← RESOLVE corpus

Governed Conversational Assistant

Seed-derived from Doc 282. ENTRACE Stack active. Empirical study (Cohen's d > 3).

Bring Your Own Key

This assistant runs on your Anthropic API key using a prepare/execute security model. When this page loaded, the server generated a unique action token. When you enter your key, it is sent exactly once to bind to that token. After binding, only the opaque token is used — your raw key never appears in a request header again.

Your key AND your conversation are held in server memory only — never disk, never database, never logged. Server restart = everything gone. Sessions auto-expire after 1 hour. The server operator's key is not used. Get an API key

Informed Consent Required

By entering your API key, you acknowledge that:

  • Anthropic advises against sharing your API key with third-party services. See Anthropic's documentation: API keys should be kept secure and not exposed to untrusted parties.
  • This is a third-party service operated by Jared Foy in southern Oregon, not by Anthropic. You are trusting this server's code with your key for the duration of your session.
  • We mitigate this trust requirement architecturally using a prepare/execute security model where your key transits once and is held in server memory only (never disk). But architectural mitigation is not zero risk.
  • You can verify the code yourself — click "Show Me the Code" below, or view the public GitHub repo. The code running on this server is the code in that repo.
  • Defense in depth — single-use token rotation. Your key is bound to an opaque action token via a one-time POST. After each chat request, the token is consumed and a new one is issued. Each token is used exactly once — an intercepted token is already dead by the time an attacker could try it.
  • Rotate your Anthropic API key when you are done. We cannot confirm you are on a secure local network. After testing, go to console.anthropic.com/settings/keys and rotate (delete + regenerate) the key you used here. This eliminates any residual risk regardless of our architecture.
  • You accept this risk voluntarily. If you are not comfortable, do not enter your key. You can still read the entire RESOLVE corpus without it.

Don't trust me. See how to make insecurity an architectural impossibility.

This security model was derived entirely from first principles — the derivation inversion applied to API key handling via the PRESTO prepare/execute pattern. No security framework was consulted. The architecture makes insecurity structurally impossible rather than policy-prohibited. Perform a complete security audit yourself: github.com/jaredef/jaredfoy.com