HomeChatModelsImagesPackagesDocsInstallSettings

Settings

Manage your API keys securely. Your keys are encrypted in your browser — we can never read them.

Encrypted Vault

Your API keys are encrypted with AES-256-GCM using a password only you know.

Create a vault password to encrypt your API keys. This password never leaves your browser.

Change Password

Update your account password.

How It Works

Your privacy is our priority. Here's the technical detail:

1
You create a vault password

This password never leaves your browser. We never see it, we never store it.

2
PBKDF2 key derivation

Your password is stretched with 600,000 SHA-256 iterations into a 256-bit AES key.

3
AES-256-GCM encryption

All your API keys are encrypted in your browser before being sent to our server.

4
Encrypted blob stored

The server stores only salt + IV + ciphertext. Without your password, the data is useless.

5
Decrypt only when needed

When you use the Chat, keys are decrypted in your browser and sent directly to the AI provider — we never see them in plaintext.