Byoky

Byoky is an encrypted wallet for your AI API keys. Store credentials for Claude, ChatGPT, Gemini, and
12 more providers in one place — then let any compatible app use them without ever seeing the key.

WHY BYOKY
Every AI app asks for your OpenAI key, your Anthropic key, your Gemini key — or charges a monthly
subscription on top of what you already pay the model provider. Byoky flips that: bring your own key,
use it everywhere.

HOW IT WORKS
1. Set a master password — your vault is encrypted on-device with AES-256-GCM.
2. Add your API keys or a Claude Pro setup token.
3. Open any Byoky-enabled app in Safari, or scan a QR code to pair a desktop or web app. Approve
access in one tap — keys stay in the wallet.

FEATURES
• Safari Web Extension — connect apps you visit in Safari with one tap
• QR pairing — pair any browser on any device via relay
• 15 AI providers — Anthropic, OpenAI, Gemini, Mistral, Cohere, xAI, DeepSeek, Perplexity, Groq,
Together, Fireworks, OpenRouter, Azure OpenAI, and more
• Setup tokens — use your Claude Pro or Max subscription, not only pay-per-use API keys
• Apps tab — install curated mini-apps that run inside the wallet, sandboxed
• Token Pool — discover free token gifts shared by the community, or publish your own
• Token gifts — share access with friends or teammates without sharing the key; set budgets,
expirations, and revoke anytime
• Alias Groups — bucket apps by purpose (Personal, Work, Side Project) and pin each group to a
specific key
• Cross-provider routing — drag an app from a Claude group into a GPT group and the wallet
transparently translates the request body and streaming response
• Full audit log — every request timestamped by app, provider, and status
• Spending caps — per-app and per-provider token limits enforced in the proxy
• Encrypted export/import — back up the vault as a .byoky file
• Local-first — no cloud account, no telemetry, no tracking

SECURITY
• AES-256-GCM encryption with PBKDF2 key derivation (600,000 iterations) via Web Crypto API
• Master password never leaves the device
• Keys never leave the wallet — apps only receive short-lived session tokens
• Open-source under MIT license — read the code on GitHub

FOR DEVELOPERS
Integrate in two lines with @byoky/sdk. Use the native Anthropic, OpenAI, or Google SDK — just swap
in Byoky's fetch. Streaming, tool use, file uploads, and vision all work. No API keys in your code.
No secrets management. No leaked .env files.