ExtDB
API & MCP

Byoky

Encrypt your AI API keys locally. Never trust another extension with your OpenAI, Anthropic, or Gemini keys.

As of June 2026, Byoky has 8 users in the Developer Tools category.

michael.lodzikDeveloper Tools
Chrome Web Store ↗.crx
Usersno change0%
8
8
Ratingno change0%
— reviews
Reviewsno change0%
Version
0.9.13
Manifest V3
90-day change · In the last 90 days this extension 6 version updates, changed permissions.

History

10 snapshots

Tracking since Apr 1, 2026.

8.4851.5199999999999996Apr 1, 2026Jun 10, 2026
View as table
DateUsersRatingReviewsVersion
Apr 1, 20260.4.18
Apr 17, 20260.4.18
Apr 22, 202620.5.4
Apr 27, 202680.7.4
May 5, 202680.9.0
May 10, 202680.9.5
May 16, 202670.9.10
May 28, 202680.9.13
Jun 4, 202660.9.13
Jun 10, 202670.9.13
Now80.9.13

Changelog

  • Apr 22, 2026
    description
    byoky (Bring Your Own Key) is an open-source browser wallet that stores your LLM API keys and OAuth tokens in an encrypted vault.

HOW IT WORKS

1. Set a master password to create your encrypted vault
2. Add API keys (paste) or sign in via OAuth for Anthropic, OpenAI, Google Gemini
3. Visit any byoky-enabled app — approve access — your keys never leave the extension

FOR DEVELOPERS
Install the SDK: npm install @byoky/sdk
Two lines of code. Works with native provider SDKs. Full streaming support.

SECURITY
- AES-256-GCM encryption (600K PBKDF2 iterations)
- Keys never leave the extension — apps get temporary session tokens
- Full request audit log
- No cloud, no telemetry — everything stays on your device
- Fully open source (MIT): https://github.com/MichaelLod/byoky
    Your AI keys are worth $1000s. Stop pasting them into every new extension.                           
                                                                    
  byoky (Bring Your Own Key) is an open-source browser wallet that stores your LLM API keys and OAuth  
  tokens in an encrypted local vault. Developers integrate via @byoky/sdk — their apps use your keys   
  without ever seeing them.                                                                            
                                                                    
  HOW IT WORKS                                                                                       

  1. Install byoky and set a master password — your vault is encrypted on-device with AES-256-GCM.
  2. Paste your API keys or sign in via OAuth.
  3. Open any byoky-enabled app — approve access in one click. Your keys stay in the vault.            
   
  FEATURES                                                                                             
                                                                    
  • Works with every major LLM provider — OAuth or API key support out of the box, plus                
  OpenAI-compatible endpoints and custom bases. Full provider list on GitHub.
  • Setup tokens — use your paid chatbot subscription in addition to pay-per-use API keys.             
  • Apps marketplace — install curated mini-apps that run sandboxed inside the wallet. Your keys stay
  in the vault.                                                                                        
  • Token Pool — discover free token gifts shared by the community, or publish your own.
  • Token gifts — share access with friends or teammates without sharing the key itself. Set budgets,  
  expirations, revoke in one click.                                                                    
  • Alias Groups — bucket apps by purpose (Personal, Work, Side Project) and pin each group to a     
  specific key. Drag apps between groups to swap keys on the fly.                                      
  • Cross-provider routing — drag an app between groups and the wallet transparently translates the
  request body, response body, and SSE streams. Apps keep calling their preferred SDK; byoky picks the 
  upstream.                                                         
  • Mobile pairing — pair your iPhone or Android wallet via QR code; no extension install required for 
  mobile users.                                                                                        
  • CLI / desktop support — route CLI tools through @byoky/bridge. Your keys never leave the browser.
  • Backend relay — @byoky/sdk/server lets your server make LLM calls through the user's browser. No   
  secrets on the server.                                            
  • Full audit log — every request timestamped by app, provider, status.                               
  • Spending caps — per-app and per-provider token limits, enforced in the proxy.                      
  • Encrypted export/import — back up the vault as a .byoky file.
  • Local-first — no cloud account, no telemetry, no tracking.                                         
                                                                                                       
