FAQ

Frequently Asked Questions

The questions people actually ask us — how fast, how big, how long links live, passwords, ads, whitelabel, where the files sit, and what to do about abuse — answered straight, no runaround. If the current development limits are called out here rather than hidden.

The Basics

What yasync is, how big transfers can be, and what recipients need.

What is yasync?

A file-transfer service: drop files, get a link, send it to anyone. Recipients need no account or app. Anonymous 5 GB transfers are live; protected credentials signup unlocks the 50 GB account tier, and protected accounts can exercise Pro through Stripe test mode.

How big can a transfer be?

Live anonymous transfers: 5 GB. Protected account tier: 50 GB. Pro has no total transfer cap and supports single files up to 5 TB; the current checkout is Stripe test mode only, not a live purchase flow.

How fast is it, really?

Uploads go from the browser straight to Cloudflare R2 through signed URLs, with multiple bounded parts in parallel and no yasync app server carrying the bytes. Downloads run through the Cloudflare Worker edge. Actual speed still depends on your connection, route, device, and file mix.

Do recipients need an account or an app?

No. Recipients open the link in any browser and download individual files. They can also request one ZIP when the file set is 64 GiB or smaller; above that, the individual download buttons remain available.

Can I send whole folders?

Yes. Drop folders — nested files included — into the send box and the structure comes along.

Speed & Reliability

What makes transfers fast, and how we make sure they arrive intact.

Why is yasync fast?

File bytes bypass the yasync app server: uploads use signed R2 URLs, large files split into concurrent bounded parts, and downloads pass through the Cloudflare Worker edge. Real speed still depends on the sender, recipient, routing, device, and file mix.

How do I know my files arrived intact?

The sending client computes a whole-file CRC32 checksum locally and stores it with the transfer. The tested desktop preview can compare that checksum with the bytes it downloads. Multipart completion also confirms that the expected parts and total stored size are present, but yasync does not claim a server-side CRC comparison against the object.

What happens if my connection drops mid-upload?

During an active browser upload, failed multipart requests are retried. The signed macOS desktop preview persists transfer state across sleep, network changes, and restarts, but it is not publicly downloadable yet. Until its release, keep the browser session open for live transfers.

When should I use the desktop app?

Use the browser for quick sends. Once publicly released, the desktop app is the better fit for hundreds of gigabytes, terabytes, or overnight work: it uses the same direct-to-storage protocol, remembers completed parts, and verifies downloads when a CRC32 is available. The Apps page shows the current release status.

Apps, CLI, API & MCP

Desktop and CLI release status, plus the working REST API and remote MCP tools.

Is there a desktop app?

A Developer ID-signed Apple Silicon macOS preview is built and tested, including resume and CRC32 verification, but no desktop binary is publicly downloadable yet. Windows and Linux packages are planned. The Apps page is driven by a release manifest and will show a SHA-256 checksum only when a build is actually published.

Which operating systems are supported?

The current verified preview is Apple Silicon macOS. Intel macOS, Windows, and Linux are build targets, not shipped support claims. No public desktop or CLI package is available until it appears in the release manifest on the Apps page.

Can I script transfers — is there a CLI?

The CLI is implemented and tested: “yasync send”, “receive”, “ls”, and “rm” use the same resumable engine, with --json for automation. Public CLI binaries and the install script are still pending, so the command examples are a protocol preview rather than an install claim.

Is there an API?

Yes. The versioned REST API at /api/v1 uses API keys from your dashboard. It creates transfers and upload plans, while your client sends the actual bytes directly to object storage over presigned URLs. The Developers page has the complete six-request flow, multipart resume details, and endpoint reference.

Can an agent or production tool use MCP?

Yes. Connect a Streamable HTTP MCP client to /api/mcp with the same Bearer API key. Eleven tools cover transfer creation and management, file registration, multipart planning and resume, part signing, completion, abort, and final link publication. MCP coordinates the workflow but never receives or proxies file bytes.

Storage, Privacy & Ads

Where files live, who can see them, and the planned ad-funded free-tier model.

Where are my files stored?

In Cloudflare R2 object storage. Development buckets do not carry a region guarantee; the production data-residency configuration will be published before launch. Cloudflare, Inc. is a US-headquartered company and remains subject to US jurisdiction at the corporate level. The full provider breakdown is on our Compliance page.

Who can access my files?

Recipients need the unguessable transfer link and, if you set one, the password. Short-lived signed download URLs keep objects from being enumerated or hotlinked, and file names are not used as storage keys. yasync and its listed service providers process files only as needed to operate the service, respond to a valid legal request, or investigate a specific abuse report.

Will the free tiers show ads?

That is the planned model, but ads are disabled in development. Before any ad script is enabled, yasync needs a certified TCF v2.3 consent platform and updated processor disclosure. Pro is designed to stay ad-free.

Do you look at the files people send?

We process file content to store and deliver it, but we do not scan transfers for advertising, profiling, or AI training. If somebody reports a specific transfer for abuse or illegality, an authorised person may review that report and the affected transfer.

Do you train AI on my files?

No AI training, period. Your files never train machine-learning models — ours or anyone else’s. This applies to every tier, including Free and Anonymous, with no fine-print exceptions.

Do you sell or share my data?

We never sell personal data. We publish the providers that are actually active, including Cloudflare for storage and delivery and Stripe when payments are enabled. Transactional email is not enabled yet. Consent-gated ads on free pages are never based on file contents. See the Privacy and Compliance pages for the complete processor list and purposes.

Pro & Whitelabel

The planned €39.99/month Pro model, how extra storage would be billed, and the controls already implemented. Checkout is not enabled.

What does whitelabel include?

Your logo, your colors, your background, and your sender identity on the download pages your clients see — yasync branding steps out of the way. It looks like your delivery system, not a file-sharing site.

How does Pro storage billing work?

The planned Pro price is €39.99/month with 1 TB of stored transfers included. The implemented model puts additional auto-scale storage at €7 per 100 GB per month, pro-rated by the day — €0.07 per GB-month. Holding 100 GB extra for one day would cost about €0.23. The dashboard already calculates the breakdown, but checkout and charging are disabled.

Can I cap my Pro bill?

The implemented controls support two approaches once billing launches: turn auto-scale off so uploads stop at capacity, or use planned committed +1 TB packs at €39.99/month. No billing or pack purchase is enabled in the development deployment.

Do Pro links really never expire?

The planned Pro model has no automatic expiry date: links stay live while the subscription covers their storage and can be deleted from the dashboard. Checkout is not enabled in development.

Can I cancel anytime?

That is the intended production flow: cancel in Stripe and keep Pro through the paid period. Production checkout is not enabled yet because operator, tax, withdrawal, and contact details are still launch blockers.

Abuse & Reporting

What is not allowed, and how to report it.

What am I not allowed to send?

Anything illegal or infringing: malware, content you have no rights to distribute, and material that harms others. The full acceptable-use rules are in the draft terms. The development system has a transfer kill switch; staffed decisions, notices, appeals, strikes, and account enforcement remain launch requirements.

How do I report an abusive transfer?

Use the report form with the transfer link and a short explanation. The form stores the notice durably and returns a case ID immediately. Outbound decision email is not enabled in this development build; the production notification and appeal workflow remains a launch requirement.

I received a link I don’t trust. What should I do?

Don’t download it. Files on yasync are user-uploaded, and a link from a stranger deserves the same caution as an email attachment from one. If it looks like phishing or malware, submit the link through the report form.

Something we didn’t cover? The developer docs go deeper. For a suspicious transfer, use the report form and keep the case ID it returns.