I got tired of not knowing why users were dropping off in my app. Heatmaps show you where people click. Analytics show you when they leave. But nothing tells you how they felt while using it. So I built SessionMood API — a REST API that scores user mood in real time based on behavioral events. You send behavioral events from your frontend: fetch("https://session-mood-api-production.up.railway.app/
A lot of online businesses eventually run into the same problem: traditional payment processors don’t always scale well for every type of business model. Over the past months, I’ve been exploring how modern payment infrastructure works, especially from a technical and architectural perspective. This is not a guide or a product pitch — just a breakdown of what I’ve been learning while building and
The Model Context Protocol (MCP) has become the default standard for connecting AI agents to external tools and APIs. Governed by the Linux Foundation since early 2025 and adopted by OpenAI, Anthropic, Microsoft, and Vercel, MCP is the USB-C port of the AI ecosystem — one protocol that lets any LLM application talk to any tool server. But there's a gap between reading the spec and building somethi
Background I did some research online and found a nice course that teach how to build LLM from scratch. The course is shared public online and all the assignment resources are here: https://cs336.stanford.edu/. In the following series, I will put the summary and notes starting from lession 1. Tokenization is at the very beginning of the LLM. There were many different tokenization algorithm, suc
If you have spent any real time with Claude Code, you have probably noticed the same problem I did. You write the same instructions in the prompt every other day. "Use four-space indentation here." "Always run the linter after edits." "Format commit messages this way." After the third or fourth repeat, it stops feeling like a prompt and starts feeling like missing config. Skills are how Claude Cod
In the previous parts, we explored SSL pinning across Android and iOS, including both certificate and public key approaches. But here’s the uncomfortable truth: Even perfectly implemented pinning is not enough. In this final part, we move beyond the client and look at what truly defines a secure mobile architecture: Mutual TLS (mTLS) Backend access control Defense in depth When mobile security act
The Work Is Too Specific for Enterprise Software Small and mid-sized teams run on operational content. A law firm receives NDAs, contracts, court filings, and client intake forms. A dental clinic handles referral letters, insurance documents, treatment plans, invoices, and patient forms. An accounting firm processes supplier invoices, receipts, bank statements, and monthly reports. A real estate
The Problem Changed The first version of Iteration Layer was written in TypeScript. That was the obvious choice at the time. The product looked like a normal web app with a normal API surface: accept a request, call a model or processing library, return a response. That shape did not last. Content-processing infrastructure does not behave like a CRUD app once people start using it for real work.