April 16, 2026

AI ate my wallet

Article URL →HN comments →

€54k spike in 13h from unrestricted Firebase browser key accessing Gemini APIs

€54k overnight bill after a “public” key lets bots binge Gemini — commenters roast Google

TLDR: A public browser key let bots blitz a Gemini AI account, racking up €54k in hours; Google called it valid use and refused a refund. Commenters slammed the lack of fraud controls and mixed messaging on keys, while others said never expose paid keys in the app and begged for better guardrails.

A developer flipped on a simple AI feature in Firebase and woke up to a €54,000 shock in 13 hours — swarms of automated traffic hammered their Gemini AI account through a browser key with no restrictions. Google said the usage was “valid” because it came from the project, and denied a refund. Cue community meltdown.

The loudest chorus? Outrage that a company selling “smart” services didn’t catch something so obviously off. One commenter blasted, “That’s ****ing bonkers… a company LITERALLY SELLING machine learning” couldn’t flag this. Others dragged Google for years of messaging that API keys (the basic access tokens) “aren’t secrets,” only for Gemini to flip the script, echoing the Truffle Security post: keys used to be fine in public, now they’re a loaded wallet.

Not everyone piled on Google alone. A pragmatic camp pointed out the calls happened in the browser — so the key was effectively public. Their advice: never put paid keys client-side, move calls to a server, set spend caps, quotas, and IP restrictions. Meanwhile, the hot-take factory pitched wild fixes like real-time crypto paywalls for APIs. HN linkers chimed in with receipts. The meme of the day: AI so smart it couldn’t detect AI-driven bill spikes — and devs stuck holding the bag.

Key Points

  • A Firebase project incurred €54k+ in Gemini API charges within about 13 hours.
  • The surge followed enabling Firebase AI Logic and adding a simple AI feature for generating web snippets.
  • Requests used an unrestricted browser API key for Gemini calls, and traffic appeared automated and not user-driven.
  • Usage stopped after the team disabled the API and rotated credentials.
  • Google Cloud support classified the traffic as valid project usage and denied a billing adjustment.

Hottest takes

"That’s fucking bonkers that nothing in the system could see this as unusual… Just... Wow Google" — patcon
"i’m thinking it’s time we replaced api keys… some type of real time crypto payment maybe?" — lukewarm707
"This implies the API calls originated in the client, suggesting the client may have had they API key" — drtz

Save News

Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.