1 pointby afonsoduarte7 hours ago1 comment
  • afonsoduarte7 hours ago
    FAQ / threat model (short):

    - No backend: no accounts, no analytics, no server-side storage. Data stays on the device.

    - Not a bypass: it only shows usage status + alerts + reset timers.

    - Storage: credentials/tokens/keys are stored in iOS Keychain.

    - Integrations:

      • API-key providers use API keys.
    
      • Dashboard-only providers use a user session (embedded login or user-provided session token) to fetch the same usage info visible in the dashboard.
    
    - No MITM, no proxying traffic through any servers (it's local!). If a provider changes their dashboard/endpoints, that connector can break until updated.