Your key
will leak.

And it's no longer your problem.

The real key is encrypted and lives inside proxykey. What goes out is only a pass — bound to your IP, capped by limits, revoked in one click. Stealing it is pointless.

OpenAI / Anthropic / Google / Mistral / Together
↑ click — the pass in a stranger's hands

The reality of leaks

23.7M
working keys leaked into public code in a year
< 1 min
until the first attack on a freshly leaked key
70 %
of leaks come from code and logs, not breaches
$4.9M
average cost of a single breach involving compromised credentials
// secrets leak into public repos, logs and bundles with an ordinary commit — no hacking required · figures: GitGuardian State of Secrets Sprawl, IBM Cost of a Data Breach

One leak — two outcomes

A normal key leaked
They got everything

Full API access, from any address, with no limits. Your balance drains for days while you sleep.

A pass leaked
They got nothing

Foreign IP — denied. Limits — a wall. And the original is encrypted and never leaves proxykey at all.

How the key is protected

Not "we'll rotate it if something happens" — the leaked key is useless before you even notice it's gone.

IP binding
A pass only works from your address. A request from a foreign IP is rejected instantly.
Request limits
Your own rpm and rpd on every pass. A spike hits a wall — not your bill.
The original stays locked
The real key is encrypted with AES-256-GCM and never leaves proxykey. A leaked pass can't reveal it.
One-click revocation
Spotted foreign activity — the pass is dead instantly. The original stays untouched.
// the full threat model — uncomfortable questions and open-source encryption code included: proxykey.org/en/security

One place for everything

Vault
All keys under one roof

OpenAI, Anthropic, Google, Mistral — in one panel. Reissuing any key takes a second, with zero downtime.

MCP for AI
Agents — without the key

The built-in MCP server hands AI agents passes instead of real keys. An autonomous agent will never see the original.

Inside the panel

A human enters the real key — once. From then on, apps and AI agents only ever receive a pass, and everything else is visible and managed in the panel.

FN.01Pass

A pass
instead of the key

Every real key gets its own pass with a prefix, limits and IP binding. Revoked in one click — the original is never touched.

a separate prefix for every app
status active · learning · revoked
the original is encrypted, shown once
FN.02Guardrails

IP and limits —
you set them

A pass works only from your address and stops at your rpm/rpd. A request from a foreign IP or over the limit gets an instant denial — not a charge on your balance.

binding modes: auto · manual · off
separate per-minute and per-day limits
a spike hits a wall, not your bill
FN.03Observability

Every request
is visible

Method, path, status and latency of every request — in real time. Errors and limit denials are highlighted immediately, no external dashboards needed.

a live log for every pass
24-hour and 7-day stats
no keys, no headers in the logs
FN.04New · MCP

MCP for
AI agents

Connect an agent to the built-in MCP server with one URL and an mcp_… token. It creates, rotates and revokes passes on its own — but the real key stays out of reach. Only a human can enter the original, in the panel.

local over stdio or hosted over HTTP
passes, logs and stats — from the chat
the original key never enters the context

Let the key leak.
Let it cost you nothing.

Set up your first key in a minute. We encrypt and hide the real one — you get a pass and full control over it.

Protect your keys for free →
No card · IP binding · Limits · AES-256-GCM · MCP