After seeing vibe coders getting hit with a massive API bill because their API key got leaked . Or by mistake they commited it to github
I have build Unify . It's a proxy sits between your API key and your provider .
You get an offline vault where you put your keys and get a proxy token . Now you will use that proxy token in your codebase.
Now by login to our dashboard you can see how many IPs hitting your key , their addresses and from which country they are .
You can block them in one click
Can see individual bill of each API
Try at : unifykeys.com
there's also a free git hub scanner that scans your public repos and help you find out your exposed keys on git hub
No sign up needed : unifykeys.com/scan
Building whatever
Good solution for this problem, do you think dPoP would help if it was added to this?