BYOK — bring your own AI keys

The canonical Scarif One BYOK reference. Last updated 2026-05-28 (Phase 28 pivot — flat-sub, BYOK-only).

Tl;dr

You pay us for the studio (£29/mo Solo · £99/mo Studio · £1,999 one-time Sovereign). You pay Google / Anthropic / OpenAI for the AI calls, directly, at retail. We never mark up an API call.

Why we don't bundle AI usage

1. Predictable price for you. Bundled-AI tools have to raise prices every time the upstream provider does. Scarif One's £29/mo never moves because of Google's pricing changes — your AI bill might, but ours won't.
2. No "you ran out of credits" wall. Every credit-based tool eventually throttles you mid-campaign. With BYOK your only cap is your own provider budget, which you control.
3. Transparency. You see exactly what each generation cost. The receipt log under /data/tenants/{slug}/_gemini-receipts/ records one entry per 200-OK Gemini response, and the dashboard banner at the top of Studio surfaces today's + this month's spend.
4. Your data, your account. When you stop paying Scarif One, your AI credentials, training history, and provider relationship belong to you, not to us.

Which keys do I need?

Gemini is the only mandatory one. If you don't connect Anthropic, deep-mode trends research is gracefully unavailable; everything else still works.

What does it actually cost me per month?

Real numbers from operator usage:

• Solo founder, ~50 ads/mo on Gemini Flash Image: £2 – £8/mo Gemini, plus £29/mo Solo = ~£31–£37/mo total.
• Founder running daily Pro 2.5 copy + 100 ads/mo: £10 – £25/mo Gemini, plus £29/mo Solo = ~£40–£55/mo total.
• Agency running 5 brands × 50 ads/mo: £15 – £50/mo Gemini (across 5 tenants), plus £99/mo Studio = ~£115–£150/mo total.
• Heavy operator running deep Claude trends + 200 ads/mo: £30 – £80/mo combined Gemini + Claude, plus £99/mo Studio = ~£130–£180/mo total.

Google AI Studio's free tier covers most starter use. Anthropic + OpenAI don't have free tiers, but both meter in fractions of a penny per call.

How is my key stored?

• Sovereign self-host: encrypted on your own disk at /data/_super/master-keys.json. You hold the encryption secret.
• Hosted (Solo / Studio): encrypted on the dedicated tenant volume on Fly.io. Scarif One never sees the plaintext key outside the moment of a generation call.

The key is never written to logs, never shared between tenants, and never sent off your infrastructure for any reason other than the actual AI call to the provider you connected it to.

How do I rotate / revoke a key?

1. Generate a new key at the provider dashboard (aistudio.google.com/apikey etc.).
2. Open Scarif One → /integrations → AI providers section.
3. Paste the new key and click Update. The old key is overwritten on disk; in-flight calls finish on the old key, new calls use the new key.
4. Delete the old key from the provider dashboard.

If you suspect a key leak: rotate at the provider first, then update in Scarif One. The provider's revocation is what actually stops billing — our update is just the local pointer.

What if my provider account runs out of credit / hits its budget cap?

You'll see a 4xx from the provider; Scarif One surfaces a friendly error mentioning your provider plus the response. The remedy is on your side — top up the provider's billing account, raise your provider's budget cap, or switch to a different provider you have credit on.

We never charge you to "unlock" an exhausted provider account. Your Scarif One subscription keeps you in the studio regardless of what's happening with your AI keys.

What if I need help — is anyone reading replies?

Yes. Email [email protected] and you'll get a reply within ~24h. Solo tier is best-effort email support; Studio is priority email. AI-drafts let us reply faster, but Tom personally reviews every reply before it goes out.

Self-host (Sovereign) — does BYOK still apply?

Yes. Sovereign is one-time licence + £499/yr optional maintenance + BYOK. The key encryption is local to your install; the licence verification is offline (signed Ed25519 — no phone-home). Everything else works exactly like the hosted shape.

