Concepts
Key Broker
Planned — Q3 2026
The REIN key broker lets your agent call external APIs (OpenAI, AWS, GitHub, Anthropic) without ever seeing the actual API key. REIN proxies the request, enforces your spending policy, and settles the cost on-chain.
2-of-3 Shamir secret sharing
API keys are split into three shares: one in your wallet, one in REIN's Cloudflare KV, one on your device. Two shares are required to reconstruct and use the key.
Agent never sees the key
rein.proxy(service, request) sends the API call through REIN's edge proxy. The key is assembled server-side, used once, and discarded. No key is ever returned to the agent.
Per-service cost estimator
For LLM APIs, REIN estimates the token cost before the call and checks your policy. If the estimate exceeds your per-tx cap, the call is blocked before any tokens are spent.
On-chain settlement
Proxied API costs are batched and settled on-chain via USDC. Your vault's spend history reflects every proxied call alongside native Solana payments.