For Security & Compliance · Every token counts.

The budget is the second factor.

Identity, budget, expiration — signed into the token envelope itself. PII fails closed before the call leaves your network. Audit rows the app role literally cannot rewrite. Sleep through the leaked-key incident.

Saturday, 2:11 AM

Priya is on call. Last year, this woke her up. This year, it didn't.

A junior dev pushes a key to a public repo

In April 2026 — we know how this ends.

Crawlers find it in minutes. Four-figure invoice by sunrise. Frantic calls to four vendors, reconstructing damage from provider dashboards. (We lived it. That's why we built this.)

Saturday, 2:11 AM, with Tokenality

Cap exhausted. 402 returned. No LLM call.

The key's budget envelope says $50 max. By 2:11 AM that's gone — every subsequent request hits a 402 Payment Required before it touches Anthropic or OpenAI.

Monday morning

Priya gets an inbox digest, not a call.

“Key revoked: budget cap reached. Total exposure: $50. Source IP: AS-13335. Owner: dev-test-key.” She rotates it before standup. Nobody else hears about it.

What becomes true

Four headlines you don't have to write a postmortem for.

A leaked key with no budget left is a 402, not a four-figure surprise.

PII never leaves your network — twelve detectors, fail-closed by default.

The auditor asks for evidence; you click twice. The CC mapping is already done.

Model allowlists per project, per team — enforced in-flight, not on a wiki page.

How it actually works

Append-only at the SQL role, not the application.

The application's database role has UPDATE and DELETErevoked on the five audit tables. A deploy-time smoke check fails the rollout if those privileges were somehow restored. The audit isn't a promise — it's a constraint the database enforces.

-- Run on every deploy. Fails the rollout if any audit table is mutable
-- by the app role.
SELECT table_name
FROM   information_schema.role_table_grants
WHERE  grantee   = 'acc_app'
  AND  privilege_type IN ('UPDATE', 'DELETE')
  AND  table_name LIKE '%_audit';
-- ⇒ must return 0 rows. Otherwise: deploy aborted.

-- PII pre-flight: 12 detectors, fail-closed
{
  "policy":      "obfuscate",
  "detectors":   ["ssn","email","phone","cc","health_*","name_*","ip"],
  "fail_mode":   "closed",
  "on_unknown":  "block"
}

Integrations the auditor recognizes.

BYOK on the providers your security team already trusts. Audit-pack export to the tools your compliance team already runs.

AWS KMS

BYOK key custody — enterprise roadmap (Phase 6.1)

Azure Key Vault

Customer-held key custody — enterprise roadmap

GCP Cloud KMS

FIPS-validated custody — enterprise roadmap

Vanta

Continuous evidence sync for SOC 2 / ISO 27001

Drata

Control-mapped audit pack export

Splunk / Datadog

Append-only audit log streaming for SIEM

Three other people are asking different questions.

The same row in our ledger answers all four. Pick the door that matches the meeting you're in.