The password manager for API keys. Encrypted, zero-knowledge secured, and always under your control.
Not policies. Not promises. Math.
Your API key is split into shares using Shamir Secret Sharing the instant you paste it. The original is destroyed in-browser. Half a key is cryptographic garbage.
Every access is authorized by a ZK proof that verifies ownership without revealing the key. We prove you have the right to use it without ever seeing it.
Shares combine in a secure enclave for approximately 100ms. The API call is made, the response returns, and all key material is zeroed from memory.
Three steps. Zero trust required.
Paste your API key. Shamir Secret Sharing instantly splits it into encrypted shares in your browser. The original key is destroyed before it ever leaves your device.
When you need to use a key, a zero-knowledge proof cryptographically verifies you are the rightful owner. No passwords, no tokens, no trust.
Shares are reconstructed in a secure enclave for ~100ms. The API call is proxied, the response is returned, and all key material is zeroed from memory.
Install the SDK and start making cryptographically secure API calls.
npm install @vaultproof/sdk
const vault = new VaultProof('vp_live_abc123...')
const key = await vault.store('sk-openai-key', 'openai')
const res = await vault.proxy(key, '/v1/chat/completions', {
model: 'gpt-4', messages: [{ role: 'user', content: 'Hello!' }]
})
Every competitor can see your keys. We literally cannot.
| Platform | Can see your key? | ZK Proofs? | Key Splitting? |
|---|---|---|---|
| HashiCorp Vault | Yes | No | No |
| 1Password | Yes | No | No |
| AWS Secrets Manager | Yes | No | No |
| Infisical | Yes | No | No |
| Doppler | Yes | No | No |
| OpenRouter | Yes | No | No |
| VaultProof | Never | Yes | Yes |
Start free. Upgrade when you need more.
Breaches are architecturally impossible, not just policy-prohibited.
Free tier includes 3 keys and 1,000 calls/month. No credit card required.