Check for Updates" button.&lt;/p&gt;

&lt;p&gt;Even then, ColdStack &lt;strong&gt;asks first&lt;/strong&gt;. A dialog pops up: "ColdStack wants to check for updates. Allow this network request?" You click Yes or No. If you click No, no bytes leave your machine. If you click Yes, it hits one endpoint — the GitHub releases API — and shows you what's available. That's it.&lt;/p&gt;

&lt;p&gt;This is what "offline by default" actually means. Not "offline most of the time." Not "offline unless we need to sync." Offline. Full stop.&lt;/p&gt;

&lt;h2&gt;
  
  
  Open Source Security
&lt;/h2&gt;

&lt;p&gt;ColdStack is open source on GitHub. Every line of code is auditable. Every security claim is verifiable. You don't have to trust me — you can read the code yourself.&lt;/p&gt;

&lt;p&gt;This matters because "trust us, it's secure" is exactly what the browser extension wallets said. Security through transparency beats security through assertion every time. The code is there. Fork it, audit it, build it yourself. If I've made a mistake, you'll find it. If I haven't, you'll know why.&lt;/p&gt;

&lt;h2&gt;
  
  
  Download
&lt;/h2&gt;

&lt;p&gt;ColdStack v3.0 is available now:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;GitHub:&lt;/strong&gt; &lt;a href="https://github.com/Roughn3ck/key_manager/releases/tag/v3.0" rel="noopener noreferrer"&gt;https://github.com/Roughn3ck/key_manager/releases/tag/v3.0&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Product page:&lt;/strong&gt; &lt;a href="https://executivemind.io/key-manager" rel="noopener noreferrer"&gt;https://executivemind.io/key-manager&lt;/a&gt;
&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Free. No subscription, no premium tier, no upsell. Download it, put it on a USB drive, and take control of your keys.&lt;/p&gt;

&lt;p&gt;— Kris Racette, Founder of Executive Mind — Key Manager | krisracette.me | GitHub&lt;/p&gt;

</description>
      <category>opensource</category>
      <category>blockchain</category>
      <category>cryptocurrency</category>
      <category>security</category>
    </item>
    <item>
      <title>Kris Racette on the Future of Agentic Business Operations</title>
      <dc:creator>Kris Racette</dc:creator>
      <pubDate>Mon, 22 Jun 2026 11:10:54 +0000</pubDate>
      <link>https://dev.to/krisracette/kris-racette-on-the-future-of-agentic-business-operations-2alf</link>
      <guid>https://dev.to/krisracette/kris-racette-on-the-future-of-agentic-business-operations-2alf</guid>
      <description>&lt;p&gt;&lt;em&gt;By Kris Racette | Executive Mind | Brisbane, Australia&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;The next evolution of business technology isn't just automation — it's agency. Agentic systems don't just follow rules; they make decisions, take actions, and learn from outcomes. For businesses in Brisbane and across Australia, this represents a fundamental shift in how operations work.&lt;/p&gt;

&lt;h2&gt;
  
  
  What Are Agentic Business Operations?
&lt;/h2&gt;

&lt;p&gt;Traditional automation follows a script: when X happens, do Y. Agentic operations go further. An agentic system understands context, evaluates options, and takes the best available action — even when the situation wasn't explicitly programmed.&lt;/p&gt;

&lt;p&gt;At &lt;strong&gt;Executive Mind&lt;/strong&gt;, we define agentic business operations as: &lt;em&gt;systems that can autonomously execute complex business processes while maintaining alignment with organisational goals and human oversight.&lt;/em&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The Architecture of Agentic Operations
&lt;/h2&gt;

&lt;p&gt;Building agentic systems requires a different architecture than traditional automation:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;1. Perception Layer&lt;/strong&gt; — The system must understand its environment. For financial operations, this means real-time access to transaction data, market conditions, and regulatory requirements.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;2. Reasoning Layer&lt;/strong&gt; — Given what it perceives, the system must evaluate options. This is where large language models and specialised AI models process context and generate potential actions.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;3. Action Layer&lt;/strong&gt; — The system must be able to execute. In financial operations, this might mean initiating transactions, generating reports, or flagging compliance issues.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;4. Learning Layer&lt;/strong&gt; — Every action produces feedback. The system must learn from outcomes to improve future decisions.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why Brisbane Businesses Should Pay Attention
&lt;/h2&gt;

&lt;p&gt;Brisbane's business ecosystem is uniquely positioned for agentic operations. The city has:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;A growing fintech and AI startup scene&lt;/li&gt;
&lt;li&gt;Strong connections to Asia-Pacific markets&lt;/li&gt;
&lt;li&gt;A workforce that increasingly understands AI capabilities&lt;/li&gt;
&lt;li&gt;Competitive costs compared to Sydney and Melbourne&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;The businesses that implement agentic operations first will have a structural advantage. They'll operate with lower overhead, faster decision cycles, and more consistent execution than competitors relying on traditional processes.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Executive Mind Approach
&lt;/h2&gt;

&lt;p&gt;At Executive Mind, Kris Racette has developed an approach to agentic operations that puts financial professionals at the centre. The AI handles the volume — monitoring, processing, flagging — while human expertise handles the judgement.&lt;/p&gt;

&lt;p&gt;This isn't about replacing people. It's about giving financial professionals in Brisbane and beyond the tools to operate at a scale that wasn't previously possible.&lt;/p&gt;

&lt;h2&gt;
  
  
  Getting Started
&lt;/h2&gt;

&lt;p&gt;For organisations considering agentic operations, the first step is identifying high-volume, rules-heavy processes where human time is being spent on tasks that don't require human judgement. These are the lowest-risk, highest-return entry points.&lt;/p&gt;

&lt;p&gt;The future of business operations is agentic. The only question is timing.&lt;/p&gt;




&lt;p&gt;&lt;em&gt;Kris Racette is the Founder &amp;amp; CEO of Executive Mind, an AI-first operations company based in Brisbane, Queensland. Specialising in agentic business operations, financial AI strategy, and multi-agent architecture, Kris helps Australian enterprises navigate the future of work. Learn more at &lt;a href="https://krisracette.me" rel="noopener noreferrer"&gt;krisracette.me&lt;/a&gt; or &lt;a href="https://executivemind.io" rel="noopener noreferrer"&gt;executivemind.io&lt;/a&gt;. Follow on &lt;a href="https://github.com/Roughn3ck" rel="noopener noreferrer"&gt;GitHub&lt;/a&gt; or &lt;a href="https://au.linkedin.com/in/krisracette" rel="noopener noreferrer"&gt;LinkedIn&lt;/a&gt;.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>aiautomationagentsproductivity</category>
    </item>
  </channel>
</rss>
