Bidet AI — public app fork, built end-to-end today

A separate distributable version of Bidet AI, forked from the personal Apex install, shipped as a private GitHub repo with a working settings UI and custom AI tabs. Two PRs merged. Domain wired. Email routing live. Ready to test locally; deploy is your call.

Date: 2026-04-26 (Sun). Architect: Claude Code on Apex. Coder: Cursor + Claude (PR 2 self-coded after Cursor stalled on harness verification). Cost: a few cents in API calls + one Gemini cap-raise.

The TL;DR. The differentiator (custom AI tabs that you define your own prompts for) is shipped and working. Two locked outputs run on every dump — Raw + Clean. Everything else is your tabs, your prompts, your call. Backend stateless, all your stuff lives in your browser via IndexedDB. No accounts, no DB, no Supabase, no Mark-paid tier (yet). Friends paste their Groq + Gemini keys once into Settings and use it.

What you have right now

A private repo at github.com/MrB-Ed/bidetai-app
Local working copy on Apex at C:\Users\Breezy\bidetai-app\
The personal Bidet at bidetai.thebarnetts.info on Apex port 8955 — untouched. Still works. Forked, not migrated.
Domain bidetai.app live on Cloudflare. Anything sent to *@bidetai.app forwards to breezybarnett16@gmail.com.

Two PRs shipped to main

bf94ac8 — PR 2: browser-only architecture (IndexedDB state, stateless backend, custom tabs UI)

1fe7b2e — PR 1: Groq + BYOK LLM abstraction + Wake Lock + IndexedDB resilience + research-backed AI prompt

PR 1 — plumbing + recording resilience

Local Whisper out, Groq Whisper in. Removed the torch + openai-whisper dependency entirely. New transcriber.py calls Groq's API; falls back to OpenAI Whisper if you set TRANSCRIPTION_PROVIDER=openai.
BYOK LLM abstraction. New llm.py auto-selects the first available provider (Gemini → OpenAI → Anthropic) from request keys, falls back to env keys for dev. The whole processor.py got rewritten to call llm.generate() instead of hardcoding Gemini.
Personal-Mark scrub. The hardcoded SPEAKER_CONTEXT in processor.py (your name, age, school, Omi pendant, Apex server, colleagues) is gone. Replaced with a clean prompt that doesn't presume a speaker.
Recording resilience. Wake Lock acquired on record start (prevents screen sleep mid-dump). IndexedDB pending-upload store: if the upload fails, the blob is saved locally and surfaces a "Unsent recording from … — Upload now / Discard" banner on next page load. noiseSuppression: false + autoGainControl: false on the mic constraints — both have been shown to drop audio on long captures.
Research-backed AI tab prompt. A research subagent dug up that Anthropic, OpenAI, and Google all agree: long context goes at the top, structured directives at the bottom. Lost-in-the-Middle (Liu 2024) and Context Rot (Chroma 2025) confirm it. The original FOR_AI_PROMPT had it backwards. New layout: ## Brief anchor (one sentence), then <transcript> XML block, then Decisions / Priority Signals / Open Questions / Action Items, then ## How to use this footer that owns the recency slot. Anthropic claims up to ~30% better follow-up accuracy with this order.

PR 2 — the architecture pivot (and the differentiator)

The original plan was Supabase auth + a Postgres schema with users / sessions / tabs / outputs tables. After mocking up the Chrome-agent runbook for project creation and the JWT middleware spec, the right answer became obvious: none of that infrastructure was buying anything the BYOK model needs. Pivoted.

What	Original plan	Shipped
API keys	Encrypted column in Supabase Postgres, server holds them	IndexedDB on the user's browser, server only sees them per-request
Custom tabs	Postgres `tabs` table with RLS policies + signup trigger to seed defaults	IndexedDB `tabs` store, defaults seeded on first page load
Session history	Postgres `sessions` + `outputs` tables, JWT-gated	IndexedDB `sessions` store, full history per user per browser
Auth	Supabase email + password	None. Friends bookmark the URL, paste keys once.
Backend state	Postgres + Supabase Auth + RLS	None. Two stateless endpoints: `/transcribe`, `/run-tab`
PRs to ship the differentiator	4 (auth + schema + tabs runtime + Settings UI)	1

The shipped backend is two endpoints:

POST /transcribe — multipart audio + keys JSON form field. Returns {raw, clean}. Uses your Groq + Gemini keys for one call, deletes the temp audio file, forgets you.
POST /run-tab — JSON body {input, prompt, keys}. Returns {output}. Frontend calls this in parallel for every tab you have enabled.

The shipped frontend is a single HTML page + ~700 lines of vanilla JS:

Settings ⚙ (top-right gear): API keys section (Groq, Gemini, OpenAI, Anthropic) and Tabs editor (list / edit / delete / + New tab).
Tab edit modal: name + system-prompt textarea. Save and it's yours.
Default seed tabs on first run: AI (the research-backed format), Business Notes (meeting + planning structure), Classroom Notes (generalized teacher-agnostic version of the original). All three are deletable, editable, replaceable.
Always-on tabs: Raw (verbatim Whisper output) and Clean (filler removed, grammar fixed). Locked. Always run.
History: every session you record is stored locally with raw + clean + per-tab outputs. Click an entry to reload.
Embeddable widget at /widget.js — drop into any site (Legacy Soil's proposal page, anywhere) with data-groq-key + data-gemini-key attributes. Reviewer brain-dumps from inside the page they're reading.

