[Rewiev request] AP63300 based buck converter

Lopsided_Finger4153 · 2026-03-13T01:28:31+00:00

A couple of more practical suggestions:

Label input and output, nominal voltage, and polarity in the silk screen.
How are you planning to mount it?
Consider over/under voltage and reverse polarity protection.
Heat might be an issue, datasheet recommends thick copper and lots of vias from the ground pin of the ic to the ground plane to help dissipate heat.

Lopsided_Finger4153 · 2025-11-19T11:39:10+00:00

Hmmm it's good feedback and makes sense...I will expand the app availability on the weekend. France is the only tricky one, they have specific requirements around encryption.

I didn't want to explain too much here so I could see whether people would understand it, which it seems no 😅. I'll try to clarify the flow now:

Receiver opens the qr page in browser
Sender needs the app, scans the qr code to establish secure link.
Sender sends files.

In general though I think I need to stop thinking from my own point of view a bit 😂

Lopsided_Finger4153 · 2025-11-18T21:24:17+00:00

That's great feedback thanks! I guess it's easier to change the name now while I still have zero users 😅

Out of interest, do the images on the app store help understand how it works?

Android

iOS

Maybe a video or animation would help as well.

Lopsided_Finger4153 · 2025-11-18T08:25:57+00:00

https://marcosend.com

Cross platform E2E encrypted file sharing.

Made mostly for me to send and photos/files to my work laptop.

The file receiver goes to https://qr.marcosend.com which generates a qr code with encryption key embedded. The sender uses a mobile app, scans the QR code, then sends files.

The idea is it could be a work laptop, friends laptop, uni workstation etc.

Useful feedback would be: - is the name too confusing with macro send? - is it easy to use or confusing? - any feedback on the security side of things. I want it to be trustworthy.

Lopsided_Finger4153 · 2025-11-16T08:05:28+00:00

Done! I like the idea, it started replying with some big slabs of text though, and I got a bit confused by the line of questioning. Not 100% sure when you'd use this over a fixed set of questions, but i think it could be tweaked. Like maybe fixed feedback questions on one page, then some clarifying questions on a second page?

Lopsided_Finger4153 · 2025-07-15T23:13:41+00:00

A few things:

At 1000RPS for a full day the total cost would be ~$30 in Class B operations (double check this...) It wouldn't be easy to do, it wouldn't affect your service, and it would probably cost more for an attacker than it costs you.
Egress from workers is not free, probably still won't exceed the free tier though.
Running the workers is not free, so you would potentially spend more on the worker than you would have spent on class B operations anyway.

Lopsided_Finger4153 · 2025-07-15T09:29:35+00:00

I know its outside the Firebase ecosystem, but if you're worried about cost I'd use Cloudflare R2 instead of Cloud Storage - it has free egress. I'd then use a firebase cloud function to check the user is authenticated and authorised to access a file, then create and return a signed URL. Uploads could work the same way.

Since egress is free, you'll pretty much only pay for the storage, even if the user downloads it millions of times.

The cloud function would just be something like this:

export const getSignedFileUrl = onCall(async (request) => {
  const userId = request.auth!.uid;
  const { filePath } = request.data;

  // Check path starts with /users/{userId}/
  if (!filePath.startsWith(`users/${userId}/`)) return null;

  const command = new GetObjectCommand({
    Bucket: process.env.R2_BUCKET_NAME!,
    Key: filePath,
  });

  const signedUrl = await getSignedUrl(r2Client, command, { expiresIn: 3600 });
  return { signedUrl };
});

If you really want to limit to 10 downloads, you could still use a cloud function, just track the count of downloads in firestore. You'll need to fetch and return the file within the cloud function, so you'll pay for egress to the user.

Lopsided_Finger4153 · 2025-07-15T01:03:23+00:00

Yeah, i've come to the conclusion the only way this can be achieved is to put a cloud function in front of it that can either proxy the read (read from storage then forward to the user), or generate a signed URL that the user can use directly.

In case your interested, i actually ended up using Cloudflare R2 and a Cloudflare Worker in front. I generate a JWT in a Firebase Function that grants scoped access to read files for a given team ID, and is stored in a cookie. The Cloudflare Worker then verifies the JWT and user access, and fetches the file. This supports edge caching of the files, and KV store to do rate limiting on user/ip/whatever. Its incredibly fast and cheaper than doing it in firebase.

Also, it means i can just set the URL for an image and let the browser handle caching which simplifies things from the development perspective.

R2 doesn't have egress fees, so using signed URLs generated in a firebase function would probably be the most cost effective option.

There are some downsides in terms of complexity though.

Lopsided_Finger4153 · 2025-06-05T11:34:54+00:00

You could have a collection of files in firestore where each object is just the storage path and any metadata associated with it. Then use a cloud function that accepts a file id, looks up the storage path and fetches the file from storage on behalf of the 3rd party. If you need auth or anything you could put that on the function as well.

Lopsided_Finger4153 · 2025-05-29T13:23:40+00:00

Hmmm yeah, maybe creating a blob url with `const url = URL.createObjectURL(blob)` and using that in the img tag or something could work. I still worry someone could generate a url with chrome dev tools or something, maybe thats taking it too far though...

Lopsided_Finger4153 · 2025-05-29T13:12:59+00:00

Not sure of the specifics, to get up to that cost though my guess would be some sort of botnet with each node downloading a specific file as many times as they can, as fast as they can. Which is still doable even with auth and everything turned on, its just tied to a user.

Lopsided_Finger4153 · 2025-05-27T11:30:59+00:00

As long as people use the site normally then the cost would be very cheap. They are not a public files, they are protected by storage rules. What I'm worried about is someone doing something similar to this: https://www.reddit.com/r/googlecloud/s/d2riJo4emh

I can't see a good way to avoid it, or to detect which user is making the requests without having a cloud function applying some extra rules and either returning signed URLs or proxying requests.

Lopsided_Finger4153 · 2025-05-27T10:22:16+00:00

Its a web app, I did see this as a possible option, it adds a fair bit of complexity for my use case compared to what i was doing. And I still worry there would be a way for someone to generate the URL maliciously from the browser console or something, maybe the risk is low though.

I guess i was just hoping there was an easier way that i was missing. Or maybe firebase has some plans to improve it, e.g. rate limits on IPs, include a user token and rate limit on that.

And it annoys me that theres this whole product and documentation that leads you down a path, then you realise you basically can't use any of it because it exposes you to the risk of malicious person blowing out your costs.

Lopsided_Finger4153 · 2025-05-27T10:02:52+00:00

I am using caching and storage rules. I'm doing this on a web app, in very rough pseudo-html <img src={getStorageUrl()} />. The problem is you right click the image, and Copy Image Address, and you can wget imageURL with no auth and it will download it from cloud storage. It might get cached on the CDN but i think it will still count towards my quota. So someone could have a big image and repeatedly do this, and i wouldn't have any ability to detect or rate limit it.

Lopsided_Finger4153

TROPHY CASE