Security

Ki! is built on a fail-closed, local-first security model.

Privacy model

Ki! is a proxy, not a service. Your prompts are processed on your device. Ki!'s servers receive no prompt text, no PII, and no personally identifiable usage data.

The only external contacts Ki! makes:

• Your chosen LLM API — receives only the masked prompt.
• api.getki.ai/v1/licence/check — receives a SHA-256 hash of your licence file, once every 30 days. No email, no IP, no usage metrics stored.
• getki.ai update endpoint — receives your current Ki! version to check for updates. No identity sent.

Cryptographic primitives

• PII vault encryption: AES-256-GCM, key in OS keychain.
• Audit log signing: Ed25519 per entry, verified on import.
• Licence verification: Ed25519, public key embedded in binary, verified fully offline.
• Policy signing: Ed25519, import rejects unsigned or tampered files.
• Team vault sync: AES-256-GCM, team master key never leaves devices.

Threat model

Ki! protects against an adversary who can observe network traffic between your device and the LLM API. It does not protect against a local attacker with OS-level access — full disk encryption is the correct control for that threat.

Responsible disclosure

Report vulnerabilities privately before publishing:

• Email: security@getki.ai

We aim to acknowledge within 48 hours and fix critical issues within 14 days.

Last updated: 17 May 2026