IdeaWell

Project ideas from Hacker News discussions.

Databases in 2025: A Year in Review

Original Article

Hacker News Discussion

📝 Discussion Summary (Click to expand)

1. MCP Security Risks

Skepticism about granting LLMs direct database access via MCP, fearing violations of least privilege and hallucination-induced "SQL injection."
"A1aM0: "Pavlo is right to be skeptical about MCP security. The entire philosophy of MCP seems to be about maximizing context availability for the model, which stands in direct opposition to the principle of Least Privilege."
"Miyamura80: "unfettered access to databases are dangerous"
"nijave: "the LLM is too easily tricked and confused to enforce a permission boundary"

2. SQLite (and DuckDB) for Production

Debate on SQLite's viability for web/production use due to simplicity, low latency, and single-file design, often vs. Postgres; DuckDB praised for analytics/OLAP complementarity.
"TekMol: "two trends continued in 2025: 1: Moving everything to SQLite 2: Using mostly JSON fields"
"delaminator: "From my perspective, everything's DuckDB."
"lpil: "SQLite is likely the most widely used production database due to its widespread usage in desktop and mobile software"
"sanderjd: "I keep wanting sqlite for writes (and lookups) and duckdb for reads"

3. Gel/EdgeDB Sunset and Community Fork

Disappointment over Gel (ex-EdgeDB) joining Vercel and sunsetting, with calls for community maintenance.
"djsjajah: "You just ruined my day. The post makes it sound like gel is now dead."
"kaelwd: "[Discord quote] ...I'm putting out a call for volunteers to join a Gel Community Fork Working Group"
"divan: "Gel (formerly EdgeDB) is sunsetting it's development. ...That was a hard hit for me"

🚀 Project Ideas

Secure MCP Gateway

Summary

  • A monitoring and filtering proxy for MCP (Model Context Protocol) that enforces least privilege, detects hallucinations/injections, and provides safe database snapshots for LLM agents.
  • Core value: Prevents dangerous DB mutations from LLMs while enabling safe experimentation, addressing "reinventing SQL injection" fears.

Details

Key Value
Target Audience LLM developers building AI agents with DB access
Core Feature Real-time context inspection, nested transaction isolation via MVCC snapshots, hallucination detection using Simon Willison's lethal trifecta
Tech Stack Rust/Go for proxy, PostgreSQL/DuckDB extensions for snapshots, WebAssembly for LLM-side hooks
Difficulty Medium
Monetization Revenue-ready: Freemium SaaS proxy

Notes

  • "We've implemented a mechanism like this based on Simon Willison's lethal trifecta framework as an MCP gateway" (Miyamura80); HN users seek feedback and "band-aid solutions" for MCP security.
  • High discussion potential on agent safety; practical for prod prototypes.

SQLite-DuckDB Bridge

Summary

  • A lightweight sync service that uses SQLite for fast OLTP writes/lookups and DuckDB for OLAP analytics, with configurable watermark-based freshness and low-latency batching.
  • Core value: Transparent hybrid DB for apps needing row-oriented writes and column-oriented reads without ETL complexity.

Details

Key Value
Target Audience Indie devs, data apps using embedded DBs (e.g., web services, local analytics)
Core Feature Dual-writer mode with SQLite inserts + async DuckDB materialization, timestamp watermarks for query routing, DuckDB SQLite extension integration
Tech Stack Rust (libSQL + DuckDB), Tokio for async sync, Parquet for intermediate storage
Difficulty Medium
Monetization Hobby

Notes

  • "I keep wanting sqlite for writes... and duckdb for reads... transparently to the client" (sanderjd); "row-wise writing... column-oriented reads... sync process" (dietr1ch).
  • Sparks debates on embedded DB limits; utility for "building up state and then querying" workloads.

Time Series API Gateway

Summary

  • Unified ingestion/query gateway supporting InfluxDB/Prometheus APIs, routing to backends like ClickHouse/QuestDB/DuckDB/TimescaleDB with auto-sharding.
  • Core value: Simplifies multi-source time series pipelines, enabling easy swaps without client changes.

Details

Key Value
Target Audience DevOps, monitoring teams migrating from InfluxDB
Core Feature Protocol translation (Influx/Prometheus), backend abstraction with replication, downsampling/pre-aggregation
Tech Stack Go (for APIs), ClickHouse/QuestDB drivers, Apache Arrow for data transfer
Difficulty High
Monetization Revenue-ready: Hosted service ($/GB ingested)

Notes

  • "I'm running an experimental side project... glue between various time-series APIs" (speedgoose); "QuestDB... gaining some popularity... alternatives to InfluxDB" (shrx).
  • Fills gap in TS DB coverage; practical for HN's "not much happened... in time series" crowd.

Read Later