Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.raziel.fun/llms.txt

Use this file to discover all available pages before exploring further.

Raziel is designed so that sensitive credentials spend as little time as possible in plaintext and are never written to persistent storage unencrypted. This page describes what Raziel stores, how it is protected, and what you can control.

What Raziel stores

DataHow it is protected
Customer API keysHashed — the full key is shown only once at issuance and cannot be retrieved afterward
Setup tokens (provider credentials)Encrypted at rest using envelope encryption
Integration tokens (Telegram, Discord, GitHub, Vercel)Encrypted at rest using envelope encryption
Customer balances and usageStored in plain — no credentials involved
Prompt contentNever stored — see below

What Raziel does not store

Prompt content — the messages you send through the gateway — is never logged or stored. It passes through the gateway in memory and is forwarded to the provider. No request body is written to disk or a database.

API key storage

Your rz_live_… key is hashed before it is stored. Raziel never stores the plaintext key. The full key is displayed exactly once — immediately after you create it in the dashboard. Copy it then; it cannot be retrieved later. The razi CLI stores your full key locally at ~/.config/raziel/config.json to authenticate requests from your machine. Protect this file as you would any credential.

Provider token encryption

When you create a listing as a provider, your Claude Code setup token is encrypted before being written to storage. The plaintext token is reconstructed in memory only at request time — it is not persisted anywhere in plaintext.

Integration credential encryption

Integration tokens for connected services (Telegram, Discord, GitHub, Vercel) use the same encryption scheme as provider tokens. The plaintext credentials are injected into a VM’s environment only for the running process — they are not persisted in plaintext.

Balances and settlements

Customer balances and usage data are recorded on every request. Settlements happen on-chain via Solana USDC. You can audit your on-chain transactions directly using your wallet address.

What you control

You can rotate both your API keys and your provider tokens at any time. To rotate an API key, issue a new one from Customer → API Keys and revoke the old one. To rotate a provider token, create a new listing with a fresh setup token.
ActionHow
Rotate your API keyCustomer → API Keys → Issue new key, then revoke the old one
Rotate a provider tokenMy listings → Create new listing with a fresh setup token
Top up balanceCustomer → Deposit
Claim provider earningsPayouts page — no minimum, no waiting
Review usageCustomer → Usage — per-request token counts and cost