What we shipped

Closed open tech debt, shipped a 3-email dunning state machine, and executed the marketing-ready public release.

• Startup environment validation — Zod schema (@t3-oss/env-nextjs) catches misconfigured secrets at build time and cold start; failed parse pins the previous Cloud Run revision
• Sentry serverless capture — serverlessCapture() helper wraps captureException + flush(2000) across ~30 server-side call sites; lazy-loaded Sentry feedback widget on every error page
• Hydration-mismatch fix — OrgSwitcher / NotificationBell / Avatar root-cause-fixed via skeleton-swap (no suppressHydrationWarning)
• Structured 5xx error responses — every API error includes trace_id for one-click Sentry lookup; custom branded 404 + 500 pages preserve the Angkor Wat motif
• Payment email recovery — additionalPaymentEmails field with verify-link UI, 24-hour SHA-256 tokens, max 5 emails per organization; resolveOrgByEmail falls back to alt-email when admin email doesn't match
• Dunning state machine — 3-email series at day 0, day 3, day 7 driven by Cloud Scheduler; cancel-on-payment via NAS transaction success path; idempotency keys per stage per cycle
• Marketing launch — Lighthouse-green public pages with @lhci/cli as CI gate; sitemap, robots, JSON-LD; static OG cards across LinkedIn / X / Slack / Discord; PostHog cookieless analytics with an 8-event funnel and PII-free property allowlist; this hand-curated changelog with RSS / Atom / JSON Feed; independent Upptime status page on status.tmrone.cloud; ≥800-word launch announce post; 45-second Khmer → English demo video with km + en captions
• ✨ Pricing update — Every paid plan now includes 2× the monthly audio minutes at the same price ($29 / $79 / $199), effectively halving the per-minute rate. Pay-per-use rate set to $0.06/min, aligned with subscription pricing math.

Replaced two payment integrations with a single consolidated gateway and shipped the in-app notification center.

• NAS Zero Link payment processor — replaces both Credyt (international) and Bakong KHQR (Cambodia) with a single Zapier-relayed flow; subscription state owned in Firestore, lifecycle driven by Cloud Scheduler
• Notification center — realtime bell with unread badge, desktop dropdown, mobile sheet, sonner toast, paginated /dashboard/notifications inbox, 5-category preference toggles in Settings
• Billing-failure email + notification fan-out — notifyAndEmail() dual-channel helper with 13-type registry, per-channel idempotency, 15-minute storm-window dedup, OPS-only short-circuit; cross-client verified across Gmail / Outlook / Apple Mail
• Single-path NAS billing UI — /dashboard/billing rewritten as the single NAS flow with subscription checkout (5 plans), wallet top-up (6 amounts $10–$1000), refund visibility, mailto support; 7-day grace period with renewal CTA
• Refund safety — Cloud Monitoring alert policy on nas_refund_normalize_failure (5-minute rolling SUM > 0 → email page); raw-payload capture deferred to v1.3
• Hard cutover — Credyt and Bakong code paths fully removed, Firestore rules updated, CI grep guard prevents legacy reintroduction

Hardened the platform for production traffic with cryptographic webhook verification, end-to-end error monitoring, and reliable transactional email.

• Webhook security — dual-secret HMAC verification on the Credyt webhook with constant-time comparison; Bakong check route rewritten to close cross-organization replay risk
• Production deployment — Firebase App Hosting on tmrone.cloud behind Cloudflare WAF + rate limiting (100/300 requests per minute per IP)
• Error monitoring — @sentry/nextjs v10 instrumentation across server / edge / client / dispatcher; five-layer error boundary hierarchy with branded fallback pages
• Transactional emails — Resend on mail.tmrone.cloud subdomain with verified SPF / DKIM / DMARC; 9 email types (welcome, billing receipt, password changed, plan change, 80% / 100% usage alerts and nudges, API key created / revoked) under a single TMRONE-branded layout
• Performance — 60-second /api/v1/transcribe timeout with 504 processing_timeout UX and an elapsed-time counter
• Documentation — DEPLOY-RUNBOOK.md covering bootstrap, deploy, rollback, secret rotation, and prod smoke

The first AI speech SaaS platform purpose-built for Khmer and English ships to production.

• Authentication via Firebase session cookies — sign up, sign in, password reset
• Angkor Wat-inspired light + minimal design system with Khmer typography (Noto Sans Khmer)
• Multi-tenant organizations — invite teammates, role-based access (Admin / Developer), org switching
• API key system — tmr_sk_* format, SHA-256 hash-only storage, show-once reveal, per-key rate limits
• Speech-to-text API — POST /api/v1/transcribe with MP3 / WAV / M4A / OGG / FLAC / OPUS support, browser microphone via MediaRecorder
• Text-to-speech API stub — POST /api/v1/tts returns a 503 contract while we finish the engine
• Usage metering — atomic Firestore counters, fail-fast 429 at plan limit, 5-tier plan enforcement
• Billing — Credyt (Stripe layer for international cards) + Bakong KHQR (NBC direct API for Cambodia), 5 plans, subscription + pay-per-use wallet
• Developer dashboard — usage analytics, billing management, in-platform API docs (curl / Python / Node.js), webhook CRUD with HMAC signing
• Public playground — 3 free transcription tries before login gate, file upload + live mic input
• Landing + public docs — Khmer narrative, pricing, transcribe API quickstart