Terms of Use

By installing or using the Byoky browser extension, mobile apps, SDK, or the optional vault sync service at vault.byoky.com (together, the “Service”) you agree to these Terms of Use. If you do not agree, do not use the Service.

Byoky is an open-source bring-your-own-key (BYOK) wallet for LLM API keys. You supply your own keys to providers such as Anthropic, OpenAI, and Google. Byoky stores them encrypted on your device and proxies requests to those providers on your behalf. An optional cloud sync feature (the “Vault”) lets you use the same keys across devices with end-to-end encryption.

Byoky is not an LLM provider. We do not sell inference, tokens, or credits. All billing for LLM usage happens directly between you and the provider whose key you supply.

• You are responsible for the API keys you add to Byoky, including any charges those keys incur with their issuing provider.
• If you enable vault sync, you are responsible for keeping your password safe. Because encryption keys are derived from your password on your device, we cannot recover your data if you lose it.
• You must not share your account credentials or use someone else's keys without their permission.

You agree not to:

• Use the Service to violate any law or any LLM provider's terms of service
• Use the Service to generate, distribute, or facilitate illegal content, including CSAM, targeted harassment, or content that infringes others' rights
• Attempt to reverse, bypass, or interfere with the encryption, authentication, or rate limits of the Vault
• Attempt to access accounts, credentials, or data belonging to other users
• Use the Service to attack, probe, or disrupt Byoky or any third-party system
• Resell or rebrand the Vault service as a commercial product (you are free to self-host the open-source code under the MIT license)

Byoky lets you share access to one of your own API keys with another person by creating a “gift” — a shareable link backed by a token budget and an expiration date. When the recipient uses the gift, requests are proxied through a relay and counted against the budget you set. Your underlying key is never delivered to the recipient in the clear; they only get metered access to it.

When you create a gift you agree that:

• It's your key, your bill. You remain fully responsible for any charges the gifted key incurs with the upstream provider, including any usage within the token budget you granted.
• You must have the right to share it. Only gift keys that you own or are authorized to redistribute. Do not use gifts to circumvent a provider's terms, quotas, or sharing restrictions.
• You control the limits. Each gift carries a token budget and expiration. You can revoke a gift at any time, after which the relay will stop serving requests for it. Byoky enforces the limits you set but is not responsible for upstream provider actions (rate limits, bans, billing disputes).
• No monetization through Byoky. Gifting through the hosted Vault is free and is intended for sharing with friends, teammates, or communities. You may not resell gift access for money or use the hosted Vault as a commercial gift-card platform. If you want to build a paid product on top, self-host under the MIT license.
• Recipient responsibility. When you accept a gift, you agree to use it only within the budget and time window provided, and to comply with the upstream provider's terms. Abuse of a gift (e.g., scraping, illegal content, probing the relay) is grounds for revocation of that gift and termination of your account.
• System limits. A single user may hold at most 50 active outgoing gifts at any time. Expired gifts are removed automatically.

When you use Byoky to call an LLM provider, your prompts, completions, and any other data flow to that provider under its own terms of service and privacy policy. Byoky is not a party to that relationship and is not responsible for provider behavior, availability, billing, or content moderation decisions.

Byoky's source code is released under the MIT license. The MIT license governs your rights to the code itself. These Terms govern your use of the hosted Vault service and the distributed binaries (Chrome, Firefox, iOS, Android).

The Vault is provided on a best-effort basis with no uptime guarantee. We may modify, suspend, or discontinue the hosted Vault at any time. Because Byoky is open source, you can self-host the Vault to run it on your own terms.

You may stop using the Service and delete your vault account at any time from the extension Settings. We may suspend or terminate accounts that violate these Terms, abuse the Service, or put other users at risk. On termination, the account and all data associated with it are deleted as described in the Privacy Policy.

The Service is provided “as is” and “as available” without warranties of any kind, express or implied, including merchantability, fitness for a particular purpose, and non-infringement. We do not warrant that the Service will be uninterrupted, error-free, or secure against every possible threat.

To the fullest extent permitted by law, Byoky and its contributors are not liable for any indirect, incidental, special, consequential, or punitive damages, including loss of data, loss of API credits, loss of profits, or charges incurred with third-party LLM providers, arising from your use of the Service.

We may update these Terms from time to time. When we do, we will update the “Last updated” date above. Continued use of the Service after changes take effect means you accept the revised Terms.

Questions or notices regarding these Terms can be filed as an issue on GitHub.