brave mirage
Hey builders — sharing a project we’re using to make AI spend auditable in production.
Problem we had
Shared raw provider keys across scripts/IDE/CI/services
Monthly totals, but weak project-level attribution
Slow detection of token spikes and retry-loop incidents
What we built AiKey is a runtime credential layer:
Provider master keys stay in vault
Teams/services use virtual credentials (scoped + expirable)
Every call is logged at request level for attribution
Minimum audit fields we track
caller, project, environment
requested_model, actual_model
prompt/completion/total_tokens
computed_cost, latency_ms, status_code, trace_id
Why this helped
Near real-time “who spent what, where, and why”
Faster anomaly response (token spikes / bad retries)
Cleaner offboarding and key hygiene
Happy to share schema/anomaly rules if useful.
GitHub: https://github.com/aikeylabs/launch