Domain + email — wired

You already added bidetai.app to Cloudflare on 2026-04-11 (Cloudflare Registrar, not Namecheap — saved a nameserver swap).
Today the Chrome agent created a wide-scope API token (CLOUDFLARE_API_TOKEN_BIDETAI) and dropped it for Apex pickup. Saved file-direct to tp3_neural_stack/.env, never echoed to chat. Source file in Downloads deleted after pickup.
Cloudflare Email Routing enabled. Three MX + SPF + DKIM records auto-created via the wizard endpoint. Catch-all rule: *@bidetai.app → breezybarnett16@gmail.com (your gmail was already a verified destination from prior thebarnetts.info routing — no email-click verification needed).
Test by sending anything to hello@bidetai.app from any other account. Should land in your gmail within a minute.
Workspace user bidet@thebarnetts.info — not created. Punted. Forwarding to gmail is fine for now and avoids touching the grandfathered free Workspace.

Two pivots that matter (the honest version)

Pivot 1 — chunked rotation didn't work. §5.10 of the original mission brief specced 30-second MediaRecorder chunks for resilience. Shipped that in PR 1, hit the classic timeslice gotcha (only chunk 0 has the WebM header), tried stop+restart rotation as a fix, hit a worse gotcha (late-run chunks degraded to empty 110-byte blobs after repeated stop+restart cycles in backgrounded tabs). Abandoned chunking entirely. Single MediaRecorder + Wake Lock + IndexedDB-on-failure = bulletproof for actual brain-dump use cases. Net audio lost: 0. Time spent down the chunking rabbit hole: ~2 hours of session that cost real Cursor cycles.

Pivot 2 — Supabase was overengineering. When you said "Seems like a lot of work on my part. Are you sure this is what we need to do?" you were right. The Supabase plan needed: a Chrome runbook for project creation, key capture, JWT verification middleware, RLS policies, signup trigger SQL, login/signup UI. All to provide auth and key storage that the BYOK model doesn't actually need. Browser-only is the right architecture for a "BYOK + tip jar" product. Three PRs collapsed into one.

What's left

Deploy. Cloudflare Pages for the frontend, Google Cloud Run free tier for the backend in us-central1. Nothing automated yet. Both are free at expected scale. Your call when to pull the trigger.
Optional PR 3 — hybrid free tier. Friends without their own Groq/Gemini keys would get 3 dumps/day at 5 min each on your dime, capped globally at $1/day to prevent runaway. Designed in §6 of the brief, not implemented. Defer until friends actually want to use it without BYOK.
Manual smoke test in browser. Architect verified the API end-to-end with a real .webm and a custom run-tab prompt — both passed. Have not yet driven the new Settings modal or the tabs editor through a live browser session. That's a 5-minute eyeball check on your end.
Drag-to-reorder on tabs. Currently the editor lists tabs in sort_order; you can edit that number manually but there's no drag handle. Future polish.

How to test it locally right now

cd C:\Users\Breezy\bidetai-app
uvicorn web.backend.main:app --host 0.0.0.0 --port 8957 --reload

Open http://localhost:8957 → click ⚙ Settings → paste your Groq + Gemini keys → Save → record a 30-second test.

Watch all three default tabs (AI, Business Notes, Classroom Notes) render in parallel after Clean lands. Try editing AI's prompt and rerunning. Try adding a new tab. Try History to reload a past session.

Cost

Service	Spent	Note
Cloudflare	$0	Free tier; existing zone reused
Supabase	$0	Avoided entirely (pivot)
Groq verification	~$0.01	Two real .webm transcribes during architect verification
Gemini verification	~$0.10	End-to-end runs of Clean + AI tab on real audio
Gemini cap raise	approved this session	Was on free tier, blocked verification once. You raised it; one-time event, no monthly subscription change
Cursor session	~hours of Cursor	PR 1 + harness work; Cursor-agent CLI hung silently for ~2h on the first dispatch (token-burning loop). Killed and restarted manually. Real coding time was ~20 min.
Architect (Claude Opus)	significant	Long session; multi-pivot iteration. PR 2 self-coded after Cursor's harness kept failing on automation issues that weren't real product gates.

Memory updates

project_bidetai_app_fork.md — current state (PR 1 + PR 2 merged), architecture, locations
reference_brain_dump_to_ai_format.md — research finding for the AI tab format (vendor guidance + Lost-in-the-Middle + Context Rot)

Decisions you made today (for the record)

Fork the personal version into a separate repo, don't migrate.
BYOK + ~$2 buy-me-a-coffee distribution model. Not a business venture.
Stay PWA. No Capacitor wrap. No App Store fees.
Drop Supabase. Browser-only state.
Forward *@bidetai.app to gmail for now; revisit a dedicated mailbox later.
Cursor for code execution; Jules deferred (overnight review of merged PRs is still on offer).
"Mark uses" reference removed from public README. Personal-Mark scrub passed.

Generated 2026-04-26 evening from the live session that built this. If anything in this report doesn't match what you see in the repo, the repo is truth.