squidhub
Start freeBook a Demo
ProductUse CasesTrustPricingBlogStart freeBook a Demo

Bring your own key: private, multi-model AI for teams

There is a quiet decision buried inside every AI product a team adopts: whose key runs the model, and where does the conversation go afterward. Most tools answer it for you. You sign up, you get a textbox, and somewhere behind it a single vendor's model reads everything you type, billed through an account you can't see, governed by terms you didn't negotiate.

For a lot of work that's fine. For the work a team actually cares about — the contract, the unreleased roadmap, the customer data, the source diff — it isn't. This is the argument for bring your own key (BYOK) AI, and for keeping the data that flows through it yours.

What bring your own key actually means

BYOK means the model runs on your provider account, against your API key, under your contract. You add an Anthropic, OpenAI, xAI, or Google Gemini key once, and from then on every reply your AI produces is a call billed to and logged under your own account — not pooled into a vendor's shared key where the enterprise terms quietly don't extend to your data.

That distinction is the whole point. When the key is yours, the zero-retention and no-training agreement you signed with that provider is the agreement that governs your prompts. You aren't trusting a middleman's promise about what they forward; you're standing on a contract you control. Security teams ask for proof of key custody and visibility into where data flows — BYOK is the simplest honest answer to both.

If you can't say which account your AI runs on and which retention policy covers your prompts, you don't have a privacy posture. You have a hope.

One model is the wrong number

The second reason teams reach for their own keys is that no single model wins everything, and being locked to one vendor means losing the others. People have worked this out the hard way: Claude tends to be the one engineers trust for code and careful reasoning, Gemini's long context swallows document-heavy work, GPT covers multimodal, and there's always a cheaper model that's good enough for the boring 80%. The honest workflow is the right model for the job, not loyalty to a logo.

The way most people get there today is ugly: copy the answer out of one chat, paste it into another, re-explain the context, compare by eye. Model-switching becomes a clipboard exercise. The thing you actually want is to keep one conversation and change the brain behind a reply — same room, same history, different model when the task calls for it.

That's how SquidHub is built. A squid — an AI participant you configure — carries a model and a provider on its profile, and the dispatcher routes each turn to whichever one you chose. One room can hold a Claude squid arguing with a Gemini squid; you don't migrate anything to switch. The longer case for why AI belongs in a shared room at all is in multiplayer is the missing mode for AI; this piece is about the layer underneath it — the key and the data.

Cost: your key, or metered ink

BYOK is also the cleanest cost story. A turn that runs on your own key costs you exactly the provider's token rate, billed to your account, with no per-seat subscription markup sitting on top. You already pay for the tokens; there's no reason to pay a second time for the privilege of a textbox.

Not everyone wants to manage keys on day one, so SquidHub offers a managed tier — SquidHub AI — where an Anthropic squid runs on our server key and is metered in ink, a shared pool the whole workspace draws from, priced by model class. It's the same shape the rest of the industry has converged on: a pooled, usage-based credit instead of a rigid per-seat fee, so a quiet week costs less than a busy one. During the current beta the managed tier is free. The two modes coexist: a bring-your-own-key turn costs zero ink, and you can move a squid to your own key the moment you'd rather own the bill and the contract.

BYOK · YOUR KEY Your prompt Your provider account + contract 0 ink token rate MANAGED · SQUIDHUB AI Your prompt Server key zero-retention ink shared pool
Same room, two cost paths — your key bills the provider directly; managed draws ink

The honest privacy boundary

Here is where most AI marketing gets slippery, so we'll be precise. The fear is real and well-documented — staff paste proprietary code and internal notes into a black-box assistant, and the data ends up somewhere it shouldn't. Avoiding that is mostly about two questions: where does the content rest, and who gets to read it.

On SquidHub, user content is encrypted at rest with AES-256-GCM before it touches the database or the file volume. Message text, squid system prompts and knowledge, memory, skill instructions, and uploaded files are all ciphertext in Postgres. A database dump, a stolen backup, a curious or former operator browsing the tables read-only — none of those yield readable conversations. Structural metadata (who's in which room, timestamps, a squid's name and model) stays in clear, because that's the usage data the service legitimately needs and none of it is your private conversation.

What we will not claim is end-to-end encryption. A hosted service that runs the AI for you has to decrypt content to send it to the model — the live application process holds the key, and the LLM provider sees plaintext for the moment it reasons over your prompt. Anyone marketing a hosted AI tool as E2EE is selling you something that can't exist. We'd rather state the boundary than blur it.

AT REST Your content messages · prompts · memory · files AES-256-GCM ciphertext Structural metadata members · timestamps · squid name + model in clear decrypt App process holds the key Model sees plaintext plaintext only for the moment it reasons — not E2EE
Content rests as ciphertext; the app decrypts only to call the model — that's the honest boundary

What we promise instead is concrete: content encrypted at rest, no training on your content, and a zero-retention agreement with our managed AI provider so prompts and completions aren't retained or used to train models. With BYOK, that last guarantee is even stronger — the traffic runs under your own provider account and your own retention terms. We don't claim SOC 2, ISO, or HIPAA certification; we claim an architecture you can read and a threat model we wrote down. The full version lives in our security overview and privacy pages.

Frequently asked questions

What does BYOK mean in plain terms

You add your own Anthropic, OpenAI, xAI, or Google Gemini API key, and your AI runs on that account. Calls are billed to you, logged under your account, and governed by your contract with the provider — not a shared vendor key.

Can different AIs in the same room run on different models

Yes. Each squid carries its own model and provider. One room can mix a Claude squid, a Gemini squid, and a GPT squid; you pick the right brain per squid and never migrate a conversation to switch.

Is SquidHub end-to-end encrypted

No, and we won't say otherwise. Content is encrypted at rest with AES-256-GCM, but a hosted service that runs the model must decrypt to call it. We pair that with no-training and zero-retention terms rather than an E2EE claim a hosted tool can't honor. See the security overview.

Do I have to use my own key

No. You can start on the managed SquidHub AI tier, metered in ink from a shared workspace pool and free during beta, then move any squid to your own key when you'd rather own the bill and the retention contract. A bring-your-own-key turn costs zero ink.

Will my data be used to train models

No. We don't train on your content, and our managed provider runs under a zero-retention, no-training agreement. With BYOK, your provider's own terms apply directly to your traffic.

If your AI tool can't tell you whose account it runs on, which models you're allowed to choose, and what happens to a conversation after it's answered, those aren't details — they're the product. You can open SquidHub, read the docs, or write to us at hello@squidhub.ai.

SquidHub Team