Security model
Your keys stay separate from your sprite projects.
Spritewright starts with anonymous bring-your-own-key generation. Session keys live only in active runtime memory. Remembered keys are encrypted locally with a passphrase, and project documents never contain raw provider credentials.
Session key
Default anonymous mode. The key is held in runtime memory and cleared with the session.
Remembered key
Encrypted on-device with PBKDF2 and AES-GCM before IndexedDB storage.
Worker gateway
Provider requests go through Worker validation and redaction instead of browser-side provider calls.
Project boundary
Projects store references, plans, assets, and exports, never raw OpenAI API keys.
Platform credentials
Account-based platform generation is reserved for the hosted billing model. Until that mode is enabled, Spritewright treats BYOK as request-only credential material and keeps project metadata portable across local and future cloud storage.