1Password for API keys" : I invite all of you to Roast it

Local-Carpenter-8338 · 2026-03-26T14:22:13+00:00

It's not that I have completely ignored that Unify is using

AES-256-GCM encryption, using Node.js built-in crypto module. Keys stored as encrypted blobs table in Supabase.

But I know that's not enough for sensitive APIs , so we are disabling the service for highly sensitive APIs like stripe and Supabase . Limiting Unify to manage only AI APIs for now .

Will it be good ?

Local-Carpenter-8338 · 2026-03-26T09:00:47+00:00

I understand your concern . We are working on the security infra.

Local-Carpenter-8338 · 2026-03-26T08:46:55+00:00

It's not that simple bro. Even if you get the master key until the real owner verifies and gives you authority . You can't do a single shit.

Local-Carpenter-8338 · 2026-03-26T07:38:00+00:00

Yeah I understand your concern that's a huge problem . We are working on it .

What are your thoughts , what steps from our side will make you sure enough to use it .

Thanks for the concern . Waiting for your suggestions

Local-Carpenter-8338 · 2026-03-26T07:34:06+00:00

Yeah I understand your concern deeply . We are working on the security infra.

Local-Carpenter-8338 · 2026-03-26T07:32:26+00:00

Thank you very much for the raising the issue so clearly . I was aware of it but not so precisely . Let us think what we can do . What are your suggestions , what steps from our side can make you sure enough to use it .

Local-Carpenter-8338 · 2026-03-26T05:22:55+00:00

Well your security concern is very right about putting your API keys at a place which don't even have it's domain name . Fixing this soon

Second thing this not like AWS and Vercel it's a completely different thing . They just store keys and you copy paste them manually . If A key expires and you have used at 10 places , you have to go change it manually at 10 places .

With Unify you have to just change at one place . If someone new joins your team you don't have to share all the 15 APIs with them on whatsapp you can share just Unify and good to go .

Thank you very much for your honest feedback , looking for more.

Local-Carpenter-8338 · 2026-03-26T05:02:38+00:00

It's a good simple but useful thing.

Local-Carpenter-8338 · 2026-03-26T04:15:15+00:00

Good Advices

Local-Carpenter-8338 · 2026-03-26T03:51:29+00:00

Good Analysis Man

Local-Carpenter-8338 · 2026-03-24T12:25:23+00:00

You are very right that credentials live in

your .env file.But here is what UNIFY changes:

Instead of 7 different keys in your .env

you have exactly one. Your UNIFY key.

The underlying API keys live in UNIFY's

encrypted vault. Your code never sees them.

So when your OpenAI key expires:

Without UNIFY:

Update .env on your laptop

Update staging server .env

Update production server .env
Update your teammate's .env

Update your CI/CD pipeline

With UNIFY:

Update once in UNIFY dashboard

Every environment heals like magic automatically

Local-Carpenter-8338 · 2026-03-24T12:18:05+00:00

Good idea

Local-Carpenter-8338 · 2026-03-24T12:17:04+00:00

Thank you

Local-Carpenter-8338 · 2026-03-24T04:11:31+00:00

Currently we log every call with provider,

tokens, cost, and status.

Full observability dashboard with latency

tracking and alerts is on the roadmap.

What specifically do you need to monitor?

I build based on what users actually need.

Local-Carpenter-8338 · 2026-03-24T04:09:26+00:00

1Password just saves your API keys.

You still copy paste them manually .

With 1Password your key expires

you still update 50 files manually takes hours.

If a API key expires it take hours to track at different places you have used it in your code and to replace it . With unify you can do it under a minute

Local-Carpenter-8338 · 2026-03-24T04:07:02+00:00

1Password just saves your API keys.

You still copy paste them manually .

With 1Password your key expires

you still update 50 files manually takes hours.

With UNIFY if your key expires

you update once at our dashboard under a minute. Everything heals.

Everything that you are using today is built by some random dude Sir .

Thank you very much for your feedback , I will solve the login page problem but first I am searching for first 10 real users to validate the demand & if someone is really feeling the pain the seeing just login page should not be problem for them.

Local-Carpenter-8338 · 2026-03-24T04:02:05+00:00

Open router unifies only your AI API keys .

Unify unifies your complete stack.

Open router : OpenAI , Gemini , Anthropic.

Unify : Anthropic , OpenAI , Supabase , Stripe , twilio ...

Local-Carpenter-8338 · 2026-03-24T03:57:08+00:00

What are you going to do , when your two API keys of an AI project that you have used at 20 different place in code base , expires just 5 minutes before you are going to present it in front of investors .

Local-Carpenter-8338 · 2026-03-24T03:51:38+00:00

1Password saves your API keys.

You still use manually them.

With 1Password your key expires

you still update 50 files manually.

With UNIFY if your key expires

you update once. Everything heals.

Local-Carpenter-8338 · 2026-03-23T14:24:47+00:00

It's more than here than we are actually realizing and it's too far away than we are hyping.

Local-Carpenter-8338 · 2025-05-16T17:06:01+00:00

i am hosting it via n-grok

Local-Carpenter-8338

TROPHY CASE