Store API keys without
anyone seeing them.
Even us.

The password manager for API keys. Encrypted, zero-knowledge secured, and always under your control.

Start Free View Docs
vaultproof-cli
$
0
Secrets leaked on GitHub (2024)
0
Surge in AI credential leaks
$0
Avg cost of credential breach
0
Leaked secrets never revoked

Get started in seconds

Add VaultProof to your app with the SDK, or manage keys from your terminal with the CLI. Both are live on npm.

SDK

Import into your Node.js or TypeScript app. Handles Shamir splitting, encryption, and proxying automatically.

$ npm install @vaultproof/sdk

CLI

Manage keys from your terminal. Store, proxy, revoke, and monitor from the command line or CI/CD pipelines.

$ npm install -g @vaultproof/cli

Built on cryptographic guarantees

Not policies. Not promises. Math.

Key Splitting

Your API key is split into shares using Shamir Secret Sharing the instant you paste it. The original is destroyed in-browser. Half a key is cryptographic garbage.

Zero-Knowledge Proofs

Every access is authorized by a ZK proof that verifies ownership without revealing the key. We prove you have the right to use it without ever seeing it.

Ephemeral Reconstruction

Shares combine in a secure enclave for approximately 100ms. The API call is made, the response returns, and all key material is zeroed from memory.

How It Works

Three steps. Zero trust required.

1

Store

Paste your API key. Shamir Secret Sharing instantly splits it into encrypted shares in your browser. The original key is destroyed before it ever leaves your device.

2

Authorize

When you need to use a key, a zero-knowledge proof cryptographically verifies you are the rightful owner. No passwords, no tokens, no trust.

3

Proxy

Shares are reconstructed in a secure enclave for ~100ms. The API call is proxied, the response is returned, and all key material is zeroed from memory.

3 Lines. Zero Trust.

Install the SDK and start making cryptographically secure API calls.

index.js
// npm install @vaultproof/sdk
const vault = new VaultProof('vp_live_abc123...')
const key = await vault.store('sk-openai-key', 'openai')
const res = await vault.proxy(key, '/v1/chat/completions', {
model: 'gpt-4', messages: [{ role: 'user', content: 'Hello!' }]
})

vs Every Other Secrets Tool

Every competitor can see your keys. We literally cannot.

Platform Can see your key? ZK Proofs? Key Splitting?
HashiCorp Vault Yes No No
1Password Yes No No
AWS Secrets Manager Yes No No
Infisical Yes No No
Doppler Yes No No
OpenRouter Yes No No
VaultProof Never Yes Yes

Simple, transparent pricing

Start free. Upgrade when you need more.

Free
$0 /mo
  • 3 API keys
  • 1,000 calls / month
  • 1 app grant per key
  • 1 developer key
  • 7 days log retention
  • SSE streaming
  • Shamir + ZK proofs
  • Hard cutoff at limit
Get Started
Starter
$5 /mo
  • 10 API keys
  • 10,000 calls / month
  • 5 app grants per key
  • 3 developer keys
  • 30 days log retention
  • SSE streaming
  • Shamir + ZK proofs
  • $0.50 / 1K overage calls
Start Starter
Most Popular
Pro
$15 /mo
  • 30 API keys
  • 100,000 calls / month
  • 20 app grants per key
  • 10 developer keys
  • 90 days log retention
  • CSV log export
  • SSE streaming
  • $0.30 / 1K overage calls
Start Pro
Team
$39 /mo
  • 100 API keys
  • 500,000 calls / month
  • 100 app grants per key
  • 25 developer keys
  • 5 team members
  • 1 year log retention
  • CSV export + priority support
  • $0.15 / 1K overage calls
Start Team
Enterprise

Unlimited keys, unlimited calls, SSO, SLA, TEE option, dedicated proxy, SOC 2 report.

Contact Sales

All plans include Shamir secret sharing, ZK proof verification, and SSE streaming. No credit card required for Free.

Stop trusting. Start proving.

Breaches are architecturally impossible, not just policy-prohibited.

Free tier includes 3 keys and 1,000 calls/month. No credit card required.