  SECURITY                                     
                                                                                                       
  • AES-256-GCM encryption with PBKDF2 key derivation (600,000 iterations) via Web Crypto API.         
  • Master password never leaves your device.  
  • Keys never leave the extension — apps only receive short-lived session tokens.                     
  • Fully open source under MIT license. Audit the code: https://github.com/MichaelLod/byoky
  • Apr 22, 2026
    short_description
    Bring Your Own Key — Secure wallet for your AI credentials
    Encrypt your AI API keys locally. Never trust another extension with your OpenAI, Anthropic, or Gemini keys.
  • Apr 22, 2026
    permissions
    storage, sidePanel, identity, nativeMessaging
    storage, sidePanel, identity, nativeMessaging, alarms
  • Apr 17, 2026
    host_permissions
    https://api.anthropic.com/*, https://api.openai.com/*, https://generativelanguage.googleapis.com/*, https://api.mistral.ai/*, https://api.cohere.com/*, https://api.x.ai/*, https://api.deepseek.com/*, https://api.perplexity.ai/*, https://api.groq.com/*, https://api.together.xyz/*, https://api.fireworks.ai/*, https://api.replicate.com/*, https://openrouter.ai/*, https://api-inference.huggingface.co/*, https://*.openai.azure.com/*, https://console.anthropic.com/v1/oauth/*, https://oauth2.googleapis.com/token, https://huggingface.co/oauth/token
    https://api.anthropic.com/*, https://api.openai.com/*, https://generativelanguage.googleapis.com/*, https://api.mistral.ai/*, https://api.cohere.com/*, https://api.x.ai/*, https://api.deepseek.com/*, https://api.perplexity.ai/*, https://api.groq.com/*, https://api.together.xyz/*, https://api.fireworks.ai/*, https://openrouter.ai/*, https://*.openai.azure.com/*, https://console.anthropic.com/v1/oauth/*, https://oauth2.googleapis.com/token

Permissions & access

Permissions
storagesidePanelidentitynativeMessagingalarms
Host access
https://api.anthropic.com/*, https://api.openai.com/*, https://generativelanguage.googleapis.com/*, https://api.mistral.ai/*, https://api.cohere.com/*, https://api.x.ai/*, https://api.deepseek.com/*, https://api.perplexity.ai/*, https://api.groq.com/*, https://api.together.xyz/*, https://api.fireworks.ai/*, https://openrouter.ai/*, https://*.openai.azure.com/*, https://console.anthropic.com/v1/oauth/*, https://oauth2.googleapis.com/token

Screenshots

Byoky screenshot 1Byoky screenshot 2Byoky screenshot 3

About

Your AI keys are worth $1000s. Stop pasting them into every new extension.                           
                                                                    
  byoky (Bring Your Own Key) is an open-source browser wallet that stores your LLM API keys and OAuth  
  tokens in an encrypted local vault. Developers integrate via @byoky/sdk — their apps use your keys   
  without ever seeing them.                                                                            
                                                                    
  HOW IT WORKS                                                                                       

  1. Install byoky and set a master password — your vault is encrypted on-device with AES-256-GCM.
  2. Paste your API keys or sign in via OAuth.
  3. Open any byoky-enabled app — approve access in one click. Your keys stay in the vault.            
   
  FEATURES                                                                                             
                                                                    
  • Works with every major LLM provider — OAuth or API key support out of the box, plus                
  OpenAI-compatible endpoints and custom bases. Full provider list on GitHub.
  • Setup tokens — use your paid chatbot subscription in addition to pay-per-use API keys.             
  • Apps marketplace — install curated mini-apps that run sandboxed inside the wallet. Your keys stay
  in the vault.                                                                                        
  • Token Pool — discover free token gifts shared by the community, or publish your own.
  • Token gifts — share access with friends or teammates without sharing the key itself. Set budgets,  
  expirations, revoke in one click.                                                                    
  • Alias Groups — bucket apps by purpose (Personal, Work, Side Project) and pin each group to a     
  specific key. Drag apps between groups to swap keys on the fly.                                      
  • Cross-provider routing — drag an app between groups and the wallet transparently translates the
  request body, response body, and SSE streams. Apps keep calling their preferred SDK; byoky picks the 
  upstream.                                                         
  • Mobile pairing — pair your iPhone or Android wallet via QR code; no extension install required for 
  mobile users.                                                                                        
  • CLI / desktop support — route CLI tools through @byoky/bridge. Your keys never leave the browser.
  • Backend relay — @byoky/sdk/server lets your server make LLM calls through the user's browser. No   
  secrets on the server.                                            
  • Full audit log — every request timestamped by app, provider, status.                               
  • Spending caps — per-app and per-provider token limits, enforced in the proxy.                      
  • Encrypted export/import — back up the vault as a .byoky file.
  • Local-first — no cloud account, no telemetry, no tracking.                                         
                                                                                                       
  SECURITY                                     
                                                                                                       
  • AES-256-GCM encryption with PBKDF2 key derivation (600,000 iterations) via Web Crypto API.         
  • Master password never leaves your device.  
  • Keys never leave the extension — apps only receive short-lived session tokens.                     
  • Fully open source under MIT license. Audit the code: https://github.com/MichaelLod/byoky

Technical

Version
0.9.13
Manifest
V3
Size
172KiB
Min Chrome
88
Languages
1
Featured
No

Metadata

ID
igjohldpldlahcjmefdhlnbcpldlgmon
Developer ID
u6d387ee5cfb134f0a4bc2683ad4525c3
Developer Email
[email protected]
Created
Mar 23, 2026
Last Updated (Store)
May 11, 2026
Last Scraped
Jun 10, 2026
Website
byoky.com
Support URL

Data sourced from the Chrome Web Store · last verified Jun 10, 2026.