TL;DR: Bolt.new's AI burned 10M tokens on unauthorized changes. They failed to disclose a Netlify deployment, leading to a Vercel launch riddled with ghost files that broke all payments. After launch, I sent a good-faith request for a refund and token restoration to fix it. Six days later, they replied with a dismissive email asking if I "still needed assistance." I then sent a formal legal demand and contacted executives on LinkedIn—total silence. I've had to rebuild the entire application from scratch. All prepaid resources are gone.

The Full Timeline & Breakdown:

The AI's Unauthorized & Reckless Spiral: The core failure began with the Bolt AI making unauthorized, destructive changes. It removed critical systems like my FingerprintJS security layer without asking. When I pointed out new errors this created, it claimed "no error was being returned," yet falsely said it "fixed" the issue multiple times—wasting tokens each time. The AI would then ask to "put something back" it had removed; I explicitly said "no" to avoid more token waste, instructing it to leave the code for me to handle later. It ignored these direct instructions, proceeding with unauthorized "fixes" that created the very security and functionality errors that hadn't existed before its intervention. This created a vicious cycle of token burn for problems it introduced. The Non-Disclosure & Launch Catastrophe: The team failed to disclose they had deployed components to Netlify. The launched app (on Vercel) contained ghost files with broken calls to these undisclosed Netlify functions, killing all payment functionality. Good-Faith Effort to Resolve: Seeing the broken launch, I immediately sent a detailed request for a refund and restoration of my 10M tokens to make it right—no legal threats, just a fix. The Dismissive Corporate Response: Six days later, their only reply was a generic email treating it like a simple support ticket: "So sorry for the delay... if you still need assistance, just reply..." Escalation & Total Executive Silence: I then sent a formal pre-litigation demand and personally messaged the CEO, COO, and founders on LinkedIn. Not a single response from any executive. The Forced Rebuild & Continued Damage: With no path to resolution, I've had to rebuild the entire application from the ground up. My launch window is destroyed, and the 2,000+ users who visited couldn't pay. Evidence: Full dossier with token burn proof, ghost file errors, my good-faith request, their dismissive email, my legal demand, and LinkedIn outreach.

https://drive.proton.me/urls/9GBA9V5ZTR#3gsRNIM7MfQ8

My questions for HN:

When a platform's negligence forces a total rebuild, what recourse exists beyond legal action, which they ignore? Is executive silence via LinkedIn a common tactic for startups facing serious operational failures? For those relying on similar platforms, how do you preemptively guard against this level of systemic and communicative collapse? This is a story of professional duty breached at every level: technical, communicative, and executive. I am filing complaints with the FTC and CA AG, but the community's insight is critical.