What changed in Phase 28 (2026-05-28)?

Phase 28 retired the credit-based pricing model and replaced it with the current flat-sub + BYOK shape:

• Removed: extra_500_credits / extra_1000_credits / extra_2500_credits / extra_5000_credits add-on SKUs, monthly per-metric caps, the BYOK add-on (£199/mo) SKU, Founder / Brand / Studio-legacy / Atelier-* / Enterprise tiers, Sovereign-Pro / Sovereign-Atelier tiers.
• Added: Solo £29 / Studio £99 + single Sovereign £1,999. BYOK is now the default for every install (no longer a paid add-on).
• Migrated: every legacy plan ID auto-routes to Solo or Studio so existing links + persisted profiles continue to work.

See the Phase 28 plan for the full pricing rationale.

What if my key leaks? {#leak}

If you suspect a Gemini / Anthropic / OpenAI key has escaped (committed to a public repo, screenshotted in a Slack channel, leaked in a vendor breach), follow this sequence — order matters:

1. Generate a new key at the provider first. This is the priority step because the provider's revocation of the old key stops billing on it immediately. Don't wait until you've cleaned up Scarif One.

   • Gemini: https://aistudio.google.com/apikey
   • Anthropic: https://console.anthropic.com/settings/keys
   • OpenAI: https://platform.openai.com/api-keys

2. Update the key in Scarif One. Open /integrations on your dashboard, paste the new key, click Update. The old key is overwritten on disk; in-flight calls finish on the old key (which you're about to revoke), new calls use the new key.

3. Delete the old key at the provider dashboard. This is what actually stops billing. Overwriting in Scarif One is just our local pointer — the provider holds the source of truth on which keys can spend.

4. Email [email protected] with the suspected leak window. We check the per-tenant audit log + the key-access log on /security for accesses during that window from unexpected callers. We'll share the findings within 48h (faster if you flag it as urgent).

5. Review your provider billing dashboard for unexpected charges. Disputes against unauthorised spend on a leaked key go to the provider (Google / Anthropic / OpenAI), not to us — that bill is against your account, not ours.

The whole sequence usually takes <10 minutes. The provider rotation is what closes the security gap; everything else is cleanup + forensics.

Can you see how much I'm spending on Gemini / Anthropic / OpenAI?

No. Your AI spend lives entirely on your provider's dashboard (aistudio.google.com/usage, console.anthropic.com, etc.). Scarif One only sees:

• Pre-flight cost estimate (used to power the SpendBanner warning at the top of Studio). We estimate the next generation's cost in Gemini tokens so you see "today: £4.20" before approving the batch.
• Per-call success/failure. The receipt log under /data/tenants/{slug}/_gemini-receipts/ records one entry per 200-OK Gemini response with the token count. That's what the SpendBanner totals from.

We never see your itemised provider invoice, your billing card details, or what other things you're running on the same Google / Anthropic / OpenAI account. If you'd rather we didn't even see the receipt-log totals, you can delete that directory at any time — it's purely local telemetry, not load-bearing.

Is my key logged anywhere?

The ciphertext lives in your tenant's brand-profile.json (encrypted with AES-256-GCM, never written to logs in plaintext).

Every decrypt-for-use call is recorded to a tenant-visible key-access audit log under /security. The log entry contains:

• Timestamp
• Provider (gemini / anthropic / openai)
• Caller context (e.g. ad-generate, trends-research, support-drafter) so you can see why the key was read
• Whether the call succeeded
• No plaintext key. The log records that a read happened, not the key bytes.

That log is the BYOK trust mechanism: a customer who suspects something is wrong can open /security and verify against expected activity. If you're an enterprise buyer doing due diligence and need a sample log export, email [email protected] — we can provide a fixture without real customer data.

The plaintext key bytes are NEVER logged. Not in application logs, not in fly.io logs, not in error reports. The decrypt happens in-memory in the request scope of the actual AI call and is garbage-collected immediately after.